Jump to content

Recommended Posts

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

What do you mean by locked your PC, can you boot to Normal mode? if not can you boot to Safe mode with Networking?

 

If you can boot to either of those modes run the following:

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

If you cannot run normal or safe mode run the following (You will need access to another PC and a USB flash drive):

 

Please download Farbar Recovery Scan Tool from here:                                                                  

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

save it to a USB flash drive. Ensure to get the correct version for your system, 32 bit or 64 bit

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

 

Plug the flash drive into the infected PC.

 

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt Here: http://www.bleepingcomputer.com/tutorials/windows-8-recovery-environment-command-prompt/ to enter System Recovery Command prompt.

 

If you are using Vista or Windows 7 enter System Recovery Options.

 

Plug the flashdrive into the infected PC.

 

Enter System Recovery Options I give two methods, use whichever is convenient for you.

 

To enter System Recovery Options from the Advanced Boot Options:


Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select Your Country as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

 

To enter System Recovery Options by using Windows installation disc:


Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select Your Country as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.

 

On the System Recovery Options menu you may get the following options:

Startup Repair

System Restore

Windows Complete PC Restore

Windows Memory Diagnostic Tool

Command Prompt

 


Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type  e:\frst64 or e:\frst depending on your version. Press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

 

Kevin..

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Uninstall any software named Advanced System Care or IOBit via Programs and Features, re-boot when complete...

 

Next,

 

Download Malwarebytes Anti-Malware to your desktop.


Double-click mbam-setup and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

Post log:

 


After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Let me see those logs, also give an update on any remaining issues or concerns...

 

Kevin...

 

 

 

fixlist.txt

Link to post
Share on other sites

Uninstall any software related to Advanced System Care and IOBit, reboot when complete...

 

Next,

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is ticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

 

Post that log, also let me know if there are any remaining issues or concerns...

 

Kevin

Link to post
Share on other sites

What is the current status of your system, any remaining issues or concerns?

 

Download OTL from any of the following links and save to your desktop.

 

http://itxassociates.com/OT-Tools/OTL.com

http://oldtimer.geekstogo.com/OTL.exe

http://www.itxassociates.com/OT-Tools/OTL.scr

 

Double click the OTL icon to start the tool. (Note: If you are running on Vista or Windows 7/8 accept UAC alert)

 


  When the window appears, underneath Output at the top, make sure Standard output is selected.
Select Scan all users
Change Drivers to All
Under the Extra Registry section, check Use SafeList
In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
Close out all browsers and turn off Security.
Click Run Scan and let the program run uninterrupted.
When the scan is complete, two text files will be created on your Desktop.
OTL.Txt <- this one will be opened
Extras.txt <- this one will be minimized

 

Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txt in your next reply.

Link to post
Share on other sites

OTL logfile created on: 2014.07.11 11:45:14 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Vartotojas\Desktop

 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16521)

Locale: 00000427 | Country: Lietuva | Language: LTH | Date Format: yyyy.MM.dd

 

1,88 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 65,00% Memory free

3,77 Gb Paging File | 2,95 Gb Available in Paging File | 78,14% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 117,09 Gb Total Space | 87,62 Gb Free Space | 74,83% Space Free | Partition Type: NTFS

Drive D: | 180,90 Gb Total Space | 162,96 Gb Free Space | 90,08% Space Free | Partition Type: NTFS

 

Computer Name: VARTOTOJAS-PC | User Name: Vartotojas | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2014.07.11 11:42:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vartotojas\Desktop\OTL.com

PRC - [2014.04.11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

PRC - [2014.04.11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

PRC - [2014.02.19 12:29:20 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2013.12.06 16:14:00 | 000,371,008 | ---- | M] (RealVNC Ltd) -- C:\Program Files\RealVNC\VNC Server\vncservice.exe

PRC - [2013.12.06 16:13:56 | 002,103,616 | ---- | M] (RealVNC Ltd) -- C:\Program Files\RealVNC\VNC Server\vncserverui.exe

PRC - [2013.12.06 16:13:54 | 003,037,504 | ---- | M] (RealVNC Ltd) -- C:\Program Files\RealVNC\VNC Server\vncserver.exe

PRC - [2013.10.23 18:24:25 | 000,235,728 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe

PRC - [2013.10.23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe

PRC - [2013.08.02 03:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2012.10.22 17:43:00 | 000,027,768 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\ViakaraokeSrv.exe

PRC - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

PRC - [2011.02.25 08:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009.07.14 04:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2014.06.01 23:19:47 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll

MOD - [2014.06.01 23:19:43 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll

MOD - [2014.06.01 13:07:13 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll

MOD - [2014.06.01 13:07:01 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll

MOD - [2014.06.01 13:06:52 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll

MOD - [2014.06.01 13:06:32 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll

MOD - [2014.06.01 13:06:28 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll

MOD - [2014.06.01 13:06:11 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll

MOD - [2014.06.01 13:06:11 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll

MOD - [2014.06.01 13:06:01 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll

MOD - [2014.06.01 13:05:51 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll

MOD - [2014.06.01 13:05:50 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll

MOD - [2014.06.01 13:05:40 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll

MOD - [2013.03.19 12:07:15 | 000,508,136 | ---- | M] () -- C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll

MOD - [2012.10.10 04:32:16 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll

MOD - [2010.02.10 19:10:10 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll

 

 

========== Services (SafeList) ==========

 

SRV - [2014.07.09 12:27:17 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014.05.04 16:37:30 | 002,152,736 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)

SRV - [2014.04.11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)

SRV - [2014.04.11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)

SRV - [2014.04.09 04:22:40 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)

SRV - [2014.03.01 06:38:23 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV - [2014.02.16 04:02:35 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2013.12.06 16:14:00 | 000,371,008 | ---- | M] (RealVNC Ltd) [Auto | Running] -- C:\Program Files\RealVNC\VNC Server\vncservice.exe -- (vncserver)

SRV - [2013.10.23 18:24:25 | 000,057,520 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)

SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2013.05.27 07:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2012.10.22 17:43:00 | 000,027,768 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\System32\ViakaraokeSrv.exe -- (VIAKaraokeService)

SRV - [2012.04.24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)

SRV - [2010.04.29 20:11:48 | 000,099,896 | ---- | M] (HP) [Disabled | Stopped] -- C:\Windows\System32\HPSIsvc.exe -- (HPSIService)

SRV - [2009.11.16 20:12:32 | 000,009,216 | ---- | M] (Vodafone) [Disabled | Stopped] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)

SRV - [2009.07.14 04:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009.07.14 04:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

 

 

