Solved: Internet Options in Control Panel missing

baffledUK · 01-Jul-2012, 09:58 PM #1

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 32 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, x64 Family 6 Model 23 Stepping 7
Processor Count: 4
RAM: 3070 Mb
Graphics Card: NVIDIA GeForce 7100 / NVIDIA nForce 630i, 256 Mb
Hard Drives: C: Total - 600238 MB, Free - 429472 MB;
Motherboard: Packard Bell BV, MCP73PVT-PM
Antivirus: ZoneAlarm Antivirus, Updated and Enabled.

Internet options missing from control panel, can't reinstall IE9

Please help,,,,I think I lost the above after Windows Update installed. Following is hijackthis log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:38:02, on 02/07/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
C:\Users\currys\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Users\currys\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENUS/110
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: script helper for ie - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\currys\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\currys\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/au...20090910103721
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/Driver...reqlab_nvd.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...?1322783446664
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn...Detection2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - http://www.nvidia.com/content/Driver...aSmartScan.cab
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - http://www.tescophoto.com/upload/act...eX_Control.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - (no CLSID) - (no file)
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Updater Service (IBUpdaterService) - Intel Corporation - (no file)
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe

--
End of file - 10126 bytes

**eddie5659** · 03-Jul-2012, 03:14 PM #2

Hiya and welcome to Tech Support Guy

Download Security Check from here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediatly.

Download and scan with SUPERAntiSpyware Free Edition for Home Users

Double-click SUPERAntiSpyware.exe and use the default settings for installation.
An icon will be created on your desktop. Double-click that icon to launch the program.
If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
Under "Configuration and Preferences", click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked (leave all others unchecked):
- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.
Click the "Home" button to leave the control center screen.
On the right, under "Complete Scan", choose Perform Complete Scan.
Click Scan your computer.
On the left, select all fixed drives.
Click "Start Complete Scan" to start the scan. Please be patient while it scans your computer.
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "Continue".
Make sure everything has a checkmark next to it and click "Next".
A notification will appear that "Quarantine and Removal is Complete". Click "Remove Threats" and then click the "Finish" button to return to the main menu.
If asked if you want to reboot, click "Yes".
To retrieve the removal information after reboot, launch SUPERAntispyware again.
- [i][color=green]Click View Scan Logs.
- Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
- If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
- Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Please include the MBAM log and, SUPERAntiSpyware Scan Log, checkup.txt and a fresh HijackThis log in your next reply

eddie

baffledUK · 04-Jul-2012, 07:26 PM #3

Thanks Eddie
Results of screen317's Security Check version 0.99.42
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
ZoneAlarm Antivirus
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.61.0.1400
TuneUp Utilities Language Pack (en-GB)
CCleaner
TweakNow RegCleaner 2011
SlimCleaner
AML Free Registry Cleaner 4.20
Advanced Disk Cleaner
Auslogics Registry Cleaner
Java(TM) 6 Update 17
Java(TM) 6 Update 22
Java version out of Date!
Adobe Flash Player 11.3.300.262
Adobe Reader 8 Adobe Reader out of Date!
Adobe Reader X (10.1.3)
Mozilla Firefox (14.0)
Google Chrome 19.0.1084.56
Google Chrome 20.0.1132.47
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm zatray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````

alwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.03.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19222
currys :: EAMONNS [administrator]

Protection: Disabled

04/07/2012 00:47:50
mbam-log-2012-07-04 (00-47-50).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 420655
Time elapsed: 1 hour(s), 27 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

PERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/04/2012 at 01:55 PM

Application Version : 5.5.1006

Core Rules Database Version : 8844
Trace Rules Database Version: 6656

Scan type : Complete Scan
Total Scan Time : 01:44:57

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 682
Memory threats detected : 0
Registry items scanned : 35280
Registry threats detected : 10
File items scanned : 243217
File threats detected : 54

PUP.bProtector
HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\Main#bProtector Start Page [ http://www.google.co.uks-hp/ ]
HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes#bProtectorDefaultScope [ {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} ]
HKLM\System\CurrentControlSet\Services\bProtector
HKLM\System\CurrentControlSet\Services\bProtector#Type
HKLM\System\CurrentControlSet\Services\bProtector#Start
HKLM\System\CurrentControlSet\Services\bProtector#ErrorControl
HKLM\System\CurrentControlSet\Services\bProtector#DisplayName
HKLM\System\CurrentControlSet\Services\bProtector#ObjectName
HKLM\System\CurrentControlSet\Services\bProtector#Description
HKLM\System\CurrentControlSet\Services\bProtector#FailureActions

Adware.Tracking Cookie
.invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
accounts.youtube.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
accounts.google.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.apmebf.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
adserver.zonemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
adserver.zonemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.gostats.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.gostats.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.stats.ilivid.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.collective-media.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.collective-media.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.interclick.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.interclick.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.interclick.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.gostats.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.pro-market.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\C OOKIES.SQLITE ]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:10:06, on 04/07/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
C:\Users\currys\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENUS/110
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: script helper for ie - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\currys\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/au...20090910103721
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/Driver...reqlab_nvd.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/...?1322783446664
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn...Detection2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - http://www.nvidia.com/content/Driver...aSmartScan.cab
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - http://www.tescophoto.com/upload/act...eX_Control.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - (no CLSID) - (no file)
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Updater Service (IBUpdaterService) - Intel Corporation - (no file)
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe

--
End of file - 10017 bytes
Thanks for your help really appreciated, hope I have done all you asked.

**eddie5659** · 05-Jul-2012, 05:28 PM #4

Yep, the logs are all correct

--------

Uninstall these programs because they're not needed or are outdated or are dangerous to use.
If any can't be installed, let me know, but carry on with the rest of the uninstall and the programs below. We can look at any that couldn't be uninstalled later

Optimizers, boosters, cleaners, etc. are basically useless and a waste of money and can do more harm than good

Reading these links might also put you off such progs:

http://miekiemoes.blogspot.com/2008/...eaking_13.html

http://www.edbott.com/weblog/?p=643

TweakNow RegCleaner 2011
AML Free Registry Cleaner 4.20
SlimCleaner

-----------

Your Java is out of date, so lets do that next:

Upgrade Java : (32 bits)

Download the latest version of Java SE Runtime Environment (JRE) JRE 7 Update 5 .
Under the JAVA Platform Standard Edition, click the "Download JRE" button to the right.
Accept License Agreement.[/b]".
Click on the link to download Windows Offline Installation 32 bit ( jre-7u5-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.(Vista or Win 7 users, right click on the jre-7u5-windows-i586.exe and select "Run as an Administrator.")

After doing the above, for the remains of the Java, can you do this:

Open Java in the Control Panel and under the General tab, under Temporary Internet Files, click the Settings button. Then click on Delete Files.

Make sure both of these options are checked:

Applications and Applets
Trace and Log Files

OK out of all the screens.

-----------------

You also have two versions of Adobe Reader:

Adobe Reader 8
Adobe Reader X (10.1.3)

Uninstall Adobe Reader 8, as this is the older version, and won't be patched fully, which can leave you open to any malicious files out there.

-----------------

Can you run the following tools, and copy/paste the logs that they produce here. If its over a few posts, that's fine

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply

--------------------------

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

-------------------------

Delete any copies of Combofix that you have.

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
- Remember to re-enable the protection again afterwards before connecting to the Internet.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

