1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Internet Options in Control Panel missing

Discussion in 'Virus & Other Malware Removal' started by baffledUK, Jul 1, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. baffledUK

    baffledUK Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    114
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 32 bit
    Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz, x64 Family 6 Model 23 Stepping 7
    Processor Count: 4
    RAM: 3070 Mb
    Graphics Card: NVIDIA GeForce 7100 / NVIDIA nForce 630i, 256 Mb
    Hard Drives: C: Total - 600238 MB, Free - 429472 MB;
    Motherboard: Packard Bell BV, MCP73PVT-PM
    Antivirus: ZoneAlarm Antivirus, Updated and Enabled.

    Internet options missing from control panel, can't reinstall IE9

    Please help,,,,I think I lost the above after Windows Update installed. Following is hijackthis log
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 02:38:02, on 02/07/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Unable to get Internet Explorer version!
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files\Kontiki\KHost.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
    C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
    C:\Users\currys\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
    C:\Users\currys\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENUS/110
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: script helper for ie - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Help the General-Search Project - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Users\currys\AppData\Roaming\MEDIAF~1\EXTENS~1\GENCRA~1.DLL
    O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
    O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
    O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\currys\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090910103721
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1322783446664
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
    O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - http://www.tescophoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: avgsecuritytoolbar - (no CLSID) - (no file)
    O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
    O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
    O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
    O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Updater Service (IBUpdaterService) - Intel Corporation - (no file)
    O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe

    --
    End of file - 10126 bytes
     
  2. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Hiya and welcome to Tech Support Guy :)

    Download Security Check from here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    Please download Malwarebytes' Anti-Malware from Here

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Full Scan", then click Scan.
    • The scan may take some time to finish, so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:
    If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediatly.






    Download and scan with SUPERAntiSpyware Free Edition for Home Users
    • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
    • Under "Configuration and Preferences", click the Preferences button.
    • Click the Scanning Control tab.
    • Under Scanner Options make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Scan for tracking cookies.
      • Terminate memory threats before quarantining.
    • Click the "Home" button to leave the control center screen.
    • On the right, under "Complete Scan", choose Perform Complete Scan.
    • Click Scan your computer.
    • On the left, select all fixed drives.
    • Click "Start Complete Scan" to start the scan. Please be patient while it scans your computer.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "Continue".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "Remove Threats" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes".
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click View Scan Logs.
        [*]Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
        [*]If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
        [*]Please copy and paste the Scan Log results in your next reply.
      [*]Click Close to exit the program.


    Please include the MBAM log and, SUPERAntiSpyware Scan Log, checkup.txt and a fresh HijackThis log in your next reply

    eddie
     
  3. baffledUK

    baffledUK Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    114
    Thanks Eddie
    Results of screen317's Security Check version 0.99.42
    Windows Vista Service Pack 2 x86 (UAC is enabled)
    Internet Explorer 9
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Disabled!
    ZoneAlarm Antivirus
    Microsoft Security Essentials
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    SUPERAntiSpyware
    Malwarebytes Anti-Malware version 1.61.0.1400
    TuneUp Utilities Language Pack (en-GB)
    CCleaner
    TweakNow RegCleaner 2011
    SlimCleaner
    AML Free Registry Cleaner 4.20
    Advanced Disk Cleaner
    Auslogics Registry Cleaner
    Java(TM) 6 Update 17
    Java(TM) 6 Update 22
    Java version out of Date!
    Adobe Flash Player 11.3.300.262
    Adobe Reader 8 Adobe Reader out of Date!
    Adobe Reader X (10.1.3)
    Mozilla Firefox (14.0)
    Google Chrome 19.0.1084.56
    Google Chrome 20.0.1132.47
    ````````Process Check: objlist.exe by Laurent````````
    Microsoft Security Essentials MSMpEng.exe
    Microsoft Security Essentials msseces.exe
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbamgui.exe
    CheckPoint ZoneAlarm vsmon.exe
    CheckPoint ZoneAlarm zatray.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 0 %
    ````````````````````End of Log``````````````````````

    alwarebytes Anti-Malware (Trial) 1.61.0.1400
    www.malwarebytes.org

    Database version: v2012.07.03.08

    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 8.0.6001.19222
    currys :: EAMONNS [administrator]

    Protection: Disabled

    04/07/2012 00:47:50
    mbam-log-2012-07-04 (00-47-50).txt

    Scan type: Full scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 420655
    Time elapsed: 1 hour(s), 27 minute(s), 37 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    PERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 07/04/2012 at 01:55 PM

    Application Version : 5.5.1006

    Core Rules Database Version : 8844
    Trace Rules Database Version: 6656

    Scan type : Complete Scan
    Total Scan Time : 01:44:57

    Operating System Information
    Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
    UAC On - Limited User (Administrator User)

    Memory items scanned : 682
    Memory threats detected : 0
    Registry items scanned : 35280
    Registry threats detected : 10
    File items scanned : 243217
    File threats detected : 54

    PUP.bProtector
    HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\Main#bProtector Start Page [ http://www.google.co.uks-hp/ ]
    HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes#bProtectorDefaultScope [ {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} ]
    HKLM\System\CurrentControlSet\Services\bProtector
    HKLM\System\CurrentControlSet\Services\bProtector#Type
    HKLM\System\CurrentControlSet\Services\bProtector#Start
    HKLM\System\CurrentControlSet\Services\bProtector#ErrorControl
    HKLM\System\CurrentControlSet\Services\bProtector#DisplayName
    HKLM\System\CurrentControlSet\Services\bProtector#ObjectName
    HKLM\System\CurrentControlSet\Services\bProtector#Description
    HKLM\System\CurrentControlSet\Services\bProtector#FailureActions

    Adware.Tracking Cookie
    .invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .paypal.112.2o7.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .stats.paypal.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    adserver.zonemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    adserver.zonemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .gostats.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .gostats.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .stats.ilivid.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .gostats.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .112.2o7.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .microsoftsto.112.2o7.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .bs.serving-sys.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\COOKIES.SQLITE ]

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:10:06, on 04/07/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Unable to get Internet Explorer version!
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files\Kontiki\KHost.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
    C:\Users\currys\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\system32\NOTEPAD.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENUS/110
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: script helper for ie - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
    O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
    O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\currys\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090910103721
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1322783446664
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
    O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - http://www.tescophoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: avgsecuritytoolbar - (no CLSID) - (no file)
    O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
    O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
    O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - (no file)
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
    O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Updater Service (IBUpdaterService) - Intel Corporation - (no file)
    O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe

    --
    End of file - 10017 bytes
    Thanks for your help really appreciated, hope I have done all you asked.
     
  4. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Yep, the logs are all correct :)

    --------

    Uninstall these programs because they're not needed or are outdated or are dangerous to use.
    If any can't be installed, let me know, but carry on with the rest of the uninstall and the programs below. We can look at any that couldn't be uninstalled later :)
    Optimizers, boosters, cleaners, etc. are basically useless and a waste of money and can do more harm than good

    Reading these links might also put you off such progs:

    http://miekiemoes.blogspot.com/2008/02/registry-cleaners-and-system-tweaking_13.html

    http://www.edbott.com/weblog/?p=643


    TweakNow RegCleaner 2011
    AML Free Registry Cleaner 4.20
    SlimCleaner


    -----------

    Your Java is out of date, so lets do that next:

    Upgrade Java : (32 bits)
    • Download the latest version of Java SE Runtime Environment (JRE) JRE 7 Update 5 .
    • Under the JAVA Platform Standard Edition, click the "Download JRE" button to the right.
    • Accept License Agreement.[/b]".
    • Click on the link to download Windows Offline Installation 32 bit ( jre-7u5-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
    • Close any programs you may have running - especially your web browser.
    • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
    • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button.
    • Repeat as many times as necessary to remove each Java version.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on the download to install the newest version.(Vista or Win 7 users, right click on the jre-7u5-windows-i586.exe and select "Run as an Administrator.")


    After doing the above, for the remains of the Java, can you do this:

    Open Java in the Control Panel and under the General tab, under Temporary Internet Files, click the Settings button. Then click on Delete Files.

    Make sure both of these options are checked:

    • Applications and Applets
    • Trace and Log Files
    OK out of all the screens. :)


    -----------------

    You also have two versions of Adobe Reader:

    Adobe Reader 8
    Adobe Reader X (10.1.3)

    Uninstall Adobe Reader 8, as this is the older version, and won't be patched fully, which can leave you open to any malicious files out there.

    -----------------

    Can you run the following tools, and copy/paste the logs that they produce here. If its over a few posts, that's fine :)


    Download the latest version of TDSSKiller from here and save it to your Desktop.


    • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

      [​IMG]
    • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

      [​IMG]
    • Click the Start Scan button.

      [​IMG]
    • If a suspicious object is detected, the default action will be Skip, click on Continue.

      [​IMG]
    • If malicious objects are found, they will show in the Scan results and offer three (3) options.
    • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

      [​IMG]
    • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

    A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply


    --------------------------

    Download aswMBR.exe ( 511KB ) to your desktop.

    Double click the aswMBR.exe to run it

    Click the "Scan" button to start scan
    [​IMG]

    On completion of the scan click save log, save it to your desktop and post in your next reply
    [​IMG]

    -------------------------

    Delete any copies of Combofix that you have.

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop


    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      • Remember to re-enable the protection again afterwards before connecting to the Internet.
    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


    [​IMG]


    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    [​IMG]