========== Driver Services (All) ==========

 

DRV - [2014.07.01 11:35:49 | 000,086,488 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TeeDriver.sys -- (MEI)

DRV - [2014.07.01 11:35:28 | 003,234,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2014.07.01 11:35:13 | 006,374,104 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtsuvc.sys -- (rtsuvc)

DRV - [2014.04.12 05:15:13 | 000,136,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2014.04.12 05:15:13 | 000,067,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)

DRV - [2014.03.20 08:40:40 | 003,768,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)

DRV - [2014.02.04 05:07:50 | 000,234,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)

DRV - [2014.01.24 05:18:22 | 001,212,352 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)

DRV - [2013.12.06 15:48:42 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vncmirror.sys -- (vncmirror)

DRV - [2013.12.03 09:54:48 | 000,026,248 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElRawDsk.sys -- (ElRawDisk)

DRV - [2013.11.27 04:14:25 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)

DRV - [2013.11.27 04:13:44 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)

DRV - [2013.11.27 04:13:41 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)

DRV - [2013.11.27 04:13:38 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)

DRV - [2013.11.27 04:13:36 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)

DRV - [2013.10.17 18:32:57 | 000,013,304 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TVMonitor.sys -- (MonitorFunction)

DRV - [2013.10.17 18:32:56 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\teamviewervpn.sys -- (teamviewervpn)

DRV - [2013.09.14 03:48:58 | 000,338,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\afd.sys -- (AFD)

DRV - [2013.09.08 05:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (TCPIP6)

DRV - [2013.09.08 05:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)

DRV - [2013.08.01 14:03:36 | 000,729,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)

DRV - [2013.07.16 15:06:06 | 000,135,472 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys -- (bdselfpr)

DRV - [2013.07.12 13:08:19 | 000,146,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbvideo.sys -- (usbvideo)

DRV - [2013.07.12 13:07:54 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir)

DRV - [2013.07.04 15:16:47 | 000,369,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\cng.sys -- (CNG)

DRV - [2013.07.04 12:48:52 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV)

DRV - [2013.07.03 07:02:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbscan.sys -- (usbscan)

DRV - [2013.07.02 14:03:59 | 000,108,008 | ---- | M] (Bitdefender SRL) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys -- (bdfwfpf)

DRV - [2013.06.26 01:56:40 | 000,527,064 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)

DRV - [2013.06.15 06:38:43 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)

DRV - [2013.05.28 12:11:21 | 000,355,744 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)

DRV - [2013.04.22 13:20:34 | 000,164,952 | ---- | M] (BitDefender LLC) [File_System | System | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt)

DRV - [2013.04.17 14:59:04 | 000,633,344 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)

DRV - [2013.04.17 14:59:04 | 000,486,536 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)

DRV - [2013.01.24 07:47:07 | 000,196,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fvevol.sys -- (fvevol)

DRV - [2012.12.24 06:53:24 | 000,017,408 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mvusbews.sys -- (mvusbews)

DRV - [2012.10.22 17:43:00 | 001,841,272 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)

DRV - [2012.10.16 07:53:26 | 000,351,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3hub.sys -- (iusb3hub)

DRV - [2012.10.16 07:53:20 | 000,796,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3xhc.sys -- (iusb3xhc)

DRV - [2012.10.03 18:21:38 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)

DRV - [2012.08.22 20:16:46 | 000,712,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS)

DRV - [2012.07.26 05:33:43 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)

DRV - [2012.07.26 05:32:51 | 000,155,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)

DRV - [2012.07.19 19:22:54 | 000,099,992 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)

DRV - [2012.06.19 17:39:09 | 000,289,792 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)

DRV - [2012.04.28 06:17:07 | 000,183,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)

DRV - [2012.03.17 10:27:18 | 000,056,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)

DRV - [2012.03.01 08:46:57 | 000,019,824 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)

DRV - [2012.02.17 07:13:22 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)

DRV - [2011.07.09 05:30:00 | 000,223,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)

DRV - [2011.04.29 05:46:33 | 000,311,808 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv)

DRV - [2011.04.29 05:46:15 | 000,310,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)

DRV - [2011.04.29 05:46:10 | 000,114,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)

DRV - [2011.04.27 05:17:28 | 000,096,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)

DRV - [2011.04.27 05:17:22 | 000,123,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)

DRV - [2011.03.11 08:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)

DRV - [2011.03.11 08:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)

DRV - [2011.03.11 08:38:51 | 000,332,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)

DRV - [2011.03.11 08:38:37 | 000,080,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdsata.sys -- (amdsata)

DRV - [2011.03.11 08:38:37 | 000,022,400 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\amdxata.sys -- (amdxata)

DRV - [2011.03.11 07:01:12 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)

DRV - [2011.02.23 07:47:33 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)

DRV - [2010.11.20 15:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)

DRV - [2010.11.20 15:30:16 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr)

DRV - [2010.11.20 15:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)

DRV - [2010.11.20 15:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)

DRV - [2010.11.20 15:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)

DRV - [2010.11.20 15:30:14 | 000,160,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vhdmp.sys -- (vhdmp)

DRV - [2010.11.20 15:30:12 | 000,053,120 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)

DRV - [2010.11.20 15:30:10 | 000,173,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2010.11.20 15:30:10 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)

DRV - [2010.11.20 15:30:06 | 000,153,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci)

DRV - [2010.11.20 15:30:04 | 000,116,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)

DRV - [2010.11.20 15:30:01 | 000,130,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)

DRV - [2010.11.20 15:30:01 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)

DRV - [2010.11.20 15:30:00 | 000,078,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (mountmgr)

DRV - [2010.11.20 15:29:53 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2010.11.20 15:29:15 | 000,274,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)

DRV - [2010.11.20 13:24:46 | 000,133,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (RDPDR)

DRV - [2010.11.20 13:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010.11.20 13:22:19 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)

DRV - [2010.11.20 13:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2010.11.20 13:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)

DRV - [2010.11.20 13:07:50 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)

DRV - [2010.11.20 13:07:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)

DRV - [2010.11.20 13:07:45 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (WANARP)

DRV - [2010.11.20 13:07:39 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)

DRV - [2010.11.20 13:06:41 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)

DRV - [2010.11.20 13:06:36 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)

DRV - [2010.11.20 13:01:12 | 000,164,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)

DRV - [2010.11.20 13:00:24 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)

DRV - [2010.11.20 13:00:21 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)

DRV - [2010.11.20 12:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010.11.20 12:59:38 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)

DRV - [2010.11.20 12:59:29 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2010.11.20 12:50:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd)

