Solved: Little brother's laptop is slow....help?

12FindersKeepers · 04-Jul-2012, 04:27 PM #1

My father gave my brother his laptop as a computer for gaming....and now its really slow. (My dad has a nack for getting viruses on his computers)

When running internet or opening up "my computer" is takes several minutes for it to load rather than a couple of seconds. I know it could have to do with i-tunes and Maplestory (online game, about 2 GBs big) slowing it down....but could there be viruses?

Also I have some program add-ons that refuse to be uninstalled such as Pinnacle Studio (Video editing software) Winter effects, how can I get rid of this?

And as I scanned my computer.....it says Microsoft Security Essentials is turned off....how do I turn it back on? I tried to turn it back on but it won't let me...it looks greyed out.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Basic, Service Pack 2, 32 bit
Processor: Pentium(R) Dual-Core CPU T4200 @ 2.00GHz, x64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 2009 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 780 Mb
Hard Drives: C: Total - 137586 MB, Free - 45140 MB; E: Total - 14999 MB, Free - 9755 MB;
Motherboard: Dell Inc., 0G848F
Antivirus: Microsoft Security Essentials, Disabled

Help would be very much appreciated, thank you very much

Megabite · 04-Jul-2012, 04:32 PM #2

Please be patient I have asked this be moved to the Security Section where you will get the help you need.

**eddie5659** · 04-Jul-2012, 05:13 PM #3

Hiya

Moved the thread here

Lets have a look and see what's going on

Download Security Check from here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediatly.

Download and scan with SUPERAntiSpyware Free Edition for Home Users

Double-click SUPERAntiSpyware.exe and use the default settings for installation.
An icon will be created on your desktop. Double-click that icon to launch the program.
If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
Under "Configuration and Preferences", click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked (leave all others unchecked):
- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.
Click the "Home" button to leave the control center screen.
On the right, under "Complete Scan", choose Perform Complete Scan.
Click Scan your computer.
On the left, select all fixed drives.
Click "Start Complete Scan" to start the scan. Please be patient while it scans your computer.
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "Continue".
Make sure everything has a checkmark next to it and click "Next".
A notification will appear that "Quarantine and Removal is Complete". Click "Remove Threats" and then click the "Finish" button to return to the main menu.
If asked if you want to reboot, click "Yes".
To retrieve the removal information after reboot, launch SUPERAntispyware again.
- [i][color=green]Click View Scan Logs.
- Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
- If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
- Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

Please include the MBAM log, SUPERAntiSpyware Scan Log and checkup.txt in your next reply

eddie

12FindersKeepers · 04-Jul-2012, 09:39 PM #4

Alright posting logs now....nothing found except 178 cookies....but those don't so much right? (Oh by the way this laptop uses Chrome for the most part...so should I disregard updating Explorer?)