    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    eddie
     
  5. baffledUK

    baffledUK Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    114
    Thanks Eddie
    10:41:52.0652 2536 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
    10:41:54.0655 2536 ============================================================
    10:41:54.0655 2536 Current date / time: 2012/07/06 10:41:54.0655
    10:41:54.0655 2536 SystemInfo:
    10:41:54.0655 2536
    10:41:54.0655 2536 OS Version: 6.0.6002 ServicePack: 2.0
    10:41:54.0655 2536 Product type: Workstation
    10:41:54.0656 2536 ComputerName: EAMONNS
    10:41:54.0656 2536 UserName: currys
    10:41:54.0656 2536 Windows directory: C:\Windows
    10:41:54.0656 2536 System windows directory: C:\Windows
    10:41:54.0656 2536 Processor architecture: Intel x86
    10:41:54.0656 2536 Number of processors: 4
    10:41:54.0656 2536 Page size: 0x1000
    10:41:54.0656 2536 Boot type: Normal boot
    10:41:54.0656 2536 ============================================================
    10:42:01.0665 2536 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    10:42:01.0777 2536 ============================================================
    10:42:01.0777 2536 \Device\Harddisk0\DR0:
    10:42:01.0777 2536 MBR partitions:
    10:42:01.0777 2536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x494572B0
    10:42:01.0777 2536 ============================================================
    10:42:01.0809 2536 C: <-> \Device\Harddisk0\DR0\Partition0
    10:42:01.0809 2536 ============================================================
    10:42:01.0809 2536 Initialize success
    10:42:01.0809 2536 ============================================================
    10:43:06.0037 1384 ============================================================
    10:43:06.0038 1384 Scan started
    10:43:06.0038 1384 Mode: Manual; SigCheck;
    10:43:06.0038 1384 ============================================================
    10:43:06.0819 1384 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    10:43:06.0951 1384 !SASCORE - ok
    10:43:07.0384 1384 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    10:43:07.0466 1384 ACPI - ok
    10:43:07.0831 1384 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    10:43:07.0859 1384 AdobeActiveFileMonitor6.0 - ok
    10:43:07.0968 1384 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    10:43:07.0993 1384 AdobeARMservice - ok
    10:43:08.0374 1384 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    10:43:08.0392 1384 AdobeFlashPlayerUpdateSvc - ok
    10:43:08.0459 1384 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    10:43:08.0493 1384 adp94xx - ok
    10:43:08.0548 1384 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    10:43:08.0585 1384 adpahci - ok
    10:43:08.0795 1384 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    10:43:08.0813 1384 adpu160m - ok
    10:43:08.0838 1384 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    10:43:08.0864 1384 adpu320 - ok
    10:43:09.0313 1384 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
    10:43:09.0358 1384 AdvancedSystemCareService5 - ok
    10:43:09.0413 1384 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
    10:43:09.0471 1384 AeLookupSvc - ok
    10:43:09.0494 1384 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    10:43:09.0549 1384 AFD - ok
    10:43:09.0571 1384 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    10:43:09.0588 1384 agp440 - ok
    10:43:09.0621 1384 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    10:43:09.0638 1384 aic78xx - ok
    10:43:09.0653 1384 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
    10:43:09.0707 1384 ALG - ok
    10:43:09.0719 1384 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    10:43:09.0735 1384 aliide - ok
    10:43:09.0747 1384 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    10:43:09.0765 1384 amdagp - ok
    10:43:09.0782 1384 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    10:43:09.0799 1384 amdide - ok
    10:43:09.0809 1384 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    10:43:09.0843 1384 AmdK7 - ok
    10:43:09.0860 1384 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
    10:43:09.0897 1384 AmdK8 - ok
    10:43:10.0034 1384 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
    10:43:10.0110 1384 AntiVirSchedulerService - ok
    10:43:10.0130 1384 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    10:43:10.0158 1384 AntiVirService - ok
    10:43:10.0274 1384 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
    10:43:10.0321 1384 Appinfo - ok
    10:43:10.0353 1384 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    10:43:10.0369 1384 arc - ok
    10:43:10.0387 1384 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    10:43:10.0406 1384 arcsas - ok
    10:43:10.0525 1384 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    10:43:10.0555 1384 aspnet_state - ok
    10:43:10.0562 1384 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    10:43:10.0613 1384 AsyncMac - ok
    10:43:10.0635 1384 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    10:43:10.0659 1384 atapi - ok
    10:43:10.0689 1384 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    10:43:10.0731 1384 AudioEndpointBuilder - ok
    10:43:10.0736 1384 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    10:43:10.0769 1384 Audiosrv - ok
    10:43:10.0787 1384 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
    10:43:10.0864 1384 avgntflt - ok
    10:43:10.0891 1384 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
    10:43:10.0925 1384 avipbb - ok
    10:43:10.0943 1384 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
    10:43:10.0966 1384 avkmgr - ok
    10:43:11.0007 1384 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    10:43:11.0062 1384 Beep - ok
    10:43:11.0116 1384 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
    10:43:11.0189 1384 BFE - ok
    10:43:11.0241 1384 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
    10:43:11.0312 1384 BITS - ok
    10:43:11.0321 1384 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    10:43:11.0366 1384 blbdrive - ok
    10:43:11.0444 1384 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
    10:43:11.0471 1384 Bonjour Service - ok
    10:43:11.0498 1384 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
    10:43:11.0550 1384 bowser - ok
    10:43:11.0565 1384 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    10:43:11.0603 1384 BrFiltLo - ok
    10:43:11.0614 1384 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    10:43:11.0646 1384 BrFiltUp - ok
    10:43:11.0669 1384 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
    10:43:11.0723 1384 Browser - ok
    10:43:11.0735 1384 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    10:43:11.0881 1384 Brserid - ok
    10:43:11.0893 1384 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    10:43:11.0944 1384 BrSerWdm - ok
    10:43:11.0969 1384 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    10:43:12.0023 1384 BrUsbMdm - ok
    10:43:12.0035 1384 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    10:43:12.0091 1384 BrUsbSer - ok
    10:43:12.0107 1384 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    10:43:12.0166 1384 BTHMODEM - ok
    10:43:12.0173 1384 catchme - ok
    10:43:12.0191 1384 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    10:43:12.0229 1384 cdfs - ok
    10:43:12.0250 1384 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    10:43:12.0297 1384 cdrom - ok
    10:43:12.0320 1384 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    10:43:12.0349 1384 CertPropSvc - ok
    10:43:12.0358 1384 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    10:43:12.0402 1384 circlass - ok
    10:43:12.0443 1384 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    10:43:12.0476 1384 CLFS - ok
    10:43:12.0527 1384 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    10:43:12.0545 1384 clr_optimization_v2.0.50727_32 - ok
    10:43:12.0611 1384 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    10:43:12.0665 1384 clr_optimization_v4.0.30319_32 - ok
    10:43:12.0706 1384 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    10:43:12.0723 1384 cmdide - ok
    10:43:12.0741 1384 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
    10:43:12.0790 1384 Compbatt - ok
    10:43:12.0795 1384 COMSysApp - ok
    10:43:12.0825 1384 cpuz134 - ok
    10:43:12.0836 1384 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    10:43:12.0859 1384 crcdisk - ok
    10:43:12.0873 1384 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    10:43:12.0910 1384 Crusoe - ok
    10:43:12.0944 1384 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
    10:43:13.0002 1384 CryptSvc - ok
    10:43:13.0049 1384 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    10:43:13.0108 1384 DcomLaunch - ok
    10:43:13.0125 1384 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    10:43:13.0174 1384 DfsC - ok
    10:43:13.0287 1384 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
    10:43:13.0368 1384 DFSR - ok
    10:43:13.0477 1384 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
    10:43:13.0513 1384 Dhcp - ok
    10:43:13.0536 1384 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    10:43:13.0563 1384 disk - ok
    10:43:13.0586 1384 Dnscache (30a08728740e71947ae1e073b5ce69b4) C:\Windows\System32\dnsrslvr.dll
    10:43:13.0621 1384 Dnscache - ok
    10:43:13.0643 1384 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
    10:43:13.0689 1384 dot3svc - ok
    10:43:13.0711 1384 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
    10:43:13.0775 1384 Dot4 - ok
    10:43:13.0790 1384 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    10:43:13.0839 1384 Dot4Print - ok
    10:43:13.0849 1384 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
    10:43:13.0894 1384 dot4usb - ok
    10:43:13.0910 1384 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
    10:43:13.0953 1384 DPS - ok
    10:43:13.0982 1384 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    10:43:14.0014 1384 drmkaud - ok
    10:43:14.0055 1384 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
    10:43:14.0107 1384 DXGKrnl - ok
    10:43:14.0130 1384 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    10:43:14.0168 1384 E1G60 - ok
    10:43:14.0196 1384 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
    10:43:14.0245 1384 EapHost - ok
    10:43:14.0276 1384 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    10:43:14.0311 1384 Ecache - ok
    10:43:14.0352 1384 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
    10:43:14.0405 1384 ehRecvr - ok
    10:43:14.0442 1384 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
    10:43:14.0493 1384 ehSched - ok
    10:43:14.0506 1384 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
    10:43:14.0537 1384 ehstart - ok
    10:43:14.0577 1384 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    10:43:14.0610 1384 elxstor - ok
    10:43:14.0652 1384 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
    10:43:14.0725 1384 EMDMgmt - ok
    10:43:14.0735 1384 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    10:43:14.0772 1384 ErrDev - ok
    10:43:14.0819 1384 ETService (23112102bc2a8fe44b8ac44a05bdf4c3) C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
    10:43:14.0845 1384 ETService ( UnsignedFile.Multi.Generic ) - warning
    10:43:14.0845 1384 ETService - detected UnsignedFile.Multi.Generic (1)
    10:43:14.0869 1384 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
    10:43:14.0906 1384 EventSystem - ok
    10:43:14.0924 1384 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    10:43:14.0988 1384 exfat - ok
    10:43:15.0011 1384 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
    10:43:15.0039 1384 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
    10:43:15.0039 1384 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
    10:43:15.0067 1384 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    10:43:15.0124 1384 fastfat - ok
    10:43:15.0149 1384 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    10:43:15.0183 1384 fdc - ok
    10:43:15.0218 1384 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
    10:43:15.0275 1384 fdPHost - ok
    10:43:15.0280 1384 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
    10:43:15.0348 1384 FDResPub - ok
    10:43:15.0361 1384 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    10:43:15.0386 1384 FileInfo - ok
    10:43:15.0397 1384 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    10:43:15.0433 1384 Filetrace - ok
    10:43:15.0504 1384 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    10:43:15.0565 1384 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
    10:43:15.0565 1384 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
    10:43:15.0577 1384 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    10:43:15.0616 1384 flpydisk - ok
    10:43:15.0642 1384 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    10:43:15.0675 1384 FltMgr - ok
    10:43:15.0780 1384 FontCache (d49705f25390265cad9b620f55ea968c) C:\Windows\system32\FntCache.dll
    10:43:15.0849 1384 FontCache - ok
    10:43:15.0921 1384 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    10:43:15.0938 1384 FontCache3.0.0.0 - ok
    10:43:15.0967 1384 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
    10:43:15.0981 1384 fssfltr - ok
    10:43:16.0140 1384 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    10:43:16.0220 1384 fsssvc - ok
    10:43:16.0326 1384 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    10:43:16.0392 1384 Fs_Rec - ok
    10:43:16.0404 1384 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    10:43:16.0422 1384 gagp30kx - ok
    10:43:16.0451 1384 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    10:43:16.0471 1384 GEARAspiWDM - ok
    10:43:16.0530 1384 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    10:43:16.0548 1384 GoogleDesktopManager-051210-111108 - ok
    10:43:16.0554 1384 GoogleDesktopManager-110309-193829 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    10:43:16.0570 1384 GoogleDesktopManager-110309-193829 - ok
    10:43:16.0595 1384 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
    10:43:16.0610 1384 GoToAssist - ok
    10:43:16.0654 1384 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
    10:43:16.0736 1384 gpsvc - ok
    10:43:16.0760 1384 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    10:43:16.0775 1384 gupdate - ok
    10:43:16.0779 1384 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    10:43:16.0796 1384 gupdatem - ok
    10:43:16.0818 1384 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    10:43:16.0854 1384 gusvc - ok
    10:43:16.0907 1384 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
    10:43:16.0957 1384 HdAudAddService - ok
    10:43:17.0036 1384 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    10:43:17.0090 1384 HDAudBus - ok
    10:43:17.0118 1384 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    10:43:17.0171 1384 HidBth - ok
    10:43:17.0185 1384 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    10:43:17.0242 1384 HidIr - ok
    10:43:17.0256 1384 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
    10:43:17.0289 1384 hidserv - ok
    10:43:17.0305 1384 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    10:43:17.0364 1384 HidUsb - ok
    10:43:17.0383 1384 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
    10:43:17.0429 1384 hkmsvc - ok
    10:43:17.0446 1384 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    10:43:17.0462 1384 HpCISSs - ok
    10:43:17.0528 1384 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
    10:43:17.0552 1384 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
    10:43:17.0552 1384 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
    10:43:17.0568 1384 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
    10:43:17.0590 1384 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
    10:43:17.0590 1384 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
    10:43:17.0637 1384 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    10:43:17.0703 1384 HTTP - ok
    10:43:17.0717 1384 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    10:43:17.0733 1384 i2omp - ok
    10:43:17.0745 1384 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    10:43:17.0783 1384 i8042prt - ok
    10:43:17.0810 1384 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    10:43:17.0834 1384 iaStorV - ok
    10:43:17.0916 1384 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    10:43:17.0962 1384 idsvc - ok
    10:43:17.0985 1384 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    10:43:17.0999 1384 iirsp - ok
    10:43:18.0053 1384 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
    10:43:18.0101 1384 IKEEXT - ok
    10:43:18.0127 1384 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
    10:43:18.0153 1384 int15 - ok
    10:43:18.0341 1384 IntcAzAudAddService (bfcd7edc663f513e7c4a0b9400e58c70) C:\Windows\system32\drivers\RTKVHDA.sys
    10:43:18.0512 1384 IntcAzAudAddService - ok
    10:43:18.0590 1384 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    10:43:18.0607 1384 intelide - ok
    10:43:18.0617 1384 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    10:43:18.0655 1384 intelppm - ok
    10:43:18.0677 1384 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
    10:43:18.0728 1384 IPBusEnum - ok
    10:43:18.0743 1384 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    10:43:18.0789 1384 IpFilterDriver - ok
    10:43:18.0829 1384 iphlpsvc (7f83b06a929a981bc001b2ea304d2036) C:\Windows\System32\iphlpsvc.dll
    10:43:18.0871 1384 iphlpsvc - ok
    10:43:18.0875 1384 IpInIp - ok
    10:43:18.0894 1384 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    10:43:18.0937 1384 IPMIDRV - ok
    10:43:18.0956 1384 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    10:43:19.0020 1384 IPNAT - ok
    10:43:19.0037 1384 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    10:43:19.0076 1384 IRENUM - ok
    10:43:19.0090 1384 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    10:43:19.0106 1384 isapnp - ok
    10:43:19.0137 1384 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    10:43:19.0156 1384 iScsiPrt - ok
    10:43:19.0199 1384 ISWKL (ee8bed092a58a4faeb08dc140729189e) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
    10:43:19.0222 1384 ISWKL - ok
    10:43:19.0259 1384 IswSvc (aa7fd6a7532ef23fdcfc030195c148f9) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    10:43:19.0291 1384 IswSvc - ok
    10:43:19.0303 1384 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    10:43:19.0320 1384 iteatapi - ok
    10:43:19.0333 1384 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    10:43:19.0349 1384 iteraid - ok
    10:43:19.0373 1384 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    10:43:19.0396 1384 kbdclass - ok
    10:43:19.0403 1384 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
    10:43:19.0462 1384 kbdhid - ok
    10:43:19.0475 1384 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:43:19.0510 1384 KeyIso - ok
    10:43:19.0538 1384 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
    10:43:19.0562 1384 KL1 - ok
    10:43:19.0577 1384 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
    10:43:19.0598 1384 kl2 - ok
    10:43:19.0639 1384 KLIF (46fa00bef951762919b66269371c22af) C:\Windows\system32\DRIVERS\klif.sys
    10:43:19.0682 1384 KLIF - ok
    10:43:19.0707 1384 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    10:43:19.0743 1384 KSecDD - ok
    10:43:19.0961 1384 KService (0423bc118534ec23a063e54ebca9b92d) C:\Program Files\Kontiki\KService.exe
    10:43:20.0067 1384 KService - ok
    10:43:20.0161 1384 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
    10:43:20.0217 1384 KtmRm - ok
    10:43:20.0245 1384 LanmanServer (43446f197c74ef2030f84b3a4f39d570) C:\Windows\system32\srvsvc.dll
    10:43:20.0290 1384 LanmanServer - ok
    10:43:20.0319 1384 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
    10:43:20.0443 1384 LanmanWorkstation - ok
    10:43:20.0478 1384 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    10:43:20.0542 1384 lltdio - ok
    10:43:20.0580 1384 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
    10:43:20.0635 1384 lltdsvc - ok
    10:43:20.0649 1384 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
    10:43:20.0705 1384 lmhosts - ok
    10:43:20.0731 1384 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    10:43:20.0750 1384 LSI_FC - ok
    10:43:20.0770 1384 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    10:43:20.0790 1384 LSI_SAS - ok
    10:43:20.0811 1384 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    10:43:20.0834 1384 LSI_SCSI - ok
    10:43:20.0859 1384 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    10:43:20.0920 1384 luafv - ok
    10:43:20.0960 1384 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
    10:43:20.0979 1384 MBAMProtector - ok
    10:43:21.0091 1384 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    10:43:21.0120 1384 MBAMService - ok
    10:43:21.0179 1384 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
    10:43:21.0216 1384 McciCMService ( UnsignedFile.Multi.Generic ) - warning
    10:43:21.0216 1384 McciCMService - detected UnsignedFile.Multi.Generic (1)
    10:43:21.0256 1384 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
    10:43:21.0288 1384 Mcx2Svc - ok
    10:43:21.0313 1384 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    10:43:21.0328 1384 megasas - ok
    10:43:21.0353 1384 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    10:43:21.0386 1384 MegaSR - ok
    10:43:21.0412 1384 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    10:43:21.0463 1384 MMCSS - ok
    10:43:21.0474 1384 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    10:43:21.0508 1384 Modem - ok
    10:43:21.0519 1384 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    10:43:21.0554 1384 monitor - ok
    10:43:21.0570 1384 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    10:43:21.0594 1384 mouclass - ok
    10:43:21.0606 1384 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    10:43:21.0659 1384 mouhid - ok
    10:43:21.0675 1384 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    10:43:21.0698 1384 MountMgr - ok
    10:43:21.0735 1384 MozillaMaintenance (166f0cbff55d16552161c154317287ca) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    10:43:21.0753 1384 MozillaMaintenance - ok
    10:43:21.0788 1384 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
    10:43:21.0824 1384 MpFilter - ok
    10:43:21.0845 1384 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    10:43:21.0862 1384 mpio - ok
    10:43:21.0876 1384 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    10:43:21.0920 1384 mpsdrv - ok
    10:43:21.0960 1384 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
    10:43:21.0997 1384 MpsSvc - ok
    10:43:22.0029 1384 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    10:43:22.0045 1384 Mraid35x - ok
    10:43:22.0094 1384 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    10:43:22.0122 1384 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
    10:43:22.0122 1384 MREMP50 - detected UnsignedFile.Multi.Generic (1)
    10:43:22.0126 1384 MREMPR5 - ok
    10:43:22.0133 1384 MRENDIS5 - ok
    10:43:22.0162 1384 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    10:43:22.0174 1384 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
    10:43:22.0174 1384 MRESP50 - detected UnsignedFile.Multi.Generic (1)
    10:43:22.0202 1384 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    10:43:22.0227 1384 MRxDAV - ok
    10:43:22.0254 1384 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    10:43:22.0301 1384 mrxsmb - ok
    10:43:22.0323 1384 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    10:43:22.0376 1384 mrxsmb10 - ok
    10:43:22.0384 1384 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    10:43:22.0438 1384 mrxsmb20 - ok
    10:43:22.0450 1384 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
    10:43:22.0467 1384 msahci - ok
    10:43:22.0486 1384 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    10:43:22.0503 1384 msdsm - ok
    10:43:22.0524 1384 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
    10:43:22.0562 1384 MSDTC - ok
    10:43:22.0581 1384 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    10:43:22.0623 1384 Msfs - ok
    10:43:22.0636 1384 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    10:43:22.0660 1384 msisadrv - ok
    10:43:22.0693 1384 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
    10:43:22.0751 1384 MSiSCSI - ok
    10:43:22.0756 1384 msiserver - ok
    10:43:22.0791 1384 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    10:43:22.0828 1384 MSKSSRV - ok
    10:43:22.0864 1384 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
    10:43:22.0881 1384 MsMpSvc - ok
    10:43:22.0892 1384 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    10:43:22.0930 1384 MSPCLOCK - ok
    10:43:22.0935 1384 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    10:43:22.0992 1384 MSPQM - ok
    10:43:23.0013 1384 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    10:43:23.0048 1384 MsRPC - ok
    10:43:23.0057 1384 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    10:43:23.0075 1384 mssmbios - ok
    10:43:23.0089 1384 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    10:43:23.0132 1384 MSTEE - ok
    10:43:23.0139 1384 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    10:43:23.0165 1384 Mup - ok
    10:43:23.0201 1384 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
    10:43:23.0245 1384 napagent - ok
    10:43:23.0276 1384 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    10:43:23.0302 1384 NativeWifiP - ok
    10:43:23.0335 1384 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    10:43:23.0362 1384 NDIS - ok
    10:43:23.0378 1384 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    10:43:23.0419 1384 NdisTapi - ok
    10:43:23.0438 1384 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    10:43:23.0475 1384 Ndisuio - ok
    10:43:23.0490 1384 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    10:43:23.0545 1384 NdisWan - ok
    10:43:23.0562 1384 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    10:43:23.0600 1384 NDProxy - ok
    10:43:23.0620 1384 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
    10:43:23.0640 1384 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    10:43:23.0640 1384 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    10:43:23.0653 1384 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    10:43:23.0694 1384 NetBIOS - ok
    10:43:23.0714 1384 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    10:43:23.0769 1384 netbt - ok
    10:43:23.0800 1384 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:43:23.0825 1384 Netlogon - ok
    10:43:23.0858 1384 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
    10:43:23.0901 1384 Netman - ok
    10:43:23.0958 1384 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:43:23.0993 1384 NetMsmqActivator - ok
    10:43:23.0997 1384 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:43:24.0013 1384 NetPipeActivator - ok
    10:43:24.0063 1384 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
    10:43:24.0110 1384 netprofm - ok
    10:43:24.0115 1384 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:43:24.0134 1384 NetTcpActivator - ok
    10:43:24.0138 1384 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:43:24.0155 1384 NetTcpPortSharing - ok
    10:43:24.0177 1384 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    10:43:24.0193 1384 nfrd960 - ok
    10:43:24.0221 1384 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    10:43:24.0248 1384 NisDrv - ok
    10:43:24.0308 1384 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
    10:43:24.0335 1384 NisSrv - ok
    10:43:24.0354 1384 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
    10:43:24.0398 1384 NlaSvc - ok
    10:43:24.0438 1384 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    10:43:24.0475 1384 Npfs - ok
    10:43:24.0482 1384 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
    10:43:24.0520 1384 nsi - ok
    10:43:24.0533 1384 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    10:43:24.0584 1384 nsiproxy - ok
    10:43:24.0663 1384 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    10:43:24.0725 1384 Ntfs - ok
    10:43:24.0754 1384 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    10:43:24.0808 1384 ntrigdigi - ok
    10:43:24.0819 1384 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    10:43:24.0859 1384 Null - ok
    10:43:24.0888 1384 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
    10:43:24.0921 1384 NVHDA - ok
    10:43:25.0491 1384 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    10:43:25.0864 1384 nvlddmkm - ok
    10:43:26.0079 1384 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    10:43:26.0097 1384 nvraid - ok
    10:43:26.0115 1384 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    10:43:26.0131 1384 nvstor - ok
    10:43:26.0158 1384 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
    10:43:26.0175 1384 nvstor32 - ok
    10:43:26.0226 1384 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
    10:43:26.0256 1384 nvsvc - ok
    10:43:26.0440 1384 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    10:43:26.0570 1384 nvUpdatusService - ok
    10:43:26.0668 1384 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    10:43:26.0686 1384 nv_agp - ok
    10:43:26.0690 1384 NwlnkFlt - ok
    10:43:26.0697 1384 NwlnkFwd - ok
    10:43:26.0719 1384 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
    10:43:26.0780 1384 ohci1394 - ok
    10:43:26.0829 1384 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    10:43:26.0862 1384 ose - ok
    10:43:27.0168 1384 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    10:43:27.0377 1384 osppsvc - ok
    10:43:27.0485 1384 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:43:27.0580 1384 p2pimsvc - ok
    10:43:27.0589 1384 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:43:27.0623 1384 p2psvc - ok
    10:43:27.0652 1384 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    10:43:27.0704 1384 Parport - ok
    10:43:27.0731 1384 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
    10:43:27.0769 1384 Partizan - ok
    10:43:27.0790 1384 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    10:43:27.0820 1384 partmgr - ok
    10:43:27.0830 1384 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    10:43:27.0881 1384 Parvdm - ok
    10:43:27.0896 1384 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
    10:43:27.0930 1384 PcaSvc - ok
    10:43:27.0954 1384 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    10:43:27.0982 1384 pci - ok
    10:43:27.0997 1384 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
    10:43:28.0022 1384 pciide - ok
    10:43:28.0044 1384 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    10:43:28.0070 1384 pcmcia - ok
    10:43:28.0130 1384 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    10:43:28.0232 1384 PEAUTH - ok
    10:43:28.0327 1384 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
    10:43:28.0419 1384 pla - ok
    10:43:28.0514 1384 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
    10:43:28.0561 1384 PlugPlay - ok
    10:43:28.0623 1384 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
    10:43:28.0650 1384 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    10:43:28.0650 1384 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    10:43:28.0710 1384 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:43:28.0745 1384 PNRPAutoReg - ok
    10:43:28.0752 1384 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:43:28.0789 1384 PNRPsvc - ok
    10:43:28.0816 1384 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
    10:43:28.0893 1384 PolicyAgent - ok
    10:43:28.0920 1384 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    10:43:28.0970 1384 PptpMiniport - ok
    10:43:28.0990 1384 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    10:43:29.0026 1384 Processor - ok
    10:43:29.0037 1384 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
    10:43:29.0077 1384 ProfSvc - ok
    10:43:29.0092 1384 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:43:29.0116 1384 ProtectedStorage - ok
    10:43:29.0142 1384 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    10:43:29.0189 1384 PSched - ok
    10:43:29.0196 1384 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
    10:43:29.0222 1384 PxHelp20 - ok
    10:43:29.0292 1384 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    10:43:29.0357 1384 ql2300 - ok
    10:43:29.0390 1384 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    10:43:29.0407 1384 ql40xx - ok
    10:43:29.0441 1384 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
    10:43:29.0483 1384 QWAVE - ok
    10:43:29.0499 1384 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    10:43:29.0538 1384 QWAVEdrv - ok
    10:43:29.0551 1384 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    10:43:29.0603 1384 RasAcd - ok
    10:43:29.0620 1384 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
    10:43:29.0671 1384 RasAuto - ok
    10:43:29.0710 1384 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    10:43:29.0757 1384 Rasl2tp - ok
    10:43:29.0824 1384 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
    10:43:29.0864 1384 RasMan - ok
    10:43:29.0879 1384 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    10:43:29.0920 1384 RasPppoe - ok
    10:43:29.0950 1384 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    10:43:29.0981 1384 RasSstp - ok