DRV - [2010.11.20 12:50:21 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2010.11.20 12:50:10 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)

DRV - [2010.11.20 12:29:49 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\appid.sys -- (AppID)

DRV - [2010.11.20 12:24:56 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2010.11.20 12:19:15 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)

DRV - [2010.11.20 12:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)

DRV - [2010.11.20 12:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)

DRV - [2010.11.20 11:47:55 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acpipmi.sys -- (AcpiPmi)

DRV - [2010.11.20 11:44:36 | 000,388,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\csc.sys -- (CSC)

DRV - [2010.11.20 11:44:05 | 000,242,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)

DRV - [2010.11.20 11:42:32 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)

DRV - [2010.11.20 11:42:28 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)

DRV - [2010.11.20 11:40:21 | 000,513,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP)

DRV - [2010.11.20 11:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (NetBT)

DRV - [2010.11.20 11:39:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)

DRV - [2010.11.20 11:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)

DRV - [2009.11.04 17:59:38 | 000,112,640 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)

DRV - [2009.11.04 17:59:38 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)

DRV - [2009.07.14 04:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\clfs.sys -- (CLFS)

DRV - [2009.07.14 04:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)

DRV - [2009.07.14 04:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)

DRV - [2009.07.14 04:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)

DRV - [2009.07.14 04:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2009.07.14 04:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdsbs.sys -- (amdsbs)

DRV - [2009.07.14 04:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)

DRV - [2009.07.14 04:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)

DRV - [2009.07.14 04:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)

DRV - [2009.07.14 04:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp)

DRV - [2009.07.14 04:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGP440.sys -- (agp440)

DRV - [2009.07.14 04:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi)

DRV - [2009.07.14 04:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)

DRV - [2009.07.14 04:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)

DRV - [2009.07.14 04:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)

DRV - [2009.07.14 04:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)

DRV - [2009.07.14 04:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp)

DRV - [2009.07.14 04:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\mup.sys -- (Mup)

DRV - [2009.07.14 04:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2009.07.14 04:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)

DRV - [2009.07.14 04:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)

DRV - [2009.07.14 04:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)

DRV - [2009.07.14 04:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2009.07.14 04:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR)

DRV - [2009.07.14 04:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009.07.14 04:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2009.07.14 04:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009.07.14 04:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)

DRV - [2009.07.14 04:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)

DRV - [2009.07.14 04:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)

DRV - [2009.07.14 04:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)

DRV - [2009.07.14 04:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)

DRV - [2009.07.14 04:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)

DRV - [2009.07.14 04:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)

DRV - [2009.07.14 04:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)

DRV - [2009.07.14 04:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HpSAMD.sys -- (HpSAMD)

DRV - [2009.07.14 04:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)

DRV - [2009.07.14 04:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx)

DRV - [2009.07.14 04:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009.07.14 04:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)

DRV - [2009.07.14 04:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (Disk)

DRV - [2009.07.14 04:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)

DRV - [2009.07.14 04:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2009.07.14 04:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx)

DRV - [2009.07.14 04:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)

DRV - [2009.07.14 04:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35)

DRV - [2009.07.14 04:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIAAGP.SYS -- (viaagp)

DRV - [2009.07.14 04:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vdrvroot.sys -- (vdrvroot)

DRV - [2009.07.14 04:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009.07.14 04:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)

DRV - [2009.07.14 04:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)

DRV - [2009.07.14 04:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)

DRV - [2009.07.14 04:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2009.07.14 04:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2009.07.14 04:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009.07.14 04:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2009.07.14 04:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stexstor.sys -- (stexstor)

DRV - [2009.07.14 04:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)

DRV - [2009.07.14 04:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp)

DRV - [2009.07.14 04:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)

DRV - [2009.07.14 03:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid)

DRV - [2009.07.14 03:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)

DRV - [2009.07.14 03:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)

DRV - [2009.07.14 03:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)

DRV - [2009.07.14 03:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009.07.14 03:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)

DRV - [2009.07.14 02:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modem.sys -- (Modem)

DRV - [2009.07.14 02:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)

DRV - [2009.07.14 02:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn)

DRV - [2009.07.14 02:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)

DRV - [2009.07.14 02:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)

DRV - [2009.07.14 02:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)

DRV - [2009.07.14 02:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)

DRV - [2009.07.14 02:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)

DRV - [2009.07.14 02:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)

DRV - [2009.07.14 02:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)

DRV - [2009.07.14 02:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)

DRV - [2009.07.14 02:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)

DRV - [2009.07.14 02:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv)

DRV - [2009.07.14 02:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (Psched)

DRV - [2009.07.14 02:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)

DRV - [2009.07.14 02:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009.07.14 02:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smb.sys -- (Smb)

DRV - [2009.07.14 02:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)

DRV - [2009.07.14 02:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)

DRV - [2009.07.14 02:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)

DRV - [2009.07.14 02:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)

DRV - [2009.07.14 02:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009.07.14 02:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)

DRV - [2009.07.14 02:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)

DRV - [2009.07.14 02:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)

DRV - [2009.07.14 02:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009.07.14 02:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UmPass)

DRV - [2009.07.14 02:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)

DRV - [2009.07.14 02:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)

DRV - [2009.07.14 02:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)

DRV - [2009.07.14 02:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)

DRV - [2009.07.14 02:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009.07.14 02:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)

DRV - [2009.07.14 02:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)

DRV - [2009.07.14 02:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MTConfig.sys -- (MTConfig)

DRV - [2009.07.14 02:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)

DRV - [2009.07.14 02:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)

DRV - [2009.07.14 02:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc)

DRV - [2009.07.14 02:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)

DRV - [2009.07.14 02:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)

DRV - [2009.07.14 02:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)

DRV - [2009.07.14 02:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)

DRV - [2009.07.14 02:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)

DRV - [2009.07.14 02:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)

DRV - [2009.07.14 02:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)

DRV - [2009.07.14 02:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)

DRV - [2009.07.14 02:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)

DRV - [2009.07.14 02:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)

DRV - [2009.07.14 02:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)

DRV - [2009.07.14 02:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)

DRV - [2009.07.14 02:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)

DRV - [2009.07.14 02:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)

DRV - [2009.07.14 02:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)

DRV - [2009.07.14 02:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)

DRV - [2009.07.14 02:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)

DRV - [2009.07.14 02:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009.07.14 02:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2009.07.14 02:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidbatt.sys -- (HidBatt)

DRV - [2009.07.14 02:19:19 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev)

DRV - [2009.07.14 02:19:18 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)

DRV - [2009.07.14 02:19:17 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)

DRV - [2009.07.14 02:15:45 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\luafv.sys -- (luafv)

