19 replies to this topic

[kalpow500]

Hi, my computer has a redirect virus/rootkit. McAfee claimed it rid the computer of a rootkit recently, but the effects still remain. Before contacting you, I ran: Sophos (uninstalled), Spyware S&D (still on computer), Malwarebytes (still on computer), McAfee (still on computer), TDSS Killer (still on computer), Microsoft Malware Removal Tool, and the Backdoor.Tidserve removal tool (uninstalled). None of the tools listed above found anything, excepting TDSS killer, which found a few registry keys for which the digital signature didn't match up (no action performed). The redirect virus only seems to affect Internet Explorer, and only my user. I used most of the tools last week, so they may be out of date by now. I also tried resetting IE settings to the default, but to no avail. Here are the DDS & Attach logs:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Jacob at 13:55:54 on 2012-06-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.5758 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Spybot - Search and Destroy *Enabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\mfevtps.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\Service\JavaSrvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Users\Jacob\Downloads\CoreTemp64\Core Temp.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Users\Jacob\Documents\Schoolwork\GameMaker\Projects\Finished EXEs\Digital Timer.exe
C:\Program Files (x86)\Rosetta Stone\RS2.1.5.1Asms\Rosetta Stone.exe
C:\Users\Jacob\AppData\Local\Temp\~e5.0001
C:\Windows\splwow64.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uStart Page = hxxp://zradio.org/
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120425081238.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
uRun: [Apps] rundll32.exe "C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll",DllRegisterServer
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\Jacob\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FAVSAL~1.LNK - C:\Users\Public\Music\Music\Playlists\FavsAll.wpl
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: flvs.net\learn
Trusted Zone: internet
Trusted Zone: live.com\onecare
Trusted Zone: mcafee.com
Trusted Zone: yoyogames.com\www
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} - hxxps://72.156.249.212/Remote/BuiltIns/FS/Wssg.Web.FileAccess.RichUpload.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} - hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} - hxxp://65.44.139.2:9203/camclictrl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/plugins/activex/YoYo.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://berklee.webex.com/client/T27L10NSP25/nbr/ieatgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{410F48CF-12A3-40EB-B398-2C0A4D370576} : DhcpNameServer = 192.168.2.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120425081238.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\9iiiea8p.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://zradio.org/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPYYGInstantPlay.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jacob\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-6 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-8 92160]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-2-23 103440]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-6-5 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-6-5 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-6-5 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-2-18 199272]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-2-18 210584]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-13 2253120]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-5-31 1122296]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-5-31 838136]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-5-31 166528]
R2 SMSv3_0_2hs;SMSv3_0_2hs;C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\service\JavaSrvc.exe [2006-7-26 65536]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-5-21 134928]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]
R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-24 136176]
S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 257696]
S3 CompFilter64;UVCCompositeFilter;C:\Windows\system32\DRIVERS\lvbflt64.sys --> C:\Windows\system32\DRIVERS\lvbflt64.sys [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-24 136176]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-7 129976]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys --> C:\Windows\system32\drivers\pmxdrv.sys [?]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-6-5 249936]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-9-17 430424]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-06-11 15:51:44 -------- d-----w- C:\Users\Jacob\AppData\Local\{601E397C-C67E-498A-866F-A191C37C14B4}
2012-06-11 15:51:32 -------- d-----w- C:\Users\Jacob\AppData\Local\{E18E85D7-1BDC-4391-A3A4-D2E99ECE2FA8}
2012-06-10 00:56:13 -------- d-----w- C:\Program Files (x86)\Sibelius Software
2012-06-09 17:54:17 -------- d-----w- C:\Users\Jacob\AppData\Local\{46571528-A6D5-4000-8F4C-72834C35E911}
2012-06-09 17:54:04 -------- d-----w- C:\Users\Jacob\AppData\Local\{E424CDF8-4701-4908-8785-C9E478281815}
2012-06-08 15:48:57 -------- d-----w- C:\Users\Jacob\AppData\Local\{C66CDB0D-5EB0-48D0-8028-F1B7B9B04E2D}
2012-06-08 15:48:45 -------- d-----w- C:\Users\Jacob\AppData\Local\{5E27C6B3-A30E-4DA0-836B-0EA2D1040F17}
2012-06-08 14:58:08 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{764A374B-CDFF-4B16-A880-04B955979BE5}\mpengine.dll
2012-06-07 17:14:14 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-07 17:13:49 588728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-06-07 17:13:49 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-06-07 17:13:48 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-06-07 17:13:48 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-06-07 17:13:48 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-06-07 17:13:48 43960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-06-07 17:13:48 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-06-07 17:11:44 -------- d-----w- C:\Users\Jacob\AppData\Local\{D95F4EEE-713D-4111-AED0-753CC755D21B}
2012-06-07 17:11:31 -------- d-----w- C:\Users\Jacob\AppData\Local\{3C788A4D-6569-4A73-B1CE-B500CF4D25C3}
2012-06-07 05:11:01 -------- d-----w- C:\Users\Jacob\AppData\Local\{85B3D4CF-9BAB-4085-8501-0AE3644D23E4}
2012-06-07 05:10:48 -------- d-----w- C:\Users\Jacob\AppData\Local\{A9270E0F-AD0C-4987-9E42-27E5C78252B7}
2012-06-06 17:10:21 -------- d-----w- C:\Users\Jacob\AppData\Local\{13B87C11-FB71-43CD-8029-DF40029E137D}
2012-06-06 17:10:08 -------- d-----w- C:\Users\Jacob\AppData\Local\{CC8F2999-C6EC-41C2-9A9A-050AB4CF1ABE}
2012-06-05 16:26:18 -------- d-----w- C:\Users\Jacob\AppData\Local\{6315DDE6-162E-45D0-816F-E32C25D5FD0C}
2012-06-05 16:24:42 -------- d-----w- C:\Users\Jacob\AppData\Local\{9E040E56-185C-428B-9DD4-866879A87927}
2012-06-04 16:19:31 -------- d-----w- C:\Users\Jacob\AppData\Local\{2ED9CB6C-10FE-4456-9F19-907E39BE40B2}
2012-06-04 16:19:18 -------- d-----w- C:\Users\Jacob\AppData\Local\{DDC5CD5B-49F0-4EFC-A5BC-5F96925A66C7}
2012-06-03 20:20:47 -------- d-----w- C:\Users\Jacob\AppData\Local\{31007099-B9AA-4D03-9BA0-E66F38E69AC6}
2012-06-03 20:20:34 -------- d-----w- C:\Users\Jacob\AppData\Local\{D5D3E8A0-8426-48A7-86E2-AD0906115417}
2012-06-02 16:58:39 -------- d-----w- C:\Users\Jacob\AppData\Local\{C4FD5831-CA24-4F4E-A3AC-ED00EE0CC5ED}
2012-06-02 16:58:27 -------- d-----w- C:\Users\Jacob\AppData\Local\{0BCE56C8-DC5E-4BC8-95EE-16625B42AE7F}
2012-06-02 03:21:46 -------- d-----w- C:\Users\Jacob\AppData\Local\{C3888708-6A4B-47FE-8758-19F83D954E2F}
2012-06-01 15:21:20 -------- d-----w- C:\Users\Jacob\AppData\Local\{A0FEB971-F4A3-4C09-B97D-BD6A0441F2A0}
2012-06-01 15:21:07 -------- d-----w- C:\Users\Jacob\AppData\Local\{4F05EA62-75F0-4D75-B9DA-7AD4D1101614}
2012-06-01 01:49:59 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-01 01:49:51 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2012-06-01 01:49:46 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2012-05-31 16:49:26 -------- d-----w- C:\Users\Jacob\AppData\Local\{B8DC9575-373E-4F6A-9D72-D50C71475BCE}
2012-05-31 16:49:14 -------- d-----w- C:\Users\Jacob\AppData\Local\{347BA266-4DEC-483E-B19D-A1BC0149C2F3}
2012-05-30 12:49:01 -------- d-----w- C:\Users\Jacob\AppData\Local\{42A821F5-35E5-41E4-A145-5955518A04CD}
2012-05-30 12:48:48 -------- d-----w- C:\Users\Jacob\AppData\Local\{2395E78A-BD1C-4289-A86F-2EC8952716F1}
2012-05-30 00:07:09 -------- d-----w- C:\ProgramData\Sophos
2012-05-29 14:53:43 -------- d-----w- C:\Users\Jacob\AppData\Local\{3811D7A7-6281-4A27-80A2-2F5597037350}
2012-05-29 14:53:10 -------- d-----w- C:\Users\Jacob\AppData\Local\{E6385A85-E33B-4686-B7C4-F6465D4F53E2}
2012-05-27 22:56:47 116016 ----a-w- C:\Windows\System32\drivers\18720901.sys
2012-05-27 17:57:10 -------- d-----w- C:\Users\Jacob\AppData\Local\{6DF849BA-5A99-4D6E-95BA-0E2AE22D3585}
2012-05-27 17:56:57 -------- d-----w- C:\Users\Jacob\AppData\Local\{4BE7DD0F-5046-4A09-9B85-86418BCA3970}
2012-05-25 16:38:22 -------- d-----w- C:\Users\Jacob\AppData\Local\{2C84B04E-87A7-419F-AA6F-C63D6E17F4F7}
2012-05-25 16:38:09 -------- d-----w- C:\Users\Jacob\AppData\Local\{499AF48C-7555-4466-B491-55C5DC07CB8E}
2012-05-24 19:17:05 -------- d-----w- C:\Users\Jacob\AppData\Roaming\System
2012-05-24 15:03:05 -------- d-----w- C:\Users\Jacob\AppData\Local\{DEAD7B09-DA57-4BAE-A841-F21E67C7CC5A}
2012-05-24 15:02:51 -------- d-----w- C:\Users\Jacob\AppData\Local\{DF8C6C73-3615-45AB-9773-1B152C9210B3}
2012-05-22 15:33:21 -------- d-----w- C:\Users\Jacob\AppData\Local\{D7A892FA-2909-47D6-B9F5-BEF70AC48D7D}
2012-05-22 15:33:08 -------- d-----w- C:\Users\Jacob\AppData\Local\{0C4D18A8-B0EE-42C4-88BD-DC48134E695C}
2012-05-21 15:42:50 -------- d-----w- C:\Users\Jacob\AppData\Local\{A0A507B2-36B3-4A5B-99D4-7B0C7EA65302}
2012-05-21 15:42:39 -------- d-----w- C:\Users\Jacob\AppData\Local\{BC18CE89-7843-4F42-86EC-01716242CE8D}
2012-05-21 03:04:36 -------- d-----w- C:\Users\Jacob\AppData\Local\{722C2EF9-7C5B-4C05-950D-194094F3F595}
2012-05-21 03:04:24 -------- d-----w- C:\Users\Jacob\AppData\Local\{29E5BEC5-F2DC-4806-9A1A-126210B3C228}
2012-05-19 17:08:17 -------- d-----w- C:\Users\Jacob\AppData\Local\{5C0A0C64-9A19-4918-B477-A5510AA0EE38}
2012-05-19 17:08:05 -------- d-----w- C:\Users\Jacob\AppData\Local\{D663333A-ED19-4859-89AE-E5EF138EC4C2}
2012-05-18 23:57:29 -------- d-----w- C:\Users\Jacob\AppData\Local\{B5AA328D-8445-4AF1-8546-F9EFDD7ABCB8}
2012-05-18 23:57:16 -------- d-----w- C:\Users\Jacob\AppData\Local\{DFAABAC2-A3EA-4CF1-9DEC-2B3E03776D0A}
2012-05-18 00:26:17 -------- d-----w- C:\Users\Jacob\AppData\Local\{DB8A108C-5048-4D2B-8B71-9F80025D4705}
2012-05-18 00:26:03 -------- d-----w- C:\Users\Jacob\AppData\Local\{1E220F65-1F32-4D45-B4CF-47DEC2D39871}
2012-05-17 15:01:23 -------- d-----w- C:\Users\Jacob\AppData\Local\{B6655982-DCA7-42E6-8C36-7D4CE56AA245}
2012-05-16 16:39:12 -------- d-----w- C:\Users\Jacob\AppData\Local\{0326D363-90A2-4ACD-B0BF-C019F9EB5F08}
2012-05-16 16:39:00 -------- d-----w- C:\Users\Jacob\AppData\Local\{BD4DF713-20DA-49E3-BACA-AAB7F2502E77}
2012-05-16 02:37:57 -------- d-----w- C:\Users\Jacob\AppData\Local\{53216DF7-E13F-4148-8BF5-875A95236B18}
2012-05-16 02:37:45 -------- d-----w- C:\Users\Jacob\AppData\Local\{9EB13F55-BEAC-4709-95A4-A273876C3C98}
2012-05-15 14:37:18 -------- d-----w- C:\Users\Jacob\AppData\Local\{6469DCEF-2F66-494E-B8CA-0E2F90738C80}
2012-05-15 14:37:06 -------- d-----w- C:\Users\Jacob\AppData\Local\{0D0DD81E-0DB8-4DC1-A80F-F3560D65E4A3}
2012-05-14 14:34:33 -------- d-----w- C:\Users\Jacob\AppData\Local\{B2DC64F0-5889-4416-A7C8-1E70FCFDEED3}
2012-05-14 14:34:20 -------- d-----w- C:\Users\Jacob\AppData\Local\{8DB178BC-F1F1-427E-A1E0-6D74B3794B37}
2012-05-13 16:27:17 -------- d-----w- C:\Users\Jacob\AppData\Local\{A5EAA35A-11D0-4716-AA78-E9B74262F046}
2012-05-13 16:26:53 -------- d-----w- C:\Users\Jacob\AppData\Local\{46295A3A-F933-434A-98C6-515D695D005C}
.
==================== Find3M ====================
.
2012-05-31 19:40:07 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-31 19:40:07 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-05 15:34:15 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-19 00:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 00:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10:03 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-20 17:11:30 162192 ----a-w- C:\Windows\System32\mfevtps.exe
2012-03-17 07:58:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
.
============= FINISH: 13:56:57.92 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/16/2009 10:43:17 AM
System Uptime: 6/11/2012 11:38:56 AM (2 hours ago)
.
Motherboard: Dell Inc. | | 0X231R
Processor: Intel® Core™ i7 CPU 860 @ 2.80GHz | CPU 1 | 2801/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 917 GiB total, 663.946 GiB free.
D: is CDROM (CDFS)
E: is Removable
F: is Removable
G: is Removable
H: is Removable
K: is FIXED (NTFS) - 932 GiB total, 322.786 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart Premium C309g-m
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart Premium C309g-m
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP534: 6/4/2012 11:51:36 PM - Windows Update
RP535: 6/8/2012 10:57:30 AM - Windows Update
RP536: 6/9/2012 8:55:49 PM - Installed Sibelius Scorch (ActiveX Only)
RP537: 6/9/2012 9:02:23 PM - Installed Sibelius Scorch (Firefox, Opera, Netscape only)
RP538: 6/10/2012 2:00:14 AM - Windows Backup
.
==== Installed Programs ======================
.
7-Zip 4.65
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Photoshop Elements 9
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 9
Adobe Premiere Elements 9 Content
Adobe Premiere Elements 9 Content 1
Adobe Premiere Elements 9 Content 2
Adobe Premiere Elements 9 Content 3
Adobe Premiere Elements 9 HD Content 1
Adobe Premiere Elements 9 HD Content 2
Adobe Premiere Elements 9 HD Content 3
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.5
Age of Empires III
Age of Empires III - The Asian Dynasties
Age of Empires III - The WarChiefs
Amazon Kindle For PC v1.1
Amazon MP3 Downloader 1.0.15
Apple Application Support
Apple Software Update
Audacity 1.3.10 (Unicode)
BufferChm
C309g-m
CameraHelperMsi
Consumer In-Home Service Agreement
Crazy Machines II + Demo
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Driver Download Manager
Dell Getting Started Guide
Destinations
DeviceDiscovery
DietPower 4.4
DirectXInstallService
Elements 9 Organizer
Elements STI Installer
EMC 10 Content
erLT
FFmpeg for Audacity on Windows
Game Maker 8.0
GameMaker 8.1
Google Earth
Google Update Helper
GPBaseService2
HD View
Higher Score on the ACT
Higher Score on the SAT/PSAT
Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973)
Hotfix for Microsoft Windows Phone Developer Tools - ENU (KB2635973)
HP Update
HPPhotoGadget
HPProductAssistant
hpWLPGInstaller
Internet TV for Windows Media Center
Java Auto Updater
Java™ 6 Update 26
Junk Mail filter update
LAME v3.98.2 for Audacity
LEGO Digital Designer
LEGO MINDSTORMS NXT - English Language Pack
LEGO MINDSTORMS NXT Migration Package
LEGO MINDSTORMS NXT Software v2.0
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.61.0.1400
McAfee Internet Security
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Access 2002 Runtime
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting
Microsoft DirectX SDK (June 2010)
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend 4 Add-in for Adobe FXG Import
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Blend SDK for Windows Phone 7
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Silverlight Tools for Visual Studio 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server System CLR Types
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Express for Windows Phone - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Windows Phone 7 Developer Resources
Microsoft Windows Phone Developer Tools - ENU
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio 4.0 Windows Phone Extensions
Microsoft XNA Game Studio Platform Tools
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_CRT_x86
Moonbase Alpha
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
Multimedia Card Reader
NEC Electronics USB 3.0 Host Controller Driver
NVIDIA 3D Vision Video Player
NVIDIA Performance
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
NVIDIA System Monitor
NVIDIA System Update
OpenAL
OpenOffice.org 3.2
Portal
Portal 2
PowerDVD DX
PS_AIO_06_C309g-m_SW_Min
QuickTime
Realtek High Definition Audio Driver
RollerCoaster Tycoon 2 Triple Thrill Pack
RollerCoaster Tycoon 3 Platinum
Rosetta Stone 2.1.5.1Asms
Roxio Activation Module
Roxio BackOnTrack
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio Update Manager
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
Sibelius Scorch (ActiveX Only)
Sibelius Scorch (Firefox, Opera, Netscape only)
SimCity 4 Deluxe
Skype™ 5.8
SmartSound Quicktracks for Premiere Elements 9.0
SolutionCenter
SongBaseXP
Sonic CinePlayer Decoder Pack
Sophos Virus Removal Tool
Spybot - Search & Destroy
Status
Steam
Student Management System v3.0.2hs
System Requirements Lab
Thinkin' Science
Toolbox
TrackMania Nations Forever
TrayApp
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
WCF RIA Services V1.0 SP1
WebEx
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Flash
Windows Media Center Add-in for Silverlight
Windows Movie Maker 2.6
Windows Phone 7 Add-in for Visual Studio 2010 - ENU
WPF Toolkit February 2010 (Version 3.5.50211.1)
XML Explorer
.
==== Event Viewer Messages From Past Week ========
.
6/7/2012 5:22:11 PM, Error: srv [2017] - The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.
6/11/2012 11:40:45 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
6/11/2012 11:39:55 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: RxFilter
6/11/2012 11:39:43 AM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified.
6/10/2012 8:09:00 PM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.
.
==== End Of File ===========================

[Maniac]

Hello kalpow500 and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
  
  
• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  
  
  
  
• Click the Start Scan button.
  