eddie

baffledUK · 06-Jul-2012, 08:43 AM #5

Thanks Eddie
10:41:52.0652 2536 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
10:41:54.0655 2536 ============================================================
10:41:54.0655 2536 Current date / time: 2012/07/06 10:41:54.0655
10:41:54.0655 2536 SystemInfo:
10:41:54.0655 2536
10:41:54.0655 2536 OS Version: 6.0.6002 ServicePack: 2.0
10:41:54.0655 2536 Product type: Workstation
10:41:54.0656 2536 ComputerName: EAMONNS
10:41:54.0656 2536 UserName: currys
10:41:54.0656 2536 Windows directory: C:\Windows
10:41:54.0656 2536 System windows directory: C:\Windows
10:41:54.0656 2536 Processor architecture: Intel x86
10:41:54.0656 2536 Number of processors: 4
10:41:54.0656 2536 Page size: 0x1000
10:41:54.0656 2536 Boot type: Normal boot
10:41:54.0656 2536 ============================================================
10:42:01.0665 2536 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:42:01.0777 2536 ============================================================
10:42:01.0777 2536 \Device\Harddisk0\DR0:
10:42:01.0777 2536 MBR partitions:
10:42:01.0777 2536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x494572B0
10:42:01.0777 2536 ============================================================
10:42:01.0809 2536 C: <-> \Device\Harddisk0\DR0\Partition0
10:42:01.0809 2536 ============================================================
10:42:01.0809 2536 Initialize success
10:42:01.0809 2536 ============================================================
10:43:06.0037 1384 ============================================================
10:43:06.0038 1384 Scan started
10:43:06.0038 1384 Mode: Manual; SigCheck;
10:43:06.0038 1384 ============================================================
10:43:06.0819 1384 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:43:06.0951 1384 !SASCORE - ok
10:43:07.0384 1384 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:43:07.0466 1384 ACPI - ok
10:43:07.0831 1384 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
10:43:07.0859 1384 AdobeActiveFileMonitor6.0 - ok
10:43:07.0968 1384 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:43:07.0993 1384 AdobeARMservice - ok
10:43:08.0374 1384 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:43:08.0392 1384 AdobeFlashPlayerUpdateSvc - ok
10:43:08.0459 1384 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:43:08.0493 1384 adp94xx - ok
10:43:08.0548 1384 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:43:08.0585 1384 adpahci - ok
10:43:08.0795 1384 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:43:08.0813 1384 adpu160m - ok
10:43:08.0838 1384 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:43:08.0864 1384 adpu320 - ok
10:43:09.0313 1384 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
10:43:09.0358 1384 AdvancedSystemCareService5 - ok
10:43:09.0413 1384 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:43:09.0471 1384 AeLookupSvc - ok
10:43:09.0494 1384 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
10:43:09.0549 1384 AFD - ok
10:43:09.0571 1384 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:43:09.0588 1384 agp440 - ok
10:43:09.0621 1384 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:43:09.0638 1384 aic78xx - ok
10:43:09.0653 1384 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:43:09.0707 1384 ALG - ok
10:43:09.0719 1384 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:43:09.0735 1384 aliide - ok
10:43:09.0747 1384 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:43:09.0765 1384 amdagp - ok
10:43:09.0782 1384 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:43:09.0799 1384 amdide - ok
10:43:09.0809 1384 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:43:09.0843 1384 AmdK7 - ok
10:43:09.0860 1384 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:43:09.0897 1384 AmdK8 - ok
10:43:10.0034 1384 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:43:10.0110 1384 AntiVirSchedulerService - ok
10:43:10.0130 1384 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:43:10.0158 1384 AntiVirService - ok
10:43:10.0274 1384 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:43:10.0321 1384 Appinfo - ok
10:43:10.0353 1384 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:43:10.0369 1384 arc - ok
10:43:10.0387 1384 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:43:10.0406 1384 arcsas - ok
10:43:10.0525 1384 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:43:10.0555 1384 aspnet_state - ok
10:43:10.0562 1384 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:43:10.0613 1384 AsyncMac - ok
10:43:10.0635 1384 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:43:10.0659 1384 atapi - ok
10:43:10.0689 1384 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:43:10.0731 1384 AudioEndpointBuilder - ok
10:43:10.0736 1384 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:43:10.0769 1384 Audiosrv - ok
10:43:10.0787 1384 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
10:43:10.0864 1384 avgntflt - ok
10:43:10.0891 1384 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
10:43:10.0925 1384 avipbb - ok
10:43:10.0943 1384 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
10:43:10.0966 1384 avkmgr - ok
10:43:11.0007 1384 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:43:11.0062 1384 Beep - ok
10:43:11.0116 1384 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:43:11.0189 1384 BFE - ok
10:43:11.0241 1384 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:43:11.0312 1384 BITS - ok
10:43:11.0321 1384 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:43:11.0366 1384 blbdrive - ok
10:43:11.0444 1384 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
10:43:11.0471 1384 Bonjour Service - ok
10:43:11.0498 1384 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
10:43:11.0550 1384 bowser - ok
10:43:11.0565 1384 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:43:11.0603 1384 BrFiltLo - ok
10:43:11.0614 1384 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:43:11.0646 1384 BrFiltUp - ok
10:43:11.0669 1384 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:43:11.0723 1384 Browser - ok
10:43:11.0735 1384 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:43:11.0881 1384 Brserid - ok
10:43:11.0893 1384 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:43:11.0944 1384 BrSerWdm - ok
10:43:11.0969 1384 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:43:12.0023 1384 BrUsbMdm - ok
10:43:12.0035 1384 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:43:12.0091 1384 BrUsbSer - ok
10:43:12.0107 1384 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:43:12.0166 1384 BTHMODEM - ok
10:43:12.0173 1384 catchme - ok
10:43:12.0191 1384 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:43:12.0229 1384 cdfs - ok
10:43:12.0250 1384 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:43:12.0297 1384 cdrom - ok
10:43:12.0320 1384 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:43:12.0349 1384 CertPropSvc - ok
10:43:12.0358 1384 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:43:12.0402 1384 circlass - ok
10:43:12.0443 1384 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:43:12.0476 1384 CLFS - ok
10:43:12.0527 1384 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:43:12.0545 1384 clr_optimization_v2.0.50727_32 - ok
10:43:12.0611 1384 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:43:12.0665 1384 clr_optimization_v4.0.30319_32 - ok
10:43:12.0706 1384 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:43:12.0723 1384 cmdide - ok
10:43:12.0741 1384 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
10:43:12.0790 1384 Compbatt - ok
10:43:12.0795 1384 COMSysApp - ok
10:43:12.0825 1384 cpuz134 - ok
10:43:12.0836 1384 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:43:12.0859 1384 crcdisk - ok
10:43:12.0873 1384 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:43:12.0910 1384 Crusoe - ok
10:43:12.0944 1384 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
10:43:13.0002 1384 CryptSvc - ok
10:43:13.0049 1384 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:43:13.0108 1384 DcomLaunch - ok
10:43:13.0125 1384 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
10:43:13.0174 1384 DfsC - ok
10:43:13.0287 1384 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:43:13.0368 1384 DFSR - ok
10:43:13.0477 1384 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:43:13.0513 1384 Dhcp - ok
10:43:13.0536 1384 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:43:13.0563 1384 disk - ok
10:43:13.0586 1384 Dnscache (30a08728740e71947ae1e073b5ce69b4) C:\Windows\System32\dnsrslvr.dll
10:43:13.0621 1384 Dnscache - ok
10:43:13.0643 1384 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:43:13.0689 1384 dot3svc - ok
10:43:13.0711 1384 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
10:43:13.0775 1384 Dot4 - ok
10:43:13.0790 1384 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:43:13.0839 1384 Dot4Print - ok
10:43:13.0849 1384 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
10:43:13.0894 1384 dot4usb - ok
10:43:13.0910 1384 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:43:13.0953 1384 DPS - ok
10:43:13.0982 1384 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:43:14.0014 1384 drmkaud - ok
10:43:14.0055 1384 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
10:43:14.0107 1384 DXGKrnl - ok
10:43:14.0130 1384 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:43:14.0168 1384 E1G60 - ok
10:43:14.0196 1384 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:43:14.0245 1384 EapHost - ok
10:43:14.0276 1384 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:43:14.0311 1384 Ecache - ok
10:43:14.0352 1384 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
10:43:14.0405 1384 ehRecvr - ok
10:43:14.0442 1384 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
10:43:14.0493 1384 ehSched - ok
10:43:14.0506 1384 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
10:43:14.0537 1384 ehstart - ok
10:43:14.0577 1384 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:43:14.0610 1384 elxstor - ok
10:43:14.0652 1384 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:43:14.0725 1384 EMDMgmt - ok
10:43:14.0735 1384 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:43:14.0772 1384 ErrDev - ok
10:43:14.0819 1384 ETService (23112102bc2a8fe44b8ac44a05bdf4c3) C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
10:43:14.0845 1384 ETService ( UnsignedFile.Multi.Generic ) - warning
10:43:14.0845 1384 ETService - detected UnsignedFile.Multi.Generic (1)
10:43:14.0869 1384 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:43:14.0906 1384 EventSystem - ok
10:43:14.0924 1384 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:43:14.0988 1384 exfat - ok
10:43:15.0011 1384 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
10:43:15.0039 1384 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
10:43:15.0039 1384 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
10:43:15.0067 1384 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:43:15.0124 1384 fastfat - ok
10:43:15.0149 1384 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:43:15.0183 1384 fdc - ok
10:43:15.0218 1384 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:43:15.0275 1384 fdPHost - ok
10:43:15.0280 1384 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:43:15.0348 1384 FDResPub - ok
10:43:15.0361 1384 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:43:15.0386 1384 FileInfo - ok
10:43:15.0397 1384 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:43:15.0433 1384 Filetrace - ok
10:43:15.0504 1384 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:43:15.0565 1384 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:43:15.0565 1384 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:43:15.0577 1384 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:43:15.0616 1384 flpydisk - ok
10:43:15.0642 1384 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:43:15.0675 1384 FltMgr - ok
10:43:15.0780 1384 FontCache (d49705f25390265cad9b620f55ea968c) C:\Windows\system32\FntCache.dll
10:43:15.0849 1384 FontCache - ok
10:43:15.0921 1384 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:43:15.0938 1384 FontCache3.0.0.0 - ok
10:43:15.0967 1384 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
10:43:15.0981 1384 fssfltr - ok
10:43:16.0140 1384 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:43:16.0220 1384 fsssvc - ok
10:43:16.0326 1384 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:43:16.0392 1384 Fs_Rec - ok
10:43:16.0404 1384 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:43:16.0422 1384 gagp30kx - ok
10:43:16.0451 1384 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:43:16.0471 1384 GEARAspiWDM - ok
10:43:16.0530 1384 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:43:16.0548 1384 GoogleDesktopManager-051210-111108 - ok
10:43:16.0554 1384 GoogleDesktopManager-110309-193829 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:43:16.0570 1384 GoogleDesktopManager-110309-193829 - ok
10:43:16.0595 1384 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
10:43:16.0610 1384 GoToAssist - ok
10:43:16.0654 1384 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:43:16.0736 1384 gpsvc - ok
10:43:16.0760 1384 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:43:16.0775 1384 gupdate - ok
10:43:16.0779 1384 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:43:16.0796 1384 gupdatem - ok
10:43:16.0818 1384 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:43:16.0854 1384 gusvc - ok
10:43:16.0907 1384 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
10:43:16.0957 1384 HdAudAddService - ok
10:43:17.0036 1384 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:43:17.0090 1384 HDAudBus - ok
10:43:17.0118 1384 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:43:17.0171 1384 HidBth - ok
10:43:17.0185 1384 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:43:17.0242 1384 HidIr - ok
10:43:17.0256 1384 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:43:17.0289 1384 hidserv - ok
10:43:17.0305 1384 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:43:17.0364 1384 HidUsb - ok
10:43:17.0383 1384 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:43:17.0429 1384 hkmsvc - ok
10:43:17.0446 1384 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:43:17.0462 1384 HpCISSs - ok
10:43:17.0528 1384 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:43:17.0552 1384 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:43:17.0552 1384 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:43:17.0568 1384 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:43:17.0590 1384 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:43:17.0590 1384 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:43:17.0637 1384 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
10:43:17.0703 1384 HTTP - ok
10:43:17.0717 1384 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:43:17.0733 1384 i2omp - ok
10:43:17.0745 1384 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:43:17.0783 1384 i8042prt - ok
10:43:17.0810 1384 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:43:17.0834 1384 iaStorV - ok
10:43:17.0916 1384 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:43:17.0962 1384 idsvc - ok
10:43:17.0985 1384 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:43:17.0999 1384 iirsp - ok
10:43:18.0053 1384 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:43:18.0101 1384 IKEEXT - ok
10:43:18.0127 1384 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
10:43:18.0153 1384 int15 - ok
10:43:18.0341 1384 IntcAzAudAddService (bfcd7edc663f513e7c4a0b9400e58c70) C:\Windows\system32\drivers\RTKVHDA.sys
10:43:18.0512 1384 IntcAzAudAddService - ok
10:43:18.0590 1384 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:43:18.0607 1384 intelide - ok
10:43:18.0617 1384 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:43:18.0655 1384 intelppm - ok
10:43:18.0677 1384 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:43:18.0728 1384 IPBusEnum - ok
10:43:18.0743 1384 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:43:18.0789 1384 IpFilterDriver - ok
10:43:18.0829 1384 iphlpsvc (7f83b06a929a981bc001b2ea304d2036) C:\Windows\System32\iphlpsvc.dll
10:43:18.0871 1384 iphlpsvc - ok
10:43:18.0875 1384 IpInIp - ok
10:43:18.0894 1384 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:43:18.0937 1384 IPMIDRV - ok
10:43:18.0956 1384 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:43:19.0020 1384 IPNAT - ok
10:43:19.0037 1384 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:43:19.0076 1384 IRENUM - ok
10:43:19.0090 1384 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:43:19.0106 1384 isapnp - ok
10:43:19.0137 1384 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:43:19.0156 1384 iScsiPrt - ok
10:43:19.0199 1384 ISWKL (ee8bed092a58a4faeb08dc140729189e) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
10:43:19.0222 1384 ISWKL - ok
10:43:19.0259 1384 IswSvc (aa7fd6a7532ef23fdcfc030195c148f9) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
10:43:19.0291 1384 IswSvc - ok
10:43:19.0303 1384 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:43:19.0320 1384 iteatapi - ok
10:43:19.0333 1384 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:43:19.0349 1384 iteraid - ok
10:43:19.0373 1384 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:43:19.0396 1384 kbdclass - ok
10:43:19.0403 1384 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
10:43:19.0462 1384 kbdhid - ok
10:43:19.0475 1384 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:43:19.0510 1384 KeyIso - ok
10:43:19.0538 1384 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
10:43:19.0562 1384 KL1 - ok
10:43:19.0577 1384 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
10:43:19.0598 1384 kl2 - ok
10:43:19.0639 1384 KLIF (46fa00bef951762919b66269371c22af) C:\Windows\system32\DRIVERS\klif.sys
10:43:19.0682 1384 KLIF - ok
10:43:19.0707 1384 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:43:19.0743 1384 KSecDD - ok
10:43:19.0961 1384 KService (0423bc118534ec23a063e54ebca9b92d) C:\Program Files\Kontiki\KService.exe
10:43:20.0067 1384 KService - ok
10:43:20.0161 1384 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:43:20.0217 1384 KtmRm - ok
10:43:20.0245 1384 LanmanServer (43446f197c74ef2030f84b3a4f39d570) C:\Windows\system32\srvsvc.dll
10:43:20.0290 1384 LanmanServer - ok
10:43:20.0319 1384 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:43:20.0443 1384 LanmanWorkstation - ok
10:43:20.0478 1384 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:43:20.0542 1384 lltdio - ok
10:43:20.0580 1384 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:43:20.0635 1384 lltdsvc - ok
10:43:20.0649 1384 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:43:20.0705 1384 lmhosts - ok
10:43:20.0731 1384 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:43:20.0750 1384 LSI_FC - ok
10:43:20.0770 1384 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:43:20.0790 1384 LSI_SAS - ok
10:43:20.0811 1384 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:43:20.0834 1384 LSI_SCSI - ok
10:43:20.0859 1384 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:43:20.0920 1384 luafv - ok
10:43:20.0960 1384 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
10:43:20.0979 1384 MBAMProtector - ok
10:43:21.0091 1384 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:43:21.0120 1384 MBAMService - ok
10:43:21.0179 1384 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
10:43:21.0216 1384 McciCMService ( UnsignedFile.Multi.Generic ) - warning
10:43:21.0216 1384 McciCMService - detected UnsignedFile.Multi.Generic (1)
10:43:21.0256 1384 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
10:43:21.0288 1384 Mcx2Svc - ok
10:43:21.0313 1384 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:43:21.0328 1384 megasas - ok
10:43:21.0353 1384 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:43:21.0386 1384 MegaSR - ok
10:43:21.0412 1384 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:43:21.0463 1384 MMCSS - ok
10:43:21.0474 1384 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:43:21.0508 1384 Modem - ok
10:43:21.0519 1384 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:43:21.0554 1384 monitor - ok
10:43:21.0570 1384 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:43:21.0594 1384 mouclass - ok
10:43:21.0606 1384 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:43:21.0659 1384 mouhid - ok
10:43:21.0675 1384 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:43:21.0698 1384 MountMgr - ok
10:43:21.0735 1384 MozillaMaintenance (166f0cbff55d16552161c154317287ca) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:43:21.0753 1384 MozillaMaintenance - ok
10:43:21.0788 1384 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
10:43:21.0824 1384 MpFilter - ok
10:43:21.0845 1384 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:43:21.0862 1384 mpio - ok
10:43:21.0876 1384 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:43:21.0920 1384 mpsdrv - ok
10:43:21.0960 1384 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:43:21.0997 1384 MpsSvc - ok
10:43:22.0029 1384 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:43:22.0045 1384 Mraid35x - ok
10:43:22.0094 1384 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:43:22.0122 1384 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
10:43:22.0122 1384 MREMP50 - detected UnsignedFile.Multi.Generic (1)
10:43:22.0126 1384 MREMPR5 - ok
10:43:22.0133 1384 MRENDIS5 - ok
10:43:22.0162 1384 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:43:22.0174 1384 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
10:43:22.0174 1384 MRESP50 - detected UnsignedFile.Multi.Generic (1)
10:43:22.0202 1384 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:43:22.0227 1384 MRxDAV - ok
10:43:22.0254 1384 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:43:22.0301 1384 mrxsmb - ok
10:43:22.0323 1384 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:43:22.0376 1384 mrxsmb10 - ok
10:43:22.0384 1384 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:43:22.0438 1384 mrxsmb20 - ok
10:43:22.0450 1384 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:43:22.0467 1384 msahci - ok
10:43:22.0486 1384 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:43:22.0503 1384 msdsm - ok
10:43:22.0524 1384 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:43:22.0562 1384 MSDTC - ok
10:43:22.0581 1384 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:43:22.0623 1384 Msfs - ok
10:43:22.0636 1384 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:43:22.0660 1384 msisadrv - ok
10:43:22.0693 1384 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:43:22.0751 1384 MSiSCSI - ok
10:43:22.0756 1384 msiserver - ok
10:43:22.0791 1384 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:43:22.0828 1384 MSKSSRV - ok
10:43:22.0864 1384 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:43:22.0881 1384 MsMpSvc - ok
10:43:22.0892 1384 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:43:22.0930 1384 MSPCLOCK - ok
10:43:22.0935 1384 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:43:22.0992 1384 MSPQM - ok
10:43:23.0013 1384 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:43:23.0048 1384 MsRPC - ok
10:43:23.0057 1384 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:43:23.0075 1384 mssmbios - ok
10:43:23.0089 1384 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:43:23.0132 1384 MSTEE - ok
10:43:23.0139 1384 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:43:23.0165 1384 Mup - ok
10:43:23.0201 1384 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:43:23.0245 1384 napagent - ok
10:43:23.0276 1384 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:43:23.0302 1384 NativeWifiP - ok
10:43:23.0335 1384 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:43:23.0362 1384 NDIS - ok
10:43:23.0378 1384 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:43:23.0419 1384 NdisTapi - ok
10:43:23.0438 1384 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:43:23.0475 1384 Ndisuio - ok
10:43:23.0490 1384 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:43:23.0545 1384 NdisWan - ok
10:43:23.0562 1384 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:43:23.0600 1384 NDProxy - ok
10:43:23.0620 1384 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
10:43:23.0640 1384 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:43:23.0640 1384 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:43:23.0653 1384 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:43:23.0694 1384 NetBIOS - ok
10:43:23.0714 1384 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:43:23.0769 1384 netbt - ok
10:43:23.0800 1384 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:43:23.0825 1384 Netlogon - ok
10:43:23.0858 1384 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:43:23.0901 1384 Netman - ok
10:43:23.0958 1384 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:23.0993 1384 NetMsmqActivator - ok
10:43:23.0997 1384 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:24.0013 1384 NetPipeActivator - ok
10:43:24.0063 1384 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:43:24.0110 1384 netprofm - ok
10:43:24.0115 1384 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:24.0134 1384 NetTcpActivator - ok
10:43:24.0138 1384 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:24.0155 1384 NetTcpPortSharing - ok
10:43:24.0177 1384 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:43:24.0193 1384 nfrd960 - ok
10:43:24.0221 1384 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:43:24.0248 1384 NisDrv - ok
10:43:24.0308 1384 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
10:43:24.0335 1384 NisSrv - ok
10:43:24.0354 1384 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:43:24.0398 1384 NlaSvc - ok
10:43:24.0438 1384 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:43:24.0475 1384 Npfs - ok
10:43:24.0482 1384 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:43:24.0520 1384 nsi - ok
10:43:24.0533 1384 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:43:24.0584 1384 nsiproxy - ok
10:43:24.0663 1384 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:43:24.0725 1384 Ntfs - ok
10:43:24.0754 1384 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:43:24.0808 1384 ntrigdigi - ok
10:43:24.0819 1384 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:43:24.0859 1384 Null - ok
10:43:24.0888 1384 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
10:43:24.0921 1384 NVHDA - ok
10:43:25.0491 1384 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:43:25.0864 1384 nvlddmkm - ok
10:43:26.0079 1384 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:43:26.0097 1384 nvraid - ok
10:43:26.0115 1384 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:43:26.0131 1384 nvstor - ok
10:43:26.0158 1384 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
10:43:26.0175 1384 nvstor32 - ok
10:43:26.0226 1384 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
10:43:26.0256 1384 nvsvc - ok
10:43:26.0440 1384 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:43:26.0570 1384 nvUpdatusService - ok
10:43:26.0668 1384 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:43:26.0686 1384 nv_agp - ok
10:43:26.0690 1384 NwlnkFlt - ok
10:43:26.0697 1384 NwlnkFwd - ok
10:43:26.0719 1384 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:43:26.0780 1384 ohci1394 - ok
10:43:26.0829 1384 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:43:26.0862 1384 ose - ok
10:43:27.0168 1384 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:43:27.0377 1384 osppsvc - ok
10:43:27.0485 1384 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:43:27.0580 1384 p2pimsvc - ok
10:43:27.0589 1384 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:43:27.0623 1384 p2psvc - ok
10:43:27.0652 1384 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:43:27.0704 1384 Parport - ok
10:43:27.0731 1384 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
10:43:27.0769 1384 Partizan - ok
10:43:27.0790 1384 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:43:27.0820 1384 partmgr - ok
10:43:27.0830 1384 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:43:27.0881 1384 Parvdm - ok
10:43:27.0896 1384 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:43:27.0930 1384 PcaSvc - ok
10:43:27.0954 1384 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:43:27.0982 1384 pci - ok
10:43:27.0997 1384 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
10:43:28.0022 1384 pciide - ok
10:43:28.0044 1384 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:43:28.0070 1384 pcmcia - ok
10:43:28.0130 1384 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:43:28.0232 1384 PEAUTH - ok
10:43:28.0327 1384 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:43:28.0419 1384 pla - ok
10:43:28.0514 1384 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:43:28.0561 1384 PlugPlay - ok
10:43:28.0623 1384 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
10:43:28.0650 1384 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:43:28.0650 1384 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:43:28.0710 1384 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:43:28.0745 1384 PNRPAutoReg - ok
10:43:28.0752 1384 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:43:28.0789 1384 PNRPsvc - ok
10:43:28.0816 1384 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:43:28.0893 1384 PolicyAgent - ok
10:43:28.0920 1384 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:43:28.0970 1384 PptpMiniport - ok
10:43:28.0990 1384 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:43:29.0026 1384 Processor - ok
10:43:29.0037 1384 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:43:29.0077 1384 ProfSvc - ok
10:43:29.0092 1384 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:43:29.0116 1384 ProtectedStorage - ok
10:43:29.0142 1384 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:43:29.0189 1384 PSched - ok
10:43:29.0196 1384 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
10:43:29.0222 1384 PxHelp20 - ok
10:43:29.0292 1384 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:43:29.0357 1384 ql2300 - ok
10:43:29.0390 1384 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:43:29.0407 1384 ql40xx - ok
10:43:29.0441 1384 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:43:29.0483 1384 QWAVE - ok
10:43:29.0499 1384 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:43:29.0538 1384 QWAVEdrv - ok
10:43:29.0551 1384 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:43:29.0603 1384 RasAcd - ok
10:43:29.0620 1384 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:43:29.0671 1384 RasAuto - ok
10:43:29.0710 1384 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:43:29.0757 1384 Rasl2tp - ok
10:43:29.0824 1384 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:43:29.0864 1384 RasMan - ok
10:43:29.0879 1384 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:43:29.0920 1384 RasPppoe - ok
10:43:29.0950 1384 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:43:29.0981 1384 RasSstp - ok
10:43:30.0014 1384 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:43:30.0061 1384 rdbss - ok
10:43:30.0070 1384 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:43:30.0111 1384 RDPCDD - ok
10:43:30.0137 1384 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:43:30.0172 1384 rdpdr - ok
10:43:30.0177 1384 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:43:30.0227 1384 RDPENCDD - ok
10:43:30.0253 1384 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
10:43:30.0358 1384 RDPWD - ok
10:43:30.0371 1384 RegGuard (37ecebdd930395a9c399fb18a3c236d3) C:\Windows\system32\Drivers\regguard.sys
10:43:30.0403 1384 RegGuard - ok
10:43:30.0436 1384 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:43:30.0479 1384 RemoteAccess - ok
10:43:30.0495 1384 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:43:30.0539 1384 RemoteRegistry - ok
10:43:30.0554 1384 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:43:30.0607 1384 RpcLocator - ok
10:43:30.0640 1384 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:43:30.0678 1384 RpcSs - ok
10:43:30.0697 1384 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:43:30.0748 1384 rspndr - ok
10:43:30.0802 1384 RTL8169 (06992132cf20c3c1cba3f072c4086de8) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:43:30.0830 1384 RTL8169 - ok
10:43:30.0850 1384 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:43:30.0874 1384 SamSs - ok
10:43:30.0910 1384 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:43:30.0925 1384 SASDIFSV - ok
10:43:30.0943 1384 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:43:30.0958 1384 SASKUTIL - ok
10:43:30.0991 1384 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:43:31.0008 1384 sbp2port - ok
10:43:31.0096 1384 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
10:43:31.0167 1384 SBSDWSCService - ok
10:43:31.0189 1384 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:43:31.0237 1384 SCardSvr - ok
10:43:31.0277 1384 Schedule (323ae0bdfd2eb15b668dda50cc597329) C:\Windows\system32\schedsvc.dll
10:43:31.0364 1384 Schedule - ok
10:43:31.0386 1384 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:43:31.0416 1384 SCPolicySvc - ok
10:43:31.0439 1384 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:43:31.0486 1384 SDRSVC - ok
10:43:31.0524 1384 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:43:31.0594 1384 secdrv - ok
10:43:31.0605 1384 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:43:31.0644 1384 seclogon - ok
10:43:31.0656 1384 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:43:31.0694 1384 SENS - ok
10:43:31.0701 1384 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:43:31.0756 1384 Serenum - ok
10:43:31.0774 1384 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:43:31.0838 1384 Serial - ok
10:43:31.0857 1384 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:43:31.0899 1384 sermouse - ok
10:43:31.0917 1384 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:43:31.0960 1384 SessionEnv - ok
10:43:31.0973 1384 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:43:32.0010 1384 sffdisk - ok
10:43:32.0021 1384 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:43:32.0062 1384 sffp_mmc - ok
10:43:32.0082 1384 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:43:32.0123 1384 sffp_sd - ok
10:43:32.0136 1384 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:43:32.0186 1384 sfloppy - ok
10:43:32.0216 1384 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:43:32.0256 1384 SharedAccess - ok
10:43:32.0279 1384 ShellHWDetection (c818c44c201898399bf999bb6b35d4e3) C:\Windows\System32\shsvcs.dll
10:43:32.0323 1384 ShellHWDetection - ok
10:43:32.0333 1384 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:43:32.0349 1384 sisagp - ok
10:43:32.0363 1384 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:43:32.0380 1384 SiSRaid2 - ok
10:43:32.0392 1384 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:43:32.0409 1384 SiSRaid4 - ok
10:43:32.0645 1384 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:43:32.0790 1384 slsvc - ok
10:43:32.0860 1384 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:43:32.0898 1384 SLUINotify - ok
10:43:32.0937 1384 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
10:43:32.0957 1384 SmartDefragDriver - ok
10:43:32.0989 1384 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:43:33.0035 1384 Smb - ok
10:43:33.0057 1384 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:43:33.0090 1384 SNMPTRAP - ok
10:43:33.0105 1384 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:43:33.0131 1384 spldr - ok
10:43:33.0152 1384 Spooler (524bfbea40e6e404737ccbc754647a2e) C:\Windows\System32\spoolsv.exe
10:43:33.0190 1384 Spooler - ok
10:43:33.0211 1384 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
10:43:33.0256 1384 srv - ok
10:43:33.0284 1384 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
10:43:33.0337 1384 srv2 - ok
10:43:33.0363 1384 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
10:43:33.0402 1384 srvnet - ok
10:43:33.0414 1384 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:43:33.0458 1384 SSDPSRV - ok
10:43:33.0479 1384 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:43:33.0500 1384 ssmdrv - ok
10:43:33.0521 1384 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:43:33.0553 1384 SstpSvc - ok
10:43:33.0592 1384 Steam Client Service - ok
10:43:33.0620 1384 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
10:43:33.0667 1384 StillCam - ok
10:43:33.0696 1384 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:43:33.0748 1384 stisvc - ok
10:43:33.0772 1384 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:43:33.0795 1384 swenum - ok
10:43:33.0828 1384 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:43:33.0868 1384 swprv - ok
10:43:33.0881 1384 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:43:33.0897 1384 Symc8xx - ok
10:43:33.0912 1384 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:43:33.0928 1384 Sym_hi - ok
10:43:33.0944 1384 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:43:33.0961 1384 Sym_u3 - ok
10:43:34.0026 1384 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:43:34.0086 1384 SysMain - ok
10:43:34.0112 1384 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:43:34.0159 1384 TabletInputService - ok
10:43:34.0188 1384 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:43:34.0232 1384 TapiSrv - ok
10:43:34.0245 1384 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:43:34.0287 1384 TBS - ok
10:43:34.0355 1384 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys
10:43:34.0407 1384 Tcpip - ok
10:43:34.0422 1384 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys
10:43:34.0457 1384 Tcpip6 - ok
10:43:34.0485 1384 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys
10:43:34.0533 1384 tcpipreg - ok
10:43:34.0558 1384 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:43:34.0599 1384 TDPIPE - ok
10:43:34.0613 1384 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:43:34.0647 1384 TDTCP - ok
10:43:34.0678 1384 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:43:34.0716 1384 tdx - ok
10:43:34.0741 1384 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:43:34.0767 1384 TermDD - ok
10:43:34.0800 1384 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:43:34.0867 1384 TermService - ok
10:43:34.0891 1384 Themes (c818c44c201898399bf999bb6b35d4e3) C:\Windows\system32\shsvcs.dll
10:43:34.0923 1384 Themes - ok
10:43:34.0953 1384 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:43:34.0988 1384 THREADORDER - ok
10:43:35.0013 1384 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:43:35.0050 1384 TrkWks - ok
10:43:35.0096 1384 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:43:35.0141 1384 TrustedInstaller - ok
10:43:35.0154 1384 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:43:35.0191 1384 tssecsrv - ok
10:43:35.0200 1384 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:43:35.0251 1384 tunmp - ok
10:43:35.0258 1384 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
10:43:35.0305 1384 tunnel - ok
10:43:35.0318 1384 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:43:35.0335 1384 uagp35 - ok
10:43:35.0354 1384 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:43:35.0386 1384 udfs - ok
10:43:35.0409 1384 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:43:35.0461 1384 UI0Detect - ok
10:43:35.0477 1384 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:43:35.0496 1384 uliagpkx - ok
10:43:35.0515 1384 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:43:35.0540 1384 uliahci - ok
10:43:35.0555 1384 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:43:35.0575 1384 UlSata - ok
10:43:35.0588 1384 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:43:35.0615 1384 ulsata2 - ok
10:43:35.0625 1384 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:43:35.0666 1384 umbus - ok
10:43:35.0695 1384 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:43:35.0737 1384 upnphost - ok
10:43:35.0758 1384 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:43:35.0799 1384 usbccgp - ok
10:43:35.0818 1384 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:43:35.0868 1384 usbcir - ok
10:43:35.0888 1384 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:43:35.0929 1384 usbehci - ok
10:43:35.0952 1384 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:43:36.0030 1384 usbhub - ok
10:43:36.0045 1384 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
10:43:36.0089 1384 usbohci - ok
10:43:36.0102 1384 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:43:36.0144 1384 usbprint - ok
10:43:36.0163 1384 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:43:36.0207 1384 usbscan - ok
10:43:36.0221 1384 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:43:36.0259 1384 USBSTOR - ok
10:43:36.0269 1384 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:43:36.0311 1384 usbuhci - ok
10:43:36.0338 1384 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:43:36.0380 1384 UxSms - ok
10:43:36.0416 1384 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:43:36.0462 1384 vds - ok
10:43:36.0476 1384 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:43:36.0528 1384 vga - ok
10:43:36.0540 1384 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:43:36.0592 1384 VgaSave - ok
10:43:36.0603 1384 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:43:36.0620 1384 viaagp - ok
10:43:36.0636 1384 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:43:36.0671 1384 ViaC7 - ok
10:43:36.0677 1384 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:43:36.0696 1384 viaide - ok
10:43:36.0712 1384 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:43:36.0735 1384 volmgr - ok
10:43:36.0764 1384 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:43:36.0797 1384 volmgrx - ok
10:43:36.0814 1384 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:43:36.0843 1384 volsnap - ok
10:43:36.0884 1384 Vsdatant (6983d0bcac64c2d7460c2125f804f118) C:\Windows\system32\DRIVERS\vsdatant.sys
10:43:36.0915 1384 Vsdatant - ok
10:43:36.0920 1384 vsdatant7 - ok
10:43:36.0964 1384 vsmon - ok
10:43:37.0017 1384 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:43:37.0045 1384 vsmraid - ok
10:43:37.0112 1384 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:43:37.0198 1384 VSS - ok
10:43:37.0287 1384 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
10:43:37.0345 1384 vToolbarUpdater11.0.2 - ok
10:43:37.0455 1384 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:43:37.0491 1384 W32Time - ok
10:43:37.0532 1384 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:43:37.0592 1384 WacomPen - ok
10:43:37.0605 1384 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:43:37.0652 1384 Wanarp - ok
10:43:37.0655 1384 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:43:37.0686 1384 Wanarpv6 - ok
10:43:37.0716 1384 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:43:37.0760 1384 wcncsvc - ok
10:43:37.0782 1384 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:43:37.0823 1384 WcsPlugInService - ok
10:43:37.0835 1384 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:43:37.0858 1384 Wd - ok
10:43:37.0894 1384 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:43:37.0933 1384 Wdf01000 - ok
10:43:37.0968 1384 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:43:38.0011 1384 WdiServiceHost - ok
10:43:38.0016 1384 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:43:38.0053 1384 WdiSystemHost - ok
10:43:38.0081 1384 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:43:38.0108 1384 WebClient - ok
10:43:38.0120 1384 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
10:43:38.0166 1384 Wecsvc - ok
10:43:38.0175 1384 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:43:38.0219 1384 wercplsupport - ok
10:43:38.0239 1384 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:43:38.0271 1384 WerSvc - ok
10:43:38.0325 1384 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:43:38.0353 1384 WinDefend - ok
10:43:38.0364 1384 WinHttpAutoProxySvc - ok
10:43:38.0412 1384 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:43:38.0441 1384 Winmgmt - ok
10:43:38.0491 1384 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
10:43:38.0541 1384 WinRM - ok
10:43:38.0587 1384 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:43:38.0638 1384 Wlansvc - ok
10:43:38.0678 1384 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:43:38.0693 1384 wlcrasvc - ok
10:43:38.0812 1384 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:43:38.0889 1384 wlidsvc - ok
10:43:38.0982 1384 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:43:39.0046 1384 WmiAcpi - ok
10:43:39.0089 1384 WmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:43:39.0133 1384 WmiApSrv - ok
10:43:39.0237 1384 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:43:39.0300 1384 WMPNetworkSvc - ok
10:43:39.0318 1384 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:43:39.0368 1384 WPCSvc - ok
10:43:39.0380 1384 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:43:39.0423 1384 WPDBusEnum - ok
10:43:39.0527 1384 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:43:39.0570 1384 WPFFontCache_v0400 - ok
10:43:39.0598 1384 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:43:39.0643 1384 ws2ifsl - ok
10:43:39.0666 1384 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:43:39.0695 1384 wscsvc - ok
10:43:39.0700 1384 WSearch - ok
10:43:39.0820 1384 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
10:43:39.0902 1384 wuauserv - ok
10:43:39.0973 1384 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:43:40.0038 1384 wudfsvc - ok
10:43:40.0056 1384 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:43:40.0366 1384 \Device\Harddisk0\DR0 - ok
10:43:40.0370 1384 Boot (0x1200) (1564506fc0713d153b896ad06c0f6c1f) \Device\Harddisk0\DR0\Partition0
10:43:40.0371 1384 \Device\Harddisk0\DR0\Partition0 - ok
10:43:40.0372 1384 ============================================================
10:43:40.0372 1384 Scan finished
10:43:40.0372 1384 ============================================================
10:43:40.0390 2568 Detected object count: 10
10:43:40.0390 2568 Actual detected object count: 10
10:45:00.0676 2568 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0676 2568 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0680 2568 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0680 2568 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0683 2568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0683 2568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0685 2568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0685 2568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0687 2568 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0687 2568 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0690 2568 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0690 2568 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0693 2568 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0693 2568 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0696 2568 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0696 2568 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0698 2568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0698 2568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0700 2568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0700 2568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:43.0663 3304 ============================================================
10:45:43.0663 3304 Scan started
10:45:43.0663 3304 Mode: Manual; SigCheck;
10:45:43.0663 3304 ============================================================
10:45:44.0042 3304 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:45:44.0070 3304 !SASCORE - ok
10:45:44.0141 3304 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:45:44.0163 3304 ACPI - ok
10:45:44.0206 3304 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
10:45:44.0222 3304 AdobeActiveFileMonitor6.0 - ok
10:45:44.0258 3304 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:45:44.0273 3304 AdobeARMservice - ok
10:45:44.0319 3304 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:45:44.0337 3304 AdobeFlashPlayerUpdateSvc - ok
10:45:44.0376 3304 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:45:44.0400 3304 adp94xx - ok
10:45:44.0452 3304 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:45:44.0471 3304 adpahci - ok
10:45:44.0495 3304 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:45:44.0512 3304 adpu160m - ok
10:45:44.0528 3304 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:45:44.0545 3304 adpu320 - ok
10:45:44.0623 3304 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
10:45:44.0654 3304 AdvancedSystemCareService5 - ok
10:45:44.0687 3304 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:45:44.0717 3304 AeLookupSvc - ok
10:45:44.0743 3304 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
10:45:44.0774 3304 AFD - ok
10:45:44.0785 3304 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:45:44.0801 3304 agp440 - ok
10:45:44.0811 3304 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:45:44.0828 3304 aic78xx - ok
10:45:44.0844 3304 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:45:44.0876 3304 ALG - ok
10:45:44.0893 3304 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:45:44.0909 3304 aliide - ok
10:45:44.0935 3304 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:45:44.0951 3304 amdagp - ok
10:45:44.0981 3304 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:45:44.0996 3304 amdide - ok
10:45:45.0016 3304 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:45:45.0048 3304 AmdK7 - ok
10:45:45.0067 3304 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:45:45.0100 3304 AmdK8 - ok
10:45:45.0139 3304 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:45:45.0154 3304 AntiVirSchedulerService - ok
10:45:45.0178 3304 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:45:45.0194 3304 AntiVirService - ok
10:45:45.0218 3304 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:45:45.0242 3304 Appinfo - ok
10:45:45.0274 3304 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:45:45.0291 3304 arc - ok
10:45:45.0303 3304 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:45:45.0320 3304 arcsas - ok
10:45:45.0382 3304 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:45:45.0398 3304 aspnet_state - ok
10:45:45.0412 3304 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:45:45.0445 3304 AsyncMac - ok
10:45:45.0475 3304 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:45:45.0492 3304 atapi - ok
10:45:45.0520 3304 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:45:45.0555 3304 AudioEndpointBuilder - ok
10:45:45.0560 3304 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:45:45.0591 3304 Audiosrv - ok
10:45:45.0610 3304 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
10:45:45.0625 3304 avgntflt - ok
10:45:45.0648 3304 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
10:45:45.0663 3304 avipbb - ok
10:45:45.0675 3304 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
10:45:45.0690 3304 avkmgr - ok
10:45:45.0701 3304 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:45:45.0734 3304 Beep - ok
10:45:45.0764 3304 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:45:45.0799 3304 BFE - ok
10:45:45.0856 3304 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:45:45.0902 3304 BITS - ok
10:45:45.0934 3304 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:45:45.0976 3304 blbdrive - ok
10:45:46.0042 3304 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
10:45:46.0062 3304 Bonjour Service - ok
10:45:46.0088 3304 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
10:45:46.0121 3304 bowser - ok
10:45:46.0131 3304 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:45:46.0160 3304 BrFiltLo - ok
10:45:46.0171 3304 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:45:46.0199 3304 BrFiltUp - ok
10:45:46.0218 3304 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:45:46.0253 3304 Browser - ok
10:45:46.0267 3304 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:45:46.0316 3304 Brserid - ok
10:45:46.0325 3304 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:45:46.0375 3304 BrSerWdm - ok
10:45:46.0385 3304 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:45:46.0434 3304 BrUsbMdm - ok
10:45:46.0450 3304 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:45:46.0499 3304 BrUsbSer - ok
10:45:46.0514 3304 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:45:46.0563 3304 BTHMODEM - ok
10:45:46.0572 3304 catchme - ok
10:45:46.0590 3304 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:45:46.0626 3304 cdfs - ok
10:45:46.0648 3304 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:45:46.0678 3304 cdrom - ok
10:45:46.0702 3304 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:45:46.0730 3304 CertPropSvc - ok
10:45:46.0748 3304 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:45:46.0781 3304 circlass - ok
10:45:46.0808 3304 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:45:46.0828 3304 CLFS - ok
10:45:46.0875 3304 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:45:46.0892 3304 clr_optimization_v2.0.50727_32 - ok
10:45:46.0943 3304 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:45:46.0969 3304 clr_optimization_v4.0.30319_32 - ok
10:45:46.0998 3304 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:45:47.0013 3304 cmdide - ok
10:45:47.0023 3304 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
10:45:47.0038 3304 Compbatt - ok
10:45:47.0043 3304 COMSysApp - ok
10:45:47.0050 3304 cpuz134 - ok
10:45:47.0076 3304 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:45:47.0091 3304 crcdisk - ok
10:45:47.0105 3304 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:45:47.0139 3304 Crusoe - ok
10:45:47.0171 3304 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
10:45:47.0200 3304 CryptSvc - ok
10:45:47.0264 3304 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:45:47.0320 3304 DcomLaunch - ok
10:45:47.0340 3304 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
10:45:47.0369 3304 DfsC - ok
10:45:47.0486 3304 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:45:47.0581 3304 DFSR - ok
10:45:47.0667 3304 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:45:47.0699 3304 Dhcp - ok
10:45:47.0726 3304 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:45:47.0744 3304 disk - ok
10:45:47.0768 3304 Dnscache (30a08728740e71947ae1e073b5ce69b4) C:\Windows\System32\dnsrslvr.dll
10:45:47.0800 3304 Dnscache - ok
10:45:47.0825 3304 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:45:47.0855 3304 dot3svc - ok
10:45:47.0877 3304 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
10:45:47.0911 3304 Dot4 - ok
10:45:47.0922 3304 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:45:47.0957 3304 Dot4Print - ok
10:45:47.0981 3304 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
10:45:48.0013 3304 dot4usb - ok
10:45:48.0026 3304 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:45:48.0062 3304 DPS - ok
10:45:48.0080 3304 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:45:48.0110 3304 drmkaud - ok
10:45:48.0153 3304 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
10:45:48.0227 3304 DXGKrnl - ok
10:45:48.0245 3304 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:45:48.0281 3304 E1G60 - ok
10:45:48.0292 3304 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:45:48.0322 3304 EapHost - ok
10:45:48.0349 3304 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:45:48.0368 3304 Ecache - ok
10:45:48.0401 3304 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
10:45:48.0427 3304 ehRecvr - ok
10:45:48.0449 3304 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
10:45:48.0471 3304 ehSched - ok
10:45:48.0480 3304 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
10:45:48.0501 3304 ehstart - ok
10:45:48.0533 3304 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:45:48.0565 3304 elxstor - ok
10:45:48.0609 3304 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:45:48.0666 3304 EMDMgmt - ok
10:45:48.0671 3304 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:45:48.0706 3304 ErrDev - ok
10:45:48.0759 3304 ETService (23112102bc2a8fe44b8ac44a05bdf4c3) C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
10:45:48.0771 3304 ETService ( UnsignedFile.Multi.Generic ) - warning
10:45:48.0771 3304 ETService - detected UnsignedFile.Multi.Generic (1)
10:45:48.0801 3304 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:45:48.0837 3304 EventSystem - ok
10:45:48.0856 3304 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:45:48.0909 3304 exfat - ok
10:45:48.0939 3304 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
10:45:48.0953 3304 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
10:45:48.0954 3304 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
10:45:48.0999 3304 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:45:49.0028 3304 fastfat - ok
10:45:49.0039 3304 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:45:49.0075 3304 fdc - ok
10:45:49.0088 3304 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:45:49.0126 3304 fdPHost - ok
10:45:49.0132 3304 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:45:49.0183 3304 FDResPub - ok
10:45:49.0201 3304 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:45:49.0218 3304 FileInfo - ok
10:45:49.0228 3304 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:45:49.0262 3304 Filetrace - ok
10:45:49.0319 3304 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:45:49.0342 3304 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:45:49.0342 3304 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:45:49.0358 3304 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:45:49.0391 3304 flpydisk - ok
10:45:49.0416 3304 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:45:49.0435 3304 FltMgr - ok
10:45:49.0512 3304 FontCache (d49705f25390265cad9b620f55ea968c) C:\Windows\system32\FntCache.dll
10:45:49.0546 3304 FontCache - ok
10:45:49.0616 3304 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:45:49.0640 3304 FontCache3.0.0.0 - ok
10:45:49.0666 3304 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
10:45:49.0681 3304 fssfltr - ok
10:45:49.0796 3304 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:45:49.0899 3304 fsssvc - ok
10:45:50.0008 3304 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:45:50.0036 3304 Fs_Rec - ok
10:45:50.0060 3304 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:45:50.0076 3304 gagp30kx - ok
10:45:50.0108 3304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:45:50.0121 3304 GEARAspiWDM - ok
10:45:50.0178 3304 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:45:50.0192 3304 GoogleDesktopManager-051210-111108 - ok
10:45:50.0196 3304 GoogleDesktopManager-110309-193829 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:45:50.0210 3304 GoogleDesktopManager-110309-193829 - ok
10:45:50.0235 3304 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
10:45:50.0249 3304 GoToAssist - ok
10:45:50.0297 3304 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:45:50.0334 3304 gpsvc - ok
10:45:50.0367 3304 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:45:50.0392 3304 gupdate - ok
10:45:50.0396 3304 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:45:50.0413 3304 gupdatem - ok
10:45:50.0442 3304 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:45:50.0457 3304 gusvc - ok
10:45:50.0499 3304 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
10:45:50.0531 3304 HdAudAddService - ok
10:45:50.0576 3304 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:45:50.0616 3304 HDAudBus - ok
10:45:50.0641 3304 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:45:50.0691 3304 HidBth - ok
10:45:50.0700 3304 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:45:50.0749 3304 HidIr - ok
10:45:50.0763 3304 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:45:50.0786 3304 hidserv - ok
10:45:50.0803 3304 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:45:50.0831 3304 HidUsb - ok
10:45:50.0848 3304 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:45:50.0883 3304 hkmsvc - ok
10:45:50.0895 3304 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:45:50.0910 3304 HpCISSs - ok
10:45:50.0977 3304 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:45:50.0990 3304 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:45:50.0990 3304 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:45:51.0024 3304 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:45:51.0037 3304 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:45:51.0037 3304 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:45:51.0085 3304 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
10:45:51.0113 3304 HTTP - ok
10:45:51.0132 3304 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:45:51.0148 3304 i2omp - ok
10:45:51.0160 3304 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:45:51.0189 3304 i8042prt - ok
10:45:51.0216 3304 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:45:51.0241 3304 iaStorV - ok
10:45:51.0323 3304 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:45:51.0364 3304 idsvc - ok
10:45:51.0383 3304 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:45:51.0399 3304 iirsp - ok
10:45:51.0441 3304 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:45:51.0508 3304 IKEEXT - ok
10:45:51.0534 3304 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
10:45:51.0548 3304 int15 - ok
10:45:51.0748 3304 IntcAzAudAddService (bfcd7edc663f513e7c4a0b9400e58c70) C:\Windows\system32\drivers\RTKVHDA.sys
10:45:52.0004 3304 IntcAzAudAddService - ok
10:45:52.0097 3304 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:45:52.0113 3304 intelide - ok
10:45:52.0141 3304 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:45:52.0174 3304 intelppm - ok
10:45:52.0209 3304 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:45:52.0243 3304 IPBusEnum - ok
10:45:52.0258 3304 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:45:52.0293 3304 IpFilterDriver - ok
10:45:52.0319 3304 iphlpsvc (7f83b06a929a981bc001b2ea304d2036) C:\Windows\System32\iphlpsvc.dll
10:45:52.0357 3304 iphlpsvc - ok
10:45:52.0362 3304 IpInIp - ok
10:45:52.0376 3304 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:45:52.0409 3304 IPMIDRV - ok
10:45:52.0438 3304 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:45:52.0474 3304 IPNAT - ok
10:45:52.0502 3304 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:45:52.0534 3304 IRENUM - ok
10:45:52.0547 3304 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:45:52.0564 3304 isapnp - ok
10:45:52.0594 3304 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:45:52.0621 3304 iScsiPrt - ok
10:45:52.0665 3304 ISWKL (ee8bed092a58a4faeb08dc140729189e) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
10:45:52.0679 3304 ISWKL - ok
10:45:52.0724 3304 IswSvc (aa7fd6a7532ef23fdcfc030195c148f9) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
10:45:52.0745 3304 IswSvc - ok
10:45:52.0760 3304 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:45:52.0776 3304 iteatapi - ok
10:45:52.0790 3304 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:45:52.0805 3304 iteraid - ok
10:45:52.0813 3304 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:45:52.0828 3304 kbdclass - ok
10:45:52.0852 3304 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
10:45:52.0884 3304 kbdhid - ok
10:45:52.0907 3304 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:45:52.0940 3304 KeyIso - ok
10:45:52.0977 3304 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
10:45:52.0993 3304 KL1 - ok
10:45:53.0008 3304 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
10:45:53.0021 3304 kl2 - ok
10:45:53.0054 3304 KLIF (46fa00bef951762919b66269371c22af) C:\Windows\system32\DRIVERS\klif.sys
10:45:53.0076 3304 KLIF - ok
10:45:53.0100 3304 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:45:53.0124 3304 KSecDD - ok
10:45:53.0306 3304 KService (0423bc118534ec23a063e54ebca9b92d) C:\Program Files\Kontiki\KService.exe
10:45:53.0392 3304 KService - ok
10:45:53.0484 3304 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:45:53.0559 3304 KtmRm - ok
10:45:53.0602 3304 LanmanServer (43446f197c74ef2030f84b3a4f39d570) C:\Windows\system32\srvsvc.dll
10:45:53.0642 3304 LanmanServer - ok
10:45:53.0668 3304 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:45:53.0717 3304 LanmanWorkstation - ok
10:45:53.0743 3304 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:45:53.0777 3304 lltdio - ok
10:45:53.0808 3304 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:45:53.0843 3304 lltdsvc - ok
10:45:53.0855 3304 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:45:53.0906 3304 lmhosts - ok
10:45:53.0941 3304 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:45:53.0959 3304 LSI_FC - ok
10:45:53.0976 3304 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:45:53.0994 3304 LSI_SAS - ok
10:45:54.0010 3304 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:45:54.0029 3304 LSI_SCSI - ok
10:45:54.0043 3304 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:45:54.0076 3304 luafv - ok
10:45:54.0100 3304 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
10:45:54.0116 3304 MBAMProtector - ok
10:45:54.0196 3304 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:45:54.0230 3304 MBAMService - ok
10:45:54.0286 3304 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
10:45:54.0305 3304 McciCMService ( UnsignedFile.Multi.Generic ) - warning
10:45:54.0305 3304 McciCMService - detected UnsignedFile.Multi.Generic (1)
10:45:54.0329 3304 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
10:45:54.0353 3304 Mcx2Svc - ok
10:45:54.0362 3304 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:45:54.0377 3304 megasas - ok
10:45:54.0409 3304 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:45:54.0458 3304 MegaSR - ok
10:45:54.0485 3304 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:45:54.0520 3304 MMCSS - ok
10:45:54.0539 3304 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:45:54.0572 3304 Modem - ok
10:45:54.0584 3304 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:45:54.0617 3304 monitor - ok
10:45:54.0636 3304 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:45:54.0651 3304 mouclass - ok
10:45:54.0663 3304 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:45:54.0696 3304 mouhid - ok
10:45:54.0715 3304 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:45:54.0730 3304 MountMgr - ok
10:45:54.0767 3304 MozillaMaintenance (166f0cbff55d16552161c154317287ca) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:45:54.0785 3304 MozillaMaintenance - ok
10:45:54.0803 3304 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
10:45:54.0822 3304 MpFilter - ok
10:45:54.0835 3304 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:45:54.0855 3304 mpio - ok
10:45:54.0866 3304 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:45:54.0896 3304 mpsdrv - ok
10:45:54.0940 3304 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:45:55.0019 3304 MpsSvc - ok
10:45:55.0036 3304 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:45:55.0051 3304 Mraid35x - ok
10:45:55.0091 3304 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:45:55.0102 3304 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
10:45:55.0102 3304 MREMP50 - detected UnsignedFile.Multi.Generic (1)
10:45:55.0107 3304 MREMPR5 - ok
10:45:55.0113 3304 MRENDIS5 - ok
10:45:55.0128 3304 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:45:55.0138 3304 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
10:45:55.0138 3304 MRESP50 - detected UnsignedFile.Multi.Generic (1)
10:45:55.0167 3304 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:45:55.0194 3304 MRxDAV - ok
10:45:55.0220 3304 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:45:55.0248 3304 mrxsmb - ok
10:45:55.0272 3304 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:45:55.0302 3304 mrxsmb10 - ok
10:45:55.0312 3304 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:45:55.0340 3304 mrxsmb20 - ok
10:45:55.0357 3304 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:45:55.0372 3304 msahci - ok
10:45:55.0393 3304 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:45:55.0413 3304 msdsm - ok
10:45:55.0447 3304 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:45:55.0484 3304 MSDTC - ok
10:45:55.0505 3304 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:45:55.0538 3304 Msfs - ok
10:45:55.0559 3304 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:45:55.0574 3304 msisadrv - ok
10:45:55.0600 3304 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:45:55.0634 3304 MSiSCSI - ok
10:45:55.0638 3304 msiserver - ok
10:45:55.0657 3304 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:45:55.0691 3304 MSKSSRV - ok
10:45:55.0721 3304 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:45:55.0737 3304 MsMpSvc - ok
10:45:55.0749 3304 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:45:55.0781 3304 MSPCLOCK - ok
10:45:55.0786 3304 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:45:55.0819 3304 MSPQM - ok
10:45:55.0844 3304 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:45:55.0863 3304 MsRPC - ok
10:45:55.0872 3304 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:45:55.0888 3304 mssmbios - ok
10:45:55.0893 3304 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:45:55.0929 3304 MSTEE - ok
10:45:55.0936 3304 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:45:55.0953 3304 Mup - ok
10:45:55.0991 3304 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:45:56.0051 3304 napagent - ok
10:45:56.0083 3304 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:45:56.0116 3304 NativeWifiP - ok
10:45:56.0150 3304 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:45:56.0190 3304 NDIS - ok
10:45:56.0202 3304 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:45:56.0230 3304 NdisTapi - ok
10:45:56.0245 3304 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:45:56.0278 3304 Ndisuio - ok
10:45:56.0297 3304 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:45:56.0326 3304 NdisWan - ok
10:45:56.0344 3304 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:45:56.0372 3304 NDProxy - ok
10:45:56.0394 3304 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
10:45:56.0406 3304 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:45:56.0406 3304 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:45:56.0426 3304 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:45:56.0459 3304 NetBIOS - ok
10:45:56.0478 3304 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:45:56.0508 3304 netbt - ok
10:45:56.0532 3304 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:45:56.0555 3304 Netlogon - ok
10:45:56.0599 3304 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:45:56.0639 3304 Netman - ok
10:45:56.0691 3304 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:45:56.0708 3304 NetMsmqActivator - ok
10:45:56.0712 3304 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:45:56.0729 3304 NetPipeActivator - ok
10:45:56.0756 3304 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:45:56.0806 3304 netprofm - ok
10:45:56.0810 3304 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:45:56.0826 3304 NetTcpActivator - ok
10:45:56.0831 3304 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:45:56.0847 3304 NetTcpPortSharing - ok
10:45:56.0875 3304 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:45:56.0891 3304 nfrd960 - ok
10:45:56.0912 3304 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:45:56.0928 3304 NisDrv - ok
10:45:56.0974 3304 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
10:45:57.0043 3304 NisSrv - ok
10:45:57.0061 3304 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:45:57.0120 3304 NlaSvc - ok
10:45:57.0137 3304 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:45:57.0166 3304 Npfs - ok
10:45:57.0181 3304 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:45:57.0215 3304 nsi - ok
10:45:57.0223 3304 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:45:57.0256 3304 nsiproxy - ok
10:45:57.0337 3304 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:45:57.0373 3304 Ntfs - ok
10:45:57.0402 3304 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:45:57.0452 3304 ntrigdigi - ok
10:45:57.0476 3304 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:45:57.0508 3304 Null - ok
10:45:57.0537 3304 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
10:45:57.0554 3304 NVHDA - ok
10:45:58.0107 3304 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:45:58.0395 3304 nvlddmkm - ok
10:45:58.0479 3304 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:45:58.0501 3304 nvraid - ok
10:45:58.0530 3304 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:45:58.0548 3304 nvstor - ok
10:45:58.0574 3304 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
10:45:58.0600 3304 nvstor32 - ok
10:45:58.0649 3304 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
10:45:58.0695 3304 nvsvc - ok
10:45:58.0864 3304 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:45:58.0977 3304 nvUpdatusService - ok
10:45:59.0117 3304 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:45:59.0138 3304 nv_agp - ok
10:45:59.0144 3304 NwlnkFlt - ok
10:45:59.0152 3304 NwlnkFwd - ok
10:45:59.0184 3304 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:45:59.0240 3304 ohci1394 - ok
10:45:59.0279 3304 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:45:59.0306 3304 ose - ok
10:45:59.0576 3304 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:45:59.0794 3304 osppsvc - ok
10:45:59.0943 3304 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:46:00.0026 3304 p2pimsvc - ok
10:46:00.0035 3304 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:46:00.0072 3304 p2psvc - ok
10:46:00.0102 3304 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:46:00.0160 3304 Parport - ok
10:46:00.0180 3304 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
10:46:00.0194 3304 Partizan - ok
10:46:00.0213 3304 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:46:00.0230 3304 partmgr - ok
10:46:00.0245 3304 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:46:00.0293 3304 Parvdm - ok
10:46:00.0311 3304 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:46:00.0335 3304 PcaSvc - ok
10:46:00.0352 3304 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:46:00.0370 3304 pci - ok
10:46:00.0379 3304 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
10:46:00.0395 3304 pciide - ok
10:46:00.0425 3304 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:46:00.0452 3304 pcmcia - ok
10:46:00.0521 3304 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:46:00.0585 3304 PEAUTH - ok
10:46:00.0684 3304 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:46:00.0764 3304 pla - ok
10:46:00.0871 3304 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:46:00.0924 3304 PlugPlay - ok
10:46:00.0969 3304 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
10:46:00.0980 3304 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:46:00.0980 3304 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:46:01.0050 3304 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:46:01.0083 3304 PNRPAutoReg - ok
10:46:01.0092 3304 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:46:01.0124 3304 PNRPsvc - ok
10:46:01.0156 3304 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:46:01.0190 3304 PolicyAgent - ok
10:46:01.0227 3304 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:46:01.0259 3304 PptpMiniport - ok
10:46:01.0288 3304 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:46:01.0321 3304 Processor - ok
10:46:01.0340 3304 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:46:01.0373 3304 ProfSvc - ok
10:46:01.0399 3304 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:46:01.0422 3304 ProtectedStorage - ok
10:46:01.0449 3304 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:46:01.0476 3304 PSched - ok
10:46:01.0483 3304 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
10:46:01.0498 3304 PxHelp20 - ok
10:46:01.0566 3304 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:46:01.0637 3304 ql2300 - ok
10:46:01.0656 3304 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:46:01.0675 3304 ql40xx - ok
10:46:01.0705 3304 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:46:01.0732 3304 QWAVE - ok
10:46:01.0748 3304 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:46:01.0770 3304 QWAVEdrv - ok
10:46:01.0783 3304 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:46:01.0815 3304 RasAcd - ok
10:46:01.0835 3304 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:46:01.0869 3304 RasAuto - ok
10:46:01.0884 3304 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:01.0917 3304 Rasl2tp - ok
10:46:01.0945 3304 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:46:01.0981 3304 RasMan - ok
10:46:02.0002 3304 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:02.0031 3304 RasPppoe - ok
10:46:02.0047 3304 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:46:02.0069 3304 RasSstp - ok
10:46:02.0105 3304 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:46:02.0134 3304 rdbss - ok
10:46:02.0144 3304 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:02.0176 3304 RDPCDD - ok
10:46:02.0203 3304 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:46:02.0260 3304 rdpdr - ok
10:46:02.0265 3304 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:46:02.0299 3304 RDPENCDD - ok
10:46:02.0327 3304 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
10:46:02.0351 3304 RDPWD - ok
10:46:02.0369 3304 RegGuard (37ecebdd930395a9c399fb18a3c236d3) C:\Windows\system32\Drivers\regguard.sys
10:46:02.0383 3304 RegGuard - ok
10:46:02.0402 3304 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:46:02.0437 3304 RemoteAccess - ok
10:46:02.0460 3304 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:46:02.0490 3304 RemoteRegistry - ok
10:46:02.0503 3304 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:46:02.0526 3304 RpcLocator - ok
10:46:02.0631 3304 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:46:02.0673 3304 RpcSs - ok
10:46:02.0696 3304 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:46:02.0728 3304 rspndr - ok
10:46:02.0771 3304 RTL8169 (06992132cf20c3c1cba3f072c4086de8) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:46:02.0789 3304 RTL8169 - ok
10:46:02.0807 3304 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:46:02.0830 3304 SamSs - ok
10:46:02.0867 3304 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:46:02.0881 3304 SASDIFSV - ok
10:46:02.0891 3304 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:46:02.0907 3304 SASKUTIL - ok
10:46:02.0923 3304 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:46:02.0941 3304 sbp2port - ok
10:46:03.0053 3304 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
10:46:03.0106 3304 SBSDWSCService - ok
10:46:03.0129 3304 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:46:03.0159 3304 SCardSvr - ok
10:46:03.0201 3304 Schedule (323ae0bdfd2eb15b668dda50cc597329) C:\Windows\system32\schedsvc.dll
10:46:03.0241 3304 Schedule - ok
10:46:03.0268 3304 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:46:03.0296 3304 SCPolicySvc - ok
10:46:03.0313 3304 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:46:03.0338 3304 SDRSVC - ok
10:46:03.0364 3304 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:46:03.0413 3304 secdrv - ok
10:46:03.0445 3304 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:46:03.0479 3304 seclogon - ok
10:46:03.0496 3304 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:46:03.0531 3304 SENS - ok
10:46:03.0541 3304 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:46:03.0590 3304 Serenum - ok
10:46:03.0614 3304 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:46:03.0665 3304 Serial - ok
10:46:03.0676 3304 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:46:03.0709 3304 sermouse - ok
10:46:03.0785 3304 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:46:03.0833 3304 SessionEnv - ok
10:46:03.0847 3304 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:46:03.0875 3304 sffdisk - ok
10:46:03.0887 3304 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:46:03.0919 3304 sffp_mmc - ok
10:46:03.0936 3304 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:46:03.0968 3304 sffp_sd - ok
10:46:04.0002 3304 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:46:04.0050 3304 sfloppy - ok
10:46:04.0081 3304 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:46:04.0129 3304 SharedAccess - ok
10:46:04.0153 3304 ShellHWDetection (c818c44c201898399bf999bb6b35d4e3) C:\Windows\System32\shsvcs.dll
10:46:04.0187 3304 ShellHWDetection - ok
10:46:04.0198 3304 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:46:04.0215 3304 sisagp - ok
10:46:04.0229 3304 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:46:04.0245 3304 SiSRaid2 - ok
10:46:04.0257 3304 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:46:04.0274 3304 SiSRaid4 - ok
10:46:04.0474 3304 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:46:04.0595 3304 slsvc - ok
10:46:04.0676 3304 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:46:04.0709 3304 SLUINotify - ok
10:46:04.0747 3304 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
10:46:04.0761 3304 SmartDefragDriver - ok
10:46:04.0787 3304 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:46:04.0818 3304 Smb - ok
10:46:04.0848 3304 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:46:04.0872 3304 SNMPTRAP - ok
10:46:04.0887 3304 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:46:04.0904 3304 spldr - ok
10:46:04.0926 3304 Spooler (524bfbea40e6e404737ccbc754647a2e) C:\Windows\System32\spoolsv.exe
10:46:04.0960 3304 Spooler - ok
10:46:04.0985 3304 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
10:46:05.0014 3304 srv - ok
10:46:05.0040 3304 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
10:46:05.0063 3304 srv2 - ok
10:46:05.0087 3304 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
10:46:05.0115 3304 srvnet - ok
10:46:05.0126 3304 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:46:05.0163 3304 SSDPSRV - ok
10:46:05.0186 3304 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:46:05.0199 3304 ssmdrv - ok
10:46:05.0219 3304 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:46:05.0253 3304 SstpSvc - ok
10:46:05.0291 3304 Steam Client Service - ok
10:46:05.0310 3304 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
10:46:05.0338 3304 StillCam - ok
10:46:05.0381 3304 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:46:05.0413 3304 stisvc - ok
10:46:05.0429 3304 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:46:05.0445 3304 swenum - ok
10:46:05.0466 3304 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:46:05.0500 3304 swprv - ok
10:46:05.0529 3304 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:46:05.0544 3304 Symc8xx - ok
10:46:05.0578 3304 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:46:05.0593 3304 Sym_hi - ok
10:46:05.0609 3304 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:46:05.0624 3304 Sym_u3 - ok
10:46:05.0667 3304 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:46:05.0706 3304 SysMain - ok
10:46:05.0727 3304 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:46:05.0752 3304 TabletInputService - ok
10:46:05.0778 3304 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:46:05.0814 3304 TapiSrv - ok
10:46:05.0827 3304 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:46:05.0861 3304 TBS - ok
10:46:05.0943 3304 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys
10:46:05.0978 3304 Tcpip - ok
10:46:05.0990 3304 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys
10:46:06.0024 3304 Tcpip6 - ok
10:46:06.0059 3304 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys
10:46:06.0080 3304 tcpipreg - ok
10:46:06.0090 3304 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:46:06.0122 3304 TDPIPE - ok
10:46:06.0137 3304 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:46:06.0169 3304 TDTCP - ok
10:46:06.0193 3304 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:46:06.0222 3304 tdx - ok
10:46:06.0248 3304 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:46:06.0265 3304 TermDD - ok
10:46:06.0314 3304 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:46:06.0365 3304 TermService - ok
10:46:06.0390 3304 Themes (c818c44c201898399bf999bb6b35d4e3) C:\Windows\system32\shsvcs.dll
10:46:06.0422 3304 Themes - ok
10:46:06.0460 3304 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:46:06.0494 3304 THREADORDER - ok
10:46:06.0528 3304 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:46:06.0568 3304 TrkWks - ok
10:46:06.0611 3304 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:46:06.0639 3304 TrustedInstaller - ok
10:46:06.0653 3304 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:06.0685 3304 tssecsrv - ok
10:46:06.0698 3304 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:46:06.0721 3304 tunmp - ok
10:46:06.0727 3304 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
10:46:06.0756 3304 tunnel - ok
10:46:06.0775 3304 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:46:06.0791 3304 uagp35 - ok
10:46:06.0811 3304 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:46:06.0847 3304 udfs - ok
10:46:06.0865 3304 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:46:06.0900 3304 UI0Detect - ok
10:46:06.0917 3304 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:46:06.0934 3304 uliagpkx - ok
10:46:06.0980 3304 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:46:07.0014 3304 uliahci - ok
10:46:07.0029 3304 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:46:07.0048 3304 UlSata - ok
10:46:07.0061 3304 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:46:07.0080 3304 ulsata2 - ok
10:46:07.0090 3304 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:46:07.0123 3304 umbus - ok
10:46:07.0144 3304 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:46:07.0184 3304 upnphost - ok
10:46:07.0198 3304 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:07.0227 3304 usbccgp - ok
10:46:07.0242 3304 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:46:07.0292 3304 usbcir - ok
10:46:07.0312 3304 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:46:07.0340 3304 usbehci - ok
10:46:07.0367 3304 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:46:07.0396 3304 usbhub - ok
10:46:07.0403 3304 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
10:46:07.0434 3304 usbohci - ok
10:46:07.0459 3304 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:46:07.0492 3304 usbprint - ok
10:46:07.0512 3304 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:46:07.0539 3304 usbscan - ok
10:46:07.0547 3304 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:46:07.0575 3304 USBSTOR - ok
10:46:07.0584 3304 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:46:07.0612 3304 usbuhci - ok
10:46:07.0629 3304 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:46:07.0658 3304 UxSms - ok
10:46:07.0685 3304 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:46:07.0720 3304 vds - ok
10:46:07.0734 3304 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:07.0766 3304 vga - ok
10:46:07.0781 3304 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:46:07.0813 3304 VgaSave - ok
10:46:07.0827 3304 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:46:07.0843 3304 viaagp - ok
10:46:07.0852 3304 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:46:07.0885 3304 ViaC7 - ok
10:46:07.0891 3304 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:46:07.0907 3304 viaide - ok
10:46:07.0919 3304 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:46:07.0935 3304 volmgr - ok
10:46:07.0979 3304 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:46:07.0999 3304 volmgrx - ok
10:46:08.0014 3304 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:46:08.0033 3304 volsnap - ok
10:46:08.0072 3304 Vsdatant (6983d0bcac64c2d7460c2125f804f118) C:\Windows\system32\DRIVERS\vsdatant.sys
10:46:08.0094 3304 Vsdatant - ok
10:46:08.0100 3304 vsdatant7 - ok
10:46:08.0138 3304 vsmon - ok
10:46:08.0157 3304 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:46:08.0176 3304 vsmraid - ok
10:46:08.0244 3304 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:46:08.0290 3304 VSS - ok
10:46:08.0386 3304 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
10:46:08.0418 3304 vToolbarUpdater11.0.2 - ok
10:46:08.0504 3304 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:46:08.0538 3304 W32Time - ok
10:46:08.0563 3304 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:46:08.0612 3304 WacomPen - ok
10:46:08.0629 3304 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:46:08.0657 3304 Wanarp - ok
10:46:08.0661 3304 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:46:08.0690 3304 Wanarpv6 - ok
10:46:08.0730 3304 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:46:08.0761 3304 wcncsvc - ok
10:46:08.0789 3304 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:46:08.0821 3304 WcsPlugInService - ok
10:46:08.0842 3304 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:46:08.0857 3304 Wd - ok
10:46:08.0892 3304 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:46:08.0917 3304 Wdf01000 - ok
10:46:08.0947 3304 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:46:08.0983 3304 WdiServiceHost - ok
10:46:08.0987 3304 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:46:09.0022 3304 WdiSystemHost - ok
10:46:09.0036 3304 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:46:09.0064 3304 WebClient - ok
10:46:09.0076 3304 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
10:46:09.0111 3304 Wecsvc - ok
10:46:09.0119 3304 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:46:09.0150 3304 wercplsupport - ok
10:46:09.0163 3304 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:46:09.0195 3304 WerSvc - ok
10:46:09.0249 3304 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:46:09.0268 3304 WinDefend - ok
10:46:09.0278 3304 WinHttpAutoProxySvc - ok
10:46:09.0318 3304 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:46:09.0357 3304 Winmgmt - ok
10:46:09.0406 3304 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
10:46:09.0448 3304 WinRM - ok
10:46:09.0494 3304 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:46:09.0524 3304 Wlansvc - ok
10:46:09.0552 3304 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:46:09.0566 3304 wlcrasvc - ok
10:46:09.0685 3304 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:46:09.0771 3304 wlidsvc - ok
10:46:09.0872 3304 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:46:09.0900 3304 WmiAcpi - ok
10:46:09.0943 3304 WmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:46:09.0971 3304 WmiApSrv - ok
10:46:10.0046 3304 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:46:10.0092 3304 WMPNetworkSvc - ok
10:46:10.0107 3304 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:46:10.0131 3304 WPCSvc - ok
10:46:10.0154 3304 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:46:10.0179 3304 WPDBusEnum - ok
10:46:10.0267 3304 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:46:10.0295 3304 WPFFontCache_v0400 - ok
10:46:10.0315 3304 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:46:10.0348 3304 ws2ifsl - ok
10:46:10.0373 3304 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:46:10.0401 3304 wscsvc - ok
10:46:10.0406 3304 WSearch - ok
10:46:10.0539 3304 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
10:46:10.0625 3304 wuauserv - ok
10:46:10.0696 3304 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:46:10.0733 3304 wudfsvc - ok
10:46:10.0754 3304 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:46:11.0066 3304 \Device\Harddisk0\DR0 - ok
10:46:11.0070 3304 Boot (0x1200) (1564506fc0713d153b896ad06c0f6c1f) \Device\Harddisk0\DR0\Partition0
10:46:11.0071 3304 \Device\Harddisk0\DR0\Partition0 - ok
10:46:11.0073 3304 ============================================================
10:46:11.0073 3304 Scan finished
10:46:11.0073 3304 ============================================================
10:46:11.0086 1180 Detected object count: 10
10:46:11.0086 1180 Actual detected object count: 10
10:48:35.0894 1180 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0894 1180 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0896 1180 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0896 1180 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0898 1180 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0898 1180 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0902 1180 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0902 1180 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0905 1180 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0905 1180 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0907 1180 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0907 1180 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0910 1180 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0910 1180 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0912 1180 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0912 1180 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0915 1180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0916 1180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0918 1180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0918 1180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:50:51.0332 5836 Deinitialize success.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-06 11:40:52
-----------------------------
11:40:52.092 OS Version: Windows 6.0.6002 Service Pack 2
11:40:52.092 Number of processors: 4 586 0x1707
11:40:52.093 ComputerName: EAMONNS UserName: currys
11:41:25.580 Initialize success
11:41:50.098 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
11:41:50.100 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
11:41:50.115 Disk 0 MBR read successfully
11:41:50.117 Disk 0 MBR scan
11:41:50.120 Disk 0 Windows VISTA default MBR code
11:41:50.130 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
11:41:50.137 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 600238 MB offset 20973568
11:41:50.142 Disk 0 scanning sectors +1250261680
11:41:50.204 Disk 0 scanning C:\Windows\system32\drivers
11:41:57.639 Service scanning
11:42:01.930 Service MpKsl87d25911 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\MpKsl87d25911.sys **LOCKED** 32
11:42:08.215 Modules scanning
11:42:11.228 Disk 0 trace - called modules:
11:42:11.247 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
11:42:11.252 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87524968]
11:42:11.257 3 CLASSPNP.SYS[8bdb58b3] -> nt!IofCallDriver -> [0x857d96e0]
11:42:11.261 5 acpi.sys[83a986bc] -> nt!IofCallDriver -> \Device\0000005e[0x857d9c90]
11:42:11.266 Scan finished successfully
11:42:54.736 Disk 0 MBR has been saved successfully to "C:\Users\currys\Desktop\MBR.dat"
11:42:54.748 The log file has been saved successfully to "C:\Users\currys\Desktop\aswMBR.txt"