    10:43:30.0014 1384 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    10:43:30.0061 1384 rdbss - ok
    10:43:30.0070 1384 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    10:43:30.0111 1384 RDPCDD - ok
    10:43:30.0137 1384 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    10:43:30.0172 1384 rdpdr - ok
    10:43:30.0177 1384 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    10:43:30.0227 1384 RDPENCDD - ok
    10:43:30.0253 1384 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
    10:43:30.0358 1384 RDPWD - ok
    10:43:30.0371 1384 RegGuard (37ecebdd930395a9c399fb18a3c236d3) C:\Windows\system32\Drivers\regguard.sys
    10:43:30.0403 1384 RegGuard - ok
    10:43:30.0436 1384 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
    10:43:30.0479 1384 RemoteAccess - ok
    10:43:30.0495 1384 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
    10:43:30.0539 1384 RemoteRegistry - ok
    10:43:30.0554 1384 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
    10:43:30.0607 1384 RpcLocator - ok
    10:43:30.0640 1384 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    10:43:30.0678 1384 RpcSs - ok
    10:43:30.0697 1384 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    10:43:30.0748 1384 rspndr - ok
    10:43:30.0802 1384 RTL8169 (06992132cf20c3c1cba3f072c4086de8) C:\Windows\system32\DRIVERS\Rtlh86.sys
    10:43:30.0830 1384 RTL8169 - ok
    10:43:30.0850 1384 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:43:30.0874 1384 SamSs - ok
    10:43:30.0910 1384 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    10:43:30.0925 1384 SASDIFSV - ok
    10:43:30.0943 1384 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    10:43:30.0958 1384 SASKUTIL - ok
    10:43:30.0991 1384 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    10:43:31.0008 1384 sbp2port - ok
    10:43:31.0096 1384 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    10:43:31.0167 1384 SBSDWSCService - ok
    10:43:31.0189 1384 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
    10:43:31.0237 1384 SCardSvr - ok
    10:43:31.0277 1384 Schedule (323ae0bdfd2eb15b668dda50cc597329) C:\Windows\system32\schedsvc.dll
    10:43:31.0364 1384 Schedule - ok
    10:43:31.0386 1384 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    10:43:31.0416 1384 SCPolicySvc - ok
    10:43:31.0439 1384 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
    10:43:31.0486 1384 SDRSVC - ok
    10:43:31.0524 1384 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    10:43:31.0594 1384 secdrv - ok
    10:43:31.0605 1384 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
    10:43:31.0644 1384 seclogon - ok
    10:43:31.0656 1384 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
    10:43:31.0694 1384 SENS - ok
    10:43:31.0701 1384 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    10:43:31.0756 1384 Serenum - ok
    10:43:31.0774 1384 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    10:43:31.0838 1384 Serial - ok
    10:43:31.0857 1384 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    10:43:31.0899 1384 sermouse - ok
    10:43:31.0917 1384 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
    10:43:31.0960 1384 SessionEnv - ok
    10:43:31.0973 1384 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    10:43:32.0010 1384 sffdisk - ok
    10:43:32.0021 1384 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    10:43:32.0062 1384 sffp_mmc - ok
    10:43:32.0082 1384 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    10:43:32.0123 1384 sffp_sd - ok
    10:43:32.0136 1384 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    10:43:32.0186 1384 sfloppy - ok
    10:43:32.0216 1384 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
    10:43:32.0256 1384 SharedAccess - ok
    10:43:32.0279 1384 ShellHWDetection (c818c44c201898399bf999bb6b35d4e3) C:\Windows\System32\shsvcs.dll
    10:43:32.0323 1384 ShellHWDetection - ok
    10:43:32.0333 1384 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    10:43:32.0349 1384 sisagp - ok
    10:43:32.0363 1384 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    10:43:32.0380 1384 SiSRaid2 - ok
    10:43:32.0392 1384 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    10:43:32.0409 1384 SiSRaid4 - ok
    10:43:32.0645 1384 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
    10:43:32.0790 1384 slsvc - ok
    10:43:32.0860 1384 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
    10:43:32.0898 1384 SLUINotify - ok
    10:43:32.0937 1384 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
    10:43:32.0957 1384 SmartDefragDriver - ok
    10:43:32.0989 1384 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    10:43:33.0035 1384 Smb - ok
    10:43:33.0057 1384 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
    10:43:33.0090 1384 SNMPTRAP - ok
    10:43:33.0105 1384 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    10:43:33.0131 1384 spldr - ok
    10:43:33.0152 1384 Spooler (524bfbea40e6e404737ccbc754647a2e) C:\Windows\System32\spoolsv.exe
    10:43:33.0190 1384 Spooler - ok
    10:43:33.0211 1384 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
    10:43:33.0256 1384 srv - ok
    10:43:33.0284 1384 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
    10:43:33.0337 1384 srv2 - ok
    10:43:33.0363 1384 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
    10:43:33.0402 1384 srvnet - ok
    10:43:33.0414 1384 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
    10:43:33.0458 1384 SSDPSRV - ok
    10:43:33.0479 1384 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
    10:43:33.0500 1384 ssmdrv - ok
    10:43:33.0521 1384 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
    10:43:33.0553 1384 SstpSvc - ok
    10:43:33.0592 1384 Steam Client Service - ok
    10:43:33.0620 1384 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
    10:43:33.0667 1384 StillCam - ok
    10:43:33.0696 1384 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
    10:43:33.0748 1384 stisvc - ok
    10:43:33.0772 1384 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    10:43:33.0795 1384 swenum - ok
    10:43:33.0828 1384 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
    10:43:33.0868 1384 swprv - ok
    10:43:33.0881 1384 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    10:43:33.0897 1384 Symc8xx - ok
    10:43:33.0912 1384 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    10:43:33.0928 1384 Sym_hi - ok
    10:43:33.0944 1384 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    10:43:33.0961 1384 Sym_u3 - ok
    10:43:34.0026 1384 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
    10:43:34.0086 1384 SysMain - ok
    10:43:34.0112 1384 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
    10:43:34.0159 1384 TabletInputService - ok
    10:43:34.0188 1384 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
    10:43:34.0232 1384 TapiSrv - ok
    10:43:34.0245 1384 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
    10:43:34.0287 1384 TBS - ok
    10:43:34.0355 1384 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys
    10:43:34.0407 1384 Tcpip - ok
    10:43:34.0422 1384 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys
    10:43:34.0457 1384 Tcpip6 - ok
    10:43:34.0485 1384 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys
    10:43:34.0533 1384 tcpipreg - ok
    10:43:34.0558 1384 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    10:43:34.0599 1384 TDPIPE - ok
    10:43:34.0613 1384 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    10:43:34.0647 1384 TDTCP - ok
    10:43:34.0678 1384 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    10:43:34.0716 1384 tdx - ok
    10:43:34.0741 1384 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    10:43:34.0767 1384 TermDD - ok
    10:43:34.0800 1384 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
    10:43:34.0867 1384 TermService - ok
    10:43:34.0891 1384 Themes (c818c44c201898399bf999bb6b35d4e3) C:\Windows\system32\shsvcs.dll
    10:43:34.0923 1384 Themes - ok
    10:43:34.0953 1384 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    10:43:34.0988 1384 THREADORDER - ok
    10:43:35.0013 1384 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
    10:43:35.0050 1384 TrkWks - ok
    10:43:35.0096 1384 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
    10:43:35.0141 1384 TrustedInstaller - ok
    10:43:35.0154 1384 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    10:43:35.0191 1384 tssecsrv - ok
    10:43:35.0200 1384 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    10:43:35.0251 1384 tunmp - ok
    10:43:35.0258 1384 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
    10:43:35.0305 1384 tunnel - ok
    10:43:35.0318 1384 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    10:43:35.0335 1384 uagp35 - ok
    10:43:35.0354 1384 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    10:43:35.0386 1384 udfs - ok
    10:43:35.0409 1384 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
    10:43:35.0461 1384 UI0Detect - ok
    10:43:35.0477 1384 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    10:43:35.0496 1384 uliagpkx - ok
    10:43:35.0515 1384 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    10:43:35.0540 1384 uliahci - ok
    10:43:35.0555 1384 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    10:43:35.0575 1384 UlSata - ok
    10:43:35.0588 1384 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    10:43:35.0615 1384 ulsata2 - ok
    10:43:35.0625 1384 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    10:43:35.0666 1384 umbus - ok
    10:43:35.0695 1384 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
    10:43:35.0737 1384 upnphost - ok
    10:43:35.0758 1384 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    10:43:35.0799 1384 usbccgp - ok
    10:43:35.0818 1384 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    10:43:35.0868 1384 usbcir - ok
    10:43:35.0888 1384 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    10:43:35.0929 1384 usbehci - ok
    10:43:35.0952 1384 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    10:43:36.0030 1384 usbhub - ok
    10:43:36.0045 1384 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
    10:43:36.0089 1384 usbohci - ok
    10:43:36.0102 1384 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    10:43:36.0144 1384 usbprint - ok
    10:43:36.0163 1384 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    10:43:36.0207 1384 usbscan - ok
    10:43:36.0221 1384 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    10:43:36.0259 1384 USBSTOR - ok
    10:43:36.0269 1384 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    10:43:36.0311 1384 usbuhci - ok
    10:43:36.0338 1384 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
    10:43:36.0380 1384 UxSms - ok
    10:43:36.0416 1384 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
    10:43:36.0462 1384 vds - ok
    10:43:36.0476 1384 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    10:43:36.0528 1384 vga - ok
    10:43:36.0540 1384 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    10:43:36.0592 1384 VgaSave - ok
    10:43:36.0603 1384 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    10:43:36.0620 1384 viaagp - ok
    10:43:36.0636 1384 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    10:43:36.0671 1384 ViaC7 - ok
    10:43:36.0677 1384 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    10:43:36.0696 1384 viaide - ok
    10:43:36.0712 1384 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    10:43:36.0735 1384 volmgr - ok
    10:43:36.0764 1384 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    10:43:36.0797 1384 volmgrx - ok
    10:43:36.0814 1384 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    10:43:36.0843 1384 volsnap - ok
    10:43:36.0884 1384 Vsdatant (6983d0bcac64c2d7460c2125f804f118) C:\Windows\system32\DRIVERS\vsdatant.sys
    10:43:36.0915 1384 Vsdatant - ok
    10:43:36.0920 1384 vsdatant7 - ok
    10:43:36.0964 1384 vsmon - ok
    10:43:37.0017 1384 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    10:43:37.0045 1384 vsmraid - ok
    10:43:37.0112 1384 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
    10:43:37.0198 1384 VSS - ok
    10:43:37.0287 1384 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
    10:43:37.0345 1384 vToolbarUpdater11.0.2 - ok
    10:43:37.0455 1384 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
    10:43:37.0491 1384 W32Time - ok
    10:43:37.0532 1384 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    10:43:37.0592 1384 WacomPen - ok
    10:43:37.0605 1384 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    10:43:37.0652 1384 Wanarp - ok
    10:43:37.0655 1384 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    10:43:37.0686 1384 Wanarpv6 - ok
    10:43:37.0716 1384 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
    10:43:37.0760 1384 wcncsvc - ok
    10:43:37.0782 1384 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
    10:43:37.0823 1384 WcsPlugInService - ok
    10:43:37.0835 1384 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    10:43:37.0858 1384 Wd - ok
    10:43:37.0894 1384 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    10:43:37.0933 1384 Wdf01000 - ok
    10:43:37.0968 1384 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    10:43:38.0011 1384 WdiServiceHost - ok
    10:43:38.0016 1384 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    10:43:38.0053 1384 WdiSystemHost - ok
    10:43:38.0081 1384 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
    10:43:38.0108 1384 WebClient - ok
    10:43:38.0120 1384 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
    10:43:38.0166 1384 Wecsvc - ok
    10:43:38.0175 1384 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
    10:43:38.0219 1384 wercplsupport - ok
    10:43:38.0239 1384 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
    10:43:38.0271 1384 WerSvc - ok
    10:43:38.0325 1384 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
    10:43:38.0353 1384 WinDefend - ok
    10:43:38.0364 1384 WinHttpAutoProxySvc - ok
    10:43:38.0412 1384 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
    10:43:38.0441 1384 Winmgmt - ok
    10:43:38.0491 1384 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
    10:43:38.0541 1384 WinRM - ok
    10:43:38.0587 1384 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
    10:43:38.0638 1384 Wlansvc - ok
    10:43:38.0678 1384 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    10:43:38.0693 1384 wlcrasvc - ok
    10:43:38.0812 1384 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    10:43:38.0889 1384 wlidsvc - ok
    10:43:38.0982 1384 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    10:43:39.0046 1384 WmiAcpi - ok
    10:43:39.0089 1384 WmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
    10:43:39.0133 1384 WmiApSrv - ok
    10:43:39.0237 1384 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
    10:43:39.0300 1384 WMPNetworkSvc - ok
    10:43:39.0318 1384 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
    10:43:39.0368 1384 WPCSvc - ok
    10:43:39.0380 1384 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
    10:43:39.0423 1384 WPDBusEnum - ok
    10:43:39.0527 1384 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    10:43:39.0570 1384 WPFFontCache_v0400 - ok
    10:43:39.0598 1384 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    10:43:39.0643 1384 ws2ifsl - ok
    10:43:39.0666 1384 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
    10:43:39.0695 1384 wscsvc - ok
    10:43:39.0700 1384 WSearch - ok
    10:43:39.0820 1384 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
    10:43:39.0902 1384 wuauserv - ok
    10:43:39.0973 1384 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
    10:43:40.0038 1384 wudfsvc - ok
    10:43:40.0056 1384 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    10:43:40.0366 1384 \Device\Harddisk0\DR0 - ok
    10:43:40.0370 1384 Boot (0x1200) (1564506fc0713d153b896ad06c0f6c1f) \Device\Harddisk0\DR0\Partition0
    10:43:40.0371 1384 \Device\Harddisk0\DR0\Partition0 - ok
    10:43:40.0372 1384 ============================================================
    10:43:40.0372 1384 Scan finished
    10:43:40.0372 1384 ============================================================
    10:43:40.0390 2568 Detected object count: 10
    10:43:40.0390 2568 Actual detected object count: 10
    10:45:00.0676 2568 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0676 2568 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0680 2568 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0680 2568 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0683 2568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0683 2568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0685 2568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0685 2568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0687 2568 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0687 2568 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0690 2568 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0690 2568 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0693 2568 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0693 2568 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0696 2568 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0696 2568 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0698 2568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0698 2568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0700 2568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0700 2568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:43.0663 3304 ============================================================
    10:45:43.0663 3304 Scan started
    10:45:43.0663 3304 Mode: Manual; SigCheck;
    10:45:43.0663 3304 ============================================================
    10:45:44.0042 3304 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    10:45:44.0070 3304 !SASCORE - ok
    10:45:44.0141 3304 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    10:45:44.0163 3304 ACPI - ok
    10:45:44.0206 3304 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    10:45:44.0222 3304 AdobeActiveFileMonitor6.0 - ok
    10:45:44.0258 3304 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    10:45:44.0273 3304 AdobeARMservice - ok
    10:45:44.0319 3304 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    10:45:44.0337 3304 AdobeFlashPlayerUpdateSvc - ok
    10:45:44.0376 3304 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    10:45:44.0400 3304 adp94xx - ok
    10:45:44.0452 3304 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    10:45:44.0471 3304 adpahci - ok
    10:45:44.0495 3304 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    10:45:44.0512 3304 adpu160m - ok
    10:45:44.0528 3304 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    10:45:44.0545 3304 adpu320 - ok
    10:45:44.0623 3304 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
    10:45:44.0654 3304 AdvancedSystemCareService5 - ok
    10:45:44.0687 3304 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
    10:45:44.0717 3304 AeLookupSvc - ok
    10:45:44.0743 3304 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    10:45:44.0774 3304 AFD - ok
    10:45:44.0785 3304 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    10:45:44.0801 3304 agp440 - ok
    10:45:44.0811 3304 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    10:45:44.0828 3304 aic78xx - ok
    10:45:44.0844 3304 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
    10:45:44.0876 3304 ALG - ok
    10:45:44.0893 3304 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    10:45:44.0909 3304 aliide - ok
    10:45:44.0935 3304 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    10:45:44.0951 3304 amdagp - ok
    10:45:44.0981 3304 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    10:45:44.0996 3304 amdide - ok
    10:45:45.0016 3304 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    10:45:45.0048 3304 AmdK7 - ok
    10:45:45.0067 3304 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
    10:45:45.0100 3304 AmdK8 - ok
    10:45:45.0139 3304 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
    10:45:45.0154 3304 AntiVirSchedulerService - ok
    10:45:45.0178 3304 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    10:45:45.0194 3304 AntiVirService - ok
    10:45:45.0218 3304 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
    10:45:45.0242 3304 Appinfo - ok
    10:45:45.0274 3304 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    10:45:45.0291 3304 arc - ok
    10:45:45.0303 3304 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    10:45:45.0320 3304 arcsas - ok
    10:45:45.0382 3304 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    10:45:45.0398 3304 aspnet_state - ok
    10:45:45.0412 3304 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    10:45:45.0445 3304 AsyncMac - ok
    10:45:45.0475 3304 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    10:45:45.0492 3304 atapi - ok
    10:45:45.0520 3304 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    10:45:45.0555 3304 AudioEndpointBuilder - ok
    10:45:45.0560 3304 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    10:45:45.0591 3304 Audiosrv - ok
    10:45:45.0610 3304 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
    10:45:45.0625 3304 avgntflt - ok
    10:45:45.0648 3304 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
    10:45:45.0663 3304 avipbb - ok
    10:45:45.0675 3304 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
    10:45:45.0690 3304 avkmgr - ok
    10:45:45.0701 3304 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    10:45:45.0734 3304 Beep - ok
    10:45:45.0764 3304 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
    10:45:45.0799 3304 BFE - ok
    10:45:45.0856 3304 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
    10:45:45.0902 3304 BITS - ok
    10:45:45.0934 3304 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    10:45:45.0976 3304 blbdrive - ok
    10:45:46.0042 3304 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
    10:45:46.0062 3304 Bonjour Service - ok
    10:45:46.0088 3304 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
    10:45:46.0121 3304 bowser - ok
    10:45:46.0131 3304 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    10:45:46.0160 3304 BrFiltLo - ok
    10:45:46.0171 3304 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    10:45:46.0199 3304 BrFiltUp - ok
    10:45:46.0218 3304 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
    10:45:46.0253 3304 Browser - ok
    10:45:46.0267 3304 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    10:45:46.0316 3304 Brserid - ok
    10:45:46.0325 3304 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    10:45:46.0375 3304 BrSerWdm - ok
    10:45:46.0385 3304 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    10:45:46.0434 3304 BrUsbMdm - ok
    10:45:46.0450 3304 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    10:45:46.0499 3304 BrUsbSer - ok
    10:45:46.0514 3304 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    10:45:46.0563 3304 BTHMODEM - ok
    10:45:46.0572 3304 catchme - ok
    10:45:46.0590 3304 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    10:45:46.0626 3304 cdfs - ok
    10:45:46.0648 3304 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    10:45:46.0678 3304 cdrom - ok
    10:45:46.0702 3304 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    10:45:46.0730 3304 CertPropSvc - ok
    10:45:46.0748 3304 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    10:45:46.0781 3304 circlass - ok
    10:45:46.0808 3304 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    10:45:46.0828 3304 CLFS - ok
    10:45:46.0875 3304 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    10:45:46.0892 3304 clr_optimization_v2.0.50727_32 - ok
    10:45:46.0943 3304 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    10:45:46.0969 3304 clr_optimization_v4.0.30319_32 - ok
    10:45:46.0998 3304 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    10:45:47.0013 3304 cmdide - ok
    10:45:47.0023 3304 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
    10:45:47.0038 3304 Compbatt - ok
    10:45:47.0043 3304 COMSysApp - ok
    10:45:47.0050 3304 cpuz134 - ok
    10:45:47.0076 3304 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    10:45:47.0091 3304 crcdisk - ok
    10:45:47.0105 3304 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    10:45:47.0139 3304 Crusoe - ok
    10:45:47.0171 3304 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
    10:45:47.0200 3304 CryptSvc - ok
    10:45:47.0264 3304 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    10:45:47.0320 3304 DcomLaunch - ok
    10:45:47.0340 3304 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    10:45:47.0369 3304 DfsC - ok
    10:45:47.0486 3304 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
    10:45:47.0581 3304 DFSR - ok
    10:45:47.0667 3304 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
    10:45:47.0699 3304 Dhcp - ok
    10:45:47.0726 3304 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    10:45:47.0744 3304 disk - ok
    10:45:47.0768 3304 Dnscache (30a08728740e71947ae1e073b5ce69b4) C:\Windows\System32\dnsrslvr.dll
    10:45:47.0800 3304 Dnscache - ok
    10:45:47.0825 3304 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
    10:45:47.0855 3304 dot3svc - ok
    10:45:47.0877 3304 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
    10:45:47.0911 3304 Dot4 - ok
    10:45:47.0922 3304 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    10:45:47.0957 3304 Dot4Print - ok
    10:45:47.0981 3304 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
    10:45:48.0013 3304 dot4usb - ok
    10:45:48.0026 3304 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
    10:45:48.0062 3304 DPS - ok
    10:45:48.0080 3304 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    10:45:48.0110 3304 drmkaud - ok
    10:45:48.0153 3304 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
    10:45:48.0227 3304 DXGKrnl - ok
    10:45:48.0245 3304 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    10:45:48.0281 3304 E1G60 - ok
    10:45:48.0292 3304 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
    10:45:48.0322 3304 EapHost - ok
    10:45:48.0349 3304 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    10:45:48.0368 3304 Ecache - ok
    10:45:48.0401 3304 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
    10:45:48.0427 3304 ehRecvr - ok
    10:45:48.0449 3304 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
    10:45:48.0471 3304 ehSched - ok
    10:45:48.0480 3304 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
    10:45:48.0501 3304 ehstart - ok
    10:45:48.0533 3304 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    10:45:48.0565 3304 elxstor - ok
    10:45:48.0609 3304 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
    10:45:48.0666 3304 EMDMgmt - ok
    10:45:48.0671 3304 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    10:45:48.0706 3304 ErrDev - ok
    10:45:48.0759 3304 ETService (23112102bc2a8fe44b8ac44a05bdf4c3) C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
    10:45:48.0771 3304 ETService ( UnsignedFile.Multi.Generic ) - warning
    10:45:48.0771 3304 ETService - detected UnsignedFile.Multi.Generic (1)
    10:45:48.0801 3304 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
    10:45:48.0837 3304 EventSystem - ok
    10:45:48.0856 3304 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    10:45:48.0909 3304 exfat - ok
    10:45:48.0939 3304 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
    10:45:48.0953 3304 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
    10:45:48.0954 3304 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
    10:45:48.0999 3304 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    10:45:49.0028 3304 fastfat - ok
    10:45:49.0039 3304 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    10:45:49.0075 3304 fdc - ok
    10:45:49.0088 3304 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
    10:45:49.0126 3304 fdPHost - ok
    10:45:49.0132 3304 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
    10:45:49.0183 3304 FDResPub - ok
    10:45:49.0201 3304 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    10:45:49.0218 3304 FileInfo - ok
    10:45:49.0228 3304 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    10:45:49.0262 3304 Filetrace - ok
    10:45:49.0319 3304 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    10:45:49.0342 3304 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
    10:45:49.0342 3304 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
    10:45:49.0358 3304 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    10:45:49.0391 3304 flpydisk - ok
    10:45:49.0416 3304 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    10:45:49.0435 3304 FltMgr - ok
    10:45:49.0512 3304 FontCache (d49705f25390265cad9b620f55ea968c) C:\Windows\system32\FntCache.dll
    10:45:49.0546 3304 FontCache - ok
    10:45:49.0616 3304 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    10:45:49.0640 3304 FontCache3.0.0.0 - ok
    10:45:49.0666 3304 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
    10:45:49.0681 3304 fssfltr - ok
    10:45:49.0796 3304 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    10:45:49.0899 3304 fsssvc - ok
    10:45:50.0008 3304 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    10:45:50.0036 3304 Fs_Rec - ok
    10:45:50.0060 3304 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    10:45:50.0076 3304 gagp30kx - ok
    10:45:50.0108 3304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    10:45:50.0121 3304 GEARAspiWDM - ok
    10:45:50.0178 3304 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    10:45:50.0192 3304 GoogleDesktopManager-051210-111108 - ok
    10:45:50.0196 3304 GoogleDesktopManager-110309-193829 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    10:45:50.0210 3304 GoogleDesktopManager-110309-193829 - ok
    10:45:50.0235 3304 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
    10:45:50.0249 3304 GoToAssist - ok
    10:45:50.0297 3304 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
    10:45:50.0334 3304 gpsvc - ok
    10:45:50.0367 3304 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    10:45:50.0392 3304 gupdate - ok
    10:45:50.0396 3304 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    10:45:50.0413 3304 gupdatem - ok
    10:45:50.0442 3304 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    10:45:50.0457 3304 gusvc - ok
    10:45:50.0499 3304 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
    10:45:50.0531 3304 HdAudAddService - ok
    10:45:50.0576 3304 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    10:45:50.0616 3304 HDAudBus - ok
    10:45:50.0641 3304 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    10:45:50.0691 3304 HidBth - ok
    10:45:50.0700 3304 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    10:45:50.0749 3304 HidIr - ok
    10:45:50.0763 3304 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
    10:45:50.0786 3304 hidserv - ok
    10:45:50.0803 3304 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    10:45:50.0831 3304 HidUsb - ok
    10:45:50.0848 3304 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
    10:45:50.0883 3304 hkmsvc - ok
    10:45:50.0895 3304 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    10:45:50.0910 3304 HpCISSs - ok
    10:45:50.0977 3304 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
    10:45:50.0990 3304 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
    10:45:50.0990 3304 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
    10:45:51.0024 3304 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
    10:45:51.0037 3304 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
    10:45:51.0037 3304 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
    10:45:51.0085 3304 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    10:45:51.0113 3304 HTTP - ok
    10:45:51.0132 3304 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    10:45:51.0148 3304 i2omp - ok
    10:45:51.0160 3304 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    10:45:51.0189 3304 i8042prt - ok
    10:45:51.0216 3304 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    10:45:51.0241 3304 iaStorV - ok
    10:45:51.0323 3304 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    10:45:51.0364 3304 idsvc - ok
    10:45:51.0383 3304 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    10:45:51.0399 3304 iirsp - ok
    10:45:51.0441 3304 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
    10:45:51.0508 3304 IKEEXT - ok
    10:45:51.0534 3304 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
    10:45:51.0548 3304 int15 - ok
    10:45:51.0748 3304 IntcAzAudAddService (bfcd7edc663f513e7c4a0b9400e58c70) C:\Windows\system32\drivers\RTKVHDA.sys
    10:45:52.0004 3304 IntcAzAudAddService - ok
    10:45:52.0097 3304 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    10:45:52.0113 3304 intelide - ok
    10:45:52.0141 3304 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    10:45:52.0174 3304 intelppm - ok
    10:45:52.0209 3304 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
    10:45:52.0243 3304 IPBusEnum - ok
    10:45:52.0258 3304 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    10:45:52.0293 3304 IpFilterDriver - ok
    10:45:52.0319 3304 iphlpsvc (7f83b06a929a981bc001b2ea304d2036) C:\Windows\System32\iphlpsvc.dll
    10:45:52.0357 3304 iphlpsvc - ok
    10:45:52.0362 3304 IpInIp - ok