Checkup.txt

Results of screen317's Security Check version 0.99.42
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
(On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.60.1.1000
Java(TM) 6 Update 11
Java version out of Date!
Google Chrome 20.0.1132.47
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSASCui.exe
Microsoft Security Client Antimalware NisSrv.exe
Windows Defender MSASCui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5 % Defragment your hard drive soon!
````````````````````End of Log``````````````````````

MBAM log

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.04.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19272
sbetv 45 :: SBETV45-PC [administrator]

7/4/2012 3:26:19 PM
mbam-log-2012-07-04 (15-26-19).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 314209
Time elapsed: 1 hour(s), 37 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

SUPERAniSpyware Scan Log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/04/2012 at 06:28 PM

Application Version : 5.5.1006

Core Rules Database Version : 8845
Trace Rules Database Version: 6657

Scan type : Complete Scan
Total Scan Time : 01:14:38

Operating System Information
Windows Vista Home Basic 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 676
Memory threats detected : 0
Registry items scanned : 32955
Registry threats detected : 0
File items scanned : 126237
File threats detected : 178

Adware.Tracking Cookie
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@247realmedia[1].txt [ /247realmedia ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@a1.interclick[1].txt [ /a1.interclick ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@adbrite[2].txt [ /adbrite ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@ads.intergi[1].txt [ /ads.intergi ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@ads.nexon[2].txt [ /ads.nexon ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@ads.pointroll[1].txt [ /ads.pointroll ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@ads.pubmatic[1].txt [ /ads.pubmatic ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@adserver.adtechus[1].txt [ /adserver.adtechus ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@advertising[2].txt [ /advertising ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@adxpose[1].txt [ /adxpose ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@apmebf[1].txt [ /apmebf ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@atdmt[1].txt [ /atdmt ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@casalemedia[2].txt [ /casalemedia ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@collective-media[1].txt [ /collective-media ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@content.yieldmanager[1].txt [ /content.yieldmanager ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@doubleclick[1].txt [ /doubleclick ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@imrworldwide[2].txt [ /imrworldwide ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@interclick[2].txt [ /interclick ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@invitemedia[1].txt [ /invitemedia ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@lucidmedia[1].txt [ /lucidmedia ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@media6degrees[2].txt [ /media6degrees ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@mediabrandsww[1].txt [ /mediabrandsww ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@mediaplex[2].txt [ /mediaplex ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@pointroll[2].txt [ /pointroll ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@questionmarket[2].txt [ /questionmarket ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@r1-ads.ace.advertising[2].txt [ /r1-ads.ace.advertising ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@ru4[1].txt [ /ru4 ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@serving-sys[1].txt [ /serving-sys ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@specificclick[1].txt [ /specificclick ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@tribalfusion[2].txt [ /tribalfusion ]
C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Cookies\sbetv_45@zedo[2].txt [ /zedo ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\60K173EF.txt [ Cookie:sbetv 45@a1.interclick.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\sbetv_45@www.burstbeacon[1].txt [ Cookie:sbetv 45@www.burstbeacon.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\W4THXXJ3.txt [ Cookie:sbetv 45@interclick.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\I9J6UTTQ.txt [ Cookie:sbetv 45@invitemedia.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\SMW8FX4W.txt [ Cookie:sbetv 45@revsci.net/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\CQ4YJZUS.txt [ Cookie:sbetv 45@advertising.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\5RIXIO3D.txt [ Cookie:sbetv 45@c.atdmt.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\VUSDY88Q.txt [ Cookie:sbetv 45@at.atwola.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\OY8AIEJQ.txt [ Cookie:sbetv 45@bs.serving-sys.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\33NUWDN0.txt [ Cookie:sbetv 45@pointroll.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\01ZN1RMW.txt [ Cookie:sbetv 45@questionmarket.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\sbetv_45@ad.yieldmanager[2].txt [ Cookie:sbetv 45@ad.yieldmanager.com/ ]
C:\USERS\SBETV 45\AppData\Roaming\Microsoft\Windows\Cookies\Low\sbetv_45@www.burstnet[2].txt [ Cookie:sbetv 45@www.burstnet.com/ ]
accounts.google.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.gigcount.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.gigcount.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.c.gigcount.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
insight.torbit.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmstat.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmstat.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.netseer.com [ C:\USERS\SBETV 45\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cdn4.specificclick.net [ C:\USERS\SBETV 45\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\SBETV 45\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\AP4LFCFE ]
core.saymedia.com [ C:\USERS\SBETV 45\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\P4DX9M96 ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@A1.INTERCLICK[1].TXT [ /A1.INTERCLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@A1.INTERCLICK[2].TXT [ /A1.INTERCLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@AD.YIELDMANAGER[4].TXT [ /AD.YIELDMANAGER ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@ADBRITE[1].TXT [ /ADBRITE ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@ADBRITE[2].TXT [ /ADBRITE ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@ADS.DOTHADS[1].TXT [ /ADS.DOTHADS ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@ADS.POINTROLL[1].TXT [ /ADS.POINTROLL ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@ADS.PUBMATIC[1].TXT [ /ADS.PUBMATIC ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@ADS.UNDERTONE[2].TXT [ /ADS.UNDERTONE ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@ADTECH[1].TXT [ /ADTECH ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@ADULTFRIENDFINDER[1].TXT [ /ADULTFRIENDFINDER ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@BEACON.DMSINSIGHT S[2].TXT [ /BEACON.DMSINSIGHTS ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@BEACON.DMSINSIGHT S[3].TXT [ /BEACON.DMSINSIGHTS ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@BURSTBEACON[2].TXT [ /BURSTBEACON ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@BURSTNET[2].TXT [ /BURSTNET ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@BURSTNET[3].TXT [ /BURSTNET ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@CITI.BRIDGETRACK[1].TXT [ /CITI.BRIDGETRACK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@CLICKSOR[2].TXT [ /CLICKSOR ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@CONTENT.YIELDMANA GER[1].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@CONTENT.YIELDMANA GER[2].TXT [ /CONTENT.YIELDMANAGER ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@DATA.COREMETRICS[1].TXT [ /DATA.COREMETRICS ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@DC.TREMORMEDIA[1].TXT [ /DC.TREMORMEDIA ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@DMTRACKER[1].TXT [ /DMTRACKER ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@FASTCLICK[2].TXT [ /FASTCLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@FASTCLICK[3].TXT [ /FASTCLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@FASTCLICK[4].TXT [ /FASTCLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@GOOGLEADS.G.DOUBL ECLICK[1].TXT [ /GOOGLEADS.G.DOUBLECLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@INDIECLICK[1].TXT [ /INDIECLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@INDIECLICK[3].TXT [ /INDIECLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@INTERCLICK[2].TXT [ /INTERCLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@INVITEMEDIA[1].TXT [ /INVITEMEDIA ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@INVITEMEDIA[3].TXT [ /INVITEMEDIA ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@LEGOLAS-MEDIA[1].TXT [ /LEGOLAS-MEDIA ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@MEDIA6DEGREES[1].TXT [ /MEDIA6DEGREES ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@MEDIA6DEGREES[3].TXT [ /MEDIA6DEGREES ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@MEDIABRANDSWW[1].TXT [ /MEDIABRANDSWW ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@MEDIAPLEX[1].TXT [ /MEDIAPLEX ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@MYROITRACKING[1].TXT [ /MYROITRACKING ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@NETWORK.REALMEDIA[1].TXT [ /NETWORK.REALMEDIA ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@OASN04.247REALMED IA[1].TXT [ /OASN04.247REALMEDIA ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@OASN04.247REALMED IA[2].TXT [ /OASN04.247REALMEDIA ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@OPTIMIZE.INDIECLI CK[2].TXT [ /OPTIMIZE.INDIECLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@OPTIMIZE.INDIECLI CK[3].TXT [ /OPTIMIZE.INDIECLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@OPTIMIZE.INDIECLI CK[4].TXT [ /OPTIMIZE.INDIECLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@POINTROLL[1].TXT [ /POINTROLL ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@POINTROLL[2].TXT [ /POINTROLL ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@QUESTIONMARKET[1].TXT [ /QUESTIONMARKET ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@QUESTIONMARKET[2].TXT [ /QUESTIONMARKET ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@QUESTIONMARKET[3].TXT [ /QUESTIONMARKET ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@QUESTIONMARKET[4].TXT [ /QUESTIONMARKET ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@REVSCI[1].TXT [ /REVSCI ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@RICHMEDIA.YAHOO[1].TXT [ /RICHMEDIA.YAHOO ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@RICHMEDIA.YAHOO[3].TXT [ /RICHMEDIA.YAHOO ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@RU4[2].TXT [ /RU4 ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@SERVING-SYS[1].TXT [ /SERVING-SYS ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@SPECIFICCLICK[1].TXT [ /SPECIFICCLICK ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@SPECIFICMEDIA[1].TXT [ /SPECIFICMEDIA ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@TRIBALFUSION[2].TXT [ /TRIBALFUSION ]
C:\USERS\SBETV 45\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SBETV_45@WWW.CLICKMUSIC[2].TXT [ /WWW.CLICKMUSIC ]

12FindersKeepers · 06-Jul-2012, 08:06 PM #5

bump.

**eddie5659** · 07-Jul-2012, 06:13 AM #6

No need to bump it up, I was out last night and I get emails when you reply

Your Java is out of date, so lets do that next:

Upgrade Java : (32 bits)

Download the latest version of Java SE Runtime Environment (JRE) JRE 7 Update 5 .
Under the JAVA Platform Standard Edition, click the "Download JRE" button to the right.
Accept License Agreement.[/b]".
Click on the link to download Windows Offline Installation 32 bit ( jre-7u5-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.(Vista or Win 7 users, right click on the jre-7u5-windows-i586.exe and select "Run as an Administrator.")

After doing the above, for the remains of the Java, can you do this:

Open Java in the Control Panel and under the General tab, under Temporary Internet Files, click the Settings button. Then click on Delete Files.

Make sure both of these options are checked:

Applications and Applets
Trace and Log Files

OK out of all the screens.

------------------------

Can you run the following tools, and copy/paste the logs that they produce here. If its over a few posts, that's fine

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply

--------------------------

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

-------------------------

Delete any copies of Combofix that you have.

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
- Remember to re-enable the protection again afterwards before connecting to the Internet.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

eddie

12FindersKeepers · 07-Jul-2012, 03:31 PM #7

Combofix.Log

ComboFix 12-07-07.04 - sbetv 45 07/07/2012 12:14:38.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2010.981 [GMT -7:00]
Running from: c:\users\sbetv 45\Desktop\alexis123.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-06-07 to 2012-07-07 )))))))))))))))))))))))))))))))
.
.
2012-07-07 19:22 . 2012-07-07 19:22 -------- d-----w- c:\users\sbetv 45\AppData\Local\temp
2012-07-07 19:22 . 2012-07-07 19:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-07 18:54 . 2012-07-07 18:54 -------- d-----w- c:\program files\Common Files\Java
2012-07-07 18:53 . 2012-07-07 18:52 687600 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-07 18:53 . 2012-07-07 18:52 772592 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-07 01:42 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7AF5F82C-6C8D-4979-87E3-6E0D10E84C20}\mpengine.dll
2012-07-05 02:49 . 2012-07-07 02:24 -------- d-----w- c:\users\sbetv 45\AppData\Roaming\Skype
2012-07-05 02:48 . 2012-07-05 02:49 -------- d-----r- c:\program files\Skype
2012-07-05 02:48 . 2012-07-05 02:48 -------- d-----w- c:\program files\Common Files\Skype
2012-07-05 02:48 . 2012-07-05 02:49 -------- d-----w- c:\programdata\Skype
2012-07-05 00:08 . 2012-07-05 00:08 -------- d-----w- c:\users\sbetv 45\AppData\Roaming\SUPERAntiSpyware.com
2012-07-05 00:08 . 2012-07-05 00:08 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-07-04 19:02 . 2012-07-04 19:02 -------- d-----w- c:\users\sbetv 45\AppData\Local\Apps
2012-07-04 19:02 . 2012-07-04 19:03 -------- d-----w- c:\users\sbetv 45\AppData\Local\Deployment
2012-06-21 18:02 . 2012-06-21 18:02 -------- d-----w- C:\Nexon
2012-06-21 02:01 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 02:01 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 02:01 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 02:01 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 02:01 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-21 02:01 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 02:01 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 02:00 . 2012-06-02 22:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 02:00 . 2012-06-02 22:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-17 20:44 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-17 20:44 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-04 22:24 . 2012-05-11 22:41 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-04 22:24 . 2011-06-29 01:58 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-18 22:10 . 2012-05-18 22:10 8072272 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.382.0oemBingBarSetup-Partner.EXE
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-06-08 17425072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-09-04 200704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-09 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-09 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-09 154136]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-22 3810304]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-12-15 483420]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\sbetv 45\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Remote Access.lnk - c:\windows\Installer\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe [2009-4-16 53248]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-04-17 04:34 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSv c]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf010 00.sys]
@="Driver"
.
R3 ActionReplayDS;ActionReplayDS;c:\windows\system32\Drivers\ActionReplayDS.sy s [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\a estsrv.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 30725810
*NewlyCreated* - ASWMBR
*Deregistered* - 30725810
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 11:32 128512 ----a-w- c:\windows\System32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-11 22:24]
.
2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-646801015-3057517687-3105904186-1000Core.job
- c:\users\sbetv 45\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-04 19:03]
.
2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-646801015-3057517687-3105904186-1000UA.job
- c:\users\sbetv 45\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-04 19:03]
.
2012-07-05 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]
.
2010-03-12 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]
.
2012-07-07 c:\windows\Tasks\User_Feed_Synchronization-{F2018F0D-A0FB-46E3-9DF5-F15EB19FD11C}.job
- c:\windows\system32\msfeedssync.exe [2012-06-17 03:24]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.7.254
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
HKLM-Run-dellsupportcenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLL
Notify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-07 12:22
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01 ,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,58,91,ec,f2,fe,97,cf,4b,a3,da,5f, \
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01 ,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,58,91,ec,f2,fe,97,cf,4b,a3,da,5f, \
.
Completion time: 2012-07-07 12:25:18
ComboFix-quarantined-files.txt 2012-07-07 19:25
.
Pre-Run: 45,089,067,008 bytes free
Post-Run: 48,429,305,856 bytes free
.
- - End Of File - - 841612F8D7D7CDAB1A2039AD42965726

Asw.log

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-07 12:07:12
-----------------------------
12:07:12.767 OS Version: Windows 6.0.6002 Service Pack 2
12:07:12.767 Number of processors: 2 586 0x170A
12:07:12.767 ComputerName: SBETV45-PC UserName: sbetv 45
12:07:13.968 Initialize success
12:07:25.805 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:07:25.805 Disk 0 Vendor: ST916031 DE06 Size: 152627MB BusType: 3
12:07:25.836 Disk 0 MBR read successfully
12:07:25.836 Disk 0 MBR scan
12:07:25.836 Disk 0 Windows VISTA default MBR code
12:07:25.836 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
12:07:25.898 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
12:07:25.930 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 137586 MB offset 30801920
12:07:25.930 Disk 0 scanning sectors +312579760
12:07:26.101 Disk 0 scanning C:\Windows\system32\drivers
12:08:00.577 Service scanning
12:08:19.952 Modules scanning
12:08:33.416 Disk 0 trace - called modules:
12:08:33.447 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
12:08:33.962 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85d9cac8]
12:08:33.962 3 CLASSPNP.SYS[881a28b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x84d9c028]
12:08:33.978 Scan finished successfully
12:08:51.397 Disk 0 MBR has been saved successfully to "C:\Users\sbetv 45\Desktop\MBR.dat"
12:08:51.413 The log file has been saved successfully to "C:\Users\sbetv 45\Desktop\aswMBR.txt"

TDSS Killer log

11:58:19.0954 5028 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
11:58:20.0500 5028 ============================================================
11:58:20.0500 5028 Current date / time: 2012/07/07 11:58:20.0500
11:58:20.0500 5028 SystemInfo:
11:58:20.0500 5028
11:58:20.0500 5028 OS Version: 6.0.6002 ServicePack: 2.0
11:58:20.0500 5028 Product type: Workstation
11:58:20.0500 5028 ComputerName: SBETV45-PC
11:58:20.0500 5028 UserName: sbetv 45
11:58:20.0500 5028 Windows directory: C:\Windows
11:58:20.0500 5028 System windows directory: C:\Windows
11:58:20.0500 5028 Processor architecture: Intel x86
11:58:20.0500 5028 Number of processors: 2
11:58:20.0500 5028 Page size: 0x1000
11:58:20.0500 5028 Boot type: Normal boot
11:58:20.0500 5028 ============================================================
11:58:21.0982 5028 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:58:21.0982 5028 ============================================================
11:58:21.0982 5028 \Device\Harddisk0\DR0:
11:58:21.0982 5028 MBR partitions:
11:58:21.0982 5028 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
11:58:21.0982 5028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CB96B0
11:58:21.0982 5028 ============================================================
11:58:22.0029 5028 C: <-> \Device\Harddisk0\DR0\Partition1
11:58:22.0310 5028 E: <-> \Device\Harddisk0\DR0\Partition0
11:58:22.0310 5028 ============================================================
11:58:22.0310 5028 Initialize success
11:58:22.0310 5028 ============================================================
11:58:28.0129 3124 ============================================================
11:58:28.0129 3124 Scan started
11:58:28.0129 3124 Mode: Manual; SigCheck; TDLFS;
11:58:28.0129 3124 ============================================================
11:58:30.0562 3124 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:58:30.0749 3124 ACPI - ok
11:58:30.0874 3124 ActionReplayDS (f35b5d0cc142b87e687fc504baa69d82) C:\Windows\system32\Drivers\ActionReplayDS.sys
11:58:30.0983 3124 ActionReplayDS - ok
11:58:31.0202 3124 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:58:31.0264 3124 AdobeFlashPlayerUpdateSvc - ok
11:58:31.0358 3124 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
11:58:31.0436 3124 adp94xx - ok
11:58:31.0732 3124 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
11:58:31.0826 3124 adpahci - ok
11:58:32.0075 3124 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
11:58:32.0169 3124 adpu160m - ok
11:58:32.0216 3124 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
11:58:32.0247 3124 adpu320 - ok
11:58:32.0294 3124 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:58:32.0481 3124 AeLookupSvc - ok
11:58:32.0606 3124 AESTFilters (087b04ca45e2f059a55709b0b8f95ea9) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.e xe
11:58:32.0762 3124 AESTFilters - ok
11:58:32.0949 3124 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:58:33.0152 3124 AFD - ok
11:58:33.0230 3124 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
11:58:33.0245 3124 agp440 - ok
11:58:33.0355 3124 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:58:33.0386 3124 aic78xx - ok