ComboFix 12-07-06.01 - currys 06/07/2012 12:04:43.3.4 - x86
Running from: c:\users\currys\Downloads\baffledUK123.exe.exe
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\baffledUK123.exe
c:\baffleduk123.exe\path05
c:\baffleduk123.exe\sed.3XE
C:\install.exe
c:\programdata\bProtector
c:\users\currys\AppData\Local\Temp\{6BDAB443-0FAE-42FB-8481-F541A02AB4ED}
c:\users\currys\AppData\Local\Temp\ppcrlui_5780_2
.
.
((((((((((((((((((((((((( Files Created from 2012-06-06 to 2012-07-06 )))))))))))))))))))))))))))))))
.
.
2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-06 10:59 . 2012-04-18 03:06 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5B11266-9F6D-46BA-BE4F-475D856D9270}\mpengine.dll
2012-07-06 10:45 . 2012-07-06 10:45 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\offreg.dll
2012-07-06 10:41 . 2012-07-06 10:41 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\MpKsl87d25911.sys
2012-07-06 09:35 . 2012-05-30 19:41 6762896 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\mpengine.dll
2012-07-05 22:20 . 2012-07-05 22:20 -------- d-----w- c:\program files\Common Files\Java
2012-07-05 22:19 . 2012-07-05 22:19 772592 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-04 10:19 . 2012-07-04 10:19 -------- d-----w- c:\users\currys\AppData\Roaming\SUPERAntiSpyware.com
2012-07-04 10:18 . 2012-07-04 10:19 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-07-04 10:18 . 2012-07-04 10:18 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-07-04 09:42 . 2012-07-04 09:42 388096 ----a-r- c:\users\currys\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-07-04 09:42 . 2012-07-04 09:42 -------- d-----w- c:\program files\Trend Micro
2012-07-02 17:56 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-30 15:03 . 2012-06-30 15:03 -------- d-----w- c:\users\currys\AppData\Roaming\Sammsoft
2012-06-30 15:02 . 2012-06-30 15:08 -------- d-----w- c:\program files\ARO 2012
2012-06-30 10:59 . 2012-07-02 17:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-29 22:55 . 2012-06-29 22:59 -------- d-----w- c:\users\currys\AppData\Roaming\DigitalSupport
2012-06-29 22:33 . 2012-06-29 22:33 -------- d-----w- c:\users\currys\AppData\Roaming\Simply Super Software
2012-06-29 22:32 . 2012-06-29 22:32 -------- d-----w- c:\programdata\Simply Super Software
2012-06-29 22:32 . 2012-06-29 22:33 -------- d-----w- c:\program files\Trojan Remover
2012-06-28 12:40 . 2012-07-01 00:10 -------- d-----w- c:\program files\ReImageCompanion
2012-06-28 12:34 . 2012-06-28 12:34 -------- dc-h--w- c:\programdata\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
2012-06-28 12:31 . 2012-07-01 00:10 -------- dc-h--w- c:\programdata\~0
2012-06-24 23:20 . 2012-07-06 11:00 -------- d-----w- c:\program files\Microsoft Security Client
2012-06-24 10:12 . 2012-06-26 21:36 -------- d-----w- c:\program files\RegZooka
2012-06-24 09:36 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-24 09:36 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-24 09:36 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-24 09:36 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-24 09:35 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-24 09:35 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-24 09:35 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-24 09:35 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-24 09:35 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-23 12:46 . 2012-06-23 12:46 -------- d-----w- c:\users\currys\AppData\Local\Macromedia
2012-06-23 10:43 . 2012-06-23 11:42 24416 ----a-w- c:\windows\system32\drivers\regguard.sys
2012-06-23 10:35 . 2012-06-23 10:35 39184 ----a-w- c:\windows\system32\Partizan.exe
2012-06-23 10:35 . 2012-06-23 10:35 35816 ----a-w- c:\windows\system32\drivers\Partizan.sys
2012-06-23 09:45 . 2012-06-26 22:32 -------- d-----w- c:\programdata\RegRun
2012-06-23 09:44 . 2012-06-23 09:44 2 --shatr- c:\windows\winstart.bat
2012-06-23 09:44 . 2012-06-23 09:44 -------- d-----w- c:\program files\Greatis
2012-06-19 23:21 . 2012-07-01 00:10 -------- dc----w- C:\f90e4393fac73d563b0e
2012-06-19 21:53 . 2012-02-28 10:43 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys
2012-06-19 21:53 . 2012-06-30 17:12 -------- d-----w- c:\program files\PC Tools
2012-06-19 21:53 . 2012-06-19 22:21 -------- d-----w- c:\program files\Common Files\PC Tools
2012-06-19 21:53 . 2012-05-11 10:14 203088 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-06-19 21:52 . 2012-06-19 22:21 -------- d-----w- c:\programdata\PC Tools
2012-06-19 21:52 . 2012-06-19 21:52 -------- d-----w- c:\users\currys\AppData\Roaming\TestApp
2012-06-18 22:34 . 2012-06-18 22:34 -------- d-----w- c:\users\currys\AppData\Roaming\FlashGet
2012-06-18 22:34 . 2012-06-18 22:34 -------- d-----w- c:\program files\FlashGet Network
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-05 22:19 . 2010-04-22 21:21 687600 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-23 12:46 . 2012-03-30 19:49 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-23 12:46 . 2011-07-16 18:09 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-13 11:59 . 2011-12-17 15:48 181064 ----a-w- c:\windows\PSEXESVC.EXE
2012-05-10 09:55 . 2012-05-10 09:55 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-05-10 08:55 . 2011-12-18 09:35 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-10 08:55 . 2011-12-18 09:35 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-07-01 22:30 . 2012-05-20 11:05 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-11-28 20:51 . 2008-11-07 09:45 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kdx"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-15 68856]
"SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-26 3906432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-05-03 73360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 3881792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-02-29 108352]
"4oD"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
"kdx"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [2011-9-30 142848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explo rer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\Shell ExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2010-12-10 12:47 16680 ----a-w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCO RE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSv c]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^currys^AppData^Roaming^Microsoft^Windows^Star t Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
backup=c:\windows\pss\BBC iPlayer Desktop.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-12-14 17:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-01-03 11:28 274608 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*NewlyCreated* - MPKSL87D25911
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 12:46]
.
2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 14:54]
.
2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 14:54]
.
2012-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-118059262-2797764304-1290977041-1000Core.job
- c:\users\currys\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 10:26]
.
2012-07-06 c:\windows\Tasks\Recovery DVD Creator-currys.job
- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-08-21 15:25]
.
.
------- Supplementary Scan -------
.
mStart Page = about:blank
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = *.local
IE: Download with &Media Finder
IE: E&xport to Microsoft Excel
IE: Google Sidewiki...
TCP: DhcpNameServer = 192.168.1.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090910103721
FF - ProfilePath - c:\users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WiseConvert Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
HKLM-Run-ISW - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-06 12:28
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\*& *u*]
@Allowed: (Read) (RestrictedCode)
"MachineID"=hex:92,fa,95,c7,a1,37,50,00
.
[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4b,e6,62,f7,01,dc,fb,1c,52,f0,6e,66,c7,e7,f7,7d,d4,3c,36,63,42,0e, 89,
8f,85,fa,f6,6d,83,03,fa,81,49,39,a4,45,bf,5e,77,23,eb,37,4b,86,ff,a8,26,ea, \
"??"=hex:dd,bb,b0,11,5f,96,3e,4b,49,50,e6,16,dd,f8,06,aa
.
[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):85,95,14,d3,27,4a,46,92,ae,59,c7,15,15,df,38,74,0f,19,b1,7a ,db,
bb,f0,e8,07,d0,65,01,12,5d,c5,e7,c3,d1,3d,a1,73,f5,bd,ad,00,00,00,00,00,00, \
.
[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000_Classes\CLSID\{f72d7cc0-3228-4f40-938c-e80ee848e811}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000bc
"Therad"=dword:00000014
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(704)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'Explorer.exe'(5460)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Completion time: 2012-07-06 12:40:41
ComboFix-quarantined-files.txt 2012-07-06 11:34
ComboFix2.txt 2012-02-23 00:12
.
Pre-Run: 452,379,402,240 bytes free
Post-Run: 452,399,927,296 bytes free
.
- - End Of File - - 576A7173098CBC0E7DFD8DB7401D3A34

Hopefully everything is done as requested.

baffledUK · 06-Jul-2012, 08:45 AM #6

ComboFix 12-07-06.01 - currys 06/07/2012 12:04:43.3.4 - x86
Running from: c:\users\currys\Downloads\baffledUK123.exe.exe
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\baffledUK123.exe
c:\baffleduk123.exe\path05
c:\baffleduk123.exe\sed.3XE
C:\install.exe
c:\programdata\bProtector
c:\users\currys\AppData\Local\Temp\{6BDAB443-0FAE-42FB-8481-F541A02AB4ED}
c:\users\currys\AppData\Local\Temp\ppcrlui_5780_2
.
.
((((((((((((((((((((((((( Files Created from 2012-06-06 to 2012-07-06 )))))))))))))))))))))))))))))))
.
.
2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-06 10:59 . 2012-04-18 03:06 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5B11266-9F6D-46BA-BE4F-475D856D9270}\mpengine.dll
2012-07-06 10:45 . 2012-07-06 10:45 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\offreg.dll
2012-07-06 10:41 . 2012-07-06 10:41 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\MpKsl87d25911.sys
2012-07-06 09:35 . 2012-05-30 19:41 6762896 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\mpengine.dll
2012-07-05 22:20 . 2012-07-05 22:20 -------- d-----w- c:\program files\Common Files\Java
2012-07-05 22:19 . 2012-07-05 22:19 772592 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-04 10:19 . 2012-07-04 10:19 -------- d-----w- c:\users\currys\AppData\Roaming\SUPERAntiSpyware.com
2012-07-04 10:18 . 2012-07-04 10:19 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-07-04 10:18 . 2012-07-04 10:18 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-07-04 09:42 . 2012-07-04 09:42 388096 ----a-r- c:\users\currys\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-07-04 09:42 . 2012-07-04 09:42 -------- d-----w- c:\program files\Trend Micro
2012-07-02 17:56 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-30 15:03 . 2012-06-30 15:03 -------- d-----w- c:\users\currys\AppData\Roaming\Sammsoft
2012-06-30 15:02 . 2012-06-30 15:08 -------- d-----w- c:\program files\ARO 2012
2012-06-30 10:59 . 2012-07-02 17:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-29 22:55 . 2012-06-29 22:59 -------- d-----w- c:\users\currys\AppData\Roaming\DigitalSupport
2012-06-29 22:33 . 2012-06-29 22:33 -------- d-----w- c:\users\currys\AppData\Roaming\Simply Super Software
2012-06-29 22:32 . 2012-06-29 22:32 -------- d-----w- c:\programdata\Simply Super Software
2012-06-29 22:32 . 2012-06-29 22:33 -------- d-----w- c:\program files\Trojan Remover
2012-06-28 12:40 . 2012-07-01 00:10 -------- d-----w- c:\program files\ReImageCompanion
2012-06-28 12:34 . 2012-06-28 12:34 -------- dc-h--w- c:\programdata\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
2012-06-28 12:31 . 2012-07-01 00:10 -------- dc-h--w- c:\programdata\~0
2012-06-24 23:20 . 2012-07-06 11:00 -------- d-----w- c:\program files\Microsoft Security Client
2012-06-24 10:12 . 2012-06-26 21:36 -------- d-----w- c:\program files\RegZooka
2012-06-24 09:36 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-24 09:36 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-24 09:36 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-24 09:36 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-24 09:35 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-24 09:35 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-24 09:35 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-24 09:35 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-24 09:35 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-23 12:46 . 2012-06-23 12:46 -------- d-----w- c:\users\currys\AppData\Local\Macromedia
2012-06-23 10:43 . 2012-06-23 11:42 24416 ----a-w- c:\windows\system32\drivers\regguard.sys
2012-06-23 10:35 . 2012-06-23 10:35 39184 ----a-w- c:\windows\system32\Partizan.exe
2012-06-23 10:35 . 2012-06-23 10:35 35816 ----a-w- c:\windows\system32\drivers\Partizan.sys
2012-06-23 09:45 . 2012-06-26 22:32 -------- d-----w- c:\programdata\RegRun
2012-06-23 09:44 . 2012-06-23 09:44 2 --shatr- c:\windows\winstart.bat
2012-06-23 09:44 . 2012-06-23 09:44 -------- d-----w- c:\program files\Greatis
2012-06-19 23:21 . 2012-07-01 00:10 -------- dc----w- C:\f90e4393fac73d563b0e
2012-06-19 21:53 . 2012-02-28 10:43 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys
2012-06-19 21:53 . 2012-06-30 17:12 -------- d-----w- c:\program files\PC Tools
2012-06-19 21:53 . 2012-06-19 22:21 -------- d-----w- c:\program files\Common Files\PC Tools
2012-06-19 21:53 . 2012-05-11 10:14 203088 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-06-19 21:52 . 2012-06-19 22:21 -------- d-----w- c:\programdata\PC Tools
2012-06-19 21:52 . 2012-06-19 21:52 -------- d-----w- c:\users\currys\AppData\Roaming\TestApp
2012-06-18 22:34 . 2012-06-18 22:34 -------- d-----w- c:\users\currys\AppData\Roaming\FlashGet
2012-06-18 22:34 . 2012-06-18 22:34 -------- d-----w- c:\program files\FlashGet Network
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-05 22:19 . 2010-04-22 21:21 687600 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-23 12:46 . 2012-03-30 19:49 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-23 12:46 . 2011-07-16 18:09 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-13 11:59 . 2011-12-17 15:48 181064 ----a-w- c:\windows\PSEXESVC.EXE
2012-05-10 09:55 . 2012-05-10 09:55 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-05-10 08:55 . 2011-12-18 09:35 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-10 08:55 . 2011-12-18 09:35 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-07-01 22:30 . 2012-05-20 11:05 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-11-28 20:51 . 2008-11-07 09:45 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"kdx"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-15 68856]
"SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-26 3906432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-05-03 73360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 3881792]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-02-29 108352]
"4oD"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
"kdx"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [2011-9-30 142848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explo rer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\Shell ExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2010-12-10 12:47 16680 ----a-w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCO RE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSv c]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^currys^AppData^Roaming^Microsoft^Windows^Star t Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
backup=c:\windows\pss\BBC iPlayer Desktop.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2010-12-14 17:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-01-03 11:28 274608 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*NewlyCreated* - MPKSL87D25911
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 12:46]
.
2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 14:54]
.
2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 14:54]
.
2012-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-118059262-2797764304-1290977041-1000Core.job
- c:\users\currys\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 10:26]
.
2012-07-06 c:\windows\Tasks\Recovery DVD Creator-currys.job
- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-08-21 15:25]
.
.
------- Supplementary Scan -------
.
mStart Page = about:blank
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = *.local
IE: Download with &Media Finder
IE: E&xport to Microsoft Excel
IE: Google Sidewiki...
TCP: DhcpNameServer = 192.168.1.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090910103721
FF - ProfilePath - c:\users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - WiseConvert Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
HKLM-Run-ISW - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-06 12:28
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\*& *u*]
@Allowed: (Read) (RestrictedCode)
"MachineID"=hex:92,fa,95,c7,a1,37,50,00
.
[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4b,e6,62,f7,01,dc,fb,1c,52,f0,6e,66,c7,e7,f7,7d,d4,3c,36,63,42,0e, 89,
8f,85,fa,f6,6d,83,03,fa,81,49,39,a4,45,bf,5e,77,23,eb,37,4b,86,ff,a8,26,ea, \
"??"=hex:dd,bb,b0,11,5f,96,3e,4b,49,50,e6,16,dd,f8,06,aa
.
[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):85,95,14,d3,27,4a,46,92,ae,59,c7,15,15,df,38,74,0f,19,b1,7a ,db,
bb,f0,e8,07,d0,65,01,12,5d,c5,e7,c3,d1,3d,a1,73,f5,bd,ad,00,00,00,00,00,00, \
.
[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000_Classes\CLSID\{f72d7cc0-3228-4f40-938c-e80ee848e811}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000bc
"Therad"=dword:00000014
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(704)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'Explorer.exe'(5460)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Completion time: 2012-07-06 12:40:41
ComboFix-quarantined-files.txt 2012-07-06 11:34
ComboFix2.txt 2012-02-23 00:12
.
Pre-Run: 452,379,402,240 bytes free
Post-Run: 452,399,927,296 bytes free
.
- - End Of File - - 576A7173098CBC0E7DFD8DB7401D3A34