  
  
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
  
  
• If malicious objects are found, they will show in the Scan results and offer three (3) options.
  
• Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  
  
  
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 2

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.


Step 3

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In your next reply, post the following log files:

• TDSSKiller log
  
• Malwarebytes' Anti-Malware log
  
• OTL log with Extras.txt

[kalpow500]

The post was too long, so I attached the four files instead.

[Maniac]

Post them in several posts.

[kalpow500]

Sorry about that, post 1/4:
(TDSS)
21:00:28.0663 10340 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
21:00:29.0713 10340 ============================================================
21:00:29.0713 10340 Current date / time: 2012/06/11 21:00:29.0713
21:00:29.0713 10340 SystemInfo:
21:00:29.0713 10340
21:00:29.0713 10340 OS Version: 6.1.7601 ServicePack: 1.0
21:00:29.0713 10340 Product type: Workstation
21:00:29.0713 10340 ComputerName: JIMMY
21:00:29.0713 10340 UserName: Jacob
21:00:29.0713 10340 Windows directory: C:\Windows
21:00:29.0713 10340 System windows directory: C:\Windows
21:00:29.0713 10340 Running under WOW64
21:00:29.0713 10340 Processor architecture: Intel x64
21:00:29.0713 10340 Number of processors: 8
21:00:29.0713 10340 Page size: 0x1000
21:00:29.0713 10340 Boot type: Normal boot
21:00:29.0713 10340 ============================================================
21:00:30.0883 10340 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:00:30.0893 10340 Drive \Device\Harddisk5\DR7 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:00:30.0893 10340 ============================================================
21:00:30.0893 10340 \Device\Harddisk0\DR0:
21:00:30.0893 10340 MBR partitions:
21:00:30.0893 10340 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
21:00:30.0893 10340 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x729A65B0
21:00:30.0893 10340 \Device\Harddisk5\DR7:
21:00:30.0903 10340 MBR partitions:
21:00:30.0903 10340 \Device\Harddisk5\DR7\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747061A1
21:00:30.0903 10340 ============================================================
21:00:30.0933 10340 C: <-> \Device\Harddisk0\DR0\Partition1
21:00:30.0943 10340 K: <-> \Device\Harddisk5\DR7\Partition0
21:00:30.0943 10340 ============================================================
21:00:30.0943 10340 Initialize success
21:00:30.0943 10340 ============================================================
21:01:16.0644 4968 ============================================================
21:01:16.0644 4968 Scan started
21:01:16.0644 4968 Mode: Manual; SigCheck; TDLFS;
21:01:16.0644 4968 ============================================================
21:01:17.0174 4968 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:01:17.0244 4968 1394ohci - ok
21:01:17.0284 4968 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
21:01:17.0334 4968 61883 - ok
21:01:17.0384 4968 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:01:17.0424 4968 ACPI - ok
21:01:17.0434 4968 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:01:17.0484 4968 AcpiPmi - ok
21:01:17.0584 4968 AdobeActiveFileMonitor9.0 (c004f38974f4d321b4c20a240e1175c0) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
21:01:17.0604 4968 AdobeActiveFileMonitor9.0 - ok
21:01:17.0664 4968 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:01:17.0684 4968 AdobeARMservice - ok
21:01:17.0794 4968 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:01:17.0804 4968 AdobeFlashPlayerUpdateSvc - ok
21:01:17.0864 4968 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:01:17.0894 4968 adp94xx - ok
21:01:17.0894 4968 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:01:17.0914 4968 adpahci - ok
21:01:17.0924 4968 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:01:17.0934 4968 adpu320 - ok
21:01:17.0974 4968 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:01:18.0034 4968 AeLookupSvc - ok
21:01:18.0094 4968 AERTFilters (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
21:01:18.0204 4968 AERTFilters - ok
21:01:18.0274 4968 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:01:18.0304 4968 AFD - ok
21:01:18.0344 4968 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:01:18.0374 4968 agp440 - ok
21:01:18.0394 4968 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:01:18.0444 4968 ALG - ok
21:01:18.0454 4968 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:01:18.0464 4968 aliide - ok
21:01:18.0584 4968 ALSysIO - ok
21:01:18.0654 4968 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:01:18.0674 4968 amdide - ok
21:01:18.0714 4968 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:01:18.0744 4968 AmdK8 - ok
21:01:18.0754 4968 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:01:18.0774 4968 AmdPPM - ok
21:01:18.0824 4968 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:01:18.0874 4968 amdsata - ok
21:01:18.0894 4968 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:01:18.0904 4968 amdsbs - ok
21:01:18.0924 4968 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:01:18.0924 4968 amdxata - ok
21:01:18.0994 4968 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:01:19.0084 4968 AppID - ok
21:01:19.0104 4968 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:01:19.0174 4968 AppIDSvc - ok
21:01:19.0204 4968 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:01:19.0294 4968 Appinfo - ok
21:01:19.0304 4968 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:01:19.0314 4968 arc - ok
21:01:19.0314 4968 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:01:19.0324 4968 arcsas - ok
21:01:19.0474 4968 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:01:19.0494 4968 aspnet_state - ok
21:01:19.0514 4968 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:01:19.0594 4968 AsyncMac - ok
21:01:19.0614 4968 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:01:19.0624 4968 atapi - ok
21:01:19.0674 4968 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:01:19.0744 4968 AudioEndpointBuilder - ok
21:01:19.0754 4968 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:01:19.0784 4968 AudioSrv - ok
21:01:19.0814 4968 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
21:01:19.0854 4968 Avc - ok
21:01:19.0894 4968 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:01:19.0964 4968 AxInstSV - ok
21:01:20.0004 4968 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:01:20.0054 4968 b06bdrv - ok
21:01:20.0074 4968 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:01:20.0114 4968 b57nd60a - ok
21:01:20.0164 4968 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:01:20.0204 4968 BDESVC - ok
21:01:20.0214 4968 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:01:20.0244 4968 Beep - ok
21:01:20.0304 4968 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:01:20.0354 4968 BFE - ok
21:01:20.0384 4968 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:01:20.0414 4968 BITS - ok
21:01:20.0454 4968 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:01:20.0484 4968 blbdrive - ok
21:01:20.0514 4968 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:01:20.0544 4968 bowser - ok
21:01:20.0574 4968 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:01:20.0604 4968 BrFiltLo - ok
21:01:20.0624 4968 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:01:20.0634 4968 BrFiltUp - ok
21:01:20.0674 4968 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:01:20.0734 4968 Browser - ok
21:01:20.0744 4968 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:01:20.0804 4968 Brserid - ok
21:01:20.0814 4968 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:01:20.0834 4968 BrSerWdm - ok
21:01:20.0844 4968 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:01:20.0864 4968 BrUsbMdm - ok
21:01:20.0884 4968 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:01:20.0894 4968 BrUsbSer - ok
21:01:20.0904 4968 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:01:20.0924 4968 BTHMODEM - ok
21:01:20.0984 4968 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:01:21.0044 4968 bthserv - ok
21:01:21.0064 4968 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:01:21.0104 4968 cdfs - ok
21:01:21.0154 4968 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:01:21.0224 4968 cdrom - ok
21:01:21.0264 4968 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:01:21.0314 4968 CertPropSvc - ok
21:01:21.0374 4968 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
21:01:21.0434 4968 cfwids - ok
21:01:21.0434 4968 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:01:21.0464 4968 circlass - ok
21:01:21.0494 4968 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:01:21.0514 4968 CLFS - ok
21:01:21.0584 4968 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:01:21.0614 4968 clr_optimization_v2.0.50727_32 - ok
21:01:21.0684 4968 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:01:21.0704 4968 clr_optimization_v2.0.50727_64 - ok
21:01:21.0774 4968 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:01:21.0784 4968 clr_optimization_v4.0.30319_32 - ok
21:01:21.0824 4968 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:01:21.0824 4968 clr_optimization_v4.0.30319_64 - ok
21:01:21.0834 4968 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:01:21.0854 4968 CmBatt - ok
21:01:21.0894 4968 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:01:21.0904 4968 cmdide - ok
21:01:21.0944 4968 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:01:21.0974 4968 CNG - ok
21:01:21.0974 4968 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:01:21.0984 4968 Compbatt - ok
21:01:22.0044 4968 CompFilter64 (11cc395d18ff03e95e8c6a149c84c91b) C:\Windows\system32\DRIVERS\lvbflt64.sys
21:01:22.0054 4968 CompFilter64 - ok
21:01:22.0084 4968 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:01:22.0104 4968 CompositeBus - ok
21:01:22.0114 4968 COMSysApp - ok
21:01:22.0214 4968 cpuz135 - ok
21:01:22.0284 4968 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:01:22.0304 4968 crcdisk - ok
21:01:22.0364 4968 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
21:01:22.0414 4968 CryptSvc - ok
21:01:22.0474 4968 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:01:22.0534 4968 DcomLaunch - ok
21:01:22.0574 4968 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:01:22.0634 4968 defragsvc - ok
21:01:22.0664 4968 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:01:22.0714 4968 DfsC - ok
21:01:22.0764 4968 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:01:22.0814 4968 Dhcp - ok
21:01:22.0904 4968 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:01:22.0984 4968 discache - ok
21:01:23.0024 4968 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:01:23.0034 4968 Disk - ok
21:01:23.0074 4968 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:01:23.0184 4968 Dnscache - ok
21:01:23.0234 4968 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:01:23.0294 4968 dot3svc - ok
21:01:23.0324 4968 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:01:23.0374 4968 DPS - ok
21:01:23.0424 4968 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:01:23.0454 4968 drmkaud - ok
21:01:23.0514 4968 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:01:23.0554 4968 DXGKrnl - ok
21:01:23.0594 4968 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:01:23.0654 4968 EapHost - ok
21:01:23.0744 4968 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:01:23.0834 4968 ebdrv - ok
21:01:23.0944 4968 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:01:24.0004 4968 EFS - ok
21:01:24.0034 4968 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:01:24.0114 4968 ehRecvr - ok
21:01:24.0154 4968 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:01:24.0194 4968 ehSched - ok
21:01:24.0244 4968 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:01:24.0274 4968 elxstor - ok
21:01:24.0304 4968 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:01:24.0344 4968 ErrDev - ok
21:01:24.0404 4968 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:01:24.0464 4968 EventSystem - ok
21:01:24.0494 4968 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:01:24.0544 4968 exfat - ok
21:01:24.0554 4968 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:01:24.0594 4968 fastfat - ok
21:01:24.0624 4968 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:01:24.0684 4968 Fax - ok
21:01:24.0694 4968 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:01:24.0714 4968 fdc - ok
21:01:24.0724 4968 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:01:24.0744 4968 fdPHost - ok
21:01:24.0754 4968 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:01:24.0814 4968 FDResPub - ok
21:01:24.0834 4968 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:01:24.0844 4968 FileInfo - ok
21:01:24.0844 4968 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:01:24.0874 4968 Filetrace - ok
21:01:24.0884 4968 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:01:24.0894 4968 flpydisk - ok
21:01:24.0914 4968 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:01:24.0924 4968 FltMgr - ok
21:01:25.0004 4968 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:01:25.0084 4968 FontCache - ok
21:01:25.0214 4968 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:01:25.0234 4968 FontCache3.0.0.0 - ok
21:01:25.0264 4968 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:01:25.0294 4968 FsDepends - ok
21:01:25.0334 4968 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
21:01:25.0404 4968 fssfltr - ok
21:01:25.0564 4968 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:01:25.0604 4968 fsssvc - ok
21:01:25.0674 4968 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:01:25.0724 4968 Fs_Rec - ok
21:01:25.0794 4968 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:01:25.0824 4968 fvevol - ok
21:01:25.0844 4968 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:01:25.0854 4968 gagp30kx - ok
21:01:25.0914 4968 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:01:25.0984 4968 gpsvc - ok
21:01:26.0084 4968 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:26.0104 4968 gupdate - ok
21:01:26.0124 4968 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:26.0144 4968 gupdatem - ok
21:01:26.0164 4968 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:01:26.0204 4968 hcw85cir - ok
21:01:26.0254 4968 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:01:26.0284 4968 HDAudBus - ok
21:01:26.0304 4968 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:01:26.0334 4968 HidBatt - ok
21:01:26.0344 4968 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:01:26.0374 4968 HidBth - ok
21:01:26.0384 4968 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:01:26.0404 4968 HidIr - ok
21:01:26.0434 4968 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:01:26.0474 4968 hidserv - ok
21:01:26.0504 4968 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:01:26.0524 4968 HidUsb - ok
21:01:26.0554 4968 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:01:26.0624 4968 hkmsvc - ok
21:01:26.0654 4968 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:01:26.0704 4968 HomeGroupListener - ok
21:01:26.0734 4968 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:01:26.0754 4968 HomeGroupProvider - ok
21:01:26.0864 4968 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:01:26.0884 4968 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
21:01:26.0884 4968 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
21:01:26.0904 4968 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:01:26.0924 4968 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
21:01:26.0924 4968 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
21:01:26.0944 4968 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:01:26.0954 4968 HpSAMD - ok
21:01:26.0984 4968 HPSLPSVC (d972f48d0ce396759b788693cd665926) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:01:27.0014 4968 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
21:01:27.0014 4968 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
21:01:27.0074 4968 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:01:27.0124 4968 HTTP - ok
21:01:27.0154 4968 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:01:27.0194 4968 hwpolicy - ok
21:01:27.0244 4968 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:01:27.0284 4968 i8042prt - ok
21:01:27.0314 4968 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
21:01:27.0324 4968 iaStor - ok
21:01:27.0374 4968 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:01:27.0454 4968 iaStorV - ok
21:01:27.0544 4968 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:01:27.0564 4968 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:01:27.0564 4968 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:01:27.0694 4968 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:01:27.0724 4968 idsvc - ok
21:01:27.0814 4968 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:01:27.0844 4968 iirsp - ok
21:01:27.0894 4968 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:01:27.0954 4968 IKEEXT - ok
21:01:28.0164 4968 IntcAzAudAddService (d42d651676883181400e22957a7e0b1e) C:\Windows\system32\drivers\RTKVHD64.sys
21:01:28.0254 4968 IntcAzAudAddService - ok
21:01:28.0314 4968 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:01:28.0344 4968 intelide - ok
21:01:28.0364 4968 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:01:28.0394 4968 intelppm - ok
21:01:28.0434 4968 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:01:28.0484 4968 IPBusEnum - ok
21:01:28.0514 4968 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:01:28.0594 4968 IpFilterDriver - ok
21:01:28.0614 4968 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:01:28.0684 4968 iphlpsvc - ok
21:01:28.0704 4968 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:01:28.0724 4968 IPMIDRV - ok
21:01:28.0744 4968 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:01:28.0774 4968 IPNAT - ok
21:01:28.0794 4968 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:01:28.0824 4968 IRENUM - ok
21:01:28.0834 4968 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:01:28.0844 4968 isapnp - ok
21:01:28.0864 4968 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:01:28.0914 4968 iScsiPrt - ok
21:01:28.0954 4968 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:01:28.0984 4968 k57nd60a - ok
21:01:29.0024 4968 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:01:29.0054 4968 kbdclass - ok
21:01:29.0054 4968 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:01:29.0114 4968 kbdhid - ok
21:01:29.0154 4968 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:01:29.0164 4968 KeyIso - ok
21:01:29.0164 4968 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:01:29.0174 4968 KSecDD - ok
21:01:29.0184 4968 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:01:29.0204 4968 KSecPkg - ok
21:01:29.0204 4968 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:01:29.0244 4968 ksthunk - ok
21:01:29.0284 4968 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:01:29.0354 4968 KtmRm - ok
21:01:29.0384 4968 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:01:29.0414 4968 LanmanServer - ok
21:01:29.0464 4968 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:01:29.0524 4968 LanmanWorkstation - ok
21:01:29.0534 4968 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:01:29.0594 4968 lltdio - ok
21:01:29.0614 4968 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:01:29.0654 4968 lltdsvc - ok
21:01:29.0664 4968 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:01:29.0694 4968 lmhosts - ok
21:01:29.0714 4968 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:01:29.0724 4968 LSI_FC - ok
21:01:29.0724 4968 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:01:29.0734 4968 LSI_SAS - ok
21:01:29.0744 4968 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:01:29.0754 4968 LSI_SAS2 - ok
21:01:29.0754 4968 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:01:29.0764 4968 LSI_SCSI - ok
21:01:29.0774 4968 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:01:29.0814 4968 luafv - ok
21:01:29.0874 4968 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
21:01:29.0894 4968 LVRS64 - ok
21:01:30.0054 4968 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
21:01:30.0154 4968 LVUVC64 - ok
21:01:30.0294 4968 McAfee SiteAdvisor Service (be8c524313db75fa26fb2b0c0aaff88e) c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
21:01:30.0364 4968 McAfee SiteAdvisor Service - ok
21:01:30.0454 4968 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:01:30.0474 4968 McMPFSvc - ok
21:01:30.0514 4968 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:01:30.0534 4968 mcmscsvc - ok
21:01:30.0544 4968 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:01:30.0554 4968 McNaiAnn - ok
21:01:30.0564 4968 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:01:30.0574 4968 McNASvc - ok
21:01:30.0624 4968 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
21:01:30.0634 4968 McODS - ok
21:01:30.0634 4968 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:01:30.0644 4968 McOobeSv - ok
21:01:30.0654 4968 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:01:30.0654 4968 McProxy - ok
21:01:30.0714 4968 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
21:01:30.0784 4968 McShield - ok
21:01:30.0884 4968 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:01:30.0934 4968 Mcx2Svc - ok
21:01:30.0984 4968 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:01:31.0004 4968 megasas - ok
21:01:31.0024 4968 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:01:31.0034 4968 MegaSR - ok
21:01:31.0114 4968 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
21:01:31.0134 4968 mfeapfk - ok
21:01:31.0174 4968 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
21:01:31.0194 4968 mfeavfk - ok
21:01:31.0214 4968 mfeavfk01 - ok
21:01:31.0224 4968 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:01:31.0244 4968 mfefire - ok
21:01:31.0284 4968 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
21:01:31.0314 4968 mfefirek - ok
21:01:31.0374 4968 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
21:01:31.0414 4968 mfehidk - ok
21:01:31.0464 4968 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
21:01:31.0524 4968 mfenlfk - ok
21:01:31.0554 4968 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
21:01:31.0574 4968 mferkdet - ok
21:01:31.0594 4968 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
21:01:31.0634 4968 mfevtp - ok
21:01:31.0644 4968 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
21:01:31.0654 4968 mfewfpk - ok
21:01:31.0704 4968 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:01:31.0724 4968 MMCSS - ok
21:01:31.0754 4968 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:01:31.0814 4968 Modem - ok
21:01:31.0824 4968 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:01:31.0844 4968 monitor - ok
21:01:31.0894 4968 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:01:31.0914 4968 mouclass - ok
21:01:31.0924 4968 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:01:31.0954 4968 mouhid - ok
21:01:32.0004 4968 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:01:32.0024 4968 mountmgr - ok
21:01:32.0094 4968 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:01:32.0124 4968 MozillaMaintenance - ok
21:01:32.0154 4968 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:01:32.0164 4968 mpio - ok
21:01:32.0164 4968 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:01:32.0194 4968 mpsdrv - ok
21:01:32.0224 4968 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:01:32.0264 4968 MpsSvc - ok
21:01:32.0294 4968 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:01:32.0314 4968 MRxDAV - ok
21:01:32.0344 4968 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:01:32.0364 4968 mrxsmb - ok
21:01:32.0394 4968 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:01:32.0404 4968 mrxsmb10 - ok
21:01:32.0444 4968 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:01:32.0454 4968 mrxsmb20 - ok
21:01:32.0484 4968 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:01:32.0504 4968 msahci - ok
21:01:32.0534 4968 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:01:32.0594 4968 msdsm - ok
21:01:32.0634 4968 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:01:32.0674 4968 MSDTC - ok
21:01:32.0724 4968 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys
21:01:32.0764 4968 MSDV - ok
21:01:32.0794 4968 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:01:32.0854 4968 Msfs - ok
21:01:32.0864 4968 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:01:32.0894 4968 mshidkmdf - ok
21:01:32.0904 4968 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:01:32.0914 4968 msisadrv - ok
21:01:32.0954 4968 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:01:32.0994 4968 MSiSCSI - ok
21:01:32.0994 4968 msiserver - ok
21:01:33.0104 4968 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:01:33.0134 4968 MSK80Service - ok
21:01:33.0154 4968 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:01:33.0214 4968 MSKSSRV - ok
21:01:33.0224 4968 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:01:33.0274 4968 MSPCLOCK - ok
21:01:33.0294 4968 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:01:33.0344 4968 MSPQM - ok
21:01:33.0384 4968 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:01:33.0404 4968 MsRPC - ok
21:01:33.0454 4968 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:01:33.0474 4968 mssmbios - ok
21:01:33.0554 4968 MSSQL$SQLEXPRESS - ok
21:01:33.0604 4968 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:01:33.0624 4968 MSSQLServerADHelper100 - ok
21:01:33.0634 4968 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:01:33.0664 4968 MSTEE - ok
21:01:33.0674 4968 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:01:33.0684 4968 MTConfig - ok
21:01:33.0704 4968 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:01:33.0714 4968 Mup - ok
21:01:33.0724 4968 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:01:33.0784 4968 napagent - ok
21:01:33.0814 4968 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:01:33.0844 4968 NativeWifiP - ok
21:01:33.0864 4968 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:01:33.0884 4968 NDIS - ok
21:01:33.0894 4968 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:01:33.0924 4968 NdisCap - ok
21:01:33.0944 4968 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:01:33.0974 4968 NdisTapi - ok
21:01:34.0004 4968 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:01:34.0064 4968 Ndisuio - ok
21:01:34.0094 4968 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:34.0124 4968 NdisWan - ok
21:01:34.0154 4968 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:01:34.0174 4968 NDProxy - ok
21:01:34.0214 4968 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
21:01:34.0234 4968 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:01:34.0234 4968 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:01:34.0244 4968 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:01:34.0304 4968 NetBIOS - ok
21:01:34.0314 4968 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:01:34.0344 4968 NetBT - ok
21:01:34.0384 4968 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:01:34.0414 4968 Netlogon - ok
21:01:34.0444 4968 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:01:34.0514 4968 Netman - ok
21:01:34.0654 4968 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:34.0714 4968 NetMsmqActivator - ok
21:01:34.0754 4968 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:34.0824 4968 NetPipeActivator - ok
21:01:34.0844 4968 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:01:34.0874 4968 netprofm - ok
21:01:34.0874 4968 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:34.0924 4968 NetTcpActivator - ok
21:01:34.0924 4968 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:34.0974 4968 NetTcpPortSharing - ok
21:01:35.0044 4968 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:01:35.0064 4968 nfrd960 - ok
21:01:35.0104 4968 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:01:35.0174 4968 NlaSvc - ok
21:01:35.0194 4968 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:01:35.0214 4968 Npfs - ok
21:01:35.0244 4968 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:01:35.0294 4968 nsi - ok
21:01:35.0294 4968 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:01:35.0334 4968 nsiproxy - ok
21:01:35.0414 4968 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:01:35.0474 4968 Ntfs - ok
21:01:35.0584 4968 nTuneService - ok
21:01:35.0654 4968 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:01:35.0684 4968 Null - ok
21:01:35.0714 4968 nusb3hub (f5bc2345e8c89d4e90fafd23a2239935) C:\Windows\system32\DRIVERS\nusb3hub.sys
21:01:35.0744 4968 nusb3hub - ok
21:01:35.0804 4968 nusb3xhc (5d42578241bc2a9b4a64837077436d5f) C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:01:35.0884 4968 nusb3xhc - ok
21:01:36.0234 4968 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:01:36.0504 4968 nvlddmkm - ok
21:01:36.0584 4968 nvoclk64 (8c1d181480796d7d3366a9381fd7782d) C:\Windows\system32\DRIVERS\nvoclk64.sys
21:01:36.0624 4968 nvoclk64 - ok
21:01:36.0654 4968 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:01:36.0684 4968 nvraid - ok
21:01:36.0714 4968 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:01:36.0734 4968 nvstor - ok
21:01:36.0804 4968 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
21:01:36.0874 4968 nvsvc - ok
21:01:37.0034 4968 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:01:37.0074 4968 nvUpdatusService - ok
21:01:37.0134 4968 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:01:37.0164 4968 nv_agp - ok