11:58:33.0448 3124 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:58:33.0776 3124 ALG - ok
11:58:33.0869 3124 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
11:58:33.0885 3124 aliide - ok
11:58:34.0010 3124 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
11:58:34.0072 3124 amdagp - ok
11:58:34.0119 3124 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
11:58:34.0135 3124 amdide - ok
11:58:34.0244 3124 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
11:58:34.0306 3124 AmdK7 - ok
11:58:34.0509 3124 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
11:58:34.0649 3124 AmdK8 - ok
11:58:34.0727 3124 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
11:58:34.0743 3124 ApfiltrService - ok
11:58:34.0805 3124 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:58:34.0915 3124 Appinfo - ok
11:58:35.0102 3124 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:58:35.0149 3124 Apple Mobile Device - ok
11:58:35.0211 3124 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
11:58:35.0227 3124 arc - ok
11:58:35.0336 3124 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
11:58:35.0367 3124 arcsas - ok
11:58:35.0429 3124 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:58:35.0523 3124 AsyncMac - ok
11:58:35.0710 3124 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
11:58:35.0804 3124 atapi - ok
11:58:35.0991 3124 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:58:36.0100 3124 AudioEndpointBuilder - ok
11:58:36.0100 3124 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:58:36.0147 3124 Audiosrv - ok
11:58:36.0319 3124 BBSvc (ceabb1e93186e7056ea46cbad8f8fd85) C:\Program Files\Microsoft\BingBar\7.1.382.0\BBSvc.exe
11:58:36.0381 3124 BBSvc - ok
11:58:36.0490 3124 BBUpdate (c0d34db1235b6a5c3df5a5c212d67f73) C:\Program Files\Microsoft\BingBar\7.1.382.0\SeaPort.exe
11:58:36.0521 3124 BBUpdate - ok
11:58:36.0615 3124 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
11:58:36.0631 3124 BCM42RLY - ok
11:58:36.0818 3124 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
11:58:36.0911 3124 BCM43XX - ok
11:58:37.0036 3124 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:58:37.0114 3124 Beep - ok
11:58:37.0223 3124 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:58:37.0348 3124 BFE - ok
11:58:37.0442 3124 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
11:58:37.0691 3124 BITS - ok
11:58:37.0801 3124 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
11:58:37.0925 3124 blbdrive - ok
11:58:38.0050 3124 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
11:58:38.0222 3124 Bonjour Service - ok
11:58:38.0300 3124 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:58:38.0425 3124 bowser - ok
11:58:38.0503 3124 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:58:38.0565 3124 BrFiltLo - ok
11:58:38.0596 3124 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:58:38.0659 3124 BrFiltUp - ok
11:58:38.0752 3124 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:58:38.0877 3124 Browser - ok
11:58:38.0955 3124 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:58:39.0189 3124 Brserid - ok
11:58:39.0439 3124 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:58:39.0657 3124 BrSerWdm - ok
11:58:39.0719 3124 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:58:39.0875 3124 BrUsbMdm - ok
11:58:39.0969 3124 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:58:40.0109 3124 BrUsbSer - ok
11:58:40.0141 3124 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:58:40.0234 3124 BTHMODEM - ok
11:58:40.0265 3124 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:58:40.0343 3124 cdfs - ok
11:58:40.0406 3124 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:58:40.0468 3124 cdrom - ok
11:58:40.0546 3124 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:58:40.0640 3124 CertPropSvc - ok
11:58:40.0765 3124 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
11:58:40.0796 3124 circlass - ok
11:58:40.0905 3124 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:58:40.0952 3124 CLFS - ok
11:58:41.0186 3124 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:58:41.0201 3124 clr_optimization_v2.0.50727_32 - ok
11:58:41.0482 3124 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:58:41.0513 3124 clr_optimization_v4.0.30319_32 - ok
11:58:41.0607 3124 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:58:41.0701 3124 CmBatt - ok
11:58:41.0763 3124 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
11:58:41.0779 3124 cmdide - ok
11:58:41.0888 3124 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:58:41.0919 3124 Compbatt - ok
11:58:41.0919 3124 COMSysApp - ok
11:58:42.0013 3124 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
11:58:42.0044 3124 crcdisk - ok
11:58:42.0215 3124 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
11:58:42.0309 3124 Crusoe - ok
11:58:42.0387 3124 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
11:58:42.0465 3124 CryptSvc - ok
11:58:42.0527 3124 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:58:42.0637 3124 DcomLaunch - ok
11:58:42.0699 3124 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:58:42.0793 3124 DfsC - ok
11:58:45.0991 3124 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:58:46.0755 3124 DFSR - ok
11:58:46.0911 3124 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:58:47.0005 3124 Dhcp - ok
11:58:47.0083 3124 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:58:47.0098 3124 disk - ok
11:58:47.0145 3124 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:58:47.0239 3124 Dnscache - ok
11:58:47.0488 3124 DockLoginService (db29915209770d8b59654345ec2d943a) C:\Program Files\Dell\DellDock\DockLogin.exe
11:58:47.0519 3124 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
11:58:47.0519 3124 DockLoginService - detected UnsignedFile.Multi.Generic (1)
11:58:47.0644 3124 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:58:47.0707 3124 dot3svc - ok
11:58:47.0769 3124 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:58:47.0847 3124 DPS - ok
11:58:47.0956 3124 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:58:47.0987 3124 drmkaud - ok
11:58:48.0065 3124 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:58:48.0143 3124 DXGKrnl - ok
11:58:48.0331 3124 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
11:58:48.0409 3124 e1express - ok
11:58:48.0533 3124 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:58:48.0611 3124 E1G60 - ok
11:58:48.0627 3124 EagleNT - ok
11:58:48.0674 3124 EagleXNt - ok
11:58:48.0799 3124 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:58:48.0861 3124 EapHost - ok
11:58:49.0126 3124 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:58:49.0189 3124 Ecache - ok
11:58:49.0329 3124 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
11:58:49.0485 3124 elxstor - ok
11:58:50.0156 3124 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
11:58:50.0671 3124 EMDMgmt - ok
11:58:50.0733 3124 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
11:58:50.0858 3124 ErrDev - ok
11:58:51.0201 3124 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
11:58:51.0341 3124 EventSystem - ok
11:58:51.0544 3124 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:58:51.0669 3124 exfat - ok
11:58:51.0731 3124 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:58:51.0841 3124 fastfat - ok
11:58:51.0981 3124 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
11:58:52.0043 3124 fdc - ok
11:58:52.0075 3124 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:58:52.0137 3124 fdPHost - ok
11:58:52.0137 3124 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:58:52.0215 3124 FDResPub - ok
11:58:52.0262 3124 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:58:52.0277 3124 FileInfo - ok
11:58:52.0402 3124 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:58:52.0465 3124 Filetrace - ok
11:58:53.0104 3124 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
11:58:53.0572 3124 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
11:58:53.0572 3124 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
11:58:54.0040 3124 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:58:54.0165 3124 flpydisk - ok
11:58:54.0352 3124 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:58:54.0368 3124 FltMgr - ok
11:58:54.0664 3124 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
11:58:54.0851 3124 FontCache - ok
11:58:55.0023 3124 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:58:55.0117 3124 FontCache3.0.0.0 - ok
11:58:55.0195 3124 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
11:58:55.0288 3124 Fs_Rec - ok
11:58:55.0538 3124 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
11:58:55.0600 3124 gagp30kx - ok
11:58:55.0741 3124 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:58:55.0756 3124 GEARAspiWDM - ok
11:58:55.0959 3124 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
11:58:55.0975 3124 GoToAssist - ok
11:58:56.0053 3124 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
11:58:56.0255 3124 gpsvc - ok
11:58:56.0489 3124 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:58:56.0567 3124 HDAudBus - ok
11:58:56.0692 3124 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:58:56.0817 3124 HidBth - ok
11:58:56.0879 3124 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:58:57.0020 3124 HidIr - ok
11:58:57.0082 3124 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
11:58:57.0238 3124 hidserv - ok
11:58:57.0316 3124 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:58:57.0394 3124 HidUsb - ok
11:58:57.0441 3124 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:58:57.0519 3124 hkmsvc - ok
11:58:57.0769 3124 hnmsvc (26018afa49f03032ccd3c26eaa384a4c) c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
11:58:57.0971 3124 hnmsvc - ok
11:58:58.0034 3124 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
11:58:58.0065 3124 HpCISSs - ok
11:58:58.0159 3124 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
11:58:58.0237 3124 HTTP - ok
11:58:58.0471 3124 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
11:58:58.0486 3124 i2omp - ok
11:58:58.0673 3124 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:58:58.0736 3124 i8042prt - ok
11:58:58.0876 3124 IAANTMON (7b96206e4bdd2fe582f0dbc46f5f410e) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:58:59.0017 3124 IAANTMON - ok
11:58:59.0157 3124 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys
11:58:59.0188 3124 iaStor - ok
11:58:59.0251 3124 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
11:58:59.0282 3124 iaStorV - ok
11:58:59.0656 3124 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:58:59.0797 3124 idsvc - ok
11:59:00.0062 3124 igfx (8dad27dd28a4274866767c89c0bf154f) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:59:00.0343 3124 igfx - ok
11:59:00.0733 3124 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:59:00.0795 3124 iirsp - ok
11:59:00.0873 3124 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
11:59:01.0060 3124 IKEEXT - ok
11:59:01.0154 3124 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:59:01.0185 3124 intelide - ok
11:59:01.0263 3124 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:59:01.0357 3124 intelppm - ok
11:59:01.0450 3124 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:59:01.0528 3124 IPBusEnum - ok
11:59:01.0637 3124 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:59:01.0731 3124 IpFilterDriver - ok
11:59:01.0871 3124 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
11:59:01.0934 3124 iphlpsvc - ok
11:59:01.0949 3124 IpInIp - ok
11:59:02.0121 3124 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
11:59:02.0215 3124 IPMIDRV - ok
11:59:02.0293 3124 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:59:02.0433 3124 IPNAT - ok
11:59:02.0807 3124 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
11:59:02.0963 3124 iPod Service - ok
11:59:03.0010 3124 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:59:03.0135 3124 IRENUM - ok
11:59:03.0229 3124 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
11:59:03.0244 3124 isapnp - ok
11:59:03.0338 3124 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:59:03.0369 3124 iScsiPrt - ok
11:59:03.0478 3124 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:59:03.0494 3124 iteatapi - ok
11:59:03.0587 3124 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:59:03.0697 3124 iteraid - ok
11:59:03.0743 3124 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:59:03.0759 3124 kbdclass - ok
11:59:03.0837 3124 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:59:03.0899 3124 kbdhid - ok
11:59:03.0946 3124 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:59:04.0040 3124 KeyIso - ok
11:59:04.0118 3124 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
11:59:04.0196 3124 KSecDD - ok
11:59:04.0336 3124 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:59:04.0461 3124 KtmRm - ok
11:59:04.0508 3124 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
11:59:04.0601 3124 LanmanServer - ok
11:59:04.0679 3124 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
11:59:04.0726 3124 LanmanWorkstation - ok
11:59:04.0804 3124 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:59:04.0867 3124 lltdio - ok
11:59:04.0960 3124 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:59:05.0023 3124 lltdsvc - ok
11:59:05.0085 3124 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:59:05.0241 3124 lmhosts - ok
11:59:05.0303 3124 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
11:59:05.0335 3124 LSI_FC - ok
11:59:05.0444 3124 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
11:59:05.0506 3124 LSI_SAS - ok
11:59:05.0569 3124 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
11:59:05.0584 3124 LSI_SCSI - ok
11:59:05.0662 3124 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:59:05.0740 3124 luafv - ok
11:59:05.0834 3124 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
11:59:05.0912 3124 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
11:59:05.0912 3124 MarvinBus - detected UnsignedFile.Multi.Generic (1)
11:59:05.0990 3124 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
11:59:06.0052 3124 megasas - ok
11:59:06.0489 3124 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
11:59:06.0598 3124 MegaSR - ok
11:59:06.0661 3124 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:59:06.0739 3124 MMCSS - ok
11:59:06.0801 3124 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:59:06.0910 3124 Modem - ok
11:59:07.0019 3124 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:59:07.0113 3124 monitor - ok
11:59:07.0175 3124 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:59:07.0191 3124 mouclass - ok
11:59:07.0253 3124 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:59:07.0316 3124 mouhid - ok
11:59:07.0425 3124 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:59:07.0441 3124 MountMgr - ok
11:59:07.0550 3124 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
11:59:07.0581 3124 MpFilter - ok
11:59:07.0628 3124 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
11:59:07.0659 3124 mpio - ok
11:59:07.0753 3124 MpKsl0c27eaf7 - ok
11:59:07.0846 3124 MpKsl0cd16913 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl0cd16913.sys
11:59:07.0846 3124 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl0cd16913.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
11:59:07.0846 3124 MpKsl0cd16913 ( ForgedFile.Multi.Generic ) - warning
11:59:07.0846 3124 MpKsl0cd16913 - detected ForgedFile.Multi.Generic (1)
11:59:07.0862 3124 MpKsl11b72986 - ok
11:59:07.0862 3124 MpKsl3232f0b3 - ok
11:59:07.0877 3124 MpKsl328be7e7 - ok
11:59:07.0893 3124 MpKsl33da49c2 - ok
11:59:07.0893 3124 MpKsl3fb4efde - ok
11:59:07.0909 3124 MpKsl4520ecbb - ok
11:59:07.0909 3124 MpKsl49269eae - ok
11:59:07.0924 3124 MpKsl5b54688f - ok
11:59:07.0924 3124 MpKsl604f3001 - ok
11:59:07.0940 3124 MpKsl67f629ec - ok
11:59:07.0940 3124 MpKsl77c355e6 - ok
11:59:08.0002 3124 MpKsl7816b24b (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl7816b24b.sys
11:59:08.0018 3124 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl7816b24b.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
11:59:08.0018 3124 MpKsl7816b24b ( ForgedFile.Multi.Generic ) - warning
11:59:08.0018 3124 MpKsl7816b24b - detected ForgedFile.Multi.Generic (1)
11:59:08.0018 3124 MpKsl83e5224d - ok
11:59:08.0018 3124 MpKsl8bef60fb - ok
11:59:08.0189 3124 MpKsl930dc5f4 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl930dc5f4.sys
11:59:08.0189 3124 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl930dc5f4.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
11:59:08.0205 3124 MpKsl930dc5f4 ( ForgedFile.Multi.Generic ) - warning
11:59:08.0205 3124 MpKsl930dc5f4 - detected ForgedFile.Multi.Generic (1)
11:59:08.0205 3124 MpKsl955ee223 - ok
11:59:08.0205 3124 MpKsl9cac146f - ok
11:59:08.0221 3124 MpKsla11cf7bb - ok
11:59:08.0221 3124 MpKslb7bc710a - ok
11:59:08.0236 3124 MpKslca246bd7 - ok
11:59:08.0236 3124 MpKsld9296210 - ok
11:59:08.0423 3124 MpKsle7ee57eb (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsle7ee57eb.sys
11:59:08.0423 3124 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsle7ee57eb.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
11:59:08.0423 3124 MpKsle7ee57eb ( ForgedFile.Multi.Generic ) - warning
11:59:08.0423 3124 MpKsle7ee57eb - detected ForgedFile.Multi.Generic (1)
11:59:08.0517 3124 MpKslfb2b28ba (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKslfb2b28ba.sys
11:59:08.0517 3124 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKslfb2b28ba.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
11:59:08.0517 3124 MpKslfb2b28ba ( ForgedFile.Multi.Generic ) - warning
11:59:08.0517 3124 MpKslfb2b28ba - detected ForgedFile.Multi.Generic (1)
11:59:08.0533 3124 MpKslff758f63 - ok
11:59:08.0720 3124 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
11:59:08.0735 3124 MpNWMon - ok
11:59:08.0829 3124 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:59:08.0860 3124 mpsdrv - ok
11:59:09.0001 3124 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
11:59:09.0141 3124 MpsSvc - ok
11:59:09.0203 3124 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:59:09.0219 3124 Mraid35x - ok
11:59:09.0266 3124 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:59:09.0359 3124 MRxDAV - ok
11:59:09.0484 3124 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:59:09.0671 3124 mrxsmb - ok
11:59:09.0703 3124 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:59:09.0765 3124 mrxsmb10 - ok
11:59:09.0796 3124 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:59:09.0859 3124 mrxsmb20 - ok
11:59:09.0952 3124 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
11:59:09.0968 3124 msahci - ok
11:59:10.0093 3124 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
11:59:10.0171 3124 msdsm - ok
11:59:10.0233 3124 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:59:10.0327 3124 MSDTC - ok
11:59:10.0405 3124 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:59:10.0467 3124 Msfs - ok
11:59:10.0514 3124 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:59:10.0545 3124 msisadrv - ok
11:59:10.0685 3124 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:59:10.0841 3124 MSiSCSI - ok
11:59:10.0857 3124 msiserver - ok
11:59:10.0888 3124 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:59:10.0982 3124 MSKSSRV - ok
11:59:11.0185 3124 MsMpSvc (90dc23d940551db35367fb1e40575b25) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
11:59:11.0216 3124 MsMpSvc - ok
11:59:11.0278 3124 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:59:11.0387 3124 MSPCLOCK - ok
11:59:11.0465 3124 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:59:11.0590 3124 MSPQM - ok
11:59:11.0777 3124 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:59:11.0809 3124 MsRPC - ok
11:59:11.0871 3124 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:59:11.0887 3124 mssmbios - ok
11:59:11.0980 3124 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:59:12.0089 3124 MSTEE - ok
11:59:12.0152 3124 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:59:12.0167 3124 Mup - ok
11:59:12.0292 3124 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
11:59:12.0479 3124 napagent - ok
11:59:12.0635 3124 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:59:12.0682 3124 NativeWifiP - ok
11:59:12.0854 3124 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:59:12.0916 3124 NDIS - ok
11:59:13.0010 3124 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:59:13.0041 3124 NdisTapi - ok
11:59:13.0103 3124 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:59:13.0181 3124 Ndisuio - ok
11:59:13.0275 3124 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:59:13.0400 3124 NdisWan - ok
11:59:13.0462 3124 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:59:13.0509 3124 NDProxy - ok
11:59:13.0571 3124 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:59:13.0618 3124 NetBIOS - ok
11:59:13.0681 3124 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:59:13.0805 3124 netbt - ok
11:59:13.0883 3124 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:59:13.0899 3124 Netlogon - ok
11:59:13.0961 3124 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:59:14.0164 3124 Netman - ok
11:59:14.0554 3124 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:59:14.0695 3124 netprofm - ok
11:59:14.0929 3124 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:59:14.0944 3124 NetTcpPortSharing - ok
11:59:15.0022 3124 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:59:15.0038 3124 nfrd960 - ok
11:59:15.0116 3124 NisDrv (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:59:15.0131 3124 NisDrv - ok
11:59:15.0693 3124 NisSrv (c73de53197ac0c4db60b80588f0d54df) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
11:59:15.0724 3124 NisSrv - ok
11:59:15.0787 3124 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:59:15.0880 3124 NlaSvc - ok
11:59:15.0958 3124 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:59:15.0989 3124 Npfs - ok
11:59:16.0052 3124 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:59:16.0114 3124 nsi - ok
11:59:16.0177 3124 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:59:16.0255 3124 nsiproxy - ok
11:59:16.0457 3124 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:59:16.0629 3124 Ntfs - ok
11:59:16.0769 3124 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:59:16.0863 3124 ntrigdigi - ok
11:59:16.0925 3124 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:59:17.0050 3124 Null - ok
11:59:17.0175 3124 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
11:59:17.0206 3124 nvraid - ok
11:59:17.0269 3124 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
11:59:17.0284 3124 nvstor - ok
11:59:17.0518 3124 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
11:59:17.0549 3124 nv_agp - ok
11:59:17.0565 3124 NwlnkFlt - ok
11:59:17.0565 3124 NwlnkFwd - ok
11:59:17.0627 3124 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
11:59:17.0752 3124 ohci1394 - ok
11:59:18.0017 3124 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:59:18.0033 3124 ose - ok
11:59:18.0407 3124 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:59:18.0579 3124 p2pimsvc - ok
11:59:18.0595 3124 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:59:18.0657 3124 p2psvc - ok
11:59:18.0735 3124 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
11:59:18.0829 3124 Packet - ok