10:41:52.0652 2536 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
10:41:54.0655 2536 ============================================================
10:41:54.0655 2536 Current date / time: 2012/07/06 10:41:54.0655
10:41:54.0655 2536 SystemInfo:
10:41:54.0655 2536
10:41:54.0655 2536 OS Version: 6.0.6002 ServicePack: 2.0
10:41:54.0655 2536 Product type: Workstation
10:41:54.0656 2536 ComputerName: EAMONNS
10:41:54.0656 2536 UserName: currys
10:41:54.0656 2536 Windows directory: C:\Windows
10:41:54.0656 2536 System windows directory: C:\Windows
10:41:54.0656 2536 Processor architecture: Intel x86
10:41:54.0656 2536 Number of processors: 4
10:41:54.0656 2536 Page size: 0x1000
10:41:54.0656 2536 Boot type: Normal boot
10:41:54.0656 2536 ============================================================
10:42:01.0665 2536 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:42:01.0777 2536 ============================================================
10:42:01.0777 2536 \Device\Harddisk0\DR0:
10:42:01.0777 2536 MBR partitions:
10:42:01.0777 2536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x494572B0
10:42:01.0777 2536 ============================================================
10:42:01.0809 2536 C: <-> \Device\Harddisk0\DR0\Partition0
10:42:01.0809 2536 ============================================================
10:42:01.0809 2536 Initialize success
10:42:01.0809 2536 ============================================================
10:43:06.0037 1384 ============================================================
10:43:06.0038 1384 Scan started
10:43:06.0038 1384 Mode: Manual; SigCheck;
10:43:06.0038 1384 ============================================================
10:43:06.0819 1384 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:43:06.0951 1384 !SASCORE - ok
10:43:07.0384 1384 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:43:07.0466 1384 ACPI - ok
10:43:07.0831 1384 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
10:43:07.0859 1384 AdobeActiveFileMonitor6.0 - ok
10:43:07.0968 1384 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:43:07.0993 1384 AdobeARMservice - ok
10:43:08.0374 1384 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:43:08.0392 1384 AdobeFlashPlayerUpdateSvc - ok
10:43:08.0459 1384 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:43:08.0493 1384 adp94xx - ok
10:43:08.0548 1384 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:43:08.0585 1384 adpahci - ok
10:43:08.0795 1384 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:43:08.0813 1384 adpu160m - ok
10:43:08.0838 1384 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:43:08.0864 1384 adpu320 - ok
10:43:09.0313 1384 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
10:43:09.0358 1384 AdvancedSystemCareService5 - ok
10:43:09.0413 1384 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:43:09.0471 1384 AeLookupSvc - ok
10:43:09.0494 1384 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
10:43:09.0549 1384 AFD - ok
10:43:09.0571 1384 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:43:09.0588 1384 agp440 - ok
10:43:09.0621 1384 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:43:09.0638 1384 aic78xx - ok
10:43:09.0653 1384 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:43:09.0707 1384 ALG - ok
10:43:09.0719 1384 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:43:09.0735 1384 aliide - ok
10:43:09.0747 1384 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:43:09.0765 1384 amdagp - ok
10:43:09.0782 1384 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:43:09.0799 1384 amdide - ok
10:43:09.0809 1384 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:43:09.0843 1384 AmdK7 - ok
10:43:09.0860 1384 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:43:09.0897 1384 AmdK8 - ok
10:43:10.0034 1384 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:43:10.0110 1384 AntiVirSchedulerService - ok
10:43:10.0130 1384 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:43:10.0158 1384 AntiVirService - ok
10:43:10.0274 1384 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:43:10.0321 1384 Appinfo - ok
10:43:10.0353 1384 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:43:10.0369 1384 arc - ok
10:43:10.0387 1384 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:43:10.0406 1384 arcsas - ok
10:43:10.0525 1384 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:43:10.0555 1384 aspnet_state - ok
10:43:10.0562 1384 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:43:10.0613 1384 AsyncMac - ok
10:43:10.0635 1384 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:43:10.0659 1384 atapi - ok
10:43:10.0689 1384 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:43:10.0731 1384 AudioEndpointBuilder - ok
10:43:10.0736 1384 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:43:10.0769 1384 Audiosrv - ok
10:43:10.0787 1384 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
10:43:10.0864 1384 avgntflt - ok
10:43:10.0891 1384 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
10:43:10.0925 1384 avipbb - ok
10:43:10.0943 1384 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
10:43:10.0966 1384 avkmgr - ok
10:43:11.0007 1384 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:43:11.0062 1384 Beep - ok
10:43:11.0116 1384 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:43:11.0189 1384 BFE - ok
10:43:11.0241 1384 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:43:11.0312 1384 BITS - ok
10:43:11.0321 1384 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:43:11.0366 1384 blbdrive - ok
10:43:11.0444 1384 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
10:43:11.0471 1384 Bonjour Service - ok
10:43:11.0498 1384 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
10:43:11.0550 1384 bowser - ok
10:43:11.0565 1384 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:43:11.0603 1384 BrFiltLo - ok
10:43:11.0614 1384 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:43:11.0646 1384 BrFiltUp - ok
10:43:11.0669 1384 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:43:11.0723 1384 Browser - ok
10:43:11.0735 1384 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:43:11.0881 1384 Brserid - ok
10:43:11.0893 1384 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:43:11.0944 1384 BrSerWdm - ok
10:43:11.0969 1384 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:43:12.0023 1384 BrUsbMdm - ok
10:43:12.0035 1384 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:43:12.0091 1384 BrUsbSer - ok
10:43:12.0107 1384 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:43:12.0166 1384 BTHMODEM - ok
10:43:12.0173 1384 catchme - ok
10:43:12.0191 1384 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:43:12.0229 1384 cdfs - ok
10:43:12.0250 1384 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:43:12.0297 1384 cdrom - ok
10:43:12.0320 1384 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:43:12.0349 1384 CertPropSvc - ok
10:43:12.0358 1384 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:43:12.0402 1384 circlass - ok
10:43:12.0443 1384 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:43:12.0476 1384 CLFS - ok
10:43:12.0527 1384 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:43:12.0545 1384 clr_optimization_v2.0.50727_32 - ok
10:43:12.0611 1384 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:43:12.0665 1384 clr_optimization_v4.0.30319_32 - ok
10:43:12.0706 1384 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:43:12.0723 1384 cmdide - ok
10:43:12.0741 1384 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
10:43:12.0790 1384 Compbatt - ok
10:43:12.0795 1384 COMSysApp - ok
10:43:12.0825 1384 cpuz134 - ok
10:43:12.0836 1384 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:43:12.0859 1384 crcdisk - ok
10:43:12.0873 1384 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:43:12.0910 1384 Crusoe - ok
10:43:12.0944 1384 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
10:43:13.0002 1384 CryptSvc - ok
10:43:13.0049 1384 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:43:13.0108 1384 DcomLaunch - ok
10:43:13.0125 1384 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
10:43:13.0174 1384 DfsC - ok
10:43:13.0287 1384 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:43:13.0368 1384 DFSR - ok
10:43:13.0477 1384 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:43:13.0513 1384 Dhcp - ok
10:43:13.0536 1384 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:43:13.0563 1384 disk - ok
10:43:13.0586 1384 Dnscache (30a08728740e71947ae1e073b5ce69b4) C:\Windows\System32\dnsrslvr.dll
10:43:13.0621 1384 Dnscache - ok
10:43:13.0643 1384 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:43:13.0689 1384 dot3svc - ok
10:43:13.0711 1384 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
10:43:13.0775 1384 Dot4 - ok
10:43:13.0790 1384 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:43:13.0839 1384 Dot4Print - ok
10:43:13.0849 1384 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
10:43:13.0894 1384 dot4usb - ok
10:43:13.0910 1384 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:43:13.0953 1384 DPS - ok
10:43:13.0982 1384 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:43:14.0014 1384 drmkaud - ok
10:43:14.0055 1384 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
10:43:14.0107 1384 DXGKrnl - ok
10:43:14.0130 1384 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:43:14.0168 1384 E1G60 - ok
10:43:14.0196 1384 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:43:14.0245 1384 EapHost - ok
10:43:14.0276 1384 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:43:14.0311 1384 Ecache - ok
10:43:14.0352 1384 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
10:43:14.0405 1384 ehRecvr - ok
10:43:14.0442 1384 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
10:43:14.0493 1384 ehSched - ok
10:43:14.0506 1384 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
10:43:14.0537 1384 ehstart - ok
10:43:14.0577 1384 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:43:14.0610 1384 elxstor - ok
10:43:14.0652 1384 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:43:14.0725 1384 EMDMgmt - ok
10:43:14.0735 1384 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:43:14.0772 1384 ErrDev - ok
10:43:14.0819 1384 ETService (23112102bc2a8fe44b8ac44a05bdf4c3) C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
10:43:14.0845 1384 ETService ( UnsignedFile.Multi.Generic ) - warning
10:43:14.0845 1384 ETService - detected UnsignedFile.Multi.Generic (1)
10:43:14.0869 1384 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:43:14.0906 1384 EventSystem - ok
10:43:14.0924 1384 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:43:14.0988 1384 exfat - ok
10:43:15.0011 1384 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
10:43:15.0039 1384 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
10:43:15.0039 1384 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
10:43:15.0067 1384 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:43:15.0124 1384 fastfat - ok
10:43:15.0149 1384 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:43:15.0183 1384 fdc - ok
10:43:15.0218 1384 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:43:15.0275 1384 fdPHost - ok
10:43:15.0280 1384 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:43:15.0348 1384 FDResPub - ok
10:43:15.0361 1384 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:43:15.0386 1384 FileInfo - ok
10:43:15.0397 1384 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:43:15.0433 1384 Filetrace - ok
10:43:15.0504 1384 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:43:15.0565 1384 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:43:15.0565 1384 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:43:15.0577 1384 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:43:15.0616 1384 flpydisk - ok
10:43:15.0642 1384 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:43:15.0675 1384 FltMgr - ok
10:43:15.0780 1384 FontCache (d49705f25390265cad9b620f55ea968c) C:\Windows\system32\FntCache.dll
10:43:15.0849 1384 FontCache - ok
10:43:15.0921 1384 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:43:15.0938 1384 FontCache3.0.0.0 - ok
10:43:15.0967 1384 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
10:43:15.0981 1384 fssfltr - ok
10:43:16.0140 1384 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:43:16.0220 1384 fsssvc - ok
10:43:16.0326 1384 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:43:16.0392 1384 Fs_Rec - ok
10:43:16.0404 1384 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:43:16.0422 1384 gagp30kx - ok
10:43:16.0451 1384 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:43:16.0471 1384 GEARAspiWDM - ok
10:43:16.0530 1384 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:43:16.0548 1384 GoogleDesktopManager-051210-111108 - ok
10:43:16.0554 1384 GoogleDesktopManager-110309-193829 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:43:16.0570 1384 GoogleDesktopManager-110309-193829 - ok
10:43:16.0595 1384 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
10:43:16.0610 1384 GoToAssist - ok
10:43:16.0654 1384 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:43:16.0736 1384 gpsvc - ok
10:43:16.0760 1384 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:43:16.0775 1384 gupdate - ok
10:43:16.0779 1384 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:43:16.0796 1384 gupdatem - ok
10:43:16.0818 1384 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:43:16.0854 1384 gusvc - ok
10:43:16.0907 1384 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
10:43:16.0957 1384 HdAudAddService - ok
10:43:17.0036 1384 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:43:17.0090 1384 HDAudBus - ok
10:43:17.0118 1384 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:43:17.0171 1384 HidBth - ok
10:43:17.0185 1384 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:43:17.0242 1384 HidIr - ok
10:43:17.0256 1384 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:43:17.0289 1384 hidserv - ok
10:43:17.0305 1384 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:43:17.0364 1384 HidUsb - ok
10:43:17.0383 1384 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:43:17.0429 1384 hkmsvc - ok
10:43:17.0446 1384 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:43:17.0462 1384 HpCISSs - ok
10:43:17.0528 1384 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:43:17.0552 1384 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:43:17.0552 1384 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:43:17.0568 1384 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:43:17.0590 1384 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:43:17.0590 1384 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:43:17.0637 1384 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
10:43:17.0703 1384 HTTP - ok
10:43:17.0717 1384 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:43:17.0733 1384 i2omp - ok
10:43:17.0745 1384 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:43:17.0783 1384 i8042prt - ok
10:43:17.0810 1384 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:43:17.0834 1384 iaStorV - ok
10:43:17.0916 1384 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:43:17.0962 1384 idsvc - ok
10:43:17.0985 1384 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:43:17.0999 1384 iirsp - ok
10:43:18.0053 1384 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:43:18.0101 1384 IKEEXT - ok
10:43:18.0127 1384 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
10:43:18.0153 1384 int15 - ok
10:43:18.0341 1384 IntcAzAudAddService (bfcd7edc663f513e7c4a0b9400e58c70) C:\Windows\system32\drivers\RTKVHDA.sys
10:43:18.0512 1384 IntcAzAudAddService - ok
10:43:18.0590 1384 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:43:18.0607 1384 intelide - ok
10:43:18.0617 1384 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:43:18.0655 1384 intelppm - ok
10:43:18.0677 1384 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:43:18.0728 1384 IPBusEnum - ok
10:43:18.0743 1384 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:43:18.0789 1384 IpFilterDriver - ok
10:43:18.0829 1384 iphlpsvc (7f83b06a929a981bc001b2ea304d2036) C:\Windows\System32\iphlpsvc.dll
10:43:18.0871 1384 iphlpsvc - ok
10:43:18.0875 1384 IpInIp - ok
10:43:18.0894 1384 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:43:18.0937 1384 IPMIDRV - ok
10:43:18.0956 1384 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:43:19.0020 1384 IPNAT - ok
10:43:19.0037 1384 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:43:19.0076 1384 IRENUM - ok
10:43:19.0090 1384 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:43:19.0106 1384 isapnp - ok
10:43:19.0137 1384 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:43:19.0156 1384 iScsiPrt - ok
10:43:19.0199 1384 ISWKL (ee8bed092a58a4faeb08dc140729189e) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
10:43:19.0222 1384 ISWKL - ok
10:43:19.0259 1384 IswSvc (aa7fd6a7532ef23fdcfc030195c148f9) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
10:43:19.0291 1384 IswSvc - ok
10:43:19.0303 1384 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:43:19.0320 1384 iteatapi - ok
10:43:19.0333 1384 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:43:19.0349 1384 iteraid - ok
10:43:19.0373 1384 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:43:19.0396 1384 kbdclass - ok
10:43:19.0403 1384 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
10:43:19.0462 1384 kbdhid - ok
10:43:19.0475 1384 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:43:19.0510 1384 KeyIso - ok
10:43:19.0538 1384 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
10:43:19.0562 1384 KL1 - ok
10:43:19.0577 1384 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
10:43:19.0598 1384 kl2 - ok
10:43:19.0639 1384 KLIF (46fa00bef951762919b66269371c22af) C:\Windows\system32\DRIVERS\klif.sys
10:43:19.0682 1384 KLIF - ok
10:43:19.0707 1384 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:43:19.0743 1384 KSecDD - ok
10:43:19.0961 1384 KService (0423bc118534ec23a063e54ebca9b92d) C:\Program Files\Kontiki\KService.exe
10:43:20.0067 1384 KService - ok
10:43:20.0161 1384 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:43:20.0217 1384 KtmRm - ok
10:43:20.0245 1384 LanmanServer (43446f197c74ef2030f84b3a4f39d570) C:\Windows\system32\srvsvc.dll
10:43:20.0290 1384 LanmanServer - ok
10:43:20.0319 1384 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:43:20.0443 1384 LanmanWorkstation - ok
10:43:20.0478 1384 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:43:20.0542 1384 lltdio - ok
10:43:20.0580 1384 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:43:20.0635 1384 lltdsvc - ok
10:43:20.0649 1384 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:43:20.0705 1384 lmhosts - ok
10:43:20.0731 1384 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:43:20.0750 1384 LSI_FC - ok
10:43:20.0770 1384 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:43:20.0790 1384 LSI_SAS - ok
10:43:20.0811 1384 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:43:20.0834 1384 LSI_SCSI - ok
10:43:20.0859 1384 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:43:20.0920 1384 luafv - ok
10:43:20.0960 1384 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
10:43:20.0979 1384 MBAMProtector - ok
10:43:21.0091 1384 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:43:21.0120 1384 MBAMService - ok
10:43:21.0179 1384 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
10:43:21.0216 1384 McciCMService ( UnsignedFile.Multi.Generic ) - warning
10:43:21.0216 1384 McciCMService - detected UnsignedFile.Multi.Generic (1)
10:43:21.0256 1384 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
10:43:21.0288 1384 Mcx2Svc - ok
10:43:21.0313 1384 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:43:21.0328 1384 megasas - ok
10:43:21.0353 1384 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:43:21.0386 1384 MegaSR - ok
10:43:21.0412 1384 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:43:21.0463 1384 MMCSS - ok
10:43:21.0474 1384 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:43:21.0508 1384 Modem - ok
10:43:21.0519 1384 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:43:21.0554 1384 monitor - ok
10:43:21.0570 1384 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:43:21.0594 1384 mouclass - ok
10:43:21.0606 1384 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:43:21.0659 1384 mouhid - ok
10:43:21.0675 1384 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:43:21.0698 1384 MountMgr - ok
10:43:21.0735 1384 MozillaMaintenance (166f0cbff55d16552161c154317287ca) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:43:21.0753 1384 MozillaMaintenance - ok
10:43:21.0788 1384 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
10:43:21.0824 1384 MpFilter - ok
10:43:21.0845 1384 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:43:21.0862 1384 mpio - ok
10:43:21.0876 1384 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:43:21.0920 1384 mpsdrv - ok
10:43:21.0960 1384 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:43:21.0997 1384 MpsSvc - ok
10:43:22.0029 1384 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:43:22.0045 1384 Mraid35x - ok
10:43:22.0094 1384 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:43:22.0122 1384 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
10:43:22.0122 1384 MREMP50 - detected UnsignedFile.Multi.Generic (1)
10:43:22.0126 1384 MREMPR5 - ok
10:43:22.0133 1384 MRENDIS5 - ok
10:43:22.0162 1384 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:43:22.0174 1384 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
10:43:22.0174 1384 MRESP50 - detected UnsignedFile.Multi.Generic (1)
10:43:22.0202 1384 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:43:22.0227 1384 MRxDAV - ok
10:43:22.0254 1384 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:43:22.0301 1384 mrxsmb - ok
10:43:22.0323 1384 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:43:22.0376 1384 mrxsmb10 - ok
10:43:22.0384 1384 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:43:22.0438 1384 mrxsmb20 - ok
10:43:22.0450 1384 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:43:22.0467 1384 msahci - ok
10:43:22.0486 1384 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:43:22.0503 1384 msdsm - ok
10:43:22.0524 1384 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:43:22.0562 1384 MSDTC - ok
10:43:22.0581 1384 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:43:22.0623 1384 Msfs - ok
10:43:22.0636 1384 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:43:22.0660 1384 msisadrv - ok
10:43:22.0693 1384 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:43:22.0751 1384 MSiSCSI - ok
10:43:22.0756 1384 msiserver - ok
10:43:22.0791 1384 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:43:22.0828 1384 MSKSSRV - ok
10:43:22.0864 1384 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:43:22.0881 1384 MsMpSvc - ok
10:43:22.0892 1384 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:43:22.0930 1384 MSPCLOCK - ok
10:43:22.0935 1384 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:43:22.0992 1384 MSPQM - ok
10:43:23.0013 1384 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:43:23.0048 1384 MsRPC - ok
10:43:23.0057 1384 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:43:23.0075 1384 mssmbios - ok
10:43:23.0089 1384 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:43:23.0132 1384 MSTEE - ok
10:43:23.0139 1384 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:43:23.0165 1384 Mup - ok
10:43:23.0201 1384 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:43:23.0245 1384 napagent - ok
10:43:23.0276 1384 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:43:23.0302 1384 NativeWifiP - ok
10:43:23.0335 1384 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:43:23.0362 1384 NDIS - ok
10:43:23.0378 1384 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:43:23.0419 1384 NdisTapi - ok
10:43:23.0438 1384 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:43:23.0475 1384 Ndisuio - ok
10:43:23.0490 1384 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:43:23.0545 1384 NdisWan - ok
10:43:23.0562 1384 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:43:23.0600 1384 NDProxy - ok
10:43:23.0620 1384 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
10:43:23.0640 1384 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:43:23.0640 1384 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:43:23.0653 1384 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:43:23.0694 1384 NetBIOS - ok
10:43:23.0714 1384 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:43:23.0769 1384 netbt - ok
10:43:23.0800 1384 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:43:23.0825 1384 Netlogon - ok
10:43:23.0858 1384 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:43:23.0901 1384 Netman - ok
10:43:23.0958 1384 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:23.0993 1384 NetMsmqActivator - ok
10:43:23.0997 1384 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:24.0013 1384 NetPipeActivator - ok
10:43:24.0063 1384 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:43:24.0110 1384 netprofm - ok
10:43:24.0115 1384 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:24.0134 1384 NetTcpActivator - ok
10:43:24.0138 1384 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:43:24.0155 1384 NetTcpPortSharing - ok
10:43:24.0177 1384 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:43:24.0193 1384 nfrd960 - ok
10:43:24.0221 1384 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:43:24.0248 1384 NisDrv - ok
10:43:24.0308 1384 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
10:43:24.0335 1384 NisSrv - ok
10:43:24.0354 1384 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:43:24.0398 1384 NlaSvc - ok
10:43:24.0438 1384 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:43:24.0475 1384 Npfs - ok
10:43:24.0482 1384 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:43:24.0520 1384 nsi - ok
10:43:24.0533 1384 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:43:24.0584 1384 nsiproxy - ok
10:43:24.0663 1384 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:43:24.0725 1384 Ntfs - ok
10:43:24.0754 1384 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:43:24.0808 1384 ntrigdigi - ok
10:43:24.0819 1384 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:43:24.0859 1384 Null - ok
10:43:24.0888 1384 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
10:43:24.0921 1384 NVHDA - ok
10:43:25.0491 1384 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:43:25.0864 1384 nvlddmkm - ok
10:43:26.0079 1384 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:43:26.0097 1384 nvraid - ok
10:43:26.0115 1384 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:43:26.0131 1384 nvstor - ok
10:43:26.0158 1384 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
10:43:26.0175 1384 nvstor32 - ok
10:43:26.0226 1384 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
10:43:26.0256 1384 nvsvc - ok
10:43:26.0440 1384 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:43:26.0570 1384 nvUpdatusService - ok
10:43:26.0668 1384 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:43:26.0686 1384 nv_agp - ok
10:43:26.0690 1384 NwlnkFlt - ok
10:43:26.0697 1384 NwlnkFwd - ok
10:43:26.0719 1384 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:43:26.0780 1384 ohci1394 - ok
10:43:26.0829 1384 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:43:26.0862 1384 ose - ok
10:43:27.0168 1384 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:43:27.0377 1384 osppsvc - ok
10:43:27.0485 1384 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:43:27.0580 1384 p2pimsvc - ok
10:43:27.0589 1384 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:43:27.0623 1384 p2psvc - ok
10:43:27.0652 1384 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:43:27.0704 1384 Parport - ok
10:43:27.0731 1384 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
10:43:27.0769 1384 Partizan - ok
10:43:27.0790 1384 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:43:27.0820 1384 partmgr - ok
10:43:27.0830 1384 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:43:27.0881 1384 Parvdm - ok
10:43:27.0896 1384 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:43:27.0930 1384 PcaSvc - ok
10:43:27.0954 1384 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:43:27.0982 1384 pci - ok
10:43:27.0997 1384 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
10:43:28.0022 1384 pciide - ok
10:43:28.0044 1384 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:43:28.0070 1384 pcmcia - ok
10:43:28.0130 1384 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:43:28.0232 1384 PEAUTH - ok
10:43:28.0327 1384 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:43:28.0419 1384 pla - ok
10:43:28.0514 1384 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:43:28.0561 1384 PlugPlay - ok
10:43:28.0623 1384 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
10:43:28.0650 1384 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:43:28.0650 1384 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:43:28.0710 1384 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:43:28.0745 1384 PNRPAutoReg - ok
10:43:28.0752 1384 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:43:28.0789 1384 PNRPsvc - ok
10:43:28.0816 1384 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:43:28.0893 1384 PolicyAgent - ok
10:43:28.0920 1384 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:43:28.0970 1384 PptpMiniport - ok
10:43:28.0990 1384 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:43:29.0026 1384 Processor - ok
10:43:29.0037 1384 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:43:29.0077 1384 ProfSvc - ok
10:43:29.0092 1384 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:43:29.0116 1384 ProtectedStorage - ok
10:43:29.0142 1384 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:43:29.0189 1384 PSched - ok
10:43:29.0196 1384 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
10:43:29.0222 1384 PxHelp20 - ok
10:43:29.0292 1384 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:43:29.0357 1384 ql2300 - ok
10:43:29.0390 1384 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:43:29.0407 1384 ql40xx - ok
10:43:29.0441 1384 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:43:29.0483 1384 QWAVE - ok
10:43:29.0499 1384 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:43:29.0538 1384 QWAVEdrv - ok
10:43:29.0551 1384 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:43:29.0603 1384 RasAcd - ok
10:43:29.0620 1384 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:43:29.0671 1384 RasAuto - ok
10:43:29.0710 1384 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:43:29.0757 1384 Rasl2tp - ok
10:43:29.0824 1384 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:43:29.0864 1384 RasMan - ok
10:43:29.0879 1384 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:43:29.0920 1384 RasPppoe - ok
10:43:29.0950 1384 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:43:29.0981 1384 RasSstp - ok
10:43:30.0014 1384 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:43:30.0061 1384 rdbss - ok
10:43:30.0070 1384 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:43:30.0111 1384 RDPCDD - ok
10:43:30.0137 1384 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:43:30.0172 1384 rdpdr - ok
10:43:30.0177 1384 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:43:30.0227 1384 RDPENCDD - ok
10:43:30.0253 1384 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
10:43:30.0358 1384 RDPWD - ok
10:43:30.0371 1384 RegGuard (37ecebdd930395a9c399fb18a3c236d3) C:\Windows\system32\Drivers\regguard.sys
10:43:30.0403 1384 RegGuard - ok
10:43:30.0436 1384 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:43:30.0479 1384 RemoteAccess - ok
10:43:30.0495 1384 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:43:30.0539 1384 RemoteRegistry - ok
10:43:30.0554 1384 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:43:30.0607 1384 RpcLocator - ok
10:43:30.0640 1384 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:43:30.0678 1384 RpcSs - ok
10:43:30.0697 1384 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:43:30.0748 1384 rspndr - ok
10:43:30.0802 1384 RTL8169 (06992132cf20c3c1cba3f072c4086de8) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:43:30.0830 1384 RTL8169 - ok
10:43:30.0850 1384 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:43:30.0874 1384 SamSs - ok
10:43:30.0910 1384 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:43:30.0925 1384 SASDIFSV - ok
10:43:30.0943 1384 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:43:30.0958 1384 SASKUTIL - ok
10:43:30.0991 1384 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:43:31.0008 1384 sbp2port - ok
10:43:31.0096 1384 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
10:43:31.0167 1384 SBSDWSCService - ok
10:43:31.0189 1384 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:43:31.0237 1384 SCardSvr - ok
10:43:31.0277 1384 Schedule (323ae0bdfd2eb15b668dda50cc597329) C:\Windows\system32\schedsvc.dll
10:43:31.0364 1384 Schedule - ok
10:43:31.0386 1384 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:43:31.0416 1384 SCPolicySvc - ok
10:43:31.0439 1384 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:43:31.0486 1384 SDRSVC - ok
10:43:31.0524 1384 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:43:31.0594 1384 secdrv - ok
10:43:31.0605 1384 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:43:31.0644 1384 seclogon - ok
10:43:31.0656 1384 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:43:31.0694 1384 SENS - ok
10:43:31.0701 1384 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:43:31.0756 1384 Serenum - ok
10:43:31.0774 1384 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:43:31.0838 1384 Serial - ok
10:43:31.0857 1384 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:43:31.0899 1384 sermouse - ok
10:43:31.0917 1384 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:43:31.0960 1384 SessionEnv - ok
10:43:31.0973 1384 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:43:32.0010 1384 sffdisk - ok
10:43:32.0021 1384 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:43:32.0062 1384 sffp_mmc - ok
10:43:32.0082 1384 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:43:32.0123 1384 sffp_sd - ok
10:43:32.0136 1384 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:43:32.0186 1384 sfloppy - ok
10:43:32.0216 1384 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:43:32.0256 1384 SharedAccess - ok
10:43:32.0279 1384 ShellHWDetection (c818c44c201898399bf999bb6b35d4e3) C:\Windows\System32\shsvcs.dll
10:43:32.0323 1384 ShellHWDetection - ok
10:43:32.0333 1384 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:43:32.0349 1384 sisagp - ok
10:43:32.0363 1384 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:43:32.0380 1384 SiSRaid2 - ok
10:43:32.0392 1384 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:43:32.0409 1384 SiSRaid4 - ok
10:43:32.0645 1384 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:43:32.0790 1384 slsvc - ok
10:43:32.0860 1384 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:43:32.0898 1384 SLUINotify - ok
10:43:32.0937 1384 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
10:43:32.0957 1384 SmartDefragDriver - ok
10:43:32.0989 1384 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:43:33.0035 1384 Smb - ok
10:43:33.0057 1384 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:43:33.0090 1384 SNMPTRAP - ok
10:43:33.0105 1384 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:43:33.0131 1384 spldr - ok
10:43:33.0152 1384 Spooler (524bfbea40e6e404737ccbc754647a2e) C:\Windows\System32\spoolsv.exe
10:43:33.0190 1384 Spooler - ok
10:43:33.0211 1384 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
10:43:33.0256 1384 srv - ok
10:43:33.0284 1384 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
10:43:33.0337 1384 srv2 - ok
10:43:33.0363 1384 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
10:43:33.0402 1384 srvnet - ok
10:43:33.0414 1384 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:43:33.0458 1384 SSDPSRV - ok
10:43:33.0479 1384 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:43:33.0500 1384 ssmdrv - ok
10:43:33.0521 1384 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:43:33.0553 1384 SstpSvc - ok
10:43:33.0592 1384 Steam Client Service - ok
10:43:33.0620 1384 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
10:43:33.0667 1384 StillCam - ok
10:43:33.0696 1384 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:43:33.0748 1384 stisvc - ok
10:43:33.0772 1384 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:43:33.0795 1384 swenum - ok
10:43:33.0828 1384 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:43:33.0868 1384 swprv - ok
10:43:33.0881 1384 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:43:33.0897 1384 Symc8xx - ok
10:43:33.0912 1384 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:43:33.0928 1384 Sym_hi - ok
10:43:33.0944 1384 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:43:33.0961 1384 Sym_u3 - ok
10:43:34.0026 1384 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:43:34.0086 1384 SysMain - ok
10:43:34.0112 1384 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:43:34.0159 1384 TabletInputService - ok
10:43:34.0188 1384 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:43:34.0232 1384 TapiSrv - ok
10:43:34.0245 1384 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:43:34.0287 1384 TBS - ok
10:43:34.0355 1384 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys
10:43:34.0407 1384 Tcpip - ok
10:43:34.0422 1384 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys
10:43:34.0457 1384 Tcpip6 - ok
10:43:34.0485 1384 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys
10:43:34.0533 1384 tcpipreg - ok
10:43:34.0558 1384 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:43:34.0599 1384 TDPIPE - ok
10:43:34.0613 1384 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:43:34.0647 1384 TDTCP - ok
10:43:34.0678 1384 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:43:34.0716 1384 tdx - ok
10:43:34.0741 1384 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:43:34.0767 1384 TermDD - ok
10:43:34.0800 1384 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:43:34.0867 1384 TermService - ok
10:43:34.0891 1384 Themes (c818c44c201898399bf999bb6b35d4e3) C:\Windows\system32\shsvcs.dll
10:43:34.0923 1384 Themes - ok
10:43:34.0953 1384 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:43:34.0988 1384 THREADORDER - ok
10:43:35.0013 1384 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:43:35.0050 1384 TrkWks - ok
10:43:35.0096 1384 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:43:35.0141 1384 TrustedInstaller - ok
10:43:35.0154 1384 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:43:35.0191 1384 tssecsrv - ok
10:43:35.0200 1384 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:43:35.0251 1384 tunmp - ok
10:43:35.0258 1384 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
10:43:35.0305 1384 tunnel - ok
10:43:35.0318 1384 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:43:35.0335 1384 uagp35 - ok
10:43:35.0354 1384 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:43:35.0386 1384 udfs - ok
10:43:35.0409 1384 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:43:35.0461 1384 UI0Detect - ok
10:43:35.0477 1384 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:43:35.0496 1384 uliagpkx - ok
10:43:35.0515 1384 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:43:35.0540 1384 uliahci - ok
10:43:35.0555 1384 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:43:35.0575 1384 UlSata - ok
10:43:35.0588 1384 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:43:35.0615 1384 ulsata2 - ok
10:43:35.0625 1384 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:43:35.0666 1384 umbus - ok
10:43:35.0695 1384 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:43:35.0737 1384 upnphost - ok
10:43:35.0758 1384 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:43:35.0799 1384 usbccgp - ok
10:43:35.0818 1384 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:43:35.0868 1384 usbcir - ok
10:43:35.0888 1384 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:43:35.0929 1384 usbehci - ok
10:43:35.0952 1384 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:43:36.0030 1384 usbhub - ok
10:43:36.0045 1384 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
10:43:36.0089 1384 usbohci - ok
10:43:36.0102 1384 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:43:36.0144 1384 usbprint - ok
10:43:36.0163 1384 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:43:36.0207 1384 usbscan - ok
10:43:36.0221 1384 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:43:36.0259 1384 USBSTOR - ok
10:43:36.0269 1384 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:43:36.0311 1384 usbuhci - ok
10:43:36.0338 1384 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:43:36.0380 1384 UxSms - ok
10:43:36.0416 1384 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:43:36.0462 1384 vds - ok
10:43:36.0476 1384 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:43:36.0528 1384 vga - ok
10:43:36.0540 1384 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:43:36.0592 1384 VgaSave - ok
10:43:36.0603 1384 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:43:36.0620 1384 viaagp - ok
10:43:36.0636 1384 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:43:36.0671 1384 ViaC7 - ok
10:43:36.0677 1384 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:43:36.0696 1384 viaide - ok
10:43:36.0712 1384 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:43:36.0735 1384 volmgr - ok
10:43:36.0764 1384 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:43:36.0797 1384 volmgrx - ok
10:43:36.0814 1384 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:43:36.0843 1384 volsnap - ok
10:43:36.0884 1384 Vsdatant (6983d0bcac64c2d7460c2125f804f118) C:\Windows\system32\DRIVERS\vsdatant.sys
10:43:36.0915 1384 Vsdatant - ok
10:43:36.0920 1384 vsdatant7 - ok
10:43:36.0964 1384 vsmon - ok
10:43:37.0017 1384 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:43:37.0045 1384 vsmraid - ok
10:43:37.0112 1384 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:43:37.0198 1384 VSS - ok
10:43:37.0287 1384 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
10:43:37.0345 1384 vToolbarUpdater11.0.2 - ok
10:43:37.0455 1384 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:43:37.0491 1384 W32Time - ok
10:43:37.0532 1384 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:43:37.0592 1384 WacomPen - ok
10:43:37.0605 1384 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:43:37.0652 1384 Wanarp - ok
10:43:37.0655 1384 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:43:37.0686 1384 Wanarpv6 - ok
10:43:37.0716 1384 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:43:37.0760 1384 wcncsvc - ok
10:43:37.0782 1384 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:43:37.0823 1384 WcsPlugInService - ok
10:43:37.0835 1384 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:43:37.0858 1384 Wd - ok
10:43:37.0894 1384 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:43:37.0933 1384 Wdf01000 - ok
10:43:37.0968 1384 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:43:38.0011 1384 WdiServiceHost - ok
10:43:38.0016 1384 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:43:38.0053 1384 WdiSystemHost - ok
10:43:38.0081 1384 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:43:38.0108 1384 WebClient - ok
10:43:38.0120 1384 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
10:43:38.0166 1384 Wecsvc - ok
10:43:38.0175 1384 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:43:38.0219 1384 wercplsupport - ok
10:43:38.0239 1384 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:43:38.0271 1384 WerSvc - ok
10:43:38.0325 1384 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:43:38.0353 1384 WinDefend - ok
10:43:38.0364 1384 WinHttpAutoProxySvc - ok
10:43:38.0412 1384 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:43:38.0441 1384 Winmgmt - ok
10:43:38.0491 1384 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
10:43:38.0541 1384 WinRM - ok
10:43:38.0587 1384 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:43:38.0638 1384 Wlansvc - ok
10:43:38.0678 1384 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:43:38.0693 1384 wlcrasvc - ok
10:43:38.0812 1384 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:43:38.0889 1384 wlidsvc - ok
10:43:38.0982 1384 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:43:39.0046 1384 WmiAcpi - ok
10:43:39.0089 1384 WmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:43:39.0133 1384 WmiApSrv - ok
10:43:39.0237 1384 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:43:39.0300 1384 WMPNetworkSvc - ok
10:43:39.0318 1384 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:43:39.0368 1384 WPCSvc - ok
10:43:39.0380 1384 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:43:39.0423 1384 WPDBusEnum - ok
10:43:39.0527 1384 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:43:39.0570 1384 WPFFontCache_v0400 - ok
10:43:39.0598 1384 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:43:39.0643 1384 ws2ifsl - ok
10:43:39.0666 1384 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:43:39.0695 1384 wscsvc - ok
10:43:39.0700 1384 WSearch - ok
10:43:39.0820 1384 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
10:43:39.0902 1384 wuauserv - ok
10:43:39.0973 1384 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:43:40.0038 1384 wudfsvc - ok
10:43:40.0056 1384 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:43:40.0366 1384 \Device\Harddisk0\DR0 - ok
10:43:40.0370 1384 Boot (0x1200) (1564506fc0713d153b896ad06c0f6c1f) \Device\Harddisk0\DR0\Partition0
10:43:40.0371 1384 \Device\Harddisk0\DR0\Partition0 - ok
10:43:40.0372 1384 ============================================================
10:43:40.0372 1384 Scan finished
10:43:40.0372 1384 ============================================================
10:43:40.0390 2568 Detected object count: 10
10:43:40.0390 2568 Actual detected object count: 10
10:45:00.0676 2568 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0676 2568 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0680 2568 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0680 2568 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0683 2568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0683 2568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0685 2568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0685 2568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0687 2568 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0687 2568 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0690 2568 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0690 2568 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0693 2568 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0693 2568 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0696 2568 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0696 2568 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0698 2568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0698 2568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:00.0700 2568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:45:00.0700 2568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:45:43.0663 3304 ============================================================
10:45:43.0663 3304 Scan started
10:45:43.0663 3304 Mode: Manual; SigCheck;
10:45:43.0663 3304 ============================================================
10:45:44.0042 3304 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:45:44.0070 3304 !SASCORE - ok
10:45:44.0141 3304 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:45:44.0163 3304 ACPI - ok
10:45:44.0206 3304 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
10:45:44.0222 3304 AdobeActiveFileMonitor6.0 - ok
10:45:44.0258 3304 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:45:44.0273 3304 AdobeARMservice - ok
10:45:44.0319 3304 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:45:44.0337 3304 AdobeFlashPlayerUpdateSvc - ok
10:45:44.0376 3304 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
10:45:44.0400 3304 adp94xx - ok
10:45:44.0452 3304 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
10:45:44.0471 3304 adpahci - ok
10:45:44.0495 3304 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
10:45:44.0512 3304 adpu160m - ok
10:45:44.0528 3304 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
10:45:44.0545 3304 adpu320 - ok
10:45:44.0623 3304 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
10:45:44.0654 3304 AdvancedSystemCareService5 - ok
10:45:44.0687 3304 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:45:44.0717 3304 AeLookupSvc - ok
10:45:44.0743 3304 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
10:45:44.0774 3304 AFD - ok
10:45:44.0785 3304 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
10:45:44.0801 3304 agp440 - ok
10:45:44.0811 3304 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:45:44.0828 3304 aic78xx - ok
10:45:44.0844 3304 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:45:44.0876 3304 ALG - ok
10:45:44.0893 3304 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
10:45:44.0909 3304 aliide - ok
10:45:44.0935 3304 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
10:45:44.0951 3304 amdagp - ok
10:45:44.0981 3304 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
10:45:44.0996 3304 amdide - ok
10:45:45.0016 3304 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
10:45:45.0048 3304 AmdK7 - ok
10:45:45.0067 3304 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
10:45:45.0100 3304 AmdK8 - ok
10:45:45.0139 3304 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:45:45.0154 3304 AntiVirSchedulerService - ok
10:45:45.0178 3304 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:45:45.0194 3304 AntiVirService - ok
10:45:45.0218 3304 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:45:45.0242 3304 Appinfo - ok
10:45:45.0274 3304 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
10:45:45.0291 3304 arc - ok
10:45:45.0303 3304 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
10:45:45.0320 3304 arcsas - ok
10:45:45.0382 3304 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:45:45.0398 3304 aspnet_state - ok
10:45:45.0412 3304 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:45:45.0445 3304 AsyncMac - ok
10:45:45.0475 3304 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:45:45.0492 3304 atapi - ok
10:45:45.0520 3304 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:45:45.0555 3304 AudioEndpointBuilder - ok
10:45:45.0560 3304 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:45:45.0591 3304 Audiosrv - ok
10:45:45.0610 3304 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
10:45:45.0625 3304 avgntflt - ok
10:45:45.0648 3304 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
10:45:45.0663 3304 avipbb - ok
10:45:45.0675 3304 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
10:45:45.0690 3304 avkmgr - ok
10:45:45.0701 3304 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:45:45.0734 3304 Beep - ok
10:45:45.0764 3304 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:45:45.0799 3304 BFE - ok
10:45:45.0856 3304 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
10:45:45.0902 3304 BITS - ok
10:45:45.0934 3304 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
10:45:45.0976 3304 blbdrive - ok
10:45:46.0042 3304 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
10:45:46.0062 3304 Bonjour Service - ok
10:45:46.0088 3304 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
10:45:46.0121 3304 bowser - ok
10:45:46.0131 3304 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:45:46.0160 3304 BrFiltLo - ok
10:45:46.0171 3304 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:45:46.0199 3304 BrFiltUp - ok
10:45:46.0218 3304 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:45:46.0253 3304 Browser - ok
10:45:46.0267 3304 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:45:46.0316 3304 Brserid - ok
10:45:46.0325 3304 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:45:46.0375 3304 BrSerWdm - ok
10:45:46.0385 3304 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:45:46.0434 3304 BrUsbMdm - ok
10:45:46.0450 3304 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:45:46.0499 3304 BrUsbSer - ok
10:45:46.0514 3304 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:45:46.0563 3304 BTHMODEM - ok
10:45:46.0572 3304 catchme - ok
10:45:46.0590 3304 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:45:46.0626 3304 cdfs - ok
10:45:46.0648 3304 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:45:46.0678 3304 cdrom - ok
10:45:46.0702 3304 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:45:46.0730 3304 CertPropSvc - ok
10:45:46.0748 3304 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
10:45:46.0781 3304 circlass - ok
10:45:46.0808 3304 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:45:46.0828 3304 CLFS - ok
10:45:46.0875 3304 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:45:46.0892 3304 clr_optimization_v2.0.50727_32 - ok
10:45:46.0943 3304 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:45:46.0969 3304 clr_optimization_v4.0.30319_32 - ok
10:45:46.0998 3304 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
10:45:47.0013 3304 cmdide - ok
10:45:47.0023 3304 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
10:45:47.0038 3304 Compbatt - ok
10:45:47.0043 3304 COMSysApp - ok
10:45:47.0050 3304 cpuz134 - ok
10:45:47.0076 3304 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
10:45:47.0091 3304 crcdisk - ok
10:45:47.0105 3304 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
10:45:47.0139 3304 Crusoe - ok
10:45:47.0171 3304 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
10:45:47.0200 3304 CryptSvc - ok
10:45:47.0264 3304 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:45:47.0320 3304 DcomLaunch - ok
10:45:47.0340 3304 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
10:45:47.0369 3304 DfsC - ok
10:45:47.0486 3304 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:45:47.0581 3304 DFSR - ok
10:45:47.0667 3304 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:45:47.0699 3304 Dhcp - ok
10:45:47.0726 3304 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:45:47.0744 3304 disk - ok
10:45:47.0768 3304 Dnscache (30a08728740e71947ae1e073b5ce69b4) C:\Windows\System32\dnsrslvr.dll
10:45:47.0800 3304 Dnscache - ok
10:45:47.0825 3304 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:45:47.0855 3304 dot3svc - ok
10:45:47.0877 3304 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
10:45:47.0911 3304 Dot4 - ok
10:45:47.0922 3304 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:45:47.0957 3304 Dot4Print - ok
10:45:47.0981 3304 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
10:45:48.0013 3304 dot4usb - ok
10:45:48.0026 3304 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:45:48.0062 3304 DPS - ok
10:45:48.0080 3304 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:45:48.0110 3304 drmkaud - ok
10:45:48.0153 3304 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
10:45:48.0227 3304 DXGKrnl - ok
10:45:48.0245 3304 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:45:48.0281 3304 E1G60 - ok
10:45:48.0292 3304 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:45:48.0322 3304 EapHost - ok
10:45:48.0349 3304 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:45:48.0368 3304 Ecache - ok
10:45:48.0401 3304 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
10:45:48.0427 3304 ehRecvr - ok
10:45:48.0449 3304 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
10:45:48.0471 3304 ehSched - ok
10:45:48.0480 3304 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
10:45:48.0501 3304 ehstart - ok
10:45:48.0533 3304 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
10:45:48.0565 3304 elxstor - ok
10:45:48.0609 3304 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:45:48.0666 3304 EMDMgmt - ok
10:45:48.0671 3304 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
10:45:48.0706 3304 ErrDev - ok
10:45:48.0759 3304 ETService (23112102bc2a8fe44b8ac44a05bdf4c3) C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
10:45:48.0771 3304 ETService ( UnsignedFile.Multi.Generic ) - warning
10:45:48.0771 3304 ETService - detected UnsignedFile.Multi.Generic (1)
10:45:48.0801 3304 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:45:48.0837 3304 EventSystem - ok
10:45:48.0856 3304 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:45:48.0909 3304 exfat - ok
10:45:48.0939 3304 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
10:45:48.0953 3304 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
10:45:48.0954 3304 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
10:45:48.0999 3304 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:45:49.0028 3304 fastfat - ok
10:45:49.0039 3304 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
10:45:49.0075 3304 fdc - ok
10:45:49.0088 3304 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:45:49.0126 3304 fdPHost - ok
10:45:49.0132 3304 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:45:49.0183 3304 FDResPub - ok
10:45:49.0201 3304 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:45:49.0218 3304 FileInfo - ok
10:45:49.0228 3304 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:45:49.0262 3304 Filetrace - ok
10:45:49.0319 3304 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:45:49.0342 3304 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:45:49.0342 3304 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:45:49.0358 3304 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:45:49.0391 3304 flpydisk - ok
10:45:49.0416 3304 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:45:49.0435 3304 FltMgr - ok
10:45:49.0512 3304 FontCache (d49705f25390265cad9b620f55ea968c) C:\Windows\system32\FntCache.dll
10:45:49.0546 3304 FontCache - ok
10:45:49.0616 3304 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:45:49.0640 3304 FontCache3.0.0.0 - ok
10:45:49.0666 3304 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
10:45:49.0681 3304 fssfltr - ok
10:45:49.0796 3304 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:45:49.0899 3304 fsssvc - ok
10:45:50.0008 3304 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:45:50.0036 3304 Fs_Rec - ok
10:45:50.0060 3304 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
10:45:50.0076 3304 gagp30kx - ok
10:45:50.0108 3304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:45:50.0121 3304 GEARAspiWDM - ok
10:45:50.0178 3304 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:45:50.0192 3304 GoogleDesktopManager-051210-111108 - ok
10:45:50.0196 3304 GoogleDesktopManager-110309-193829 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
10:45:50.0210 3304 GoogleDesktopManager-110309-193829 - ok
10:45:50.0235 3304 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
10:45:50.0249 3304 GoToAssist - ok
10:45:50.0297 3304 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:45:50.0334 3304 gpsvc - ok
10:45:50.0367 3304 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:45:50.0392 3304 gupdate - ok
10:45:50.0396 3304 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:45:50.0413 3304 gupdatem - ok
10:45:50.0442 3304 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:45:50.0457 3304 gusvc - ok
10:45:50.0499 3304 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
10:45:50.0531 3304 HdAudAddService - ok
10:45:50.0576 3304 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:45:50.0616 3304 HDAudBus - ok
10:45:50.0641 3304 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:45:50.0691 3304 HidBth - ok
10:45:50.0700 3304 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:45:50.0749 3304 HidIr - ok
10:45:50.0763 3304 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:45:50.0786 3304 hidserv - ok
10:45:50.0803 3304 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:45:50.0831 3304 HidUsb - ok
10:45:50.0848 3304 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:45:50.0883 3304 hkmsvc - ok
10:45:50.0895 3304 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
10:45:50.0910 3304 HpCISSs - ok
10:45:50.0977 3304 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:45:50.0990 3304 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:45:50.0990 3304 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:45:51.0024 3304 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:45:51.0037 3304 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:45:51.0037 3304 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:45:51.0085 3304 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
10:45:51.0113 3304 HTTP - ok
10:45:51.0132 3304 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
10:45:51.0148 3304 i2omp - ok
10:45:51.0160 3304 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:45:51.0189 3304 i8042prt - ok
10:45:51.0216 3304 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
10:45:51.0241 3304 iaStorV - ok
10:45:51.0323 3304 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:45:51.0364 3304 idsvc - ok
10:45:51.0383 3304 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:45:51.0399 3304 iirsp - ok
10:45:51.0441 3304 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:45:51.0508 3304 IKEEXT - ok
10:45:51.0534 3304 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
10:45:51.0548 3304 int15 - ok
10:45:51.0748 3304 IntcAzAudAddService (bfcd7edc663f513e7c4a0b9400e58c70) C:\Windows\system32\drivers\RTKVHDA.sys
10:45:52.0004 3304 IntcAzAudAddService - ok
10:45:52.0097 3304 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:45:52.0113 3304 intelide - ok
10:45:52.0141 3304 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:45:52.0174 3304 intelppm - ok
10:45:52.0209 3304 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:45:52.0243 3304 IPBusEnum - ok
10:45:52.0258 3304 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:45:52.0293 3304 IpFilterDriver - ok
10:45:52.0319 3304 iphlpsvc (7f83b06a929a981bc001b2ea304d2036) C:\Windows\System32\iphlpsvc.dll
10:45:52.0357 3304 iphlpsvc - ok
10:45:52.0362 3304 IpInIp - ok
10:45:52.0376 3304 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
10:45:52.0409 3304 IPMIDRV - ok
10:45:52.0438 3304 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:45:52.0474 3304 IPNAT - ok
10:45:52.0502 3304 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:45:52.0534 3304 IRENUM - ok
10:45:52.0547 3304 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
10:45:52.0564 3304 isapnp - ok
10:45:52.0594 3304 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:45:52.0621 3304 iScsiPrt - ok
10:45:52.0665 3304 ISWKL (ee8bed092a58a4faeb08dc140729189e) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
10:45:52.0679 3304 ISWKL - ok
10:45:52.0724 3304 IswSvc (aa7fd6a7532ef23fdcfc030195c148f9) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
10:45:52.0745 3304 IswSvc - ok
10:45:52.0760 3304 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:45:52.0776 3304 iteatapi - ok
10:45:52.0790 3304 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:45:52.0805 3304 iteraid - ok
10:45:52.0813 3304 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:45:52.0828 3304 kbdclass - ok
10:45:52.0852 3304 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
10:45:52.0884 3304 kbdhid - ok
10:45:52.0907 3304 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:45:52.0940 3304 KeyIso - ok
10:45:52.0977 3304 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
10:45:52.0993 3304 KL1 - ok
10:45:53.0008 3304 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
10:45:53.0021 3304 kl2 - ok
10:45:53.0054 3304 KLIF (46fa00bef951762919b66269371c22af) C:\Windows\system32\DRIVERS\klif.sys
10:45:53.0076 3304 KLIF - ok
10:45:53.0100 3304 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:45:53.0124 3304 KSecDD - ok
10:45:53.0306 3304 KService (0423bc118534ec23a063e54ebca9b92d) C:\Program Files\Kontiki\KService.exe
10:45:53.0392 3304 KService - ok
10:45:53.0484 3304 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:45:53.0559 3304 KtmRm - ok
10:45:53.0602 3304 LanmanServer (43446f197c74ef2030f84b3a4f39d570) C:\Windows\system32\srvsvc.dll
10:45:53.0642 3304 LanmanServer - ok
10:45:53.0668 3304 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:45:53.0717 3304 LanmanWorkstation - ok
10:45:53.0743 3304 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:45:53.0777 3304 lltdio - ok
10:45:53.0808 3304 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:45:53.0843 3304 lltdsvc - ok
10:45:53.0855 3304 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:45:53.0906 3304 lmhosts - ok
10:45:53.0941 3304 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
10:45:53.0959 3304 LSI_FC - ok
10:45:53.0976 3304 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
10:45:53.0994 3304 LSI_SAS - ok
10:45:54.0010 3304 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
10:45:54.0029 3304 LSI_SCSI - ok
10:45:54.0043 3304 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:45:54.0076 3304 luafv - ok
10:45:54.0100 3304 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
10:45:54.0116 3304 MBAMProtector - ok
10:45:54.0196 3304 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:45:54.0230 3304 MBAMService - ok
10:45:54.0286 3304 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
10:45:54.0305 3304 McciCMService ( UnsignedFile.Multi.Generic ) - warning
10:45:54.0305 3304 McciCMService - detected UnsignedFile.Multi.Generic (1)
10:45:54.0329 3304 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
10:45:54.0353 3304 Mcx2Svc - ok
10:45:54.0362 3304 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
10:45:54.0377 3304 megasas - ok
10:45:54.0409 3304 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
10:45:54.0458 3304 MegaSR - ok
10:45:54.0485 3304 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:45:54.0520 3304 MMCSS - ok
10:45:54.0539 3304 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:45:54.0572 3304 Modem - ok
10:45:54.0584 3304 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:45:54.0617 3304 monitor - ok
10:45:54.0636 3304 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:45:54.0651 3304 mouclass - ok
10:45:54.0663 3304 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:45:54.0696 3304 mouhid - ok
10:45:54.0715 3304 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:45:54.0730 3304 MountMgr - ok
10:45:54.0767 3304 MozillaMaintenance (166f0cbff55d16552161c154317287ca) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:45:54.0785 3304 MozillaMaintenance - ok
10:45:54.0803 3304 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
10:45:54.0822 3304 MpFilter - ok
10:45:54.0835 3304 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
10:45:54.0855 3304 mpio - ok
10:45:54.0866 3304 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:45:54.0896 3304 mpsdrv - ok
10:45:54.0940 3304 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:45:55.0019 3304 MpsSvc - ok
10:45:55.0036 3304 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:45:55.0051 3304 Mraid35x - ok
10:45:55.0091 3304 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:45:55.0102 3304 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
10:45:55.0102 3304 MREMP50 - detected UnsignedFile.Multi.Generic (1)
10:45:55.0107 3304 MREMPR5 - ok
10:45:55.0113 3304 MRENDIS5 - ok
10:45:55.0128 3304 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:45:55.0138 3304 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
10:45:55.0138 3304 MRESP50 - detected UnsignedFile.Multi.Generic (1)
10:45:55.0167 3304 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:45:55.0194 3304 MRxDAV - ok
10:45:55.0220 3304 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:45:55.0248 3304 mrxsmb - ok
10:45:55.0272 3304 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:45:55.0302 3304 mrxsmb10 - ok
10:45:55.0312 3304 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:45:55.0340 3304 mrxsmb20 - ok
10:45:55.0357 3304 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
10:45:55.0372 3304 msahci - ok
10:45:55.0393 3304 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
10:45:55.0413 3304 msdsm - ok
10:45:55.0447 3304 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:45:55.0484 3304 MSDTC - ok
10:45:55.0505 3304 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:45:55.0538 3304 Msfs - ok
10:45:55.0559 3304 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:45:55.0574 3304 msisadrv - ok
10:45:55.0600 3304 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:45:55.0634 3304 MSiSCSI - ok
10:45:55.0638 3304 msiserver - ok
10:45:55.0657 3304 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:45:55.0691 3304 MSKSSRV - ok
10:45:55.0721 3304 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:45:55.0737 3304 MsMpSvc - ok
10:45:55.0749 3304 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:45:55.0781 3304 MSPCLOCK - ok
10:45:55.0786 3304 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:45:55.0819 3304 MSPQM - ok
10:45:55.0844 3304 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:45:55.0863 3304 MsRPC - ok
10:45:55.0872 3304 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:45:55.0888 3304 mssmbios - ok
10:45:55.0893 3304 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:45:55.0929 3304 MSTEE - ok
10:45:55.0936 3304 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:45:55.0953 3304 Mup - ok
10:45:55.0991 3304 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:45:56.0051 3304 napagent - ok
10:45:56.0083 3304 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:45:56.0116 3304 NativeWifiP - ok
10:45:56.0150 3304 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:45:56.0190 3304 NDIS - ok
10:45:56.0202 3304 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:45:56.0230 3304 NdisTapi - ok
10:45:56.0245 3304 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:45:56.0278 3304 Ndisuio - ok
10:45:56.0297 3304 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:45:56.0326 3304 NdisWan - ok
10:45:56.0344 3304 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:45:56.0372 3304 NDProxy - ok
10:45:56.0394 3304 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
10:45:56.0406 3304 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:45:56.0406 3304 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:45:56.0426 3304 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:45:56.0459 3304 NetBIOS - ok
10:45:56.0478 3304 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:45:56.0508 3304 netbt - ok
10:45:56.0532 3304 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:45:56.0555 3304 Netlogon - ok
10:45:56.0599 3304 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:45:56.0639 3304 Netman - ok
10:45:56.0691 3304 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:45:56.0708 3304 NetMsmqActivator - ok
10:45:56.0712 3304 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:45:56.0729 3304 NetPipeActivator - ok
10:45:56.0756 3304 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:45:56.0806 3304 netprofm - ok
10:45:56.0810 3304 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:45:56.0826 3304 NetTcpActivator - ok
10:45:56.0831 3304 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:45:56.0847 3304 NetTcpPortSharing - ok
10:45:56.0875 3304 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:45:56.0891 3304 nfrd960 - ok
10:45:56.0912 3304 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:45:56.0928 3304 NisDrv - ok
10:45:56.0974 3304 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
10:45:57.0043 3304 NisSrv - ok
10:45:57.0061 3304 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:45:57.0120 3304 NlaSvc - ok
10:45:57.0137 3304 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:45:57.0166 3304 Npfs - ok
10:45:57.0181 3304 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:45:57.0215 3304 nsi - ok
10:45:57.0223 3304 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:45:57.0256 3304 nsiproxy - ok
10:45:57.0337 3304 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:45:57.0373 3304 Ntfs - ok
10:45:57.0402 3304 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:45:57.0452 3304 ntrigdigi - ok
10:45:57.0476 3304 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:45:57.0508 3304 Null - ok
10:45:57.0537 3304 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
10:45:57.0554 3304 NVHDA - ok
10:45:58.0107 3304 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:45:58.0395 3304 nvlddmkm - ok
10:45:58.0479 3304 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
10:45:58.0501 3304 nvraid - ok
10:45:58.0530 3304 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
10:45:58.0548 3304 nvstor - ok
10:45:58.0574 3304 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
10:45:58.0600 3304 nvstor32 - ok
10:45:58.0649 3304 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
10:45:58.0695 3304 nvsvc - ok
10:45:58.0864 3304 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:45:58.0977 3304 nvUpdatusService - ok
10:45:59.0117 3304 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
10:45:59.0138 3304 nv_agp - ok
10:45:59.0144 3304 NwlnkFlt - ok
10:45:59.0152 3304 NwlnkFwd - ok
10:45:59.0184 3304 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:45:59.0240 3304 ohci1394 - ok
10:45:59.0279 3304 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:45:59.0306 3304 ose - ok
10:45:59.0576 3304 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:45:59.0794 3304 osppsvc - ok
10:45:59.0943 3304 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:46:00.0026 3304 p2pimsvc - ok
10:46:00.0035 3304 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:46:00.0072 3304 p2psvc - ok
10:46:00.0102 3304 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:46:00.0160 3304 Parport - ok
10:46:00.0180 3304 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
10:46:00.0194 3304 Partizan - ok
10:46:00.0213 3304 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:46:00.0230 3304 partmgr - ok
10:46:00.0245 3304 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:46:00.0293 3304 Parvdm - ok
10:46:00.0311 3304 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:46:00.0335 3304 PcaSvc - ok
10:46:00.0352 3304 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:46:00.0370 3304 pci - ok
10:46:00.0379 3304 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
10:46:00.0395 3304 pciide - ok
10:46:00.0425 3304 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:46:00.0452 3304 pcmcia - ok
10:46:00.0521 3304 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:46:00.0585 3304 PEAUTH - ok
10:46:00.0684 3304 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:46:00.0764 3304 pla - ok
10:46:00.0871 3304 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:46:00.0924 3304 PlugPlay - ok
10:46:00.0969 3304 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
10:46:00.0980 3304 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:46:00.0980 3304 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:46:01.0050 3304 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:46:01.0083 3304 PNRPAutoReg - ok
10:46:01.0092 3304 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:46:01.0124 3304 PNRPsvc - ok
10:46:01.0156 3304 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:46:01.0190 3304 PolicyAgent - ok
10:46:01.0227 3304 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:46:01.0259 3304 PptpMiniport - ok
10:46:01.0288 3304 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
10:46:01.0321 3304 Processor - ok
10:46:01.0340 3304 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:46:01.0373 3304 ProfSvc - ok
10:46:01.0399 3304 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:46:01.0422 3304 ProtectedStorage - ok
10:46:01.0449 3304 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:46:01.0476 3304 PSched - ok
10:46:01.0483 3304 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
10:46:01.0498 3304 PxHelp20 - ok
10:46:01.0566 3304 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
10:46:01.0637 3304 ql2300 - ok
10:46:01.0656 3304 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:46:01.0675 3304 ql40xx - ok
10:46:01.0705 3304 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:46:01.0732 3304 QWAVE - ok
10:46:01.0748 3304 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:46:01.0770 3304 QWAVEdrv - ok
10:46:01.0783 3304 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:46:01.0815 3304 RasAcd - ok
10:46:01.0835 3304 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:46:01.0869 3304 RasAuto - ok
10:46:01.0884 3304 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:01.0917 3304 Rasl2tp - ok
10:46:01.0945 3304 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:46:01.0981 3304 RasMan - ok
10:46:02.0002 3304 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:02.0031 3304 RasPppoe - ok
10:46:02.0047 3304 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:46:02.0069 3304 RasSstp - ok
10:46:02.0105 3304 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:46:02.0134 3304 rdbss - ok
10:46:02.0144 3304 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:02.0176 3304 RDPCDD - ok
10:46:02.0203 3304 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
10:46:02.0260 3304 rdpdr - ok
10:46:02.0265 3304 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:46:02.0299 3304 RDPENCDD - ok
10:46:02.0327 3304 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
10:46:02.0351 3304 RDPWD - ok
10:46:02.0369 3304 RegGuard (37ecebdd930395a9c399fb18a3c236d3) C:\Windows\system32\Drivers\regguard.sys
10:46:02.0383 3304 RegGuard - ok
10:46:02.0402 3304 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:46:02.0437 3304 RemoteAccess - ok
10:46:02.0460 3304 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:46:02.0490 3304 RemoteRegistry - ok
10:46:02.0503 3304 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:46:02.0526 3304 RpcLocator - ok
10:46:02.0631 3304 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:46:02.0673 3304 RpcSs - ok
10:46:02.0696 3304 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:46:02.0728 3304 rspndr - ok
10:46:02.0771 3304 RTL8169 (06992132cf20c3c1cba3f072c4086de8) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:46:02.0789 3304 RTL8169 - ok
10:46:02.0807 3304 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
10:46:02.0830 3304 SamSs - ok
10:46:02.0867 3304 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:46:02.0881 3304 SASDIFSV - ok
10:46:02.0891 3304 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:46:02.0907 3304 SASKUTIL - ok
10:46:02.0923 3304 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:46:02.0941 3304 sbp2port - ok
10:46:03.0053 3304 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
10:46:03.0106 3304 SBSDWSCService - ok
10:46:03.0129 3304 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:46:03.0159 3304 SCardSvr - ok
10:46:03.0201 3304 Schedule (323ae0bdfd2eb15b668dda50cc597329) C:\Windows\system32\schedsvc.dll
10:46:03.0241 3304 Schedule - ok
10:46:03.0268 3304 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:46:03.0296 3304 SCPolicySvc - ok
10:46:03.0313 3304 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:46:03.0338 3304 SDRSVC - ok
10:46:03.0364 3304 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:46:03.0413 3304 secdrv - ok
10:46:03.0445 3304 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:46:03.0479 3304 seclogon - ok
10:46:03.0496 3304 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:46:03.0531 3304 SENS - ok
10:46:03.0541 3304 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:46:03.0590 3304 Serenum - ok
10:46:03.0614 3304 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:46:03.0665 3304 Serial - ok
10:46:03.0676 3304 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:46:03.0709 3304 sermouse - ok
10:46:03.0785 3304 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:46:03.0833 3304 SessionEnv - ok
10:46:03.0847 3304 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
10:46:03.0875 3304 sffdisk - ok
10:46:03.0887 3304 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
10:46:03.0919 3304 sffp_mmc - ok
10:46:03.0936 3304 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
10:46:03.0968 3304 sffp_sd - ok
10:46:04.0002 3304 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:46:04.0050 3304 sfloppy - ok
10:46:04.0081 3304 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
10:46:04.0129 3304 SharedAccess - ok
10:46:04.0153 3304 ShellHWDetection (c818c44c201898399bf999bb6b35d4e3) C:\Windows\System32\shsvcs.dll
10:46:04.0187 3304 ShellHWDetection - ok
10:46:04.0198 3304 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
10:46:04.0215 3304 sisagp - ok
10:46:04.0229 3304 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
10:46:04.0245 3304 SiSRaid2 - ok
10:46:04.0257 3304 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
10:46:04.0274 3304 SiSRaid4 - ok
10:46:04.0474 3304 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:46:04.0595 3304 slsvc - ok
10:46:04.0676 3304 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:46:04.0709 3304 SLUINotify - ok
10:46:04.0747 3304 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
10:46:04.0761 3304 SmartDefragDriver - ok
10:46:04.0787 3304 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:46:04.0818 3304 Smb - ok
10:46:04.0848 3304 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:46:04.0872 3304 SNMPTRAP - ok
10:46:04.0887 3304 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:46:04.0904 3304 spldr - ok
10:46:04.0926 3304 Spooler (524bfbea40e6e404737ccbc754647a2e) C:\Windows\System32\spoolsv.exe
10:46:04.0960 3304 Spooler - ok
10:46:04.0985 3304 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
10:46:05.0014 3304 srv - ok
10:46:05.0040 3304 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
10:46:05.0063 3304 srv2 - ok
10:46:05.0087 3304 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
10:46:05.0115 3304 srvnet - ok
10:46:05.0126 3304 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:46:05.0163 3304 SSDPSRV - ok
10:46:05.0186 3304 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
10:46:05.0199 3304 ssmdrv - ok
10:46:05.0219 3304 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:46:05.0253 3304 SstpSvc - ok
10:46:05.0291 3304 Steam Client Service - ok
10:46:05.0310 3304 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
10:46:05.0338 3304 StillCam - ok
10:46:05.0381 3304 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:46:05.0413 3304 stisvc - ok
10:46:05.0429 3304 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:46:05.0445 3304 swenum - ok
10:46:05.0466 3304 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:46:05.0500 3304 swprv - ok
10:46:05.0529 3304 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:46:05.0544 3304 Symc8xx - ok
10:46:05.0578 3304 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:46:05.0593 3304 Sym_hi - ok
10:46:05.0609 3304 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:46:05.0624 3304 Sym_u3 - ok
10:46:05.0667 3304 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:46:05.0706 3304 SysMain - ok
10:46:05.0727 3304 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:46:05.0752 3304 TabletInputService - ok
10:46:05.0778 3304 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:46:05.0814 3304 TapiSrv - ok
10:46:05.0827 3304 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:46:05.0861 3304 TBS - ok
10:46:05.0943 3304 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys
10:46:05.0978 3304 Tcpip - ok
10:46:05.0990 3304 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys
10:46:06.0024 3304 Tcpip6 - ok
10:46:06.0059 3304 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys
10:46:06.0080 3304 tcpipreg - ok
10:46:06.0090 3304 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:46:06.0122 3304 TDPIPE - ok
10:46:06.0137 3304 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:46:06.0169 3304 TDTCP - ok
10:46:06.0193 3304 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:46:06.0222 3304 tdx - ok
10:46:06.0248 3304 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:46:06.0265 3304 TermDD - ok
10:46:06.0314 3304 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:46:06.0365 3304 TermService - ok
10:46:06.0390 3304 Themes (c818c44c201898399bf999bb6b35d4e3) C:\Windows\system32\shsvcs.dll
10:46:06.0422 3304 Themes - ok
10:46:06.0460 3304 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:46:06.0494 3304 THREADORDER - ok
10:46:06.0528 3304 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:46:06.0568 3304 TrkWks - ok
10:46:06.0611 3304 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:46:06.0639 3304 TrustedInstaller - ok
10:46:06.0653 3304 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:06.0685 3304 tssecsrv - ok
10:46:06.0698 3304 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:46:06.0721 3304 tunmp - ok
10:46:06.0727 3304 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
10:46:06.0756 3304 tunnel - ok
10:46:06.0775 3304 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
10:46:06.0791 3304 uagp35 - ok
10:46:06.0811 3304 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:46:06.0847 3304 udfs - ok
10:46:06.0865 3304 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:46:06.0900 3304 UI0Detect - ok
10:46:06.0917 3304 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
10:46:06.0934 3304 uliagpkx - ok
10:46:06.0980 3304 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
10:46:07.0014 3304 uliahci - ok
10:46:07.0029 3304 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:46:07.0048 3304 UlSata - ok
10:46:07.0061 3304 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:46:07.0080 3304 ulsata2 - ok
10:46:07.0090 3304 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:46:07.0123 3304 umbus - ok
10:46:07.0144 3304 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:46:07.0184 3304 upnphost - ok
10:46:07.0198 3304 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:07.0227 3304 usbccgp - ok
10:46:07.0242 3304 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:46:07.0292 3304 usbcir - ok
10:46:07.0312 3304 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:46:07.0340 3304 usbehci - ok
10:46:07.0367 3304 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:46:07.0396 3304 usbhub - ok
10:46:07.0403 3304 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
10:46:07.0434 3304 usbohci - ok
10:46:07.0459 3304 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:46:07.0492 3304 usbprint - ok
10:46:07.0512 3304 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:46:07.0539 3304 usbscan - ok
10:46:07.0547 3304 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:46:07.0575 3304 USBSTOR - ok
10:46:07.0584 3304 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:46:07.0612 3304 usbuhci - ok
10:46:07.0629 3304 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:46:07.0658 3304 UxSms - ok
10:46:07.0685 3304 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:46:07.0720 3304 vds - ok
10:46:07.0734 3304 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:07.0766 3304 vga - ok
10:46:07.0781 3304 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:46:07.0813 3304 VgaSave - ok
10:46:07.0827 3304 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
10:46:07.0843 3304 viaagp - ok
10:46:07.0852 3304 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
10:46:07.0885 3304 ViaC7 - ok
10:46:07.0891 3304 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
10:46:07.0907 3304 viaide - ok
10:46:07.0919 3304 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:46:07.0935 3304 volmgr - ok
10:46:07.0979 3304 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:46:07.0999 3304 volmgrx - ok
10:46:08.0014 3304 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:46:08.0033 3304 volsnap - ok
10:46:08.0072 3304 Vsdatant (6983d0bcac64c2d7460c2125f804f118) C:\Windows\system32\DRIVERS\vsdatant.sys
10:46:08.0094 3304 Vsdatant - ok
10:46:08.0100 3304 vsdatant7 - ok
10:46:08.0138 3304 vsmon - ok
10:46:08.0157 3304 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
10:46:08.0176 3304 vsmraid - ok
10:46:08.0244 3304 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:46:08.0290 3304 VSS - ok
10:46:08.0386 3304 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
10:46:08.0418 3304 vToolbarUpdater11.0.2 - ok
10:46:08.0504 3304 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:46:08.0538 3304 W32Time - ok
10:46:08.0563 3304 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:46:08.0612 3304 WacomPen - ok
10:46:08.0629 3304 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:46:08.0657 3304 Wanarp - ok
10:46:08.0661 3304 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:46:08.0690 3304 Wanarpv6 - ok
10:46:08.0730 3304 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:46:08.0761 3304 wcncsvc - ok
10:46:08.0789 3304 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:46:08.0821 3304 WcsPlugInService - ok
10:46:08.0842 3304 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
10:46:08.0857 3304 Wd - ok
10:46:08.0892 3304 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:46:08.0917 3304 Wdf01000 - ok
10:46:08.0947 3304 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:46:08.0983 3304 WdiServiceHost - ok
10:46:08.0987 3304 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:46:09.0022 3304 WdiSystemHost - ok
10:46:09.0036 3304 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:46:09.0064 3304 WebClient - ok
10:46:09.0076 3304 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
10:46:09.0111 3304 Wecsvc - ok
10:46:09.0119 3304 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:46:09.0150 3304 wercplsupport - ok
10:46:09.0163 3304 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:46:09.0195 3304 WerSvc - ok
10:46:09.0249 3304 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
10:46:09.0268 3304 WinDefend - ok
10:46:09.0278 3304 WinHttpAutoProxySvc - ok
10:46:09.0318 3304 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:46:09.0357 3304 Winmgmt - ok
10:46:09.0406 3304 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
10:46:09.0448 3304 WinRM - ok
10:46:09.0494 3304 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:46:09.0524 3304 Wlansvc - ok
10:46:09.0552 3304 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:46:09.0566 3304 wlcrasvc - ok
10:46:09.0685 3304 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:46:09.0771 3304 wlidsvc - ok
10:46:09.0872 3304 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:46:09.0900 3304 WmiAcpi - ok
10:46:09.0943 3304 WmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:46:09.0971 3304 WmiApSrv - ok
10:46:10.0046 3304 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:46:10.0092 3304 WMPNetworkSvc - ok
10:46:10.0107 3304 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:46:10.0131 3304 WPCSvc - ok
10:46:10.0154 3304 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:46:10.0179 3304 WPDBusEnum - ok
10:46:10.0267 3304 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:46:10.0295 3304 WPFFontCache_v0400 - ok
10:46:10.0315 3304 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:46:10.0348 3304 ws2ifsl - ok
10:46:10.0373 3304 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:46:10.0401 3304 wscsvc - ok
10:46:10.0406 3304 WSearch - ok
10:46:10.0539 3304 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
10:46:10.0625 3304 wuauserv - ok
10:46:10.0696 3304 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:46:10.0733 3304 wudfsvc - ok
10:46:10.0754 3304 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:46:11.0066 3304 \Device\Harddisk0\DR0 - ok
10:46:11.0070 3304 Boot (0x1200) (1564506fc0713d153b896ad06c0f6c1f) \Device\Harddisk0\DR0\Partition0
10:46:11.0071 3304 \Device\Harddisk0\DR0\Partition0 - ok
10:46:11.0073 3304 ============================================================
10:46:11.0073 3304 Scan finished
10:46:11.0073 3304 ============================================================
10:46:11.0086 1180 Detected object count: 10
10:46:11.0086 1180 Actual detected object count: 10
10:48:35.0894 1180 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0894 1180 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0896 1180 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0896 1180 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0898 1180 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0898 1180 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0902 1180 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0902 1180 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0905 1180 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0905 1180 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0907 1180 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0907 1180 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0910 1180 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0910 1180 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0912 1180 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0912 1180 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0915 1180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0916 1180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:48:35.0918 1180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:48:35.0918 1180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:50:51.0332 5836 Deinitialize success

swMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-06 11:40:52
-----------------------------
11:40:52.092 OS Version: Windows 6.0.6002 Service Pack 2
11:40:52.092 Number of processors: 4 586 0x1707
11:40:52.093 ComputerName: EAMONNS UserName: currys
11:41:25.580 Initialize success
11:41:50.098 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
11:41:50.100 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
11:41:50.115 Disk 0 MBR read successfully
11:41:50.117 Disk 0 MBR scan
11:41:50.120 Disk 0 Windows VISTA default MBR code
11:41:50.130 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
11:41:50.137 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 600238 MB offset 20973568
11:41:50.142 Disk 0 scanning sectors +1250261680
11:41:50.204 Disk 0 scanning C:\Windows\system32\drivers
11:41:57.639 Service scanning
11:42:01.930 Service MpKsl87d25911 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\MpKsl87d25911.sys **LOCKED** 32
11:42:08.215 Modules scanning
11:42:11.228 Disk 0 trace - called modules:
11:42:11.247 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
11:42:11.252 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87524968]
11:42:11.257 3 CLASSPNP.SYS[8bdb58b3] -> nt!IofCallDriver -> [0x857d96e0]
11:42:11.261 5 acpi.sys[83a986bc] -> nt!IofCallDriver -> \Device\0000005e[0x857d9c90]
11:42:11.266 Scan finished successfully
11:42:54.736 Disk 0 MBR has been saved successfully to "C:\Users\currys\Desktop\MBR.dat"
11:42:54.748 The log file has been saved successfully to "C:\Users\currys\Desktop\aswMBR.txt"

**eddie5659** · 08-Jul-2012, 02:32 PM #7

Okay, can you firstly uninstall this via AddRemove Programs:

Advanced SystemCare 5

Then, can you run the following tools:

Download RogueKiller to your desktop

Quit all running programs
For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
Wait until the Pre-scan has finished.
Click on Scan
If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Click on Report and copy/paste the contents here.