21:01:37.0184 4968 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:01:37.0214 4968 ohci1394 - ok
21:01:37.0294 4968 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:01:37.0314 4968 ose - ok
21:01:37.0534 4968 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:01:37.0634 4968 osppsvc - ok
21:01:37.0704 4968 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:01:37.0744 4968 p2pimsvc - ok
21:01:37.0774 4968 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:01:37.0784 4968 p2psvc - ok
21:01:37.0814 4968 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:01:37.0824 4968 Parport - ok
21:01:37.0854 4968 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:01:37.0884 4968 partmgr - ok
21:01:37.0894 4968 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:01:37.0934 4968 PcaSvc - ok
21:01:37.0974 4968 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:01:38.0004 4968 pci - ok
21:01:38.0004 4968 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:01:38.0014 4968 pciide - ok
21:01:38.0024 4968 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:01:38.0044 4968 pcmcia - ok
21:01:38.0064 4968 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:01:38.0074 4968 pcw - ok
21:01:38.0084 4968 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:01:38.0124 4968 PEAUTH - ok
21:01:38.0174 4968 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:01:38.0214 4968 PerfHost - ok
21:01:38.0314 4968 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:01:38.0384 4968 pla - ok
21:01:38.0424 4968 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:01:38.0484 4968 PlugPlay - ok
21:01:38.0524 4968 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
21:01:38.0534 4968 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:01:38.0534 4968 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:01:38.0594 4968 pmxdrv (34bfc6ed31b4e8be940c884b8ac7d9df) C:\Windows\system32\drivers\pmxdrv.sys
21:01:38.0614 4968 pmxdrv - ok
21:01:38.0634 4968 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:01:38.0664 4968 PNRPAutoReg - ok
21:01:38.0684 4968 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:01:38.0704 4968 PNRPsvc - ok
21:01:38.0744 4968 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:01:38.0834 4968 PolicyAgent - ok
21:01:38.0874 4968 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:01:38.0914 4968 Power - ok
21:01:38.0954 4968 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:01:39.0024 4968 PptpMiniport - ok
21:01:39.0044 4968 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:01:39.0084 4968 Processor - ok
21:01:39.0114 4968 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
21:01:39.0144 4968 ProfSvc - ok
21:01:39.0184 4968 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:01:39.0204 4968 ProtectedStorage - ok
21:01:39.0244 4968 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:01:39.0284 4968 Psched - ok
21:01:39.0294 4968 pssPCI - ok
21:01:39.0334 4968 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:01:39.0354 4968 PxHlpa64 - ok
21:01:39.0434 4968 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:01:39.0504 4968 ql2300 - ok
21:01:39.0614 4968 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:01:39.0634 4968 ql40xx - ok
21:01:39.0674 4968 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:01:39.0704 4968 QWAVE - ok
21:01:39.0704 4968 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:01:39.0734 4968 QWAVEdrv - ok
21:01:39.0794 4968 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
21:01:39.0814 4968 RapiMgr - ok
21:01:39.0814 4968 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:01:39.0844 4968 RasAcd - ok
21:01:39.0874 4968 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:01:39.0914 4968 RasAgileVpn - ok
21:01:39.0924 4968 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:01:39.0964 4968 RasAuto - ok
21:01:39.0994 4968 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:01:40.0024 4968 Rasl2tp - ok
21:01:40.0044 4968 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:01:40.0074 4968 RasMan - ok
21:01:40.0084 4968 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:01:40.0124 4968 RasPppoe - ok
21:01:40.0134 4968 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:01:40.0174 4968 RasSstp - ok
21:01:40.0214 4968 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:01:40.0294 4968 rdbss - ok
21:01:40.0294 4968 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:01:40.0304 4968 rdpbus - ok
21:01:40.0324 4968 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:01:40.0354 4968 RDPCDD - ok
21:01:40.0374 4968 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:01:40.0404 4968 RDPENCDD - ok
21:01:40.0414 4968 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:01:40.0444 4968 RDPREFMP - ok
21:01:40.0474 4968 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
21:01:40.0534 4968 RDPWD - ok
21:01:40.0554 4968 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:01:40.0564 4968 rdyboost - ok
21:01:40.0594 4968 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:01:40.0634 4968 RemoteAccess - ok
21:01:40.0664 4968 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:01:40.0724 4968 RemoteRegistry - ok
21:01:40.0874 4968 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
21:01:40.0904 4968 RoxMediaDB10 - ok
21:01:40.0924 4968 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:01:40.0964 4968 RpcEptMapper - ok
21:01:40.0974 4968 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:01:40.0994 4968 RpcLocator - ok
21:01:41.0064 4968 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:01:41.0084 4968 RpcSs - ok
21:01:41.0144 4968 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
21:01:41.0164 4968 RsFx0103 - ok
21:01:41.0204 4968 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:01:41.0224 4968 rspndr - ok
21:01:41.0224 4968 RxFilter - ok
21:01:41.0264 4968 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:01:41.0274 4968 SamSs - ok
21:01:41.0304 4968 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:01:41.0354 4968 sbp2port - ok
21:01:41.0394 4968 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:01:41.0444 4968 SCardSvr - ok
21:01:41.0474 4968 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:01:41.0524 4968 scfilter - ok
21:01:41.0564 4968 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:01:41.0594 4968 Schedule - ok
21:01:41.0624 4968 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:01:41.0654 4968 SCPolicySvc - ok
21:01:41.0664 4968 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:01:41.0714 4968 SDRSVC - ok
21:01:41.0834 4968 SDScannerService (e1f35f902b825c7b18236271f398dda2) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:01:41.0864 4968 SDScannerService - ok
21:01:41.0924 4968 SDUpdateService (2db434f4ce96b3fb65d44b3ad5a4de3e) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:01:41.0944 4968 SDUpdateService - ok
21:01:41.0954 4968 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:01:41.0964 4968 SDWSCService - ok
21:01:42.0044 4968 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
21:01:42.0074 4968 SeaPort - ok
21:01:42.0184 4968 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:01:42.0224 4968 secdrv - ok
21:01:42.0234 4968 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:01:42.0264 4968 seclogon - ok
21:01:42.0304 4968 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:01:42.0344 4968 SENS - ok
21:01:42.0364 4968 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:01:42.0414 4968 SensrSvc - ok
21:01:42.0444 4968 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:01:42.0474 4968 Serenum - ok
21:01:42.0484 4968 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:01:42.0494 4968 Serial - ok
21:01:42.0514 4968 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:01:42.0524 4968 sermouse - ok
21:01:42.0564 4968 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:01:42.0624 4968 SessionEnv - ok
21:01:42.0634 4968 SessionLauncher - ok
21:01:42.0664 4968 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:01:42.0714 4968 sffdisk - ok
21:01:42.0724 4968 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:01:42.0734 4968 sffp_mmc - ok
21:01:42.0734 4968 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:01:42.0754 4968 sffp_sd - ok
21:01:42.0754 4968 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:01:42.0794 4968 sfloppy - ok
21:01:42.0814 4968 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:01:42.0844 4968 SharedAccess - ok
21:01:42.0864 4968 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:01:42.0894 4968 ShellHWDetection - ok
21:01:42.0904 4968 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:01:42.0914 4968 SiSRaid2 - ok
21:01:42.0924 4968 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:01:42.0934 4968 SiSRaid4 - ok
21:01:43.0004 4968 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
21:01:45.0304 4968 SkypeUpdate - ok
21:01:45.0314 4968 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:01:45.0344 4968 Smb - ok
21:01:45.0504 4968 SMSv3_0_2hs (4787ea164e01cafbf5da384b6edc9fc5) C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\Service\JavaSrvc.exe
21:01:45.0534 4968 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - warning
21:01:45.0534 4968 SMSv3_0_2hs - detected UnsignedFile.Multi.Generic (1)
21:01:45.0644 4968 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:01:45.0674 4968 SNMPTRAP - ok
21:01:45.0874 4968 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:01:45.0894 4968 spldr - ok
21:01:45.0934 4968 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:01:46.0014 4968 Spooler - ok
21:01:46.0144 4968 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:01:46.0224 4968 sppsvc - ok
21:01:46.0304 4968 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:01:46.0354 4968 sppuinotify - ok
21:01:46.0474 4968 SQLAgent$SQLEXPRESS (a5609d0178b2fec118a7f4a24ecd1bfb) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:01:46.0534 4968 SQLAgent$SQLEXPRESS - ok
21:01:46.0614 4968 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:01:46.0634 4968 SQLBrowser - ok
21:01:46.0704 4968 SQLWriter (c298d989d717cb153702e397b6d9aaad) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:01:46.0724 4968 SQLWriter - ok
21:01:46.0784 4968 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:01:46.0814 4968 srv - ok
21:01:46.0824 4968 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:01:46.0854 4968 srv2 - ok
21:01:46.0864 4968 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:01:46.0884 4968 srvnet - ok
21:01:46.0934 4968 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:01:46.0994 4968 SSDPSRV - ok
21:01:47.0014 4968 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:01:47.0044 4968 SstpSvc - ok
21:01:47.0094 4968 Steam Client Service - ok
21:01:47.0194 4968 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:01:47.0224 4968 Stereo Service - ok
21:01:47.0254 4968 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:01:47.0284 4968 stexstor - ok
21:01:47.0294 4968 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
21:01:47.0334 4968 StillCam - ok
21:01:47.0394 4968 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:01:47.0434 4968 stisvc - ok
21:01:47.0474 4968 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
21:01:47.0484 4968 stllssvr - ok
21:01:47.0504 4968 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:01:47.0514 4968 swenum - ok
21:01:47.0544 4968 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:01:47.0604 4968 swprv - ok
21:01:47.0664 4968 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:01:47.0744 4968 SysMain - ok
21:01:47.0814 4968 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:01:47.0854 4968 TabletInputService - ok
21:01:47.0874 4968 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:01:47.0934 4968 TapiSrv - ok
21:01:47.0944 4968 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:01:47.0964 4968 TBS - ok
21:01:48.0064 4968 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:01:48.0134 4968 Tcpip - ok
21:01:48.0244 4968 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:01:48.0264 4968 TCPIP6 - ok
21:01:48.0344 4968 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:01:48.0394 4968 tcpipreg - ok
21:01:48.0434 4968 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:01:48.0464 4968 TDPIPE - ok
21:01:48.0504 4968 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:01:48.0534 4968 TDTCP - ok
21:01:48.0564 4968 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:01:48.0604 4968 tdx - ok
21:01:48.0644 4968 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:01:48.0664 4968 TermDD - ok
21:01:48.0684 4968 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:01:48.0714 4968 TermService - ok
21:01:48.0724 4968 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:01:48.0754 4968 Themes - ok
21:01:48.0794 4968 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:01:48.0824 4968 THREADORDER - ok
21:01:48.0844 4968 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:01:48.0874 4968 TrkWks - ok
21:01:48.0934 4968 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:01:48.0974 4968 TrustedInstaller - ok
21:01:49.0004 4968 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:01:49.0064 4968 tssecsrv - ok
21:01:49.0084 4968 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:01:49.0104 4968 TsUsbFlt - ok
21:01:49.0154 4968 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:01:49.0254 4968 tunnel - ok
21:01:49.0304 4968 TurboB (f37d49111a12a97de4bb5d8ff444bd2c) C:\Windows\system32\DRIVERS\TurboB.sys
21:01:49.0374 4968 TurboB - ok
21:01:49.0474 4968 TurboBoost (44d81b1bfd2428274bba98316d9606dc) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:01:49.0494 4968 TurboBoost - ok
21:01:49.0534 4968 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:01:49.0554 4968 uagp35 - ok
21:01:49.0574 4968 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:01:49.0634 4968 udfs - ok
21:01:49.0664 4968 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:01:49.0674 4968 UI0Detect - ok
21:01:49.0704 4968 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:01:49.0714 4968 uliagpkx - ok
21:01:49.0764 4968 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:01:49.0794 4968 umbus - ok
21:01:49.0824 4968 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:01:49.0854 4968 UmPass - ok
21:01:49.0964 4968 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
21:01:50.0024 4968 UMVPFSrv - ok
21:01:50.0064 4968 UpdateCenterService - ok
21:01:50.0094 4968 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:01:50.0144 4968 upnphost - ok
21:01:50.0174 4968 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:01:50.0184 4968 usbaudio - ok
21:01:50.0214 4968 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:01:50.0294 4968 usbccgp - ok
21:01:50.0314 4968 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:01:50.0324 4968 usbcir - ok
21:01:50.0344 4968 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:01:50.0364 4968 usbehci - ok
21:01:50.0394 4968 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:01:50.0434 4968 usbhub - ok
21:01:50.0454 4968 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:01:50.0524 4968 usbohci - ok
21:01:50.0554 4968 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:01:50.0594 4968 usbprint - ok
21:01:50.0624 4968 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:01:50.0684 4968 USBSTOR - ok
21:01:50.0684 4968 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:01:50.0734 4968 usbuhci - ok
21:01:50.0784 4968 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
21:01:50.0804 4968 usb_rndisx - ok
21:01:50.0834 4968 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:01:50.0864 4968 UxSms - ok
21:01:50.0934 4968 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:01:50.0954 4968 VaultSvc - ok
21:01:51.0054 4968 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:01:51.0094 4968 vdrvroot - ok
21:01:51.0134 4968 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:01:51.0194 4968 vds - ok
21:01:51.0194 4968 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:01:51.0204 4968 vga - ok
21:01:51.0234 4968 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:01:51.0284 4968 VgaSave - ok
21:01:51.0294 4968 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:01:51.0344 4968 vhdmp - ok
21:01:51.0364 4968 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:01:51.0374 4968 viaide - ok
21:01:51.0424 4968 vmm (21c96aa588d3993191761a08dbaabb15) C:\Windows\system32\Drivers\vmm.sys
21:01:51.0454 4968 vmm - ok
21:01:51.0454 4968 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:01:51.0464 4968 volmgr - ok
21:01:51.0504 4968 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:01:51.0524 4968 volmgrx - ok
21:01:51.0544 4968 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:01:51.0554 4968 volsnap - ok
21:01:51.0564 4968 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:01:51.0584 4968 vsmraid - ok
21:01:51.0664 4968 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:01:51.0724 4968 VSS - ok
21:01:51.0834 4968 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:01:51.0874 4968 vwifibus - ok
21:01:51.0894 4968 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:01:51.0944 4968 W32Time - ok
21:01:51.0944 4968 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:01:51.0964 4968 WacomPen - ok
21:01:51.0974 4968 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:01:52.0034 4968 WANARP - ok
21:01:52.0034 4968 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:01:52.0054 4968 Wanarpv6 - ok
21:01:52.0124 4968 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
21:01:52.0174 4968 WatAdminSvc - ok
21:01:52.0234 4968 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:01:52.0304 4968 wbengine - ok
21:01:52.0344 4968 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:01:52.0384 4968 WbioSrvc - ok
21:01:52.0464 4968 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
21:01:52.0494 4968 WcesComm - ok
21:01:52.0524 4968 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:01:52.0554 4968 wcncsvc - ok
21:01:52.0574 4968 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:01:52.0634 4968 WcsPlugInService - ok
21:01:52.0674 4968 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:01:52.0694 4968 Wd - ok
21:01:52.0724 4968 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:01:52.0734 4968 Wdf01000 - ok
21:01:52.0744 4968 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:01:52.0834 4968 WdiServiceHost - ok
21:01:52.0834 4968 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:01:52.0864 4968 WdiSystemHost - ok
21:01:52.0914 4968 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:01:52.0954 4968 WebClient - ok
21:01:52.0974 4968 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:01:53.0024 4968 Wecsvc - ok
21:01:53.0034 4968 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:01:53.0074 4968 wercplsupport - ok
21:01:53.0094 4968 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:01:53.0124 4968 WerSvc - ok
21:01:53.0164 4968 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:01:53.0204 4968 WfpLwf - ok
21:01:53.0204 4968 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:01:53.0214 4968 WIMMount - ok
21:01:53.0264 4968 WinDefend - ok
21:01:53.0274 4968 WinHttpAutoProxySvc - ok
21:01:53.0324 4968 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:01:53.0364 4968 Winmgmt - ok
21:01:53.0444 4968 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:01:53.0514 4968 WinRM - ok
21:01:53.0584 4968 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:01:53.0664 4968 WinUsb - ok
21:01:53.0694 4968 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:01:53.0714 4968 Wlansvc - ok
21:01:53.0804 4968 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:01:53.0824 4968 wlcrasvc - ok
21:01:53.0934 4968 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:01:53.0964 4968 wlidsvc - ok
21:01:54.0004 4968 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:01:54.0024 4968 WmiAcpi - ok
21:01:54.0104 4968 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:01:54.0134 4968 wmiApSrv - ok
21:01:54.0154 4968 WMPNetworkSvc - ok
21:01:54.0164 4968 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:01:54.0194 4968 WPCSvc - ok
21:01:54.0224 4968 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:01:54.0244 4968 WPDBusEnum - ok
21:01:54.0274 4968 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:01:54.0334 4968 ws2ifsl - ok
21:01:54.0354 4968 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
21:01:54.0394 4968 wscsvc - ok
21:01:54.0444 4968 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
21:01:54.0484 4968 WSDPrintDevice - ok
21:01:54.0484 4968 WSearch - ok
21:01:54.0584 4968 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
21:01:54.0664 4968 wuauserv - ok
21:01:54.0764 4968 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:01:54.0824 4968 WudfPf - ok
21:01:54.0844 4968 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:54.0884 4968 WUDFRd - ok
21:01:54.0914 4968 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:01:54.0934 4968 wudfsvc - ok
21:01:54.0954 4968 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:01:54.0994 4968 WwanSvc - ok
21:01:55.0014 4968 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
21:01:55.0214 4968 \Device\Harddisk0\DR0 - ok
21:01:59.0914 4968 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR7
21:02:00.0054 4968 \Device\Harddisk5\DR7 - ok
21:02:00.0054 4968 Boot (0x1200) (a5c682221bb3be9ca89446427c662f59) \Device\Harddisk0\DR0\Partition0
21:02:00.0064 4968 \Device\Harddisk0\DR0\Partition0 - ok
21:02:00.0084 4968 Boot (0x1200) (78d9b7da3fb3aea9283e388faf2c2666) \Device\Harddisk0\DR0\Partition1
21:02:00.0084 4968 \Device\Harddisk0\DR0\Partition1 - ok
21:02:00.0134 4968 Boot (0x1200) (965458fc126dd2778950c2001965740a) \Device\Harddisk5\DR7\Partition0
21:02:00.0144 4968 \Device\Harddisk5\DR7\Partition0 - ok
21:02:00.0144 4968 ============================================================
21:02:00.0144 4968 Scan finished
21:02:00.0144 4968 ============================================================
21:02:00.0154 6408 Detected object count: 7
21:02:00.0154 6408 Actual detected object count: 7
21:02:43.0394 6408 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:43.0394 6408 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:43.0394 6408 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:43.0394 6408 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:43.0394 6408 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:43.0394 6408 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:43.0404 6408 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:43.0404 6408 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:43.0404 6408 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:43.0404 6408 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:43.0404 6408 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:43.0404 6408 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:02:43.0404 6408 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - skipped by user
21:02:43.0404 6408 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:03:36.0524 10200 ============================================================
21:03:36.0524 10200 Scan started
21:03:36.0524 10200 Mode: Manual; SigCheck; TDLFS;
21:03:36.0524 10200 ============================================================
21:03:36.0854 10200 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:03:36.0874 10200 1394ohci - ok
21:03:36.0904 10200 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
21:03:36.0934 10200 61883 - ok
21:03:36.0974 10200 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:03:36.0994 10200 ACPI - ok
21:03:37.0024 10200 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:03:37.0044 10200 AcpiPmi - ok
21:03:37.0164 10200 AdobeActiveFileMonitor9.0 (c004f38974f4d321b4c20a240e1175c0) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
21:03:37.0194 10200 AdobeActiveFileMonitor9.0 - ok
21:03:37.0254 10200 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:03:37.0264 10200 AdobeARMservice - ok
21:03:37.0374 10200 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:03:37.0394 10200 AdobeFlashPlayerUpdateSvc - ok
21:03:37.0434 10200 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:03:37.0454 10200 adp94xx - ok
21:03:37.0454 10200 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:03:37.0474 10200 adpahci - ok
21:03:37.0484 10200 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:03:37.0494 10200 adpu320 - ok
21:03:37.0534 10200 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:03:37.0574 10200 AeLookupSvc - ok
21:03:37.0594 10200 AERTFilters (3ac22a3dfa8a050e35f0e3cd99d0cdf2) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
21:03:37.0604 10200 AERTFilters - ok
21:03:37.0654 10200 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:03:37.0684 10200 AFD - ok
21:03:37.0714 10200 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:03:37.0744 10200 agp440 - ok
21:03:37.0744 10200 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:03:37.0764 10200 ALG - ok
21:03:37.0774 10200 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:03:37.0784 10200 aliide - ok
21:03:37.0844 10200 ALSysIO - ok
21:03:37.0904 10200 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:03:37.0934 10200 amdide - ok
21:03:37.0934 10200 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:03:37.0954 10200 AmdK8 - ok
21:03:37.0954 10200 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:03:37.0974 10200 AmdPPM - ok
21:03:37.0994 10200 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:03:38.0044 10200 amdsata - ok
21:03:38.0054 10200 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:03:38.0064 10200 amdsbs - ok
21:03:38.0094 10200 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:03:38.0114 10200 amdxata - ok
21:03:38.0144 10200 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:03:38.0234 10200 AppID - ok
21:03:38.0244 10200 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:03:38.0274 10200 AppIDSvc - ok
21:03:38.0314 10200 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:03:38.0374 10200 Appinfo - ok
21:03:38.0384 10200 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:03:38.0394 10200 arc - ok
21:03:38.0394 10200 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:03:38.0404 10200 arcsas - ok
21:03:38.0484 10200 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:03:38.0504 10200 aspnet_state - ok
21:03:38.0514 10200 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:03:38.0564 10200 AsyncMac - ok
21:03:38.0594 10200 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:03:38.0604 10200 atapi - ok
21:03:38.0654 10200 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:03:38.0694 10200 AudioEndpointBuilder - ok
21:03:38.0694 10200 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:03:38.0724 10200 AudioSrv - ok
21:03:38.0754 10200 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
21:03:38.0774 10200 Avc - ok
21:03:38.0804 10200 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:03:38.0824 10200 AxInstSV - ok
21:03:38.0844 10200 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:03:38.0854 10200 b06bdrv - ok
21:03:38.0874 10200 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:03:38.0884 10200 b57nd60a - ok
21:03:38.0924 10200 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:03:38.0954 10200 BDESVC - ok
21:03:38.0964 10200 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:03:39.0024 10200 Beep - ok
21:03:39.0054 10200 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:03:39.0084 10200 BFE - ok
21:03:39.0124 10200 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:03:39.0174 10200 BITS - ok
21:03:39.0204 10200 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:03:39.0214 10200 blbdrive - ok
21:03:39.0254 10200 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:03:39.0274 10200 bowser - ok
21:03:39.0284 10200 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:03:39.0304 10200 BrFiltLo - ok
21:03:39.0314 10200 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:03:39.0334 10200 BrFiltUp - ok
21:03:39.0364 10200 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:03:39.0404 10200 Browser - ok
21:03:39.0414 10200 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:03:39.0424 10200 Brserid - ok
21:03:39.0434 10200 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:03:39.0444 10200 BrSerWdm - ok
21:03:39.0454 10200 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:03:39.0474 10200 BrUsbMdm - ok
21:03:39.0474 10200 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:03:39.0484 10200 BrUsbSer - ok
21:03:39.0494 10200 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:03:39.0514 10200 BTHMODEM - ok
21:03:39.0514 10200 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:03:39.0544 10200 bthserv - ok
21:03:39.0554 10200 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:03:39.0574 10200 cdfs - ok
21:03:39.0614 10200 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:03:39.0654 10200 cdrom - ok
21:03:39.0674 10200 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:03:39.0694 10200 CertPropSvc - ok
21:03:39.0734 10200 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
21:03:39.0744 10200 cfwids - ok
21:03:39.0744 10200 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:03:39.0754 10200 circlass - ok
21:03:39.0784 10200 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:03:39.0794 10200 CLFS - ok
21:03:39.0874 10200 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:03:39.0894 10200 clr_optimization_v2.0.50727_32 - ok
21:03:39.0934 10200 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:03:39.0954 10200 clr_optimization_v2.0.50727_64 - ok