11:59:19.0016 3124 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:59:19.0125 3124 Parport - ok
11:59:19.0219 3124 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
11:59:19.0234 3124 partmgr - ok
11:59:19.0297 3124 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:59:19.0390 3124 Parvdm - ok
11:59:19.0484 3124 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:59:19.0546 3124 PcaSvc - ok
11:59:19.0640 3124 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:59:19.0671 3124 pci - ok
11:59:19.0733 3124 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
11:59:19.0749 3124 pciide - ok
11:59:19.0952 3124 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:59:20.0045 3124 pcmcia - ok
11:59:20.0545 3124 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:59:20.0950 3124 PEAUTH - ok
11:59:21.0106 3124 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:59:21.0340 3124 pla - ok
11:59:21.0527 3124 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
11:59:21.0559 3124 PlugPlay - ok
11:59:21.0715 3124 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:59:21.0746 3124 PNRPAutoReg - ok
11:59:21.0761 3124 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:59:21.0793 3124 PNRPsvc - ok
11:59:21.0933 3124 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
11:59:22.0073 3124 PolicyAgent - ok
11:59:22.0276 3124 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:59:22.0339 3124 PptpMiniport - ok
11:59:22.0573 3124 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
11:59:22.0682 3124 Processor - ok
11:59:23.0275 3124 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
11:59:23.0446 3124 ProfSvc - ok
11:59:23.0540 3124 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:59:23.0571 3124 ProtectedStorage - ok
11:59:24.0257 3124 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:59:24.0429 3124 PSched - ok
11:59:24.0710 3124 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
11:59:25.0037 3124 ql2300 - ok
11:59:25.0131 3124 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:59:25.0147 3124 ql40xx - ok
11:59:25.0225 3124 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:59:25.0303 3124 QWAVE - ok
11:59:25.0365 3124 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:59:25.0427 3124 QWAVEdrv - ok
11:59:25.0942 3124 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
11:59:26.0847 3124 R300 - ok
11:59:27.0721 3124 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:59:27.0767 3124 RasAcd - ok
11:59:28.0033 3124 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:59:28.0157 3124 RasAuto - ok
11:59:28.0204 3124 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:59:28.0423 3124 Rasl2tp - ok
11:59:28.0688 3124 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
11:59:28.0750 3124 RasMan - ok
11:59:28.0859 3124 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:59:28.0953 3124 RasPppoe - ok
11:59:29.0125 3124 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:59:29.0171 3124 RasSstp - ok
11:59:29.0327 3124 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:59:29.0452 3124 rdbss - ok
11:59:29.0515 3124 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:59:29.0561 3124 RDPCDD - ok
11:59:29.0686 3124 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
11:59:29.0749 3124 rdpdr - ok
11:59:29.0795 3124 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:59:29.0858 3124 RDPENCDD - ok
11:59:30.0279 3124 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
11:59:30.0404 3124 RDPWD - ok
11:59:30.0451 3124 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:59:30.0497 3124 RemoteAccess - ok
11:59:30.0591 3124 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
11:59:30.0669 3124 RemoteRegistry - ok
11:59:30.0700 3124 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:59:30.0794 3124 RpcLocator - ok
11:59:31.0761 3124 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:59:31.0808 3124 RpcSs - ok
11:59:32.0713 3124 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:59:32.0806 3124 rspndr - ok
11:59:33.0305 3124 RTSTOR (8f6b5cfcd472fd3e54a68d211ec4617b) C:\Windows\system32\drivers\RTSTOR.SYS
11:59:33.0337 3124 RTSTOR - ok
11:59:33.0415 3124 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:59:33.0430 3124 SamSs - ok
11:59:33.0727 3124 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:59:33.0742 3124 sbp2port - ok
11:59:33.0992 3124 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
11:59:34.0023 3124 SCardSvr - ok
11:59:34.0273 3124 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
11:59:34.0538 3124 Schedule - ok
11:59:34.0600 3124 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:59:34.0631 3124 SCPolicySvc - ok
11:59:34.0709 3124 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:59:34.0803 3124 SDRSVC - ok
11:59:34.0865 3124 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:59:34.0943 3124 secdrv - ok
11:59:35.0006 3124 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:59:35.0099 3124 seclogon - ok
11:59:35.0193 3124 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
11:59:35.0271 3124 SENS - ok
11:59:35.0349 3124 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:59:35.0505 3124 Serenum - ok
11:59:35.0583 3124 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:59:35.0708 3124 Serial - ok
11:59:35.0770 3124 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:59:35.0817 3124 sermouse - ok
11:59:35.0911 3124 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:59:36.0051 3124 SessionEnv - ok
11:59:36.0098 3124 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
11:59:36.0129 3124 sffdisk - ok
11:59:36.0160 3124 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
11:59:36.0238 3124 sffp_mmc - ok
11:59:36.0301 3124 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
11:59:36.0347 3124 sffp_sd - ok
11:59:36.0410 3124 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:59:36.0488 3124 sfloppy - ok
11:59:36.0535 3124 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:59:36.0675 3124 SharedAccess - ok
11:59:36.0831 3124 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
11:59:36.0956 3124 ShellHWDetection - ok
11:59:37.0112 3124 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
11:59:37.0174 3124 sisagp - ok
11:59:37.0283 3124 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
11:59:37.0377 3124 SiSRaid2 - ok
11:59:37.0549 3124 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
11:59:37.0611 3124 SiSRaid4 - ok
11:59:38.0126 3124 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
11:59:38.0407 3124 Skype C2C Service - ok
11:59:38.0609 3124 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe
11:59:38.0641 3124 SkypeUpdate - ok
11:59:39.0718 3124 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
11:59:40.0545 3124 slsvc - ok
11:59:40.0748 3124 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
11:59:40.0810 3124 SLUINotify - ok
11:59:40.0966 3124 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:59:41.0044 3124 Smb - ok
11:59:41.0138 3124 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:59:41.0169 3124 SNMPTRAP - ok
11:59:41.0262 3124 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:59:41.0278 3124 spldr - ok
11:59:41.0450 3124 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
11:59:41.0574 3124 Spooler - ok
11:59:41.0871 3124 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:59:41.0949 3124 srv - ok
11:59:42.0136 3124 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:59:42.0292 3124 srv2 - ok
11:59:42.0744 3124 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:59:42.0760 3124 srvnet - ok
11:59:42.0854 3124 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:59:42.0900 3124 SSDPSRV - ok
11:59:42.0978 3124 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:59:43.0041 3124 SstpSvc - ok
11:59:43.0212 3124 STacSV (cb2449150a5ea17caa0b94363d9440cc) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.ex e
11:59:43.0228 3124 STacSV - ok
11:59:43.0306 3124 STHDA (14a9ad287fda70a06463e09c4328c1f2) C:\Windows\system32\DRIVERS\stwrt.sys
11:59:43.0493 3124 STHDA - ok
11:59:43.0571 3124 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
11:59:43.0743 3124 stisvc - ok
11:59:43.0821 3124 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:59:43.0883 3124 swenum - ok
11:59:43.0946 3124 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
11:59:44.0086 3124 swprv - ok
11:59:44.0180 3124 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:59:44.0195 3124 Symc8xx - ok
11:59:44.0367 3124 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:59:44.0398 3124 Sym_hi - ok
11:59:44.0414 3124 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:59:44.0445 3124 Sym_u3 - ok
11:59:44.0538 3124 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
11:59:44.0710 3124 SysMain - ok
11:59:44.0960 3124 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:59:45.0085 3124 TabletInputService - ok
11:59:45.0163 3124 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
11:59:45.0226 3124 TapiSrv - ok
11:59:45.0288 3124 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:59:45.0351 3124 TBS - ok
11:59:45.0475 3124 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
11:59:45.0522 3124 Tcpip - ok
11:59:45.0538 3124 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
11:59:45.0709 3124 Tcpip6 - ok
11:59:45.0975 3124 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
11:59:46.0068 3124 tcpipreg - ok
11:59:46.0162 3124 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:59:46.0209 3124 TDPIPE - ok
11:59:46.0240 3124 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:59:46.0349 3124 TDTCP - ok
11:59:46.0489 3124 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:59:46.0645 3124 tdx - ok
11:59:46.0723 3124 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:59:46.0739 3124 TermDD - ok
11:59:46.0817 3124 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
11:59:46.0926 3124 TermService - ok
11:59:47.0051 3124 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
11:59:47.0082 3124 Themes - ok
11:59:47.0113 3124 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:59:47.0160 3124 THREADORDER - ok
11:59:47.0191 3124 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:59:47.0238 3124 TrkWks - ok
11:59:47.0347 3124 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
11:59:47.0410 3124 TrustedInstaller - ok
11:59:47.0503 3124 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:59:47.0659 3124 tssecsrv - ok
11:59:47.0706 3124 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:59:47.0737 3124 tunmp - ok
11:59:47.0769 3124 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:59:47.0815 3124 tunnel - ok
11:59:47.0893 3124 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
11:59:47.0925 3124 uagp35 - ok
11:59:48.0018 3124 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:59:48.0143 3124 udfs - ok
11:59:48.0205 3124 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:59:48.0283 3124 UI0Detect - ok
11:59:48.0393 3124 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
11:59:48.0408 3124 uliagpkx - ok
11:59:48.0502 3124 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
11:59:48.0533 3124 uliahci - ok
11:59:48.0627 3124 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:59:48.0673 3124 UlSata - ok
11:59:48.0736 3124 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:59:48.0767 3124 ulsata2 - ok
11:59:48.0845 3124 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:59:48.0939 3124 umbus - ok
11:59:49.0001 3124 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:59:49.0188 3124 upnphost - ok
11:59:49.0251 3124 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
11:59:49.0297 3124 USBAAPL - ok
11:59:49.0407 3124 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:59:49.0485 3124 usbccgp - ok
11:59:49.0578 3124 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:59:49.0703 3124 usbcir - ok
11:59:49.0765 3124 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:59:49.0953 3124 usbehci - ok
11:59:50.0015 3124 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:59:50.0124 3124 usbhub - ok
11:59:50.0218 3124 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:59:50.0358 3124 usbohci - ok
11:59:50.0514 3124 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:59:50.0623 3124 usbprint - ok
11:59:50.0717 3124 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
11:59:50.0842 3124 usbscan - ok
11:59:50.0889 3124 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:59:51.0013 3124 USBSTOR - ok
11:59:51.0076 3124 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:59:51.0123 3124 usbuhci - ok
11:59:51.0201 3124 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
11:59:51.0279 3124 UxSms - ok
11:59:51.0357 3124 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
11:59:51.0513 3124 vds - ok
11:59:51.0622 3124 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
11:59:51.0731 3124 vga - ok
11:59:51.0856 3124 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:59:51.0903 3124 VgaSave - ok
11:59:51.0981 3124 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
11:59:52.0027 3124 viaagp - ok
11:59:52.0105 3124 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
11:59:52.0168 3124 ViaC7 - ok
11:59:52.0215 3124 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
11:59:52.0230 3124 viaide - ok
11:59:52.0261 3124 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:59:52.0277 3124 volmgr - ok
11:59:52.0324 3124 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:59:52.0386 3124 volmgrx - ok
11:59:52.0417 3124 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:59:52.0449 3124 volsnap - ok
11:59:52.0527 3124 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
11:59:52.0558 3124 vsmraid - ok
11:59:52.0745 3124 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
11:59:52.0995 3124 VSS - ok
11:59:53.0057 3124 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
11:59:53.0197 3124 W32Time - ok
11:59:53.0322 3124 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:59:53.0463 3124 WacomPen - ok
11:59:53.0712 3124 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:59:53.0821 3124 Wanarp - ok
11:59:53.0821 3124 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:59:53.0853 3124 Wanarpv6 - ok
11:59:54.0071 3124 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
11:59:54.0149 3124 wcncsvc - ok
11:59:54.0196 3124 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:59:54.0274 3124 WcsPlugInService - ok
11:59:54.0367 3124 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
11:59:54.0445 3124 Wd - ok
11:59:54.0539 3124 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:59:54.0586 3124 Wdf01000 - ok
11:59:54.0664 3124 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:59:54.0757 3124 WdiServiceHost - ok
11:59:54.0757 3124 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:59:54.0804 3124 WdiSystemHost - ok
11:59:54.0867 3124 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
11:59:54.0913 3124 WebClient - ok
11:59:54.0976 3124 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
11:59:55.0116 3124 Wecsvc - ok
11:59:55.0179 3124 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:59:55.0225 3124 wercplsupport - ok
11:59:55.0303 3124 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
11:59:55.0350 3124 WerSvc - ok
11:59:55.0600 3124 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:59:55.0615 3124 WinDefend - ok
11:59:55.0631 3124 WinHttpAutoProxySvc - ok
11:59:55.0725 3124 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
11:59:55.0756 3124 Winmgmt - ok
11:59:55.0959 3124 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
11:59:56.0146 3124 WinRM - ok
11:59:56.0255 3124 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
11:59:56.0364 3124 Wlansvc - ok
11:59:56.0380 3124 wltrysvc - ok
11:59:56.0473 3124 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:59:56.0520 3124 WmiAcpi - ok
11:59:56.0661 3124 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
11:59:56.0770 3124 wmiApSrv - ok
11:59:56.0988 3124 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:59:57.0253 3124 WMPNetworkSvc - ok
11:59:57.0363 3124 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
11:59:57.0487 3124 WPCSvc - ok
11:59:57.0597 3124 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
11:59:57.0706 3124 WPDBusEnum - ok
11:59:57.0846 3124 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:59:57.0955 3124 WpdUsb - ok
11:59:58.0221 3124 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:59:58.0314 3124 WPFFontCache_v0400 - ok
11:59:58.0392 3124 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:59:58.0501 3124 ws2ifsl - ok
11:59:58.0595 3124 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
11:59:58.0626 3124 wscsvc - ok
11:59:58.0626 3124 WSearch - ok
11:59:58.0829 3124 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
11:59:59.0016 3124 wuauserv - ok
11:59:59.0297 3124 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:59:59.0344 3124 WUDFRd - ok
11:59:59.0453 3124 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:59:59.0547 3124 wudfsvc - ok
11:59:59.0578 3124 yksvc - ok
11:59:59.0640 3124 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
11:59:59.0749 3124 yukonwlh - ok
11:59:59.0859 3124 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
12:00:00.0951 3124 \Device\Harddisk0\DR0 - ok
12:00:01.0044 3124 Boot (0x1200) (6cd61c58db72a28acdc82de03a11535a) \Device\Harddisk0\DR0\Partition0
12:00:01.0060 3124 \Device\Harddisk0\DR0\Partition0 - ok
12:00:01.0122 3124 Boot (0x1200) (9aa9370c0011398c1cbb542e7d8b7b98) \Device\Harddisk0\DR0\Partition1
12:00:01.0138 3124 \Device\Harddisk0\DR0\Partition1 - ok
12:00:01.0138 3124 ============================================================
12:00:01.0138 3124 Scan finished
12:00:01.0138 3124 ============================================================
12:00:01.0309 3932 Detected object count: 8
12:00:01.0309 3932 Actual detected object count: 8
12:00:21.0996 3932 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
12:00:21.0996 3932 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:00:21.0996 3932 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
12:00:21.0996 3932 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:00:21.0996 3932 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
12:00:21.0996 3932 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:00:21.0996 3932 MpKsl0cd16913 ( ForgedFile.Multi.Generic ) - skipped by user
12:00:21.0996 3932 MpKsl0cd16913 ( ForgedFile.Multi.Generic ) - User select action: Skip
12:00:22.0012 3932 MpKsl7816b24b ( ForgedFile.Multi.Generic ) - skipped by user
12:00:22.0012 3932 MpKsl7816b24b ( ForgedFile.Multi.Generic ) - User select action: Skip
12:00:22.0012 3932 MpKsl930dc5f4 ( ForgedFile.Multi.Generic ) - skipped by user
12:00:22.0012 3932 MpKsl930dc5f4 ( ForgedFile.Multi.Generic ) - User select action: Skip
12:00:22.0012 3932 MpKsle7ee57eb ( ForgedFile.Multi.Generic ) - skipped by user
12:00:22.0012 3932 MpKsle7ee57eb ( ForgedFile.Multi.Generic ) - User select action: Skip
12:00:22.0012 3932 MpKslfb2b28ba ( ForgedFile.Multi.Generic ) - skipped by user
12:00:22.0012 3932 MpKslfb2b28ba ( ForgedFile.Multi.Generic ) - User select action: Skip
12:01:22.0056 3412 ============================================================
12:01:22.0056 3412 Scan started
12:01:22.0056 3412 Mode: Manual; SigCheck; TDLFS;
12:01:22.0056 3412 ============================================================
12:01:22.0352 3412 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
12:01:22.0399 3412 ACPI - ok
12:01:22.0462 3412 ActionReplayDS (f35b5d0cc142b87e687fc504baa69d82) C:\Windows\system32\Drivers\ActionReplayDS.sys
12:01:22.0477 3412 ActionReplayDS - ok
12:01:22.0571 3412 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:01:22.0586 3412 AdobeFlashPlayerUpdateSvc - ok
12:01:22.0649 3412 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
12:01:22.0680 3412 adp94xx - ok
12:01:22.0774 3412 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
12:01:22.0805 3412 adpahci - ok
12:01:22.0867 3412 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
12:01:22.0883 3412 adpu160m - ok
12:01:23.0008 3412 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
12:01:23.0023 3412 adpu320 - ok
12:01:23.0164 3412 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
12:01:23.0195 3412 AeLookupSvc - ok
12:01:23.0304 3412 AESTFilters (087b04ca45e2f059a55709b0b8f95ea9) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\aestsrv.e xe
12:01:23.0320 3412 AESTFilters - ok
12:01:23.0444 3412 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
12:01:23.0460 3412 AFD - ok
12:01:23.0538 3412 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
12:01:23.0554 3412 agp440 - ok
12:01:23.0663 3412 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:01:23.0678 3412 aic78xx - ok
12:01:23.0725 3412 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
12:01:23.0772 3412 ALG - ok
12:01:23.0819 3412 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
12:01:23.0834 3412 aliide - ok
12:01:23.0928 3412 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
12:01:23.0944 3412 amdagp - ok
12:01:23.0975 3412 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
12:01:24.0006 3412 amdide - ok
12:01:24.0022 3412 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
12:01:24.0068 3412 AmdK7 - ok
12:01:24.0115 3412 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
12:01:24.0162 3412 AmdK8 - ok
12:01:24.0474 3412 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
12:01:24.0490 3412 ApfiltrService - ok
12:01:24.0692 3412 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
12:01:24.0708 3412 Appinfo - ok
12:01:24.0926 3412 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:01:24.0942 3412 Apple Mobile Device - ok
12:01:25.0114 3412 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
12:01:25.0129 3412 arc - ok
12:01:25.0223 3412 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
12:01:25.0238 3412 arcsas - ok
12:01:25.0285 3412 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:01:25.0332 3412 AsyncMac - ok
12:01:25.0472 3412 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
12:01:25.0488 3412 atapi - ok
12:01:25.0582 3412 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:01:25.0613 3412 AudioEndpointBuilder - ok
12:01:25.0628 3412 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:01:25.0660 3412 Audiosrv - ok
12:01:25.0909 3412 BBSvc (ceabb1e93186e7056ea46cbad8f8fd85) C:\Program Files\Microsoft\BingBar\7.1.382.0\BBSvc.exe
12:01:25.0925 3412 BBSvc - ok
12:01:26.0081 3412 BBUpdate (c0d34db1235b6a5c3df5a5c212d67f73) C:\Program Files\Microsoft\BingBar\7.1.382.0\SeaPort.exe
12:01:26.0112 3412 BBUpdate - ok
12:01:26.0143 3412 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
12:01:26.0159 3412 BCM42RLY - ok
12:01:26.0315 3412 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys
12:01:26.0377 3412 BCM43XX - ok
12:01:26.0486 3412 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:01:26.0518 3412 Beep - ok
12:01:26.0564 3412 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
12:01:26.0611 3412 BFE - ok
12:01:26.0689 3412 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
12:01:26.0736 3412 BITS - ok
12:01:26.0830 3412 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
12:01:26.0861 3412 blbdrive - ok
12:01:26.0970 3412 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
12:01:26.0986 3412 Bonjour Service - ok