    10:45:52.0376 3304 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    10:45:52.0409 3304 IPMIDRV - ok
    10:45:52.0438 3304 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    10:45:52.0474 3304 IPNAT - ok
    10:45:52.0502 3304 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    10:45:52.0534 3304 IRENUM - ok
    10:45:52.0547 3304 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    10:45:52.0564 3304 isapnp - ok
    10:45:52.0594 3304 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    10:45:52.0621 3304 iScsiPrt - ok
    10:45:52.0665 3304 ISWKL (ee8bed092a58a4faeb08dc140729189e) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
    10:45:52.0679 3304 ISWKL - ok
    10:45:52.0724 3304 IswSvc (aa7fd6a7532ef23fdcfc030195c148f9) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    10:45:52.0745 3304 IswSvc - ok
    10:45:52.0760 3304 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    10:45:52.0776 3304 iteatapi - ok
    10:45:52.0790 3304 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    10:45:52.0805 3304 iteraid - ok
    10:45:52.0813 3304 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    10:45:52.0828 3304 kbdclass - ok
    10:45:52.0852 3304 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
    10:45:52.0884 3304 kbdhid - ok
    10:45:52.0907 3304 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:45:52.0940 3304 KeyIso - ok
    10:45:52.0977 3304 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
    10:45:52.0993 3304 KL1 - ok
    10:45:53.0008 3304 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
    10:45:53.0021 3304 kl2 - ok
    10:45:53.0054 3304 KLIF (46fa00bef951762919b66269371c22af) C:\Windows\system32\DRIVERS\klif.sys
    10:45:53.0076 3304 KLIF - ok
    10:45:53.0100 3304 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    10:45:53.0124 3304 KSecDD - ok
    10:45:53.0306 3304 KService (0423bc118534ec23a063e54ebca9b92d) C:\Program Files\Kontiki\KService.exe
    10:45:53.0392 3304 KService - ok
    10:45:53.0484 3304 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
    10:45:53.0559 3304 KtmRm - ok
    10:45:53.0602 3304 LanmanServer (43446f197c74ef2030f84b3a4f39d570) C:\Windows\system32\srvsvc.dll
    10:45:53.0642 3304 LanmanServer - ok
    10:45:53.0668 3304 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
    10:45:53.0717 3304 LanmanWorkstation - ok
    10:45:53.0743 3304 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    10:45:53.0777 3304 lltdio - ok
    10:45:53.0808 3304 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
    10:45:53.0843 3304 lltdsvc - ok
    10:45:53.0855 3304 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
    10:45:53.0906 3304 lmhosts - ok
    10:45:53.0941 3304 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    10:45:53.0959 3304 LSI_FC - ok
    10:45:53.0976 3304 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    10:45:53.0994 3304 LSI_SAS - ok
    10:45:54.0010 3304 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    10:45:54.0029 3304 LSI_SCSI - ok
    10:45:54.0043 3304 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    10:45:54.0076 3304 luafv - ok
    10:45:54.0100 3304 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
    10:45:54.0116 3304 MBAMProtector - ok
    10:45:54.0196 3304 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    10:45:54.0230 3304 MBAMService - ok
    10:45:54.0286 3304 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
    10:45:54.0305 3304 McciCMService ( UnsignedFile.Multi.Generic ) - warning
    10:45:54.0305 3304 McciCMService - detected UnsignedFile.Multi.Generic (1)
    10:45:54.0329 3304 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
    10:45:54.0353 3304 Mcx2Svc - ok
    10:45:54.0362 3304 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    10:45:54.0377 3304 megasas - ok
    10:45:54.0409 3304 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    10:45:54.0458 3304 MegaSR - ok
    10:45:54.0485 3304 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    10:45:54.0520 3304 MMCSS - ok
    10:45:54.0539 3304 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    10:45:54.0572 3304 Modem - ok
    10:45:54.0584 3304 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    10:45:54.0617 3304 monitor - ok
    10:45:54.0636 3304 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    10:45:54.0651 3304 mouclass - ok
    10:45:54.0663 3304 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    10:45:54.0696 3304 mouhid - ok
    10:45:54.0715 3304 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    10:45:54.0730 3304 MountMgr - ok
    10:45:54.0767 3304 MozillaMaintenance (166f0cbff55d16552161c154317287ca) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    10:45:54.0785 3304 MozillaMaintenance - ok
    10:45:54.0803 3304 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
    10:45:54.0822 3304 MpFilter - ok
    10:45:54.0835 3304 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    10:45:54.0855 3304 mpio - ok
    10:45:54.0866 3304 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    10:45:54.0896 3304 mpsdrv - ok
    10:45:54.0940 3304 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
    10:45:55.0019 3304 MpsSvc - ok
    10:45:55.0036 3304 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    10:45:55.0051 3304 Mraid35x - ok
    10:45:55.0091 3304 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    10:45:55.0102 3304 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
    10:45:55.0102 3304 MREMP50 - detected UnsignedFile.Multi.Generic (1)
    10:45:55.0107 3304 MREMPR5 - ok
    10:45:55.0113 3304 MRENDIS5 - ok
    10:45:55.0128 3304 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    10:45:55.0138 3304 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
    10:45:55.0138 3304 MRESP50 - detected UnsignedFile.Multi.Generic (1)
    10:45:55.0167 3304 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    10:45:55.0194 3304 MRxDAV - ok
    10:45:55.0220 3304 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    10:45:55.0248 3304 mrxsmb - ok
    10:45:55.0272 3304 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    10:45:55.0302 3304 mrxsmb10 - ok
    10:45:55.0312 3304 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    10:45:55.0340 3304 mrxsmb20 - ok
    10:45:55.0357 3304 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
    10:45:55.0372 3304 msahci - ok
    10:45:55.0393 3304 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    10:45:55.0413 3304 msdsm - ok
    10:45:55.0447 3304 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
    10:45:55.0484 3304 MSDTC - ok
    10:45:55.0505 3304 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    10:45:55.0538 3304 Msfs - ok
    10:45:55.0559 3304 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    10:45:55.0574 3304 msisadrv - ok
    10:45:55.0600 3304 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
    10:45:55.0634 3304 MSiSCSI - ok
    10:45:55.0638 3304 msiserver - ok
    10:45:55.0657 3304 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    10:45:55.0691 3304 MSKSSRV - ok
    10:45:55.0721 3304 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
    10:45:55.0737 3304 MsMpSvc - ok
    10:45:55.0749 3304 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    10:45:55.0781 3304 MSPCLOCK - ok
    10:45:55.0786 3304 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    10:45:55.0819 3304 MSPQM - ok
    10:45:55.0844 3304 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    10:45:55.0863 3304 MsRPC - ok
    10:45:55.0872 3304 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    10:45:55.0888 3304 mssmbios - ok
    10:45:55.0893 3304 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    10:45:55.0929 3304 MSTEE - ok
    10:45:55.0936 3304 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    10:45:55.0953 3304 Mup - ok
    10:45:55.0991 3304 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
    10:45:56.0051 3304 napagent - ok
    10:45:56.0083 3304 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    10:45:56.0116 3304 NativeWifiP - ok
    10:45:56.0150 3304 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    10:45:56.0190 3304 NDIS - ok
    10:45:56.0202 3304 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    10:45:56.0230 3304 NdisTapi - ok
    10:45:56.0245 3304 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    10:45:56.0278 3304 Ndisuio - ok
    10:45:56.0297 3304 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    10:45:56.0326 3304 NdisWan - ok
    10:45:56.0344 3304 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    10:45:56.0372 3304 NDProxy - ok
    10:45:56.0394 3304 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
    10:45:56.0406 3304 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    10:45:56.0406 3304 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    10:45:56.0426 3304 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    10:45:56.0459 3304 NetBIOS - ok
    10:45:56.0478 3304 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    10:45:56.0508 3304 netbt - ok
    10:45:56.0532 3304 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:45:56.0555 3304 Netlogon - ok
    10:45:56.0599 3304 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
    10:45:56.0639 3304 Netman - ok
    10:45:56.0691 3304 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:45:56.0708 3304 NetMsmqActivator - ok
    10:45:56.0712 3304 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:45:56.0729 3304 NetPipeActivator - ok
    10:45:56.0756 3304 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
    10:45:56.0806 3304 netprofm - ok
    10:45:56.0810 3304 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:45:56.0826 3304 NetTcpActivator - ok
    10:45:56.0831 3304 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:45:56.0847 3304 NetTcpPortSharing - ok
    10:45:56.0875 3304 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    10:45:56.0891 3304 nfrd960 - ok
    10:45:56.0912 3304 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    10:45:56.0928 3304 NisDrv - ok
    10:45:56.0974 3304 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
    10:45:57.0043 3304 NisSrv - ok
    10:45:57.0061 3304 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
    10:45:57.0120 3304 NlaSvc - ok
    10:45:57.0137 3304 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    10:45:57.0166 3304 Npfs - ok
    10:45:57.0181 3304 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
    10:45:57.0215 3304 nsi - ok
    10:45:57.0223 3304 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    10:45:57.0256 3304 nsiproxy - ok
    10:45:57.0337 3304 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    10:45:57.0373 3304 Ntfs - ok
    10:45:57.0402 3304 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    10:45:57.0452 3304 ntrigdigi - ok
    10:45:57.0476 3304 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    10:45:57.0508 3304 Null - ok
    10:45:57.0537 3304 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
    10:45:57.0554 3304 NVHDA - ok
    10:45:58.0107 3304 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    10:45:58.0395 3304 nvlddmkm - ok
    10:45:58.0479 3304 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    10:45:58.0501 3304 nvraid - ok
    10:45:58.0530 3304 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    10:45:58.0548 3304 nvstor - ok
    10:45:58.0574 3304 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
    10:45:58.0600 3304 nvstor32 - ok
    10:45:58.0649 3304 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
    10:45:58.0695 3304 nvsvc - ok
    10:45:58.0864 3304 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    10:45:58.0977 3304 nvUpdatusService - ok
    10:45:59.0117 3304 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    10:45:59.0138 3304 nv_agp - ok
    10:45:59.0144 3304 NwlnkFlt - ok
    10:45:59.0152 3304 NwlnkFwd - ok
    10:45:59.0184 3304 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
    10:45:59.0240 3304 ohci1394 - ok
    10:45:59.0279 3304 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    10:45:59.0306 3304 ose - ok
    10:45:59.0576 3304 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    10:45:59.0794 3304 osppsvc - ok
    10:45:59.0943 3304 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:46:00.0026 3304 p2pimsvc - ok
    10:46:00.0035 3304 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:46:00.0072 3304 p2psvc - ok
    10:46:00.0102 3304 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    10:46:00.0160 3304 Parport - ok
    10:46:00.0180 3304 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
    10:46:00.0194 3304 Partizan - ok
    10:46:00.0213 3304 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    10:46:00.0230 3304 partmgr - ok
    10:46:00.0245 3304 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    10:46:00.0293 3304 Parvdm - ok
    10:46:00.0311 3304 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
    10:46:00.0335 3304 PcaSvc - ok
    10:46:00.0352 3304 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    10:46:00.0370 3304 pci - ok
    10:46:00.0379 3304 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
    10:46:00.0395 3304 pciide - ok
    10:46:00.0425 3304 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    10:46:00.0452 3304 pcmcia - ok
    10:46:00.0521 3304 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    10:46:00.0585 3304 PEAUTH - ok
    10:46:00.0684 3304 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
    10:46:00.0764 3304 pla - ok
    10:46:00.0871 3304 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
    10:46:00.0924 3304 PlugPlay - ok
    10:46:00.0969 3304 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
    10:46:00.0980 3304 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    10:46:00.0980 3304 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    10:46:01.0050 3304 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:46:01.0083 3304 PNRPAutoReg - ok
    10:46:01.0092 3304 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:46:01.0124 3304 PNRPsvc - ok
    10:46:01.0156 3304 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
    10:46:01.0190 3304 PolicyAgent - ok
    10:46:01.0227 3304 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    10:46:01.0259 3304 PptpMiniport - ok
    10:46:01.0288 3304 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    10:46:01.0321 3304 Processor - ok
    10:46:01.0340 3304 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
    10:46:01.0373 3304 ProfSvc - ok
    10:46:01.0399 3304 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:46:01.0422 3304 ProtectedStorage - ok
    10:46:01.0449 3304 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    10:46:01.0476 3304 PSched - ok
    10:46:01.0483 3304 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
    10:46:01.0498 3304 PxHelp20 - ok
    10:46:01.0566 3304 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    10:46:01.0637 3304 ql2300 - ok
    10:46:01.0656 3304 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    10:46:01.0675 3304 ql40xx - ok
    10:46:01.0705 3304 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
    10:46:01.0732 3304 QWAVE - ok
    10:46:01.0748 3304 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    10:46:01.0770 3304 QWAVEdrv - ok
    10:46:01.0783 3304 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    10:46:01.0815 3304 RasAcd - ok
    10:46:01.0835 3304 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
    10:46:01.0869 3304 RasAuto - ok
    10:46:01.0884 3304 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    10:46:01.0917 3304 Rasl2tp - ok
    10:46:01.0945 3304 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
    10:46:01.0981 3304 RasMan - ok
    10:46:02.0002 3304 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    10:46:02.0031 3304 RasPppoe - ok
    10:46:02.0047 3304 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    10:46:02.0069 3304 RasSstp - ok
    10:46:02.0105 3304 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    10:46:02.0134 3304 rdbss - ok
    10:46:02.0144 3304 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    10:46:02.0176 3304 RDPCDD - ok
    10:46:02.0203 3304 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    10:46:02.0260 3304 rdpdr - ok
    10:46:02.0265 3304 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    10:46:02.0299 3304 RDPENCDD - ok
    10:46:02.0327 3304 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
    10:46:02.0351 3304 RDPWD - ok
    10:46:02.0369 3304 RegGuard (37ecebdd930395a9c399fb18a3c236d3) C:\Windows\system32\Drivers\regguard.sys
    10:46:02.0383 3304 RegGuard - ok
    10:46:02.0402 3304 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
    10:46:02.0437 3304 RemoteAccess - ok
    10:46:02.0460 3304 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
    10:46:02.0490 3304 RemoteRegistry - ok
    10:46:02.0503 3304 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
    10:46:02.0526 3304 RpcLocator - ok
    10:46:02.0631 3304 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    10:46:02.0673 3304 RpcSs - ok
    10:46:02.0696 3304 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    10:46:02.0728 3304 rspndr - ok
    10:46:02.0771 3304 RTL8169 (06992132cf20c3c1cba3f072c4086de8) C:\Windows\system32\DRIVERS\Rtlh86.sys
    10:46:02.0789 3304 RTL8169 - ok
    10:46:02.0807 3304 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:46:02.0830 3304 SamSs - ok
    10:46:02.0867 3304 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    10:46:02.0881 3304 SASDIFSV - ok
    10:46:02.0891 3304 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    10:46:02.0907 3304 SASKUTIL - ok
    10:46:02.0923 3304 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    10:46:02.0941 3304 sbp2port - ok
    10:46:03.0053 3304 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    10:46:03.0106 3304 SBSDWSCService - ok
    10:46:03.0129 3304 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
    10:46:03.0159 3304 SCardSvr - ok
    10:46:03.0201 3304 Schedule (323ae0bdfd2eb15b668dda50cc597329) C:\Windows\system32\schedsvc.dll
    10:46:03.0241 3304 Schedule - ok
    10:46:03.0268 3304 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    10:46:03.0296 3304 SCPolicySvc - ok
    10:46:03.0313 3304 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
    10:46:03.0338 3304 SDRSVC - ok
    10:46:03.0364 3304 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    10:46:03.0413 3304 secdrv - ok
    10:46:03.0445 3304 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
    10:46:03.0479 3304 seclogon - ok
    10:46:03.0496 3304 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
    10:46:03.0531 3304 SENS - ok
    10:46:03.0541 3304 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    10:46:03.0590 3304 Serenum - ok
    10:46:03.0614 3304 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    10:46:03.0665 3304 Serial - ok
    10:46:03.0676 3304 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    10:46:03.0709 3304 sermouse - ok
    10:46:03.0785 3304 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
    10:46:03.0833 3304 SessionEnv - ok
    10:46:03.0847 3304 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    10:46:03.0875 3304 sffdisk - ok
    10:46:03.0887 3304 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    10:46:03.0919 3304 sffp_mmc - ok
    10:46:03.0936 3304 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    10:46:03.0968 3304 sffp_sd - ok
    10:46:04.0002 3304 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    10:46:04.0050 3304 sfloppy - ok
    10:46:04.0081 3304 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
    10:46:04.0129 3304 SharedAccess - ok
    10:46:04.0153 3304 ShellHWDetection (c818c44c201898399bf999bb6b35d4e3) C:\Windows\System32\shsvcs.dll
    10:46:04.0187 3304 ShellHWDetection - ok
    10:46:04.0198 3304 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    10:46:04.0215 3304 sisagp - ok
    10:46:04.0229 3304 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    10:46:04.0245 3304 SiSRaid2 - ok
    10:46:04.0257 3304 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    10:46:04.0274 3304 SiSRaid4 - ok
    10:46:04.0474 3304 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
    10:46:04.0595 3304 slsvc - ok
    10:46:04.0676 3304 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
    10:46:04.0709 3304 SLUINotify - ok
    10:46:04.0747 3304 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
    10:46:04.0761 3304 SmartDefragDriver - ok
    10:46:04.0787 3304 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    10:46:04.0818 3304 Smb - ok
    10:46:04.0848 3304 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
    10:46:04.0872 3304 SNMPTRAP - ok
    10:46:04.0887 3304 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    10:46:04.0904 3304 spldr - ok
    10:46:04.0926 3304 Spooler (524bfbea40e6e404737ccbc754647a2e) C:\Windows\System32\spoolsv.exe
    10:46:04.0960 3304 Spooler - ok
    10:46:04.0985 3304 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
    10:46:05.0014 3304 srv - ok
    10:46:05.0040 3304 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
    10:46:05.0063 3304 srv2 - ok
    10:46:05.0087 3304 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
    10:46:05.0115 3304 srvnet - ok
    10:46:05.0126 3304 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
    10:46:05.0163 3304 SSDPSRV - ok
    10:46:05.0186 3304 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
    10:46:05.0199 3304 ssmdrv - ok
    10:46:05.0219 3304 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
    10:46:05.0253 3304 SstpSvc - ok
    10:46:05.0291 3304 Steam Client Service - ok
    10:46:05.0310 3304 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
    10:46:05.0338 3304 StillCam - ok
    10:46:05.0381 3304 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
    10:46:05.0413 3304 stisvc - ok
    10:46:05.0429 3304 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    10:46:05.0445 3304 swenum - ok
    10:46:05.0466 3304 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
    10:46:05.0500 3304 swprv - ok
    10:46:05.0529 3304 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    10:46:05.0544 3304 Symc8xx - ok
    10:46:05.0578 3304 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    10:46:05.0593 3304 Sym_hi - ok
    10:46:05.0609 3304 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    10:46:05.0624 3304 Sym_u3 - ok
    10:46:05.0667 3304 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
    10:46:05.0706 3304 SysMain - ok
    10:46:05.0727 3304 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
    10:46:05.0752 3304 TabletInputService - ok
    10:46:05.0778 3304 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
    10:46:05.0814 3304 TapiSrv - ok
    10:46:05.0827 3304 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
    10:46:05.0861 3304 TBS - ok
    10:46:05.0943 3304 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys
    10:46:05.0978 3304 Tcpip - ok
    10:46:05.0990 3304 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys
    10:46:06.0024 3304 Tcpip6 - ok
    10:46:06.0059 3304 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys
    10:46:06.0080 3304 tcpipreg - ok
    10:46:06.0090 3304 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    10:46:06.0122 3304 TDPIPE - ok
    10:46:06.0137 3304 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    10:46:06.0169 3304 TDTCP - ok
    10:46:06.0193 3304 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    10:46:06.0222 3304 tdx - ok
    10:46:06.0248 3304 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    10:46:06.0265 3304 TermDD - ok
    10:46:06.0314 3304 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
    10:46:06.0365 3304 TermService - ok
    10:46:06.0390 3304 Themes (c818c44c201898399bf999bb6b35d4e3) C:\Windows\system32\shsvcs.dll
    10:46:06.0422 3304 Themes - ok
    10:46:06.0460 3304 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    10:46:06.0494 3304 THREADORDER - ok
    10:46:06.0528 3304 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
    10:46:06.0568 3304 TrkWks - ok
    10:46:06.0611 3304 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
    10:46:06.0639 3304 TrustedInstaller - ok
    10:46:06.0653 3304 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    10:46:06.0685 3304 tssecsrv - ok
    10:46:06.0698 3304 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    10:46:06.0721 3304 tunmp - ok
    10:46:06.0727 3304 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
    10:46:06.0756 3304 tunnel - ok
    10:46:06.0775 3304 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    10:46:06.0791 3304 uagp35 - ok
    10:46:06.0811 3304 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    10:46:06.0847 3304 udfs - ok
    10:46:06.0865 3304 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
    10:46:06.0900 3304 UI0Detect - ok
    10:46:06.0917 3304 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    10:46:06.0934 3304 uliagpkx - ok
    10:46:06.0980 3304 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    10:46:07.0014 3304 uliahci - ok
    10:46:07.0029 3304 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    10:46:07.0048 3304 UlSata - ok
    10:46:07.0061 3304 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    10:46:07.0080 3304 ulsata2 - ok
    10:46:07.0090 3304 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    10:46:07.0123 3304 umbus - ok
    10:46:07.0144 3304 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
    10:46:07.0184 3304 upnphost - ok
    10:46:07.0198 3304 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    10:46:07.0227 3304 usbccgp - ok
    10:46:07.0242 3304 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    10:46:07.0292 3304 usbcir - ok
    10:46:07.0312 3304 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    10:46:07.0340 3304 usbehci - ok
    10:46:07.0367 3304 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    10:46:07.0396 3304 usbhub - ok
    10:46:07.0403 3304 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
    10:46:07.0434 3304 usbohci - ok
    10:46:07.0459 3304 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    10:46:07.0492 3304 usbprint - ok
    10:46:07.0512 3304 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    10:46:07.0539 3304 usbscan - ok
    10:46:07.0547 3304 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    10:46:07.0575 3304 USBSTOR - ok
    10:46:07.0584 3304 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    10:46:07.0612 3304 usbuhci - ok
    10:46:07.0629 3304 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
    10:46:07.0658 3304 UxSms - ok
    10:46:07.0685 3304 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
    10:46:07.0720 3304 vds - ok
    10:46:07.0734 3304 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    10:46:07.0766 3304 vga - ok
    10:46:07.0781 3304 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    10:46:07.0813 3304 VgaSave - ok
    10:46:07.0827 3304 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    10:46:07.0843 3304 viaagp - ok
    10:46:07.0852 3304 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    10:46:07.0885 3304 ViaC7 - ok
    10:46:07.0891 3304 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    10:46:07.0907 3304 viaide - ok
    10:46:07.0919 3304 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    10:46:07.0935 3304 volmgr - ok
    10:46:07.0979 3304 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    10:46:07.0999 3304 volmgrx - ok
    10:46:08.0014 3304 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    10:46:08.0033 3304 volsnap - ok
    10:46:08.0072 3304 Vsdatant (6983d0bcac64c2d7460c2125f804f118) C:\Windows\system32\DRIVERS\vsdatant.sys
    10:46:08.0094 3304 Vsdatant - ok
    10:46:08.0100 3304 vsdatant7 - ok
    10:46:08.0138 3304 vsmon - ok
    10:46:08.0157 3304 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    10:46:08.0176 3304 vsmraid - ok
    10:46:08.0244 3304 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
    10:46:08.0290 3304 VSS - ok
    10:46:08.0386 3304 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
    10:46:08.0418 3304 vToolbarUpdater11.0.2 - ok
    10:46:08.0504 3304 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
    10:46:08.0538 3304 W32Time - ok
    10:46:08.0563 3304 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    10:46:08.0612 3304 WacomPen - ok
    10:46:08.0629 3304 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    10:46:08.0657 3304 Wanarp - ok
    10:46:08.0661 3304 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    10:46:08.0690 3304 Wanarpv6 - ok
    10:46:08.0730 3304 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
    10:46:08.0761 3304 wcncsvc - ok
    10:46:08.0789 3304 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
    10:46:08.0821 3304 WcsPlugInService - ok
    10:46:08.0842 3304 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    10:46:08.0857 3304 Wd - ok
    10:46:08.0892 3304 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    10:46:08.0917 3304 Wdf01000 - ok
    10:46:08.0947 3304 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    10:46:08.0983 3304 WdiServiceHost - ok
    10:46:08.0987 3304 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    10:46:09.0022 3304 WdiSystemHost - ok
    10:46:09.0036 3304 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
    10:46:09.0064 3304 WebClient - ok
    10:46:09.0076 3304 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
    10:46:09.0111 3304 Wecsvc - ok
    10:46:09.0119 3304 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
    10:46:09.0150 3304 wercplsupport - ok
    10:46:09.0163 3304 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
    10:46:09.0195 3304 WerSvc - ok
    10:46:09.0249 3304 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
    10:46:09.0268 3304 WinDefend - ok
    10:46:09.0278 3304 WinHttpAutoProxySvc - ok
    10:46:09.0318 3304 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
    10:46:09.0357 3304 Winmgmt - ok
    10:46:09.0406 3304 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
    10:46:09.0448 3304 WinRM - ok
    10:46:09.0494 3304 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
    10:46:09.0524 3304 Wlansvc - ok
    10:46:09.0552 3304 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    10:46:09.0566 3304 wlcrasvc - ok
    10:46:09.0685 3304 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    10:46:09.0771 3304 wlidsvc - ok
    10:46:09.0872 3304 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    10:46:09.0900 3304 WmiAcpi - ok
    10:46:09.0943 3304 WmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
    10:46:09.0971 3304 WmiApSrv - ok
    10:46:10.0046 3304 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
    10:46:10.0092 3304 WMPNetworkSvc - ok
    10:46:10.0107 3304 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
    10:46:10.0131 3304 WPCSvc - ok
    10:46:10.0154 3304 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
    10:46:10.0179 3304 WPDBusEnum - ok
    10:46:10.0267 3304 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    10:46:10.0295 3304 WPFFontCache_v0400 - ok
    10:46:10.0315 3304 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    10:46:10.0348 3304 ws2ifsl - ok
    10:46:10.0373 3304 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
    10:46:10.0401 3304 wscsvc - ok
    10:46:10.0406 3304 WSearch - ok
    10:46:10.0539 3304 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
    10:46:10.0625 3304 wuauserv - ok
    10:46:10.0696 3304 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
    10:46:10.0733 3304 wudfsvc - ok
    10:46:10.0754 3304 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    10:46:11.0066 3304 \Device\Harddisk0\DR0 - ok
    10:46:11.0070 3304 Boot (0x1200) (1564506fc0713d153b896ad06c0f6c1f) \Device\Harddisk0\DR0\Partition0
    10:46:11.0071 3304 \Device\Harddisk0\DR0\Partition0 - ok
    10:46:11.0073 3304 ============================================================
    10:46:11.0073 3304 Scan finished
    10:46:11.0073 3304 ============================================================
    10:46:11.0086 1180 Detected object count: 10
    10:46:11.0086 1180 Actual detected object count: 10
    10:48:35.0894 1180 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0894 1180 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0896 1180 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0896 1180 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0898 1180 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0898 1180 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0902 1180 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0902 1180 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0905 1180 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0905 1180 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0907 1180 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0907 1180 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0910 1180 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0910 1180 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0912 1180 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0912 1180 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0915 1180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0916 1180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0918 1180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0918 1180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:50:51.0332 5836 Deinitialize success.