[kalpow500]

Post 2/4 (Cont. TDSS, Malwarebytes)

21:03:40.0024 10200 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:03:40.0044 10200 clr_optimization_v4.0.30319_32 - ok
21:03:40.0074 10200 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:03:40.0084 10200 clr_optimization_v4.0.30319_64 - ok
21:03:40.0084 10200 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:03:40.0094 10200 CmBatt - ok
21:03:40.0134 10200 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:03:40.0144 10200 cmdide - ok
21:03:40.0184 10200 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:03:40.0224 10200 CNG - ok
21:03:40.0234 10200 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:03:40.0244 10200 Compbatt - ok
21:03:40.0274 10200 CompFilter64 (11cc395d18ff03e95e8c6a149c84c91b) C:\Windows\system32\DRIVERS\lvbflt64.sys
21:03:40.0284 10200 CompFilter64 - ok
21:03:40.0314 10200 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:03:40.0344 10200 CompositeBus - ok
21:03:40.0344 10200 COMSysApp - ok
21:03:40.0424 10200 cpuz135 - ok
21:03:40.0484 10200 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:03:40.0504 10200 crcdisk - ok
21:03:40.0534 10200 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
21:03:40.0564 10200 CryptSvc - ok
21:03:40.0614 10200 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:03:40.0644 10200 DcomLaunch - ok
21:03:40.0674 10200 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:03:40.0704 10200 defragsvc - ok
21:03:40.0734 10200 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:03:40.0774 10200 DfsC - ok
21:03:40.0784 10200 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:03:40.0814 10200 Dhcp - ok
21:03:40.0824 10200 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:03:40.0844 10200 discache - ok
21:03:40.0854 10200 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:03:40.0864 10200 Disk - ok
21:03:40.0904 10200 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:03:40.0914 10200 Dnscache - ok
21:03:40.0944 10200 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:03:41.0014 10200 dot3svc - ok
21:03:41.0054 10200 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:03:41.0084 10200 DPS - ok
21:03:41.0104 10200 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:03:41.0124 10200 drmkaud - ok
21:03:41.0144 10200 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:03:41.0164 10200 DXGKrnl - ok
21:03:41.0204 10200 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:03:41.0254 10200 EapHost - ok
21:03:41.0334 10200 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:03:41.0374 10200 ebdrv - ok
21:03:41.0474 10200 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:03:41.0494 10200 EFS - ok
21:03:41.0534 10200 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:03:41.0594 10200 ehRecvr - ok
21:03:41.0634 10200 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:03:41.0654 10200 ehSched - ok
21:03:41.0694 10200 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:03:41.0734 10200 elxstor - ok
21:03:41.0754 10200 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:03:41.0774 10200 ErrDev - ok
21:03:41.0804 10200 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:03:41.0834 10200 EventSystem - ok
21:03:41.0834 10200 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:03:41.0864 10200 exfat - ok
21:03:41.0874 10200 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:03:41.0904 10200 fastfat - ok
21:03:41.0954 10200 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:03:41.0984 10200 Fax - ok
21:03:41.0984 10200 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:03:42.0004 10200 fdc - ok
21:03:42.0024 10200 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:03:42.0054 10200 fdPHost - ok
21:03:42.0064 10200 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:03:42.0084 10200 FDResPub - ok
21:03:42.0094 10200 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:03:42.0104 10200 FileInfo - ok
21:03:42.0144 10200 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:03:42.0184 10200 Filetrace - ok
21:03:42.0194 10200 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:03:42.0204 10200 flpydisk - ok
21:03:42.0234 10200 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:03:42.0264 10200 FltMgr - ok
21:03:42.0314 10200 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:03:42.0344 10200 FontCache - ok
21:03:42.0394 10200 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:03:42.0414 10200 FontCache3.0.0.0 - ok
21:03:42.0424 10200 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:03:42.0434 10200 FsDepends - ok
21:03:42.0464 10200 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
21:03:42.0504 10200 fssfltr - ok
21:03:42.0664 10200 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:03:42.0694 10200 fsssvc - ok
21:03:42.0744 10200 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:03:42.0814 10200 Fs_Rec - ok
21:03:42.0844 10200 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:03:42.0874 10200 fvevol - ok
21:03:42.0884 10200 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:03:42.0894 10200 gagp30kx - ok
21:03:42.0954 10200 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:03:42.0984 10200 gpsvc - ok
21:03:43.0024 10200 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:03:43.0044 10200 gupdate - ok
21:03:43.0044 10200 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:03:43.0054 10200 gupdatem - ok
21:03:43.0064 10200 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:03:43.0074 10200 hcw85cir - ok
21:03:43.0104 10200 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:03:43.0124 10200 HDAudBus - ok
21:03:43.0134 10200 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:03:43.0144 10200 HidBatt - ok
21:03:43.0154 10200 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:03:43.0164 10200 HidBth - ok
21:03:43.0164 10200 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:03:43.0184 10200 HidIr - ok
21:03:43.0214 10200 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:03:43.0234 10200 hidserv - ok
21:03:43.0244 10200 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:03:43.0254 10200 HidUsb - ok
21:03:43.0284 10200 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:03:43.0354 10200 hkmsvc - ok
21:03:43.0364 10200 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:03:43.0404 10200 HomeGroupListener - ok
21:03:43.0414 10200 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:03:43.0424 10200 HomeGroupProvider - ok
21:03:43.0534 10200 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:03:43.0544 10200 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
21:03:43.0544 10200 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
21:03:43.0554 10200 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:03:43.0564 10200 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
21:03:43.0564 10200 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
21:03:43.0584 10200 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:03:43.0604 10200 HpSAMD - ok
21:03:43.0674 10200 HPSLPSVC (d972f48d0ce396759b788693cd665926) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:03:43.0704 10200 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
21:03:43.0704 10200 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
21:03:43.0754 10200 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:03:43.0794 10200 HTTP - ok
21:03:43.0824 10200 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:03:43.0884 10200 hwpolicy - ok
21:03:43.0924 10200 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:03:43.0954 10200 i8042prt - ok
21:03:43.0994 10200 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
21:03:44.0014 10200 iaStor - ok
21:03:44.0044 10200 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:03:44.0104 10200 iaStorV - ok
21:03:44.0184 10200 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:03:44.0184 10200 IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:03:44.0184 10200 IDriverT - detected UnsignedFile.Multi.Generic (1)
21:03:44.0274 10200 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:03:44.0314 10200 idsvc - ok
21:03:44.0364 10200 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:03:44.0394 10200 iirsp - ok
21:03:44.0414 10200 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:03:44.0454 10200 IKEEXT - ok
21:03:44.0524 10200 IntcAzAudAddService (d42d651676883181400e22957a7e0b1e) C:\Windows\system32\drivers\RTKVHD64.sys
21:03:44.0584 10200 IntcAzAudAddService - ok
21:03:44.0654 10200 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:03:44.0674 10200 intelide - ok
21:03:44.0684 10200 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:03:44.0694 10200 intelppm - ok
21:03:44.0724 10200 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:03:44.0774 10200 IPBusEnum - ok
21:03:44.0794 10200 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:03:44.0854 10200 IpFilterDriver - ok
21:03:44.0874 10200 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:03:44.0904 10200 iphlpsvc - ok
21:03:44.0924 10200 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:03:44.0934 10200 IPMIDRV - ok
21:03:44.0944 10200 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:03:44.0964 10200 IPNAT - ok
21:03:44.0994 10200 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:03:45.0014 10200 IRENUM - ok
21:03:45.0034 10200 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:03:45.0044 10200 isapnp - ok
21:03:45.0054 10200 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:03:45.0104 10200 iScsiPrt - ok
21:03:45.0144 10200 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:03:45.0164 10200 k57nd60a - ok
21:03:45.0184 10200 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:03:45.0204 10200 kbdclass - ok
21:03:45.0214 10200 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:03:45.0254 10200 kbdhid - ok
21:03:45.0294 10200 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:03:45.0314 10200 KeyIso - ok
21:03:45.0334 10200 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:03:45.0344 10200 KSecDD - ok
21:03:45.0354 10200 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:03:45.0364 10200 KSecPkg - ok
21:03:45.0374 10200 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:03:45.0394 10200 ksthunk - ok
21:03:45.0434 10200 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:03:45.0464 10200 KtmRm - ok
21:03:45.0484 10200 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:03:45.0514 10200 LanmanServer - ok
21:03:45.0554 10200 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:03:45.0584 10200 LanmanWorkstation - ok
21:03:45.0594 10200 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:03:45.0624 10200 lltdio - ok
21:03:45.0644 10200 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:03:45.0664 10200 lltdsvc - ok
21:03:45.0674 10200 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:03:45.0704 10200 lmhosts - ok
21:03:45.0714 10200 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:03:45.0724 10200 LSI_FC - ok
21:03:45.0724 10200 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:03:45.0734 10200 LSI_SAS - ok
21:03:45.0744 10200 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:03:45.0754 10200 LSI_SAS2 - ok
21:03:45.0754 10200 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:03:45.0764 10200 LSI_SCSI - ok
21:03:45.0784 10200 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:03:45.0804 10200 luafv - ok
21:03:45.0844 10200 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
21:03:45.0864 10200 LVRS64 - ok
21:03:45.0994 10200 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
21:03:46.0044 10200 LVUVC64 - ok
21:03:46.0174 10200 McAfee SiteAdvisor Service (be8c524313db75fa26fb2b0c0aaff88e) c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
21:03:46.0234 10200 McAfee SiteAdvisor Service - ok
21:03:46.0344 10200 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:03:46.0364 10200 McMPFSvc - ok
21:03:46.0374 10200 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:03:46.0384 10200 mcmscsvc - ok
21:03:46.0384 10200 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:03:46.0394 10200 McNaiAnn - ok
21:03:46.0404 10200 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:03:46.0414 10200 McNASvc - ok
21:03:46.0454 10200 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
21:03:46.0484 10200 McODS - ok
21:03:46.0484 10200 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:03:46.0504 10200 McOobeSv - ok
21:03:46.0504 10200 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:03:46.0514 10200 McProxy - ok
21:03:46.0574 10200 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
21:03:46.0624 10200 McShield - ok
21:03:46.0714 10200 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:03:46.0744 10200 Mcx2Svc - ok
21:03:46.0784 10200 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:03:46.0804 10200 megasas - ok
21:03:46.0804 10200 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:03:46.0824 10200 MegaSR - ok
21:03:46.0864 10200 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
21:03:46.0884 10200 mfeapfk - ok
21:03:46.0924 10200 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
21:03:46.0944 10200 mfeavfk - ok
21:03:46.0944 10200 mfeavfk01 - ok
21:03:46.0974 10200 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:03:46.0984 10200 mfefire - ok
21:03:47.0014 10200 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
21:03:47.0044 10200 mfefirek - ok
21:03:47.0094 10200 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
21:03:47.0124 10200 mfehidk - ok
21:03:47.0144 10200 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
21:03:47.0184 10200 mfenlfk - ok
21:03:47.0214 10200 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
21:03:47.0224 10200 mferkdet - ok
21:03:47.0264 10200 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
21:03:47.0344 10200 mfevtp - ok
21:03:47.0354 10200 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
21:03:47.0374 10200 mfewfpk - ok
21:03:47.0394 10200 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:03:47.0444 10200 MMCSS - ok
21:03:47.0444 10200 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:03:47.0474 10200 Modem - ok
21:03:47.0484 10200 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:03:47.0494 10200 monitor - ok
21:03:47.0534 10200 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:03:47.0554 10200 mouclass - ok
21:03:47.0554 10200 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:03:47.0564 10200 mouhid - ok
21:03:47.0604 10200 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:03:47.0634 10200 mountmgr - ok
21:03:47.0704 10200 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:03:47.0714 10200 MozillaMaintenance - ok
21:03:47.0724 10200 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:03:47.0734 10200 mpio - ok
21:03:47.0744 10200 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:03:47.0774 10200 mpsdrv - ok
21:03:47.0814 10200 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:03:47.0864 10200 MpsSvc - ok
21:03:47.0894 10200 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:03:47.0914 10200 MRxDAV - ok
21:03:47.0944 10200 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:03:47.0964 10200 mrxsmb - ok
21:03:48.0004 10200 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:03:48.0024 10200 mrxsmb10 - ok
21:03:48.0064 10200 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:03:48.0084 10200 mrxsmb20 - ok
21:03:48.0104 10200 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:03:48.0114 10200 msahci - ok
21:03:48.0124 10200 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:03:48.0174 10200 msdsm - ok
21:03:48.0194 10200 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:03:48.0204 10200 MSDTC - ok
21:03:48.0234 10200 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys
21:03:48.0264 10200 MSDV - ok
21:03:48.0284 10200 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:03:48.0304 10200 Msfs - ok
21:03:48.0314 10200 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:03:48.0334 10200 mshidkmdf - ok
21:03:48.0364 10200 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:03:48.0384 10200 msisadrv - ok
21:03:48.0424 10200 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:03:48.0464 10200 MSiSCSI - ok
21:03:48.0464 10200 msiserver - ok
21:03:48.0624 10200 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:03:48.0654 10200 MSK80Service - ok
21:03:48.0674 10200 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:03:48.0724 10200 MSKSSRV - ok
21:03:48.0754 10200 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:03:48.0774 10200 MSPCLOCK - ok
21:03:48.0774 10200 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:03:48.0804 10200 MSPQM - ok
21:03:48.0834 10200 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:03:48.0864 10200 MsRPC - ok
21:03:48.0874 10200 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:03:48.0884 10200 mssmbios - ok
21:03:48.0944 10200 MSSQL$SQLEXPRESS - ok
21:03:48.0994 10200 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:03:49.0014 10200 MSSQLServerADHelper100 - ok
21:03:49.0024 10200 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:03:49.0054 10200 MSTEE - ok
21:03:49.0054 10200 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:03:49.0074 10200 MTConfig - ok
21:03:49.0084 10200 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:03:49.0094 10200 Mup - ok
21:03:49.0134 10200 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:03:49.0154 10200 napagent - ok
21:03:49.0174 10200 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:03:49.0194 10200 NativeWifiP - ok
21:03:49.0224 10200 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:03:49.0244 10200 NDIS - ok
21:03:49.0254 10200 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:03:49.0284 10200 NdisCap - ok
21:03:49.0294 10200 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:03:49.0314 10200 NdisTapi - ok
21:03:49.0354 10200 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:03:49.0424 10200 Ndisuio - ok
21:03:49.0454 10200 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:03:49.0484 10200 NdisWan - ok
21:03:49.0514 10200 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:03:49.0544 10200 NDProxy - ok
21:03:49.0574 10200 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
21:03:49.0574 10200 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:03:49.0574 10200 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:03:49.0584 10200 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:03:49.0614 10200 NetBIOS - ok
21:03:49.0624 10200 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:03:49.0644 10200 NetBT - ok
21:03:49.0664 10200 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:03:49.0674 10200 Netlogon - ok
21:03:49.0734 10200 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:03:49.0784 10200 Netman - ok
21:03:49.0884 10200 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:03:49.0934 10200 NetMsmqActivator - ok
21:03:49.0934 10200 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:03:49.0984 10200 NetPipeActivator - ok
21:03:50.0004 10200 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:03:50.0034 10200 netprofm - ok
21:03:50.0034 10200 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:03:50.0084 10200 NetTcpActivator - ok
21:03:50.0084 10200 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:03:50.0134 10200 NetTcpPortSharing - ok
21:03:50.0134 10200 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:03:50.0144 10200 nfrd960 - ok
21:03:50.0164 10200 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:03:50.0194 10200 NlaSvc - ok
21:03:50.0204 10200 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:03:50.0234 10200 Npfs - ok
21:03:50.0244 10200 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:03:50.0274 10200 nsi - ok
21:03:50.0274 10200 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:03:50.0304 10200 nsiproxy - ok
21:03:50.0514 10200 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:03:50.0544 10200 Ntfs - ok
21:03:50.0594 10200 nTuneService - ok
21:03:50.0654 10200 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:03:50.0704 10200 Null - ok
21:03:50.0734 10200 nusb3hub (f5bc2345e8c89d4e90fafd23a2239935) C:\Windows\system32\DRIVERS\nusb3hub.sys
21:03:50.0754 10200 nusb3hub - ok
21:03:50.0764 10200 nusb3xhc (5d42578241bc2a9b4a64837077436d5f) C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:03:50.0804 10200 nusb3xhc - ok
21:03:51.0124 10200 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:03:51.0264 10200 nvlddmkm - ok
21:03:51.0304 10200 nvoclk64 (8c1d181480796d7d3366a9381fd7782d) C:\Windows\system32\DRIVERS\nvoclk64.sys
21:03:51.0384 10200 nvoclk64 - ok
21:03:51.0404 10200 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:03:51.0414 10200 nvraid - ok
21:03:51.0424 10200 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:03:51.0444 10200 nvstor - ok
21:03:51.0494 10200 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
21:03:51.0514 10200 nvsvc - ok
21:03:51.0604 10200 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:03:51.0634 10200 nvUpdatusService - ok
21:03:51.0704 10200 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:03:51.0714 10200 nv_agp - ok
21:03:51.0724 10200 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:03:51.0734 10200 ohci1394 - ok
21:03:51.0784 10200 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:03:51.0804 10200 ose - ok
21:03:52.0024 10200 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:03:52.0084 10200 osppsvc - ok
21:03:52.0144 10200 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:03:52.0164 10200 p2pimsvc - ok
21:03:52.0184 10200 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:03:52.0194 10200 p2psvc - ok
21:03:52.0224 10200 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:03:52.0254 10200 Parport - ok
21:03:52.0294 10200 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:03:52.0314 10200 partmgr - ok
21:03:52.0324 10200 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:03:52.0344 10200 PcaSvc - ok
21:03:52.0364 10200 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:03:52.0374 10200 pci - ok
21:03:52.0374 10200 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:03:52.0384 10200 pciide - ok
21:03:52.0394 10200 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:03:52.0404 10200 pcmcia - ok
21:03:52.0424 10200 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:03:52.0434 10200 pcw - ok
21:03:52.0454 10200 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:03:52.0484 10200 PEAUTH - ok