12:01:27.0079 3412 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
12:01:27.0095 3412 bowser - ok
12:01:27.0157 3412 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:01:27.0188 3412 BrFiltLo - ok
12:01:27.0282 3412 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:01:27.0298 3412 BrFiltUp - ok
12:01:27.0455 3412 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
12:01:27.0501 3412 Browser - ok
12:01:27.0845 3412 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:01:27.0907 3412 Brserid - ok
12:01:27.0985 3412 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:01:28.0063 3412 BrSerWdm - ok
12:01:28.0094 3412 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:01:28.0157 3412 BrUsbMdm - ok
12:01:28.0188 3412 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:01:28.0266 3412 BrUsbSer - ok
12:01:28.0344 3412 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:01:28.0406 3412 BTHMODEM - ok
12:01:28.0500 3412 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:01:28.0531 3412 cdfs - ok
12:01:28.0625 3412 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
12:01:28.0656 3412 cdrom - ok
12:01:28.0703 3412 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:01:28.0734 3412 CertPropSvc - ok
12:01:28.0859 3412 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
12:01:28.0905 3412 circlass - ok
12:01:28.0983 3412 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
12:01:29.0015 3412 CLFS - ok
12:01:29.0233 3412 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:01:29.0249 3412 clr_optimization_v2.0.50727_32 - ok
12:01:29.0311 3412 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:01:29.0327 3412 clr_optimization_v4.0.30319_32 - ok
12:01:29.0405 3412 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
12:01:29.0451 3412 CmBatt - ok
12:01:29.0607 3412 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
12:01:29.0639 3412 cmdide - ok
12:01:29.0701 3412 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
12:01:29.0717 3412 Compbatt - ok
12:01:29.0717 3412 COMSysApp - ok
12:01:29.0779 3412 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
12:01:29.0795 3412 crcdisk - ok
12:01:29.0826 3412 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
12:01:29.0873 3412 Crusoe - ok
12:01:30.0122 3412 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
12:01:30.0138 3412 CryptSvc - ok
12:01:30.0356 3412 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
12:01:30.0403 3412 DcomLaunch - ok
12:01:30.0512 3412 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
12:01:30.0528 3412 DfsC - ok
12:01:30.0887 3412 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
12:01:31.0027 3412 DFSR - ok
12:01:31.0417 3412 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
12:01:31.0448 3412 Dhcp - ok
12:01:31.0589 3412 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
12:01:31.0604 3412 disk - ok
12:01:31.0635 3412 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
12:01:31.0667 3412 Dnscache - ok
12:01:31.0838 3412 DockLoginService (db29915209770d8b59654345ec2d943a) C:\Program Files\Dell\DellDock\DockLogin.exe
12:01:31.0838 3412 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
12:01:31.0838 3412 DockLoginService - detected UnsignedFile.Multi.Generic (1)
12:01:31.0963 3412 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
12:01:31.0994 3412 dot3svc - ok
12:01:32.0259 3412 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
12:01:32.0306 3412 DPS - ok
12:01:32.0384 3412 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:01:32.0415 3412 drmkaud - ok
12:01:32.0525 3412 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
12:01:32.0556 3412 DXGKrnl - ok
12:01:32.0712 3412 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
12:01:32.0759 3412 e1express - ok
12:01:32.0915 3412 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:01:32.0961 3412 E1G60 - ok
12:01:32.0961 3412 EagleNT - ok
12:01:32.0961 3412 EagleXNt - ok
12:01:33.0039 3412 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
12:01:33.0071 3412 EapHost - ok
12:01:33.0117 3412 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
12:01:33.0133 3412 Ecache - ok
12:01:33.0258 3412 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
12:01:33.0289 3412 elxstor - ok
12:01:33.0476 3412 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
12:01:33.0507 3412 EMDMgmt - ok
12:01:33.0554 3412 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
12:01:33.0585 3412 ErrDev - ok
12:01:33.0648 3412 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
12:01:33.0679 3412 EventSystem - ok
12:01:33.0804 3412 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
12:01:33.0835 3412 exfat - ok
12:01:33.0929 3412 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
12:01:33.0960 3412 fastfat - ok
12:01:34.0053 3412 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
12:01:34.0085 3412 fdc - ok
12:01:34.0163 3412 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
12:01:34.0209 3412 fdPHost - ok
12:01:34.0256 3412 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
12:01:34.0334 3412 FDResPub - ok
12:01:34.0350 3412 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:01:34.0365 3412 FileInfo - ok
12:01:34.0459 3412 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:01:34.0490 3412 Filetrace - ok
12:01:34.0896 3412 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
12:01:35.0036 3412 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
12:01:35.0036 3412 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
12:01:35.0411 3412 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
12:01:35.0442 3412 flpydisk - ok
12:01:35.0567 3412 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
12:01:35.0598 3412 FltMgr - ok
12:01:35.0660 3412 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
12:01:35.0707 3412 FontCache - ok
12:01:35.0957 3412 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:01:35.0972 3412 FontCache3.0.0.0 - ok
12:01:36.0081 3412 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
12:01:36.0097 3412 Fs_Rec - ok
12:01:36.0300 3412 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
12:01:36.0315 3412 gagp30kx - ok
12:01:36.0362 3412 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:01:36.0378 3412 GEARAspiWDM - ok
12:01:36.0487 3412 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
12:01:36.0503 3412 GoToAssist - ok
12:01:36.0799 3412 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
12:01:36.0830 3412 gpsvc - ok
12:01:36.0955 3412 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:01:37.0002 3412 HDAudBus - ok
12:01:37.0095 3412 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:01:37.0158 3412 HidBth - ok
12:01:37.0205 3412 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:01:37.0283 3412 HidIr - ok
12:01:37.0376 3412 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
12:01:37.0392 3412 hidserv - ok
12:01:37.0532 3412 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
12:01:37.0563 3412 HidUsb - ok
12:01:37.0641 3412 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
12:01:37.0688 3412 hkmsvc - ok
12:01:38.0063 3412 hnmsvc (26018afa49f03032ccd3c26eaa384a4c) c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
12:01:38.0094 3412 hnmsvc - ok
12:01:38.0187 3412 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
12:01:38.0203 3412 HpCISSs - ok
12:01:38.0328 3412 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
12:01:38.0359 3412 HTTP - ok
12:01:38.0468 3412 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
12:01:38.0484 3412 i2omp - ok
12:01:38.0562 3412 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:01:38.0593 3412 i8042prt - ok
12:01:38.0874 3412 IAANTMON (7b96206e4bdd2fe582f0dbc46f5f410e) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:01:38.0889 3412 IAANTMON - ok
12:01:39.0092 3412 iaStor (80c633722da72e97f3f5b3b11325696d) C:\Windows\system32\drivers\iastor.sys
12:01:39.0123 3412 iaStor - ok
12:01:39.0279 3412 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
12:01:39.0311 3412 iaStorV - ok
12:01:39.0591 3412 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:01:39.0638 3412 idsvc - ok
12:01:39.0888 3412 igfx (8dad27dd28a4274866767c89c0bf154f) C:\Windows\system32\DRIVERS\igdkmd32.sys
12:01:39.0981 3412 igfx - ok
12:01:40.0200 3412 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:01:40.0215 3412 iirsp - ok
12:01:40.0387 3412 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
12:01:40.0434 3412 IKEEXT - ok
12:01:40.0481 3412 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
12:01:40.0496 3412 intelide - ok
12:01:40.0527 3412 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:01:40.0559 3412 intelppm - ok
12:01:40.0621 3412 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
12:01:40.0668 3412 IPBusEnum - ok
12:01:40.0761 3412 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:01:40.0808 3412 IpFilterDriver - ok
12:01:40.0917 3412 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
12:01:40.0949 3412 iphlpsvc - ok
12:01:40.0949 3412 IpInIp - ok
12:01:40.0980 3412 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
12:01:41.0027 3412 IPMIDRV - ok
12:01:41.0073 3412 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:01:41.0120 3412 IPNAT - ok
12:01:41.0370 3412 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
12:01:41.0401 3412 iPod Service - ok
12:01:41.0448 3412 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:01:41.0479 3412 IRENUM - ok
12:01:41.0666 3412 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
12:01:41.0697 3412 isapnp - ok
12:01:41.0822 3412 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
12:01:41.0853 3412 iScsiPrt - ok
12:01:41.0916 3412 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:01:41.0931 3412 iteatapi - ok
12:01:42.0072 3412 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:01:42.0087 3412 iteraid - ok
12:01:42.0119 3412 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:01:42.0134 3412 kbdclass - ok
12:01:42.0197 3412 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
12:01:42.0228 3412 kbdhid - ok
12:01:42.0259 3412 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:01:42.0290 3412 KeyIso - ok
12:01:42.0384 3412 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
12:01:42.0415 3412 KSecDD - ok
12:01:42.0509 3412 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
12:01:42.0555 3412 KtmRm - ok
12:01:42.0680 3412 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
12:01:42.0696 3412 LanmanServer - ok
12:01:42.0789 3412 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
12:01:42.0821 3412 LanmanWorkstation - ok
12:01:42.0883 3412 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:01:42.0930 3412 lltdio - ok
12:01:43.0179 3412 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
12:01:43.0226 3412 lltdsvc - ok
12:01:43.0289 3412 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
12:01:43.0367 3412 lmhosts - ok
12:01:43.0585 3412 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
12:01:43.0601 3412 LSI_FC - ok
12:01:43.0632 3412 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
12:01:43.0647 3412 LSI_SAS - ok
12:01:43.0741 3412 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
12:01:43.0772 3412 LSI_SCSI - ok
12:01:43.0819 3412 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:01:43.0850 3412 luafv - ok
12:01:43.0959 3412 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\Windows\system32\DRIVERS\MarvinBus.sys
12:01:43.0959 3412 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
12:01:43.0959 3412 MarvinBus - detected UnsignedFile.Multi.Generic (1)
12:01:44.0037 3412 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
12:01:44.0053 3412 megasas - ok
12:01:44.0178 3412 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
12:01:44.0209 3412 MegaSR - ok
12:01:44.0287 3412 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:01:44.0318 3412 MMCSS - ok
12:01:44.0365 3412 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:01:44.0412 3412 Modem - ok
12:01:44.0490 3412 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:01:44.0521 3412 monitor - ok
12:01:44.0568 3412 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:01:44.0583 3412 mouclass - ok
12:01:44.0661 3412 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:01:44.0693 3412 mouhid - ok
12:01:44.0739 3412 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:01:44.0755 3412 MountMgr - ok
12:01:44.0880 3412 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
12:01:44.0911 3412 MpFilter - ok
12:01:44.0973 3412 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
12:01:45.0005 3412 mpio - ok
12:01:45.0192 3412 MpKsl0c27eaf7 - ok
12:01:45.0317 3412 MpKsl0cd16913 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl0cd16913.sys
12:01:45.0317 3412 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl0cd16913.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
12:01:45.0317 3412 MpKsl0cd16913 ( ForgedFile.Multi.Generic ) - warning
12:01:45.0317 3412 MpKsl0cd16913 - detected ForgedFile.Multi.Generic (1)
12:01:45.0332 3412 MpKsl11b72986 - ok
12:01:45.0332 3412 MpKsl3232f0b3 - ok
12:01:45.0348 3412 MpKsl328be7e7 - ok
12:01:45.0348 3412 MpKsl33da49c2 - ok
12:01:45.0363 3412 MpKsl3fb4efde - ok
12:01:45.0363 3412 MpKsl4520ecbb - ok
12:01:45.0379 3412 MpKsl49269eae - ok
12:01:45.0379 3412 MpKsl5b54688f - ok
12:01:45.0379 3412 MpKsl604f3001 - ok
12:01:45.0395 3412 MpKsl67f629ec - ok
12:01:45.0395 3412 MpKsl77c355e6 - ok
12:01:45.0519 3412 MpKsl7816b24b (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl7816b24b.sys
12:01:45.0519 3412 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl7816b24b.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
12:01:45.0519 3412 MpKsl7816b24b ( ForgedFile.Multi.Generic ) - warning
12:01:45.0519 3412 MpKsl7816b24b - detected ForgedFile.Multi.Generic (1)
12:01:45.0519 3412 MpKsl83e5224d - ok
12:01:45.0519 3412 MpKsl8bef60fb - ok
12:01:45.0582 3412 MpKsl930dc5f4 (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl930dc5f4.sys
12:01:45.0582 3412 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl930dc5f4.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
12:01:45.0582 3412 MpKsl930dc5f4 ( ForgedFile.Multi.Generic ) - warning
12:01:45.0582 3412 MpKsl930dc5f4 - detected ForgedFile.Multi.Generic (1)
12:01:45.0582 3412 MpKsl955ee223 - ok
12:01:45.0597 3412 MpKsl9cac146f - ok
12:01:45.0597 3412 MpKsla11cf7bb - ok
12:01:45.0613 3412 MpKslb7bc710a - ok
12:01:45.0613 3412 MpKslca246bd7 - ok
12:01:45.0613 3412 MpKsld9296210 - ok
12:01:45.0707 3412 MpKsle7ee57eb (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsle7ee57eb.sys
12:01:45.0707 3412 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsle7ee57eb.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
12:01:45.0722 3412 MpKsle7ee57eb ( ForgedFile.Multi.Generic ) - warning
12:01:45.0722 3412 MpKsle7ee57eb - detected ForgedFile.Multi.Generic (1)
12:01:45.0785 3412 MpKslfb2b28ba (5f53edfead46fa7adb78eee9ecce8fdf) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKslfb2b28ba.sys
12:01:45.0785 3412 Suspicious file (Forged): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKslfb2b28ba.sys. Real md5: 5f53edfead46fa7adb78eee9ecce8fdf, Fake md5: 7702b27661f74715060586b65246b849
12:01:45.0785 3412 MpKslfb2b28ba ( ForgedFile.Multi.Generic ) - warning
12:01:45.0785 3412 MpKslfb2b28ba - detected ForgedFile.Multi.Generic (1)
12:01:45.0800 3412 MpKslff758f63 - ok
12:01:45.0863 3412 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
12:01:45.0878 3412 MpNWMon - ok
12:01:45.0987 3412 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:01:46.0019 3412 mpsdrv - ok
12:01:46.0175 3412 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
12:01:46.0221 3412 MpsSvc - ok
12:01:46.0331 3412 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:01:46.0346 3412 Mraid35x - ok
12:01:46.0487 3412 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
12:01:46.0518 3412 MRxDAV - ok
12:01:46.0627 3412 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:01:46.0643 3412 mrxsmb - ok
12:01:46.0955 3412 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:01:46.0970 3412 mrxsmb10 - ok
12:01:47.0017 3412 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:01:47.0033 3412 mrxsmb20 - ok
12:01:47.0111 3412 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
12:01:47.0142 3412 msahci - ok
12:01:47.0204 3412 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
12:01:47.0220 3412 msdsm - ok
12:01:47.0345 3412 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
12:01:47.0376 3412 MSDTC - ok
12:01:47.0485 3412 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:01:47.0516 3412 Msfs - ok
12:01:47.0563 3412 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:01:47.0579 3412 msisadrv - ok
12:01:47.0672 3412 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
12:01:47.0719 3412 MSiSCSI - ok
12:01:47.0719 3412 msiserver - ok
12:01:47.0813 3412 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:01:47.0859 3412 MSKSSRV - ok
12:01:48.0109 3412 MsMpSvc (90dc23d940551db35367fb1e40575b25) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
12:01:48.0140 3412 MsMpSvc - ok
12:01:48.0171 3412 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:01:48.0218 3412 MSPCLOCK - ok
12:01:48.0234 3412 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:01:48.0281 3412 MSPQM - ok
12:01:48.0374 3412 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
12:01:48.0390 3412 MsRPC - ok
12:01:48.0437 3412 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:01:48.0468 3412 mssmbios - ok
12:01:48.0546 3412 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:01:48.0577 3412 MSTEE - ok
12:01:48.0608 3412 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
12:01:48.0624 3412 Mup - ok
12:01:48.0858 3412 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
12:01:48.0905 3412 napagent - ok
12:01:48.0951 3412 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
12:01:48.0967 3412 NativeWifiP - ok
12:01:49.0170 3412 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
12:01:49.0201 3412 NDIS - ok
12:01:49.0279 3412 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:01:49.0310 3412 NdisTapi - ok
12:01:49.0326 3412 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:01:49.0373 3412 Ndisuio - ok
12:01:49.0419 3412 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:01:49.0451 3412 NdisWan - ok
12:01:49.0513 3412 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:01:49.0544 3412 NDProxy - ok
12:01:49.0653 3412 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:01:49.0700 3412 NetBIOS - ok
12:01:49.0763 3412 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
12:01:49.0794 3412 netbt - ok
12:01:49.0872 3412 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:01:49.0903 3412 Netlogon - ok
12:01:50.0090 3412 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
12:01:50.0137 3412 Netman - ok
12:01:50.0246 3412 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
12:01:50.0293 3412 netprofm - ok
12:01:50.0574 3412 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:01:50.0605 3412 NetTcpPortSharing - ok
12:01:50.0777 3412 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:01:50.0792 3412 nfrd960 - ok
12:01:50.0855 3412 NisDrv (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:01:50.0870 3412 NisDrv - ok
12:01:51.0213 3412 NisSrv (c73de53197ac0c4db60b80588f0d54df) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
12:01:51.0245 3412 NisSrv - ok
12:01:51.0463 3412 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
12:01:51.0494 3412 NlaSvc - ok
12:01:51.0572 3412 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
12:01:51.0603 3412 Npfs - ok
12:01:51.0635 3412 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
12:01:51.0666 3412 nsi - ok
12:01:51.0744 3412 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:01:51.0791 3412 nsiproxy - ok
12:01:51.0978 3412 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
12:01:52.0040 3412 Ntfs - ok
12:01:52.0196 3412 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:01:52.0259 3412 ntrigdigi - ok
12:01:52.0290 3412 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:01:52.0337 3412 Null - ok
12:01:52.0415 3412 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
12:01:52.0430 3412 nvraid - ok
12:01:52.0508 3412 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
12:01:52.0524 3412 nvstor - ok
12:01:52.0586 3412 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
12:01:52.0602 3412 nv_agp - ok
12:01:52.0617 3412 NwlnkFlt - ok
12:01:52.0617 3412 NwlnkFwd - ok
12:01:52.0680 3412 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
12:01:52.0758 3412 ohci1394 - ok
12:01:52.0945 3412 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:01:52.0961 3412 ose - ok
12:01:53.0179 3412 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:01:53.0226 3412 p2pimsvc - ok
12:01:53.0226 3412 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:01:53.0273 3412 p2psvc - ok
12:01:53.0335 3412 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
12:01:53.0351 3412 Packet - ok
12:01:53.0444 3412 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
12:01:53.0507 3412 Parport - ok
12:01:53.0553 3412 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
12:01:53.0585 3412 partmgr - ok
12:01:53.0631 3412 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
12:01:53.0694 3412 Parvdm - ok
12:01:53.0741 3412 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
12:01:53.0756 3412 PcaSvc - ok
12:01:53.0897 3412 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
12:01:53.0928 3412 pci - ok
12:01:53.0975 3412 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
12:01:54.0006 3412 pciide - ok
12:01:54.0037 3412 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
12:01:54.0053 3412 pcmcia - ok
12:01:54.0333 3412 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:01:54.0411 3412 PEAUTH - ok
12:01:54.0583 3412 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
12:01:54.0661 3412 pla - ok
12:01:54.0848 3412 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
12:01:54.0895 3412 PlugPlay - ok
12:01:54.0957 3412 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:01:54.0989 3412 PNRPAutoReg - ok
12:01:55.0004 3412 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:01:55.0035 3412 PNRPsvc - ok
12:01:55.0145 3412 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
12:01:55.0176 3412 PolicyAgent - ok
12:01:55.0363 3412 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:01:55.0410 3412 PptpMiniport - ok
12:01:55.0472 3412 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
12:01:55.0519 3412 Processor - ok
12:01:55.0675 3412 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
12:01:55.0706 3412 ProfSvc - ok
12:01:55.0784 3412 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:01:55.0800 3412 ProtectedStorage - ok
12:01:55.0847 3412 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
12:01:55.0878 3412 PSched - ok
12:01:56.0034 3412 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
12:01:56.0081 3412 ql2300 - ok
12:01:56.0159 3412 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:01:56.0174 3412 ql40xx - ok
12:01:56.0237 3412 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
12:01:56.0268 3412 QWAVE - ok
12:01:56.0330 3412 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:01:56.0346 3412 QWAVEdrv - ok
12:01:56.0564 3412 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