-------------

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Select All Users

Please copy the text in the code box below and paste it in the Custom Scans/Fixes box in OTL:

Code:

netsvcs
activex
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%windir%\Installer\*.*
%windir%\system32\tasks\*.*
%systemroot%\Fonts\*.exe
%systemroot%\*. /mp /s
/md5start
consrv.dll
explorer.exe
winlogon.exe
regedit.exe
Userinit.exe
svchost.exe
MRESP50.SYS
CBPSp50.sys
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

eddie

baffledUK · 09-Jul-2012, 01:33 PM #8

Hi Eddie I've done what you suggested! Except Oldtimergeekstogo are investigating their database back 7/9/2012

RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files...3-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: currys [Admin rights]
Mode: Scan -- Date: 07/08/2012 23:20:43

¤¤¤ Bad processes: 1 ¤¤¤
[SUSP PATH] system32CmdLineExt.dll -- C:\Windows\system32CmdLineExt.dll -> UNLOADED

¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤
SSDT[289] : NtSetContextThread @ 0x82CA5253 -> HOOKED (Unknown @ 0x8CD5FE03)
SSDT[314] : NtSetSecurityObject @ 0x82BD2FE4 -> HOOKED (Unknown @ 0x8CD5FE0D)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD64 00AAKS-22A7B SCSI Disk Device +++++
--- User ---
[MBR] cb937bfbef932355cd34b6cb6f4027a9
[BSP] 8484c7ec0314f855e9c1602adbcfff5f : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 600238 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1: HP Photosmart C4400 USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1].txt

all the best

**eddie5659** · 09-Jul-2012, 03:02 PM #9

Looks like it'll be back online today sometime, I'll wait until then, as OTL is a very good tool to help us with infections

baffledUK · 10-Jul-2012, 02:41 PM **#10**

OTL logfile created on: 10/07/2012 18:55:16 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\currys\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 65.67% Memory free
6.22 Gb Paging File | 4.54 Gb Available in Paging File | 72.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 586.17 Gb Total Space | 420.59 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

Computer Name: EAMONNS | User Name: currys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/10 18:50:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\currys\Downloads\OTL.exe
PRC - [2012/06/26 18:33:03 | 003,906,432 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/05/07 01:27:06 | 000,932,736 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
PRC - [2012/05/03 15:10:02 | 002,446,872 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012/05/03 15:07:06 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012/04/30 20:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2012/04/30 20:04:28 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/02/29 21:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/02/29 21:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/30 19:04:54 | 000,142,848 | ---- | M] () -- C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
PRC - [2011/08/26 13:56:04 | 000,685,912 | ---- | M] (IObit) -- C:\Program Files\IObit\Game Booster\gbtray.exe
PRC - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/07 16:26:28 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
PRC - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

========== Modules (No Company Name) ==========

MOD - [2012/07/10 18:36:21 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/07/10 18:36:20 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/07/04 11:19:20 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/07/04 11:19:20 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/09/30 19:04:54 | 000,142,848 | ---- | M] () -- C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
MOD - [2011/08/26 13:56:08 | 000,516,440 | ---- | M] () -- C:\Program Files\IObit\Game Booster\sqlite3.dll
MOD - [2011/02/22 16:01:26 | 000,345,088 | ---- | M] () -- C:\Program Files\IObit\Game Booster\madexcept_.bpl
MOD - [2011/02/22 16:01:26 | 000,177,152 | ---- | M] () -- C:\Program Files\IObit\Game Booster\madbasic_.bpl
MOD - [2011/02/22 16:01:26 | 000,044,544 | ---- | M] () -- C:\Program Files\IObit\Game Booster\maddisAsm_.bpl

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (WMService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - File not found [Auto | Stopped] -- -- (PLFlash DeviceIoControl Service)
SRV - File not found [On_Demand | Stopped] -- -- (odserv)
SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 3)
SRV - File not found [On_Demand | Stopped] -- -- (iPod Service)
SRV - File not found [Auto | Stopped] -- -- (IBUpdaterService)
SRV - File not found [Auto | Stopped] -- -- (Apple Mobile Device)
SRV - [2012/06/23 13:46:11 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/16 23:09:21 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/10 11:03:17 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/10 09:55:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/10 09:55:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/07 01:27:06 | 000,932,736 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- (vToolbarUpdater11.0.2)
SRV - [2012/05/03 15:10:02 | 002,446,872 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/04/30 20:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/03/01 00:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010/12/10 13:47:24 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2009/04/11 07:28:25 | 000,375,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/01/02 13:05:42 | 003,098,152 | ---- | M] (Kontiki Inc.) [Auto | Stopped] -- C:\Program Files\Kontiki\KService.exe -- (KService)
SRV - [2008/08/21 22:08:35 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/07/16 15:00:00 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (vsdatant7)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (cpuz134)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\currys\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/06/23 12:42:47 | 000,024,416 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\regguard.sys -- (RegGuard)
DRV - [2012/06/23 11:35:37 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
DRV - [2012/05/10 09:55:44 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/10 09:55:44 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/30 20:05:40 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/03/01 00:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/01/17 13:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012/01/09 19:59:32 | 000,468,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2012/01/09 19:59:30 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
DRV - [2012/01/09 19:59:30 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2011/12/09 13:40:53 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/05/26 16:03:56 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2011/05/26 16:03:50 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2011/05/07 18:51:26 | 000,451,160 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2011/02/23 17:52:34 | 000,016,184 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/10/25 19:04:46 | 000,303,720 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/09 03:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/07/16 14:56:06 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.goonsearch.com/web.html?source=IBR-IB-PDP-INS-DBS&q={searchTerms}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer: source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2645238
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENUS/110
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=EIE9HP&PC=UP50
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C 08 D2 6F 60 88 CC 01 [binary data]
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101067&mntrId=50b4fa92000000000000002197a1 3750
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{12E234A8-7EC3-47EF-9DD4-E79D0259DB1B}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer: source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_en
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ALSV5&o=1665&src=crm&q={searchTerms}&locale=en_UK&apn _ptnrs=AU&apn_dtid=YYYYYYYYGB&apn_uid=34399D31-44A3-4DA6-8AC7-C989A030269F&apn_sauid=A32CCD2B-3BB2-4310-B8FA-574A397D7115
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{2310B25F-E44D-4DCE-8978-173DBD1341C1}: "URL" = http://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy= &ychte=uk
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.goonsearch.com/web.html?source=IBR-IB-PDP-INS-DBS&q={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.bing.com/search?FORM=UP50DF&PC=UP50&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=CrQt__Hz-oJhPpnLvuNAmY8Q990?q={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = http://search.ibryte.com/i/playbryte/search/redirect/?type=default-ie&user_id=8a29f83a-1762-4abe-b6d2-85b8f55d9ff9&query={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={2AB81444-0133-4A21-88D6-7236293CD844}&mid=86c7969f8ba047d19024d168d145dea3-9a877b0da52b245d0ae7330e6e4e92d782696eee&lang=en&ds=ts025&pr=&d=2011-12-14 00:04:00&v=8.0.0.34&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{98C169E2-613B-42D8-9716-3201888DF14E}: "URL" = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=380920&p={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaultthis.engineName: "WiseConvert Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "WiseConvert Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5 videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\currys\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\currys\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp .com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/10 10:44:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/01/03 12:29:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/05/23 18:09:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.0.0.9\ [2012/07/01 01:10:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/07 12:47:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/05 23:19:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/07 12:47:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/05 23:19:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp. com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/10 10:44:51 | 000,000,000 | ---D | M]

[2012/01/22 11:08:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\currys\AppData\Roaming\mozilla\Extensions
[2009/07/24 22:05:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\currys\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012/01/22 11:56:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\extensions
[2012/07/01 01:10:55 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/07/08 19:39:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\e xtensions
[2012/07/08 19:39:06 | 000,000,000 | ---D | M] (WiseConvert Community Toolbar) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\e xtensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
[2012/06/27 14:38:40 | 000,000,925 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\s earchplugins\conduit.xml
[2012/06/23 14:03:40 | 000,002,203 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\s earchplugins\MyStart Search.xml
[2012/06/13 23:13:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/07 12:47:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012/05/21 22:59:26 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\E XTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012/07/07 12:47:33 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/29 17:07:04 | 000,003,703 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/23 13:40:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/23 13:40:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Users\currys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmcccagmbagkpbdgpammblejlmiempb\
CHR - Extension: No name found = C:\Users\currys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
CHR - Extension: No name found = C:\Users\currys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\

O1 HOSTS File: ([2012/07/06 12:16:18 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (no name) - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [4oD] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
O4 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download with &Media Finder - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. File not found
O8 - Extra context menu item: Google Sidewiki... - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photobox.com/assets/au...20090910103721 (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/Driver...reqlab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/s...irector/sw.cab (Reg Error: Key error.)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/...?1322783446664 (MUCatalogWebControl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn...Detection2.cab (GMNRev Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/Driver...aSmartScan.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.tescophoto.com/upload/act...eX_Control.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27FA60FB-5855-47ED-90FC-73C7DFD953D2}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\avgsecuritytoolbar - No CLSID value found
O18 - Protocol\Handler\base64 - No CLSID value found
O18 - Protocol\Handler\chrome - No CLSID value found
O18 - Protocol\Handler\ms-itss - No CLSID value found
O18 - Protocol\Handler\prox - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll ()
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img6.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img6.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/12/29 12:14:24 | 000,000,000 | ---D | M] - C:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Reg Error: Value error.
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {3CE02F38-C912-44CF-B02E-60F7964E61FF} - BingPack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{184906ff-ed62-4ee5-bd9c-fd55a3fb7b2d} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{44ca04c9-b479-4ac6-9f6d-2161ab55aa7c} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

MsConfig - StartUpFolder: C:^Users^currys^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk - C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe - ()
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
MsConfig - State: "bootini" - 2
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/06 18:53:42 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4
[2012/07/06 16:38:06 | 000,000,000 | ---D | C] -- C:\Users\currys\Desktop\checkoutPaypalComplete.asp_files
[2012/07/06 12:40:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/06 11:58:54 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/07/06 10:41:36 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\currys\Desktop\tdsskiller(4).exe
[2012/07/05 23:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/05 00:19:45 | 000,000,000 | ---D | C] -- C:\Users\currys\Desktop\OpenOffice.org 3.4 (en-US) Installation Files
[2012/07/04 16:44:55 | 000,000,000 | ---D | C] -- C:\Users\currys\Desktop\New Folder
[2012/07/04 11:19:08 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\SUPERAntiSpyware.com
[2012/07/04 11:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/07/04 11:18:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/07/04 11:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/07/04 10:42:09 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/07/04 10:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/07/04 00:33:11 | 000,000,000 | ---D | C] -- C:\Users\currys\Documents\1059343-internet-options-control-panel-missing_files
[2012/07/02 18:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/07/02 18:56:43 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/06/30 16:03:16 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\Sammsoft
[2012/06/30 16:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\ARO 2012
[2012/06/30 11:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/30 11:56:04 | 000,000,000 | ---D | C] -- C:\Users\currys\Desktop\RK_Quarantine
[2012/06/29 23:55:11 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\DigitalSupport
[2012/06/29 23:33:07 | 000,000,000 | ---D | C] -- C:\Users\currys\Documents\Simply Super Software
[2012/06/29 23:33:07 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\Simply Super Software
[2012/06/29 23:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2012/06/29 23:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2012/06/28 13:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\ReImageCompanion
[2012/06/28 13:34:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
[2012/06/28 13:31:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\~0
[2012/06/25 00:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012/06/25 00:20:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/06/24 11:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\RegZooka
[2012/06/23 13:46:38 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Local\Macromedia
[2012/06/23 11:43:58 | 000,024,416 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\regguard.sys
[2012/06/23 11:35:37 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/06/23 11:35:37 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/06/23 11:26:49 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/23 10:45:42 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2012/06/23 10:45:04 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RegRunInfo
[2012/06/23 10:44:11 | 000,000,000 | ---D | C] -- C:\Users\currys\Documents\RegRun2
[2012/06/23 10:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator
[2012/06/23 10:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\Greatis
[2012/06/20 00:21:52 | 000,000,000 | ---D | C] -- C:\f90e4393fac73d563b0e
[2012/06/19 22:53:12 | 000,342,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2012/06/19 22:53:07 | 000,203,088 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012/06/19 22:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012/06/19 22:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012/06/19 22:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/06/19 22:52:47 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\TestApp
[2012/06/18 23:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network
[2012/06/18 23:34:17 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\FlashGet
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/10 19:00:04 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-currys.job
[2012/07/10 18:53:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/10 18:51:08 | 000,000,394 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A65AEF0B-B822-4C24-B3BE-67EE9605EB86}.job
[2012/07/10 18:38:56 | 000,668,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/10 18:38:56 | 000,136,484 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/10 18:36:10 | 000,000,900 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
[2012/07/10 18:35:43 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/10 18:34:07 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012/07/10 18:33:51 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/10 18:33:48 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-118059262-2797764304-1290977041-1000Core.job
[2012/07/10 18:33:44 | 000,003,344 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/10 18:33:44 | 000,003,344 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/10 18:33:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/08 23:49:44 | 000,004,857 | ---- | M] () -- C:\Users\currys\Documents\Reply to thread 'Internet Options in Control Panel missing'.eml
[2012/07/08 19:40:57 | 001,558,016 | ---- | M] () -- C:\Users\currys\Desktop\RogueKiller(1).exe
[2012/07/06 18:57:15 | 000,322,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/06 16:38:07 | 000,048,211 | ---- | M] () -- C:\Users\currys\Desktop\checkoutPaypalComplete.asp.htm
[2012/07/06 14:26:27 | 000,022,477 | ---- | M] () -- C:\Users\currys\Desktop\Argos - Thank you for your order number 201549843.eml
[2012/07/06 13:47:29 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2012/07/06 12:16:18 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/07/06 12:00:10 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/07/06 11:46:44 | 000,000,890 | ---- | M] () -- C:\Users\currys\Desktop\baffledUK123.exe - Shortcut.lnk
[2012/07/06 10:41:40 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\currys\Desktop\tdsskiller(4).exe
[2012/07/06 00:46:13 | 000,002,525 | ---- | M] () -- C:\Users\currys\Desktop\HiJackThis.lnk
[2012/07/05 23:31:17 | 000,001,359 | ---- | M] () -- C:\Users\currys\Desktop\java - Shortcut.lnk
[2012/07/05 00:18:14 | 000,016,968 | ---- | M] () -- C:\Users\currys\Untitled 1.odt
[2012/07/04 11:19:01 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/07/04 00:33:12 | 000,064,364 | ---- | M] () -- C:\Users\currys\Documents\1059343-internet-options-control-panel-missing.html
[2012/07/02 23:38:28 | 000,002,605 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Disk Cleaner.lnk
[2012/07/02 18:56:52 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/01 00:05:13 | 3220,320,256 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/28 13:31:39 | 000,001,583 | ---- | M] () -- C:\Users\currys\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/06/26 23:39:39 | 000,000,134 | ---- | M] () -- C:\Users\currys\Desktop\Microsoft Fix it.url
[2012/06/24 11:02:03 | 000,000,487 | ---- | M] () -- C:\Windows\wininit.ini
[2012/06/23 12:42:47 | 000,024,416 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\regguard.sys
[2012/06/23 11:35:37 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\System32\Partizan.exe
[2012/06/23 11:35:37 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
[2012/06/23 10:44:14 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/06/23 10:44:14 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt
[2012/06/23 10:44:14 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2012/06/23 10:44:11 | 000,000,876 | ---- | M] () -- C:\Users\currys\Desktop\Reanimator.lnk
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/08 23:49:43 | 000,004,857 | ---- | C] () -- C:\Users\currys\Documents\Reply to thread 'Internet Options in Control Panel missing'.eml
[2012/07/08 19:40:56 | 001,558,016 | ---- | C] () -- C:\Users\currys\Desktop\RogueKiller(1).exe
[2012/07/08 00:57:14 | 000,000,394 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{A65AEF0B-B822-4C24-B3BE-67EE9605EB86}.job
[2012/07/06 16:38:06 | 000,048,211 | ---- | C] () -- C:\Users\currys\Desktop\checkoutPaypalComplete.asp.htm
[2012/07/06 14:26:17 | 000,022,477 | ---- | C] () -- C:\Users\currys\Desktop\Argos - Thank you for your order number 201549843.eml
[2012/07/06 13:47:29 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/07/06 11:46:44 | 000,000,890 | ---- | C] () -- C:\Users\currys\Desktop\baffledUK123.exe - Shortcut.lnk
[2012/07/05 23:30:52 | 000,001,359 | ---- | C] () -- C:\Users\currys\Desktop\java - Shortcut.lnk
[2012/07/05 00:18:12 | 000,016,968 | ---- | C] () -- C:\Users\currys\Untitled 1.odt
[2012/07/04 11:19:01 | 000,001,802 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/07/04 10:42:09 | 000,002,525 | ---- | C] () -- C:\Users\currys\Desktop\HiJackThis.lnk
[2012/07/04 00:33:10 | 000,064,364 | ---- | C] () -- C:\Users\currys\Documents\1059343-internet-options-control-panel-missing.html
[2012/07/02 18:56:52 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/01 01:13:20 | 000,322,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/29 00:22:04 | 3220,320,256 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/29 00:06:55 | 000,000,900 | ---- | C] () -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
[2012/06/28 13:31:39 | 000,001,583 | ---- | C] () -- C:\Users\currys\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/06/26 23:39:39 | 000,000,134 | ---- | C] () -- C:\Users\currys\Desktop\Microsoft Fix it.url
[2012/06/26 23:37:20 | 000,001,041 | ---- | C] () -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/06/24 11:02:02 | 000,000,487 | ---- | C] () -- C:\Windows\wininit.ini
[2012/06/23 11:26:11 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-118059262-2797764304-1290977041-1000Core.job
[2012/06/23 10:44:14 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2012/06/23 10:44:11 | 000,000,876 | ---- | C] () -- C:\Users\currys\Desktop\Reanimator.lnk
[2012/01/29 12:35:23 | 000,000,000 | ---- | C] () -- C:\Users\currys\AppData\Local\{A2C1D9E5-EF1E-4CB1-929A-1596A9DD93C5}
[2012/01/01 19:41:40 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/01 19:41:40 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/01 19:41:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/01 19:41:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/01 19:41:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/29 20:48:31 | 000,016,918 | ---- | C] () -- C:\Users\currys\powerpoint-x-none.xml
[2011/12/29 12:23:29 | 004,250,112 | ---- | C] () -- C:\Users\currys\powerpoint-x-none.msp
[2011/12/26 14:05:56 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/12/02 23:16:09 | 000,001,043 | ---- | C] () -- C:\ProgramData\repository.xml
[2011/06/17 21:23:38 | 000,000,094 | ---- | C] () -- C:\Users\currys\AppData\Local\fusioncache.dat
[2011/03/15 19:37:45 | 000,029,520 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/03/15 19:37:45 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/03/03 21:18:20 | 000,001,024 | ---- | C] () -- C:\Users\currys\.rnd
[2011/03/03 21:18:09 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2011/02/06 01:16:30 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/08/09 22:45:44 | 000,128,356 | ---- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/09/16 16:06:15 | 000,001,356 | ---- | C] () -- C:\Users\currys\AppData\Local\d3d9caps.dat
[2009/06/23 22:13:57 | 000,024,206 | ---- | C] () -- C:\Users\currys\AppData\Roaming\UserTile.png
[2009/06/16 18:02:15 | 000,000,000 | ---- | C] () -- C:\Users\currys\AppData\Roaming\wklnhst.dat
[2009/06/15 20:10:47 | 000,211,968 | ---- | C] () -- C:\Users\currys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2012/06/29 23:32:32 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\#ISW.FS#
[2011/12/02 23:34:23 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Auslogics
[2011/11/30 11:11:27 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\AVG10
[2012/07/01 01:10:52 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Azureus
[2009/06/28 09:30:24 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD7 3DDBBD723A6DA9D.1
[2009/11/08 01:05:56 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Blitware
[2009/06/23 23:20:53 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Canon
[2012/05/06 11:42:39 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\CheckPoint
[2012/06/29 23:59:57 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\DigitalSupport
[2011/07/09 18:55:24 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\DMCache
[2009/07/06 22:08:40 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\DriverCure
[2011/06/09 23:09:10 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\FixCleaner
[2012/06/18 23:34:17 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\FlashGet
[2011/08/21 22:56:06 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\FrostWire
[2011/07/09 22:30:36 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Internet Download Accelerator
[2012/07/01 01:10:53 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\IObit
[2011/12/02 19:27:27 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\iolo
[2012/07/01 01:10:54 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\LimeWire
[2012/02/02 01:12:53 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Media Finder
[2011/12/15 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\OnlineArmor
[2011/05/27 23:28:45 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\OpenCandy
[2011/11/30 22:21:40 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\OpenOffice.org
[2009/06/15 23:03:01 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Packard Bell
[2011/07/09 18:14:06 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\ParetoLogic
[2012/06/30 12:08:15 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PC Cleaners
[2011/10/21 23:37:50 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PCCleaner
[2012/05/21 23:36:31 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PCPro
[2009/06/23 22:13:57 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PeerNetworking
[2012/03/12 11:17:26 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PerformerSoft
[2011/11/30 01:00:18 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\RegistryKeys
[2012/06/30 16:03:16 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Sammsoft
[2012/06/29 23:33:07 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Simply Super Software
[2011/12/10 00:39:29 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\SlimCleaner
[2011/11/29 19:07:18 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\SpeedMaxPc
[2012/06/04 17:06:02 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\SpeedyPC Software
[2010/05/24 08:16:42 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Sports Interactive
[2011/12/29 11:45:09 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\T55
[2012/06/19 22:52:47 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\TestApp
[2010/05/09 20:02:30 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\The Creative Assembly
[2012/01/22 11:12:27 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\TP
[2010/07/15 11:42:50 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\TuneUp Software
[2012/07/05 22:39:08 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\TweakNow RegCleaner 2011
[2012/01/22 11:13:31 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\{90140011-0061-0409-0000-0000000FF1CE}
[2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\IObit
[2012/07/10 19:00:04 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-currys.job
[2012/07/09 23:30:44 | 000,032,648 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/10 18:51:08 | 000,000,394 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A65AEF0B-B822-4C24-B3BE-67EE9605EB86}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2012/07/06 12:40:40 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2012/05/17 19:03:03 | 000,000,000 | ---D | M] -- C:\335cad22c2781a5a46ca189d
[2012/01/04 00:08:27 | 000,000,000 | ---D | M] -- C:\ACER
[2011/12/29 12:14:24 | 000,000,000 | ---D | M] -- C:\Autorun.inf
[2012/06/30 08:29:58 | 000,000,000 | ---D | M] -- C:\Boot
[2010/10/24 01:09:41 | 000,000,000 | ---D | M] -- C:\BraCa Soft
[2011/12/26 14:09:46 | 000,000,000 | ---D | M] -- C:\cabs
[2009/06/23 22:09:14 | 000,000,000 | ---D | M] -- C:\CanoScan
[2012/07/06 11:49:41 | 000,000,000 | ---D | M] -- C:\ComboFix
[2012/07/07 10:16:16 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009/06/26 23:48:14 | 000,000,000 | ---D | M] -- C:\drivers
[2012/07/01 01:10:35 | 000,000,000 | ---D | M] -- C:\f90e4393fac73d563b0e
[2012/06/23 13:31:04 | 000,000,000 | ---D | M] -- C:\Kontiki
[2011/06/18 09:16:34 | 000,000,000 | ---D | M] -- C:\Macromedia
[2008/08/21 22:17:18 | 000,000,000 | R--D | M] -- C:\MSOCache
[2012/04/03 18:52:45 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2011/12/17 18:20:59 | 000,000,000 | ---D | M] -- C:\perflogs
[2012/07/05 22:39:08 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/07/06 12:15:14 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012/07/06 12:49:50 | 000,000,000 | ---D | M] -- C:\Qoobox
[2012/03/09 23:30:17 | 000,000,000 | ---D | M] -- C:\Reg_Backup
[2012/07/10 18:57:56 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012/07/01 01:11:07 | 000,000,000 | R--D | M] -- C:\Users
[2012/07/06 16:34:02 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %windir%\Installer\*.* >
[2012/04/22 22:37:42 | 001,182,720 | R--- | M] () -- C:\Windows\Installer\10022a7.msp
[2011/06/13 10:35:09 | 000,219,648 | ---- | M] () -- C:\Windows\Installer\1171dd.msi
[2009/03/20 11:48:56 | 000,183,808 | R--- | M] () -- C:\Windows\Installer\124062.msp
[2009/12/11 09:49:42 | 000,324,608 | ---- | M] () -- C:\Windows\Installer\1263ed8d.msi
[2009/12/11 09:51:09 | 000,821,760 | ---- | M] () -- C:\Windows\Installer\1263edd3.msi
[2009/12/11 09:52:30 | 000,279,040 | ---- | M] () -- C:\Windows\Installer\1263ee06.msi
[2009/12/11 09:52:50 | 000,577,024 | ---- | M] () -- C:\Windows\Installer\1263ee14.msi
[2009/10/16 08:09:28 | 002,518,016 | R--- | M] () -- C:\Windows\Installer\1263ee24.msp
[2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\133082.mst
[2011/12/26 06:06:20 | 005,115,392 | R--- | M] () -- C:\Windows\Installer\13876f.msp
[2012/01/22 11:07:51 | 004,201,984 | ---- | M] () -- C:\Windows\Installer\13bf24.msi
[2010/08/04 15:13:04 | 000,686,080 | R--- | M] () -- C:\Windows\Installer\13f9f50.msp
[2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\13fac2.mst
[2011/01/16 11:43:05 | 000,415,744 | ---- | M] () -- C:\Windows\Installer\149f7c.msi
[2011/09/15 19:37:40 | 037,148,160 | R--- | M] () -- C:\Windows\Installer\1543e9.msp
[2011/09/15 19:37:52 | 034,428,416 | R--- | M] () -- C:\Windows\Installer\154408.msp
[2010/04/24 17:10:46 | 008,486,400 | R--- | M] () -- C:\Windows\Installer\17537a0.msp
[2010/04/24 17:07:04 | 010,118,144 | R--- | M] () -- C:\Windows\Installer\17537c1.msp
[2010/04/24 17:07:58 | 004,667,392 | R--- | M] () -- C:\Windows\Installer\17537d2.msp
[2010/03/24 18:54:54 | 002,516,992 | R--- | M] () -- C:\Windows\Installer\17537e3.msp
[2010/04/24 17:08:48 | 009,129,984 | R--- | M] () -- C:\Windows\Installer\17537f4.msp
[2010/04/24 17:09:46 | 011,750,912 | R--- | M] () -- C:\Windows\Installer\17537fc.msp
[2009/06/16 22:29:21 | 000,648,192 | ---- | M] () -- C:\Windows\Installer\176fc53.msi
[2011/12/01 23:59:50 | 010,988,544 | ---- | M] () -- C:\Windows\Installer\17df8d.msi
[2011/07/27 07:39:50 | 009,892,352 | R--- | M] () -- C:\Windows\Installer\19c024f.msp
[2011/09/06 21:48:02 | 008,181,248 | R--- | M] () -- C:\Windows\Installer\19c026c.msp
[2011/08/10 17:42:04 | 007,070,208 | R--- | M] () -- C:\Windows\Installer\19c028d.msp
[2011/09/06 21:46:22 | 009,006,080 | R--- | M] () -- C:\Windows\Installer\19c02ad.msp
[2011/08/10 17:43:30 | 003,795,968 | R--- | M] () -- C:\Windows\Installer\19c02b5.msp
[2011/11/15 20:44:06 | 001,435,136 | ---- | M] () -- C:\Windows\Installer\1a3843.msi
[2012/01/22 11:09:26 | 001,700,352 | R--- | M] () -- C:\Windows\Installer\1af74f.msp
[2012/01/30 21:46:22 | 007,069,184 | R--- | M] () -- C:\Windows\Installer\1af757.msp
[2009/08/18 13:08:34 | 001,373,696 | R--- | M] () -- C:\Windows\Installer\1b940cf.msp
[2009/07/27 04:31:24 | 003,738,624 | R--- | M] () -- C:\Windows\Installer\1b940d7.msp
[2009/08/05 07:49:32 | 003,457,024 | R--- | M] () -- C:\Windows\Installer\1b940ff.msp
[2010/01/14 20:49:10 | 000,463,360 | ---- | M] () -- C:\Windows\Installer\1c0b9ed5.msi
[2009/08/18 13:57:54 | 009,122,304 | R--- | M] () -- C:\Windows\Installer\1c1063f.msp
[2009/08/18 13:58:56 | 008,301,056 | R--- | M] () -- C:\Windows\Installer\1c10650.msp
[2009/08/18 14:19:26 | 010,098,688 | R--- | M] () -- C:\Windows\Installer\1c10668.msp
[2012/05/19 12:42:02 | 000,492,544 | ---- | M] () -- C:\Windows\Installer\1d2224.msi
[2010/07/23 02:03:24 | 000,338,432 | R--- | M] () -- C:\Windows\Installer\1d821ac.msp
[2009/08/08 18:09:01 | 000,152,576 | ---- | M] () -- C:\Windows\Installer\1df1552.msi
[2009/08/11 23:51:12 | 000,550,912 | ---- | M] () -- C:\Windows\Installer\1df1e3a.msi
[2009/08/11 23:51:54 | 000,613,376 | ---- | M] () -- C:\Windows\Installer\1df1e6c.msi
[2009/08/11 23:52:00 | 000,444,416 | ---- | M] () -- C:\Windows\Installer\1df1e74.msi
[2009/06/28 09:49:03 | 002,862,592 | ---- | M] () -- C:\Windows\Installer\1df8f3.msi
[2012/07/05 00:20:50 | 000,228,864 | ---- | M] () -- C:\Windows\Installer\1f436a7.msi
[2011/09/12 20:12:50 | 002,295,808 | ---- | M] () -- C:\Windows\Installer\2192cdf.msi
[2008/12/13 09:58:22 | 000,754,688 | R--- | M] () -- C:\Windows\Installer\22de62e.msp
[2009/05/26 18:53:56 | 000,579,072 | R--- | M] () -- C:\Windows\Installer\22de63e.msp
[2009/04/04 11:36:32 | 021,390,848 | R--- | M] () -- C:\Windows\Installer\22de669.msp
[2009/04/04 17:08:40 | 343,058,432 | R--- | M] () -- C:\Windows\Installer\22de753.msp
[2009/04/24 12:28:00 | 004,450,816 | R--- | M] () -- C:\Windows\Installer\22de788.msp
[2009/02/25 19:08:18 | 008,311,808 | R--- | M] () -- C:\Windows\Installer\22de798.msp
[2009/04/24 12:30:16 | 002,583,552 | R--- | M] () -- C:\Windows\Installer\22de7be.msp
[2009/05/04 07:47:22 | 009,124,864 | R--- | M] () -- C:\Windows\Installer\22de7de.msp
[2011/06/17 20:51:40 | 003,443,712 | ---- | M] () -- C:\Windows\Installer\2355581.msi
[2009/11/25 01:00:28 | 000,429,568 | ---- | M] () -- C:\Windows\Installer\23a02a.msi
[2011/11/22 00:07:36 | 017,191,936 | R--- | M] () -- C:\Windows\Installer\25094f.msp
[2009/04/04 18:09:34 | 015,190,016 | R--- | M] () -- C:\Windows\Installer\28cce1a.msp
[2009/04/04 18:10:08 | 009,926,144 | R--- | M] () -- C:\Windows\Installer\28cce46.msp
[2009/04/04 18:10:16 | 007,888,384 | R--- | M] () -- C:\Windows\Installer\28cce4f.msp
[2009/04/04 18:10:24 | 001,282,560 | R--- | M] () -- C:\Windows\Installer\28cce56.msp
[2011/09/21 17:18:24 | 004,985,856 | R--- | M] () -- C:\Windows\Installer\2b0694.msp
[2010/08/13 18:00:36 | 009,404,928 | R--- | M] () -- C:\Windows\Installer\2bde389.msp
[2010/08/13 18:02:20 | 002,545,664 | R--- | M] () -- C:\Windows\Installer\2bde391.msp
[2010/08/13 17:59:46 | 008,182,272 | R--- | M] () -- C:\Windows\Installer\2bde3a8.msp
[2010/08/13 18:01:28 | 008,993,280 | R--- | M] () -- C:\Windows\Installer\2bde3c8.msp
[2009/06/28 09:19:34 | 000,583,680 | ---- | M] () -- C:\Windows\Installer\2cdad.msi
[2012/07/05 23:19:12 | 000,863,744 | ---- | M] () -- C:\Windows\Installer\2d235db.msi
[2012/07/05 23:20:05 | 000,176,128 | ---- | M] () -- C:\Windows\Installer\2d235e7.msi
[2011/12/22 17:50:54 | 000,256,000 | R--- | M] () -- C:\Windows\Installer\2dc91f.msp
[2012/01/19 14:37:24 | 008,999,936 | R--- | M] () -- C:\Windows\Installer\2dc92a.msp
[2011/12/15 14:40:40 | 023,374,336 | R--- | M] () -- C:\Windows\Installer\2dc93b.msp
[2009/04/04 07:35:48 | 036,977,152 | R--- | M] () -- C:\Windows\Installer\2e5bb0f.msp
[2009/05/04 07:46:14 | 008,299,008 | R--- | M] () -- C:\Windows\Installer\2e5bb21.msp
[2009/04/14 04:49:26 | 001,922,560 | R--- | M] () -- C:\Windows\Installer\2e5bb3c.msp
[2010/12/30 00:34:10 | 001,710,592 | ---- | M] () -- C:\Windows\Installer\2e98d73.msi
[2010/12/30 00:39:17 | 001,984,000 | ---- | M] () -- C:\Windows\Installer\2e98dbb.msi
[2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\2efac3.mst
[2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\300251.mst
[2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\30f18f.mst
[2011/06/16 00:08:52 | 000,467,456 | ---- | M] () -- C:\Windows\Installer\330c6c9.msi
[2011/04/13 11:37:02 | 019,201,024 | R--- | M] () -- C:\Windows\Installer\330c6d6.msp
[2011/04/29 12:33:30 | 008,173,568 | R--- | M] () -- C:\Windows\Installer\330c6dd.msp
[2011/03/25 09:03:44 | 005,079,552 | R--- | M] () -- C:\Windows\Installer\330c6f3.msp
[2011/06/16 00:24:33 | 000,223,744 | ---- | M] () -- C:\Windows\Installer\330c703.msi
[2011/04/29 12:28:40 | 001,995,264 | R--- | M] () -- C:\Windows\Installer\330c70a.msp
[2011/04/29 12:31:46 | 009,006,080 | R--- | M] () -- C:\Windows\Installer\330c730.msp
[2009/07/01 10:51:21 | 001,013,248 | ---- | M] () -- C:\Windows\Installer\33d7038.msi
[2011/10/16 08:15:06 | 000,028,160 | ---- | M] () -- C:\Windows\Installer\34eb5.msi
[2010/01/21 21:23:34 | 000,119,296 | ---- | M] () -- C:\Windows\Installer\35f25e.msi
[2012/04/04 14:32:41 | 016,613,376 | R--- | M] () -- C:\Windows\Installer\39647.msp
[2011/12/26 23:33:26 | 000,501,248 | ---- | M] () -- C:\Windows\Installer\3d96e.msi
[2011/12/26 23:33:33 | 001,713,152 | ---- | M] () -- C:\Windows\Installer\3d973.msi
[2011/12/26 23:33:42 | 002,022,912 | ---- | M] () -- C:\Windows\Installer\3d978.msi
[2011/12/26 23:33:49 | 001,640,960 | ---- | M] () -- C:\Windows\Installer\3d97d.msi
[2011/12/26 23:33:55 | 000,513,024 | ---- | M] () -- C:\Windows\Installer\3d982.msi
[2011/12/26 23:33:59 | 000,516,608 | ---- | M] () -- C:\Windows\Installer\3d988.msi
[2011/12/26 23:34:03 | 000,506,880 | ---- | M] () -- C:\Windows\Installer\3d98e.msi
[2011/12/26 23:34:06 | 000,501,248 | ---- | M] () -- C:\Windows\Installer\3d993.msi
[2011/12/26 23:34:11 | 001,652,736 | ---- | M] () -- C:\Windows\Installer\3d998.msi
[2011/12/26 23:34:23 | 002,397,184 | ---- | M] () -- C:\Windows\Installer\3d99d.msi
[2009/06/15 18:14:33 | 000,024,064 | ---- | M] () -- C:\Windows\Installer\411500.msi
[2010/09/24 07:08:50 | 017,518,080 | R--- | M] () -- C:\Windows\Installer\42115fb.msp
[2009/06/15 17:14:16 | 001,479,680 | ---- | M] () -- C:\Windows\Installer\433d5.msi
[2011/09/05 23:01:26 | 013,135,872 | R--- | M] () -- C:\Windows\Installer\4477b.msp
[2010/06/25 22:48:50 | 001,160,192 | ---- | M] () -- C:\Windows\Installer\45ed8e.msi
[2011/06/25 12:07:39 | 000,066,048 | ---- | M] () -- C:\Windows\Installer\4827ef.msi
[2011/06/25 12:08:05 | 000,855,040 | ---- | M] () -- C:\Windows\Installer\48285c.msi
[2010/05/18 17:29:30 | 000,822,272 | ---- | M] () -- C:\Windows\Installer\4c3c7cd.msi
[2012/07/04 10:42:09 | 001,094,656 | ---- | M] () -- C:\Windows\Installer\4e5d046.msi
[2010/03/04 19:48:30 | 000,228,352 | ---- | M] () -- C:\Windows\Installer\4ebadb9.msi
[2011/11/11 17:15:00 | 001,795,584 | R--- | M] () -- C:\Windows\Installer\52fce5.msp
[2011/12/21 23:19:28 | 000,036,352 | ---- | M] () -- C:\Windows\Installer\52fcee.msi
[2011/12/21 23:19:30 | 023,622,656 | R--- | M] () -- C:\Windows\Installer\52fcf4.msp
[2010/01/10 10:44:58 | 000,855,040 | ---- | M] () -- C:\Windows\Installer\548b5f2.msi
[2012/05/06 11:36:40 | 000,041,472 | ---- | M] () -- C:\Windows\Installer\54a07e6.msi
[2012/05/06 11:36:49 | 000,028,672 | ---- | M] () -- C:\Windows\Installer\54a081a.msi
[2012/05/06 11:37:02 | 000,039,936 | ---- | M] () -- C:\Windows\Installer\54a0820.msi
[2010/11/20 23:33:46 | 001,980,928 | R--- | M] () -- C:\Windows\Installer\54e58e.msp
[2011/01/11 17:50:38 | 008,177,152 | R--- | M] () -- C:\Windows\Installer\54e59c.msp
[2011/03/17 20:01:58 | 009,563,648 | R--- | M] () -- C:\Windows\Installer\54e5b3.msp
[2011/02/11 08:43:44 | 010,951,168 | R--- | M] () -- C:\Windows\Installer\54e5d5.msp
[2010/11/20 23:34:34 | 001,198,080 | R--- | M] () -- C:\Windows\Installer\54e5dc.msp
[2010/11/20 23:32:52 | 004,165,120 | R--- | M] () -- C:\Windows\Installer\54e5f4.msp
[2011/03/17 20:00:20 | 000,090,624 | R--- | M] () -- C:\Windows\Installer\54e5fb.msp
[2011/01/11 17:49:20 | 009,003,008 | R--- | M] () -- C:\Windows\Installer\54e60c.msp
[2008/08/21 22:05:38 | 000,115,200 | ---- | M] () -- C:\Windows\Installer\582f9.msi
[2008/08/21 22:08:06 | 014,308,864 | ---- | M] () -- C:\Windows\Installer\58302.msi
[2008/08/21 22:08:37 | 006,092,288 | ---- | M] () -- C:\Windows\Installer\58303.msi
[2008/08/21 22:09:56 | 001,244,672 | ---- | M] () -- C:\Windows\Installer\58309.msi
[2008/08/21 22:15:48 | 000,100,352 | ---- | M] () -- C:\Windows\Installer\58316.msi
[2008/08/21 22:18:24 | 001,640,960 | ---- | M] () -- C:\Windows\Installer\58337.msi
[2008/08/21 22:19:43 | 009,613,312 | ---- | M] () -- C:\Windows\Installer\58365.msi
[2008/05/14 07:46:44 | 009,577,984 | R--- | M] () -- C:\Windows\Installer\58366.msp
[2007/03/21 22:46:29 | 008,198,656 | R--- | M] () -- C:\Windows\Installer\58382.msp
[2007/03/21 22:46:29 | 002,047,488 | R--- | M] () -- C:\Windows\Installer\5839e.msp
[2008/08/21 22:21:46 | 000,360,448 | ---- | M] () -- C:\Windows\Installer\583a9.msi
[2008/02/15 09:54:20 | 009,736,192 | R--- | M] () -- C:\Windows\Installer\583ce.msp
[2007/10/15 00:43:32 | 021,981,184 | R--- | M] () -- C:\Windows\Installer\583d6.msp
[2007/10/15 00:43:14 | 229,852,160 | R--- | M] () -- C:\Windows\Installer\584b2.msp
[2009/04/14 05:50:22 | 005,191,680 | R--- | M] () -- C:\Windows\Installer\58bd0.msp
[2009/04/14 05:56:18 | 020,498,944 | R--- | M] () -- C:\Windows\Installer\58be7.msp
[2009/05/07 10:04:06 | 018,341,376 | R--- | M] () -- C:\Windows\Installer\58bef.msp
[2009/04/14 04:46:12 | 015,438,848 | R--- | M] () -- C:\Windows\Installer\58bf7.msp
[2009/04/14 05:51:24 | 001,303,040 | R--- | M] () -- C:\Windows\Installer\58bff.msp
[2009/04/14 05:21:34 | 015,303,168 | R--- | M] () -- C:\Windows\Installer\58c07.msp
[2011/04/28 17:51:24 | 001,375,744 | R--- | M] () -- C:\Windows\Installer\5bfb3.msp
[2011/10/26 16:38:54 | 002,830,848 | R--- | M] () -- C:\Windows\Installer\5c073.msp
[2012/01/12 03:01:16 | 021,030,912 | R--- | M] () -- C:\Windows\Installer\5c0a3.msp
[2011/06/14 00:04:08 | 000,223,232 | ---- | M] () -- C:\Windows\Installer\5da4c.msi
[2011/06/14 00:16:47 | 003,589,632 | ---- | M] () -- C:\Windows\Installer\5da8f.msi
[2011/06/14 00:16:49 | 002,087,936 | ---- | M] () -- C:\Windows\Installer\5da93.msi
[2011/06/14 00:16:52 | 000,023,040 | ---- | M] () -- C:\Windows\Installer\5da97.msi
[2011/06/14 00:17:02 | 004,427,776 | R--- | M] () -- C:\Windows\Installer\5daa6.msp
[2011/06/14 00:17:14 | 000,030,720 | ---- | M] () -- C:\Windows\Installer\5daaa.msi
[2011/06/14 00:17:22 | 002,932,736 | R--- | M] () -- C:\Windows\Installer\5dabe.msp
[2011/06/14 00:17:29 | 000,071,680 | ---- | M] () -- C:\Windows\Installer\5dac2.msi
[2011/06/14 00:17:36 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\5dac6.msi
[2011/06/14 00:17:42 | 000,191,488 | ---- | M] () -- C:\Windows\Installer\5daca.msi
[2011/06/14 00:17:52 | 000,301,056 | ---- | M] () -- C:\Windows\Installer\5dace.msi
[2011/06/14 00:17:55 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dad2.msi
[2011/06/14 00:18:02 | 000,238,080 | ---- | M] () -- C:\Windows\Installer\5dad6.msi
[2011/06/14 00:18:06 | 000,136,704 | R--- | M] () -- C:\Windows\Installer\5dadb.msp
[2011/06/14 00:18:18 | 000,212,992 | ---- | M] () -- C:\Windows\Installer\5dadf.msi
[2011/06/14 00:18:21 | 001,139,712 | R--- | M] () -- C:\Windows\Installer\5daeb.msp
[2011/06/14 00:18:29 | 000,058,880 | ---- | M] () -- C:\Windows\Installer\5daef.msi
[2011/06/14 00:18:40 | 000,200,192 | ---- | M] () -- C:\Windows\Installer\5daf3.msi
[2011/06/14 00:18:48 | 003,314,688 | R--- | M] () -- C:\Windows\Installer\5db0f.msp
[2011/06/14 00:19:13 | 000,417,792 | ---- | M] () -- C:\Windows\Installer\5db15.msi
[2011/06/14 00:19:20 | 005,514,240 | R--- | M] () -- C:\Windows\Installer\5db28.msp
[2011/06/14 00:19:31 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\5db2d.msi
[2011/06/14 00:19:36 | 000,025,600 | ---- | M] () -- C:\Windows\Installer\5db31.msi
[2011/06/14 00:19:41 | 000,038,912 | R--- | M] () -- C:\Windows\Installer\5db36.msp
[2011/06/14 00:19:59 | 000,714,240 | ---- | M] () -- C:\Windows\Installer\5db3a.msi
[2011/06/14 00:20:09 | 005,870,080 | R--- | M] () -- C:\Windows\Installer\5db51.msp
[2011/06/14 00:20:22 | 000,205,312 | ---- | M] () -- C:\Windows\Installer\5db55.msi
[2011/06/14 00:20:29 | 002,958,336 | R--- | M] () -- C:\Windows\Installer\5db6f.msp
[2011/06/14 00:20:38 | 000,891,904 | ---- | M] () -- C:\Windows\Installer\5db73.msi
[2011/06/14 00:21:12 | 000,216,064 | ---- | M] () -- C:\Windows\Installer\5db77.msi
[2011/06/14 00:21:27 | 014,617,088 | R--- | M] () -- C:\Windows\Installer\5dba2.msp
[2011/06/14 00:21:43 | 000,074,752 | ---- | M] () -- C:\Windows\Installer\5dba7.msi
[2011/06/14 00:21:50 | 003,733,504 | R--- | M] () -- C:\Windows\Installer\5dbb0.msp
[2011/06/14 00:21:57 | 000,187,904 | ---- | M] () -- C:\Windows\Installer\5dbb5.msi
[2011/06/14 00:22:01 | 000,205,312 | R--- | M] () -- C:\Windows\Installer\5dbbf.msp
[2011/06/14 00:22:22 | 000,139,264 | ---- | M] () -- C:\Windows\Installer\5dbc3.msi
[2011/06/14 00:22:22 | 000,113,664 | R--- | M] () -- C:\Windows\Installer\5dc00.msp
[2011/06/14 00:22:33 | 000,024,064 | ---- | M] () -- C:\Windows\Installer\5dc04.msi
[2011/06/14 00:22:44 | 000,277,504 | ---- | M] () -- C:\Windows\Installer\5dc08.msi
[2011/06/14 00:22:57 | 000,973,824 | ---- | M] () -- C:\Windows\Installer\5dc0c.msi
[2011/06/14 00:23:04 | 000,099,840 | ---- | M] () -- C:\Windows\Installer\5dc10.msi
[2011/06/14 00:23:10 | 001,830,400 | R--- | M] () -- C:\Windows\Installer\5dc19.msp
[2011/06/14 00:23:16 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\5dc1d.msi
[2011/06/14 00:23:23 | 000,029,184 | ---- | M] () -- C:\Windows\Installer\5dc21.msi
[2011/06/14 00:23:29 | 000,624,640 | R--- | M] () -- C:\Windows\Installer\5dc2a.msp
[2011/06/14 00:23:36 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dc2e.msi
[2011/06/14 00:23:41 | 000,468,480 | R--- | M] () -- C:\Windows\Installer\5dc38.msp
[2011/06/14 00:23:59 | 000,023,552 | ---- | M] () -- C:\Windows\Installer\5dc3d.msi
[2011/06/14 00:24:09 | 005,124,608 | R--- | M] () -- C:\Windows\Installer\5dc47.msp
[2011/06/14 00:24:19 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dc4c.msi
[2011/06/14 00:24:24 | 000,636,928 | R--- | M] () -- C:\Windows\Installer\5dc52.msp
[2011/06/14 00:24:33 | 000,201,216 | ---- | M] () -- C:\Windows\Installer\5dc56.msi
[2011/06/14 00:24:38 | 000,510,976 | R--- | M] () -- C:\Windows\Installer\5dc5b.msp
[2011/06/14 00:24:48 | 000,023,552 | ---- | M] () -- C:\Windows\Installer\5dc60.msi
[2011/06/14 00:24:55 | 002,144,256 | R--- | M] () -- C:\Windows\Installer\5dc6b.msp
[2011/06/14 00:25:01 | 000,021,504 | ---- | M] () -- C:\Windows\Installer\5dc70.msi
[2011/06/14 00:25:06 | 000,060,416 | R--- | M] () -- C:\Windows\Installer\5dc75.msp
[2011/06/14 00:25:13 | 000,021,504 | ---- | M] () -- C:\Windows\Installer\5dc7a.msi
[2011/06/14 00:25:18 | 000,023,552 | R--- | M] () -- C:\Windows\Installer\5dc7f.msp
[2011/06/14 00:25:29 | 000,087,552 | ---- | M] () -- C:\Windows\Installer\5dc83.msi
[2011/06/14 00:25:33 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dc87.msi
[2011/06/14 00:25:39 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dc8b.msi
[2011/06/14 00:25:44 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\5dc8f.msi
[2011/06/14 00:25:50 | 000,020,992 | ---- | M] () -- C:\Windows\Installer\5dc93.msi
[2011/06/14 00:25:56 | 000,038,912 | ---- | M] () -- C:\Windows\Installer\5dc97.msi
[2011/06/14 00:26:01 | 000,024,576 | R--- | M] () -- C:\Windows\Installer\5dc9d.msp
[2010/03/06 01:03:22 | 000,195,584 | ---- | M] () -- C:\Windows\Installer\5dd609.msi
[2011/12/18 01:02:51 | 000,026,624 | ---- | M] () -- C:\Windows\Installer\5e727.msi
[2010/08/13 13:58:24 | 000,540,160 | R--- | M] () -- C:\Windows\Installer\5e73b.msp
[2010/08/27 16:34:58 | 000,540,160 | R--- | M] () -- C:\Windows\Installer\5e73c.msp
[2010/09/30 19:13:46 | 000,680,960 | R--- | M] () -- C:\Windows\Installer\5e73d.msp
[2011/02/08 18:20:46 | 000,843,264 | R--- | M] () -- C:\Windows\Installer\5e73e.msp
[2011/02/15 11:19:46 | 000,818,688 | R--- | M] () -- C:\Windows\Installer\5e73f.msp
[2011/03/08 12:33:20 | 000,818,688 | R--- | M] () -- C:\Windows\Installer\5e740.msp
[2011/05/31 21:16:38 | 000,959,488 | R--- | M] () -- C:\Windows\Installer\5e741.msp
[2011/11/15 12:38:46 | 000,665,600 | R--- | M] () -- C:\Windows\Installer\5e742.msp
[2011/01/24 18:16:02 | 000,014,336 | R--- | M] () -- C:\Windows\Installer\5ed4c.msp
[2011/08/22 00:14:54 | 020,647,936 | R--- | M] () -- C:\Windows\Installer\5ed74.msp
[2010/09/23 21:02:28 | 000,798,208 | R--- | M] () -- C:\Windows\Installer\64e32c8.msp
[2011/04/07 03:43:30 | 123,313,664 | R--- | M] () -- C:\Windows\Installer\6a344b.msp
[2011/05/18 22:55:38 | 019,624,448 | R--- | M] () -- C:\Windows\Installer\6a345b.msp
[2011/04/28 10:54:26 | 002,720,768 | R--- | M] () -- C:\Windows\Installer\6a3461.msp
[2009/04/24 12:38:18 | 001,229,312 | R--- | M] () -- C:\Windows\Installer\6ac672.msp
[2009/04/24 12:31:18 | 001,425,920 | R--- | M] () -- C:\Windows\Installer\6ac67c.msp
[2010/10/07 19:43:04 | 001,980,416 | R--- | M] () -- C:\Windows\Installer\6bfe255.msp
[2010/09/17 07:04:16 | 009,401,856 | R--- | M] () -- C:\Windows\Installer\6bfe263.msp
[2010/10/21 21:05:14 | 002,086,912 | ---- | M] () -- C:\Windows\Installer\6e3648.msi
[2010/07/10 20:06:20 | 010,120,192 | R--- | M] () -- C:\Windows\Installer\6e7adc.msp
[2010/07/10 20:14:14 | 002,850,816 | R--- | M] () -- C:\Windows\Installer\6e7ae4.msp
[2010/02/21 01:03:34 | 004,472,832 | R--- | M] () -- C:\Windows\Installer\6f912fd.msp
[2010/03/22 16:03:14 | 011,732,992 | R--- | M] () -- C:\Windows\Installer\6f91305.msp
[2011/04/29 12:30:12 | 001,197,056 | R--- | M] () -- C:\Windows\Installer\73df8d.msp
[2011/04/29 12:27:04 | 004,158,464 | R--- | M] () -- C:\Windows\Installer\73dfa4.msp
[2009/06/15 20:01:20 | 000,432,640 | ---- | M] () -- C:\Windows\Installer\78d94.msi
[2012/01/03 18:58:05 | 015,929,344 | R--- | M] () -- C:\Windows\Installer\7b72f.msp
[2011/11/28 20:18:12 | 000,062,464 | ---- | M] () -- C:\Windows\Installer\7bbce.msi
[2010/12/11 04:04:38 | 000,472,064 | ---- | M] () -- C:\Windows\Installer\7f20b3.msi
[2012/07/06 18:53:47 | 003,105,280 | ---- | M] () -- C:\Windows\Installer\7f469c.msi
[2010/02/21 02:00:02 | 008,480,768 | R--- | M] () -- C:\Windows\Installer\8479f8.msp
[2010/02/04 18:24:30 | 009,122,304 | R--- | M] () -- C:\Windows\Installer\847a18.msp
[2011/12/26 10:02:58 | 019,677,184 | R--- | M] () -- C:\Windows\Installer\90ddc.msp
[2011/12/25 06:40:46 | 000,819,200 | R--- | M] () -- C:\Windows\Installer\90de2.msp
[2009/07/28 19:30:26 | 000,326,144 | ---- | M] () -- C:\Windows\Installer\910cb.msi
[2009/07/28 19:30:32 | 000,320,512 | ---- | M] () -- C:\Windows\Installer\910d0.msi
[2009/07/28 19:30:47 | 000,432,640 | ---- | M] () -- C:\Windows\Installer\910e2.msi
[2009/07/28 19:30:52 | 000,519,680 | ---- | M] () -- C:\Windows\Installer\910e7.msi
[2009/07/28 19:30:58 | 000,592,896 | ---- | M] () -- C:\Windows\Installer\910ec.msi
[2009/07/28 19:31:00 | 000,501,248 | ---- | M] () -- C:\Windows\Installer\910f1.msi
[2009/07/28 19:31:08 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\910f6.msi
[2009/07/28 19:31:29 | 000,367,616 | ---- | M] () -- C:\Windows\Installer\9110d.msi
[2009/07/28 19:31:37 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\91112.msi
[2009/07/28 19:31:46 | 000,647,680 | ---- | M] () -- C:\Windows\Installer\9111c.msi
[2009/07/28 19:32:14 | 000,472,576 | ---- | M] () -- C:\Windows\Installer\91136.msi
[2009/07/28 19:32:15 | 000,339,968 | ---- | M] () -- C:\Windows\Installer\9113d.msi
[2009/07/28 19:32:20 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\91142.msi
[2009/07/28 19:32:23 | 000,596,480 | ---- | M] () -- C:\Windows\Installer\9114a.msi
[2009/07/28 19:32:27 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\9114f.msi
[2009/07/28 19:32:41 | 000,343,552 | ---- | M] () -- C:\Windows\Installer\91157.msi
[2009/07/28 19:33:26 | 000,988,160 | ---- | M] () -- C:\Windows\Installer\9117b.msi
[2009/07/28 19:33:32 | 000,510,976 | ---- | M] () -- C:\Windows\Installer\91180.msi
[2009/07/28 19:33:35 | 000,312,320 | ---- | M] () -- C:\Windows\Installer\91185.msi
[2009/07/28 19:33:37 | 000,211,968 | ---- | M] () -- C:\Windows\Installer\9118a.msi
[2009/07/28 19:33:39 | 000,623,616 | ---- | M] () -- C:\Windows\Installer\91190.msi
[2009/07/28 19:35:46 | 000,634,880 | ---- | M] () -- C:\Windows\Installer\91195.msi
[2009/07/28 19:35:51 | 000,301,568 | ---- | M] () -- C:\Windows\Installer\9119a.msi
[2009/07/28 19:35:56 | 000,328,192 | ---- | M] () -- C:\Windows\Installer\911a0.msi
[2012/03/15 13:43:28 | 004,216,320 | R--- | M] () -- C:\Windows\Installer\9e5ef9.msp
[2012/02/17 08:45:24 | 002,299,392 | R--- | M] () -- C:\Windows\Installer\a47c8.msp
[2012/04/28 21:43:58 | 008,459,264 | R--- | M] () -- C:\Windows\Installer\a47e8.msp
[2012/03/15 02:24:28 | 001,795,584 | R--- | M] () -- C:\Windows\Installer\a47fd.msp
[2011/11/01 13:34:26 | 001,169,920 | R--- | M] () -- C:\Windows\Installer\a4813.msp
[2011/11/01 13:34:28 | 002,247,168 | R--- | M] () -- C:\Windows\Installer\a4828.msp
[2012/04/04 22:38:16 | 003,620,864 | R--- | M] () -- C:\Windows\Installer\a4834.msp
[2012/04/28 21:44:02 | 009,586,176 | R--- | M] () -- C:\Windows\Installer\a4868.msp
[2012/03/23 14:59:02 | 007,899,648 | R--- | M] () -- C:\Windows\Installer\a487d.msp
[2011/11/01 13:34:56 | 004,250,112 | R--- | M] () -- C:\Windows\Installer\a48a1.msp
[2012/04/28 21:44:02 | 009,101,824 | R--- | M] () -- C:\Windows\Installer\a48c1.msp
[2012/04/04 22:38:44 | 002,831,360 | R--- | M] () -- C:\Windows\Installer\a48d6.msp
[2010/07/23 02:04:08 | 011,395,072 | R--- | M] () -- C:\Windows\Installer\a9da0.msp
[2011/07/27 08:37:28 | 011,592,192 | R--- | M] () -- C:\Windows\Installer\a9dc5.msp
[2011/01/03 12:28:08 | 000,092,672 | ---- | M] () -- C:\Windows\Installer\aae07f.msi
[2011/01/03 12:29:53 | 000,018,944 | ---- | M] () -- C:\Windows\Installer\aae088.msi
[2010/12/21 10:29:44 | 009,472,000 | ---- | M] () -- C:\Windows\Installer\bb1b0.msi
[2011/06/18 09:08:44 | 019,210,240 | R--- | M] () -- C:\Windows\Installer\ccdf0.msp
[2009/10/16 07:08:48 | 002,237,952 | R--- | M] () -- C:\Windows\Installer\d2b186.msp
[2009/06/23 22:38:16 | 000,691,200 | ---- | M] () -- C:\Windows\Installer\d2e1d8.msi
[2009/07/28 23:55:44 | 000,248,832 | ---- | M] () -- C:\Windows\Installer\d7bc64.msi
[2009/04/24 12:29:02 | 009,013,760 | R--- | M] () -- C:\Windows\Installer\da822.msp
[2010/10/12 13:54:19 | 000,212,992 | ---- | M] () -- C:\Windows\Installer\db5538.msi
[2010/12/10 13:47:21 | 000,083,456 | ---- | M] () -- C:\Windows\Installer\dbc9e.msi
[2012/03/28 20:48:47 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\e1fb7.msi
[2011/11/01 14:34:30 | 002,531,840 | R--- | M] () -- C:\Windows\Installer\eae3c9.msp
[2011/11/01 14:34:30 | 001,552,384 | R--- | M] () -- C:\Windows\Installer\eae3dc.msp
[2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\ef0b4.mst
[2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\fbb81.mst
[2011/07/12 15:50:24 | 017,555,968 | R--- | M] () -- C:\Windows\Installer\fd45f0.msp
[2011/07/11 17:19:28 | 010,619,904 | R--- | M] () -- C:\Windows\Installer\fd45fb.msp
[2011/12/21 01:05:47 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{05BFB060-4F22-4710-B0A2-2801A1B606C5}.SchedServiceConfig.rmi
[2011/06/14 00:16:49 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}.SchedServiceConfig.rmi
[2010/12/30 00:42:01 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{308B6AEA-DE50-4666-996D-0FA461719D6B}.SchedServiceConfig.rmi
[2012/06/20 00:19:39 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{3C3901C5-3455-3E0A-A214-0B093A5070A6}.SchedServiceConfig.rmi
[2011/06/13 13:45:27 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{774088D4-0777-4D78-904D-E435B318F5D2}.SchedServiceConfig.rmi
[2010/08/08 12:09:17 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{85991ED2-010C-4930-96FA-52F43C2CE98A}.SchedServiceConfig.rmi
[2010/05/03 13:52:23 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}.SchedServiceConfig.rmi
[2009/11/16 23:03:30 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}.SchedServiceConfig.rmi
[2009/08/10 15:00:58 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}.SchedServiceConfig.rmi
[2011/06/14 00:22:57 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{F53D678E-238F-4A71-9742-08BB6774E9DC}.SchedServiceConfig.rmi