21:03:52.0534 10200 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:03:52.0554 10200 PerfHost - ok
21:03:52.0654 10200 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:03:52.0714 10200 pla - ok
21:03:52.0764 10200 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:03:52.0774 10200 PlugPlay - ok
21:03:52.0804 10200 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
21:03:52.0804 10200 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:03:52.0804 10200 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:03:52.0844 10200 pmxdrv (34bfc6ed31b4e8be940c884b8ac7d9df) C:\Windows\system32\drivers\pmxdrv.sys
21:03:52.0864 10200 pmxdrv - ok
21:03:52.0894 10200 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:03:52.0914 10200 PNRPAutoReg - ok
21:03:52.0934 10200 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:03:52.0944 10200 PNRPsvc - ok
21:03:52.0994 10200 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:03:53.0044 10200 PolicyAgent - ok
21:03:53.0094 10200 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:03:53.0114 10200 Power - ok
21:03:53.0144 10200 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:03:53.0204 10200 PptpMiniport - ok
21:03:53.0234 10200 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:03:53.0244 10200 Processor - ok
21:03:53.0264 10200 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
21:03:53.0284 10200 ProfSvc - ok
21:03:53.0324 10200 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:03:53.0334 10200 ProtectedStorage - ok
21:03:53.0364 10200 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:03:53.0384 10200 Psched - ok
21:03:53.0394 10200 pssPCI - ok
21:03:53.0424 10200 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:03:53.0434 10200 PxHlpa64 - ok
21:03:53.0504 10200 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:03:53.0534 10200 ql2300 - ok
21:03:53.0594 10200 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:03:53.0614 10200 ql40xx - ok
21:03:53.0634 10200 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:03:53.0674 10200 QWAVE - ok
21:03:53.0684 10200 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:03:53.0694 10200 QWAVEdrv - ok
21:03:53.0734 10200 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
21:03:53.0764 10200 RapiMgr - ok
21:03:53.0764 10200 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:03:53.0794 10200 RasAcd - ok
21:03:53.0824 10200 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:03:53.0844 10200 RasAgileVpn - ok
21:03:53.0854 10200 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:03:53.0884 10200 RasAuto - ok
21:03:53.0924 10200 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:03:53.0944 10200 Rasl2tp - ok
21:03:53.0964 10200 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:03:53.0984 10200 RasMan - ok
21:03:54.0004 10200 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:03:54.0024 10200 RasPppoe - ok
21:03:54.0034 10200 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:03:54.0054 10200 RasSstp - ok
21:03:54.0084 10200 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:03:54.0134 10200 rdbss - ok
21:03:54.0134 10200 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:03:54.0144 10200 rdpbus - ok
21:03:54.0154 10200 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:03:54.0174 10200 RDPCDD - ok
21:03:54.0184 10200 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:03:54.0204 10200 RDPENCDD - ok
21:03:54.0224 10200 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:03:54.0244 10200 RDPREFMP - ok
21:03:54.0284 10200 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
21:03:54.0294 10200 RDPWD - ok
21:03:54.0334 10200 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:03:54.0364 10200 rdyboost - ok
21:03:54.0384 10200 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:03:54.0434 10200 RemoteAccess - ok
21:03:54.0444 10200 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:03:54.0474 10200 RemoteRegistry - ok
21:03:54.0624 10200 RoxMediaDB10 (05fc44d32a144925eae45570029fd6e1) c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
21:03:54.0644 10200 RoxMediaDB10 - ok
21:03:54.0654 10200 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:03:54.0684 10200 RpcEptMapper - ok
21:03:54.0684 10200 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:03:54.0694 10200 RpcLocator - ok
21:03:54.0734 10200 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:03:54.0774 10200 RpcSs - ok
21:03:54.0844 10200 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
21:03:54.0864 10200 RsFx0103 - ok
21:03:54.0884 10200 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:03:54.0904 10200 rspndr - ok
21:03:54.0914 10200 RxFilter - ok
21:03:54.0944 10200 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:03:54.0954 10200 SamSs - ok
21:03:54.0984 10200 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:03:55.0064 10200 sbp2port - ok
21:03:55.0074 10200 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:03:55.0104 10200 SCardSvr - ok
21:03:55.0134 10200 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:03:55.0174 10200 scfilter - ok
21:03:55.0224 10200 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:03:55.0264 10200 Schedule - ok
21:03:55.0294 10200 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:03:55.0334 10200 SCPolicySvc - ok
21:03:55.0344 10200 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:03:55.0384 10200 SDRSVC - ok
21:03:55.0474 10200 SDScannerService (e1f35f902b825c7b18236271f398dda2) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:03:55.0504 10200 SDScannerService - ok
21:03:55.0534 10200 SDUpdateService (2db434f4ce96b3fb65d44b3ad5a4de3e) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:03:55.0544 10200 SDUpdateService - ok
21:03:55.0554 10200 SDWSCService (59dce6783f9ed27eb72c81466e363bf8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:03:55.0564 10200 SDWSCService - ok
21:03:55.0624 10200 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
21:03:55.0654 10200 SeaPort - ok
21:03:55.0754 10200 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:03:55.0804 10200 secdrv - ok
21:03:55.0814 10200 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:03:55.0844 10200 seclogon - ok
21:03:55.0874 10200 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:03:55.0904 10200 SENS - ok
21:03:55.0914 10200 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:03:55.0924 10200 SensrSvc - ok
21:03:55.0934 10200 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:03:55.0944 10200 Serenum - ok
21:03:55.0944 10200 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:03:55.0954 10200 Serial - ok
21:03:55.0984 10200 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:03:55.0994 10200 sermouse - ok
21:03:56.0024 10200 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:03:56.0054 10200 SessionEnv - ok
21:03:56.0064 10200 SessionLauncher - ok
21:03:56.0084 10200 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:03:56.0094 10200 sffdisk - ok
21:03:56.0104 10200 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:03:56.0114 10200 sffp_mmc - ok
21:03:56.0114 10200 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:03:56.0124 10200 sffp_sd - ok
21:03:56.0124 10200 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:03:56.0134 10200 sfloppy - ok
21:03:56.0174 10200 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:03:56.0204 10200 SharedAccess - ok
21:03:56.0214 10200 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:03:56.0244 10200 ShellHWDetection - ok
21:03:56.0244 10200 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:03:56.0254 10200 SiSRaid2 - ok
21:03:56.0264 10200 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:03:56.0274 10200 SiSRaid4 - ok
21:03:56.0314 10200 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
21:03:58.0564 10200 SkypeUpdate - ok
21:03:58.0574 10200 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:03:58.0594 10200 Smb - ok
21:03:58.0724 10200 SMSv3_0_2hs (4787ea164e01cafbf5da384b6edc9fc5) C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\Service\JavaSrvc.exe
21:03:58.0734 10200 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - warning
21:03:58.0734 10200 SMSv3_0_2hs - detected UnsignedFile.Multi.Generic (1)
21:03:58.0734 10200 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:03:58.0744 10200 SNMPTRAP - ok
21:03:58.0764 10200 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:03:58.0774 10200 spldr - ok
21:03:58.0794 10200 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:03:58.0854 10200 Spooler - ok
21:03:58.0954 10200 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:03:59.0004 10200 sppsvc - ok
21:03:59.0064 10200 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:03:59.0094 10200 sppuinotify - ok
21:03:59.0154 10200 SQLAgent$SQLEXPRESS (a5609d0178b2fec118a7f4a24ecd1bfb) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:03:59.0204 10200 SQLAgent$SQLEXPRESS - ok
21:03:59.0254 10200 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:03:59.0264 10200 SQLBrowser - ok
21:03:59.0324 10200 SQLWriter (c298d989d717cb153702e397b6d9aaad) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:03:59.0324 10200 SQLWriter - ok
21:03:59.0374 10200 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:03:59.0384 10200 srv - ok
21:03:59.0404 10200 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:03:59.0414 10200 srv2 - ok
21:03:59.0424 10200 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:03:59.0434 10200 srvnet - ok
21:03:59.0444 10200 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:03:59.0474 10200 SSDPSRV - ok
21:03:59.0494 10200 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:03:59.0514 10200 SstpSvc - ok
21:03:59.0534 10200 Steam Client Service - ok
21:03:59.0634 10200 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:03:59.0664 10200 Stereo Service - ok
21:03:59.0694 10200 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:03:59.0724 10200 stexstor - ok
21:03:59.0744 10200 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
21:03:59.0754 10200 StillCam - ok
21:03:59.0814 10200 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:03:59.0854 10200 stisvc - ok
21:03:59.0894 10200 stllssvr (ff5eb78af7dfb68c2fb363537aaf753e) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
21:03:59.0914 10200 stllssvr - ok
21:03:59.0934 10200 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:03:59.0944 10200 swenum - ok
21:03:59.0964 10200 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:03:59.0994 10200 swprv - ok
21:04:00.0054 10200 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:04:00.0084 10200 SysMain - ok
21:04:00.0184 10200 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:04:00.0214 10200 TabletInputService - ok
21:04:00.0224 10200 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:04:00.0284 10200 TapiSrv - ok
21:04:00.0294 10200 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:04:00.0314 10200 TBS - ok
21:04:00.0404 10200 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:04:00.0444 10200 Tcpip - ok
21:04:00.0524 10200 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:04:00.0564 10200 TCPIP6 - ok
21:04:00.0614 10200 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:04:00.0664 10200 tcpipreg - ok
21:04:00.0694 10200 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:04:00.0724 10200 TDPIPE - ok
21:04:00.0754 10200 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:04:00.0784 10200 TDTCP - ok
21:04:00.0794 10200 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:04:00.0824 10200 tdx - ok
21:04:00.0844 10200 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:04:00.0854 10200 TermDD - ok
21:04:00.0874 10200 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:04:00.0904 10200 TermService - ok
21:04:00.0914 10200 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:04:00.0934 10200 Themes - ok
21:04:00.0964 10200 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:04:01.0004 10200 THREADORDER - ok
21:04:01.0014 10200 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:04:01.0044 10200 TrkWks - ok
21:04:01.0074 10200 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:04:01.0134 10200 TrustedInstaller - ok
21:04:01.0184 10200 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:04:01.0214 10200 tssecsrv - ok
21:04:01.0224 10200 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:04:01.0234 10200 TsUsbFlt - ok
21:04:01.0274 10200 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:04:01.0334 10200 tunnel - ok
21:04:01.0384 10200 TurboB (f37d49111a12a97de4bb5d8ff444bd2c) C:\Windows\system32\DRIVERS\TurboB.sys
21:04:01.0444 10200 TurboB - ok
21:04:01.0544 10200 TurboBoost (44d81b1bfd2428274bba98316d9606dc) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
21:04:01.0564 10200 TurboBoost - ok
21:04:01.0594 10200 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:04:01.0624 10200 uagp35 - ok
21:04:01.0664 10200 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:04:01.0734 10200 udfs - ok
21:04:01.0754 10200 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:04:01.0764 10200 UI0Detect - ok
21:04:01.0794 10200 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:04:01.0804 10200 uliagpkx - ok
21:04:01.0844 10200 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:04:01.0874 10200 umbus - ok
21:04:01.0894 10200 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:04:01.0904 10200 UmPass - ok
21:04:01.0994 10200 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
21:04:02.0014 10200 UMVPFSrv - ok
21:04:02.0034 10200 UpdateCenterService - ok
21:04:02.0064 10200 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:04:02.0094 10200 upnphost - ok
21:04:02.0094 10200 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
21:04:02.0114 10200 usbaudio - ok
21:04:02.0144 10200 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:04:02.0184 10200 usbccgp - ok
21:04:02.0194 10200 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:04:02.0214 10200 usbcir - ok
21:04:02.0224 10200 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:04:02.0234 10200 usbehci - ok
21:04:02.0244 10200 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:04:02.0254 10200 usbhub - ok
21:04:02.0284 10200 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:04:02.0324 10200 usbohci - ok
21:04:02.0334 10200 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:04:02.0354 10200 usbprint - ok
21:04:02.0384 10200 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:04:02.0394 10200 USBSTOR - ok
21:04:02.0404 10200 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:04:02.0444 10200 usbuhci - ok
21:04:02.0464 10200 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
21:04:02.0474 10200 usb_rndisx - ok
21:04:02.0484 10200 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:04:02.0514 10200 UxSms - ok
21:04:02.0544 10200 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:04:02.0564 10200 VaultSvc - ok
21:04:02.0574 10200 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:04:02.0584 10200 vdrvroot - ok
21:04:02.0634 10200 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:04:02.0684 10200 vds - ok
21:04:02.0684 10200 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:04:02.0694 10200 vga - ok
21:04:02.0724 10200 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:04:02.0764 10200 VgaSave - ok
21:04:02.0784 10200 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:04:02.0824 10200 vhdmp - ok
21:04:02.0844 10200 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:04:02.0854 10200 viaide - ok
21:04:02.0894 10200 vmm (21c96aa588d3993191761a08dbaabb15) C:\Windows\system32\Drivers\vmm.sys
21:04:02.0904 10200 vmm - ok
21:04:02.0914 10200 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:04:02.0924 10200 volmgr - ok
21:04:02.0964 10200 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:04:02.0984 10200 volmgrx - ok
21:04:03.0004 10200 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:04:03.0014 10200 volsnap - ok
21:04:03.0024 10200 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:04:03.0034 10200 vsmraid - ok
21:04:03.0104 10200 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:04:03.0154 10200 VSS - ok
21:04:03.0244 10200 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:04:03.0274 10200 vwifibus - ok
21:04:03.0294 10200 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:04:03.0344 10200 W32Time - ok
21:04:03.0354 10200 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:04:03.0364 10200 WacomPen - ok
21:04:03.0374 10200 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:04:03.0394 10200 WANARP - ok
21:04:03.0394 10200 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:04:03.0424 10200 Wanarpv6 - ok
21:04:03.0474 10200 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
21:04:03.0504 10200 WatAdminSvc - ok
21:04:03.0534 10200 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:04:03.0604 10200 wbengine - ok
21:04:03.0644 10200 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:04:03.0664 10200 WbioSrvc - ok
21:04:03.0724 10200 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
21:04:03.0754 10200 WcesComm - ok
21:04:03.0784 10200 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:04:03.0804 10200 wcncsvc - ok
21:04:03.0814 10200 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:04:03.0824 10200 WcsPlugInService - ok
21:04:03.0824 10200 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:04:03.0844 10200 Wd - ok
21:04:03.0884 10200 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:04:03.0904 10200 Wdf01000 - ok
21:04:03.0914 10200 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:04:03.0934 10200 WdiServiceHost - ok
21:04:03.0934 10200 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:04:03.0954 10200 WdiSystemHost - ok
21:04:03.0974 10200 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:04:04.0004 10200 WebClient - ok
21:04:04.0044 10200 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:04:04.0094 10200 Wecsvc - ok
21:04:04.0104 10200 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:04:04.0134 10200 wercplsupport - ok
21:04:04.0134 10200 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:04:04.0164 10200 WerSvc - ok
21:04:04.0194 10200 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:04:04.0244 10200 WfpLwf - ok
21:04:04.0244 10200 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:04:04.0254 10200 WIMMount - ok
21:04:04.0284 10200 WinDefend - ok
21:04:04.0294 10200 WinHttpAutoProxySvc - ok
21:04:04.0354 10200 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:04:04.0394 10200 Winmgmt - ok
21:04:04.0434 10200 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:04:04.0474 10200 WinRM - ok
21:04:04.0524 10200 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:04:04.0594 10200 WinUsb - ok
21:04:04.0624 10200 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:04:04.0664 10200 Wlansvc - ok
21:04:04.0774 10200 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:04:04.0794 10200 wlcrasvc - ok
21:04:04.0934 10200 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:04:04.0974 10200 wlidsvc - ok
21:04:05.0044 10200 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:04:05.0074 10200 WmiAcpi - ok
21:04:05.0274 10200 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:04:05.0314 10200 wmiApSrv - ok
21:04:05.0314 10200 WMPNetworkSvc - ok
21:04:05.0314 10200 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:04:05.0324 10200 WPCSvc - ok
21:04:05.0364 10200 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:04:05.0374 10200 WPDBusEnum - ok
21:04:05.0384 10200 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:04:05.0404 10200 ws2ifsl - ok
21:04:05.0424 10200 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
21:04:05.0444 10200 wscsvc - ok
21:04:05.0474 10200 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
21:04:05.0484 10200 WSDPrintDevice - ok
21:04:05.0484 10200 WSearch - ok
21:04:05.0584 10200 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
21:04:05.0634 10200 wuauserv - ok
21:04:05.0694 10200 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:04:05.0744 10200 WudfPf - ok
21:04:05.0754 10200 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:04:05.0774 10200 WUDFRd - ok
21:04:05.0814 10200 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:04:05.0854 10200 wudfsvc - ok
21:04:05.0874 10200 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:04:05.0884 10200 WwanSvc - ok
21:04:05.0904 10200 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
21:04:06.0094 10200 \Device\Harddisk0\DR0 - ok
21:04:06.0094 10200 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR7
21:04:06.0144 10200 \Device\Harddisk5\DR7 - ok
21:04:06.0144 10200 Boot (0x1200) (a5c682221bb3be9ca89446427c662f59) \Device\Harddisk0\DR0\Partition0
21:04:06.0154 10200 \Device\Harddisk0\DR0\Partition0 - ok
21:04:06.0154 10200 Boot (0x1200) (78d9b7da3fb3aea9283e388faf2c2666) \Device\Harddisk0\DR0\Partition1
21:04:06.0154 10200 \Device\Harddisk0\DR0\Partition1 - ok
21:04:06.0154 10200 Boot (0x1200) (965458fc126dd2778950c2001965740a) \Device\Harddisk5\DR7\Partition0
21:04:06.0154 10200 \Device\Harddisk5\DR7\Partition0 - ok
21:04:06.0154 10200 ============================================================
21:04:06.0154 10200 Scan finished
21:04:06.0154 10200 ============================================================
21:04:06.0164 4844 Detected object count: 7
21:04:06.0164 4844 Actual detected object count: 7
21:04:27.0144 4844 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:27.0144 4844 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:04:27.0144 4844 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:27.0144 4844 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:04:27.0154 4844 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:27.0154 4844 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:04:27.0154 4844 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:27.0154 4844 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:04:27.0154 4844 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:27.0154 4844 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:04:27.0154 4844 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:27.0154 4844 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:04:27.0154 4844 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:27.0154 4844 SMSv3_0_2hs ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:04:42.0994 9716 Deinitialize success