12:01:56.0705 3412 R300 - ok
12:01:56.0876 3412 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:01:56.0923 3412 RasAcd - ok
12:01:57.0001 3412 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
12:01:57.0032 3412 RasAuto - ok
12:01:57.0095 3412 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:01:57.0126 3412 Rasl2tp - ok
12:01:57.0235 3412 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
12:01:57.0266 3412 RasMan - ok
12:01:57.0313 3412 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
12:01:57.0344 3412 RasPppoe - ok
12:01:57.0360 3412 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
12:01:57.0391 3412 RasSstp - ok
12:01:57.0438 3412 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
12:01:57.0469 3412 rdbss - ok
12:01:57.0531 3412 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:01:57.0578 3412 RDPCDD - ok
12:01:57.0656 3412 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
12:01:57.0703 3412 rdpdr - ok
12:01:57.0703 3412 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:01:57.0750 3412 RDPENCDD - ok
12:01:57.0828 3412 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
12:01:57.0859 3412 RDPWD - ok
12:01:57.0953 3412 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
12:01:57.0999 3412 RemoteAccess - ok
12:01:58.0062 3412 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
12:01:58.0093 3412 RemoteRegistry - ok
12:01:58.0155 3412 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
12:01:58.0171 3412 RpcLocator - ok
12:01:58.0296 3412 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
12:01:58.0343 3412 RpcSs - ok
12:01:58.0436 3412 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:01:58.0467 3412 rspndr - ok
12:01:58.0608 3412 RTSTOR (8f6b5cfcd472fd3e54a68d211ec4617b) C:\Windows\system32\drivers\RTSTOR.SYS
12:01:58.0623 3412 RTSTOR - ok
12:01:58.0748 3412 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:01:58.0779 3412 SamSs - ok
12:01:59.0076 3412 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:01:59.0091 3412 sbp2port - ok
12:01:59.0201 3412 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
12:01:59.0232 3412 SCardSvr - ok
12:01:59.0279 3412 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
12:01:59.0325 3412 Schedule - ok
12:01:59.0357 3412 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:01:59.0388 3412 SCPolicySvc - ok
12:01:59.0419 3412 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
12:01:59.0435 3412 SDRSVC - ok
12:01:59.0575 3412 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:01:59.0637 3412 secdrv - ok
12:01:59.0700 3412 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
12:01:59.0731 3412 seclogon - ok
12:01:59.0793 3412 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
12:01:59.0840 3412 SENS - ok
12:01:59.0887 3412 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
12:01:59.0949 3412 Serenum - ok
12:01:59.0996 3412 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
12:02:00.0074 3412 Serial - ok
12:02:00.0105 3412 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:02:00.0152 3412 sermouse - ok
12:02:00.0246 3412 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
12:02:00.0293 3412 SessionEnv - ok
12:02:00.0355 3412 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
12:02:00.0386 3412 sffdisk - ok
12:02:00.0480 3412 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
12:02:00.0511 3412 sffp_mmc - ok
12:02:00.0589 3412 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
12:02:00.0620 3412 sffp_sd - ok
12:02:00.0667 3412 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
12:02:00.0729 3412 sfloppy - ok
12:02:00.0839 3412 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
12:02:00.0885 3412 SharedAccess - ok
12:02:00.0979 3412 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
12:02:00.0995 3412 ShellHWDetection - ok
12:02:01.0166 3412 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
12:02:01.0197 3412 sisagp - ok
12:02:01.0260 3412 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
12:02:01.0275 3412 SiSRaid2 - ok
12:02:01.0541 3412 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
12:02:01.0556 3412 SiSRaid4 - ok
12:02:01.0962 3412 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:02:02.0087 3412 Skype C2C Service - ok
12:02:02.0289 3412 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe
12:02:02.0305 3412 SkypeUpdate - ok
12:02:02.0835 3412 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
12:02:03.0350 3412 slsvc - ok
12:02:03.0506 3412 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
12:02:03.0537 3412 SLUINotify - ok
12:02:03.0756 3412 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
12:02:03.0787 3412 Smb - ok
12:02:03.0818 3412 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
12:02:03.0849 3412 SNMPTRAP - ok
12:02:03.0881 3412 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:02:03.0896 3412 spldr - ok
12:02:03.0959 3412 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
12:02:03.0974 3412 Spooler - ok
12:02:04.0052 3412 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
12:02:04.0068 3412 srv - ok
12:02:04.0193 3412 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
12:02:04.0208 3412 srv2 - ok
12:02:04.0364 3412 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
12:02:04.0395 3412 srvnet - ok
12:02:04.0489 3412 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
12:02:04.0536 3412 SSDPSRV - ok
12:02:04.0598 3412 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
12:02:04.0629 3412 SstpSvc - ok
12:02:04.0848 3412 STacSV (cb2449150a5ea17caa0b94363d9440cc) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\STacSV.ex e
12:02:04.0863 3412 STacSV - ok
12:02:05.0066 3412 STHDA (14a9ad287fda70a06463e09c4328c1f2) C:\Windows\system32\DRIVERS\stwrt.sys
12:02:05.0097 3412 STHDA - ok
12:02:05.0238 3412 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
12:02:05.0269 3412 stisvc - ok
12:02:05.0331 3412 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:02:05.0363 3412 swenum - ok
12:02:05.0519 3412 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
12:02:05.0565 3412 swprv - ok
12:02:05.0706 3412 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:02:05.0721 3412 Symc8xx - ok
12:02:05.0799 3412 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:02:05.0831 3412 Sym_hi - ok
12:02:05.0893 3412 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:02:05.0909 3412 Sym_u3 - ok
12:02:05.0987 3412 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
12:02:06.0033 3412 SysMain - ok
12:02:06.0158 3412 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
12:02:06.0189 3412 TabletInputService - ok
12:02:06.0267 3412 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
12:02:06.0299 3412 TapiSrv - ok
12:02:06.0392 3412 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
12:02:06.0439 3412 TBS - ok
12:02:06.0517 3412 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
12:02:06.0564 3412 Tcpip - ok
12:02:06.0579 3412 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
12:02:06.0626 3412 Tcpip6 - ok
12:02:06.0860 3412 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
12:02:06.0876 3412 tcpipreg - ok
12:02:07.0016 3412 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:02:07.0063 3412 TDPIPE - ok
12:02:07.0110 3412 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:02:07.0141 3412 TDTCP - ok
12:02:07.0219 3412 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
12:02:07.0250 3412 tdx - ok
12:02:07.0359 3412 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
12:02:07.0375 3412 TermDD - ok
12:02:07.0562 3412 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
12:02:07.0609 3412 TermService - ok
12:02:07.0671 3412 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
12:02:07.0703 3412 Themes - ok
12:02:07.0796 3412 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:02:07.0843 3412 THREADORDER - ok
12:02:07.0890 3412 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
12:02:07.0937 3412 TrkWks - ok
12:02:08.0155 3412 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
12:02:08.0186 3412 TrustedInstaller - ok
12:02:08.0249 3412 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:02:08.0280 3412 tssecsrv - ok
12:02:08.0327 3412 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:02:08.0358 3412 tunmp - ok
12:02:08.0420 3412 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
12:02:08.0436 3412 tunnel - ok
12:02:08.0732 3412 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
12:02:08.0763 3412 uagp35 - ok
12:02:08.0826 3412 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
12:02:08.0857 3412 udfs - ok
12:02:08.0904 3412 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
12:02:08.0951 3412 UI0Detect - ok
12:02:09.0200 3412 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
12:02:09.0216 3412 uliagpkx - ok
12:02:09.0372 3412 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
12:02:09.0403 3412 uliahci - ok
12:02:09.0481 3412 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:02:09.0497 3412 UlSata - ok
12:02:09.0590 3412 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:02:09.0606 3412 ulsata2 - ok
12:02:09.0715 3412 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:02:09.0746 3412 umbus - ok
12:02:09.0809 3412 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
12:02:09.0855 3412 upnphost - ok
12:02:09.0918 3412 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
12:02:09.0949 3412 USBAAPL - ok
12:02:10.0058 3412 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
12:02:10.0089 3412 usbccgp - ok
12:02:10.0152 3412 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:02:10.0230 3412 usbcir - ok
12:02:10.0308 3412 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
12:02:10.0339 3412 usbehci - ok
12:02:10.0386 3412 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
12:02:10.0417 3412 usbhub - ok
12:02:10.0448 3412 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
12:02:10.0526 3412 usbohci - ok
12:02:10.0589 3412 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
12:02:10.0635 3412 usbprint - ok
12:02:10.0713 3412 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
12:02:10.0745 3412 usbscan - ok
12:02:10.0916 3412 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:02:10.0947 3412 USBSTOR - ok
12:02:10.0994 3412 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:02:11.0025 3412 usbuhci - ok
12:02:11.0150 3412 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
12:02:11.0181 3412 UxSms - ok
12:02:11.0337 3412 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
12:02:11.0384 3412 vds - ok
12:02:11.0634 3412 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
12:02:11.0681 3412 vga - ok
12:02:11.0790 3412 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:02:11.0837 3412 VgaSave - ok
12:02:11.0915 3412 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
12:02:11.0946 3412 viaagp - ok
12:02:12.0039 3412 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
12:02:12.0071 3412 ViaC7 - ok
12:02:12.0102 3412 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
12:02:12.0133 3412 viaide - ok
12:02:12.0227 3412 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:02:12.0242 3412 volmgr - ok
12:02:12.0367 3412 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
12:02:12.0398 3412 volmgrx - ok
12:02:12.0523 3412 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
12:02:12.0554 3412 volsnap - ok
12:02:12.0617 3412 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
12:02:12.0632 3412 vsmraid - ok
12:02:12.0726 3412 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
12:02:12.0788 3412 VSS - ok
12:02:13.0007 3412 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
12:02:13.0038 3412 W32Time - ok
12:02:13.0256 3412 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:02:13.0334 3412 WacomPen - ok
12:02:13.0365 3412 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:02:13.0412 3412 Wanarp - ok
12:02:13.0412 3412 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:02:13.0443 3412 Wanarpv6 - ok
12:02:13.0506 3412 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
12:02:13.0537 3412 wcncsvc - ok
12:02:13.0584 3412 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
12:02:13.0615 3412 WcsPlugInService - ok
12:02:13.0693 3412 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
12:02:13.0724 3412 Wd - ok
12:02:13.0802 3412 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
12:02:13.0833 3412 Wdf01000 - ok
12:02:13.0896 3412 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:02:13.0943 3412 WdiServiceHost - ok
12:02:13.0943 3412 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:02:13.0989 3412 WdiSystemHost - ok
12:02:14.0083 3412 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
12:02:14.0099 3412 WebClient - ok
12:02:14.0145 3412 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
12:02:14.0177 3412 Wecsvc - ok
12:02:14.0208 3412 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
12:02:14.0239 3412 wercplsupport - ok
12:02:14.0301 3412 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
12:02:14.0333 3412 WerSvc - ok
12:02:14.0489 3412 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
12:02:14.0504 3412 WinDefend - ok
12:02:14.0520 3412 WinHttpAutoProxySvc - ok
12:02:14.0707 3412 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
12:02:14.0738 3412 Winmgmt - ok
12:02:14.0863 3412 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
12:02:15.0003 3412 WinRM - ok
12:02:15.0159 3412 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
12:02:15.0206 3412 Wlansvc - ok
12:02:15.0206 3412 wltrysvc - ok
12:02:15.0300 3412 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:02:15.0315 3412 WmiAcpi - ok
12:02:15.0440 3412 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
12:02:15.0471 3412 wmiApSrv - ok
12:02:15.0737 3412 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
12:02:15.0783 3412 WMPNetworkSvc - ok
12:02:15.0846 3412 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
12:02:15.0877 3412 WPCSvc - ok
12:02:16.0064 3412 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
12:02:16.0095 3412 WPDBusEnum - ok
12:02:16.0220 3412 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
12:02:16.0236 3412 WpdUsb - ok
12:02:16.0688 3412 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:02:16.0719 3412 WPFFontCache_v0400 - ok
12:02:16.0766 3412 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:02:16.0813 3412 ws2ifsl - ok
12:02:16.0875 3412 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
12:02:16.0907 3412 wscsvc - ok
12:02:16.0907 3412 WSearch - ok
12:02:17.0125 3412 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
12:02:17.0203 3412 wuauserv - ok
12:02:17.0609 3412 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:02:17.0655 3412 WUDFRd - ok
12:02:17.0796 3412 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
12:02:17.0843 3412 wudfsvc - ok
12:02:17.0843 3412 yksvc - ok
12:02:17.0999 3412 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
12:02:18.0014 3412 yukonwlh - ok
12:02:18.0092 3412 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
12:02:19.0247 3412 \Device\Harddisk0\DR0 - ok
12:02:19.0325 3412 Boot (0x1200) (6cd61c58db72a28acdc82de03a11535a) \Device\Harddisk0\DR0\Partition0
12:02:19.0340 3412 \Device\Harddisk0\DR0\Partition0 - ok
12:02:19.0371 3412 Boot (0x1200) (9aa9370c0011398c1cbb542e7d8b7b98) \Device\Harddisk0\DR0\Partition1
12:02:19.0371 3412 \Device\Harddisk0\DR0\Partition1 - ok
12:02:19.0371 3412 ============================================================
12:02:19.0371 3412 Scan finished
12:02:19.0371 3412 ============================================================
12:02:19.0387 3804 Detected object count: 8
12:02:19.0387 3804 Actual detected object count: 8
12:02:48.0949 3804 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:48.0949 3804 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:02:48.0949 3804 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:48.0949 3804 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:02:48.0965 3804 MarvinBus ( UnsignedFile.Multi.Generic ) - skipped by user
12:02:48.0965 3804 MarvinBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:02:48.0965 3804 MpKsl0cd16913 ( ForgedFile.Multi.Generic ) - skipped by user
12:02:48.0965 3804 MpKsl0cd16913 ( ForgedFile.Multi.Generic ) - User select action: Skip
12:02:48.0965 3804 MpKsl7816b24b ( ForgedFile.Multi.Generic ) - skipped by user
12:02:48.0965 3804 MpKsl7816b24b ( ForgedFile.Multi.Generic ) - User select action: Skip
12:02:48.0965 3804 MpKsl930dc5f4 ( ForgedFile.Multi.Generic ) - skipped by user
12:02:48.0965 3804 MpKsl930dc5f4 ( ForgedFile.Multi.Generic ) - User select action: Skip
12:02:48.0965 3804 MpKsle7ee57eb ( ForgedFile.Multi.Generic ) - skipped by user
12:02:48.0965 3804 MpKsle7ee57eb ( ForgedFile.Multi.Generic ) - User select action: Skip
12:02:48.0965 3804 MpKslfb2b28ba ( ForgedFile.Multi.Generic ) - skipped by user
12:02:48.0965 3804 MpKslfb2b28ba ( ForgedFile.Multi.Generic ) - User select action: Skip
12:03:39.0587 0880 Deinitialize success

----------

Oh and regarding the Checkup.txt from the last post I made....should I defragment my computer drive? Thanks for the help....and I understand XD I won't bump anymore.

**eddie5659** · 08-Jul-2012, 12:31 PM #8

Hi

Yep, a defrag may help the computer, as if its too fragmented, the hard drive has to work harder to find all the 'parts' of a program

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Select All Users

Please copy the text in the code box below and paste it in the Custom Scans/Fixes box in OTL:

Code:

netsvcs
activex
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%windir%\Installer\*.*
%windir%\system32\tasks\*.* /64
%systemroot%\Fonts\*.exe
%systemroot%\*. /mp /s
/md5start
consrv.dll
explorer.exe
winlogon.exe
regedit.exe
Userinit.exe
svchost.exe
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

12FindersKeepers · 10-Jul-2012, 12:49 AM #9

Sorry for the late reply....the OTL server was down for a bit. Got it working:

Extras.txt

OTL Extras logfile created on: 7/9/2012 9:15:42 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\sbetv 45\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.96 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 57.16% Memory free
4.16 Gb Paging File | 3.03 Gb Available in Paging File | 72.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.36 Gb Total Space | 43.12 Gb Free Space | 32.09% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 9.53 Gb Free Space | 65.04% Space Free | Partition Type: NTFS

Computer Name: SBETV45-PC | User Name: sbetv 45 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfil e]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProf ile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\FirewallRules]
"{02C9DE17-E935-491B-A64F-2D245739B3AF}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{0E2504A9-72A8-4B2A-80CB-1EA89B604E8E}" = protocol=6 | dir=in | app=c:\program files\common files\dell\vlc\vlc.exe |
"{0EE306A7-CA57-4AB6-87B0-BA8AE2801DB7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{15AD28F3-FB0B-4049-9035-D4D301D22AE7}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{1D749457-AEA0-48F4-91AE-A400B0DB5252}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2A191C10-9254-4DE4-AD0D-BA886A18E320}" = protocol=17 | dir=in | app=c:\program files\common files\dell\vlc\vlc.exe |
"{2FCBBDC2-B532-424C-94E4-6F40840F43FE}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{337C6C39-D1CC-4AB8-9A76-07EF6CD86EEC}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{3ADA5158-B274-4709-9634-6FD2A3786261}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{3C5A49A3-DE3E-46FB-85AA-8D7E425FF129}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{4B852C48-272E-4310-B203-0177E9B21A95}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4BD99CB8-037F-44DD-B355-2C30BC264472}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{66521DC2-CE94-41EC-BEA1-9FC9B4FB260C}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{72FB4E6E-7444-44EE-824C-B6679EFCE872}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 12\programs\umi.exe |
"{7A9145AC-0E51-4184-BC45-8505DDF22422}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7C6221EA-A315-4CFC-BB51-95D0D4ADC145}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{88C76049-4EB3-4615-A925-54963E6DAD41}" = protocol=6 | dir=in | app=c:\program files\common files\dell\advanced networking service\hnm_svc.exe |
"{8DC7969D-659B-4E68-8CA5-714C0B67068C}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{9DB9FDF9-4D64-4CAA-8F2B-56D4A260D0C8}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\rm.exe |
"{A0968315-898A-4C38-B8E7-A9189F6BD52B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A5FAF42F-4C0C-4464-9990-CA0CC49B887B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A6753653-5B57-41FC-886B-32CC55C9A893}" = protocol=17 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"{ABEB61C4-085A-4026-AF04-42435D4548C5}" = protocol=17 | dir=in | app=c:\program files\common files\dell\advanced networking service\hnm_svc.exe |
"{AFD1A7AF-FCFA-407D-9DA4-8D3BBBEA91CC}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B27B4A6E-6068-4A48-9E37-017AF28EEB04}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BAFF1592-9245-4D83-97D3-E171BCB609C3}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{EDF20B3B-E6F6-4EED-B98F-F6DE17C25FBF}" = protocol=6 | dir=in | app=c:\program files\dell remote access\ezi_ra.exe |
"{F522C668-5A52-4F8B-BC97-1345DD90AD31}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 12\programs\studio.exe |
"{FAA527C4-24D0-41AE-8BE5-EFA395198C09}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FEED2B73-7BD3-4F40-82B0-304A11B59F5D}" = dir=in | app=c:\program files\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{24ADC0E4-8D3E-40C4-9106-F2DE5E9112F1}" = EPSON Stylus CX7400 Series Scanner Driver Update
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{67330878-0617-41A9-A3B0-B5298E89E7BC}" = Pinnacle Winter Pack
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A9739666-2235-42F8-85D6-9B4005DC7951}" = Bing Bar
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"2Wire SetupWiz" = SBC Yahoo! DSL Home Networking Installer
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"Firebird SQL Server UK" = Firebird SQL Server - MAGIX Edition
"GoToAssist" = GoToAssist 8.0.0.514
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"MapleStory" = MapleStory
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"proDAD-Mercalli-1.0" = proDAD Mercalli 1.0
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-646801015-3057517687-3105904186-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/4/2012 4:47:27 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 31497

Error - 7/4/2012 4:47:27 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 31497

Error - 7/4/2012 4:47:29 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/4/2012 4:47:29 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 32948

Error - 7/4/2012 4:47:29 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 32948

Error - 7/4/2012 4:47:30 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/4/2012 4:47:30 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 33977

Error - 7/4/2012 4:47:30 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 33977