DRV - [2009.07.14 02:15:29 | 000,028,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)

DRV - [2009.07.14 02:14:03 | 000,142,336 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)

DRV - [2009.07.14 02:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)

DRV - [2009.07.14 02:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)

DRV - [2009.07.14 02:11:32 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)

DRV - [2009.07.14 02:11:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)

DRV - [2009.07.14 02:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)

DRV - [2009.07.14 02:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)

DRV - [2009.07.14 02:11:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)

DRV - [2009.07.14 02:11:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)

DRV - [2009.07.14 02:11:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)

DRV - [2009.07.14 02:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)

DRV - [2009.07.14 02:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)

DRV - [2009.07.14 02:11:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)

DRV - [2009.07.14 01:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009.07.14 01:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009.07.14 01:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009.07.14 01:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009.07.14 01:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009.07.14 01:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009.07.14 01:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009.07.14 01:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\evbdx.sys -- (ebdrv)

DRV - [2009.07.14 01:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bxvbdx.sys -- (b06bdrv)

DRV - [2009.07.14 00:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)

DRV - [2009.07.13 23:50:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)

DRV - [2009.03.18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

DRV - [2004.12.20 21:37:14 | 000,020,016 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-2644945063-684007914-2975358919-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-2644945063-684007914-2975358919-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = lt-LT

IE - HKU\S-1-5-21-2644945063-684007914-2975358919-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 91 0B F5 39 75 E4 CE 01  [binary data]

IE - HKU\S-1-5-21-2644945063-684007914-2975358919-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2644945063-684007914-2975358919-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

IE - HKU\S-1-5-21-2644945063-684007914-2975358919-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=2.1.10.1: C:\Users\Vartotojas\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Vartotojas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\magicplayer@torrentstream.org: C:\Users\Vartotojas\AppData\Roaming\ACEStream\extensions\firefox\magicplayer@torrentstream.org [2014.04.30 21:08:42 | 000,000,000 | ---D | M]

 

 

========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: 

CHR - plugin: Error reading preferences file

CHR - Extension: ā€˛Googleā€ piniginÄ— = C:\Users\Vartotojas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

 

O1 HOSTS File: ([2013.09.03 17:19:52 | 000,000,833 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll File not found

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4 - HKU\S-1-5-21-2644945063-684007914-2975358919-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2644945063-684007914-2975358919-1000..\Run: [smartRAM] "C:\Program Files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe" /m File not found

O4 - HKU\.DEFAULT..\RunOnce: [sPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\RunOnce: [sPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKU\S-1-5-21-2644945063-684007914-2975358919-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-2644945063-684007914-2975358919-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05CD0240-1CF0-48B7-95F6-01F4EA5B1DBB}: DhcpNameServer = 213.226.131.131 193.219.88.36

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5203938-3DA0-4A25-B4EC-3C3F38F62B92}: NameServer = 8.26.56.26,156.154.70.22

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E05243B1-C6F2-4F5A-9129-9E8887F40A29}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E05243B1-C6F2-4F5A-9129-9E8887F40A29}: NameServer = 8.26.56.26,156.154.70.22

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.11 00:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2014.07.11 11:43:35 | 000,000,000 | -H-D | C] -- C:\Windows\PIF

[2014.07.11 11:42:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vartotojas\Desktop\OTL.com

[2014.07.10 18:50:33 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2014.07.10 08:48:49 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT

[2014.07.09 17:37:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner

[2014.07.09 15:57:22 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys

[2014.07.09 15:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

[2014.07.09 15:56:22 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys

[2014.07.09 15:56:22 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys

[2014.07.09 15:56:22 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2014.07.09 15:56:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware

[2014.07.09 14:46:53 | 000,000,000 | ---D | C] -- C:\FRST

[2014.07.09 14:45:18 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\Desktop\Naujas aplankas (2)

[2014.07.09 12:27:11 | 005,659,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe

[2014.07.09 11:37:47 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\Desktop\Neseniai atnaujinta

[2014.07.08 21:49:21 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\AppData\Roaming\.minecraft

[2014.07.07 21:53:08 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\AppData\Roaming\Unity

[2014.07.07 21:50:36 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\AppData\Local\Unity

[2014.07.07 13:04:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition

[2014.07.07 13:04:35 | 000,242,504 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys

[2014.07.07 13:04:34 | 000,633,344 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys

[2014.07.07 13:04:34 | 000,486,536 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys

[2014.07.07 13:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender

[2014.07.07 13:03:50 | 000,164,952 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys

[2014.07.07 13:03:49 | 000,355,744 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys

[2014.07.07 13:00:44 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\AppData\Roaming\QuickScan

[2014.07.07 12:31:12 | 000,212,064 | ---- | C] (Kaspersky Lab, Yury Parshin) -- C:\Windows\System32\drivers\74533256.sys

[2014.07.07 12:17:47 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro

[2014.07.07 12:16:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro

[2014.07.07 12:16:13 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\Desktop\Naujas aplankas

[2014.07.01 11:35:49 | 001,629,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01011.dll

[2014.07.01 11:35:49 | 000,086,488 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\TeeDriver.sys

[2014.07.01 11:35:28 | 003,234,304 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys

[2014.07.01 11:35:13 | 006,374,104 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\rtsuvc.sys

[2014.07.01 11:35:13 | 001,910,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtCamU.exe

[2014.07.01 11:35:13 | 000,421,080 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtCamX.dll

[2014.07.01 11:24:10 | 000,031,008 | ---- | C] (IObit) -- C:\Windows\System32\SmartDefragBootTime.exe

[2014.07.01 10:05:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2014.06.30 19:03:52 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\AppData\Roaming\Apple Computer

[2014.06.29 14:09:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2014.06.29 14:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2014.06.29 13:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo

[2014.06.29 13:31:17 | 000,026,248 | ---- | C] (EldoS Corporation) -- C:\Windows\System32\drivers\ElRawDsk.sys

[2014.06.29 13:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ioloGovernor

[2014.06.28 20:30:17 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\AppData\Roaming\ioloGovernor

[2014.06.28 18:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel

[2014.06.28 18:55:06 | 000,104,448 | ---- | C] (Intel Corporation) -- C:\Windows\System32\IntelOpenCL32.dll

[2014.06.28 18:55:06 | 000,017,920 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2014.06.28 18:31:39 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab

[2014.06.28 18:31:34 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\AppData\Roaming\SystemRequirementsLab

[2014.06.28 18:31:23 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2014.06.28 18:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle

[2014.06.28 18:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2014.06.28 18:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2014.06.28 18:29:19 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2014.06.28 18:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

[2014.06.28 18:28:49 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2014.06.28 18:28:49 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2014.06.28 18:28:49 | 000,096,680 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2014.06.28 18:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2014.06.28 15:35:16 | 000,000,000 | -HSD | C] -- C:\360SANDBOX

[2014.06.28 15:31:37 | 000,000,000 | ---D | C] -- C:\Program Files\360

[2014.06.28 15:30:02 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll

[2014.06.28 12:13:25 | 000,000,000 | ---D | C] -- C:\ProgramData\KRSHistory

[2014.06.28 12:03:18 | 000,000,000 | -HSD | C] -- C:\KRECYCLE

[2014.06.28 12:03:10 | 000,000,000 | ---D | C] -- C:\ProgramData\kingsoft

[2014.06.28 12:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\kingsoft

[2014.06.28 11:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2014.06.27 19:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games

[2014.06.27 19:33:45 | 000,000,000 | ---D | C] -- C:\Program Files\PopCap

[2014.06.27 19:11:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Auslogics

[2014.06.27 18:57:17 | 000,000,000 | -HSD | C] -- C:\found.000

[2014.06.27 18:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo

[2014.06.27 18:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}

[2014.06.27 18:32:02 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll

[2014.06.27 18:32:02 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll

[2014.06.27 18:22:50 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\Desktop\Ruta

[2014.06.27 17:58:37 | 000,000,000 | ---D | C] -- C:\Users\Vartotojas\AppData\Roaming\ProductData

[2014.06.27 17:57:33 | 000,000,000 | ---D | C] -- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}

[2014.06.27 17:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData

[2014.06.27 17:57:16 | 000,000,000 | ---D | C] -- C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}

[2014.06.27 17:56:51 | 000,000,000 | ---D | C] -- C:\Program Files\IObit

[2014.06.25 21:49:20 | 000,000,000 | ---D | C] -- C:\Windows\pss

[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2014.07.11 11:45:02 | 000,014,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014.07.11 11:45:02 | 000,014,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014.07.11 11:42:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vartotojas\Desktop\OTL.com

[2014.07.11 11:39:25 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014.07.11 11:38:42 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014.07.11 11:38:21 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014.07.11 11:38:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014.07.10 21:41:25 | 1517,789,184 | -HS- | M] () -- C:\hiberfil.sys

[2014.07.09 17:33:50 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys

[2014.07.09 15:56:28 | 000,001,060 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2014.07.09 12:27:15 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2014.07.09 12:27:15 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2014.07.09 12:27:12 | 005,659,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe

[2014.07.08 21:46:59 | 000,369,758 | ---- | M] () -- C:\Users\Vartotojas\AppData\Roaming\Mineshafter-launcher.jar

[2014.07.07 23:42:40 | 000,719,632 | ---- | M] () -- C:\Windows\System32\perfh019.dat

[2014.07.07 23:42:40 | 000,657,368 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2014.07.07 23:42:40 | 000,151,878 | ---- | M] () -- C:\Windows\System32\perfc019.dat

[2014.07.07 23:42:40 | 000,123,180 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2014.07.07 22:40:09 | 000,176,855 | ---- | M] () -- C:\Users\Vartotojas\Desktop\Be pavadinimo.png

[2014.07.07 21:22:30 | 000,035,710 | ---- | M] () -- C:\Users\Vartotojas\Desktop\10415655_731555780234042_5902105011412775235_n.jpg

[2014.07.07 13:04:58 | 000,206,473 | ---- | M] () -- C:\ProgramData\1404727419.bdinstall.bin

[2014.07.07 13:04:40 | 000,002,172 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk

[2014.07.07 12:31:12 | 000,212,064 | ---- | M] (Kaspersky Lab, Yury Parshin) -- C:\Windows\System32\drivers\74533256.sys

[2014.07.07 12:30:03 | 000,002,742 | ---- | M] () -- C:\Windows\System32\.crusader

[2014.07.04 12:22:13 | 000,019,731 | ---- | M] () -- C:\Users\Vartotojas\Desktop\10462544_746814348715288_8128202720850599346_n.jpg

[2014.07.02 14:06:08 | 000,020,905 | ---- | M] () -- C:\Users\Vartotojas\Desktop\10489697_412790362197235_8310074318974181733_n.jpg

[2014.07.02 14:05:59 | 000,061,233 | ---- | M] () -- C:\Users\Vartotojas\Desktop\10511168_10152566892948010_3660421577466193856_n.jpg

[2014.07.01 11:35:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_TeeDriver_01011.Wdf

[2014.07.01 11:35:49 | 001,629,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01011.dll

[2014.07.01 11:35:49 | 000,086,488 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\TeeDriver.sys

[2014.07.01 11:35:28 | 003,234,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys

[2014.07.01 11:35:13 | 006,374,104 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\rtsuvc.sys

[2014.07.01 11:35:13 | 001,910,488 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtCamU.exe

[2014.07.01 11:35:13 | 000,421,080 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtCamX.dll

[2014.07.01 11:19:26 | 000,001,250 | ---- | M] () -- C:\Users\Vartotojas\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2014.07.01 11:12:44 | 000,001,292 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014.06.30 15:07:09 | 000,000,000 | ---- | M] () -- C:\Cookies

[2014.06.29 13:35:48 | 000,000,408 | ---- | M] () -- C:\Windows\System32\iolo.ini

[2014.06.28 18:59:23 | 000,015,376 | ---- | M] () -- C:\Windows\System32\results.xml

[2014.06.28 18:28:39 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2014.06.28 18:28:39 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2014.06.28 18:28:39 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2014.06.28 18:28:39 | 000,096,680 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2014.06.27 19:35:01 | 000,001,622 | ---- | M] () -- C:\Users\Vartotojas\Desktop\Plants vs. Zombies.lnk

[2014.06.27 18:59:05 | 000,412,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2014.06.27 18:32:02 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll

[2014.06.27 18:32:02 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc71.dll

[2014.06.27 18:21:09 | 000,000,105 | ---- | M] () -- C:\prefs.js

[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2014.07.09 15:56:28 | 000,001,060 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2014.07.08 21:46:57 | 000,369,758 | ---- | C] () -- C:\Users\Vartotojas\AppData\Roaming\Mineshafter-launcher.jar

[2014.07.07 22:38:20 | 000,176,855 | ---- | C] () -- C:\Users\Vartotojas\Desktop\Be pavadinimo.png

[2014.07.07 21:22:27 | 000,035,710 | ---- | C] () -- C:\Users\Vartotojas\Desktop\10415655_731555780234042_5902105011412775235_n.jpg