< %windir%\system32\tasks\*.* >
[2012/06/23 13:46:14 | 000,003,682 | ---- | M] () -- C:\Windows\system32\tasks\Adobe Flash Player Updater
[2010/07/15 21:33:02 | 000,003,678 | ---- | M] () -- C:\Windows\system32\tasks\Adobe Reader and Acrobat Manager
[2012/02/26 13:05:42 | 000,003,082 | ---- | M] () -- C:\Windows\system32\tasks\ASC5_PerformanceMonitor
[2010/04/21 19:49:15 | 000,003,160 | ---- | M] () -- C:\Windows\system32\tasks\CreateChoiceProcessTask
[2011/02/26 04:52:51 | 000,003,060 | ---- | M] () -- C:\Windows\system32\tasks\Game_Booster_Startup
[2012/03/28 20:48:09 | 000,003,630 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
[2012/03/28 20:48:15 | 000,003,882 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
[2010/07/15 21:33:02 | 000,003,660 | ---- | M] () -- C:\Windows\system32\tasks\HP online update program
[2010/08/08 16:30:13 | 000,003,846 | ---- | M] () -- C:\Windows\system32\tasks\Real Networks Scheduler
[2011/11/15 23:46:18 | 000,003,196 | ---- | M] () -- C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-118059262-2797764304-1290977041-1000
[2011/11/15 23:46:18 | 000,003,328 | ---- | M] () -- C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-118059262-2797764304-1290977041-1000
[2009/06/15 16:54:52 | 000,003,202 | ---- | M] () -- C:\Windows\system32\tasks\Recovery DVD Creator-currys
[2010/10/21 21:05:16 | 000,003,806 | ---- | M] () -- C:\Windows\system32\tasks\Scheduled Update for Ask Toolbar
[2010/07/17 23:06:11 | 000,002,758 | ---- | M] () -- C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance
[2012/05/14 19:43:35 | 000,003,686 | ---- | M] () -- C:\Windows\system32\tasks\User_Feed_Synchronization-{5FCC3B7B-7333-4018-B6CB-058AB397226F}
[2012/07/10 18:51:08 | 000,003,940 | ---- | M] () -- C:\Windows\system32\tasks\User_Feed_Synchronization-{A65AEF0B-B822-4C24-B3BE-67EE9605EB86}
[2012/05/10 10:07:14 | 000,003,150 | ---- | M] () -- C:\Windows\system32\tasks\{066D67B3-8FF6-40F2-AE4C-FCD397779332}
[2011/12/26 23:35:47 | 000,003,168 | ---- | M] () -- C:\Windows\system32\tasks\{6A6C8641-9252-4A7B-AD0E-22E5CD41E78F}
[2009/12/30 18:08:43 | 000,003,188 | ---- | M] () -- C:\Windows\system32\tasks\{9314AEE8-62B5-46E1-9371-CEBBD1505854}
[2011/12/19 19:39:42 | 000,003,208 | ---- | M] () -- C:\Windows\system32\tasks\{953E484D-EA99-46B4-A95B-80A40D9FD657}
[2011/12/26 23:02:13 | 000,003,212 | ---- | M] () -- C:\Windows\system32\tasks\{9A51833A-65CA-4472-81F6-7A8B7C220054}
[2009/06/23 22:33:02 | 000,003,056 | ---- | M] () -- C:\Windows\system32\tasks\{A951A895-488A-4F20-95BB-2FD4A1404939}

< %systemroot%\Fonts\*.exe >

< %systemroot%\*. /mp /s >

< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/04/29 16:42:08 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: MRESP50.SYS >
[2011/05/26 16:03:50 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) MD5=07C02C892E8E1A72D6BF35004F0E9C5E -- C:\Program Files\Common Files\Motive\MRESP50.sys

< MD5 for: REGEDIT.EXE >
[2008/01/21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\ERDNT\cache\regedit.exe
[2008/01/21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008/01/21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/07/01 14:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008/07/01 14:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.0.6002
Copyright (C) 1999-2007 Microsoft Corporation.
On computer: EAMONNS
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 D DVD-ROM 0 B No Media
Volume 1 C OS NTFS Partition 586 GB Healthy System
Volume 2 I Removable 0 B No Media
Volume 3 E Removable 0 B No Media
Volume 4 F Removable 0 B No Media
Volume 5 G Removable 0 B No Media
Volume 6 H Removable 0 B No Media

========== Alternate Data Streams ==========

@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 1077 bytes -> C:\Users\currys\Documents\Reply to thread 'Internet Options in Control Panel missing'.eml:OECustomProperty
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP

FC5A2B2
@Alternate Data Stream - 1005 bytes -> C:\Users\currys\Desktop\Argos - Thank you for your order number 201549843.eml:OECustomProperty

< End of report >

baffledUK · 10-Jul-2012, 02:43 PM **#11**

OTL Extras logfile created on: 10/07/2012 18:55:16 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\currys\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 65.67% Memory free
6.22 Gb Paging File | 4.54 Gb Available in Paging File | 72.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 586.17 Gb Total Space | 420.59 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

Computer Name: EAMONNS | User Name: currys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfil e]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProf ile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{077FC2C3-74FB-403F-A334-E774484F5960}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14A4E836-AB4A-44A9-933F-91CE46AFE2B5}" = lport=139 | protocol=6 | dir=in | app=system |
"{22C706A7-3A8D-4B6D-A9AE-88DC09214501}" = lport=445 | protocol=6 | dir=in | app=system |
"{35A60B16-287F-46C1-A5F9-4354D7EF89F4}" = rport=139 | protocol=6 | dir=out | app=system |
"{36A75987-D56E-4F05-9A03-5AAA81F306CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{40901B14-999D-4D88-BE80-A291E6744CA7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5AA588C7-C691-43EB-865B-9E359D8682EF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{65B64942-38C9-482A-8194-CA0F6EE0F88B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{665A566B-2B80-4935-97CB-5FCCF0113726}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{69B487AE-551B-455B-B78A-C91099B96EBA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{96AAD2FA-FBEA-40E3-80EF-FAF5A323A1A3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AD375AD2-C012-412F-816A-4AB8299D8624}" = rport=137 | protocol=17 | dir=out | app=system |
"{B67AF908-280F-43F1-8C3A-F4C46F7CD957}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B925A4F0-24F0-4686-95FD-C8E82CCC3594}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BC3E63E3-F375-4AE4-99E8-5C1A2E938EE1}" = lport=137 | protocol=17 | dir=in | app=system |
"{C306F9DC-2929-4F98-A820-5587109B462D}" = rport=445 | protocol=6 | dir=out | app=system |
"{D2C7D018-F349-4D98-92E1-5870132BB37D}" = rport=138 | protocol=17 | dir=out | app=system |
"{EA7CDFC7-D863-4A3E-9E6B-E3F1F7A9A914}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ECAE8F2A-4601-40C3-A807-958837B9750C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F2F1F212-C4A9-42C1-AA7B-F5BE2C82ADD1}" = lport=138 | protocol=17 | dir=in | app=system |
"{F85E7310-B7C8-44DD-AF53-CAF849547520}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{0CD6F7B4-6243-42A3-8E8E-74C595DFF8C9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\napoleon total war\napoleon.exe |
"{0DE8C8DE-E774-4A91-8DD3-3756847058BB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0DFE3D5E-1292-4F0F-8015-6361B7DE97F5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1086D784-1C71-4146-8BE1-4F9E492EA384}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{1B2DC0D8-4758-467A-A820-D679BE61F5A6}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{27EA6E02-5D1B-4BCA-B4E9-B8EFDA209DDE}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{351F9051-5177-4A0C-8BFA-79628A9A3EDE}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{36A82E00-DF4C-4707-BE58-D3FB7674860A}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe |
"{42828803-D75E-4CA6-B629-25FAFF64DE83}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{45AA8F1B-F05C-4A55-B2CE-632972E4D84D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F4261BA-17EE-4191-8D14-CB29B9B7ACCC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5FC77053-37BB-4589-80D4-7007A07940AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{646E010A-8A31-4AAB-A714-060466A26699}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{65D2826D-0863-46B5-ADC5-0AAED43ECBA2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{669A9609-CE9A-412B-91CE-17B4F501CDDE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6E684EF5-B3CC-4D88-9AB2-C6E03414FF36}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{6F269D87-6FC8-4A0A-9A1F-771D5E724FF0}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
"{70E74B53-44BD-4761-9FD4-4161C4B29CA9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75CF704A-CE5F-48B1-BE5F-13DFEAE36786}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7E145D01-BC9F-4A80-AFC8-021AED9E5E5A}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{8E4D13B1-F004-4907-82EF-462BF3DBEB93}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{952BB108-C89A-4288-9A43-11A3D95B86D4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\napoleon total war\napoleon.exe |
"{98D2DA95-07EE-402E-830A-F1CA26B6B023}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9E58EDF0-68E3-4F6F-9087-1589B2E849F0}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe |
"{A16D46C9-8208-46AF-BF6F-DBC58CDD66E8}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{AB4EC5BD-B183-4837-8DBB-747E3BEBE443}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe |
"{ACA92CFD-F44B-4D19-9D56-1A76E4C48CA5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2010\fm.exe |
"{ADF50129-A0D0-4A09-B01C-6C85490C5468}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{B3C7A140-7DEF-448F-9F84-F5E0243A75C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B50BD5F2-FF67-4DD4-851B-2DC64366E332}" = protocol=6 | dir=out | app=system |
"{B8D7047F-E01B-4317-97FA-9CBD1A1F2944}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BA141541-D4B6-4D5B-BD03-37FD58A6C371}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BDA6A4A2-8D5B-4DF4-B92D-B698121867CF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE68E580-C2B2-456D-B409-5B1743F0D7E2}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe |
"{BF0309EB-A94D-44BD-9F37-55002BAED87C}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{C965B8E4-CD54-4750-9251-5681E7E415E2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D23B8769-4D9A-44A3-A159-01AF507C6EFB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D41CA142-1B1E-43ED-99E9-93C0E6F05ADD}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{D8129F23-28D1-498D-9DC2-3A2F9BC48A20}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe |
"{DF984537-12F5-4F19-B213-ED5F723E3162}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
"{E81A495F-B905-4CB9-AC84-4D2DC4806A8C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E97292A2-833B-4AE1-9BBF-ED5F22BE57E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F1D928A8-6CB1-49EC-B34E-20053F210C1A}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe |
"{F24FC09A-47E9-4A92-8560-A53264E39319}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{F4986326-7C1D-462A-80E2-D6DB7B1DEA97}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2010\fm.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{121C477C-5B7B-44E3-B621-BDDB542AE8FD}" = TuneUp Utilities Language Pack (en-GB)
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28518520-F25C-48C3-A224-861F331602F4}" = Setup My PC
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BD94085-2E05-4EBD-8F2D-AF7499C50D92}" = LCD test
"{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3350E9B0-DCE6-4AE1-B3AC-D0C11FBEEDA1}_is1" = SeaTools for Windows
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3559CDE0-11FC-4D7B-A65C-D646035B1033}" = Nero 8 Essentials
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B41AE13-BA0E-4328-8E83-AD2A0BEB33EB}" = Sky Player
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4F923F90-46D1-4492-9CC6-13FBBA00E7EC}" = C4400
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5884CB45-C54B-4550-BAD5-3E060FD75D17}" = ZoneAlarm Firewall
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B407945-AE16-4A2A-BAAF-497FE62EDED3}" = PS_AIO_03_C4400_Software_Min
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6C2EDF63-C83B-4AAD-AC26-1784660F618B}" = Advanced Disk Cleaner
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{709817E4-5439-4206-8738-796B34B623BD}" = MetaBoli
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{848139E5-DC9D-44E6-934E-F64BB648ED6E}_is1" = CD & DVD Label Maker 1.2
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B7443F5-E141-42A0-AB61-ED2331AAD606}" = 4oD
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{954B7F64-D1D4-476F-8919-99585D0A6ABF}" = PS_AIO_03_C4400_Software
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F38A000-31A6-4A46-B5AF-07523E3B1E7C}_is1" = Packard Bell ImageWriter v1.1
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3E8FC19-2107-49DA-967F-23E1B5210D9C}" = ZoneAlarm Security
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB7032FF-AFED-4C58-AA5C-8473B273793A}" = HDReg
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BEA18030-8B42-1286-EF64-CDA6BD083888}" = BBC iPlayer Desktop
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C591601B-4F3C-4756-B7B1-1C36637D4AFE}" = Chanalyzer 4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9CE9393-B568-428D-AD5B-55452B9748DB}" = PS_AIO_03_C4400_ProductContext
"{CA786CFF-1D31-4804-B436-F3405B14357F}" = Updator
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DAB5C521-80B2-48C3-B0DA-326A1B331F55}" = GoToAssist Corporate
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F012A635-8E2C-4AF2-BD46-C508D00289B2}" = ZoneAlarm Antivirus
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}" = Image Writer
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F7B72805-2F58-4C04-AE9E-E7AD6A6EF62E}" = C4400_Help
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8}" = HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3
"4oD" = 4oD
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"BT Broadband Desktop Help" = BT Broadband Desktop Help
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"Game Booster_is1" = Game Booster 3
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist Corporate
"Greatis Reanimator_is1" = RegRun Reanimator
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"LimeWire" = LimeWire 5.4.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 14.0 (x86 en-US)" = Mozilla Firefox 14.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"RealPlayer 12.0" = RealPlayer
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam App 34000" = Football Manager 2010
"Steam App 34030" = Napoleon: Total War
"SystemRequirementsLab" = System Requirements Lab
"WinLiveSuite" = Windows Live Essentials
"ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar
"ZoneAlarm_Security Toolbar" = ZoneAlarm Security Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/07/2012 13:46:12 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
description: Class not registered .

Error - 10/07/2012 13:46:12 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
description: Class not registered .

Error - 10/07/2012 13:49:50 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
description: Class not registered .

Error - 10/07/2012 13:49:50 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
description: Class not registered .

Error - 10/07/2012 13:58:01 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
description: Class not registered .

Error - 10/07/2012 13:58:01 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
description: Class not registered .

Error - 10/07/2012 14:07:42 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
description: Class not registered .

Error - 10/07/2012 14:07:42 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
description: Class not registered .

Error - 10/07/2012 14:10:39 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
description: Class not registered .

Error - 10/07/2012 14:10:39 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
description: Class not registered .

[ OSession Events ]
Error - 07/07/2009 16:32:25 | Computer Name = Eamonns | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

Error - 07/07/2009 16:44:49 | Computer Name = Eamonns | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

Error - 07/07/2009 16:50:58 | Computer Name = Eamonns | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

[ System Events ]
Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
Description =

Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
Description =

Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
Description =

Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
Description =

Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
Description =

Error - 10/07/2012 13:35:41 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7022
Description =

Error - 10/07/2012 13:35:41 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7034
Description =

Error - 10/07/2012 13:38:11 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7009
Description =

Error - 10/07/2012 13:38:14 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7038
Description =

Error - 10/07/2012 13:38:14 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
Description =

< End of report >

**eddie5659** · 10-Jul-2012, 04:50 PM **#12**

Okay, looks like you have quite a lot there that is not needed, so lets get rid of those

Firstly, can you uninstall these via AddRemove Programs:

Conduit Engine
Game Booster 3
Smart Defrag 2
ZoneAlarm Security Toolbar

------

Then, can you do the following:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
PRC - [2011/08/26 13:56:04 | 000,685,912 | ---- | M] (IObit) -- C:\Program Files\IObit\Game Booster\gbtray.exe
MOD - [2011/08/26 13:56:08 | 000,516,440 | ---- | M] () -- C:\Program Files\IObit\Game Booster\sqlite3.dll
MOD - [2011/02/22 16:01:26 | 000,345,088 | ---- | M] () -- C:\Program Files\IObit\Game Booster\madexcept_.bpl
MOD - [2011/02/22 16:01:26 | 000,177,152 | ---- | M] () -- C:\Program Files\IObit\Game Booster\madbasic_.bpl
MOD - [2011/02/22 16:01:26 | 000,044,544 | ---- | M] () -- C:\Program Files\IObit\Game Booster\maddisAsm_.bpl
SRV - File not found [Auto | Stopped] -- -- (WMService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - File not found [Auto | Stopped] -- -- (PLFlash DeviceIoControl Service)
SRV - File not found [On_Demand | Stopped] -- -- (odserv)
SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 3)
SRV - File not found [On_Demand | Stopped] -- -- (iPod Service)
SRV - File not found [Auto | Stopped] -- -- (IBUpdaterService)
SRV - File not found [Auto | Stopped] -- -- (Apple Mobile Device)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (vsdatant7)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (cpuz134)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\currys\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011/02/23 17:52:34 | 000,016,184 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found
IE - HKLM\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.goonsearch.com/web.html?source=IBR-IB-PDP-INS-DBS&q={searchTerms}
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2645238
IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101067&mntrId=50b4fa92000000000000002197a13750
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ALSV5&o=1665&src=crm&q={searchTerms}&locale=en_UK&apn _ptnrs=AU&apn_dtid=YYYYYYYYGB&apn_uid=34399D31-44A3-4DA6-8AC7-C989A030269F&apn_sauid=A32CCD2B-3BB2-4310-B8FA-574A397D7115
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.goonsearch.com/web.html?source=IBR-IB-PDP-INS-DBS&q={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=CrQt__Hz-oJhPpnLvuNAmY8Q990?q={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = http://search.ibryte.com/i/playbryte/search/redirect/?type=default-ie&user_id=8a29f83a-1762-4abe-b6d2-85b8f55d9ff9&query={searchTerms}
IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaultthis.engineName: "WiseConvert Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "WiseConvert Customized Web Search"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
[2012/07/01 01:10:55 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/07/08 19:39:06 | 000,000,000 | ---D | M] (WiseConvert Community Toolbar) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
[2012/06/27 14:38:40 | 000,000,925 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\conduit.xml
[2012/06/23 14:03:40 | 000,002,203 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\MyStart Search.xml
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (no name) - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll (Montera Technologeis LTD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with &Media Finder - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. File not found
O8 - Extra context menu item: Google Sidewiki... - Reg Error: Value error. File not found
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photobox.com/assets/au...20090910103721 (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/Driver...reqlab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/s...irector/sw.cab (Reg Error: Key error.)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/Driver...aSmartScan.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.tescophoto.com/upload/act...eX_Control.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\avgsecuritytoolbar - No CLSID value found
O18 - Protocol\Handler\base64 - No CLSID value found
O18 - Protocol\Handler\chrome - No CLSID value found
O18 - Protocol\Handler\ms-itss - No CLSID value found
O18 - Protocol\Handler\prox - No CLSID value found
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2011/03/15 19:37:45 | 000,029,520 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/03/15 19:37:45 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2012/07/01 01:10:53 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\IObit
[2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\IObit
[2011/02/26 04:52:51 | 000,003,060 | ---- | M] () -- C:\Windows\system32\tasks\Game_Booster_Startup
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
:Files
ipconfig /flushdns /c
:Commands 
[purity] 
[resethosts] 
[emptytemp] 
[emptyjava]
[EMPTYFLASH] 
[CREATERESTOREPOINT] 
[Reboot]

Then click the Run Fix button at the top
Click OK.
OTL may ask to reboot the machine. Please do so if asked.
The report should appear in Notepad after the reboot. Copy/Paste the report in your next reply.

baffledUK · 11-Jul-2012, 06:38 PM **#13**

All processes killed
========== OTL ==========
No active process named gbtray.exe was found!
Error: No service named WMService was found to stop!
Service\Driver key WMService not found.
Error: No service named SBSDWSCService was found to stop!
Service\Driver key SBSDWSCService not found.
File C:\Program Files\Spybot not found.
Error: No service named PLFlash DeviceIoControl Service was found to stop!
Service\Driver key PLFlash DeviceIoControl Service not found.
Error: No service named odserv was found to stop!
Service\Driver key odserv not found.
Error: No service named NMIndexingService was found to stop!
Service\Driver key NMIndexingService not found.
Error: No service named Nero BackItUp Scheduler 3 was found to stop!
Service\Driver key Nero BackItUp Scheduler 3 not found.
Error: No service named iPod Service was found to stop!
Service\Driver key iPod Service not found.
Error: No service named IBUpdaterService was found to stop!
Service\Driver key IBUpdaterService not found.
Error: No service named Apple Mobile Device was found to stop!
Service\Driver key Apple Mobile Device not found.
Error: No service named vsdatant7 was found to stop!
Service\Driver key vsdatant7 not found.
Error: No service named NwlnkFwd was found to stop!
Service\Driver key NwlnkFwd not found.
Error: No service named NwlnkFlt was found to stop!
Service\Driver key NwlnkFlt not found.
Error: No service named MRENDIS5 was found to stop!
Service\Driver key MRENDIS5 not found.
Error: No service named MREMPR5 was found to stop!
Service\Driver key MREMPR5 not found.
Error: No service named IpInIp was found to stop!
Service\Driver key IpInIp not found.
Error: No service named cpuz134 was found to stop!
Service\Driver key cpuz134 not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\Users\currys\AppData\Local\Temp\catchme.sys not found.
Error: No service named SmartDefragDriver was found to stop!
Service\Driver key SmartDefragDriver not found.
File C:\Windows\System32\drivers\SmartDefragDriver.sys not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{91da5e8a-3318-4f8c-b67e-5964de3ab546} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}\ not found.
Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
Prefs.js: "WiseConvert Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "WiseConvert Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/ShockwavePlayer\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=8\ not found.
Folder C:\Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Folder C:\Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\e xtensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\ not found.
File C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\s earchplugins\conduit.xml not found.
File C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\s earchplugins\MyStart Search.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}\ not found.
File C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Brows er Helper Objects\{a0e8bc7d-6959-40b6-8e05-204d9768ad6e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0e8bc7d-6959-40b6-8e05-204d9768ad6e}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}\ not found.
File C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ not found.
Starting removal of ActiveX control {0972B098-DEE9-4279-AC7E-4BAAA029102D}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0972B098-DEE9-4279-AC7E-4BAAA029102D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0972B098-DEE9-4279-AC7E-4BAAA029102D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0972B098-DEE9-4279-AC7E-4BAAA029102D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0972B098-DEE9-4279-AC7E-4BAAA029102D}\ not found.
Starting removal of ActiveX control {1E54D648-B804-468d-BC78-4AFFED8E262F}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1E54D648-B804-468d-BC78-4AFFED8E262F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E54D648-B804-468d-BC78-4AFFED8E262F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1E54D648-B804-468d-BC78-4AFFED8E262F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E54D648-B804-468d-BC78-4AFFED8E262F}\ not found.
Starting removal of ActiveX control {233C1507-6A77-46A4-9443-F871F945D258}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
Starting removal of ActiveX control {74DBCB52-F298-4110-951D-AD2FF67BC8AB}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {BEA7310D-06C4-4339-A784-DC3804819809}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{BEA7310D-06C4-4339-A784-DC3804819809}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEA7310D-06C4-4339-A784-DC3804819809}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{BEA7310D-06C4-4339-A784-DC3804819809}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEA7310D-06C4-4339-A784-DC3804819809}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\avgsecuritytoolbar\ not found.
File Protocol\Handler\avgsecuritytoolbar - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\base64\ not found.
File Protocol\Handler\base64 - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\chrome\ not found.
File Protocol\Handler\chrome - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ not found.
File Protocol\Handler\ms-itss - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\prox\ not found.
File Protocol\Handler\prox - No CLSID value found not found.
File/Folder C:\Windows\System32\*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
File C:\Windows\System32\SmartDefragBootTime.exe not found.
File C:\Windows\System32\drivers\SmartDefragDriver.sys not found.
Folder C:\Users\currys\AppData\Roaming\IObit\ not found.
Folder C:\Users\Default\AppData\Roaming\IObit\ not found.
Folder C:\Users\Default User\AppData\Roaming\IObit\ not found.
Folder C:\Users\UpdatusUser\AppData\Roaming\IObit\ not found.
File C:\Windows\system32\tasks\Game_Booster_Startup not found.
Unable to delete ADS C:\ProgramData\TEMP:07BF512B .
Unable to delete ADS C:\ProgramData\TEMP:430C6D84 .
Unable to delete ADS C:\ProgramData\TEMP:0B4227B4 .
Unable to delete ADS C:\ProgramData\TEMP:A8ADE5D8 .
Unable to delete ADS C:\ProgramData\TEMP

FC5A2B2 .
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\currys\Downloads\cmd.bat deleted successfully.
C:\Users\currys\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: currys
->Temp folder emptied: 1050496 bytes
->Temporary Internet Files folder emptied: 1439217 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 59824564 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 56967 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56475 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 27915180 bytes
RecycleBin emptied: 1146246 bytes

Total Files Cleaned = 87.00 mb

[EMPTYJAVA]

User: All Users

User: currys
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: All Users

User: currys
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Unable to start System Restore Service. Error code -2146959355

OTL by OldTimer - Version 3.2.53.1 log created on 07112012_220830

Files\Folders moved on Reboot...
C:\Users\currys\AppData\Local\Temp\~DF6D18.tmp moved successfully.
C:\Windows\temp\ZLT02723.TMP moved successfully.