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-07-06 11:40:52
    -----------------------------
    11:40:52.092 OS Version: Windows 6.0.6002 Service Pack 2
    11:40:52.092 Number of processors: 4 586 0x1707
    11:40:52.093 ComputerName: EAMONNS UserName: currys
    11:41:25.580 Initialize success
    11:41:50.098 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
    11:41:50.100 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
    11:41:50.115 Disk 0 MBR read successfully
    11:41:50.117 Disk 0 MBR scan
    11:41:50.120 Disk 0 Windows VISTA default MBR code
    11:41:50.130 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
    11:41:50.137 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 600238 MB offset 20973568
    11:41:50.142 Disk 0 scanning sectors +1250261680
    11:41:50.204 Disk 0 scanning C:\Windows\system32\drivers
    11:41:57.639 Service scanning
    11:42:01.930 Service MpKsl87d25911 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\MpKsl87d25911.sys **LOCKED** 32
    11:42:08.215 Modules scanning
    11:42:11.228 Disk 0 trace - called modules:
    11:42:11.247 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
    11:42:11.252 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87524968]
    11:42:11.257 3 CLASSPNP.SYS[8bdb58b3] -> nt!IofCallDriver -> [0x857d96e0]
    11:42:11.261 5 acpi.sys[83a986bc] -> nt!IofCallDriver -> \Device\0000005e[0x857d9c90]
    11:42:11.266 Scan finished successfully
    11:42:54.736 Disk 0 MBR has been saved successfully to "C:\Users\currys\Desktop\MBR.dat"
    11:42:54.748 The log file has been saved successfully to "C:\Users\currys\Desktop\aswMBR.txt"