[2014.07.07 13:04:58 | 000,206,473 | ---- | C] () -- C:\ProgramData\1404727419.bdinstall.bin

[2014.07.07 13:04:40 | 000,002,172 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk

[2014.07.07 12:30:03 | 000,002,742 | ---- | C] () -- C:\Windows\System32\.crusader

[2014.07.04 12:22:12 | 000,019,731 | ---- | C] () -- C:\Users\Vartotojas\Desktop\10462544_746814348715288_8128202720850599346_n.jpg

[2014.07.02 14:06:08 | 000,020,905 | ---- | C] () -- C:\Users\Vartotojas\Desktop\10489697_412790362197235_8310074318974181733_n.jpg

[2014.07.02 14:05:58 | 000,061,233 | ---- | C] () -- C:\Users\Vartotojas\Desktop\10511168_10152566892948010_3660421577466193856_n.jpg

[2014.07.01 11:35:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_TeeDriver_01011.Wdf

[2014.06.30 15:07:09 | 000,000,000 | ---- | C] () -- C:\Cookies

[2014.06.29 13:32:55 | 000,000,408 | ---- | C] () -- C:\Windows\System32\iolo.ini

[2014.06.28 18:59:23 | 000,015,376 | ---- | C] () -- C:\Windows\System32\results.xml

[2014.06.28 11:47:51 | 000,001,292 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2014.06.28 11:47:51 | 000,001,250 | ---- | C] () -- C:\Users\Vartotojas\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2014.06.28 11:46:55 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014.06.28 11:46:53 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014.06.27 19:35:01 | 000,001,622 | ---- | C] () -- C:\Users\Vartotojas\Desktop\Plants vs. Zombies.lnk

[2014.06.27 18:34:31 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014.06.27 18:21:09 | 000,000,105 | ---- | C] () -- C:\prefs.js

[2014.06.01 14:04:05 | 000,405,881 | ---- | C] () -- C:\Windows\KJ.exe

[2014.05.11 22:10:58 | 001,167,360 | ---- | C] () -- C:\Windows\System32\HPM1210SM.exe

[2014.05.11 22:10:58 | 000,284,672 | ---- | C] () -- C:\Windows\System32\mvhlewsi.DLL

[2014.05.11 22:10:58 | 000,167,936 | ---- | C] () -- C:\Windows\System32\HPM1210LM.DLL

[2014.03.20 08:40:40 | 000,078,848 | ---- | C] () -- C:\Windows\System32\igdde32.dll

[2014.03.20 08:39:26 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll

[2014.03.20 08:39:26 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

[2014.02.16 02:36:16 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe

[2014.02.16 02:34:09 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[2014.01.03 18:13:16 | 000,015,872 | ---- | C] () -- C:\Users\Vartotojas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013.12.01 14:21:44 | 000,001,136 | RHS- | C] () -- C:\Users\Vartotojas\ntuser.pol

[2013.11.25 01:01:47 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl

[2013.11.18 18:31:58 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2013.11.18 18:31:57 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2013.11.18 18:31:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2013.11.18 18:31:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2013.11.18 18:31:49 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2013.11.18 18:15:22 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pxhpinst.exe

[2013.11.18 18:15:20 | 000,000,155 | ---- | C] () -- C:\Windows\winamp.ini

[2013.11.18 17:54:20 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll

[2013.11.18 17:54:19 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin

[2013.11.18 17:54:18 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin

[2013.07.08 10:18:34 | 000,109,696 | ---- | C] () -- C:\Windows\System32\EasyHook64.dll

[2013.07.08 10:18:34 | 000,091,264 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll

[2013.03.12 13:25:32 | 000,002,528 | ---- | C] () -- C:\Windows\FCIC.INI

[2012.12.24 06:53:28 | 000,081,920 | ---- | C] () -- C:\Windows\System32\mvusbews.dll

[2012.11.07 05:23:30 | 000,029,184 | ---- | C] () -- C:\Windows\System32\HPImgFlt.dll

[2012.11.07 05:22:46 | 000,046,592 | ---- | C] () -- C:\Windows\System32\HPM1210SMs.dll

[2009.10.29 19:14:28 | 000,145,192 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

 

========== ZeroAccess Check ==========

 

[2009.07.14 07:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 05:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 15:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 04:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== LOP Check ==========

 

[2014.03.12 12:37:24 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software

[2014.03.12 12:37:24 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

[2014.06.12 22:00:28 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\.ACEStream

[2014.07.09 15:26:08 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\.minecraft

[2013.11.24 23:02:47 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\ACEStream

[2013.11.21 22:05:22 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\FirstClass

[2013.11.22 18:44:55 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\Foxit Software

[2014.07.01 11:40:26 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\IObit

[2014.06.28 20:30:17 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\ioloGovernor

[2013.12.06 13:27:44 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\OpenOffice

[2014.06.01 15:43:18 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\Panda Security

[2014.06.27 17:58:37 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\ProductData

[2014.07.07 13:04:23 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\QuickScan

[2014.06.28 18:31:34 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\SystemRequirementsLab

[2014.03.02 11:37:40 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\TuneUp Software

[2014.07.07 21:53:08 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\Unity

[2014.03.22 20:31:09 | 000,000,000 | ---D | M] -- C:\Users\Vartotojas\AppData\Roaming\Vodafone

 

========== Purity Check ==========

 

 

 

< End of report >
Link to post
Share on other sites

OTL Extras logfile created on: 2014.07.11 11:45:14 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Vartotojas\Desktop

 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16521)

Locale: 00000427 | Country: Lietuva | Language: LTH | Date Format: yyyy.MM.dd

 

1,88 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 65,00% Memory free

3,77 Gb Paging File | 2,95 Gb Available in Paging File | 78,14% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 117,09 Gb Total Space | 87,62 Gb Free Space | 74,83% Space Free | Partition Type: NTFS

Drive D: | 180,90 Gb Total Space | 162,96 Gb Free Space | 90,08% Space Free | Partition Type: NTFS

 

Computer Name: VARTOTOJAS-PC | User Name: Vartotojas | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-2644945063-684007914-2975358919-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{03FC6F5F-1CAA-4163-B804-42D913518E48}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{0B75F495-0B9D-4DC3-9A54-5D6BC0442125}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{22F30B5E-DEEB-4AB7-992D-EB87876C1EDD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{2527A373-8C48-4B44-B280-6FF96B5994D4}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{2ADA9D60-F5A6-43F2-9E32-3E6419112EA8}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{2DCB5C91-B57C-48EE-9B6D-A73314C94813}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{32865CA9-0D7C-489F-B626-952E3E502920}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{34D8790E-779E-4083-B724-C6355F3C0F6E}" = rport=138 | protocol=17 | dir=out | app=system | 