PendingFileRenameOperations files...
File C:\Users\currys\AppData\Local\Temp\~DF6D18.tmp not found!
File C:\Windows\temp\ZLT02723.TMP not found!

Registry entries deleted on Reboot...

Eddie can't find conduit engine in add/remove any ideas?

**eddie5659** · 12-Jul-2012, 05:50 PM **#14**

Its okay about the Conduit Engine, it may have been removed after uninstalling the others

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

Double-click SystemLook.exe to run it.

Copy the content of the following codebox into the main textfield:

Code:

:filefind
*Conduit*
*Game Booster*
*Smart Defrag*
*ZoneAlarm*
*IObit*
*SmartDefragDriver*
*goonsearch*
*searchqu*
*ask.com*
*babylon*
*ibryte*
*MyStart*
*uTorrentBar*
*WiseConvert*
*Blabbers*
:folderfind
*Conduit*
*Game Booster*
*Smart Defrag*
*ZoneAlarm*
*IObit*
*SmartDefragDriver*
*goonsearch*
*searchqu*
*ask.com*
*babylon*
*ibryte*
*MyStart*
*uTorrentBar*
*WiseConvert*
*Blabbers*

Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found at on your Desktop entitled SystemLook.txt

baffledUK · 16-Jul-2012, 04:18 PM **#15**

SystemLook 30.07.11 by jpshortstuff
Log created at 21:05 on 16/07/2012 by currys
Administrator - Elevation successful

========== filefind ==========

Searching for "*Conduit*"
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\com.yahoo.go.sync.client.res ources\PhoneConduit.plist --a---- 11408 bytes [07:36 16/04/2010] [07:36 16/04/2010] AB18CD2A656AE753C30E6276EC3DA0C2
C:\Program Files\ConduitEngine\ConduitEngine.dll --a---- 3911776 bytes [22:45 21/12/2010] [12:51 09/12/2010] D9A0CE26ADA5BD15B1B03A752DDF14A6
C:\Program Files\ConduitEngine\ConduitEngineHelper.exe --a---- 38496 bytes [22:45 21/12/2010] [08:08 19/12/2010] A320DF2B47CFCAF98D06EB59CD72084C
C:\Program Files\ConduitEngine\ConduitEngineUninstall.exe --a---- 23648 bytes [22:45 21/12/2010] [10:32 25/11/2010] DF465BE110DC0F7E5329D1B8065A405F
C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1037922_1033633_UK.xml --a---- 197 bytes [19:19 28/11/2011] [23:09 04/12/2011] F1FF673270D84B6548C27BE92BF4520F
C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1161838_1157525_UK.xml --a---- 184 bytes [22:46 21/12/2010] [00:10 03/03/2011] F74147AF8D71A423E2E1DABCA44BC712
C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1178763_1174448_UK.xml --a---- 179 bytes [11:55 22/01/2012] [10:13 12/03/2012] F7598DCC137C5BC7A12A1A69CF63D58D
C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_900783_896578_UK.xml --a---- 198 bytes [23:55 02/03/2011] [00:10 03/03/2011] 44D5CE8ECD2976E626B8D997EF454F36
C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_UK.xml --a---- 191 bytes [22:46 21/12/2010] [00:10 03/03/2011] 43C93B80235159F037CEA9A173922F92
C:\Users\currys\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_c onduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=6_7_0_6. xml --a---- 10909 bytes [19:18 28/11/2011] [14:48 04/12/2011] 1B3B574AA349758343D3C80787B9739E
C:\Users\currys\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_c onduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=6_8_2_0. xml --a---- 10909 bytes [14:59 04/12/2011] [18:27 28/12/2011] 1B3B574AA349758343D3C80787B9739E
C:\Users\currys\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_c onduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=6_8_5_1. xml --a---- 10909 bytes [11:55 22/01/2012] [11:55 11/03/2012] 1B3B574AA349758343D3C80787B9739E
C:\Users\currys\AppData\LocalLow\ConduitEngine\ConduitEngine.dll --a---- 4214056 bytes [18:49 09/03/2011] [15:14 16/02/2011] 4CF003B5D20C351A1AA4A343267A7832
C:\Users\currys\AppData\LocalLow\ConduitEngine\ExternalComponent\http___con textmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu&local e=en-gb.xml --a---- 6613 bytes [22:45 21/12/2010] [22:45 21/12/2010] FE3E6F69A41E7532957D7814E3E433E1
C:\Users\currys\AppData\LocalLow\ConduitEngine\ExternalComponent\http___con textmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu2_0&lo cale=en-gb.xml --a---- 6819 bytes [22:45 21/12/2010] [18:48 09/03/2011] A278FCD81E7E9E287A0F8BB1C89CD2C6
C:\Users\currys\AppData\LocalLow\ConduitEngine\ExternalComponent\http___con textmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu&lo cale=en-gb.xml --a---- 4060 bytes [22:45 21/12/2010] [22:45 21/12/2010] D36423CECBFE5F806725E13ED7101201
C:\Users\currys\AppData\LocalLow\ConduitEngine\ExternalComponent\http___con textmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu2_0 &locale=en-gb.xml --a---- 4475 bytes [22:45 21/12/2010] [18:48 09/03/2011] 74F81E98677EB434ADD4BC697F677185
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_634062498888125000_png.png --a---- 509 bytes [19:18 28/11/2011] [19:18 28/11/2011] 40ECBDFF6DF6593ACDEAD0021DCC7336
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_634062499232812500_png.png --a---- 670 bytes [19:18 28/11/2011] [19:18 28/11/2011] D9CE725CB6F7C294C96BDF01D653A8D5
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_634062507244523750_png.png --a---- 542 bytes [19:18 28/11/2011] [19:18 28/11/2011] 9D05DCA26B67565D14A9449C99151904
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_634072035938731250_png.png --a---- 1233 bytes [19:18 28/11/2011] [19:18 28/11/2011] DBE61127540140F646C5CBF6C861EF7C
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_634086668687710000_png.png --a---- 1220 bytes [19:18 28/11/2011] [19:18 28/11/2011] E47D3E82CF24455F91AFF9C5CC0B97EB
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_634104326720878750_gif.gif --a---- 405 bytes [19:18 28/11/2011] [19:18 28/11/2011] 2221BD773E94BC9C07D9433BDC91A234
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_634182163591881250_png.png --a---- 1272 bytes [19:18 28/11/2011] [19:18 28/11/2011] 3894229CBC80234B1321515E51A063A9
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_634449653283568750_png.png --a---- 529 bytes [19:18 28/11/2011] [19:18 28/11/2011] 810FDF4A283DB1CFFFF73828531AC0D7
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_Menu-silkset_accept_gif-Silk_1-634051179887806250_gif.gif --a---- 403 bytes [19:18 28/11/2011] [19:18 28/11/2011] 87B062CE740BE13817F46B8F381E8A2B
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_38_264_CT2645238_Images_PopUpBlocker-02_gif-Shiny-634461580123626958_gif.gif --a---- 1008 bytes [19:18 28/11/2011] [19:18 28/11/2011] AE12636E9E2B22BCD58053E57E8709C7
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankimages_commandcomps_block_gif.gif --a---- 159 bytes [19:18 28/11/2011] [19:18 28/11/2011] FF164EABA285C2E614EBFD967FEF9732
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png --a---- 821 bytes [19:18 28/11/2011] [19:18 28/11/2011] 99D5F75C338F2A877CBF891E0F18746E
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png --a---- 729 bytes [19:18 28/11/2011] [19:18 28/11/2011] F2291FAB46ED9291A1A2FFE9F88E9D84
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png --a---- 531 bytes [19:18 28/11/2011] [19:18 28/11/2011] A847C5F6CE2C700048749892DD2E0619
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png --a---- 669 bytes [19:18 28/11/2011] [19:18 28/11/2011] FED9E00C76F647EE6A0B7CC684C89F0C
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png --a---- 263 bytes [19:18 28/11/2011] [19:18 28/11/2011] 36BD416D16391EFAAAFB2C3C54EAE986
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.p ng --a---- 734 bytes [19:18 28/11/2011] [19:18 28/11/2011] 943ADFD9E0DF1507F7BC419802BF4303
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png --a---- 562 bytes [19:18 28/11/2011] [19:18 28/11/2011] 36C6FB9C84D4AF5C5D7C5B277A0E4A01
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png --a---- 493 bytes [19:18 28/11/2011] [19:18 28/11/2011] 275C9DA2D536F18F528C80E050C3D705
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png --a---- 706 bytes [19:18 28/11/2011] [19:18 28/11/2011] 3AD88BD8E832DA39FAAEDF07AD595F94
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png --a---- 674 bytes [19:18 28/11/2011] [19:18 28/11/2011] 650731EEF807C292E699779B12CBE552
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png --a---- 607 bytes [19:18 28/11/2011] [19:18 28/11/2011] 9B4D914888BCFFCBAE6757A0E450551C
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Events_png.png --a---- 705 bytes [19:18 28/11/2011] [19:18 28/11/2011] 70B83DCDF7A6FA34240E1AA1D23EE535
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Friends_png.png --a---- 746 bytes [19:18 28/11/2011] [19:18 28/11/2011] 2AE805114215925E00858FD2FEFF1439
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Groups_png.png --a---- 669 bytes [19:18 28/11/2011] [19:18 28/11/2011] 6CFEA2D0DB786FDB4D72C1C1DE036822
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Home_png.png --a---- 338 bytes [19:18 28/11/2011] [19:18 28/11/2011] DB45ACA16C515F2FD8CB3B6F5E4FC386
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Inbox_png.png --a---- 545 bytes [19:18 28/11/2011] [19:18 28/11/2011] 6EB69BFCBFD422247C103705B532BFE1
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Logout_png.png --a---- 514 bytes [19:18 28/11/2011] [19:18 28/11/2011] 7F396C3A400239B9B66DEC2D503D86BB
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Photos_png.png --a---- 3355 bytes [19:18 28/11/2011] [19:18 28/11/2011] EC261A170D34BE434129E71B9C2C0408
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Profile_png.png --a---- 594 bytes [19:18 28/11/2011] [19:18 28/11/2011] 62C86296694EF7F41D380804A58EF5CA
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Settings_png.png --a---- 415 bytes [19:18 28/11/2011] [19:18 28/11/2011] E42D284CC0436B66C1DB4AAFFCCC1957
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Share_png.png --a---- 461 bytes [19:18 28/11/2011] [19:18 28/11/2011] B4AEAC6600360BC4148538F716453AAC
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_bankImages_FaceBook_Status_png.png --a---- 699 bytes [19:18 28/11/2011] [19:18 28/11/2011] 640E17444F44717CA5039BCB7FD3551E
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_ClientImages_radio_gif.gif --a---- 419 bytes [19:18 28/11/2011] [19:18 28/11/2011] 01B83C91554738F6AFFB7895BBBA73FB
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_about_gif.gif --a---- 403 bytes [19:18 28/11/2011] [19:18 28/11/2011] EC3C2B4E0DEC4D880BAFF88ABBF94188
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_clear_history_gif.gif --a---- 414 bytes [19:18 28/11/2011] [19:18 28/11/2011] A9E001CBC00B06B121DFBC80707F5298
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_contact_gif.gif --a---- 278 bytes [19:18 28/11/2011] [19:18 28/11/2011] 15DEF39E438E807E2F0E22D44FDC7FB7
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_help_gif.gif --a---- 405 bytes [19:18 28/11/2011] [19:18 28/11/2011] 995595D4C685D659E8F03CD0A287EDDF
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_options_gif.gif --a---- 361 bytes [19:18 28/11/2011] [19:18 28/11/2011] 464E244E7E2F27FB85E0C3AB69D72104
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_privacy_gif.gif --a---- 425 bytes [19:18 28/11/2011] [19:18 28/11/2011] 6427565C7105DC497287866100F260BB
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_refresh_gif.gif --a---- 381 bytes [19:18 28/11/2011] [19:18 28/11/2011] AE7C9F67594A84B096D225601ACB0B2A
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_shrink_gif.gif --a---- 351 bytes [19:18 28/11/2011] [19:18 28/11/2011] C3EBA0237D68F665AF6D663906221092
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_tell_a_friend_gif.gif --a---- 392 bytes [19:18 28/11/2011] [19:18 28/11/2011] 5E7217A3357550F9749A095631F51015
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_main_menu_upgrade_gif.gif --a---- 399 bytes [19:18 28/11/2011] [19:18 28/11/2011] 8BE02D510B4B2E05AD2611B1E9A0BD56
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_SearchEngines_images_search_gif.gif --a---- 405 bytes [19:18 28/11/2011] [19:18 28/11/2011] 66018EAE0906C9831A821CAE5D1089BB
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_SearchEngines_news_icon_gif.gif --a---- 371 bytes [19:18 28/11/2011] [19:18 28/11/2011] 84896837EDB1A78C14DB6A2F3A0AEE3A
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_searchengines_search_icon_gif.gif --a---- 322 bytes [19:18 28/11/2011] [19:18 28/11/2011] 948781E4B6478290050ECA4423B89B1E
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_searchengines_softonic_gif.gif --a---- 606 bytes [19:18 28/11/2011] [19:18 28/11/2011] 2A1D4FB45F62D3D260F2134228FAB05E
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_SearchEngines_tfd_gif.gif --a---- 240 bytes [19:18 28/11/2011] [19:18 28/11/2011] AE5A39669C623937C0839E079E1088D5
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_images_SearchEngines_video_gif.gif --a---- 335 bytes [19:18 28/11/2011] [19:18 28/11/2011] 766433EF38BDA83C4FD4932027A4B9D5
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_MarketPlace_27_580_2760e0b4-18bf-4506-b490-68675d529580_Appearance_634162503573491253_24x24_png.png --a---- 1942 bytes [19:18 28/11/2011] [19:18 28/11/2011] 6FB2D7B7D0D5AB90592A88F6ECE99F52
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_MarketPlace_9b_1c5_9b145804-a2fe-4b13-aa3d-2a7d0d2e71c5_Appearance_634045313698673754_png.png --a---- 1521 bytes [19:18 28/11/2011] [19:18 28/11/2011] 9923EFB40AEB86E5663330985042FF62
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___stora ge_conduit_com_MarketPlace_d2_909_d2d47f0a-2c1d-48a1-8dba-fdebac043909_Appearance_634211716261212501_24x24_png.png --a---- 1164 bytes [19:18 28/11/2011] [19:18 28/11/2011] 31739E90689A4A6E14D8782F8E4C3434
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weath er_conduit_com_images_weather_Default_drizzle_gif.gif --a---- 351 bytes [23:02 04/12/2011] [23:02 04/12/2011] 703A98E0FBFB8C9B617E732C9E62DB04
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weath er_conduit_com_images_weather_Default_partly_cloudy_gif.gif --a---- 173 bytes [14:48 04/12/2011] [14:48 04/12/2011] E509575F473727B14C87367068C42353
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weath er_conduit_com_images_weather_Default_partly_cloudy_night_gif.gif --a---- 212 bytes [19:19 28/11/2011] [19:19 28/11/2011] 88CD5B8D6F007347115A8A602E5D158B
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weath er_conduit_com_images_weather_Default_rain_gif.gif --a---- 386 bytes [20:02 12/12/2011] [20:02 12/12/2011] 8006B1A5A88AB3451A5E58AA361815DD
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weath er_conduit_com_images_weather_Default_showers_gif.gif --a---- 379 bytes [23:29 28/12/2011] [23:29 28/12/2011] 8ACA902931FBDF51B3BB293D6E15D70F
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weath er_conduit_com_images_weather_Default_sunny_gif.gif --a---- 259 bytes [09:26 30/11/2011] [09:26 30/11/2011] 110EC9BCA8470D6488B626EA28914A6C
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weath er_conduit_com_images_weather_Default_sunny_night_gif.gif --a---- 204 bytes [21:19 29/11/2011] [21:19 29/11/2011] 5EBD213E8A460652C883CBF68C152B5B
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\ExternalComponent\http_ __contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en.xml --a---- 7042 bytes [19:18 28/11/2011] [18:27 28/12/2011] C159A6BEAA8E32AAEFE7172DD5C2481E
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\ExternalComponent\http_ __contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en.xml --a---- 5520 bytes [19:18 28/11/2011] [18:27 28/12/2011] D2E48F631F8A9768E9BBCB0964C7878F
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\ExternalComponent\http_ __contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en.xml --a---- 6586 bytes [19:18 28/11/2011] [18:27 28/12/2011] 0DC95CF28A384D3BFBFA60244A55125A
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\ExternalComponent\http_ __contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en.xml --a---- 5519 bytes [19:18 28/11/2011] [18:27 28/12/2011] 2B856ABBDD6E033594465C4945D5C93A
C:\Windows\System32\config\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1161838_1157525_UK.xml --a---- 184 bytes [22:38 10/02/2011] [16:02 23/02/2011] F74147AF8D71A423E2E1DABCA44BC712
C:\Windows\System32\config\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_UK.xml --a---- 191 bytes [22:38 10/02/2011] [16:02 23/02/2011] 43C93B80235159F037CEA9A173922F92
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Abo ut_png.png --a---- 821 bytes [22:32 10/02/2011] [22:32 10/02/2011] 99D5F75C338F2A877CBF891E0F18746E
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Bro wse_png.png --a---- 729 bytes [22:32 10/02/2011] [22:32 10/02/2011] F2291FAB46ED9291A1A2FFE9F88E9D84
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Con tact_png.png --a---- 531 bytes [22:32 10/02/2011] [22:32 10/02/2011] A847C5F6CE2C700048749892DD2E0619
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hid e_png.png --a---- 669 bytes [22:32 10/02/2011] [22:32 10/02/2011] FED9E00C76F647EE6A0B7CC684C89F0C
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Lik eIcon_png.png --a---- 263 bytes [22:32 10/02/2011] [22:32 10/02/2011] 36BD416D16391EFAAAFB2C3C54EAE986
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Mor eFromPublisher_png.png --a---- 734 bytes [22:32 10/02/2011] [22:32 10/02/2011] 943ADFD9E0DF1507F7BC419802BF4303
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Mor e_png.png --a---- 562 bytes [22:32 10/02/2011] [22:32 10/02/2011] 36C6FB9C84D4AF5C5D7C5B277A0E4A01
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Mov eLeft_png.png --a---- 610 bytes [22:32 10/02/2011] [22:32 10/02/2011] 68E9E9252E45ED7BD51B8680E8DD4462
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Mov eRight_png.png --a---- 606 bytes [22:32 10/02/2011] [22:32 10/02/2011] 8D8D187BA99DBEF76E4286668B474A4E
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Opt ions_png.png --a---- 493 bytes [22:32 10/02/2011] [22:32 10/02/2011] 275C9DA2D536F18F528C80E050C3D705
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Pri vacy_png.png --a---- 706 bytes [22:32 10/02/2011] [22:32 10/02/2011] 3AD88BD8E832DA39FAAEDF07AD595F94
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Ref resh_png.png --a---- 674 bytes [22:32 10/02/2011] [22:32 10/02/2011] 650731EEF807C292E699779B12CBE552
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Sha re_png.png --a---- 696 bytes [22:32 10/02/2011] [22:32 10/02/2011] 70D43EC3F4BD7C10D5534EFCEC6D7AE5
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Upg rade_png.png --a---- 607 bytes [22:32 10/02/2011] [22:32 10/02/2011] 9B4D914888BCFFCBAE6757A0E450551C
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Ext ernalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu&local e=en-gb.xml --a---- 6613 bytes [22:32 10/02/2011] [22:32 10/02/2011] FE3E6F69A41E7532957D7814E3E433E1
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Ext ernalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu2_0&lo cale=en-gb.xml --a---- 6819 bytes [22:32 10/02/2011] [22:32 10/02/2011] A278FCD81E7E9E287A0F8BB1C89CD2C6
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Ext ernalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu&lo cale=en-gb.xml --a---- 4060 bytes [22:32 10/02/2011] [22:32 10/02/2011] D36423CECBFE5F806725E13ED7101201
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\Ext ernalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu2_0 &locale=en-gb.xml --a---- 4475 bytes [22:32 10/02/2011] [22:32 10/02/2011] 74F81E98677EB434ADD4BC697F677185
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6338873845152125 00_png.png --a---- 431 bytes [22:32 10/02/2011] [22:32 10/02/2011] C07B41CE42E51B3BEA6018B07CB7E3A5
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6338873854011500 00_png.png --a---- 234 bytes [22:32 10/02/2011] [22:32 10/02/2011] FC109501BBC006458D9EC3C786EC0D63
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558357795687 50_gif.gif --a---- 462 bytes [22:32 10/02/2011] [22:32 10/02/2011] ACBE6609E815630977767A9F858B80C6
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558361233187 50_gif.gif --a---- 440 bytes [22:32 10/02/2011] [22:32 10/02/2011] 68AEF48DF3C3B4CEEE1281CE50E21D87
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558364569125 00_gif.gif --a---- 458 bytes [22:32 10/02/2011] [22:32 10/02/2011] 55932819DB4A8970A9C61C22C281F6B7
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558367912875 00_gif.gif --a---- 440 bytes [22:32 10/02/2011] [22:32 10/02/2011] 68AEF48DF3C3B4CEEE1281CE50E21D87
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558369978500 00_gif.gif --a---- 696 bytes [22:32 10/02/2011] [22:32 10/02/2011] C0C6DF053D83A35E33AE70965F0FE917
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558372175375 00_gif.gif --a---- 289 bytes [22:32 10/02/2011] [22:32 10/02/2011] 4CEAAE67B8871D5CCC0DCBE6D2901345
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558373998812 50_gif.gif --a---- 412 bytes [22:32 10/02/2011] [22:32 10/02/2011] E9F0CCBC43F6612BA259E59EA43183D0
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558375816000 00_gif.gif --a---- 472 bytes [22:32 10/02/2011] [22:32 10/02/2011] 8B61C11CADDB14B8C88842C0BC0F6287
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558377664437 50_gif.gif --a---- 1075 bytes [22:32 10/02/2011] [22:32 10/02/2011] 62F9C5DF7F25782EF45F934D39545730
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558379548812 50_gif.gif --a---- 658 bytes [22:32 10/02/2011] [22:32 10/02/2011] B6BF0A9C02D283294E314E81A50D84D7
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558381533187 50_gif.gif --a---- 206 bytes [22:32 10/02/2011] [22:32 10/02/2011] 57AB7F2947B7357C353CD58FEC11215E
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558383458187 50_gif.gif --a---- 1415 bytes [22:32 10/02/2011] [22:32 10/02/2011] 23C34B3EE5582922B29DEC4CD7909719
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558385491000 00_gif.gif --a---- 1039 bytes [22:32 10/02/2011] [22:32 10/02/2011] 0E265B20DE60F9CB087D35D0513D0127
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558387331625 00_gif.gif --a---- 1144 bytes [22:32 10/02/2011] [22:32 10/02/2011] 5D064A7B1D48DBD08F54CD93CDA1A8E7
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342558404608187 50_gif.gif --a---- 787 bytes [22:32 10/02/2011] [22:32 10/02/2011] 97BCF57BD3BF80F5225AE25C44F1FEF6
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_26_276_CT2769726_Images_6342735246878750 00_gif.gif --a---- 1288 bytes [22:32 10/02/2011] [22:32 10/02/2011] 782AE3076DBF8BDAA280AF650B503A98
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Abo ut_png.png --a---- 821 bytes [22:32 10/02/2011] [22:32 10/02/2011] 99D5F75C338F2A877CBF891E0F18746E
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Bro wse_png.png --a---- 729 bytes [22:32 10/02/2011] [22:32 10/02/2011] F2291FAB46ED9291A1A2FFE9F88E9D84
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Con tact_png.png --a---- 531 bytes [22:32 10/02/2011] [22:32 10/02/2011] A847C5F6CE2C700048749892DD2E0619
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Hid e_png.png --a---- 669 bytes [22:32 10/02/2011] [22:32 10/02/2011] FED9E00C76F647EE6A0B7CC684C89F0C
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Lik eIcon_png.png --a---- 263 bytes [22:32 10/02/2011] [22:32 10/02/2011] 36BD416D16391EFAAAFB2C3C54EAE986
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Mor eFromPublisher_png.png --a---- 734 bytes [22:32 10/02/2011] [22:32 10/02/2011] 943ADFD9E0DF1507F7BC419802BF4303
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Mor e_png.png --a---- 562 bytes [22:32 10/02/2011] [22:32 10/02/2011] 36C6FB9C84D4AF5C5D7C5B277A0E4A01
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Opt ions_png.png --a---- 493 bytes [22:32 10/02/2011] [22:32 10/02/2011] 275C9DA2D536F18F528C80E050C3D705
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Pri vacy_png.png --a---- 706 bytes [22:32 10/02/2011] [22:32 10/02/2011] 3AD88BD8E832DA39FAAEDF07AD595F94
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Ref resh_png.png --a---- 674 bytes [22:32 10/02/2011] [22:32 10/02/2011] 650731EEF807C292E699779B12CBE552
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Sha re_png.png --a---- 696 bytes [22:32 10/02/2011] [22:32 10/02/2011] 70D43EC3F4BD7C10D5534EFCEC6D7AE5
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___Storage_conduit_com_BankImages_ConduitEngine_ContextMenu_Upg rade_png.png --a---- 607 bytes [22:32 10/02/2011] [22:32 10/02/2011] 9B4D914888BCFFCBAE6757A0E450551C
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif --a---- 419 bytes [22:32 10/02/2011] [22:32 10/02/2011] 01B83C91554738F6AFFB7895BBBA73FB
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_about_gif.gif --a---- 403 bytes [22:32 10/02/2011] [22:32 10/02/2011] EC3C2B4E0DEC4D880BAFF88ABBF94188
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif --a---- 414 bytes [22:32 10/02/2011] [22:32 10/02/2011] A9E001CBC00B06B121DFBC80707F5298
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif --a---- 278 bytes [22:32 10/02/2011] [22:32 10/02/2011] 15DEF39E438E807E2F0E22D44FDC7FB7
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_help_gif.gif --a---- 405 bytes [22:32 10/02/2011] [22:32 10/02/2011] 995595D4C685D659E8F03CD0A287EDDF
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif --a---- 405 bytes [22:32 10/02/2011] [22:32 10/02/2011] AA39D8A6B65E208901EBA9F3D4728D3E
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_options_gif.gif --a---- 361 bytes [22:32 10/02/2011] [22:32 10/02/2011] 464E244E7E2F27FB85E0C3AB69D72104
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif --a---- 425 bytes [22:32 10/02/2011] [22:32 10/02/2011] 6427565C7105DC497287866100F260BB
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif --a---- 381 bytes [22:32 10/02/2011] [22:32 10/02/2011] AE7C9F67594A84B096D225601ACB0B2A
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif --a---- 351 bytes [22:32 10/02/2011] [22:32 10/02/2011] C3EBA0237D68F665AF6D663906221092
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_tell_a_friend_gif.gif --a---- 392 bytes [22:32 10/02/2011] [22:32 10/02/2011] 5E7217A3357550F9749A095631F51015
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif --a---- 399 bytes [22:32 10/02/2011] [22:32 10/02/2011] 8BE02D510B4B2E05AD2611B1E9A0BD56
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_searchengines_go_btn_new_gif.gif --a---- 891 bytes [22:32 10/02/2011] [22:32 10/02/2011] F74F91E7DF0A5A5283AB2D2F0E6E58DE
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.g if --a---- 405 bytes [22:32 10/02/2011] [22:32 10/02/2011] 66018EAE0906C9831A821CAE5D1089BB
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif --a---- 371 bytes [22:32 10/02/2011] [22:32 10/02/2011] 84896837EDB1A78C14DB6A2F3A0AEE3A
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif --a---- 322 bytes [22:32 10/02/2011] [22:32 10/02/2011] 948781E4B6478290050ECA4423B89B1E
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_SearchEngines_site_search_gif.gif --a---- 625 bytes [22:32 10/02/2011] [22:32 10/02/2011] C23D4DB18B6BB4F38ECBA57AD414A5CF
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif --a---- 606 bytes [22:32 10/02/2011] [22:32 10/02/2011] 2A1D4FB45F62D3D260F2134228FAB05E
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif --a---- 240 bytes [22:32 10/02/2011] [22:32 10/02/2011] AE5A39669C623937C0839E079E1088D5
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif --a---- 335 bytes [22:32 10/02/2011] [22:32 10/02/2011] 766433EF38BDA83C4FD4932027A4B9D5
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___weather_conduit_com_images_weather_Default_drizzle_gif.gif --a---- 351 bytes [11:02 19/02/2011] [11:02 19/02/2011] 703A98E0FBFB8C9B617E732C9E62DB04
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___weather_conduit_com_images_weather_Default_hazy_gif.gif --a---- 468 bytes [09:52 22/02/2011] [09:52 22/02/2011] 25C37C070415AAC32DD6C50BD64276CC
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Cac heIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_nig ht_gif.gif --a---- 212 bytes [22:32 10/02/2011] [22:32 10/02/2011] 88CD5B8D6F007347115A8A602E5D158B
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Ext ernalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en.xml --a---- 7046 bytes [22:32 10/02/2011] [22:32 10/02/2011] 2FEB6772FE1EAADE909B94F77730A174
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Ext ernalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en.xml --a---- 5524 bytes [22:32 10/02/2011] [22:32 10/02/2011] A682A34DF1ECD0DAD55086A5288F23CA
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Ext ernalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en.xml --a---- 6586 bytes [22:32 10/02/2011] [22:32 10/02/2011] 0DC95CF28A384D3BFBFA60244A55125A
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Ext ernalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en.xml --a---- 5519 bytes [22:32 10/02/2011] [22:32 10/02/2011] 2B856ABBDD6E033594465C4945D5C93A
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.js --a---- 9052 bytes [10:56 22/01/2012] [11:47 11/01/2012] AF98421711C6CFA73D6720C455D92DAC
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.xpt --a---- 166 bytes [10:56 22/01/2012] [11:47 11/01/2012] 806EA6CC4DCBF88A20AA3331BCDC9918
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.xml --a---- 925 bytes [10:56 22/01/2012] [11:47 11/01/2012] EC559A6ABEC972452F52CFB3A2AA9F7E
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\components\ConduitAutoCompleteSearch.js --a---- 9181 bytes [18:38 08/07/2012] [08:38 05/07/2012] 6E6B7E00632DF1BA5A48D74E1B41ABE3
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\components\ConduitAutoCompleteSearch.xpt --a---- 166 bytes [18:38 08/07/2012] [08:38 05/07/2012] 806EA6CC4DCBF88A20AA3331BCDC9918
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\searchplugin\conduit.xml --a---- 925 bytes [18:38 08/07/2012] [08:38 05/07/2012] C8FF51E75F948A1CDA26BB32BA874D96
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\Profiles\fwvafgml.default\searchplugins\conduit.xml --a---- 925 bytes [11:17 30/06/2012] [13:38 27/06/2012] 2B398647E19F5F1D7404363B028AEDB5

Searching for "*Game Booster*"
No files found.

Searching for "*Smart Defrag*"
No files found.

Searching for "*ZoneAlarm*"
C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe --a---- 65832 bytes [08:20 04/08/2011] [08:20 04/08/2011] DA11D78D765E4B8FA4CFA5A37E8A94FF
C:\ProgramData\CheckPoint\ZoneAlarm\Data\ZoneAlarm.xml ------- 818 bytes [19:19 28/11/2011] [10:39 06/05/2012] 39D8F6146B8D10EFE83B9555E1C48703
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Diagnostics Tool.lnk --a---- 1096 bytes [10:36 06/05/2012] [10:36 06/05/2012] 6C45A729F95E090DF54007F10D437C12
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Logs.lnk --a---- 730 bytes [10:36 06/05/2012] [10:36 06/05/2012] F4251299966AEFE8071AED631351A4B2
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Readme.lnk --a---- 897 bytes [10:36 06/05/2012] [10:36 06/05/2012] 96528DD91E46FAA64E221B0FB49EEE83
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk --a---- 890 bytes [10:36 06/05/2012] [10:36 06/05/2012] C5F5A25394AC57E2569B8044713D9D5E
C:\Users\All Users\CheckPoint\ZoneAlarm\Data\ZoneAlarm.xml ------- 818 bytes [19:19 28/11/2011] [10:39 06/05/2012] 39D8F6146B8D10EFE83B9555E1C48703
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Diagnostics Tool.lnk --a---- 1096 bytes [10:36 06/05/2012] [10:36 06/05/2012] 6C45A729F95E090DF54007F10D437C12
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Logs.lnk --a---- 730 bytes [10:36 06/05/2012] [10:36 06/05/2012] F4251299966AEFE8071AED631351A4B2
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Readme.lnk --a---- 897 bytes [10:36 06/05/2012] [10:36 06/05/2012] 96528DD91E46FAA64E221B0FB49EEE83
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk --a---- 890 bytes [10:36 06/05/2012] [10:36 06/05/2012] C5F5A25394AC57E2569B8044713D9D5E
C:\Users\currys\AppData\Local\Conduit\CT2645238\ZoneAlarm_SecurityAutoUpdat eHelper.exe --a---- 1811312 bytes [08:20 04/08/2011] [14:49 04/12/2011] 57D2E8FE20DE00388FE81556BCF644CB
C:\Users\Public\Desktop\ZoneAlarm Security.lnk --a---- 639 bytes [10:36 06/05/2012] [10:36 06/05/2012] C1648C8C6336319085A9141E01ACAECA

Searching for "*IObit*"
C:\Users\currys\ntuser.dat.iobit --a---- 9523200 bytes [12:33 30/06/2012] [22:45 30/06/2012] 1D0372EABFAC26767EF61DCCCA1FFC8B
C:\Users\currys\AppData\Local\Microsoft\Windows\UsrClass.dat.iobit --a---- 3227648 bytes [12:33 30/06/2012] [22:45 30/06/2012] 6FFE2FB9F66A1FEA3A3BB7740BDAC9A8
C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\IObit Freeware.url --a---- 136 bytes [10:36 22/04/2011] [10:36 22/04/2011] C6D38380E1C4930AB319F1AE2FAA183E
C:\Users\currys\Favorites\Download IObit Freeware.url --a---- 103 bytes [21:29 30/11/2011] [17:03 23/06/2012] 1CC05D805C3A8DF2CFAE8C93767B051C
C:\Windows\ServiceProfiles\LocalService\ntuser.dat.iobit --a---- 217088 bytes [12:33 30/06/2012] [22:45 30/06/2012] 868B125BEFA04EE8051B630D9F4EA789
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.iobit --a---- 299008 bytes [12:33 30/06/2012] [22:45 30/06/2012] EC874DF5AFF48B29502CFE627A1517A1
C:\Windows\System32\config\components.iobit --a---- 38457344 bytes [12:33 30/06/2012] [22:45 30/06/2012] 7BAA4BD156BB98CC912DD8F2880F2D52
C:\Windows\System32\config\default.iobit --a---- 368640 bytes [12:33 30/06/2012] [22:45 30/06/2012] 30D8542D89C12A639FF1C16B151D6016
C:\Windows\System32\config\sam.iobit --a---- 57344 bytes [12:33 30/06/2012] [22:45 30/06/2012] D2E74A171FF1AB11469E58D1B3E239FB
C:\Windows\System32\config\security.iobit --a---- 28672 bytes [12:33 30/06/2012] [22:45 30/06/2012] 2F89C09E34E462C24D074637B2481DC8
C:\Windows\System32\config\software.iobit --a---- 60305408 bytes [12:33 30/06/2012] [22:45 30/06/2012] 8CFC42FC4609A640E48F5167FE1FFF0D
C:\Windows\System32\config\system.iobit --a---- 30273536 bytes [12:33 30/06/2012] [22:45 30/06/2012] A419A4182724147C6C66092E24C23589
C:\Windows\System32\SMI\Store\Machine\schema.dat.iobit --a---- 6684672 bytes [12:33 30/06/2012] [12:33 30/06/2012] EA8127E68CAA95AD8BF6FBB6C812A41B

Searching for "*SmartDefragDriver*"
No files found.

Searching for "*goonsearch*"
No files found.

Searching for "*searchqu*"
No files found.

Searching for "*ask.com*"
No files found.