    ComboFix 12-07-06.01 - currys 06/07/2012 12:04:43.3.4 - x86
    Running from: c:\users\currys\Downloads\baffledUK123.exe.exe
    AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
    FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\baffledUK123.exe
    c:\baffleduk123.exe\path05
    c:\baffleduk123.exe\sed.3XE
    C:\install.exe
    c:\programdata\bProtector
    c:\users\currys\AppData\Local\Temp\{6BDAB443-0FAE-42FB-8481-F541A02AB4ED}
    c:\users\currys\AppData\Local\Temp\ppcrlui_5780_2
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-06-06 to 2012-07-06 )))))))))))))))))))))))))))))))
    .
    .
    2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\Public\AppData\Local\temp
    2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-07-06 10:59 . 2012-04-18 03:06 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5B11266-9F6D-46BA-BE4F-475D856D9270}\mpengine.dll
    2012-07-06 10:45 . 2012-07-06 10:45 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\offreg.dll
    2012-07-06 10:41 . 2012-07-06 10:41 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\MpKsl87d25911.sys
    2012-07-06 09:35 . 2012-05-30 19:41 6762896 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\mpengine.dll
    2012-07-05 22:20 . 2012-07-05 22:20 -------- d-----w- c:\program files\Common Files\Java
    2012-07-05 22:19 . 2012-07-05 22:19 772592 ----a-w- c:\windows\system32\npDeployJava1.dll
    2012-07-04 10:19 . 2012-07-04 10:19 -------- d-----w- c:\users\currys\AppData\Roaming\SUPERAntiSpyware.com
    2012-07-04 10:18 . 2012-07-04 10:19 -------- d-----w- c:\program files\SUPERAntiSpyware
    2012-07-04 10:18 . 2012-07-04 10:18 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2012-07-04 09:42 . 2012-07-04 09:42 388096 ----a-r- c:\users\currys\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-07-04 09:42 . 2012-07-04 09:42 -------- d-----w- c:\program files\Trend Micro
    2012-07-02 17:56 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-30 15:03 . 2012-06-30 15:03 -------- d-----w- c:\users\currys\AppData\Roaming\Sammsoft
    2012-06-30 15:02 . 2012-06-30 15:08 -------- d-----w- c:\program files\ARO 2012
    2012-06-30 10:59 . 2012-07-02 17:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-06-29 22:55 . 2012-06-29 22:59 -------- d-----w- c:\users\currys\AppData\Roaming\DigitalSupport
    2012-06-29 22:33 . 2012-06-29 22:33 -------- d-----w- c:\users\currys\AppData\Roaming\Simply Super Software
    2012-06-29 22:32 . 2012-06-29 22:32 -------- d-----w- c:\programdata\Simply Super Software
    2012-06-29 22:32 . 2012-06-29 22:33 -------- d-----w- c:\program files\Trojan Remover
    2012-06-28 12:40 . 2012-07-01 00:10 -------- d-----w- c:\program files\ReImageCompanion
    2012-06-28 12:34 . 2012-06-28 12:34 -------- dc-h--w- c:\programdata\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
    2012-06-28 12:31 . 2012-07-01 00:10 -------- dc-h--w- c:\programdata\~0
    2012-06-24 23:20 . 2012-07-06 11:00 -------- d-----w- c:\program files\Microsoft Security Client
    2012-06-24 10:12 . 2012-06-26 21:36 -------- d-----w- c:\program files\RegZooka
    2012-06-24 09:36 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-24 09:36 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
    2012-06-24 09:36 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-24 09:36 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
    2012-06-24 09:35 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
    2012-06-24 09:35 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
    2012-06-24 09:35 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-24 09:35 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
    2012-06-24 09:35 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
    2012-06-23 12:46 . 2012-06-23 12:46 -------- d-----w- c:\users\currys\AppData\Local\Macromedia
    2012-06-23 10:43 . 2012-06-23 11:42 24416 ----a-w- c:\windows\system32\drivers\regguard.sys
    2012-06-23 10:35 . 2012-06-23 10:35 39184 ----a-w- c:\windows\system32\Partizan.exe
    2012-06-23 10:35 . 2012-06-23 10:35 35816 ----a-w- c:\windows\system32\drivers\Partizan.sys
    2012-06-23 09:45 . 2012-06-26 22:32 -------- d-----w- c:\programdata\RegRun
    2012-06-23 09:44 . 2012-06-23 09:44 2 --shatr- c:\windows\winstart.bat
    2012-06-23 09:44 . 2012-06-23 09:44 -------- d-----w- c:\program files\Greatis
    2012-06-19 23:21 . 2012-07-01 00:10 -------- dc----w- C:\f90e4393fac73d563b0e
    2012-06-19 21:53 . 2012-02-28 10:43 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys
    2012-06-19 21:53 . 2012-06-30 17:12 -------- d-----w- c:\program files\PC Tools
    2012-06-19 21:53 . 2012-06-19 22:21 -------- d-----w- c:\program files\Common Files\PC Tools
    2012-06-19 21:53 . 2012-05-11 10:14 203088 ----a-w- c:\windows\system32\drivers\PCTSD.sys
    2012-06-19 21:52 . 2012-06-19 22:21 -------- d-----w- c:\programdata\PC Tools
    2012-06-19 21:52 . 2012-06-19 21:52 -------- d-----w- c:\users\currys\AppData\Roaming\TestApp
    2012-06-18 22:34 . 2012-06-18 22:34 -------- d-----w- c:\users\currys\AppData\Roaming\FlashGet
    2012-06-18 22:34 . 2012-06-18 22:34 -------- d-----w- c:\program files\FlashGet Network
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-07-05 22:19 . 2010-04-22 21:21 687600 ----a-w- c:\windows\system32\deployJava1.dll
    2012-06-23 12:46 . 2012-03-30 19:49 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-06-23 12:46 . 2011-07-16 18:09 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-05-13 11:59 . 2011-12-17 15:48 181064 ----a-w- c:\windows\PSEXESVC.EXE
    2012-05-10 09:55 . 2012-05-10 09:55 2044928 ----a-w- c:\windows\system32\win32k.sys
    2012-05-10 08:55 . 2011-12-18 09:35 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2012-05-10 08:55 . 2011-12-18 09:35 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
    2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
    2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
    2012-07-01 22:30 . 2012-05-20 11:05 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2009-11-28 20:51 . 2008-11-07 09:45 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "kdx"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    "Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-15 68856]
    "SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-26 3906432]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-05-03 73360]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 3881792]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-02-29 108352]
    "4oD"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
    "kdx"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    c:\users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [2011-9-30 142848]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "EnableShellExecuteHooks"= 1 (0x1)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
    2010-12-10 12:47 16680 ----a-w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^Users^currys^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
    backup=c:\windows\pss\BBC iPlayer Desktop.lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
    2010-12-14 17:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    2011-01-03 11:28 274608 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
    S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - ASWMBR
    *NewlyCreated* - MPKSL87D25911
    *Deregistered* - aswMBR
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    ezSharedSvc
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 12:46]
    .
    2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 14:54]
    .
    2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 14:54]
    .
    2012-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-118059262-2797764304-1290977041-1000Core.job
    - c:\users\currys\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 10:26]
    .
    2012-07-06 c:\windows\Tasks\Recovery DVD Creator-currys.job
    - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-08-21 15:25]
    .
    .
    ------- Supplementary Scan -------
    .
    mStart Page = about:blank
    mWindow Title = Microsoft Internet Explorer
    uInternet Settings,ProxyOverride = *.local
    IE: Download with &Media Finder
    IE: E&xport to Microsoft Excel
    IE: Google Sidewiki...
    TCP: DhcpNameServer = 192.168.1.254
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
    DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090910103721
    FF - ProfilePath - c:\users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - WiseConvert Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q=
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
    HKLM-Run-ISW - (no file)
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-07-06 12:28
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\*& *u*]
    @Allowed: (Read) (RestrictedCode)
    "MachineID"=hex:92,fa,95,c7,a1,37,50,00
    .
    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:4b,e6,62,f7,01,dc,fb,1c,52,f0,6e,66,c7,e7,f7,7d,d4,3c,36,63,42,0e,89,
    8f,85,fa,f6,6d,83,03,fa,81,49,39,a4,45,bf,5e,77,23,eb,37,4b,86,ff,a8,26,ea,\
    "??"=hex:dd,bb,b0,11,5f,96,3e,4b,49,50,e6,16,dd,f8,06,aa
    .
    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "scansk"=hex(0):85,95,14,d3,27,4a,46,92,ae,59,c7,15,15,df,38,74,0f,19,b1,7a,db,
    bb,f0,e8,07,d0,65,01,12,5d,c5,e7,c3,d1,3d,a1,73,f5,bd,ad,00,00,00,00,00,00,\
    .
    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000_Classes\CLSID\{f72d7cc0-3228-4f40-938c-e80ee848e811}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "Model"=dword:000000bc
    "Therad"=dword:00000014
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'lsass.exe'(704)
    c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
    .
    - - - - - - - > 'Explorer.exe'(5460)
    c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
    .
    Completion time: 2012-07-06 12:40:41
    ComboFix-quarantined-files.txt 2012-07-06 11:34
    ComboFix2.txt 2012-02-23 00:12
    .
    Pre-Run: 452,379,402,240 bytes free
    Post-Run: 452,399,927,296 bytes free
    .
    - - End Of File - - 576A7173098CBC0E7DFD8DB7401D3A34