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.12.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jacob :: JIMMY [administrator]

6/11/2012 9:08:10 PM
mbam-log-2012-06-11 (21-08-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 311301
Time elapsed: 11 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

[kalpow500]

Post 3/4 (OTL)
OTL logfile created on: 6/11/2012 9:24:12 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Jacob\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 6.35 Gb Available Physical Memory | 79.46% Memory free
15.98 Gb Paging File | 13.16 Gb Available in Paging File | 82.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.82 Gb Total Space | 664.10 Gb Free Space | 72.43% Space Free | Partition Type: NTFS
Drive D: | 654.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 931.51 Gb Total Space | 322.79 Gb Free Space | 34.65% Space Free | Partition Type: NTFS

Computer Name: JIMMY | User Name: Jacob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/11 21:06:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jacob\Desktop\OTL.exe
PRC - [2012/05/10 16:29:50 | 003,349,488 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/05/10 16:29:02 | 000,838,136 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/05/10 16:28:58 | 001,122,296 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/03/22 10:55:02 | 000,166,528 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/15 04:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/04/01 01:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010/11/20 08:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/11/20 08:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
PRC - [2010/09/06 03:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2009/10/21 13:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/07/17 18:07:58 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
PRC - [2009/06/24 22:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2006/04/21 11:20:54 | 000,065,536 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\service\JavaSrvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/10 16:28:12 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/05/10 16:28:10 | 000,517,632 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/05/10 16:28:10 | 000,410,112 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/21 12:37:32 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/31 18:01:34 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2012/06/07 13:13:49 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/31 15:40:07 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/26 19:29:15 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/13 12:21:16 | 000,103,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/15 04:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/04/01 01:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/09/06 03:19:58 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/03/22 09:17:24 | 000,276,584 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/06 13:24:54 | 000,282,728 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009/06/26 13:19:12 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/21 22:35:32 | 000,923,136 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/04/21 11:20:54 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files (x86)\Rosetta Stone\SMS v3.0.2hs\service\JavaSrvc.exe -- (SMSv3_0_2hs)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/04/01 01:07:54 | 004,184,672 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUVC64.sys -- (LVUVC64) Logitech HD Pro Webcam C910(UVC)
DRV:64bit: - [2011/04/01 01:06:22 | 000,341,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/04/01 01:04:32 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/08 15:42:16 | 000,295,272 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:64bit: - [2010/07/19 20:26:05 | 000,038,536 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2010/05/21 12:37:20 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/10/27 00:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009/10/27 00:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/09/15 14:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvoclk64.sys -- (nvoclk64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 20:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/13 20:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 20:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 20:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/06/20 08:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink ™
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 22:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV - [2010/01/08 22:46:54 | 000,004,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pssPCI.sys -- (pssPCI)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/26 12:27:28 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\RxFilter.sys -- (RxFilter)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {21312112-26F9-4905-858A-50735BA693DA}
IE:64bit: - HKLM\..\SearchScopes\{21312112-26F9-4905-858A-50735BA693DA}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {4215ED94-CD74-4D53-9A1C-2354503FC392}
IE - HKLM\..\SearchScopes\{4215ED94-CD74-4D53-9A1C-2354503FC392}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.cbn.com/cbnnews/ [binary data]
IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://zradio.org/
IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\SearchScopes,DefaultScope = {4215ED94-CD74-4D53-9A1C-2354503FC392}
IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\SearchScopes\{33592108-D5EC-42DD-BA23-4D5502D9EDCE}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\SearchScopes\{BB15A293-D2D2-4DE2-93E5-B711D83AC3DA}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://zradio.org/"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/02/24 17:01:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/04/25 10:32:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/07 13:13:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/16 22:19:49 | 000,000,000 | ---D | M]