"{3F68C7C6-8469-4BA8-941B-CB5249DEB776}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{43E0EDFD-FC49-4C62-AB7F-A379B423BFDB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{4F632E2E-DB43-4B1F-A23D-34DD509EC489}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{50F527BD-7FFC-48B5-B7DC-6722BC616D49}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 

"{5E090A52-02E7-4BAE-AEC0-275DADA047F3}" = lport=139 | protocol=6 | dir=in | app=system | 

"{7E13486A-45A7-454D-A1F7-53A652087E85}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{82E53288-BA83-47ED-B076-1226EECE428A}" = rport=137 | protocol=17 | dir=out | app=system | 

"{88FFD4A4-2C11-4C50-BC4D-0CCC37DD58CC}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 

"{A2EADB48-DE32-4B00-9E69-AE6C1605115D}" = rport=445 | protocol=6 | dir=out | app=system | 

"{A84A564B-3503-4BD5-ACED-3899FF2C20F6}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe | 

"{B628D2BC-FA4C-486A-9636-111B28FDABF5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{B7ECE5D8-C4A7-4FFA-A538-D51DEBB1567A}" = lport=3389 | protocol=6 | dir=in | app=system | 

"{D25CA5AC-7ECD-442A-B8DB-41C4CA6ACE1E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{D5CCDFCC-407A-4457-9451-C562BE2A9FD5}" = lport=137 | protocol=17 | dir=in | app=system | 

"{D889D076-52CC-4A38-974B-8254C8988AA3}" = lport=445 | protocol=6 | dir=in | app=system | 

"{DD007396-87C0-4889-A9C5-C17DB6DEA583}" = lport=138 | protocol=17 | dir=in | app=system | 

"{DF1952BF-BF89-48D1-90D8-7BF529DA4776}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{E2EEA090-A1B4-473D-B827-E076D86958B4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{EC54A2D2-2540-4623-94CE-F58A83B60D0B}" = rport=139 | protocol=6 | dir=out | app=system | 

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{174BB50D-2FC0-4F8B-9515-A29F49ACF4EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{1FA36EBF-7429-48DF-AA42-F8116F40947B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 

"{2495E7B4-3CF3-4D76-B5C2-F208252DEF41}" = protocol=6 | dir=in | app=c:\users\vartotojas\appdata\roaming\acestream\engine\ace_engine.exe | 

"{2D8E6BB2-5BA2-4CED-942D-24FA2A84E5A8}" = protocol=6 | dir=in | app=c:\program files\iolo\system mechanic professional\sysmech.exe | 

"{35AB1EF2-17B5-46D8-B90F-D48489DF0A68}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{38E1B70C-5DD0-4EA8-8655-D73FF3AD48A8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{4105372E-3D3B-49BB-A0C5-08E4217D2A8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{45448F80-6FBC-4528-AFBE-06AF1656F1C1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 

"{470DBF9E-27D0-42B5-8BD9-C4A4516BCED9}" = protocol=17 | dir=in | app=c:\program files\360\360 internet security\safemon\360tray.exe | 

"{49F54B73-25D1-4CC2-84FD-8F1E471199F0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{4AE6E208-EDDE-4ED9-8F73-EC6F0675E770}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{6973D6AD-F6CD-4303-9B5C-0EA3CCFA6F43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{6F23B882-F368-4A1D-BEAF-380CB2F37995}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 

"{7151E483-D1E5-4F15-BD94-0B27B9033F34}" = protocol=6 | dir=out | app=system | 

"{720689C2-8B00-4E5E-8314-796AFA558D85}" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc server\vncserver.exe | 

"{97C3A232-CC4D-42D8-99CB-85FC2595C145}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{99D1C205-0ECD-4F93-8BF2-1C9AB6504F53}" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc server\vncserver.exe | 

"{9CA5FA5E-6B03-4927-AE71-BB7D658E8AA6}" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc server\vncserver.exe | 

"{9CFA4571-A8D2-42B6-8DAA-2D690F3589EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{A7863798-7B95-4721-A4E1-B990A68B5C46}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{B42BD777-1729-4826-BD70-45BEC7CC9E33}" = protocol=17 | dir=in | app=c:\users\vartotojas\appdata\roaming\acestream\engine\ace_engine.exe | 

"{B5B4A537-EEDC-4C08-B469-9FBBAA88BD6B}" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc server\vncserver.exe | 

"{B728C5E2-2A8C-460C-A987-24B24FF876A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{BCBFF55A-E9AD-4AF3-8A08-1B9045E1FAF2}" = protocol=6 | dir=in | app=c:\program files\360\360 internet security\safemon\360tray.exe | 

"{BE8CE473-B8D1-4E7C-8C8F-DB6075426175}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{C1CB2C08-39CF-4174-B6FE-BB041FB80BE0}" = protocol=17 | dir=in | app=c:\program files\toolbar cleaner\toolbarcleaner.exe | 

"{CC8537EC-87B3-42AA-960A-EFDCE44B65F3}" = protocol=17 | dir=in | app=c:\program files\360\360 internet security\safemon\360tray.exe | 

"{D40F6A27-C653-4AF5-83F4-8ED174045DCB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{DFF41D2E-D62B-4E83-B6DC-4BB65EB88240}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{EBB776BE-2566-48B7-B2CE-F8F8509B6A49}" = protocol=17 | dir=in | app=c:\program files\iolo\system mechanic professional\sysmech.exe | 

"{ED782E24-F90F-4CAE-805B-D711918DA352}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{EEF00E3F-FF24-4E9F-9E73-1CFFFEFD755B}" = protocol=6 | dir=in | app=c:\program files\toolbar cleaner\toolbarcleaner.exe | 

"{F96972B5-AE12-4F1E-85A4-53D9491EA9B6}" = protocol=6 | dir=in | app=c:\program files\360\360 internet security\safemon\360tray.exe | 

"{FDB5F221-CE75-4780-B165-9CCEE01FCB52}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{FE50FF70-F679-4336-B8DA-EB411530E3FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"TCP Query User{2DB3B7CC-D68D-4390-A4CA-62FA63E0D84A}C:\users\vartotojas\appdata\roaming\acestream\engine\ace_engine.exe" = protocol=6 | dir=in | app=c:\users\vartotojas\appdata\roaming\acestream\engine\ace_engine.exe | 

"TCP Query User{44C4CCE2-0BC5-4859-8922-91783BB7AE9E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 