Error - 7/4/2012 4:47:31 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/4/2012 4:47:31 PM | Computer Name = SBETV45-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 34991

[ System Events ]
Error - 7/9/2012 7:35:53 PM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "MININT-EHC5ECF :0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.112 did
not allow the name to be claimed by this computer.

Error - 7/9/2012 7:35:59 PM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "HHF-CDC-JFM70L1:0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.116 did
not allow the name to be claimed by this computer.

Error - 7/9/2012 8:47:24 PM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "ALEXIS-PC :0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.110 did
not allow the name to be claimed by this computer.

Error - 7/9/2012 8:53:43 PM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "ALEXIS-PC :0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.110 did
not allow the name to be claimed by this computer.

Error - 7/9/2012 9:03:19 PM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "ALEXIS-PC :0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.110 did
not allow the name to be claimed by this computer.

Error - 7/10/2012 12:13:12 AM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "ALEXIS-PC :0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.110 did
not allow the name to be claimed by this computer.

Error - 7/10/2012 12:13:15 AM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "MININT-EHC5ECF :0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.112 did
not allow the name to be claimed by this computer.

Error - 7/10/2012 12:14:27 AM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "SNOOPY-PC :0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.137 did
not allow the name to be claimed by this computer.

Error - 7/10/2012 12:23:00 AM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "ALEXIS-PC :0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.110 did
not allow the name to be claimed by this computer.

Error - 7/10/2012 12:23:04 AM | Computer Name = SBETV45-PC | Source = netbt | ID = 4321
Description = The name "MININT-EHC5ECF :0" could not be registered on the interface
with IP address 192.168.1.120. The computer with the IP address 192.168.1.112 did
not allow the name to be claimed by this computer.

< End of report >

OTL.txt

OTL logfile created on: 7/9/2012 9:15:41 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\sbetv 45\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.96 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 57.16% Memory free
4.16 Gb Paging File | 3.03 Gb Available in Paging File | 72.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 134.36 Gb Total Space | 43.12 Gb Free Space | 32.09% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 9.53 Gb Free Space | 65.04% Space Free | Partition Type: NTFS

Computer Name: SBETV45-PC | User Name: sbetv 45 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/09 21:14:18 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\sbetv 45\Desktop\OTL.exe
PRC - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/04/16 17:49:06 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.382.0\SeaPort.EXE
PRC - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2009/11/13 14:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/05 15:19:10 | 000,824,560 | ---- | M] (Dell Inc.) -- c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
PRC - [2009/01/05 15:19:10 | 000,480,496 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Remote Access\ezi_ra.exe
PRC - [2008/12/14 21:13:50 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2008/12/14 21:13:46 | 000,241,746 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.ex e
PRC - [2008/12/14 21:13:30 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.e xe
PRC - [2008/09/23 20:09:52 | 001,295,656 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2008/09/23 20:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/09/03 22:29:18 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/09/03 22:29:10 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/09/03 22:29:10 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/09/03 22:29:10 | 000,046,376 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/23 12:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/05/07 15:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/05/07 15:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

========== Modules (No Company Name) ==========

MOD - [2012/06/19 20:23:36 | 015,880,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\e4ead33e7390326 a9814a511c566054b\MenuSkinning.ni.dll
MOD - [2012/06/19 20:23:11 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\53ff6fb64 982a15d164f25e727be6bb4\VistaBridgeLibrary.ni.dll
MOD - [2012/06/19 20:23:10 | 002,500,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\a2117f9d2b967019388 9149f0ec777d5\DellDock.ni.exe
MOD - [2012/06/19 20:23:07 | 000,274,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\d8dfd44874319430 9366caa97c215c21\MyDock.Util.ni.dll
MOD - [2012/06/19 20:23:03 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf2 0ff12c7f440837b\System.Web.ni.dll
MOD - [2012/06/19 20:22:47 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\663112d3 002034cf5126be253efff60d\System.Web.Services.ni.dll
MOD - [2012/06/19 19:35:49 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cf a7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/06/19 19:35:29 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c 657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/05/12 11:04:03 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5a b848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/05/12 11:03:50 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf 2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 11:03:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaa a03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/05/12 11:03:01 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a03114 5849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012/05/12 09:07:20 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9 056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/12 09:04:24 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31 935ef7d001b\System.ni.dll
MOD - [2012/05/12 09:03:28 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444 f8b551baa9cbf\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/11/13 14:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/11/13 14:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll
MOD - [2009/11/13 14:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/11/13 14:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll
MOD - [2009/11/13 14:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll
MOD - [2008/12/22 03:32:38 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2008/11/03 07:54:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll

========== Win32 Services (SafeList) ==========

SRV - [2012/07/04 15:24:56 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/16 17:49:06 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.382.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/04/16 17:49:06 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.382.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/04/16 21:34:18 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/01/05 15:19:10 | 000,824,560 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2008/12/14 21:13:46 | 000,241,746 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.ex e -- (STacSV)
SRV - [2008/12/14 21:13:30 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.e xe -- (AESTFilters)
SRV - [2008/09/23 20:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/05/07 15:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/20 19:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005/11/17 12:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7894F71F-D515-458F-B13B-9BF0133C217E}\MpKslff758f63.sys -- (MpKslff758f63)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D3D075CE-D7A4-4EAC-AE07-AEC9B4F294D7}\MpKsld9296210.sys -- (MpKsld9296210)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A33D4720-FDDD-4B65-A78A-FD16A480B7CA}\MpKslca246bd7.sys -- (MpKslca246bd7)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43D05BE9-72A0-4739-88E0-12F3AD0ECC63}\MpKslb7bc710a.sys -- (MpKslb7bc710a)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7A4B302-B307-46FF-9DDE-5E80ED987E5C}\MpKsla11cf7bb.sys -- (MpKsla11cf7bb)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89D6808A-FFA3-47E4-B581-E2514B65866E}\MpKsl9cac146f.sys -- (MpKsl9cac146f)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7A4B302-B307-46FF-9DDE-5E80ED987E5C}\MpKsl955ee223.sys -- (MpKsl955ee223)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89D6808A-FFA3-47E4-B581-E2514B65866E}\MpKsl8bef60fb.sys -- (MpKsl8bef60fb)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0B2DA231-BCA7-4A76-9E20-FE44FD63B2DB}\MpKsl83e5224d.sys -- (MpKsl83e5224d)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E051CFA5-5372-49EC-BCA0-0B9DFCEBF0BB}\MpKsl77c355e6.sys -- (MpKsl77c355e6)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{97C81E7B-C351-497D-8D50-3F333AB423DE}\MpKsl67f629ec.sys -- (MpKsl67f629ec)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E38FDB35-2EF7-4757-A1E0-14BE3863BF68}\MpKsl604f3001.sys -- (MpKsl604f3001)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B386422E-F992-4A2D-B625-21ABA1BFC034}\MpKsl5b54688f.sys -- (MpKsl5b54688f)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1765BF74-4FCC-4740-80D5-583D0DF1D262}\MpKsl49269eae.sys -- (MpKsl49269eae)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{96E1E807-24E6-4013-8DDE-9ABF565F3404}\MpKsl4520ecbb.sys -- (MpKsl4520ecbb)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{661FE33E-1DD1-4924-9BA1-82928B858F84}\MpKsl3fb4efde.sys -- (MpKsl3fb4efde)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{97C81E7B-C351-497D-8D50-3F333AB423DE}\MpKsl33da49c2.sys -- (MpKsl33da49c2)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43D05BE9-72A0-4739-88E0-12F3AD0ECC63}\MpKsl328be7e7.sys -- (MpKsl328be7e7)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{96E1E807-24E6-4013-8DDE-9ABF565F3404}\MpKsl3232f0b3.sys -- (MpKsl3232f0b3)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2B0EAF3B-B431-47F1-AC51-533F80A9D8A9}\MpKsl11b72986.sys -- (MpKsl11b72986)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1765BF74-4FCC-4740-80D5-583D0DF1D262}\MpKsl0c27eaf7.sys -- (MpKsl0c27eaf7)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\SBETV4~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/03/17 12:12:45 | 000,028,752 | ---- | M] () [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl0cd16913.sys -- (MpKsl0cd16913)
DRV - [2012/03/17 11:57:20 | 000,028,752 | ---- | M] () [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl7816b24b.sys -- (MpKsl7816b24b)
DRV - [2012/03/17 11:54:04 | 000,028,752 | ---- | M] () [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsl930dc5f4.sys -- (MpKsl930dc5f4)
DRV - [2012/03/17 11:51:09 | 000,028,752 | ---- | M] () [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKsle7ee57eb.sys -- (MpKsle7ee57eb)
DRV - [2012/03/17 11:44:00 | 000,028,752 | ---- | M] () [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CFCE5504-FD48-408D-B6C6-6439EF4FCC56}\MpKslfb2b28ba.sys -- (MpKslfb2b28ba)
DRV - [2010/10/24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2008/12/22 03:32:18 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/12/14 21:13:54 | 000,393,216 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/09/03 22:29:08 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/06/17 09:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/01/20 19:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/02/08 06:45:00 | 000,029,184 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ActionReplayDS.sys -- (ActionReplayDS)
DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2005/09/23 21:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {B4118B76-F97B-48CC-9434-DA4FDC84418F}
IE - HKLM\..\SearchScopes\{B4118B76-F97B-48CC-9434-DA4FDC84418F}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]

IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=WLEM&ocid=bb7hp
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\..\SearchScopes,DefaultScope = {B4118B76-F97B-48CC-9434-DA4FDC84418F}
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\..\SearchScopes\{4E47B125-89B0-4A39-9168-29C00A325047}: "URL" = http://delicious.com/search?p={searchTerms}
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\..\SearchScopes\{B4118B76-F97B-48CC-9434-DA4FDC84418F}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\..\SearchScopes\{B72064A2-D918-4327-BF34-3831077DA775}: "URL" = http://www.flickr.com/search/?q={searchTerms}
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\..\SearchScopes\{E2DBB9B9-497D-4FC4-9A34-D2DB5486C5CC}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie8
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\..\SearchScopes\{EFE6E0A4-2238-49EF-9CA2-70690D61F601}: "URL" = http://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Program Files\Sony Online Entertainment\npsoe.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\sbetv 45\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\sbetv 45\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google

rigi nalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:ins tantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\sbetv 45\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginC hrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\sbetv 45\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\sbetv 45\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\Program Files\Sony Online Entertainment\npsoe.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Google Update (Enabled) = C:\Users\sbetv 45\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\sbetv 45\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\sbetv 45\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\sbetv 45\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10297_0\
CHR - Extension: Gmail = C:\Users\sbetv 45\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CD292324-974F-4224-D074-CACA427AA030} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CD292324-974F-4224-D074-CACA427AA030} - No CLSID value found.
O3 - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.7.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43932D4B-2172-4F15-B7AD-BFE8C82A04B1}: DhcpNameServer = 192.168.7.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE670C0D-A501-449F-B31D-1BEF95EEF805}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
ActiveX: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} - Reg Error: Value error.
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - Reg Error: Value error.
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\Windows\system32\rundll32.exe C:\Windows\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EE330FEC-4206-4FD0-891C-7216477A74B3} - NoIE8Tour
ActiveX: {F390FCA4-7CCF-4A1A-A849-C381E489A3CA} - Yahoo! Search Settings Update
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX: >{BACE1B6A-59FC-4B3A-92B9-8C2D21755165} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/09 21:14:15 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\sbetv 45\Desktop\OTL.exe
[2012/07/07 12:25:21 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/07 12:25:21 | 000,000,000 | ---D | C] -- C:\Users\sbetv 45\AppData\Local\temp
[2012/07/07 12:24:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/07 12:12:11 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/07 12:12:11 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/07 12:12:11 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/07 12:12:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/07 12:11:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/07 12:09:12 | 004,574,136 | R--- | C] (Swearware) -- C:\Users\sbetv 45\Desktop\alexis123.exe
[2012/07/07 11:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/07/07 11:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/04 19:49:17 | 000,000,000 | ---D | C] -- C:\Users\sbetv 45\AppData\Roaming\Skype
[2012/07/04 19:48:51 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/07/04 19:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/07/04 19:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/07/04 19:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/07/04 17:08:51 | 000,000,000 | ---D | C] -- C:\Users\sbetv 45\AppData\Roaming\SUPERAntiSpyware.com
[2012/07/04 17:08:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/07/04 12:04:47 | 000,000,000 | ---D | C] -- C:\Users\sbetv 45\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/07/04 12:02:45 | 000,000,000 | ---D | C] -- C:\Users\sbetv 45\AppData\Local\Apps
[2012/07/04 12:02:44 | 000,000,000 | ---D | C] -- C:\Users\sbetv 45\AppData\Local\Deployment
[2012/06/21 11:02:47 | 000,000,000 | ---D | C] -- C:\Nexon
[2009/07/31 15:13:02 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\sbetv 45\AppData\Roaming\DataSafeDotNet.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/09 21:14:18 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\sbetv 45\Desktop\OTL.exe
[2012/07/09 21:12:17 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-646801015-3057517687-3105904186-1000UA.job
[2012/07/09 21:12:10 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/09 21:12:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/09 18:00:00 | 000,000,448 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2012/07/09 17:47:00 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/09 17:47:00 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/09 12:08:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-646801015-3057517687-3105904186-1000Core.job
[2012/07/08 21:59:45 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F2018F0D-A0FB-46E3-9DF5-F15EB19FD11C}.job
[2012/07/08 20:42:29 | 000,002,073 | ---- | M] () -- C:\Users\sbetv 45\Desktop\Google Chrome.lnk
[2012/07/07 12:09:33 | 004,574,136 | R--- | M] (Swearware) -- C:\Users\sbetv 45\Desktop\alexis123.exe
[2012/07/07 12:08:51 | 000,000,512 | ---- | M] () -- C:\Users\sbetv 45\Desktop\MBR.dat
[2012/07/04 19:48:51 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/07/04 17:35:44 | 000,002,642 | ---- | M] () -- C:\Users\sbetv 45\AppData\Roaming\wklnhst.dat
[2012/07/04 15:20:11 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/04 12:12:18 | 000,000,104 | ---- | M] () -- C:\Users\sbetv 45\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet - Shortcut.lnk
[2012/06/21 11:11:50 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\MapleStory.url
[2012/06/19 19:29:58 | 000,369,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/17 15:08:15 | 000,606,602 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/17 15:08:15 | 000,105,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/08 20:42:29 | 000,002,073 | ---- | C] () -- C:\Users\sbetv 45\Desktop\Google Chrome.lnk
[2012/07/07 12:12:11 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/07 12:12:11 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/07 12:12:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/07 12:12:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/07 12:12:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/07 12:08:51 | 000,000,512 | ---- | C] () -- C:\Users\sbetv 45\Desktop\MBR.dat
[2012/07/04 19:48:51 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/07/04 12:12:18 | 000,000,104 | ---- | C] () -- C:\Users\sbetv 45\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet - Shortcut.lnk
[2012/07/04 12:03:13 | 000,000,920 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-646801015-3057517687-3105904186-1000UA.job
[2012/07/04 12:03:12 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-646801015-3057517687-3105904186-1000Core.job
[2012/06/21 11:11:49 | 000,000,204 | ---- | C] () -- C:\Users\Public\Desktop\MapleStory.url
[2010/09/01 19:44:07 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/09/01 19:44:06 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/09/01 19:44:06 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/09/01 19:44:06 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/09/01 19:44:06 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/09/01 19:44:06 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/09/01 19:44:06 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/09/01 19:44:06 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/09/01 19:44:06 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/09/01 19:44:06 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/09/01 19:44:06 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/09/01 19:44:06 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/09/01 19:44:06 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/09/01 19:44:06 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/09/01 19:44:06 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/09/01 19:44:06 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/09/01 19:43:02 | 000,000,053 | ---- | C] () -- C:\Windows\EPSCX7400.ini
[2010/06/30 13:21:31 | 000,000,552 | ---- | C] () -- C:\Users\sbetv 45\AppData\Local\d3d8caps.dat
[2009/08/09 11:57:37 | 000,006,756 | ---- | C] () -- C:\Users\sbetv 45\AppData\Local\d3d9caps.dat
[2009/05/06 18:47:04 | 000,002,642 | ---- | C] () -- C:\Users\sbetv 45\AppData\Roaming\wklnhst.dat
[2009/04/21 21:13:58 | 000,014,336 | ---- | C] () -- C:\Users\sbetv 45\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2009/04/28 21:38:31 | 000,000,000 | ---D | M] -- C:\Users\sbetv 45\AppData\Roaming\DriverCure
[2010/09/17 07:07:06 | 000,000,000 | ---D | M] -- C:\Users\sbetv 45\AppData\Roaming\EPSON
[2009/04/28 20:32:32 | 000,000,000 | ---D | M] -- C:\Users\sbetv 45\AppData\Roaming\MAGIX
[2010/12/12 20:10:30 | 000,000,000 | ---D | M] -- C:\Users\sbetv 45\AppData\Roaming\Neopets Toolbar
[2010/12/12 20:31:47 | 000,000,000 | ---D | M] -- C:\Users\sbetv 45\AppData\Roaming\PCDr
[2009/05/01 22:26:20 | 000,000,000 | ---D | M] -- C:\Users\sbetv 45\AppData\Roaming\proDAD
[2009/05/06 18:47:05 | 000,000,000 | ---D | M] -- C:\Users\sbetv 45\AppData\Roaming\Template
[2012/07/09 18:00:00 | 000,000,448 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2010/03/11 23:33:36 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2012/07/09 10:19:33 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/08 21:59:45 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F2018F0D-A0FB-46E3-9DF5-F15EB19FD11C}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2012/07/07 12:24:28 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010/08/30 12:37:20 | 000,000,000 | ---D | M] -- C:\boot
[2011/03/13 12:34:18 | 000,000,000 | ---D | M] -- C:\DELL
[2009/04/21 17:48:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2008/09/01 03:15:54 | 000,000,000 | ---D | M] -- C:\Drivers
[2009/02/24 21:24:33 | 000,000,000 | ---D | M] -- C:\EFI
[2010/09/17 20:20:58 | 000,000,000 | ---D | M] -- C:\found.000
[2009/04/16 21:24:12 | 000,000,000 | ---D | M] -- C:\Intel
[2009/04/25 10:38:06 | 000,000,000 | R--D | M] -- C:\MSOCache