Searching for "*babylon*"
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Interface\TeamColor\FlagDECAL_Babylon.dds --a---- 22000 bytes [23:04 23/06/2011] [10:10 30/08/2007] 0466FF1DB856D50C32001C8C75F1949B
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden.n if --a---- 23440 bytes [23:04 23/06/2011] [10:10 30/08/2007] 84EA0F128622D2D39726401DDC933BD2
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden_D IFF.dds --a---- 22000 bytes [23:04 23/06/2011] [10:10 30/08/2007] 8954B466D0733394596A51E1AC0B2485
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden_e nvironment_land.dds --a---- 11064 bytes [23:04 23/06/2011] [10:10 30/08/2007] 1490E93FC1320D3A1A243DF1E4A7992B
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden_G LOSS.dds --a---- 11064 bytes [23:04 23/06/2011] [10:10 30/08/2007] 6845CA4D70551666125B29CA51737961
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden_S HADOW.dds --a---- 22000 bytes [23:04 23/06/2011] [10:10 30/08/2007] 3F17EC09D414B99D44512C6EA3854569
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Chariot_Middle_East\Babylon_Worker_128.dds --a---- 22000 bytes [23:05 23/06/2011] [10:11 30/08/2007] 4D1F64D67E927B46807BBFC34DB1E6FB
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Chariot_Middle_East\Babylon_Worker_128_Gloss.dds --a---- 2176 bytes [23:05 23/06/2011] [10:11 30/08/2007] 80E538C24E1DB96718B6CB3B18C02E0D
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Chariot_Middle_East\Unique_Babylon_Bowman_128.dds --a---- 21632 bytes [23:05 23/06/2011] [10:11 30/08/2007] F8B55C7CB510D19B0AA88525BB7963E1
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Chariot_Middle_East\Unique_Babylon_Bowman_128_Gloss. dds --a---- 8320 bytes [23:05 23/06/2011] [10:11 30/08/2007] EDBD395C8F46702DC743D6D7BA86B141
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman.kfm --a---- 1666 bytes [23:05 23/06/2011] [10:11 30/08/2007] 48E626DDD29490506662AFD0760343D6
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman.nif --a---- 68498 bytes [23:05 23/06/2011] [10:11 30/08/2007] AFE137FFAA5C582BE913089B2EA8928B
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_128.dds --a---- 22000 bytes [23:05 23/06/2011] [10:11 30/08/2007] F196A9D394634AC567F6E98A47E9B0D4
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_128_Glo ss.dds --a---- 22000 bytes [23:05 23/06/2011] [10:11 30/08/2007] C030C9FC3FAAA45DE9491ECD618AC9C5
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_Arrow_6 4.dds --a---- 1552 bytes [23:05 23/06/2011] [10:11 30/08/2007] 03C00006AA1A836D4C98492D144526B1
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_freeze0 000.nif --a---- 25712 bytes [23:05 23/06/2011] [10:11 30/08/2007] 441A5DB363F65DD22DFA99167CC8B38B
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_freeze0 001.nif --a---- 25712 bytes [23:05 23/06/2011] [10:11 30/08/2007] B686864DCAB6CCF2AF0DA13C217CF13A
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_freeze1 000.nif --a---- 25712 bytes [23:05 23/06/2011] [10:11 30/08/2007] 4919C8A8C90EC8497B01FD46562DFEEE
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_freeze1 031.nif --a---- 25712 bytes [23:05 23/06/2011] [10:11 30/08/2007] AC2B5170545050D651958A34F0E00D66
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Fidg et.kf --a---- 23339 bytes [23:05 23/06/2011] [10:11 30/08/2007] 28B69B65CD7C9122430323B44F0F75B4
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Heal .kf --a---- 7697 bytes [23:05 23/06/2011] [10:11 30/08/2007] 76E008140D29B57F696BFC482611A200
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Idle .kf --a---- 22161 bytes [23:05 23/06/2011] [10:11 30/08/2007] 4C5CC447131B76CA953CA792F1E8EE3D
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Rang edDieA.kf --a---- 10382 bytes [23:05 23/06/2011] [10:11 30/08/2007] DD7001DC3A06AC173D4853B6B1FBDB4C
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Rang edDieA_Fade.kf --a---- 4549 bytes [23:05 23/06/2011] [10:11 30/08/2007] 069FD82764E81B2F3EFDD0B2DA090B1B
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Rang edDieB.kf --a---- 13151 bytes [23:05 23/06/2011] [10:11 30/08/2007] C38EF6C2EAB9CE273A60A9ABB8B495B2
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Rang edDieB_Fade.kf --a---- 4485 bytes [23:05 23/06/2011] [10:11 30/08/2007] 268147B8ED9ED217C9BA2769D353C5CC
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Rang edFortify.kf --a---- 7483 bytes [23:05 23/06/2011] [10:11 30/08/2007] EE56769D3C135458C1D03E503D71ED1A
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Rang edStrike.kf --a---- 8955 bytes [23:05 23/06/2011] [10:11 30/08/2007] 92DC2FFB60F5473CF26AC2BE1BCCD879
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Rang ed_Idle.kf --a---- 18352 bytes [23:05 23/06/2011] [10:11 30/08/2007] 57A1F691C6E160955D6E6574CDB4B59D
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Run. kf --a---- 7414 bytes [23:05 23/06/2011] [10:11 30/08/2007] 6A493D2418C261AF47B4634834C292F5
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_XFad eIn.kf --a---- 898 bytes [23:05 23/06/2011] [10:11 30/08/2007] 01C417DD3534CD07AFF1F3C5B08446A9
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_XFad eOut.kf --a---- 853 bytes [23:05 23/06/2011] [10:11 30/08/2007] 6EF958AE973CFC6F314F821BAD68FAF4
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman.kfm --a---- 1666 bytes [23:05 23/06/2011] [10:12 30/08/2007] 48E626DDD29490506662AFD0760343D6
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman.nif --a---- 72531 bytes [23:06 23/06/2011] [10:12 30/08/2007] 4A6BDC53713CA9E7C2F8E93413BFD4B3
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_128.dds --a---- 22000 bytes [23:05 23/06/2011] [10:12 30/08/2007] F196A9D394634AC567F6E98A47E9B0D4
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_128_Glos s.dds --a---- 22000 bytes [23:05 23/06/2011] [10:12 30/08/2007] C030C9FC3FAAA45DE9491ECD618AC9C5
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_Arrow_64 .dds --a---- 1552 bytes [23:05 23/06/2011] [10:12 30/08/2007] 03C00006AA1A836D4C98492D144526B1
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_freeze00 00.nif --a---- 27083 bytes [23:06 23/06/2011] [10:12 30/08/2007] 13DB9B2278E9B071E9ED090D2740590E
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_freeze00 01.nif --a---- 27083 bytes [23:06 23/06/2011] [10:12 30/08/2007] 6EEF07A834F5573B3017BB18B2131C93
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_freeze10 00.nif --a---- 26943 bytes [23:06 23/06/2011] [10:12 30/08/2007] BAD065C4A30DB4EB2AF36D861B942723
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_freeze10 31.nif --a---- 27083 bytes [23:06 23/06/2011] [10:12 30/08/2007] B8F95BFAA31D28B809439068A752349D
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_FX.nif --a---- 70653 bytes [23:06 23/06/2011] [10:12 30/08/2007] 9BD68B1924165A2DBED74D2F8759D79A
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Fidge t.kf --a---- 23339 bytes [23:05 23/06/2011] [10:12 30/08/2007] 28B69B65CD7C9122430323B44F0F75B4
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Heal. kf --a---- 7697 bytes [23:05 23/06/2011] [10:12 30/08/2007] 76E008140D29B57F696BFC482611A200
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Idle. kf --a---- 22161 bytes [23:05 23/06/2011] [10:12 30/08/2007] 4C5CC447131B76CA953CA792F1E8EE3D
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Range dDieA.kf --a---- 10382 bytes [23:05 23/06/2011] [10:12 30/08/2007] DD7001DC3A06AC173D4853B6B1FBDB4C
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Range dDieA_Fade.kf --a---- 4549 bytes [23:05 23/06/2011] [10:12 30/08/2007] 069FD82764E81B2F3EFDD0B2DA090B1B
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Range dDieB.kf --a---- 13151 bytes [23:05 23/06/2011] [10:12 30/08/2007] C38EF6C2EAB9CE273A60A9ABB8B495B2
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Range dDieB_Fade.kf --a---- 4485 bytes [23:05 23/06/2011] [10:12 30/08/2007] 268147B8ED9ED217C9BA2769D353C5CC
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Range dFortify.kf --a---- 7483 bytes [23:05 23/06/2011] [10:12 30/08/2007] EE56769D3C135458C1D03E503D71ED1A
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Range dStrike.kf --a---- 8955 bytes [23:05 23/06/2011] [10:12 30/08/2007] 92DC2FFB60F5473CF26AC2BE1BCCD879
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Range d_Idle.kf --a---- 18352 bytes [23:05 23/06/2011] [10:12 30/08/2007] 57A1F691C6E160955D6E6574CDB4B59D
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Run.k f --a---- 7414 bytes [23:05 23/06/2011] [10:12 30/08/2007] 6A493D2418C261AF47B4634834C292F5
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_XFade In.kf --a---- 898 bytes [23:05 23/06/2011] [10:12 30/08/2007] 01C417DD3534CD07AFF1F3C5B08446A9
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_XFade Out.kf --a---- 853 bytes [23:05 23/06/2011] [10:12 30/08/2007] 6EF958AE973CFC6F314F821BAD68FAF4
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Worker_Middle_East\Unique_Babylon_Bowman_128.dds --a---- 22000 bytes [23:06 23/06/2011] [10:12 30/08/2007] 0C6DCA2D24794766863B44F0260B26C2
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Worker_Middle_East\Unique_Babylon_Bowman_128_Gloss.d ds --a---- 8320 bytes [23:05 23/06/2011] [10:12 30/08/2007] 7A4F186050CA1F1A4DE4C146FD90739D
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-000.wav --a---- 12736 bytes [23:07 23/06/2011] [10:12 30/08/2007] 92728529BB97C219031852BB60484C9F
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-001.wav --a---- 6704 bytes [23:07 23/06/2011] [10:12 30/08/2007] A9E6E840570726C363DE140F528F87B4
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-002.wav --a---- 7536 bytes [23:07 23/06/2011] [10:12 30/08/2007] B1C183E9EA60DDFC0E72D7C6FB247EF1
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-003.wav --a---- 10580 bytes [23:07 23/06/2011] [10:12 30/08/2007] AABEE294F2069A5BAA3DD33F9461F3D9
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-004.wav --a---- 15912 bytes [23:07 23/06/2011] [10:12 30/08/2007] CB61DD9D340EBD5F0748C6F3943EB425
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-005.wav --a---- 12520 bytes [23:07 23/06/2011] [10:12 30/08/2007] 0701B1DD21982E382C76E4494EB475AC
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-006.wav --a---- 9084 bytes [23:07 23/06/2011] [10:12 30/08/2007] 151E015E40482CCDCE66A12DCA2BD001
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-007.wav --a---- 16392 bytes [23:07 23/06/2011] [10:12 30/08/2007] 4B1ED3B134662EA2AA402460E80D3E92
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-008.wav --a---- 10360 bytes [23:07 23/06/2011] [10:12 30/08/2007] 360B84ED0FA0CECD1B9F1CA5314797AD
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-009.wav --a---- 27340 bytes [23:07 23/06/2011] [10:12 30/08/2007] DBB7198D771893E5DDDDFB5960B65616
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-000.wav --a---- 20540 bytes [23:07 23/06/2011] [10:12 30/08/2007] D542B96A0769D4C018083FA6802D3903
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-001.wav --a---- 10056 bytes [23:07 23/06/2011] [10:12 30/08/2007] A320BF2015DBED0D40816F18E284C3D2
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-002.wav --a---- 10028 bytes [23:07 23/06/2011] [10:12 30/08/2007] 1681C8721902D408F1F4B01591E8A24A
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-003.wav --a---- 18880 bytes [23:07 23/06/2011] [10:12 30/08/2007] 231ACE0AE12AAB3D1EDF813A0030DA11
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-004.wav --a---- 14676 bytes [23:07 23/06/2011] [10:12 30/08/2007] BA6D5EB9F10B969192638E1B6E753E1E
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-005.wav --a---- 11796 bytes [23:07 23/06/2011] [10:12 30/08/2007] 8C6E482C826FB1D19166C8879F1CD2E2
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-006.wav --a---- 6704 bytes [23:07 23/06/2011] [10:12 30/08/2007] A8236C5788E66926692390B864E7AFC8
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-007.wav --a---- 9224 bytes [23:07 23/06/2011] [10:12 30/08/2007] 4C1C5174F844172DA2DD74740AC50706
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-008.wav --a---- 15036 bytes [23:07 23/06/2011] [10:12 30/08/2007] 8CD2906B92FB7C9AFD7453F771B10080
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-009.wav --a---- 27340 bytes [23:07 23/06/2011] [10:12 30/08/2007] C992650800600179D8ABF505BC6A0A54
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Mods\Rhye's and Fall of Civilization\Assets\Art\Interface\Buttons\civilizations\babylonia.dds --a---- 5616 bytes [23:12 23/06/2011] [10:16 30/08/2007] 7845B9023D4844A2E6F10C00E6B202F3
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Mods\Rhye's and Fall of Civilization\Assets\XML\Text\Babylon_TextInfos_Objects.xml --a---- 6812 bytes [23:12 23/06/2011] [03:00 11/09/2007] F1C436931E15BBE5485BA6727994A531
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] D3DC0CDCA8224147A94CCAE3B7892846
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar1.zip --a---- 731 bytes [21:05 28/01/2012] [21:05 28/01/2012] 55D99B78EFC6DB4D2A4A80A796042744
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar10.zip --a---- 637 bytes [21:05 28/01/2012] [21:05 28/01/2012] B694C5EC1F5D31E805D270E2CC418368
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar11.zip --a---- 596 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0493E7326155521EC71A032CDF455AE8
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar12.zip --a---- 653 bytes [21:05 28/01/2012] [21:05 28/01/2012] 2015BB3E0A9E1DFBF2758AD205BBC69D
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar13.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8D47462367FE1A5A019B8058D096F7F1
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar14.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] FC4DFD06C51D1D69BE4B2C32D62B57B3
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar15.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] 115DD6C6303EAE99B1E98641FD12E7FB
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar16.zip --a---- 539 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7629511B6A5606A55E5C178D894F7286
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar17.zip --a---- 542 bytes [21:05 28/01/2012] [21:05 28/01/2012] 6AD2268095B8587CA2F3F37DAD68963C
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar18.zip --a---- 636 bytes [21:05 28/01/2012] [21:05 28/01/2012] 72C06B6E2A5DD503FED0C160C220AE1D
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar19.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7C696ED9B56D75DBD8B8F5817298DB0F
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar2.zip --a---- 1042921 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8DC86B72A2D123D6790FDB86244BDAD0
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar20.zip --a---- 649 bytes [21:05 28/01/2012] [21:05 28/01/2012] B747E0A686BCF36D38F612CB965A6111
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar21.zip --a---- 589 bytes [21:05 28/01/2012] [21:05 28/01/2012] 283B59784459743F8CCCE13E9E5066FB
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar22.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0EC6C8FDBB230B372DFCCDAD7DD1BE38
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar23.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] 986EC5513790477C8903972D5F4A559F
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar24.zip --a---- 630 bytes [21:05 28/01/2012] [21:05 28/01/2012] D9B13AFFDCAB4195A578BD1597051A65
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar25.zip --a---- 540 bytes [21:05 28/01/2012] [21:05 28/01/2012] 26A887B5BA795EC574C92D2D83DE86EE
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar26.zip --a---- 544 bytes [21:05 28/01/2012] [21:05 28/01/2012] B3702E754EFAE23BE41E5A69589B1D4E
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar27.zip --a---- 640 bytes [21:05 28/01/2012] [21:05 28/01/2012] DF9EB44D9E3525BF8EC08C9D2A313F0F
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar28.zip --a---- 597 bytes [21:05 28/01/2012] [21:05 28/01/2012] 41CE6C052314F7C19CF595C715FF4E31
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar29.zip --a---- 652 bytes [21:05 28/01/2012] [21:05 28/01/2012] 451181CB3C05AF1329F62C82899CC725
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar3.zip --a---- 1042924 bytes [21:05 28/01/2012] [21:05 28/01/2012] 51ED3BB804F7960E97F02ED6510396BA
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar30.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0044525E226A58650C2CF2E12F07ED73
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar31.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7BC1BE427F2DE5C3D54E2D0E74916E02
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar32.zip --a---- 541 bytes [21:05 28/01/2012] [21:05 28/01/2012] 20EA9C4647FFFE3F06977592FE7594B5
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar33.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] C377570215A586FC337B61B349E86432
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar34.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] 992124D079B637F6E42BC327690D6E3A
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar35.zip --a---- 645 bytes [21:05 28/01/2012] [21:05 28/01/2012] 56CEB9FAD4A193B4BEAF242C5A73E5A9
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar36.zip --a---- 705 bytes [21:05 28/01/2012] [21:05 28/01/2012] C954ACC9399324A114659B053B66B3AF
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar37.zip --a---- 598 bytes [21:05 28/01/2012] [21:05 28/01/2012] 2C6618AEE36F2EFF91C00F89877CAFA4
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar38.zip --a---- 645 bytes [21:05 28/01/2012] [21:05 28/01/2012] 56502D505E8AC91EDCBCEE1F0D7ECF00
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar39.zip --a---- 739 bytes [21:05 28/01/2012] [21:05 28/01/2012] 1C454E06963E4687B91E069EE682A7DE
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar4.zip --a---- 1042931 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7F47394F0CBEC3C7968ADEB086023EAF
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar40.zip --a---- 595 bytes [21:05 28/01/2012] [21:05 28/01/2012] F2EBD73F2ACA19AEBBC2B896F30BE223
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar41.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0AD2A3992C3551E617A05645921D58DE
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar42.zip --a---- 611 bytes [21:05 28/01/2012] [21:05 28/01/2012] A13C99E78F5FCEB76B6A3F168C6432CE
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar43.zip --a---- 612 bytes [21:05 28/01/2012] [21:05 28/01/2012] 3E282072ECFAAF9AA8B8A7C6FA8587B7
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar44.zip --a---- 538 bytes [21:05 28/01/2012] [21:05 28/01/2012] 464819912452D10CA3555F789E75E0F3
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar45.zip --a---- 547 bytes [21:05 28/01/2012] [21:05 28/01/2012] E96CE1A24F15828F007C83F5EF1390FE
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar46.zip --a---- 550 bytes [21:05 28/01/2012] [21:05 28/01/2012] 21ADB1647F0CF8FA47DE8530C03A0698
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar47.zip --a---- 637 bytes [21:05 28/01/2012] [21:05 28/01/2012] 46ED61937BC07EA5FEC430A657B5DDF2
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar48.zip --a---- 597 bytes [21:05 28/01/2012] [21:05 28/01/2012] 72F38657769AA8587DC6716F1C78F09C
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar49.zip --a---- 647 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7D0A9FFBF374673DBA2217519128F550
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar5.zip --a---- 124705 bytes [21:05 28/01/2012] [21:05 28/01/2012] B3E37A19D52E4DBF30BA67E45FEABF6F
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar50.zip --a---- 594 bytes [21:05 28/01/2012] [21:05 28/01/2012] F0F9C25AA6EF515DC43549055F9809C7
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar51.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 900BC9761928D2A81616025DABB5D2A0
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar52.zip --a---- 568 bytes [21:05 28/01/2012] [21:05 28/01/2012] AA4AED7EC5568F2E04501E420CB7EEA6
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar53.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 4508D720BC5918E6B84A54D7DDF93E7C
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar54.zip --a---- 569 bytes [21:05 28/01/2012] [21:05 28/01/2012] C3880E8B2B5AFD7D805B4B2A80E4CD4A
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar55.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 9525B801F0FE3390C8F3E4377CD6A048
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar56.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 52CF42534D72EE8B631EA30AE6D63D09
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar57.zip --a---- 568 bytes [21:05 28/01/2012] [21:05 28/01/2012] C478E4D5683FA0F443E300A062CF89B5
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar58.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8DC8DEA75A4C2B752BCCCF06B440E586
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar59.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 67F00AA272D03CD870E118021606800E
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar6.zip --a---- 683 bytes [21:05 28/01/2012] [21:05 28/01/2012] 31E17DE5B3303D7753FE8D2C9844BA7B
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar60.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 17F128C548A1EF046DC0CF903A9F8818
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar61.zip --a---- 550 bytes [21:05 28/01/2012] [21:05 28/01/2012] 5C72BBE1949D3F8E686A01CCD5509FDC
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar62.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 533F4E71A8AB798BCEE6C0B5CABD3364
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar63.zip --a---- 500 bytes [21:05 28/01/2012] [21:05 28/01/2012] BCDAACE8985469652F807F2730CFE920
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar64.zip --a---- 309 bytes [11:30 13/03/2012] [11:30 13/03/2012] 74AC79AF159148988F45543AAFEF2B77
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar65.zip --a---- 1625 bytes [11:30 13/03/2012] [11:30 13/03/2012] EA5E1F4021BA154FE05C1F77C9A9CD24
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar66.zip --a---- 3372005 bytes [11:30 13/03/2012] [11:30 13/03/2012] B605FD1F55FBF40BB13862C04767121B
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar67.zip --a---- 492 bytes [11:30 13/03/2012] [11:30 13/03/2012] A489C7F88E3AAA7A825D0ED432734BD4
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar68.zip --a---- 550 bytes [00:40 04/06/2012] [00:40 04/06/2012] 41105D21A058E743D81865FA8C858D24
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar69.zip --a---- 551 bytes [00:40 04/06/2012] [00:40 04/06/2012] 2B47F8E41617B11358901B25089D1685
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar7.zip --a---- 638 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7A4A816A8CC2FA266696863CCA19EE21
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip --a---- 541 bytes [00:40 04/06/2012] [00:40 04/06/2012] 9F6E5B96FD21370A9F3A08B2CB0C465A
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar71.zip --a---- 544 bytes [00:40 04/06/2012] [00:40 04/06/2012] DD2B4234CEBBC0D5E96FB76563D10F3D
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar72.zip --a---- 642 bytes [00:40 04/06/2012] [00:40 04/06/2012] 5AEB1E9162061301E9ABFF18C26F8260
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar73.zip --a---- 597 bytes [00:40 04/06/2012] [00:40 04/06/2012] 96FE5AE3E353F25548EAF7A73CBCF048
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar74.zip --a---- 644 bytes [00:40 04/06/2012] [00:40 04/06/2012] EEC7B22B065CAEAA300C86FF0252306B
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar75.zip --a---- 593 bytes [00:40 04/06/2012] [00:40 04/06/2012] 493014707682518C91872232F89E5F7C
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar76.zip --a---- 551 bytes [23:09 19/06/2012] [23:09 19/06/2012] 45263984673EE387036B93CFA546183A
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar77.zip --a---- 552 bytes [23:09 19/06/2012] [23:09 19/06/2012] C729741C0423CC1D3CB3745A580A4D5A
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar78.zip --a---- 540 bytes [23:09 19/06/2012] [23:09 19/06/2012] 802649ED579950E9A76F18532EA859D9
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar79.zip --a---- 544 bytes [23:09 19/06/2012] [23:09 19/06/2012] 8DD013D237C55765FD42719BA85C8B30
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar8.zip --a---- 542 bytes [21:05 28/01/2012] [21:05 28/01/2012] 9CD6D0129DAC4E482029F24FE0F657C4
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar80.zip --a---- 642 bytes [23:09 19/06/2012] [23:09 19/06/2012] 19280CED1D8390990A175AC2807239A7
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar81.zip --a---- 597 bytes [23:09 19/06/2012] [23:09 19/06/2012] 2F2699993F08F9179940C6F1A9271FFE
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar82.zip --a---- 644 bytes [23:09 19/06/2012] [23:09 19/06/2012] AE3FB0A40D9CE43CA35088D2273637C1
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar83.zip --a---- 592 bytes [23:09 19/06/2012] [23:09 19/06/2012] D0F8B741F9FB35401C67240D9704B80E
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar84.zip --a---- 597 bytes [23:09 19/06/2012] [23:09 19/06/2012] F3862BCAA9B75AF71A1FD497B2B4E608
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar85.zip --a---- 644 bytes [23:09 19/06/2012] [23:09 19/06/2012] 2D2E33FD03A7E4EC90E24A2AF58AC523
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar86.zip --a---- 592 bytes [23:09 19/06/2012] [23:09 19/06/2012] 74CBD93A747D09B56D9F20371AB857B9
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar87.zip --a---- 551 bytes [10:57 30/06/2012] [10:57 30/06/2012] 565D8B04EA9466D3D12BC4B7EBB24028
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar88.zip --a---- 551 bytes [10:57 30/06/2012] [10:57 30/06/2012] 624296A1F4231EA88A098EF8BFB3251B
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar89.zip --a---- 541 bytes [10:57 30/06/2012] [10:57 30/06/2012] 506A655027E77E16A34F525425DB6374
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar9.zip --a---- 545 bytes [21:05 28/01/2012] [21:05 28/01/2012] 1FC9828EE4B72A352CD9A96B7A9BF438
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar90.zip --a---- 544 bytes [10:57 30/06/2012] [10:57 30/06/2012] DA1AFAD33FB3B05EA599AD0E523DFD18
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar91.zip --a---- 642 bytes [10:57 30/06/2012] [10:57 30/06/2012] 0011DDB235C6BF70E98EF05F136EA85C
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar92.zip --a---- 597 bytes [10:57 30/06/2012] [10:57 30/06/2012] EE214072C589ED5DCF5279220B5B4C83
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar93.zip --a---- 644 bytes [10:57 30/06/2012] [10:57 30/06/2012] 83FE2DE1BE9059667734CA75F918E378
C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar94.zip --a---- 593 bytes [10:57 30/06/2012] [10:57 30/06/2012] 0EAC9E6BDA732F6B6A284175095088A6
C:\Qoobox\Quarantine\C\Program Files\file2linkib\chrome\skin\babylon_logo.png.vir --a---- 3577 bytes [13:51 25/10/2011] [13:51 25/10/2011] 30FF3A31EDC0442F934F703C26B9F572
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] D3DC0CDCA8224147A94CCAE3B7892846
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar1.zip --a---- 731 bytes [21:05 28/01/2012] [21:05 28/01/2012] 55D99B78EFC6DB4D2A4A80A796042744
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar10.zip --a---- 637 bytes [21:05 28/01/2012] [21:05 28/01/2012] B694C5EC1F5D31E805D270E2CC418368
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar11.zip --a---- 596 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0493E7326155521EC71A032CDF455AE8
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar12.zip --a---- 653 bytes [21:05 28/01/2012] [21:05 28/01/2012] 2015BB3E0A9E1DFBF2758AD205BBC69D
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar13.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8D47462367FE1A5A019B8058D096F7F1
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar14.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] FC4DFD06C51D1D69BE4B2C32D62B57B3
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar15.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] 115DD6C6303EAE99B1E98641FD12E7FB
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar16.zip --a---- 539 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7629511B6A5606A55E5C178D894F7286
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar17.zip --a---- 542 bytes [21:05 28/01/2012] [21:05 28/01/2012] 6AD2268095B8587CA2F3F37DAD68963C
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar18.zip --a---- 636 bytes [21:05 28/01/2012] [21:05 28/01/2012] 72C06B6E2A5DD503FED0C160C220AE1D
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar19.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7C696ED9B56D75DBD8B8F5817298DB0F
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar2.zip --a---- 1042921 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8DC86B72A2D123D6790FDB86244BDAD0
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar20.zip --a---- 649 bytes [21:05 28/01/2012] [21:05 28/01/2012] B747E0A686BCF36D38F612CB965A6111
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar21.zip --a---- 589 bytes [21:05 28/01/2012] [21:05 28/01/2012] 283B59784459743F8CCCE13E9E5066FB
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar22.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0EC6C8FDBB230B372DFCCDAD7DD1BE38
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar23.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] 986EC5513790477C8903972D5F4A559F
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar24.zip --a---- 630 bytes [21:05 28/01/2012] [21:05 28/01/2012] D9B13AFFDCAB4195A578BD1597051A65
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar25.zip --a---- 540 bytes [21:05 28/01/2012] [21:05 28/01/2012] 26A887B5BA795EC574C92D2D83DE86EE
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar26.zip --a---- 544 bytes [21:05 28/01/2012] [21:05 28/01/2012] B3702E754EFAE23BE41E5A69589B1D4E
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar27.zip --a---- 640 bytes [21:05 28/01/2012] [21:05 28/01/2012] DF9EB44D9E3525BF8EC08C9D2A313F0F
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar28.zip --a---- 597 bytes [21:05 28/01/2012] [21:05 28/01/2012] 41CE6C052314F7C19CF595C715FF4E31
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar29.zip --a---- 652 bytes [21:05 28/01/2012] [21:05 28/01/2012] 451181CB3C05AF1329F62C82899CC725
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar3.zip --a---- 1042924 bytes [21:05 28/01/2012] [21:05 28/01/2012] 51ED3BB804F7960E97F02ED6510396BA
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar30.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0044525E226A58650C2CF2E12F07ED73
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar31.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7BC1BE427F2DE5C3D54E2D0E74916E02
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar32.zip --a---- 541 bytes [21:05 28/01/2012] [21:05 28/01/2012] 20EA9C4647FFFE3F06977592FE7594B5
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar33.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] C377570215A586FC337B61B349E86432
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar34.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] 992124D079B637F6E42BC327690D6E3A
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar35.zip --a---- 645 bytes [21:05 28/01/2012] [21:05 28/01/2012] 56CEB9FAD4A193B4BEAF242C5A73E5A9
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar36.zip --a---- 705 bytes [21:05 28/01/2012] [21:05 28/01/2012] C954ACC9399324A114659B053B66B3AF
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar37.zip --a---- 598 bytes [21:05 28/01/2012] [21:05 28/01/2012] 2C6618AEE36F2EFF91C00F89877CAFA4
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar38.zip --a---- 645 bytes [21:05 28/01/2012] [21:05 28/01/2012] 56502D505E8AC91EDCBCEE1F0D7ECF00
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar39.zip --a---- 739 bytes [21:05 28/01/2012] [21:05 28/01/2012] 1C454E06963E4687B91E069EE682A7DE
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar4.zip --a---- 1042931 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7F47394F0CBEC3C7968ADEB086023EAF
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar40.zip --a---- 595 bytes [21:05 28/01/2012] [21:05 28/01/2012] F2EBD73F2ACA19AEBBC2B896F30BE223
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar41.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0AD2A3992C3551E617A05645921D58DE
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar42.zip --a---- 611 bytes [21:05 28/01/2012] [21:05 28/01/2012] A13C99E78F5FCEB76B6A3F168C6432CE
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar43.zip --a---- 612 bytes [21:05 28/01/2012] [21:05 28/01/2012] 3E282072ECFAAF9AA8B8A7C6FA8587B7
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar44.zip --a---- 538 bytes [21:05 28/01/2012] [21:05 28/01/2012] 464819912452D10CA3555F789E75E0F3
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar45.zip --a---- 547 bytes [21:05 28/01/2012] [21:05 28/01/2012] E96CE1A24F15828F007C83F5EF1390FE
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar46.zip --a---- 550 bytes [21:05 28/01/2012] [21:05 28/01/2012] 21ADB1647F0CF8FA47DE8530C03A0698
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar47.zip --a---- 637 bytes [21:05 28/01/2012] [21:05 28/01/2012] 46ED61937BC07EA5FEC430A657B5DDF2
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar48.zip --a---- 597 bytes [21:05 28/01/2012] [21:05 28/01/2012] 72F38657769AA8587DC6716F1C78F09C
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar49.zip --a---- 647 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7D0A9FFBF374673DBA2217519128F550
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar5.zip --a---- 124705 bytes [21:05 28/01/2012] [21:05 28/01/2012] B3E37A19D52E4DBF30BA67E45FEABF6F
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar50.zip --a---- 594 bytes [21:05 28/01/2012] [21:05 28/01/2012] F0F9C25AA6EF515DC43549055F9809C7
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar51.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 900BC9761928D2A81616025DABB5D2A0
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar52.zip --a---- 568 bytes [21:05 28/01/2012] [21:05 28/01/2012] AA4AED7EC5568F2E04501E420CB7EEA6
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar53.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 4508D720BC5918E6B84A54D7DDF93E7C
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar54.zip --a---- 569 bytes [21:05 28/01/2012] [21:05 28/01/2012] C3880E8B2B5AFD7D805B4B2A80E4CD4A
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar55.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 9525B801F0FE3390C8F3E4377CD6A048
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar56.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 52CF42534D72EE8B631EA30AE6D63D09
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar57.zip --a---- 568 bytes [21:05 28/01/2012] [21:05 28/01/2012] C478E4D5683FA0F443E300A062CF89B5
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar58.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8DC8DEA75A4C2B752BCCCF06B440E586
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar59.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 67F00AA272D03CD870E118021606800E
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar6.zip --a---- 683 bytes [21:05 28/01/2012] [21:05 28/01/2012] 31E17DE5B3303D7753FE8D2C9844BA7B
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar60.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 17F128C548A1EF046DC0CF903A9F8818
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar61.zip --a---- 550 bytes [21:05 28/01/2012] [21:05 28/01/2012] 5C72BBE1949D3F8E686A01CCD5509FDC
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar62.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 533F4E71A8AB798BCEE6C0B5CABD3364
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar63.zip --a---- 500 bytes [21:05 28/01/2012] [21:05 28/01/2012] BCDAACE8985469652F807F2730CFE920
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar64.zip --a---- 309 bytes [11:30 13/03/2012] [11:30 13/03/2012] 74AC79AF159148988F45543AAFEF2B77
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar65.zip --a---- 1625 bytes [11:30 13/03/2012] [11:30 13/03/2012] EA5E1F4021BA154FE05C1F77C9A9CD24
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar66.zip --a---- 3372005 bytes [11:30 13/03/2012] [11:30 13/03/2012] B605FD1F55FBF40BB13862C04767121B
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar67.zip --a---- 492 bytes [11:30 13/03/2012] [11:30 13/03/2012] A489C7F88E3AAA7A825D0ED432734BD4
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar68.zip --a---- 550 bytes [00:40 04/06/2012] [00:40 04/06/2012] 41105D21A058E743D81865FA8C858D24
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar69.zip --a---- 551 bytes [00:40 04/06/2012] [00:40 04/06/2012] 2B47F8E41617B11358901B25089D1685
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar7.zip --a---- 638 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7A4A816A8CC2FA266696863CCA19EE21
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip --a---- 541 bytes [00:40 04/06/2012] [00:40 04/06/2012] 9F6E5B96FD21370A9F3A08B2CB0C465A
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar71.zip --a---- 544 bytes [00:40 04/06/2012] [00:40 04/06/2012] DD2B4234CEBBC0D5E96FB76563D10F3D
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar72.zip --a---- 642 bytes [00:40 04/06/2012] [00:40 04/06/2012] 5AEB1E9162061301E9ABFF18C26F8260
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar73.zip --a---- 597 bytes [00:40 04/06/2012] [00:40 04/06/2012] 96FE5AE3E353F25548EAF7A73CBCF048
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar74.zip --a---- 644 bytes [00:40 04/06/2012] [00:40 04/06/2012] EEC7B22B065CAEAA300C86FF0252306B
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar75.zip --a---- 593 bytes [00:40 04/06/2012] [00:40 04/06/2012] 493014707682518C91872232F89E5F7C
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar76.zip --a---- 551 bytes [23:09 19/06/2012] [23:09 19/06/2012] 45263984673EE387036B93CFA546183A
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar77.zip --a---- 552 bytes [23:09 19/06/2012] [23:09 19/06/2012] C729741C0423CC1D3CB3745A580A4D5A
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar78.zip --a---- 540 bytes [23:09 19/06/2012] [23:09 19/06/2012] 802649ED579950E9A76F18532EA859D9
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar79.zip --a---- 544 bytes [23:09 19/06/2012] [23:09 19/06/2012] 8DD013D237C55765FD42719BA85C8B30
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar8.zip --a---- 542 bytes [21:05 28/01/2012] [21:05 28/01/2012] 9CD6D0129DAC4E482029F24FE0F657C4
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar80.zip --a---- 642 bytes [23:09 19/06/2012] [23:09 19/06/2012] 19280CED1D8390990A175AC2807239A7
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar81.zip --a---- 597 bytes [23:09 19/06/2012] [23:09 19/06/2012] 2F2699993F08F9179940C6F1A9271FFE
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar82.zip --a---- 644 bytes [23:09 19/06/2012] [23:09 19/06/2012] AE3FB0A40D9CE43CA35088D2273637C1
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar83.zip --a---- 592 bytes [23:09 19/06/2012] [23:09 19/06/2012] D0F8B741F9FB35401C67240D9704B80E
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar84.zip --a---- 597 bytes [23:09 19/06/2012] [23:09 19/06/2012] F3862BCAA9B75AF71A1FD497B2B4E608
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar85.zip --a---- 644 bytes [23:09 19/06/2012] [23:09 19/06/2012] 2D2E33FD03A7E4EC90E24A2AF58AC523
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar86.zip --a---- 592 bytes [23:09 19/06/2012] [23:09 19/06/2012] 74CBD93A747D09B56D9F20371AB857B9
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar87.zip --a---- 551 bytes [10:57 30/06/2012] [10:57 30/06/2012] 565D8B04EA9466D3D12BC4B7EBB24028
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar88.zip --a---- 551 bytes [10:57 30/06/2012] [10:57 30/06/2012] 624296A1F4231EA88A098EF8BFB3251B
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar89.zip --a---- 541 bytes [10:57 30/06/2012] [10:57 30/06/2012] 506A655027E77E16A34F525425DB6374
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar9.zip --a---- 545 bytes [21:05 28/01/2012] [21:05 28/01/2012] 1FC9828EE4B72A352CD9A96B7A9BF438
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar90.zip --a---- 544 bytes [10:57 30/06/2012] [10:57 30/06/2012] DA1AFAD33FB3B05EA599AD0E523DFD18
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar91.zip --a---- 642 bytes [10:57 30/06/2012] [10:57 30/06/2012] 0011DDB235C6BF70E98EF05F136EA85C
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar92.zip --a---- 597 bytes [10:57 30/06/2012] [10:57 30/06/2012] EE214072C589ED5DCF5279220B5B4C83
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar93.zip --a---- 644 bytes [10:57 30/06/2012] [10:57 30/06/2012] 83FE2DE1BE9059667734CA75F918E378
C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar94.zip --a---- 593 bytes [10:57 30/06/2012] [10:57 30/06/2012] 0EAC9E6BDA732F6B6A284175095088A6

Searching for "*ibryte*"
C:\Users\currys\AppData\Local\ApplicationHistory\iBryteDesktop.exe.df844634 .ini --a---- 2227 bytes [09:12 02/10/2011] [18:25 05/12/2011] 06249F3B08F80EC7CCC78D1C703D045E
C:\Users\currys\AppData\Local\ApplicationHistory\ibryte_installer.exe.e72fd a6d.ini --a---- 2125 bytes [22:37 01/10/2011] [22:37 01/10/2011] A8068185C5222157D2C647DFA5B95B6C

Searching for "*MyStart*"
C:\Qoobox\Quarantine\C\Program Files\file2linkib\chrome\content\newtab\newtab_mystart.html.vir --a---- 5816 bytes [13:51 25/10/2011] [13:51 25/10/2011] 1CF001A4E176A483AC570123FABD64E1
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\Profiles\fwvafgml.default\searchplugins\MyStart Search.xml --a---- 2203 bytes [13:03 23/06/2012] [13:03 23/06/2012] 70CB5F2DEC382A937224295149304474

Searching for "*uTorrentBar*"
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar --a---- 713115 bytes [10:56 22/01/2012] [11:47 11/01/2012] 0E4E8DE71F59F404FB7056BFCDB856EC

Searching for "*WiseConvert*"
C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\C T3196716\externalmenu\http___tools_wiseconvert_com_tools_xml --a---- 3830 bytes [11:17 30/06/2012] [22:30 01/07/2012] 0F321C3EAEA35893F19C41384CD49F49
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\F irefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\chrome\wiseconvert.jar --a---- 716986 bytes [18:38 08/07/2012] [08:38 05/07/2012] 2618DABF93565993B71FB6F274C95C63

Searching for "*Blabbers*"
No files found.

========== folderfind ==========

Searching for "*Conduit*"
C:\Program Files\Conduit d------ [10:56 22/01/2012]
C:\Program Files\ConduitEngine d------ [22:45 21/12/2010]
C:\Users\currys\AppData\Local\Conduit d------ [22:57 02/03/2011]
C:\Users\currys\AppData\LocalLow\Conduit d------ [22:45 21/12/2010]
C:\Users\currys\AppData\LocalLow\ConduitEngine d------ [22:45 21/12/2010]
C:\Users\currys\AppData\LocalLow\ConduitEngine\Repository\conduit_ConduitEn gine d------ [18:52 09/03/2011]
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\Repository\conduit_CT26 45238_CT2645238 d------ [19:18 28/11/2011]
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\Repository\conduit_CT26 45238_en d------ [19:18 28/11/2011]
C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\c onduitCommon d------ [11:17 30/06/2012]
C:\Windows\System32\config\currys\AppData\LocalLow\Conduit d------ [22:32 10/02/2011]
C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine d------ [22:32 10/02/2011]
C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Rep ository\conduit_CT2769726_CT2769726 d------ [22:32 10/02/2011]

Searching for "*Game Booster*"
C:\Program Files\IObit\Game Booster d------ [03:52 26/02/2011]
C:\ProgramData\IObit\Game Booster d------ [03:52 26/02/2011]
C:\ProgramData\IObit\Game Booster 3 d------ [23:37 06/09/2011]
C:\Users\All Users\IObit\Game Booster d------ [03:52 26/02/2011]
C:\Users\All Users\IObit\Game Booster 3 d------ [23:37 06/09/2011]

Searching for "*Smart Defrag*"
C:\Program Files\IObit\Smart Defrag 2 d------ [03:49 26/02/2011]
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\IObit\Sma rt Defrag 2 d------ [03:49 26/02/2011]

Searching for "*ZoneAlarm*"
C:\Program Files\ZoneAlarm_Security d------ [16:48 13/06/2011]
C:\Program Files\CheckPoint\ZoneAlarm d------ [19:17 28/11/2011]
C:\ProgramData\CheckPoint\ZoneAlarm d------ [16:47 13/06/2011]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm d------ [10:36 06/05/2012]
C:\Users\All Users\CheckPoint\ZoneAlarm d------ [16:47 13/06/2011]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm d------ [10:36 06/05/2012]
C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security d------ [16:48 13/06/2011]
C:\Users\currys\AppData\LocalLow\Check Point Software Technologies LTD\zonealarm d------ [19:45 15/05/2012]
C:\Users\currys\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar d------ [10:42 06/05/2012]
C:\Users\currys\AppData\Roaming\CheckPoint\ZoneAlarm Toolbar d------ [16:48 13/06/2011]
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Check Point Software Technologies LTD\zonealarm d------ [19:40 31/05/2012]

Searching for "*IObit*"
C:\Program Files\IObit d------ [00:54 06/02/2011]
C:\Program Files\IObit\IObit Malware Fighter d------ [18:17 19/05/2011]
C:\Program Files\IObit\IObit Security 360 d------ [22:37 10/02/2011]
C:\ProgramData\IObit d------ [00:54 06/02/2011]
C:\ProgramData\IObit\IObit Security 360 d------ [22:34 10/02/2011]
C:\Users\All Users\IObit d------ [00:54 06/02/2011]
C:\Users\All Users\IObit\IObit Security 360 d------ [22:34 10/02/2011]
C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit d------ [09:53 19/06/2011]
C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\IObit Malware Fighter d------ [09:53 19/06/2011]
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\IObit d----c- [22:37 10/02/2011]
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\IObit\IOb it Malware Fighter d------ [18:18 19/05/2011]
C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\IObit\IOb it Uninstaller d----c- [21:28 09/06/2011]
C:\_OTL\MovedFiles\07102012_230543\C_Users\Default\AppData\Roaming\IObit d----c- [11:18 04/02/2012]
C:\_OTL\MovedFiles\07102012_230543\C_Users\UpdatusUser\AppData\Roaming\IObi t d----c- [09:06 24/02/2012]

Searching for "*SmartDefragDriver*"
No folders found.

Searching for "*goonsearch*"
No folders found.

Searching for "*searchqu*"
C:\Users\currys\AppData\LocalLow\searchquband d------ [22:09 18/04/2011]

Searching for "*ask.com*"
C:\Program Files\Ask.com d------ [13:02 12/10/2010]

Searching for "*babylon*"
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden d------ [23:04 23/06/2011]
C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman d------ [23:05 23/06/2011]

Searching for "*ibryte*"
No folders found.

Searching for "*MyStart*"
C:\Qoobox\Quarantine\C\Program Files\file2linkib\chrome\content\widgets\net.vmn.www.MyStartFacebook d----c- [00:00 23/02/2012]

Searching for "*uTorrentBar*"
No folders found.

Searching for "*WiseConvert*"
No folders found.

Searching for "*Blabbers*"
No folders found.

-= EOF

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Solved: Internet Options in Control Panel missing

Find the solution to your computer problem!

Find the solution to your
computer problem!