"UDP Query User{061F1F0C-AD7C-4AE3-A755-9166D2062FED}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 

"UDP Query User{3FB2F931-4CB7-4807-BD47-62147D84A90A}C:\users\vartotojas\appdata\roaming\acestream\engine\ace_engine.exe" = protocol=17 | dir=in | app=c:\users\vartotojas\appdata\roaming\acestream\engine\ace_engine.exe | 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}" = System Requirements Lab for Intel

"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60

"{3367D1F6-D572-4DAE-AF01-7F19B3965950}" = FirstClass Client

"{34371C5D-866E-462F-896A-BA75EC0EEDAE}" = AVG 2014

"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16

"{7CA72235-27FF-4B4F-BC71-957C4CC390A4}" = Vodafone Mobile Connect Lite

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0015-0427-0000-0000000FF1CE}" = Microsoft Office Access MUI (Lithuanian) 2007

"{90120000-0015-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0427-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Lithuanian) 2007

"{90120000-0016-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0427-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Lithuanian) 2007

"{90120000-0018-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0427-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Lithuanian) 2007

"{90120000-0019-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0427-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Lithuanian) 2007

"{90120000-001A-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0427-0000-0000000FF1CE}" = Microsoft Office Word MUI (Lithuanian) 2007

"{90120000-001B-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.lt-lt_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.lt-lt_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007

"{90120000-001F-0415-0000-0000000FF1CE}_OMUI.lt-lt_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2007

"{90120000-001F-0419-0000-0000000FF1CE}_OMUI.lt-lt_{EFE123B8-9F0A-4C50-A67B-0BADF3CB00DC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0427-0000-0000000FF1CE}" = Microsoft Office Proof (Lithuanian) 2007

"{90120000-001F-0427-0000-0000000FF1CE}_OMUI.lt-lt_{C1CD6235-85A4-48EA-9B51-093ADB86C2D2}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-002C-0427-0000-0000000FF1CE}" = Microsoft Office Proofing (Lithuanian) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0427-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Lithuanian) 2007

"{90120000-0044-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0427-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Lithuanian) 2007

"{90120000-006E-0427-0000-0000000FF1CE}_OMUI.lt-lt_{E877659F-CDF0-4474-AF7A-ADB6999739B9}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0427-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Lithuanian) 2007

"{90120000-00A1-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0427-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Lithuanian) 2007

"{90120000-00BA-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0100-0427-0000-0000000FF1CE}" = Microsoft Office O MUI (Lithuanian) 2007

"{90120000-0100-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0101-0427-0000-0000000FF1CE}" = Microsoft Office X MUI (Lithuanian) 2007

"{90120000-0101-0427-0000-0000000FF1CE}_OMUI.lt-lt_{70DBFCC9-76A9-4C04-9942-C6EE90CECFDC}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A419B522-BB55-43E5-B09A-FAD3D6BEDF87}" = VNC Server 5.1.0

"{A50DE037-B5C0-4C8A-8049-B0C576B313D1}" = Google+ Auto Backup

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call

"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = USB2.0 UVC VGA WebCam

"{EFD17D49-7394-40FA-8719-8C56B49418CB}" = Foxit Reader

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin

"BitDefender Gonzales" = Bitdefender Antivirus Free Edition

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Google Chrome" = Google Chrome

"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.1.0

"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012

"OMUI.lt-lt" = Microsoft Office Language Pack 2007 - Lithuanian/Lietuvių k.

"Picasa 3" = Picasa 3

"VLC media player" = VLC media player 2.1.0

"WinRAR archiver" = WinRAR archiver

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2644945063-684007914-2975358919-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"AceStream" = Ace Stream Media 2.1.10.1

"UnityWebPlayer" = Unity Web Player

 

========== Last 20 Event Log Errors ==========

 

[ System Events ]

Error - 2014.07.10 03:56:31 | Computer Name = Vartotojas-PC | Source = Service Control Manager | ID = 7001

Description = HomeGroup Provider tarnyba priklauso nuo Function Discovery Provider

 Host tarnybos, kurios nepavyko paleisti dėl šios klaidos:   %%1058

 

Error - 2014.07.10 10:39:52 | Computer Name = Vartotojas-PC | Source = Service Control Manager | ID = 7001

Description = HomeGroup Provider tarnyba priklauso nuo Function Discovery Provider

 Host tarnybos, kurios nepavyko paleisti dėl šios klaidos:   %%1058

 

Error - 2014.07.10 10:40:08 | Computer Name = Vartotojas-PC | Source = NetBT | ID = 4321

Description = The name "WORKGROUP      :1d" could not be registered on the interface

 with IP address 192.168.1.70.  The computer with the IP address 192.168.1.218 did

 not allow the name to be claimed by  this computer.

 

Error - 2014.07.10 13:21:09 | Computer Name = Vartotojas-PC | Source = Service Control Manager | ID = 7001

Description = HomeGroup Provider tarnyba priklauso nuo Function Discovery Provider

 Host tarnybos, kurios nepavyko paleisti dėl šios klaidos:   %%1058

 

Error - 2014.07.10 13:27:13 | Computer Name = Vartotojas-PC | Source = Service Control Manager | ID = 7001

Description = HomeGroup Provider tarnyba priklauso nuo Function Discovery Provider

 Host tarnybos, kurios nepavyko paleisti dėl šios klaidos:   %%1058

 

Error - 2014.07.10 13:27:20 | Computer Name = Vartotojas-PC | Source = ipnathlp | ID = 30009

Description = 

 

Error - 2014.07.11 04:39:32 | Computer Name = Vartotojas-PC | Source = Service Control Manager | ID = 7001

Description = HomeGroup Provider tarnyba priklauso nuo Function Discovery Provider

 Host tarnybos, kurios nepavyko paleisti dėl šios klaidos:   %%1058

 

 

< End of report >
Link to post
Share on other sites

Thanks for the logs, run the following:

 

Re-Run otlDesktopIcon.png  by double left click, Vista and Widows 7 users accept UAC alert. if applicable.

  • Under the customFix.png box at the bottom, paste in the following, start with and include the colon plus OTL . :OTL

    :OTLSRV - [2014.05.04 16:37:30 | 002,152,736 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc):FilesC:\Program Files\IObitC:\Users\Vartotojas\AppData\Roaming\IObit:Commands[emptytemp]
  • Then click runFixbutton.png button at the top
  • Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  • Please post that log in your next reply.



Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.
If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start > All Programs > Accessories > Notepad), click File > Open, in the File Name box enter  *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
 

Let me see that log, also give an update on any remaining issues or concerns.

 

Kevin

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.