[2009/04/28 21:12:53 | 000,000,000 | ---D | M] -- C:\MyWorks
[2012/06/21 11:02:47 | 000,000,000 | ---D | M] -- C:\Nexon
[2008/01/20 19:43:50 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/07/07 11:29:19 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/07/07 11:54:35 | 000,000,000 | ---D | M] -- C:\ProgramData
[2012/07/07 12:25:22 | 000,000,000 | ---D | M] -- C:\Qoobox
[2012/07/09 21:19:44 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009/04/21 17:51:54 | 000,000,000 | R--D | M] -- C:\Users
[2012/07/07 12:25:21 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %windir%\Installer\*.* >
[2006/11/20 14:37:36 | 006,553,088 | R--- | M] () -- C:\Windows\Installer\100120b5.msp
[2007/09/12 14:37:22 | 000,344,064 | R--- | M] () -- C:\Windows\Installer\100120ce.msp
[2007/09/12 14:37:44 | 012,836,864 | R--- | M] () -- C:\Windows\Installer\100120cf.msp
[2008/06/04 11:29:48 | 016,905,728 | R--- | M] () -- C:\Windows\Installer\100120d9.msp
[2008/07/30 06:50:56 | 012,506,112 | R--- | M] () -- C:\Windows\Installer\100120ea.msp
[2009/05/07 23:41:11 | 000,140,288 | ---- | M] () -- C:\Windows\Installer\10012100.msi
[2008/04/24 08:22:08 | 004,275,712 | R--- | M] () -- C:\Windows\Installer\10012109.msp
[2011/08/11 14:39:10 | 001,769,984 | ---- | M] () -- C:\Windows\Installer\110878.msi
[2010/11/20 23:33:46 | 001,980,928 | R--- | M] () -- C:\Windows\Installer\1134ad.msp
[2011/01/11 17:50:38 | 008,177,152 | R--- | M] () -- C:\Windows\Installer\1134b6.msp
[2012/05/19 00:45:05 | 000,447,488 | ---- | M] () -- C:\Windows\Installer\15728.msi
[2009/09/29 07:08:12 | 006,747,648 | R--- | M] () -- C:\Windows\Installer\15f899.msp
[2008/08/11 09:49:32 | 022,457,344 | R--- | M] () -- C:\Windows\Installer\15f8a2.msp
[2009/04/21 21:14:27 | 000,648,192 | ---- | M] () -- C:\Windows\Installer\19f73c.msi
[2008/12/13 07:58:22 | 000,754,688 | R--- | M] () -- C:\Windows\Installer\19f747.msp
[2011/04/29 12:30:12 | 001,197,056 | R--- | M] () -- C:\Windows\Installer\1a0fcf.msp
[2011/03/17 20:01:58 | 009,563,648 | R--- | M] () -- C:\Windows\Installer\1a0fe2.msp
[2011/02/11 08:43:44 | 010,951,168 | R--- | M] () -- C:\Windows\Installer\1a0ff7.msp
[2011/04/29 12:33:30 | 008,173,568 | R--- | M] () -- C:\Windows\Installer\1a0fff.msp
[2011/05/17 18:28:52 | 006,862,848 | R--- | M] () -- C:\Windows\Installer\1a100c.msp
[2011/02/24 09:38:52 | 010,984,448 | R--- | M] () -- C:\Windows\Installer\1a1016.msp
[2011/06/22 10:43:24 | 000,223,744 | ---- | M] () -- C:\Windows\Installer\1a1029.msi
[2011/04/29 12:28:40 | 001,995,264 | R--- | M] () -- C:\Windows\Installer\1a1031.msp
[2011/05/24 16:27:26 | 000,060,928 | R--- | M] () -- C:\Windows\Installer\1a1041.msp
[2009/11/27 02:00:46 | 000,429,568 | ---- | M] () -- C:\Windows\Installer\20ffcbe9.msi
[2009/05/01 21:32:45 | 004,324,864 | ---- | M] () -- C:\Windows\Installer\2ed9887d.msi
[2010/10/14 17:57:14 | 011,189,248 | R--- | M] () -- C:\Windows\Installer\30a1b4.msp
[2010/09/17 07:04:16 | 009,401,856 | R--- | M] () -- C:\Windows\Installer\30a1bd.msp
[2009/12/11 21:01:58 | 003,751,424 | R--- | M] () -- C:\Windows\Installer\342c27.msp
[2011/10/26 16:38:54 | 002,830,848 | R--- | M] () -- C:\Windows\Installer\3b9553.msp
[2008/10/25 07:15:10 | 006,227,456 | R--- | M] () -- C:\Windows\Installer\3c4cf0d.msp
[2008/11/19 07:01:40 | 003,732,480 | R--- | M] () -- C:\Windows\Installer\3c4cf17.msp
[2010/03/23 17:57:20 | 004,782,080 | ---- | M] () -- C:\Windows\Installer\3c98085c.msi
[2012/07/04 19:48:59 | 001,648,640 | ---- | M] () -- C:\Windows\Installer\44ca56.msi
[2012/07/04 19:50:09 | 001,259,008 | ---- | M] () -- C:\Windows\Installer\44ca5c.msi
[2009/08/01 14:23:34 | 000,248,832 | ---- | M] () -- C:\Windows\Installer\4b88a.msi
[2009/08/01 14:24:07 | 000,195,584 | ---- | M] () -- C:\Windows\Installer\4b890.msi
[2012/04/05 14:39:07 | 001,530,368 | ---- | M] () -- C:\Windows\Installer\511cb.msi
[2012/04/05 14:39:33 | 002,002,432 | ---- | M] () -- C:\Windows\Installer\511f1.msi
[2012/04/05 14:42:24 | 001,718,784 | ---- | M] () -- C:\Windows\Installer\5123d.msi
[2009/07/27 03:31:24 | 003,738,624 | R--- | M] () -- C:\Windows\Installer\5177d.msp
[2009/04/24 11:38:18 | 001,229,312 | R--- | M] () -- C:\Windows\Installer\5178d.msp
[2009/04/04 06:35:30 | 038,325,760 | R--- | M] () -- C:\Windows\Installer\517af.msp
[2009/04/24 11:30:16 | 002,583,552 | R--- | M] () -- C:\Windows\Installer\517ba.msp
[2009/04/24 11:31:18 | 001,425,920 | R--- | M] () -- C:\Windows\Installer\517c5.msp
[2009/08/18 11:58:56 | 008,301,056 | R--- | M] () -- C:\Windows\Installer\517d6.msp
[2009/04/04 06:35:48 | 036,977,152 | R--- | M] () -- C:\Windows\Installer\517e1.msp
[2011/09/15 18:37:40 | 037,148,160 | R--- | M] () -- C:\Windows\Installer\51c44.msp
[2011/09/15 18:37:32 | 038,176,256 | R--- | M] () -- C:\Windows\Installer\51c60.msp
[2011/11/21 23:07:36 | 017,191,936 | R--- | M] () -- C:\Windows\Installer\51c86.msp
[2012/04/05 14:48:10 | 004,288,000 | ---- | M] () -- C:\Windows\Installer\51e23.msi
[2011/05/18 23:55:38 | 019,624,448 | R--- | M] () -- C:\Windows\Installer\522b1.msp
[2011/04/28 11:54:26 | 002,720,768 | R--- | M] () -- C:\Windows\Installer\522bd.msp
[2011/07/27 08:39:50 | 009,892,352 | R--- | M] () -- C:\Windows\Installer\522c5.msp
[2011/04/06 19:43:30 | 123,313,664 | R--- | M] () -- C:\Windows\Installer\522e3.msp
[2011/09/06 22:48:02 | 008,181,248 | R--- | M] () -- C:\Windows\Installer\522eb.msp
[2011/07/11 18:19:28 | 010,619,904 | R--- | M] () -- C:\Windows\Installer\522f8.msp
[2011/08/10 18:42:04 | 007,070,208 | R--- | M] () -- C:\Windows\Installer\52300.msp
[2011/07/26 17:33:48 | 010,984,448 | R--- | M] () -- C:\Windows\Installer\52322.msp
[2011/08/10 18:43:30 | 003,795,968 | R--- | M] () -- C:\Windows\Installer\5232b.msp
[2012/04/28 21:43:58 | 008,459,264 | R--- | M] () -- C:\Windows\Installer\55f86.msp
[2012/03/19 22:02:30 | 006,695,936 | R--- | M] () -- C:\Windows\Installer\55f90.msp
[2011/12/15 13:40:40 | 023,374,336 | R--- | M] () -- C:\Windows\Installer\55fa5.msp
[2012/04/04 22:38:16 | 003,620,864 | R--- | M] () -- C:\Windows\Installer\55fad.msp
[2012/01/19 13:37:24 | 008,999,936 | R--- | M] () -- C:\Windows\Installer\55fbf.msp
[2011/12/22 16:50:54 | 000,256,000 | R--- | M] () -- C:\Windows\Installer\55fc9.msp
[2012/04/04 22:38:44 | 002,831,360 | R--- | M] () -- C:\Windows\Installer\55fd2.msp
[2012/02/22 15:17:30 | 002,221,568 | ---- | M] () -- C:\Windows\Installer\58094.msp
[2009/04/16 21:20:21 | 000,228,352 | ---- | M] () -- C:\Windows\Installer\5c661.msi
[2009/04/16 21:20:48 | 000,371,200 | ---- | M] () -- C:\Windows\Installer\5c667.msi
[2009/04/16 21:20:49 | 000,370,176 | ---- | M] () -- C:\Windows\Installer\5c66d.msi
[2009/04/16 21:20:50 | 000,369,664 | ---- | M] () -- C:\Windows\Installer\5c673.msi
[2012/04/22 22:37:42 | 001,182,720 | R--- | M] () -- C:\Windows\Installer\5cacca.msp
[2012/03/15 13:43:28 | 004,216,320 | R--- | M] () -- C:\Windows\Installer\5cacd4.msp
[2008/10/20 09:18:14 | 006,474,240 | R--- | M] () -- C:\Windows\Installer\62295.msp
[2007/07/21 12:26:34 | 007,574,016 | R--- | M] () -- C:\Windows\Installer\6229d.msp
[2009/02/25 18:07:14 | 011,646,464 | R--- | M] () -- C:\Windows\Installer\622ad.msp
[2009/08/25 09:59:58 | 003,731,456 | R--- | M] () -- C:\Windows\Installer\622b7.msp
[2008/06/19 17:28:04 | 001,573,376 | R--- | M] () -- C:\Windows\Installer\622c1.msp
[2008/08/11 10:51:14 | 015,916,544 | R--- | M] () -- C:\Windows\Installer\622d1.msp
[2008/09/24 11:05:44 | 016,381,440 | R--- | M] () -- C:\Windows\Installer\622e0.msp
[2012/07/07 11:52:09 | 000,863,744 | ---- | M] () -- C:\Windows\Installer\63297.msi
[2012/07/07 11:54:34 | 000,176,128 | ---- | M] () -- C:\Windows\Installer\6329d.msi
[2011/11/11 17:16:20 | 008,458,240 | R--- | M] () -- C:\Windows\Installer\6397e.msp
[2011/11/01 14:34:30 | 002,531,840 | R--- | M] () -- C:\Windows\Installer\63987.msp
[2011/11/01 14:34:28 | 002,247,168 | R--- | M] () -- C:\Windows\Installer\63997.msp
[2011/11/01 14:34:30 | 001,552,384 | R--- | M] () -- C:\Windows\Installer\639b8.msp
[2007/10/14 22:59:26 | 026,614,784 | R--- | M] () -- C:\Windows\Installer\6444d.msp
[2007/10/14 22:33:24 | 026,646,016 | R--- | M] () -- C:\Windows\Installer\64457.msp
[2009/02/12 10:58:48 | 000,549,888 | R--- | M] () -- C:\Windows\Installer\6650a.msp
[2009/05/14 10:34:28 | 003,730,944 | R--- | M] () -- C:\Windows\Installer\66525.msp
[2010/08/25 17:06:30 | 006,479,360 | R--- | M] () -- C:\Windows\Installer\6767e.msp
[2009/04/24 01:01:38 | 000,432,640 | ---- | M] () -- C:\Windows\Installer\6819219.msi
[2010/07/10 20:14:14 | 002,850,816 | R--- | M] () -- C:\Windows\Installer\698cc.msp
[2010/07/09 17:28:46 | 002,151,424 | R--- | M] () -- C:\Windows\Installer\698df.msp
[2010/07/20 11:41:34 | 003,750,912 | R--- | M] () -- C:\Windows\Installer\698e8.msp
[2009/03/20 09:48:56 | 000,183,808 | R--- | M] () -- C:\Windows\Installer\69b2e.msp
[2010/02/20 23:00:02 | 008,480,768 | R--- | M] () -- C:\Windows\Installer\70055.msp
[2011/12/26 06:06:20 | 005,115,392 | R--- | M] () -- C:\Windows\Installer\73ab5.msp
[2011/12/25 06:40:46 | 000,819,200 | R--- | M] () -- C:\Windows\Installer\73abc.msp
[2010/04/24 15:10:46 | 008,486,400 | R--- | M] () -- C:\Windows\Installer\7de06.msp
[2010/04/24 15:09:46 | 011,750,912 | R--- | M] () -- C:\Windows\Installer\7de0f.msp
[2010/05/11 09:30:58 | 011,194,880 | R--- | M] () -- C:\Windows\Installer\7de20.msp
[2010/07/18 18:52:53 | 000,390,656 | ---- | M] () -- C:\Windows\Installer\85f915.msi
[2010/11/24 10:51:00 | 002,190,336 | ---- | M] () -- C:\Windows\Installer\8f8d2.msp
[2010/08/26 12:49:35 | 000,119,296 | ---- | M] () -- C:\Windows\Installer\ad049a.msi
[2010/03/22 14:03:14 | 011,732,992 | R--- | M] () -- C:\Windows\Installer\af647.msp
[2011/06/29 14:04:32 | 000,467,456 | ---- | M] () -- C:\Windows\Installer\b5ca42.msi
[2011/04/13 11:37:02 | 019,201,024 | R--- | M] () -- C:\Windows\Installer\b5ca50.msp
[2011/06/29 14:21:57 | 000,786,432 | ---- | M] () -- C:\Windows\Installer\b5ca5d.msi
[2010/11/24 10:51:00 | 002,190,336 | R--- | M] () -- C:\Windows\Installer\b5ca70.msp
[2011/03/25 09:03:44 | 005,079,552 | R--- | M] () -- C:\Windows\Installer\b5ca77.msp
[2010/09/02 13:28:26 | 003,749,376 | R--- | M] () -- C:\Windows\Installer\bfc21.msp
[2010/09/23 22:02:28 | 000,798,208 | R--- | M] () -- C:\Windows\Installer\bfc29.msp
[2010/10/07 19:43:04 | 001,980,416 | R--- | M] () -- C:\Windows\Installer\bfc32.msp
[2010/08/13 19:02:20 | 002,545,664 | R--- | M] () -- C:\Windows\Installer\bfc3b.msp
[2010/08/13 18:59:46 | 008,182,272 | R--- | M] () -- C:\Windows\Installer\bfc44.msp
[2010/06/27 01:03:55 | 001,160,192 | ---- | M] () -- C:\Windows\Installer\d547a.msi
[2009/04/25 10:38:55 | 000,886,272 | ---- | M] () -- C:\Windows\Installer\db8c980.msi
[2009/04/16 21:23:59 | 001,792,512 | ---- | M] () -- C:\Windows\Installer\f6ef.msi
[2009/04/16 21:26:29 | 000,024,576 | ---- | M] () -- C:\Windows\Installer\f6fc.msi
[2009/04/16 21:26:46 | 000,020,992 | ---- | M] () -- C:\Windows\Installer\f702.msi
[2009/04/16 21:30:14 | 008,440,832 | ---- | M] () -- C:\Windows\Installer\f707.msi
[2009/04/16 21:30:47 | 000,360,448 | ---- | M] () -- C:\Windows\Installer\f70c.msi
[2009/04/16 21:30:59 | 000,355,840 | ---- | M] () -- C:\Windows\Installer\f711.msi
[2009/04/16 21:38:27 | 001,500,672 | ---- | M] () -- C:\Windows\Installer\f74d.msi
[2009/04/16 21:45:59 | 000,301,056 | ---- | M] () -- C:\Windows\Installer\f758.msi
[2009/04/16 21:46:16 | 000,107,008 | ---- | M] () -- C:\Windows\Installer\f75e.msi
[2009/04/16 21:46:57 | 000,059,904 | ---- | M] () -- C:\Windows\Installer\f764.msi
[2009/04/16 21:47:23 | 000,202,752 | ---- | M] () -- C:\Windows\Installer\f770.msi
[2009/04/16 21:47:44 | 000,028,160 | ---- | M] () -- C:\Windows\Installer\f77c.msi
[2009/04/16 21:47:48 | 000,025,088 | ---- | M] () -- C:\Windows\Installer\f782.msi
[2009/04/16 21:48:09 | 000,023,040 | ---- | M] () -- C:\Windows\Installer\f790.msi
[2009/04/16 21:48:38 | 000,736,768 | ---- | M] () -- C:\Windows\Installer\f796.msi
[2009/04/16 21:51:41 | 000,891,904 | ---- | M] () -- C:\Windows\Installer\f79c.msi
[2009/04/16 21:52:13 | 000,464,896 | ---- | M] () -- C:\Windows\Installer\f7a2.msi
[2009/04/16 21:52:26 | 000,781,824 | ---- | M] () -- C:\Windows\Installer\f7a8.msi
[2009/04/16 21:52:42 | 000,483,328 | ---- | M] () -- C:\Windows\Installer\f7b5.msi
[2009/04/16 21:52:52 | 000,727,040 | ---- | M] () -- C:\Windows\Installer\f7bb.msi
[2009/04/16 21:53:04 | 000,570,368 | ---- | M] () -- C:\Windows\Installer\f7c7.msi
[2009/04/16 21:56:47 | 001,785,856 | ---- | M] () -- C:\Windows\Installer\f7d9.msi
[2009/04/16 22:00:11 | 001,195,520 | ---- | M] () -- C:\Windows\Installer\f7de.msi
[2012/02/26 01:00:25 | 000,219,648 | ---- | M] () -- C:\Windows\Installer\fcc39.msi
[2010/12/12 20:55:52 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{308B6AEA-DE50-4666-996D-0FA461719D6B}.SchedServiceConfig.rmi
[2012/06/17 15:08:48 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{3C3901C5-3455-3E0A-A214-0B093A5070A6}.SchedServiceConfig.rmi
[2011/02/06 13:41:43 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}.SchedServiceConfig.rmi
[2011/06/29 14:21:40 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{774088D4-0777-4D78-904D-E435B318F5D2}.SchedServiceConfig.rmi
[2011/11/25 22:21:22 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{8153ED9A-C94A-426E-9880-5E6775C08B62}.SchedServiceConfig.rmi
[2010/07/11 20:25:35 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{85991ED2-010C-4930-96FA-52F43C2CE98A}.SchedServiceConfig.rmi
[2010/05/15 23:28:51 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}.SchedServiceConfig.rmi
[2009/10/12 01:42:29 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}.SchedServiceConfig.rmi
[2009/05/18 09:51:14 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{AFA20D47-69C3-4030-8DF8-D37466E70F13}.SchedServiceConfig.rmi
[2010/04/04 18:31:15 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{B5C3B892-0849-476C-9F46-B12F84819D57}.SchedServiceConfig.rmi
[2011/06/21 10:30:42 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{C23CD6DA-1958-43A5-ADD0-59396572E02E}.SchedServiceConfig.rmi
[2009/07/31 15:34:13 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}.SchedServiceConfig.rmi
[2010/09/12 12:26:56 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}.SchedServiceConfig.rmi
[2012/04/05 14:42:23 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}.SchedServiceConfig.rmi

< %windir%\system32\tasks\*.* /64 >
[2012/07/04 15:24:59 | 000,003,682 | ---- | M] () -- C:\Windows\system32\tasks\Adobe Flash Player Updater
[2012/07/04 12:03:13 | 000,003,414 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-646801015-3057517687-3105904186-1000Core
[2012/07/04 12:03:14 | 000,003,810 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-646801015-3057517687-3105904186-1000UA
[2009/04/16 21:21:12 | 000,003,074 | ---- | M] () -- C:\Windows\system32\tasks\Launch BCM WLAN Tray
[2009/04/28 21:37:59 | 000,003,118 | ---- | M] () -- C:\Windows\system32\tasks\ParetoLogic Registration
[2010/03/11 23:33:05 | 000,003,240 | ---- | M] () -- C:\Windows\system32\tasks\ParetoLogic Update Version2
[2012/07/08 21:59:46 | 000,003,978 | ---- | M] () -- C:\Windows\system32\tasks\User_Feed_Synchronization-{F2018F0D-A0FB-46E3-9DF5-F15EB19FD11C}
[2009/04/21 18:16:25 | 000,002,954 | ---- | M] () -- C:\Windows\system32\tasks\{532D699D-35A7-4501-85CC-EE8A4685288C}

< %systemroot%\Fonts\*.exe >

< %systemroot%\*. /mp /s >

< MD5 for: EXPLORER.EXE >
[2009/04/16 23:46:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009/04/16 23:46:17 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009/04/16 23:46:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\erdnt\cache\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009/04/16 23:46:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 19:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: REGEDIT.EXE >
[2008/01/20 19:34:42 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\erdnt\cache\regedit.exe
[2008/01/20 19:34:42 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
[2008/01/20 19:34:42 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/01/20 19:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\erdnt\cache\svchost.exe
[2008/01/20 19:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 19:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 19:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\erdnt\cache\userinit.exe
[2008/01/20 19:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 19:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\erdnt\cache\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 19:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.0.6002
Copyright (C) 1999-2007 Microsoft Corporation.
On computer: SBETV45-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 F DVD-ROM 0 B No Media
Volume 1 E RECOVERY NTFS Partition 15 GB Healthy
Volume 2 C OS NTFS Partition 134 GB Healthy System

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5D432CE3

< End of report >

12FindersKeepers · 04:25 PM

EDIT: Ah nevermind it was just the system updates making it run weird.....but it still took awhile to load up. But its okay now.

Oh I would like to add....the laptop since scanning has been shutting off abnormally and now starts off as a black screen with a white cursor. O_O I can't get it to run normally.

.....what is happening?

Anyways I started the "startup repair".....should I use system restore?

**eddie5659** · 11-Jul-2012, 04:26 PM **#11**

Thanks

The steps that I am about to suggest involve modifying the registry. Modifying the registry can be dangerous so we will make a backup of the registry first.
Modification of the registry can be EXTREMELY dangerous if you do not know exactly what you are doing so follow the steps that are listed below EXACTLY. if you cannot perform some of these steps or if you have ANY questions please ask BEFORE proceeding.

Backing Up Your Registry

Download ERUNT
(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
Choose a location for the backup
(the default location is C:\WINDOWS\ERDNT which is acceptable).
Make sure that at least the first two check boxes are ticked
Press OK
Press YES to create the folder.

Registry Modifications
----------------
Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7894F71F-D515-458F-B13B-9BF0133C217E}\MpKslff758f63.sys -- (MpKslff758f63)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D3D075CE-D7A4-4EAC-AE07-AEC9B4F294D7}\MpKsld9296210.sys -- (MpKsld9296210)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A33D4720-FDDD-4B65-A78A-FD16A480B7CA}\MpKslca246bd7.sys -- (MpKslca246bd7)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43D05BE9-72A0-4739-88E0-12F3AD0ECC63}\MpKslb7bc710a.sys -- (MpKslb7bc710a)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7A4B302-B307-46FF-9DDE-5E80ED987E5C}\MpKsla11cf7bb.sys -- (MpKsla11cf7bb)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89D6808A-FFA3-47E4-B581-E2514B65866E}\MpKsl9cac146f.sys -- (MpKsl9cac146f)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7A4B302-B307-46FF-9DDE-5E80ED987E5C}\MpKsl955ee223.sys -- (MpKsl955ee223)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89D6808A-FFA3-47E4-B581-E2514B65866E}\MpKsl8bef60fb.sys -- (MpKsl8bef60fb)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0B2DA231-BCA7-4A76-9E20-FE44FD63B2DB}\MpKsl83e5224d.sys -- (MpKsl83e5224d)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E051CFA5-5372-49EC-BCA0-0B9DFCEBF0BB}\MpKsl77c355e6.sys -- (MpKsl77c355e6)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{97C81E7B-C351-497D-8D50-3F333AB423DE}\MpKsl67f629ec.sys -- (MpKsl67f629ec)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E38FDB35-2EF7-4757-A1E0-14BE3863BF68}\MpKsl604f3001.sys -- (MpKsl604f3001)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B386422E-F992-4A2D-B625-21ABA1BFC034}\MpKsl5b54688f.sys -- (MpKsl5b54688f)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1765BF74-4FCC-4740-80D5-583D0DF1D262}\MpKsl49269eae.sys -- (MpKsl49269eae)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{96E1E807-24E6-4013-8DDE-9ABF565F3404}\MpKsl4520ecbb.sys -- (MpKsl4520ecbb)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{661FE33E-1DD1-4924-9BA1-82928B858F84}\MpKsl3fb4efde.sys -- (MpKsl3fb4efde)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{97C81E7B-C351-497D-8D50-3F333AB423DE}\MpKsl33da49c2.sys -- (MpKsl33da49c2)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43D05BE9-72A0-4739-88E0-12F3AD0ECC63}\MpKsl328be7e7.sys -- (MpKsl328be7e7)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{96E1E807-24E6-4013-8DDE-9ABF565F3404}\MpKsl3232f0b3.sys -- (MpKsl3232f0b3)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2B0EAF3B-B431-47F1-AC51-533F80A9D8A9}\MpKsl11b72986.sys -- (MpKsl11b72986)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1765BF74-4FCC-4740-80D5-583D0DF1D262}\MpKsl0c27eaf7.sys -- (MpKsl0c27eaf7)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\SBETV4~1\AppData\Local\Temp\catchme.sys -- (catchme)
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]
IE - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 44 1D 87 01 FB 94 2D 49 BF 1C B3 81 79 0D 51 3C [binary data]
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CD292324-974F-4224-D074-CACA427AA030} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CD292324-974F-4224-D074-CACA427AA030} - No CLSID value found.
O3 - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-646801015-3057517687-3105904186-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
ActiveX: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} - Reg Error: Value error.
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - Reg Error: Value error.
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5D432CE3
:Files
ipconfig /flushdns /c
:Commands 
[purity] 
[resethosts] 
[emptytemp] 
[emptyjava]
[EMPTYFLASH] 
[CREATERESTOREPOINT] 
[Reboot]

Then click the Run Fix button at the top
Click OK.
OTL may ask to reboot the machine. Please do so if asked.
The report should appear in Notepad after the reboot. Copy/Paste the report in your next reply.

----------------------

After doing the above, can you re-run OTL but as follows:

Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

Under the Custom Scan box paste this in

Code:

type C:\Windows\system32\tasks\{532D699D-35A7-4501-85CC-EE8A4685288C} /c

Then click the Run Scan button at the top
When the scan completes, it will only one notepad window, OTL.Txt. This is saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of this file.

eddie

**eddie5659** · 11-Jul-2012, 04:28 PM **#12**

Just saw the above after I replied, as it took me a while to get the fix ready

I assume its okay now?

12FindersKeepers · 11-Jul-2012, 06:06 PM **#13**

yes it is hahaha.... sorry about that. :3

do I just ignore the steps you posted on top?

**eddie5659** · 12-Jul-2012, 08:08 AM **#14**

That's okay

Nope, if you can do them that would be great

12FindersKeepers · 12-Jul-2012, 07:17 PM **#15**

Alright.....I'm a little wary so can I kindly ask what will this do to my computer and what's wrong with it?

I would just like to know before jumping into changing the registry and doing all of this.

Thank you so much for helping.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Solved: Little brother's laptop is slow....help?

Find the solution to your computer problem!

Find the solution to your
computer problem!