    Hopefully everything is done as requested.
     
  6. baffledUK

    baffledUK Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    114
    ComboFix 12-07-06.01 - currys 06/07/2012 12:04:43.3.4 - x86
    Running from: c:\users\currys\Downloads\baffledUK123.exe.exe
    AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
    FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\baffledUK123.exe
    c:\baffleduk123.exe\path05
    c:\baffleduk123.exe\sed.3XE
    C:\install.exe
    c:\programdata\bProtector
    c:\users\currys\AppData\Local\Temp\{6BDAB443-0FAE-42FB-8481-F541A02AB4ED}
    c:\users\currys\AppData\Local\Temp\ppcrlui_5780_2
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-06-06 to 2012-07-06 )))))))))))))))))))))))))))))))
    .
    .
    2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
    2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\Public\AppData\Local\temp
    2012-07-06 11:15 . 2012-07-06 11:15 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-07-06 10:59 . 2012-04-18 03:06 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5B11266-9F6D-46BA-BE4F-475D856D9270}\mpengine.dll
    2012-07-06 10:45 . 2012-07-06 10:45 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\offreg.dll
    2012-07-06 10:41 . 2012-07-06 10:41 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\MpKsl87d25911.sys
    2012-07-06 09:35 . 2012-05-30 19:41 6762896 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\mpengine.dll
    2012-07-05 22:20 . 2012-07-05 22:20 -------- d-----w- c:\program files\Common Files\Java
    2012-07-05 22:19 . 2012-07-05 22:19 772592 ----a-w- c:\windows\system32\npDeployJava1.dll
    2012-07-04 10:19 . 2012-07-04 10:19 -------- d-----w- c:\users\currys\AppData\Roaming\SUPERAntiSpyware.com
    2012-07-04 10:18 . 2012-07-04 10:19 -------- d-----w- c:\program files\SUPERAntiSpyware
    2012-07-04 10:18 . 2012-07-04 10:18 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2012-07-04 09:42 . 2012-07-04 09:42 388096 ----a-r- c:\users\currys\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-07-04 09:42 . 2012-07-04 09:42 -------- d-----w- c:\program files\Trend Micro
    2012-07-02 17:56 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-30 15:03 . 2012-06-30 15:03 -------- d-----w- c:\users\currys\AppData\Roaming\Sammsoft
    2012-06-30 15:02 . 2012-06-30 15:08 -------- d-----w- c:\program files\ARO 2012
    2012-06-30 10:59 . 2012-07-02 17:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-06-29 22:55 . 2012-06-29 22:59 -------- d-----w- c:\users\currys\AppData\Roaming\DigitalSupport
    2012-06-29 22:33 . 2012-06-29 22:33 -------- d-----w- c:\users\currys\AppData\Roaming\Simply Super Software
    2012-06-29 22:32 . 2012-06-29 22:32 -------- d-----w- c:\programdata\Simply Super Software
    2012-06-29 22:32 . 2012-06-29 22:33 -------- d-----w- c:\program files\Trojan Remover
    2012-06-28 12:40 . 2012-07-01 00:10 -------- d-----w- c:\program files\ReImageCompanion
    2012-06-28 12:34 . 2012-06-28 12:34 -------- dc-h--w- c:\programdata\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
    2012-06-28 12:31 . 2012-07-01 00:10 -------- dc-h--w- c:\programdata\~0
    2012-06-24 23:20 . 2012-07-06 11:00 -------- d-----w- c:\program files\Microsoft Security Client
    2012-06-24 10:12 . 2012-06-26 21:36 -------- d-----w- c:\program files\RegZooka
    2012-06-24 09:36 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-24 09:36 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
    2012-06-24 09:36 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-24 09:36 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
    2012-06-24 09:35 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
    2012-06-24 09:35 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
    2012-06-24 09:35 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-24 09:35 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
    2012-06-24 09:35 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
    2012-06-23 12:46 . 2012-06-23 12:46 -------- d-----w- c:\users\currys\AppData\Local\Macromedia
    2012-06-23 10:43 . 2012-06-23 11:42 24416 ----a-w- c:\windows\system32\drivers\regguard.sys
    2012-06-23 10:35 . 2012-06-23 10:35 39184 ----a-w- c:\windows\system32\Partizan.exe
    2012-06-23 10:35 . 2012-06-23 10:35 35816 ----a-w- c:\windows\system32\drivers\Partizan.sys
    2012-06-23 09:45 . 2012-06-26 22:32 -------- d-----w- c:\programdata\RegRun
    2012-06-23 09:44 . 2012-06-23 09:44 2 --shatr- c:\windows\winstart.bat
    2012-06-23 09:44 . 2012-06-23 09:44 -------- d-----w- c:\program files\Greatis
    2012-06-19 23:21 . 2012-07-01 00:10 -------- dc----w- C:\f90e4393fac73d563b0e
    2012-06-19 21:53 . 2012-02-28 10:43 342168 ----a-w- c:\windows\system32\drivers\pctDS.sys
    2012-06-19 21:53 . 2012-06-30 17:12 -------- d-----w- c:\program files\PC Tools
    2012-06-19 21:53 . 2012-06-19 22:21 -------- d-----w- c:\program files\Common Files\PC Tools
    2012-06-19 21:53 . 2012-05-11 10:14 203088 ----a-w- c:\windows\system32\drivers\PCTSD.sys
    2012-06-19 21:52 . 2012-06-19 22:21 -------- d-----w- c:\programdata\PC Tools
    2012-06-19 21:52 . 2012-06-19 21:52 -------- d-----w- c:\users\currys\AppData\Roaming\TestApp
    2012-06-18 22:34 . 2012-06-18 22:34 -------- d-----w- c:\users\currys\AppData\Roaming\FlashGet
    2012-06-18 22:34 . 2012-06-18 22:34 -------- d-----w- c:\program files\FlashGet Network
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-07-05 22:19 . 2010-04-22 21:21 687600 ----a-w- c:\windows\system32\deployJava1.dll
    2012-06-23 12:46 . 2012-03-30 19:49 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-06-23 12:46 . 2011-07-16 18:09 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-05-13 11:59 . 2011-12-17 15:48 181064 ----a-w- c:\windows\PSEXESVC.EXE
    2012-05-10 09:55 . 2012-05-10 09:55 2044928 ----a-w- c:\windows\system32\win32k.sys
    2012-05-10 08:55 . 2011-12-18 09:35 83392 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2012-05-10 08:55 . 2011-12-18 09:35 137928 ----a-w- c:\windows\system32\drivers\avipbb.sys
    2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
    2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
    2012-07-01 22:30 . 2012-05-20 11:05 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2009-11-28 20:51 . 2008-11-07 09:45 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "kdx"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    "Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-15 68856]
    "SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-26 3906432]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-05-03 73360]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 3881792]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-02-29 108352]
    "4oD"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
    "kdx"="c:\program files\Kontiki\KHost.exe" [2009-01-02 1041960]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    c:\users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    BBC iPlayer Desktop.lnk - c:\program files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe [2011-9-30 142848]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "EnableShellExecuteHooks"= 1 (0x1)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
    2010-12-10 12:47 16680 ----a-w- c:\program files\Citrix\GoToAssist\570\g2awinlogon.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKLM\~\startupfolder\C:^Users^currys^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
    backup=c:\windows\pss\BBC iPlayer Desktop.lnk.Startup
    backupExtension=.Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
    2010-12-14 17:17 47904 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2010-11-29 17:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    2011-01-03 11:28 274608 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
    S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - ASWMBR
    *NewlyCreated* - MPKSL87D25911
    *Deregistered* - aswMBR
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    ezSharedSvc
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 12:46]
    .
    2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 14:54]
    .
    2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 14:54]
    .
    2012-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-118059262-2797764304-1290977041-1000Core.job
    - c:\users\currys\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-23 10:26]
    .
    2012-07-06 c:\windows\Tasks\Recovery DVD Creator-currys.job
    - c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2008-08-21 15:25]
    .
    .
    ------- Supplementary Scan -------
    .
    mStart Page = about:blank
    mWindow Title = Microsoft Internet Explorer
    uInternet Settings,ProxyOverride = *.local
    IE: Download with &Media Finder
    IE: E&xport to Microsoft Excel
    IE: Google Sidewiki...
    TCP: DhcpNameServer = 192.168.1.254
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
    DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090910103721
    FF - ProfilePath - c:\users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - WiseConvert Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q=
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
    HKLM-Run-ISW - (no file)
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-07-06 12:28
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\*& *u*]
    @Allowed: (Read) (RestrictedCode)
    "MachineID"=hex:92,fa,95,c7,a1,37,50,00
    .
    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:4b,e6,62,f7,01,dc,fb,1c,52,f0,6e,66,c7,e7,f7,7d,d4,3c,36,63,42,0e,89,
    8f,85,fa,f6,6d,83,03,fa,81,49,39,a4,45,bf,5e,77,23,eb,37,4b,86,ff,a8,26,ea,\
    "??"=hex:dd,bb,b0,11,5f,96,3e,4b,49,50,e6,16,dd,f8,06,aa
    .
    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "scansk"=hex(0):85,95,14,d3,27,4a,46,92,ae,59,c7,15,15,df,38,74,0f,19,b1,7a,db,
    bb,f0,e8,07,d0,65,01,12,5d,c5,e7,c3,d1,3d,a1,73,f5,bd,ad,00,00,00,00,00,00,\
    .
    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000_Classes\CLSID\{f72d7cc0-3228-4f40-938c-e80ee848e811}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "Model"=dword:000000bc
    "Therad"=dword:00000014
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'lsass.exe'(704)
    c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
    .
    - - - - - - - > 'Explorer.exe'(5460)
    c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
    .
    Completion time: 2012-07-06 12:40:41
    ComboFix-quarantined-files.txt 2012-07-06 11:34
    ComboFix2.txt 2012-02-23 00:12
    .
    Pre-Run: 452,379,402,240 bytes free
    Post-Run: 452,399,927,296 bytes free
    .
    - - End Of File - - 576A7173098CBC0E7DFD8DB7401D3A34