[2010/02/07 17:51:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jacob\AppData\Roaming\Mozilla\Extensions
[2012/06/11 20:56:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\9iiiea8p.default\extensions
[2010/02/07 17:54:02 | 000,002,164 | ---- | M] () -- C:\Users\Jacob\AppData\Roaming\Mozilla\Firefox\Profiles\9iiiea8p.default\searchplugins\bing.xml
[2012/06/07 13:14:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/25 10:32:30 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2012/02/24 17:01:08 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2012/06/11 20:56:44 | 000,525,295 | ---- | M] () (No name found) -- C:\USERS\JACOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IIIEA8P.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/05/25 12:49:13 | 000,004,733 | ---- | M] () (No name found) -- C:\USERS\JACOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9IIIEA8P.DEFAULT\EXTENSIONS\JSODOPCYVW@JSODOPCYVW.ORG.XPI
[2012/06/07 13:13:49 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/04/21 14:50:44 | 000,682,496 | ---- | M] (YoYoGames) -- C:\Program Files (x86)\mozilla firefox\plugins\NPYYGInstantPlay.dll
[2012/06/07 13:13:47 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/09/29 11:28:34 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/06/07 13:13:47 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120425081238.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120425081238.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001..\Run: [Apps] C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1012..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1012..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKLM..\RunOnceEx: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\ContentMerger10.exe (Sonic Solutions)
O4 - Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Jacob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FavsAll - Shortcut.lnk = C:\Users\Public\Music\Music\Playlists\FavsAll.wpl ()
O4 - Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: flvs.net ([learn] http in Trusted sites)
O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: live.com ([onecare] http in Trusted sites)
O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001\..Trusted Domains: yoyogames.com ([www] http in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2B497CAF-D938-4059-BA76-0DA5DB77EA0A} https://72.156.249.2....RichUpload.cab (Wssg.Web.FileAccess.RichUpload.UploadControl Class)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/im...r/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Key error.)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} http://srtest-cdn.sy...eqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} http://65.44.139.2:9203/camclictrl.cab (Camera Stream Client Control Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius....tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames...ctivex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://clients.futur...deploy/FMSI.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://berklee.webe...br/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{410F48CF-12A3-40EB-B398-2C0A4D370576}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/30 18:42:25 | 000,000,000 | ---D | M] - D:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2005/01/26 16:42:47 | 000,000,039 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/02/15 00:53:50 | 000,000,027 | ---- | M] () - K:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{05e3f4e0-cc40-11de-9b14-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{05e3f4e0-cc40-11de-9b14-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Autorun\autorun.exe -- [2002/12/10 06:00:30 | 001,089,536 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/11 21:06:55 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Jacob\Desktop\OTL.exe
[2012/06/11 20:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/06/11 11:51:44 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{601E397C-C67E-498A-866F-A191C37C14B4}
[2012/06/11 11:51:32 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{E18E85D7-1BDC-4391-A3A4-D2E99ECE2FA8}
[2012/06/09 20:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sibelius Software
[2012/06/09 13:54:17 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{46571528-A6D5-4000-8F4C-72834C35E911}
[2012/06/09 13:54:04 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{E424CDF8-4701-4908-8785-C9E478281815}
[2012/06/08 11:48:57 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{C66CDB0D-5EB0-48D0-8028-F1B7B9B04E2D}
[2012/06/08 11:48:45 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{5E27C6B3-A30E-4DA0-836B-0EA2D1040F17}
[2012/06/07 13:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/06/07 13:14:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/06/07 13:11:44 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{D95F4EEE-713D-4111-AED0-753CC755D21B}
[2012/06/07 13:11:31 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{3C788A4D-6569-4A73-B1CE-B500CF4D25C3}
[2012/06/07 01:11:01 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{85B3D4CF-9BAB-4085-8501-0AE3644D23E4}
[2012/06/07 01:10:48 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{A9270E0F-AD0C-4987-9E42-27E5C78252B7}
[2012/06/06 13:10:21 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{13B87C11-FB71-43CD-8029-DF40029E137D}
[2012/06/06 13:10:08 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{CC8F2999-C6EC-41C2-9A9A-050AB4CF1ABE}
[2012/06/05 12:26:18 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{6315DDE6-162E-45D0-816F-E32C25D5FD0C}
[2012/06/05 12:24:42 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{9E040E56-185C-428B-9DD4-866879A87927}
[2012/06/04 12:19:31 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{2ED9CB6C-10FE-4456-9F19-907E39BE40B2}
[2012/06/04 12:19:18 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DDC5CD5B-49F0-4EFC-A5BC-5F96925A66C7}
[2012/06/03 16:20:47 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{31007099-B9AA-4D03-9BA0-E66F38E69AC6}
[2012/06/03 16:20:34 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{D5D3E8A0-8426-48A7-86E2-AD0906115417}
[2012/06/02 12:58:39 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{C4FD5831-CA24-4F4E-A3AC-ED00EE0CC5ED}
[2012/06/02 12:58:27 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{0BCE56C8-DC5E-4BC8-95EE-16625B42AE7F}
[2012/06/01 23:21:46 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{C3888708-6A4B-47FE-8758-19F83D954E2F}
[2012/06/01 11:21:20 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{A0FEB971-F4A3-4C09-B97D-BD6A0441F2A0}
[2012/06/01 11:21:07 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{4F05EA62-75F0-4D75-B9DA-7AD4D1101614}
[2012/05/31 21:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/05/31 21:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012/05/31 21:49:51 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2012/05/31 21:49:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012/05/31 12:49:26 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{B8DC9575-373E-4F6A-9D72-D50C71475BCE}
[2012/05/31 12:49:14 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{347BA266-4DEC-483E-B19D-A1BC0149C2F3}
[2012/05/30 08:49:01 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{42A821F5-35E5-41E4-A145-5955518A04CD}
[2012/05/30 08:48:48 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{2395E78A-BD1C-4289-A86F-2EC8952716F1}
[2012/05/29 20:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2012/05/29 10:53:43 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{3811D7A7-6281-4A27-80A2-2F5597037350}
[2012/05/29 10:53:10 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{E6385A85-E33B-4686-B7C4-F6465D4F53E2}
[2012/05/27 18:56:47 | 000,116,016 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\18720901.sys
[2012/05/27 13:57:10 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{6DF849BA-5A99-4D6E-95BA-0E2AE22D3585}
[2012/05/27 13:56:57 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{4BE7DD0F-5046-4A09-9B85-86418BCA3970}
[2012/05/25 12:38:22 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{2C84B04E-87A7-419F-AA6F-C63D6E17F4F7}
[2012/05/25 12:38:09 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{499AF48C-7555-4466-B491-55C5DC07CB8E}
[2012/05/24 15:17:05 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Roaming\System
[2012/05/24 11:03:05 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DEAD7B09-DA57-4BAE-A841-F21E67C7CC5A}
[2012/05/24 11:02:51 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DF8C6C73-3615-45AB-9773-1B152C9210B3}
[2012/05/22 11:33:21 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{D7A892FA-2909-47D6-B9F5-BEF70AC48D7D}
[2012/05/22 11:33:08 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{0C4D18A8-B0EE-42C4-88BD-DC48134E695C}
[2012/05/21 11:42:50 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{A0A507B2-36B3-4A5B-99D4-7B0C7EA65302}
[2012/05/21 11:42:39 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{BC18CE89-7843-4F42-86EC-01716242CE8D}
[2012/05/20 23:04:36 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{722C2EF9-7C5B-4C05-950D-194094F3F595}
[2012/05/20 23:04:24 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{29E5BEC5-F2DC-4806-9A1A-126210B3C228}
[2012/05/19 13:08:17 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{5C0A0C64-9A19-4918-B477-A5510AA0EE38}
[2012/05/19 13:08:05 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{D663333A-ED19-4859-89AE-E5EF138EC4C2}
[2012/05/18 19:57:29 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{B5AA328D-8445-4AF1-8546-F9EFDD7ABCB8}
[2012/05/18 19:57:16 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DFAABAC2-A3EA-4CF1-9DEC-2B3E03776D0A}
[2012/05/17 20:26:17 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{DB8A108C-5048-4D2B-8B71-9F80025D4705}
[2012/05/17 20:26:03 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{1E220F65-1F32-4D45-B4CF-47DEC2D39871}
[2012/05/17 11:01:23 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{B6655982-DCA7-42E6-8C36-7D4CE56AA245}
[2012/05/16 22:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/05/16 22:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/05/16 22:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/05/16 12:39:12 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{0326D363-90A2-4ACD-B0BF-C019F9EB5F08}
[2012/05/16 12:39:00 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{BD4DF713-20DA-49E3-BACA-AAB7F2502E77}
[2012/05/15 22:37:57 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{53216DF7-E13F-4148-8BF5-875A95236B18}
[2012/05/15 22:37:45 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{9EB13F55-BEAC-4709-95A4-A273876C3C98}
[2012/05/15 10:37:18 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{6469DCEF-2F66-494E-B8CA-0E2F90738C80}
[2012/05/15 10:37:06 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{0D0DD81E-0DB8-4DC1-A80F-F3560D65E4A3}
[2012/05/14 10:34:33 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{B2DC64F0-5889-4416-A7C8-1E70FCFDEED3}
[2012/05/14 10:34:20 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{8DB178BC-F1F1-427E-A1E0-6D74B3794B37}
[2012/05/13 12:27:17 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{A5EAA35A-11D0-4716-AA78-E9B74262F046}
[2012/05/13 12:26:53 | 000,000,000 | ---D | C] -- C:\Users\Jacob\AppData\Local\{46295A3A-F933-434A-98C6-515D695D005C}
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/11 21:40:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/11 21:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/11 21:06:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jacob\Desktop\OTL.exe
[2012/06/11 20:56:26 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/11 19:39:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/11 14:54:18 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/11 14:54:18 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/11 11:39:32 | 000,465,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/11 11:39:08 | 2140,495,871 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/07 21:06:11 | 000,007,626 | ---- | M] () -- C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg
[2012/05/31 21:49:56 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/05/27 18:56:47 | 000,116,016 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\18720901.sys
[2012/05/25 13:23:00 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/22 21:02:35 | 000,872,838 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/22 21:02:35 | 000,728,154 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/22 21:02:35 | 000,147,212 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/19 13:07:48 | 000,001,232 | RHS- | M] () -- C:\Users\Jacob\ntuser.pol
[2012/05/16 22:19:45 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/31 21:49:56 | 000,002,191 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012/05/31 21:49:56 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2012/05/31 15:27:17 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/25 13:23:00 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/16 22:19:45 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/07/08 15:54:02 | 000,000,285 | ---- | C] () -- C:\Users\Jacob\AppData\Roaming\Network Meter_Settings.ini
[2011/07/08 15:49:10 | 000,000,412 | ---- | C] () -- C:\Users\Jacob\AppData\Roaming\All CPU Meter_Settings.ini
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/01 01:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011/04/01 01:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/04/01 01:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011/03/02 20:51:39 | 000,007,626 | ---- | C] () -- C:\Users\Jacob\AppData\Local\Resmon.ResmonCfg
[2011/02/17 14:30:36 | 000,000,000 | ---- | C] () -- C:\Windows\Setup32.INI
[2010/10/24 15:25:02 | 000,869,058 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/10/11 20:08:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/25 11:53:59 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom24.dll
[2010/08/25 11:53:59 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes24.dll
[2010/07/19 16:11:17 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\drivers\pssPCI.sys

========== LOP Check ==========

[2011/09/02 13:09:21 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Audacity
[2010/01/14 00:20:41 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\OpenOffice.org
[2012/06/01 10:01:36 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\webex
[2010/01/17 22:03:03 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\.freeciv
[2011/11/16 16:45:58 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\.minecraft
[2010/09/17 23:20:07 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Amazon
[2011/01/09 17:12:15 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Atari
[2012/01/01 19:21:21 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Audacity
[2010/01/19 19:17:08 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/01/13 19:15:38 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\FreeOrion
[2011/03/17 17:27:49 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\GARMIN
[2009/12/22 13:33:35 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Leadertech
[2010/05/11 12:51:39 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\LEGO Company
[2010/01/24 01:10:53 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\OpenOffice.org
[2011/05/08 22:18:17 | 000,000,000 | ---D | M] -- C:\Users\Claude\AppData\Roaming\Windows Live Writer
[2012/06/01 15:20:11 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\.minecraft
[2010/08/16 12:06:55 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Amazon
[2009/12/22 15:57:17 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Atari
[2012/06/01 15:48:18 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Audacity
[2012/03/14 15:06:25 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Blender Foundation
[2010/12/26 01:23:55 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/10/12 13:35:57 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Elluminate
[2012/03/27 14:20:47 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\GameMaker
[2012/01/14 17:21:28 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\gtk-2.0
[2010/06/27 15:55:59 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Leadertech
[2010/05/11 16:57:40 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\LEGO Company
[2010/01/06 13:53:21 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\OpenOffice.org
[2010/12/29 22:50:43 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
[2012/05/25 13:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\System
[2011/09/08 21:34:21 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\webex
[2010/10/28 19:45:04 | 000,000,000 | ---D | M] -- C:\Users\Jacob\AppData\Roaming\Windows Live Writer
[2010/08/16 12:24:04 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\Amazon
[2009/12/22 14:05:16 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\Atari
[2011/09/06 19:43:41 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\Audacity
[2010/01/26 17:44:50 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\OpenOffice.org
[2011/08/24 13:38:49 | 000,000,000 | ---D | M] -- C:\Users\Kathy\AppData\Roaming\Windows Live Writer
[2012/03/01 00:36:47 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

[kalpow500]

Post 4/4 (Extras):

OTL Extras logfile created on: 6/11/2012 9:24:12 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Jacob\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 6.35 Gb Available Physical Memory | 79.46% Memory free
15.98 Gb Paging File | 13.16 Gb Available in Paging File | 82.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916.82 Gb Total Space | 664.10 Gb Free Space | 72.43% Space Free | Partition Type: NTFS
Drive D: | 654.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive K: | 931.51 Gb Total Space | 322.79 Gb Free Space | 34.65% Space Free | Partition Type: NTFS

Computer Name: JIMMY | User Name: Jacob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{014F5593-F848-4DC1-BA75-D3811BB87FA9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{01B80137-E00F-4ED0-9025-C8D8D2D93327}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{022E4108-E291-424A-931B-C657E74A6611}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0F5EE601-F025-4A59-9E51-EDAEC0FD5A5B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3B7F5CB1-520B-4C85-9204-25442B35CF16}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B8DF636-5D02-4C03-8764-865336481E73}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3D6BDF49-3EEF-4EB1-8B38-D5CFC8E4CE6D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3FA0BAA3-1847-4170-A262-959296120366}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{42A4B105-F447-4911-A68A-E3068FB8248F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{44C1E399-146B-482F-B5AE-BD0BA558D6E1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4D561096-4E9D-48EF-8ECB-9BA26986FC88}" = rport=137 | protocol=17 | dir=out | app=system |
"{4E5A10D0-F8F1-4154-962B-D3B24E00BFF8}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{5055C10E-B423-4D6D-9059-3F6F93C7EC38}" = rport=139 | protocol=6 | dir=out | app=system |
"{5695F4A4-F77D-4855-B710-75A1032F9AD1}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{5AC6E88D-92E4-430C-8806-CA3CF5E0F5A5}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{5E28D9CD-FEB3-4D54-8ECB-D9FF8D410510}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{618BE489-8671-4DCE-9B20-FEFF6D7A87B3}" = lport=138 | protocol=17 | dir=in | app=system |
"{619CEA90-2409-41DA-9314-0F97D56A4410}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{62A9B009-1500-429F-85D8-1B02B8648CA6}" = lport=445 | protocol=6 | dir=in | app=system |
"{63A80337-141E-4440-8A93-B10698145ED1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{77751DC2-0AF0-473C-9704-1BA8063B24F6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93F378BA-B8D8-4E78-84C9-20AD596B0861}" = lport=137 | protocol=17 | dir=in | app=system |
"{9A015DE2-FE0C-4681-BDB6-1219A176C59D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A91F1102-B9CB-43C7-8043-DED4B35452BF}" = lport=139 | protocol=6 | dir=in | app=system |
"{B2EACE1D-0F8D-45A5-9F56-8EF6E8F33AD3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9E7A37E-9E69-4012-AEB0-2008F192C40C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BABD905B-E38E-49EA-AC2E-911364D1563F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BD8B572B-9495-4590-BB4D-BA674CDC6523}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BE9F74E5-EEFE-4F62-9824-09A354608912}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{BF5C2DB1-B39C-428F-A31B-9F3FF1A91855}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CC543FA0-112B-459A-AE49-353F40756A26}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F3BA57B0-BAA0-42E5-B96E-10F3658F1715}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F72C5F04-1721-429D-AB85-6836FFA19331}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FA2CEB29-66F4-4383-851E-61CAF4FBB5BF}" = rport=445 | protocol=6 | dir=out | app=system |
"{FEE923BF-5AFD-4F5E-A89E-5EEEACC08F60}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F37BE74-26E1-4023-BAAE-8CDD5AE7B5A2}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{10545A9D-A995-4A34-9EE5-76E767C67B11}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{120E76D1-4046-4E8E-B793-F6A3A4C37781}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{15CB384B-686B-4474-B343-9AC5162C80D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1A07195C-5E02-4D20-81BF-58F140FAFC5C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{219F1551-B56B-463F-BC82-9BABAFE25F48}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\server.exe |
"{29E8442F-E3F2-44A3-8825-A86D1A19EC5A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{2C116B24-B110-4F52-83CF-5CD5A1BA8B79}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{314A5EFC-42D0-4D08-83B2-5DCD2FCC3496}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |
"{32B5DC08-04AA-4DB5-B524-A5D68D41955F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{32B698DD-994C-4AE0-B6DC-FD764B842E40}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3328E840-FE92-43E2-918A-9F844E17DF82}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{33E99F60-97A7-4465-BF92-7A035B5F6ADA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{363D2F8D-A1FB-4C40-B6BD-F562495DCFCD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{3B186C4A-2D43-4A53-AB5C-6E1E709603CA}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\rs2.1.5.1asms\rosetta stone.exe |
"{41B21B1C-2A54-4510-BBF3-10D201945EFE}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{42E72531-4208-44CB-A8CC-43FF62A63979}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4AB385BF-5EC5-46BC-BF2C-2F485C16682D}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\rs2.1.5.1asms\discover.exe |
"{4BE181AD-42DF-46FF-9CC7-E8EEB1870B5B}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\admin.exe |
"{4F29C3C2-55A6-4E90-8FE3-EE9BB1253DD3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{522E7F05-230F-420C-B50F-4C53D23B22F8}" = dir=in | app=d:\setup\hpznui40.exe |
"{53B7DE4F-55E0-4A73-B057-4629B99AC6E7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{5950A84C-20F3-4332-A96A-5A668746AF76}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59CF3B4E-2939-4C25-8B4A-1DF95089290C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{5DF87533-D88D-4C34-B063-B44A89D429A4}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{5F46FED5-1E0B-4097-91F7-EA5015AA3C20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{617C2182-B231-476D-BF4F-C2FD6CDEDB79}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{63F37F52-8D12-42F4-A26E-0D289FB6FB97}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6C0F0629-6CEC-47E9-B102-7762FC7B4139}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6CE24E39-7F70-484E-A66B-60A34B735FE7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{6D20C8CB-3D0F-4CCE-940B-29D6FDE22DD0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{71E49409-DEFD-45B0-AB10-CF7205A7A83E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{726C5697-03B2-4ACC-8983-7A0E40A1D157}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{7309112D-B20D-4727-8AD3-1FEF690B9E9C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{74867FA4-58B7-4CE7-B402-C773EF86C97D}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\rs2.1.5.1asms\rosetta stone.exe |
"{751EE113-AE8E-4904-BC8E-E0AA837D43F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{78170E84-0947-4A27-8B61-1C4207492628}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{79597585-2393-49E6-8A83-24D28A4EF7DE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7A230114-ED25-4CF2-B87A-B3432DDEF46A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{7FBD4346-0869-4420-9D1E-E7FFFC3790D1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3x.exe |
"{80860E22-BCFF-4D3A-9DBB-98039B7C5B47}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{86D73324-F83F-4018-BCA0-99986F52E4BE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
"{88733864-D88D-4B73-8E87-163A08D76693}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8976DE20-5E2C-449D-80DE-2D60D9D1ACB3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{89E30913-F123-49AF-B64C-F82C8350872D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{8FB93AC0-C2A3-4D69-BAC8-37A3633DFBC0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{9267CEA8-5EF1-4BB1-A720-11831BD44975}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9383D243-1256-4D77-B298-61D89400B1F2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{94C56E61-62E5-40B5-91F9-CFFD69A81229}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B2B1B57-8659-44CB-8FAA-1289AEEF479F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9D33E678-8F1A-4AA4-922E-D9FBE36760F1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{A4685342-7554-497F-8D79-AD83C38D3A61}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{A55F880F-E82A-4A5C-A57C-73F4C70245D7}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\admin.exe |
"{A7C35CD5-4F7B-430B-8169-260937D2D621}" = protocol=6 | dir=out | app=system |
"{A98F9B2B-0ABF-4C2D-9CBC-7A23FC97F498}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AD1F6C37-7072-4196-AEAF-14A00A20AE20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{AF389A0B-6E60-4D95-BDD8-F52DEDFD7806}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{B3C5415C-2C04-4892-BA13-D33805667F46}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B408FB9A-A507-458E-9979-13FBBC425B16}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B428ECC1-A9B9-44EC-994D-CEED96152F6B}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\rs2.1.5.1asms\discover.exe |
"{C0C5BB33-036C-4282-B6EE-4469FA8AECF2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{C8DF3017-6F59-497B-848C-2BA3D62E60FA}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\service\javasrvc.exe |
"{C9F241A9-1D6A-49F1-9928-1B258BF1175D}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{CA79DCBE-6CAF-468E-91C8-3EB25832D03D}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CC616D0D-008C-40D6-89BB-81ED78057C0E}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{CD49C092-3A87-4BD2-9812-4AE18AAE6927}" = protocol=17 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\service\javasrvc.exe |
"{D058C982-61A1-4FE6-AB63-095D41F15A57}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{D25ED021-FA4C-4D0C-8312-992EEC5F6141}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5A4DACF-8AC0-4ECE-A40A-EA723F5B3399}" = protocol=6 | dir=in | app=c:\program files (x86)\rosetta stone\sms v3.0.2hs\server.exe |
"{E310C71D-7E17-4B53-82C7-5967BBE0FC44}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E782468D-A138-4382-A6F7-1A7203493901}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E7A4C6AF-82AC-45F1-B83D-43E5FC8A3FB4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7B1A1B8-EEC7-4F33-A4E6-E189AED1485C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E970B853-703A-4B74-8040-D43DA2D47C29}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EB8E0F75-FEC7-434E-BDA1-5BBCD195538D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F001BFF3-FFD9-4A0B-8899-10F63BC9C9EE}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{FC6056B0-6D95-4F30-9A5F-5ED7E300771F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{FD4CC00F-5A76-432E-8069-869A3358B4CD}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FD919EC4-DAE7-4D06-BB75-390BADAC2CEE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\moon base alpha\binaries\win32\moonbasealphagame.exe |
"{FE0D9FB9-03CC-42EB-A168-81488776FA97}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0F7861E5-3B24-33CA-AECF-B5477194CEEB}" = Windows Phone Emulator x64 - ENU
"{129C5584-DB98-4A98-B28F-299C45E1E355}" = Microsoft Camera Codec Pack
"{181AC4C7-B83C-4B5F-B566-E19BF2472429}" = HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java™ 6 Update 26 (64-bit)
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{74E85F31-573F-45BF-8939-4D2BCDCC2083}" = LEGO MINDSTORMS NXT Driver for x64
"{8125F749-B244-4F7B-811E-532165C5F2D5}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}" = Microsoft Image Composite Editor
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C0C690C8-F335-4BA4-A2AD-675EAD1DFA90}" = Microsoft SQL Server 2008 Setup Support Files
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C3AF5BD8-30D5-41F5-AF61-705D98146B0F}" = Microsoft SQL Server 2008 Native Client
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{10ABE49D-343A-463E-9753-C4C5A05ECEF9}" = Sibelius Scorch (Firefox, Opera, Netscape only)
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1D4EE8FE-F31C-4258-9360-5B8B8309B14B}" = Adobe Premiere Elements 9 Content
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java™ 6 Update 26
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C3AB990-1F33-3D6B-9F34-8D5189FA04D3}" = Windows Phone 7 Add-in for Visual Studio 2010 - ENU
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37AB0223-AF54-49C5-92AA-BFC9648CD323}" = Adobe Premiere Elements 9 HD Content 3
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3CBBE028-978B-4876-ABC1-EF9ED6C20C4E}" = Adobe Premiere Elements 9 Content 2
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4BCDD100-3029-42C3-B7F7-4A0DA414861D}" = DietPower 4.4
"{4C5D15D2-5351-4F05-A96E-56C20554F977}" = RollerCoaster Tycoon 2 Triple Thrill Pack
"{4C6D5779-A766-45DF-9938-D6F595A66F2B}" = Microsoft Expression Blend 4
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{50D90C59-4F5C-48BC-AFB2-38475412F0CA}" = Adobe Premiere Elements 9 Content 1
"{53753510-7620-4D2B-9C0B-111F871615D9}" = LEGO MINDSTORMS NXT - English Language Pack
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy CD and DVD Burning
"{558358E5-E4F3-4374-BA1D-26FF39EF87D9}" = Microsoft Silverlight Tools for Visual Studio 2010
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5DDF31D2-63BB-4268-895B-FB05A82A1C00}" = Microsoft XNA Game Studio 4.0 Windows Phone Extensions
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)
"{5F9AAF4A-B9B0-489D-AE67-73470A4714FE}" = Adobe Premiere Elements 9 HD Content 1
"{612B5D2E-8084-4102-91DE-24281E4EFB2C}" = Roxio Easy CD and DVD Burning
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{69E11501-75F7-4ACE-8103-52513DDCFE26}" = Microsoft Expression Blend SDK for Windows Phone 7
"{6A905A05-964C-4F03-9A96-D34167807EC0}" = PS_AIO_06_C309g-m_SW_Min
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C1D47CC-682C-4673-8CA8-DEE659628599}" = LEGO MINDSTORMS NXT Migration Package
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A27AAF5-1FD6-48B4-95C4-7354A1C35455}" = C309g-m
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7DDC3624-C631-49D1-B281-82EC3A27AA7C}" = Adobe Premiere Elements 9 Content 3
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only)
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0696EB-C0F9-4B36-B0BC-71CC704FA768}" = Crazy Machines II + Demo
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{901C0409-6000-11D3-8CFE-0050048383C9}" = Microsoft Access 2002 Runtime
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96A7C590-0F47-437F-AAFC-6612960B744A}" = XML Explorer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A29C5DD5-B21E-474F-AA96-6A7FC0B2B248}" = Microsoft Expression Blend 4 Add-in for Adobe FXG Import
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{B86149D3-18A2-41FD-A153-60AF944E47FE}" = Microsoft Windows Phone 7 Developer Resources
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEFBEDDF-1417-4C8A-92FB-F003C0D41199}" = OpenOffice.org 3.2
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB263F8D-EF2D-4EB5-A368-A27056EE92D4}" = LEGO MINDSTORMS NXT Software v2.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFB91CB0-17D9-44EB-BFB2-5307AB7E7DDC}" = Microsoft Visual Studio 2010 Express for Windows Phone - ENU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{DAE449A1-A082-4E20-9694-5D680E969559}" = NVIDIA 3D Vision Video Player
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E240C78D-8F35-456A-8876-15FF6901B7E0}" = Adobe Premiere Elements 9 HD Content 2
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Adobe Premiere Elements 9 Content" = Adobe Premiere Elements 9 Content
"Adobe Premiere Elements 9 Content 1" = Adobe Premiere Elements 9 Content 1
"Adobe Premiere Elements 9 Content 2" = Adobe Premiere Elements 9 Content 2
"Adobe Premiere Elements 9 Content 3" = Adobe Premiere Elements 9 Content 3
"Adobe Premiere Elements 9 HD Content 1" = Adobe Premiere Elements 9 HD Content 1
"Adobe Premiere Elements 9 HD Content 2" = Adobe Premiere Elements 9 HD Content 2
"Adobe Premiere Elements 9 HD Content 3" = Adobe Premiere Elements 9 HD Content 3
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.15
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.10 (Unicode)
"Blend_4.0.20901.0" = Microsoft Expression Blend 4
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DietPower 4.4" = DietPower 4.4
"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows
"Game Maker 8.0" = Game Maker 8.0
"Higher Score on the ACT_is1" = Higher Score on the ACT
"Higher Score on the SAT/PSAT_is1" = Higher Score on the SAT/PSAT
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}" = Multimedia Card Reader
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft DirectX SDK (June 2010)" = Microsoft DirectX SDK (June 2010)
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Microsoft Visual Studio 2010 Express for Windows Phone - ENU" = Microsoft Windows Phone Developer Tools - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security
"New LEGO Digital Designer" = LEGO Digital Designer
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenAL" = OpenAL
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PremElem90" = Adobe Premiere Elements 9
"Rosetta Stone 2.1.5.1Asms" = Rosetta Stone 2.1.5.1Asms
"SongBaseXP" = SongBaseXP
"Steam App 11020" = TrackMania Nations Forever
"Steam App 39000" = Moonbase Alpha
"Steam App 400" = Portal
"Steam App 620" = Portal 2
"Student Management System v3.0.2hs" = Student Management System v3.0.2hs
"Thinkin' Science" = Thinkin' Science
"WinLiveSuite" = Windows Live Essentials
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2599251252-3821983390-1828043331-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle For PC" = Amazon Kindle For PC v1.1
"f031ef6ac137efc5" = Dell Driver Download Manager
"GameMaker81" = GameMaker 8.1

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 8:00:34 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 12:14:54 PM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 7:14:30 PM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/9/2012 7:49:05 PM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/10/2012 1:17:35 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 6/11/2012 11:40:56 AM | Computer Name = Jimmy | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ Media Center Events ]
Error - 8/17/2010 11:29:59 AM | Computer Name = Jimmy | Source = MCUpdate | ID = 0
Description = 11:29:57 AM - Error connecting to the internet. 11:29:57 AM - Unable
to contact server..

Error - 8/17/2010 12:30:31 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0
Description = 12:30:30 PM - Error connecting to the internet. 12:30:30 PM - Unable
to contact server..

Error - 8/17/2010 1:31:04 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0
Description = 1:31:02 PM - Error connecting to the internet. 1:31:02 PM - Unable
to contact server..

Error - 8/17/2010 2:31:35 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0
Description = 2:31:34 PM - Error connecting to the internet. 2:31:34 PM - Unable
to contact server..

Error - 1/27/2011 1:19:29 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0
Description = 12:19:24 PM - Failed to retrieve SportsSchedule (Error: The operation
has timed out)

Error - 4/26/2011 11:31:58 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0
Description = 11:31:58 PM - Error connecting to the internet. 11:31:58 PM - Unable
to contact server..

Error - 4/26/2011 11:32:32 PM | Computer Name = Jimmy | Source = MCUpdate | ID = 0
Description = 11:32:27 PM - Error connecting to the internet. 11:32:27 PM - Unable
to contact server..

[ System Events ]
Error - 6/9/2012 7:32:02 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 6/9/2012 7:33:51 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 6/9/2012 7:33:53 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 6/9/2012 11:46:07 PM | Computer Name = Jimmy | Source = DCOM | ID = 10010
Description =

Error - 6/10/2012 8:09:00 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 6/10/2012 8:09:00 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 6/10/2012 8:09:00 PM | Computer Name = Jimmy | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 6/11/2012 11:39:43 AM | Computer Name = Jimmy | Source = Service Control Manager | ID = 7000
Description = The SessionLauncher service failed to start due to the following error:
%%2

Error - 6/11/2012 11:39:55 AM | Computer Name = Jimmy | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
RxFilter

Error - 6/11/2012 11:40:45 AM | Computer Name = Jimmy | Source = DCOM | ID = 10016
Description =


< End of report >

[kalpow500]

Hi, some semi-great news! McAfee's real-time scanner found the trojan which was causing the redirects and quarantined it. It was this file: C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll
However, when I log on, Rundll32 asks where the file is (every time, checked after reboot). Is there any way I could fix this? Could the on-logon-run registry key be safely deleted via Autoruns? Thanks for your help!

[Maniac]

I already found the problein DDS log file. I'm work on it.

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  

  :OTL
  FF - prefs.js..browser.search.defaultenginename: "Secure Search"
  O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O4 - HKU\S-1-5-21-2599251252-3821983390-1828043331-1001..\Run: [Apps] C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll (Microsoft Corporation)
  
  :files
  C:\Users\Jacob\AppData\Local\DataSafeOnline
  
  :Commands
  [emptytemp]
  [clearallrestorepoints]

  
  
• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
  
• Please post the OTL fix log in your next reply.

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

[kalpow500]

Thank you so much! Is there anything else I should do? (this is probably a long shot) Any idea where/how the infection came from? Thanks for your help, here's the OTL fix log.

All processes killed
========== OTL ==========
Prefs.js: "Secure Search" removed from browser.search.defaultenginename
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2599251252-3821983390-1828043331-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Apps deleted successfully.
File C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps\rngpzjif.dll not found.
========== FILES ==========
C:\Users\Jacob\AppData\Local\DataSafeOnline\Apps folder moved successfully.
C:\Users\Jacob\AppData\Local\DataSafeOnline folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Christina
->Temp folder emptied: 96707325 bytes
->Temporary Internet Files folder emptied: 341068957 bytes
->Java cache emptied: 25605877 bytes
->FireFox cache emptied: 782319660 bytes
->Flash cache emptied: 281358 bytes

User: Claude
->Temp folder emptied: 572712506 bytes
->Temporary Internet Files folder emptied: 254369893 bytes
->Java cache emptied: 31266755 bytes
->FireFox cache emptied: 69304762 bytes
->Flash cache emptied: 46977 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jacob
->Temp folder emptied: 26491718 bytes
->Temporary Internet Files folder emptied: 814767858 bytes
->Java cache emptied: 44362801 bytes
->FireFox cache emptied: 983648601 bytes
->Flash cache emptied: 62497 bytes

User: Kathy
->Temp folder emptied: 351589761 bytes
->Temporary Internet Files folder emptied: 940653821 bytes
->Java cache emptied: 21945096 bytes
->FireFox cache emptied: 402249718 bytes
->Flash cache emptied: 20200 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 356352 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56476302 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67764 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 5,547.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.48.0 log created on 06132012_143658

Files\Folders moved on Reboot...
C:\Users\Jacob\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\hsperfdata_JIMMY$\3040 not found!

Registry entries deleted on Reboot...

[Maniac]

Usually because of low security measures. I will send you some malware prevention tips when we finish.

Okay, let's make additional scan:

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic

[kalpow500]

I'm not sure if this is the right log file as it looks a little blank. I tried peering about in other areas of the HDD, but this was the only log file from ESET I could find. Here's the log file:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

[Maniac]

Please compress the following folder: C:\_OTL and then attach this archive to http://www.4shared.com/ for example and send me the download link in PM.

Let me know how is your system now.

Thanks!

[kalpow500]

Hi, sorry about the delay between posts (there were problems with the upgrade to Java 7, a lot of programs seem to be broken now).
My system's doing great, though, thanks for all your help! (no abnormal problems)
Could I send you the folder via the built-in attatchment system on Malwarebytes? (it's only 4 KB)
Thanks!

[Maniac]

Okay, please attach it.

[Maniac]

How is your system now?

[kalpow500]

Good, thanks to your help.

[Maniac]

Glad I could help!

Please run OTL and click on CleanUp button. Next, uninstall ESET Online Scanner.

Some malware prevention tips:
http://forums.malwar...=0


Safe surfing!

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!