    10:41:52.0652 2536 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
    10:41:54.0655 2536 ============================================================
    10:41:54.0655 2536 Current date / time: 2012/07/06 10:41:54.0655
    10:41:54.0655 2536 SystemInfo:
    10:41:54.0655 2536
    10:41:54.0655 2536 OS Version: 6.0.6002 ServicePack: 2.0
    10:41:54.0655 2536 Product type: Workstation
    10:41:54.0656 2536 ComputerName: EAMONNS
    10:41:54.0656 2536 UserName: currys
    10:41:54.0656 2536 Windows directory: C:\Windows
    10:41:54.0656 2536 System windows directory: C:\Windows
    10:41:54.0656 2536 Processor architecture: Intel x86
    10:41:54.0656 2536 Number of processors: 4
    10:41:54.0656 2536 Page size: 0x1000
    10:41:54.0656 2536 Boot type: Normal boot
    10:41:54.0656 2536 ============================================================
    10:42:01.0665 2536 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    10:42:01.0777 2536 ============================================================
    10:42:01.0777 2536 \Device\Harddisk0\DR0:
    10:42:01.0777 2536 MBR partitions:
    10:42:01.0777 2536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x494572B0
    10:42:01.0777 2536 ============================================================
    10:42:01.0809 2536 C: <-> \Device\Harddisk0\DR0\Partition0
    10:42:01.0809 2536 ============================================================
    10:42:01.0809 2536 Initialize success
    10:42:01.0809 2536 ============================================================
    10:43:06.0037 1384 ============================================================
    10:43:06.0038 1384 Scan started
    10:43:06.0038 1384 Mode: Manual; SigCheck;
    10:43:06.0038 1384 ============================================================
    10:43:06.0819 1384 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    10:43:06.0951 1384 !SASCORE - ok
    10:43:07.0384 1384 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    10:43:07.0466 1384 ACPI - ok
    10:43:07.0831 1384 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    10:43:07.0859 1384 AdobeActiveFileMonitor6.0 - ok
    10:43:07.0968 1384 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    10:43:07.0993 1384 AdobeARMservice - ok
    10:43:08.0374 1384 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    10:43:08.0392 1384 AdobeFlashPlayerUpdateSvc - ok
    10:43:08.0459 1384 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    10:43:08.0493 1384 adp94xx - ok
    10:43:08.0548 1384 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    10:43:08.0585 1384 adpahci - ok
    10:43:08.0795 1384 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    10:43:08.0813 1384 adpu160m - ok
    10:43:08.0838 1384 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    10:43:08.0864 1384 adpu320 - ok
    10:43:09.0313 1384 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
    10:43:09.0358 1384 AdvancedSystemCareService5 - ok
    10:43:09.0413 1384 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
    10:43:09.0471 1384 AeLookupSvc - ok
    10:43:09.0494 1384 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    10:43:09.0549 1384 AFD - ok
    10:43:09.0571 1384 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    10:43:09.0588 1384 agp440 - ok
    10:43:09.0621 1384 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    10:43:09.0638 1384 aic78xx - ok
    10:43:09.0653 1384 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
    10:43:09.0707 1384 ALG - ok
    10:43:09.0719 1384 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    10:43:09.0735 1384 aliide - ok
    10:43:09.0747 1384 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    10:43:09.0765 1384 amdagp - ok
    10:43:09.0782 1384 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    10:43:09.0799 1384 amdide - ok
    10:43:09.0809 1384 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    10:43:09.0843 1384 AmdK7 - ok
    10:43:09.0860 1384 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
    10:43:09.0897 1384 AmdK8 - ok
    10:43:10.0034 1384 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
    10:43:10.0110 1384 AntiVirSchedulerService - ok
    10:43:10.0130 1384 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    10:43:10.0158 1384 AntiVirService - ok
    10:43:10.0274 1384 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
    10:43:10.0321 1384 Appinfo - ok
    10:43:10.0353 1384 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    10:43:10.0369 1384 arc - ok
    10:43:10.0387 1384 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    10:43:10.0406 1384 arcsas - ok
    10:43:10.0525 1384 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    10:43:10.0555 1384 aspnet_state - ok
    10:43:10.0562 1384 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    10:43:10.0613 1384 AsyncMac - ok
    10:43:10.0635 1384 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    10:43:10.0659 1384 atapi - ok
    10:43:10.0689 1384 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    10:43:10.0731 1384 AudioEndpointBuilder - ok
    10:43:10.0736 1384 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    10:43:10.0769 1384 Audiosrv - ok
    10:43:10.0787 1384 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
    10:43:10.0864 1384 avgntflt - ok
    10:43:10.0891 1384 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
    10:43:10.0925 1384 avipbb - ok
    10:43:10.0943 1384 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
    10:43:10.0966 1384 avkmgr - ok
    10:43:11.0007 1384 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    10:43:11.0062 1384 Beep - ok
    10:43:11.0116 1384 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
    10:43:11.0189 1384 BFE - ok
    10:43:11.0241 1384 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
    10:43:11.0312 1384 BITS - ok
    10:43:11.0321 1384 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    10:43:11.0366 1384 blbdrive - ok
    10:43:11.0444 1384 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
    10:43:11.0471 1384 Bonjour Service - ok
    10:43:11.0498 1384 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
    10:43:11.0550 1384 bowser - ok
    10:43:11.0565 1384 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    10:43:11.0603 1384 BrFiltLo - ok
    10:43:11.0614 1384 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    10:43:11.0646 1384 BrFiltUp - ok
    10:43:11.0669 1384 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
    10:43:11.0723 1384 Browser - ok
    10:43:11.0735 1384 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    10:43:11.0881 1384 Brserid - ok
    10:43:11.0893 1384 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    10:43:11.0944 1384 BrSerWdm - ok
    10:43:11.0969 1384 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    10:43:12.0023 1384 BrUsbMdm - ok
    10:43:12.0035 1384 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    10:43:12.0091 1384 BrUsbSer - ok
    10:43:12.0107 1384 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    10:43:12.0166 1384 BTHMODEM - ok
    10:43:12.0173 1384 catchme - ok
    10:43:12.0191 1384 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    10:43:12.0229 1384 cdfs - ok
    10:43:12.0250 1384 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    10:43:12.0297 1384 cdrom - ok
    10:43:12.0320 1384 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    10:43:12.0349 1384 CertPropSvc - ok
    10:43:12.0358 1384 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    10:43:12.0402 1384 circlass - ok
    10:43:12.0443 1384 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    10:43:12.0476 1384 CLFS - ok
    10:43:12.0527 1384 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    10:43:12.0545 1384 clr_optimization_v2.0.50727_32 - ok
    10:43:12.0611 1384 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    10:43:12.0665 1384 clr_optimization_v4.0.30319_32 - ok
    10:43:12.0706 1384 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    10:43:12.0723 1384 cmdide - ok
    10:43:12.0741 1384 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
    10:43:12.0790 1384 Compbatt - ok
    10:43:12.0795 1384 COMSysApp - ok
    10:43:12.0825 1384 cpuz134 - ok
    10:43:12.0836 1384 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    10:43:12.0859 1384 crcdisk - ok
    10:43:12.0873 1384 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    10:43:12.0910 1384 Crusoe - ok
    10:43:12.0944 1384 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
    10:43:13.0002 1384 CryptSvc - ok
    10:43:13.0049 1384 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    10:43:13.0108 1384 DcomLaunch - ok
    10:43:13.0125 1384 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    10:43:13.0174 1384 DfsC - ok
    10:43:13.0287 1384 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
    10:43:13.0368 1384 DFSR - ok
    10:43:13.0477 1384 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
    10:43:13.0513 1384 Dhcp - ok
    10:43:13.0536 1384 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    10:43:13.0563 1384 disk - ok
    10:43:13.0586 1384 Dnscache (30a08728740e71947ae1e073b5ce69b4) C:\Windows\System32\dnsrslvr.dll
    10:43:13.0621 1384 Dnscache - ok
    10:43:13.0643 1384 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
    10:43:13.0689 1384 dot3svc - ok
    10:43:13.0711 1384 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
    10:43:13.0775 1384 Dot4 - ok
    10:43:13.0790 1384 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    10:43:13.0839 1384 Dot4Print - ok
    10:43:13.0849 1384 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
    10:43:13.0894 1384 dot4usb - ok
    10:43:13.0910 1384 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
    10:43:13.0953 1384 DPS - ok
    10:43:13.0982 1384 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    10:43:14.0014 1384 drmkaud - ok
    10:43:14.0055 1384 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
    10:43:14.0107 1384 DXGKrnl - ok
    10:43:14.0130 1384 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    10:43:14.0168 1384 E1G60 - ok
    10:43:14.0196 1384 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
    10:43:14.0245 1384 EapHost - ok
    10:43:14.0276 1384 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    10:43:14.0311 1384 Ecache - ok
    10:43:14.0352 1384 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
    10:43:14.0405 1384 ehRecvr - ok
    10:43:14.0442 1384 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
    10:43:14.0493 1384 ehSched - ok
    10:43:14.0506 1384 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
    10:43:14.0537 1384 ehstart - ok
    10:43:14.0577 1384 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    10:43:14.0610 1384 elxstor - ok
    10:43:14.0652 1384 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
    10:43:14.0725 1384 EMDMgmt - ok
    10:43:14.0735 1384 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    10:43:14.0772 1384 ErrDev - ok
    10:43:14.0819 1384 ETService (23112102bc2a8fe44b8ac44a05bdf4c3) C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
    10:43:14.0845 1384 ETService ( UnsignedFile.Multi.Generic ) - warning
    10:43:14.0845 1384 ETService - detected UnsignedFile.Multi.Generic (1)
    10:43:14.0869 1384 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
    10:43:14.0906 1384 EventSystem - ok
    10:43:14.0924 1384 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    10:43:14.0988 1384 exfat - ok
    10:43:15.0011 1384 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
    10:43:15.0039 1384 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
    10:43:15.0039 1384 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
    10:43:15.0067 1384 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    10:43:15.0124 1384 fastfat - ok
    10:43:15.0149 1384 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    10:43:15.0183 1384 fdc - ok
    10:43:15.0218 1384 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
    10:43:15.0275 1384 fdPHost - ok
    10:43:15.0280 1384 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
    10:43:15.0348 1384 FDResPub - ok
    10:43:15.0361 1384 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    10:43:15.0386 1384 FileInfo - ok
    10:43:15.0397 1384 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    10:43:15.0433 1384 Filetrace - ok
    10:43:15.0504 1384 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    10:43:15.0565 1384 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
    10:43:15.0565 1384 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
    10:43:15.0577 1384 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    10:43:15.0616 1384 flpydisk - ok
    10:43:15.0642 1384 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    10:43:15.0675 1384 FltMgr - ok
    10:43:15.0780 1384 FontCache (d49705f25390265cad9b620f55ea968c) C:\Windows\system32\FntCache.dll
    10:43:15.0849 1384 FontCache - ok
    10:43:15.0921 1384 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    10:43:15.0938 1384 FontCache3.0.0.0 - ok
    10:43:15.0967 1384 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
    10:43:15.0981 1384 fssfltr - ok
    10:43:16.0140 1384 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    10:43:16.0220 1384 fsssvc - ok
    10:43:16.0326 1384 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    10:43:16.0392 1384 Fs_Rec - ok
    10:43:16.0404 1384 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    10:43:16.0422 1384 gagp30kx - ok
    10:43:16.0451 1384 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    10:43:16.0471 1384 GEARAspiWDM - ok
    10:43:16.0530 1384 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    10:43:16.0548 1384 GoogleDesktopManager-051210-111108 - ok
    10:43:16.0554 1384 GoogleDesktopManager-110309-193829 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    10:43:16.0570 1384 GoogleDesktopManager-110309-193829 - ok
    10:43:16.0595 1384 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
    10:43:16.0610 1384 GoToAssist - ok
    10:43:16.0654 1384 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
    10:43:16.0736 1384 gpsvc - ok
    10:43:16.0760 1384 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    10:43:16.0775 1384 gupdate - ok
    10:43:16.0779 1384 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    10:43:16.0796 1384 gupdatem - ok
    10:43:16.0818 1384 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    10:43:16.0854 1384 gusvc - ok
    10:43:16.0907 1384 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
    10:43:16.0957 1384 HdAudAddService - ok
    10:43:17.0036 1384 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    10:43:17.0090 1384 HDAudBus - ok
    10:43:17.0118 1384 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    10:43:17.0171 1384 HidBth - ok
    10:43:17.0185 1384 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    10:43:17.0242 1384 HidIr - ok
    10:43:17.0256 1384 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
    10:43:17.0289 1384 hidserv - ok
    10:43:17.0305 1384 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    10:43:17.0364 1384 HidUsb - ok
    10:43:17.0383 1384 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
    10:43:17.0429 1384 hkmsvc - ok
    10:43:17.0446 1384 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    10:43:17.0462 1384 HpCISSs - ok
    10:43:17.0528 1384 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
    10:43:17.0552 1384 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
    10:43:17.0552 1384 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
    10:43:17.0568 1384 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
    10:43:17.0590 1384 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
    10:43:17.0590 1384 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
    10:43:17.0637 1384 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    10:43:17.0703 1384 HTTP - ok
    10:43:17.0717 1384 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    10:43:17.0733 1384 i2omp - ok
    10:43:17.0745 1384 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    10:43:17.0783 1384 i8042prt - ok
    10:43:17.0810 1384 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    10:43:17.0834 1384 iaStorV - ok
    10:43:17.0916 1384 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    10:43:17.0962 1384 idsvc - ok
    10:43:17.0985 1384 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    10:43:17.0999 1384 iirsp - ok
    10:43:18.0053 1384 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
    10:43:18.0101 1384 IKEEXT - ok
    10:43:18.0127 1384 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
    10:43:18.0153 1384 int15 - ok
    10:43:18.0341 1384 IntcAzAudAddService (bfcd7edc663f513e7c4a0b9400e58c70) C:\Windows\system32\drivers\RTKVHDA.sys
    10:43:18.0512 1384 IntcAzAudAddService - ok
    10:43:18.0590 1384 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    10:43:18.0607 1384 intelide - ok
    10:43:18.0617 1384 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    10:43:18.0655 1384 intelppm - ok
    10:43:18.0677 1384 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
    10:43:18.0728 1384 IPBusEnum - ok
    10:43:18.0743 1384 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    10:43:18.0789 1384 IpFilterDriver - ok
    10:43:18.0829 1384 iphlpsvc (7f83b06a929a981bc001b2ea304d2036) C:\Windows\System32\iphlpsvc.dll
    10:43:18.0871 1384 iphlpsvc - ok
    10:43:18.0875 1384 IpInIp - ok
    10:43:18.0894 1384 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    10:43:18.0937 1384 IPMIDRV - ok
    10:43:18.0956 1384 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    10:43:19.0020 1384 IPNAT - ok
    10:43:19.0037 1384 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    10:43:19.0076 1384 IRENUM - ok
    10:43:19.0090 1384 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    10:43:19.0106 1384 isapnp - ok
    10:43:19.0137 1384 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    10:43:19.0156 1384 iScsiPrt - ok
    10:43:19.0199 1384 ISWKL (ee8bed092a58a4faeb08dc140729189e) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
    10:43:19.0222 1384 ISWKL - ok
    10:43:19.0259 1384 IswSvc (aa7fd6a7532ef23fdcfc030195c148f9) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    10:43:19.0291 1384 IswSvc - ok
    10:43:19.0303 1384 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    10:43:19.0320 1384 iteatapi - ok
    10:43:19.0333 1384 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    10:43:19.0349 1384 iteraid - ok
    10:43:19.0373 1384 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    10:43:19.0396 1384 kbdclass - ok
    10:43:19.0403 1384 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
    10:43:19.0462 1384 kbdhid - ok
    10:43:19.0475 1384 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:43:19.0510 1384 KeyIso - ok
    10:43:19.0538 1384 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
    10:43:19.0562 1384 KL1 - ok
    10:43:19.0577 1384 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
    10:43:19.0598 1384 kl2 - ok
    10:43:19.0639 1384 KLIF (46fa00bef951762919b66269371c22af) C:\Windows\system32\DRIVERS\klif.sys
    10:43:19.0682 1384 KLIF - ok
    10:43:19.0707 1384 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    10:43:19.0743 1384 KSecDD - ok
    10:43:19.0961 1384 KService (0423bc118534ec23a063e54ebca9b92d) C:\Program Files\Kontiki\KService.exe
    10:43:20.0067 1384 KService - ok
    10:43:20.0161 1384 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
    10:43:20.0217 1384 KtmRm - ok
    10:43:20.0245 1384 LanmanServer (43446f197c74ef2030f84b3a4f39d570) C:\Windows\system32\srvsvc.dll
    10:43:20.0290 1384 LanmanServer - ok
    10:43:20.0319 1384 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
    10:43:20.0443 1384 LanmanWorkstation - ok
    10:43:20.0478 1384 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    10:43:20.0542 1384 lltdio - ok
    10:43:20.0580 1384 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
    10:43:20.0635 1384 lltdsvc - ok
    10:43:20.0649 1384 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
    10:43:20.0705 1384 lmhosts - ok
    10:43:20.0731 1384 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    10:43:20.0750 1384 LSI_FC - ok
    10:43:20.0770 1384 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    10:43:20.0790 1384 LSI_SAS - ok
    10:43:20.0811 1384 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    10:43:20.0834 1384 LSI_SCSI - ok
    10:43:20.0859 1384 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    10:43:20.0920 1384 luafv - ok
    10:43:20.0960 1384 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
    10:43:20.0979 1384 MBAMProtector - ok
    10:43:21.0091 1384 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    10:43:21.0120 1384 MBAMService - ok
    10:43:21.0179 1384 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
    10:43:21.0216 1384 McciCMService ( UnsignedFile.Multi.Generic ) - warning
    10:43:21.0216 1384 McciCMService - detected UnsignedFile.Multi.Generic (1)
    10:43:21.0256 1384 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
    10:43:21.0288 1384 Mcx2Svc - ok
    10:43:21.0313 1384 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    10:43:21.0328 1384 megasas - ok
    10:43:21.0353 1384 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    10:43:21.0386 1384 MegaSR - ok
    10:43:21.0412 1384 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    10:43:21.0463 1384 MMCSS - ok
    10:43:21.0474 1384 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    10:43:21.0508 1384 Modem - ok
    10:43:21.0519 1384 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    10:43:21.0554 1384 monitor - ok
    10:43:21.0570 1384 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    10:43:21.0594 1384 mouclass - ok
    10:43:21.0606 1384 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    10:43:21.0659 1384 mouhid - ok
    10:43:21.0675 1384 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    10:43:21.0698 1384 MountMgr - ok
    10:43:21.0735 1384 MozillaMaintenance (166f0cbff55d16552161c154317287ca) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    10:43:21.0753 1384 MozillaMaintenance - ok
    10:43:21.0788 1384 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
    10:43:21.0824 1384 MpFilter - ok
    10:43:21.0845 1384 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    10:43:21.0862 1384 mpio - ok
    10:43:21.0876 1384 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    10:43:21.0920 1384 mpsdrv - ok
    10:43:21.0960 1384 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
    10:43:21.0997 1384 MpsSvc - ok
    10:43:22.0029 1384 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    10:43:22.0045 1384 Mraid35x - ok
    10:43:22.0094 1384 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    10:43:22.0122 1384 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
    10:43:22.0122 1384 MREMP50 - detected UnsignedFile.Multi.Generic (1)
    10:43:22.0126 1384 MREMPR5 - ok
    10:43:22.0133 1384 MRENDIS5 - ok
    10:43:22.0162 1384 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    10:43:22.0174 1384 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
    10:43:22.0174 1384 MRESP50 - detected UnsignedFile.Multi.Generic (1)
    10:43:22.0202 1384 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    10:43:22.0227 1384 MRxDAV - ok
    10:43:22.0254 1384 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    10:43:22.0301 1384 mrxsmb - ok
    10:43:22.0323 1384 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    10:43:22.0376 1384 mrxsmb10 - ok
    10:43:22.0384 1384 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    10:43:22.0438 1384 mrxsmb20 - ok
    10:43:22.0450 1384 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
    10:43:22.0467 1384 msahci - ok
    10:43:22.0486 1384 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    10:43:22.0503 1384 msdsm - ok
    10:43:22.0524 1384 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
    10:43:22.0562 1384 MSDTC - ok
    10:43:22.0581 1384 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    10:43:22.0623 1384 Msfs - ok
    10:43:22.0636 1384 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    10:43:22.0660 1384 msisadrv - ok
    10:43:22.0693 1384 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
    10:43:22.0751 1384 MSiSCSI - ok
    10:43:22.0756 1384 msiserver - ok
    10:43:22.0791 1384 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    10:43:22.0828 1384 MSKSSRV - ok
    10:43:22.0864 1384 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
    10:43:22.0881 1384 MsMpSvc - ok
    10:43:22.0892 1384 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    10:43:22.0930 1384 MSPCLOCK - ok
    10:43:22.0935 1384 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    10:43:22.0992 1384 MSPQM - ok
    10:43:23.0013 1384 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    10:43:23.0048 1384 MsRPC - ok
    10:43:23.0057 1384 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    10:43:23.0075 1384 mssmbios - ok
    10:43:23.0089 1384 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    10:43:23.0132 1384 MSTEE - ok
    10:43:23.0139 1384 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    10:43:23.0165 1384 Mup - ok
    10:43:23.0201 1384 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
    10:43:23.0245 1384 napagent - ok
    10:43:23.0276 1384 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    10:43:23.0302 1384 NativeWifiP - ok
    10:43:23.0335 1384 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    10:43:23.0362 1384 NDIS - ok
    10:43:23.0378 1384 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    10:43:23.0419 1384 NdisTapi - ok
    10:43:23.0438 1384 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    10:43:23.0475 1384 Ndisuio - ok
    10:43:23.0490 1384 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    10:43:23.0545 1384 NdisWan - ok
    10:43:23.0562 1384 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    10:43:23.0600 1384 NDProxy - ok
    10:43:23.0620 1384 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
    10:43:23.0640 1384 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    10:43:23.0640 1384 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    10:43:23.0653 1384 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    10:43:23.0694 1384 NetBIOS - ok
    10:43:23.0714 1384 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    10:43:23.0769 1384 netbt - ok
    10:43:23.0800 1384 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:43:23.0825 1384 Netlogon - ok
    10:43:23.0858 1384 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
    10:43:23.0901 1384 Netman - ok
    10:43:23.0958 1384 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:43:23.0993 1384 NetMsmqActivator - ok
    10:43:23.0997 1384 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:43:24.0013 1384 NetPipeActivator - ok
    10:43:24.0063 1384 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
    10:43:24.0110 1384 netprofm - ok
    10:43:24.0115 1384 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:43:24.0134 1384 NetTcpActivator - ok
    10:43:24.0138 1384 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:43:24.0155 1384 NetTcpPortSharing - ok
    10:43:24.0177 1384 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    10:43:24.0193 1384 nfrd960 - ok
    10:43:24.0221 1384 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    10:43:24.0248 1384 NisDrv - ok
    10:43:24.0308 1384 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
    10:43:24.0335 1384 NisSrv - ok
    10:43:24.0354 1384 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
    10:43:24.0398 1384 NlaSvc - ok
    10:43:24.0438 1384 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    10:43:24.0475 1384 Npfs - ok
    10:43:24.0482 1384 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
    10:43:24.0520 1384 nsi - ok
    10:43:24.0533 1384 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    10:43:24.0584 1384 nsiproxy - ok
    10:43:24.0663 1384 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    10:43:24.0725 1384 Ntfs - ok
    10:43:24.0754 1384 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    10:43:24.0808 1384 ntrigdigi - ok
    10:43:24.0819 1384 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    10:43:24.0859 1384 Null - ok
    10:43:24.0888 1384 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
    10:43:24.0921 1384 NVHDA - ok
    10:43:25.0491 1384 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    10:43:25.0864 1384 nvlddmkm - ok
    10:43:26.0079 1384 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    10:43:26.0097 1384 nvraid - ok
    10:43:26.0115 1384 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    10:43:26.0131 1384 nvstor - ok
    10:43:26.0158 1384 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
    10:43:26.0175 1384 nvstor32 - ok
    10:43:26.0226 1384 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
    10:43:26.0256 1384 nvsvc - ok
    10:43:26.0440 1384 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    10:43:26.0570 1384 nvUpdatusService - ok
    10:43:26.0668 1384 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    10:43:26.0686 1384 nv_agp - ok
    10:43:26.0690 1384 NwlnkFlt - ok
    10:43:26.0697 1384 NwlnkFwd - ok
    10:43:26.0719 1384 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
    10:43:26.0780 1384 ohci1394 - ok
    10:43:26.0829 1384 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    10:43:26.0862 1384 ose - ok
    10:43:27.0168 1384 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    10:43:27.0377 1384 osppsvc - ok
    10:43:27.0485 1384 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:43:27.0580 1384 p2pimsvc - ok
    10:43:27.0589 1384 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:43:27.0623 1384 p2psvc - ok
    10:43:27.0652 1384 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    10:43:27.0704 1384 Parport - ok
    10:43:27.0731 1384 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
    10:43:27.0769 1384 Partizan - ok
    10:43:27.0790 1384 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    10:43:27.0820 1384 partmgr - ok
    10:43:27.0830 1384 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    10:43:27.0881 1384 Parvdm - ok
    10:43:27.0896 1384 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
    10:43:27.0930 1384 PcaSvc - ok
    10:43:27.0954 1384 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    10:43:27.0982 1384 pci - ok
    10:43:27.0997 1384 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
    10:43:28.0022 1384 pciide - ok
    10:43:28.0044 1384 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    10:43:28.0070 1384 pcmcia - ok
    10:43:28.0130 1384 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    10:43:28.0232 1384 PEAUTH - ok
    10:43:28.0327 1384 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
    10:43:28.0419 1384 pla - ok
    10:43:28.0514 1384 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
    10:43:28.0561 1384 PlugPlay - ok
    10:43:28.0623 1384 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
    10:43:28.0650 1384 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    10:43:28.0650 1384 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    10:43:28.0710 1384 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:43:28.0745 1384 PNRPAutoReg - ok
    10:43:28.0752 1384 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:43:28.0789 1384 PNRPsvc - ok
    10:43:28.0816 1384 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
    10:43:28.0893 1384 PolicyAgent - ok
    10:43:28.0920 1384 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    10:43:28.0970 1384 PptpMiniport - ok
    10:43:28.0990 1384 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    10:43:29.0026 1384 Processor - ok
    10:43:29.0037 1384 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
    10:43:29.0077 1384 ProfSvc - ok
    10:43:29.0092 1384 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:43:29.0116 1384 ProtectedStorage - ok
    10:43:29.0142 1384 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    10:43:29.0189 1384 PSched - ok
    10:43:29.0196 1384 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
    10:43:29.0222 1384 PxHelp20 - ok
    10:43:29.0292 1384 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    10:43:29.0357 1384 ql2300 - ok
    10:43:29.0390 1384 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    10:43:29.0407 1384 ql40xx - ok
    10:43:29.0441 1384 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
    10:43:29.0483 1384 QWAVE - ok
    10:43:29.0499 1384 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    10:43:29.0538 1384 QWAVEdrv - ok
    10:43:29.0551 1384 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    10:43:29.0603 1384 RasAcd - ok
    10:43:29.0620 1384 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
    10:43:29.0671 1384 RasAuto - ok
    10:43:29.0710 1384 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    10:43:29.0757 1384 Rasl2tp - ok
    10:43:29.0824 1384 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
    10:43:29.0864 1384 RasMan - ok
    10:43:29.0879 1384 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    10:43:29.0920 1384 RasPppoe - ok
    10:43:29.0950 1384 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    10:43:29.0981 1384 RasSstp - ok
    10:43:30.0014 1384 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    10:43:30.0061 1384 rdbss - ok
    10:43:30.0070 1384 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    10:43:30.0111 1384 RDPCDD - ok
    10:43:30.0137 1384 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    10:43:30.0172 1384 rdpdr - ok
    10:43:30.0177 1384 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    10:43:30.0227 1384 RDPENCDD - ok
    10:43:30.0253 1384 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
    10:43:30.0358 1384 RDPWD - ok
    10:43:30.0371 1384 RegGuard (37ecebdd930395a9c399fb18a3c236d3) C:\Windows\system32\Drivers\regguard.sys
    10:43:30.0403 1384 RegGuard - ok
    10:43:30.0436 1384 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
    10:43:30.0479 1384 RemoteAccess - ok
    10:43:30.0495 1384 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
    10:43:30.0539 1384 RemoteRegistry - ok
    10:43:30.0554 1384 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
    10:43:30.0607 1384 RpcLocator - ok
    10:43:30.0640 1384 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    10:43:30.0678 1384 RpcSs - ok
    10:43:30.0697 1384 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    10:43:30.0748 1384 rspndr - ok
    10:43:30.0802 1384 RTL8169 (06992132cf20c3c1cba3f072c4086de8) C:\Windows\system32\DRIVERS\Rtlh86.sys
    10:43:30.0830 1384 RTL8169 - ok
    10:43:30.0850 1384 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:43:30.0874 1384 SamSs - ok
    10:43:30.0910 1384 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    10:43:30.0925 1384 SASDIFSV - ok
    10:43:30.0943 1384 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    10:43:30.0958 1384 SASKUTIL - ok
    10:43:30.0991 1384 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    10:43:31.0008 1384 sbp2port - ok
    10:43:31.0096 1384 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    10:43:31.0167 1384 SBSDWSCService - ok
    10:43:31.0189 1384 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
    10:43:31.0237 1384 SCardSvr - ok
    10:43:31.0277 1384 Schedule (323ae0bdfd2eb15b668dda50cc597329) C:\Windows\system32\schedsvc.dll
    10:43:31.0364 1384 Schedule - ok
    10:43:31.0386 1384 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    10:43:31.0416 1384 SCPolicySvc - ok
    10:43:31.0439 1384 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
    10:43:31.0486 1384 SDRSVC - ok
    10:43:31.0524 1384 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    10:43:31.0594 1384 secdrv - ok
    10:43:31.0605 1384 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
    10:43:31.0644 1384 seclogon - ok
    10:43:31.0656 1384 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
    10:43:31.0694 1384 SENS - ok
    10:43:31.0701 1384 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    10:43:31.0756 1384 Serenum - ok
    10:43:31.0774 1384 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    10:43:31.0838 1384 Serial - ok
    10:43:31.0857 1384 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    10:43:31.0899 1384 sermouse - ok
    10:43:31.0917 1384 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
    10:43:31.0960 1384 SessionEnv - ok
    10:43:31.0973 1384 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    10:43:32.0010 1384 sffdisk - ok
    10:43:32.0021 1384 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    10:43:32.0062 1384 sffp_mmc - ok
    10:43:32.0082 1384 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    10:43:32.0123 1384 sffp_sd - ok
    10:43:32.0136 1384 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    10:43:32.0186 1384 sfloppy - ok
    10:43:32.0216 1384 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
    10:43:32.0256 1384 SharedAccess - ok
    10:43:32.0279 1384 ShellHWDetection (c818c44c201898399bf999bb6b35d4e3) C:\Windows\System32\shsvcs.dll
    10:43:32.0323 1384 ShellHWDetection - ok
    10:43:32.0333 1384 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    10:43:32.0349 1384 sisagp - ok
    10:43:32.0363 1384 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    10:43:32.0380 1384 SiSRaid2 - ok
    10:43:32.0392 1384 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    10:43:32.0409 1384 SiSRaid4 - ok
    10:43:32.0645 1384 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
    10:43:32.0790 1384 slsvc - ok
    10:43:32.0860 1384 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
    10:43:32.0898 1384 SLUINotify - ok
    10:43:32.0937 1384 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
    10:43:32.0957 1384 SmartDefragDriver - ok
    10:43:32.0989 1384 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    10:43:33.0035 1384 Smb - ok
    10:43:33.0057 1384 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
    10:43:33.0090 1384 SNMPTRAP - ok
    10:43:33.0105 1384 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    10:43:33.0131 1384 spldr - ok
    10:43:33.0152 1384 Spooler (524bfbea40e6e404737ccbc754647a2e) C:\Windows\System32\spoolsv.exe
    10:43:33.0190 1384 Spooler - ok
    10:43:33.0211 1384 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
    10:43:33.0256 1384 srv - ok
    10:43:33.0284 1384 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
    10:43:33.0337 1384 srv2 - ok
    10:43:33.0363 1384 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
    10:43:33.0402 1384 srvnet - ok
    10:43:33.0414 1384 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
    10:43:33.0458 1384 SSDPSRV - ok
    10:43:33.0479 1384 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
    10:43:33.0500 1384 ssmdrv - ok
    10:43:33.0521 1384 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
    10:43:33.0553 1384 SstpSvc - ok
    10:43:33.0592 1384 Steam Client Service - ok
    10:43:33.0620 1384 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
    10:43:33.0667 1384 StillCam - ok
    10:43:33.0696 1384 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
    10:43:33.0748 1384 stisvc - ok
    10:43:33.0772 1384 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    10:43:33.0795 1384 swenum - ok
    10:43:33.0828 1384 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
    10:43:33.0868 1384 swprv - ok
    10:43:33.0881 1384 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    10:43:33.0897 1384 Symc8xx - ok
    10:43:33.0912 1384 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    10:43:33.0928 1384 Sym_hi - ok
    10:43:33.0944 1384 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    10:43:33.0961 1384 Sym_u3 - ok
    10:43:34.0026 1384 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
    10:43:34.0086 1384 SysMain - ok
    10:43:34.0112 1384 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
    10:43:34.0159 1384 TabletInputService - ok
    10:43:34.0188 1384 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
    10:43:34.0232 1384 TapiSrv - ok
    10:43:34.0245 1384 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
    10:43:34.0287 1384 TBS - ok
    10:43:34.0355 1384 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys
    10:43:34.0407 1384 Tcpip - ok
    10:43:34.0422 1384 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys
    10:43:34.0457 1384 Tcpip6 - ok
    10:43:34.0485 1384 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys
    10:43:34.0533 1384 tcpipreg - ok
    10:43:34.0558 1384 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    10:43:34.0599 1384 TDPIPE - ok
    10:43:34.0613 1384 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    10:43:34.0647 1384 TDTCP - ok
    10:43:34.0678 1384 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    10:43:34.0716 1384 tdx - ok
    10:43:34.0741 1384 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    10:43:34.0767 1384 TermDD - ok
    10:43:34.0800 1384 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
    10:43:34.0867 1384 TermService - ok
    10:43:34.0891 1384 Themes (c818c44c201898399bf999bb6b35d4e3) C:\Windows\system32\shsvcs.dll
    10:43:34.0923 1384 Themes - ok
    10:43:34.0953 1384 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    10:43:34.0988 1384 THREADORDER - ok
    10:43:35.0013 1384 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
    10:43:35.0050 1384 TrkWks - ok
    10:43:35.0096 1384 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
    10:43:35.0141 1384 TrustedInstaller - ok
    10:43:35.0154 1384 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    10:43:35.0191 1384 tssecsrv - ok
    10:43:35.0200 1384 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    10:43:35.0251 1384 tunmp - ok
    10:43:35.0258 1384 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
    10:43:35.0305 1384 tunnel - ok
    10:43:35.0318 1384 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    10:43:35.0335 1384 uagp35 - ok
    10:43:35.0354 1384 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    10:43:35.0386 1384 udfs - ok
    10:43:35.0409 1384 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
    10:43:35.0461 1384 UI0Detect - ok
    10:43:35.0477 1384 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    10:43:35.0496 1384 uliagpkx - ok
    10:43:35.0515 1384 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    10:43:35.0540 1384 uliahci - ok
    10:43:35.0555 1384 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    10:43:35.0575 1384 UlSata - ok
    10:43:35.0588 1384 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    10:43:35.0615 1384 ulsata2 - ok
    10:43:35.0625 1384 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    10:43:35.0666 1384 umbus - ok
    10:43:35.0695 1384 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
    10:43:35.0737 1384 upnphost - ok
    10:43:35.0758 1384 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    10:43:35.0799 1384 usbccgp - ok
    10:43:35.0818 1384 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    10:43:35.0868 1384 usbcir - ok
    10:43:35.0888 1384 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    10:43:35.0929 1384 usbehci - ok
    10:43:35.0952 1384 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    10:43:36.0030 1384 usbhub - ok
    10:43:36.0045 1384 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
    10:43:36.0089 1384 usbohci - ok
    10:43:36.0102 1384 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    10:43:36.0144 1384 usbprint - ok
    10:43:36.0163 1384 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    10:43:36.0207 1384 usbscan - ok
    10:43:36.0221 1384 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    10:43:36.0259 1384 USBSTOR - ok
    10:43:36.0269 1384 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    10:43:36.0311 1384 usbuhci - ok
    10:43:36.0338 1384 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
    10:43:36.0380 1384 UxSms - ok
    10:43:36.0416 1384 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
    10:43:36.0462 1384 vds - ok
    10:43:36.0476 1384 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    10:43:36.0528 1384 vga - ok
    10:43:36.0540 1384 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    10:43:36.0592 1384 VgaSave - ok
    10:43:36.0603 1384 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    10:43:36.0620 1384 viaagp - ok
    10:43:36.0636 1384 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    10:43:36.0671 1384 ViaC7 - ok
    10:43:36.0677 1384 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    10:43:36.0696 1384 viaide - ok
    10:43:36.0712 1384 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    10:43:36.0735 1384 volmgr - ok
    10:43:36.0764 1384 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    10:43:36.0797 1384 volmgrx - ok
    10:43:36.0814 1384 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    10:43:36.0843 1384 volsnap - ok
    10:43:36.0884 1384 Vsdatant (6983d0bcac64c2d7460c2125f804f118) C:\Windows\system32\DRIVERS\vsdatant.sys
    10:43:36.0915 1384 Vsdatant - ok
    10:43:36.0920 1384 vsdatant7 - ok
    10:43:36.0964 1384 vsmon - ok
    10:43:37.0017 1384 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    10:43:37.0045 1384 vsmraid - ok
    10:43:37.0112 1384 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
    10:43:37.0198 1384 VSS - ok
    10:43:37.0287 1384 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
    10:43:37.0345 1384 vToolbarUpdater11.0.2 - ok
    10:43:37.0455 1384 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
    10:43:37.0491 1384 W32Time - ok
    10:43:37.0532 1384 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    10:43:37.0592 1384 WacomPen - ok
    10:43:37.0605 1384 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    10:43:37.0652 1384 Wanarp - ok
    10:43:37.0655 1384 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    10:43:37.0686 1384 Wanarpv6 - ok
    10:43:37.0716 1384 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
    10:43:37.0760 1384 wcncsvc - ok
    10:43:37.0782 1384 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
    10:43:37.0823 1384 WcsPlugInService - ok
    10:43:37.0835 1384 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    10:43:37.0858 1384 Wd - ok
    10:43:37.0894 1384 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    10:43:37.0933 1384 Wdf01000 - ok
    10:43:37.0968 1384 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    10:43:38.0011 1384 WdiServiceHost - ok
    10:43:38.0016 1384 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    10:43:38.0053 1384 WdiSystemHost - ok
    10:43:38.0081 1384 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
    10:43:38.0108 1384 WebClient - ok
    10:43:38.0120 1384 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
    10:43:38.0166 1384 Wecsvc - ok
    10:43:38.0175 1384 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
    10:43:38.0219 1384 wercplsupport - ok
    10:43:38.0239 1384 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
    10:43:38.0271 1384 WerSvc - ok
    10:43:38.0325 1384 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
    10:43:38.0353 1384 WinDefend - ok
    10:43:38.0364 1384 WinHttpAutoProxySvc - ok
    10:43:38.0412 1384 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
    10:43:38.0441 1384 Winmgmt - ok
    10:43:38.0491 1384 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
    10:43:38.0541 1384 WinRM - ok
    10:43:38.0587 1384 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
    10:43:38.0638 1384 Wlansvc - ok
    10:43:38.0678 1384 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    10:43:38.0693 1384 wlcrasvc - ok
    10:43:38.0812 1384 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    10:43:38.0889 1384 wlidsvc - ok
    10:43:38.0982 1384 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    10:43:39.0046 1384 WmiAcpi - ok
    10:43:39.0089 1384 WmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
    10:43:39.0133 1384 WmiApSrv - ok
    10:43:39.0237 1384 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
    10:43:39.0300 1384 WMPNetworkSvc - ok
    10:43:39.0318 1384 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
    10:43:39.0368 1384 WPCSvc - ok
    10:43:39.0380 1384 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
    10:43:39.0423 1384 WPDBusEnum - ok
    10:43:39.0527 1384 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    10:43:39.0570 1384 WPFFontCache_v0400 - ok
    10:43:39.0598 1384 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    10:43:39.0643 1384 ws2ifsl - ok
    10:43:39.0666 1384 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
    10:43:39.0695 1384 wscsvc - ok
    10:43:39.0700 1384 WSearch - ok
    10:43:39.0820 1384 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
    10:43:39.0902 1384 wuauserv - ok
    10:43:39.0973 1384 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
    10:43:40.0038 1384 wudfsvc - ok
    10:43:40.0056 1384 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    10:43:40.0366 1384 \Device\Harddisk0\DR0 - ok
    10:43:40.0370 1384 Boot (0x1200) (1564506fc0713d153b896ad06c0f6c1f) \Device\Harddisk0\DR0\Partition0
    10:43:40.0371 1384 \Device\Harddisk0\DR0\Partition0 - ok
    10:43:40.0372 1384 ============================================================
    10:43:40.0372 1384 Scan finished
    10:43:40.0372 1384 ============================================================
    10:43:40.0390 2568 Detected object count: 10
    10:43:40.0390 2568 Actual detected object count: 10
    10:45:00.0676 2568 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0676 2568 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0680 2568 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0680 2568 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0683 2568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0683 2568 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0685 2568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0685 2568 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0687 2568 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0687 2568 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0690 2568 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0690 2568 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0693 2568 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0693 2568 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0696 2568 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0696 2568 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0698 2568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0698 2568 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:00.0700 2568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:45:00.0700 2568 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:45:43.0663 3304 ============================================================
    10:45:43.0663 3304 Scan started
    10:45:43.0663 3304 Mode: Manual; SigCheck;
    10:45:43.0663 3304 ============================================================
    10:45:44.0042 3304 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    10:45:44.0070 3304 !SASCORE - ok
    10:45:44.0141 3304 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    10:45:44.0163 3304 ACPI - ok
    10:45:44.0206 3304 AdobeActiveFileMonitor6.0 (e8fe4fce23d2809bd88bcc1d0f8408ce) C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    10:45:44.0222 3304 AdobeActiveFileMonitor6.0 - ok
    10:45:44.0258 3304 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    10:45:44.0273 3304 AdobeARMservice - ok
    10:45:44.0319 3304 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    10:45:44.0337 3304 AdobeFlashPlayerUpdateSvc - ok
    10:45:44.0376 3304 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    10:45:44.0400 3304 adp94xx - ok
    10:45:44.0452 3304 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    10:45:44.0471 3304 adpahci - ok
    10:45:44.0495 3304 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    10:45:44.0512 3304 adpu160m - ok
    10:45:44.0528 3304 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    10:45:44.0545 3304 adpu320 - ok
    10:45:44.0623 3304 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
    10:45:44.0654 3304 AdvancedSystemCareService5 - ok
    10:45:44.0687 3304 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
    10:45:44.0717 3304 AeLookupSvc - ok
    10:45:44.0743 3304 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    10:45:44.0774 3304 AFD - ok
    10:45:44.0785 3304 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    10:45:44.0801 3304 agp440 - ok
    10:45:44.0811 3304 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    10:45:44.0828 3304 aic78xx - ok
    10:45:44.0844 3304 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
    10:45:44.0876 3304 ALG - ok
    10:45:44.0893 3304 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    10:45:44.0909 3304 aliide - ok
    10:45:44.0935 3304 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    10:45:44.0951 3304 amdagp - ok
    10:45:44.0981 3304 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    10:45:44.0996 3304 amdide - ok
    10:45:45.0016 3304 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    10:45:45.0048 3304 AmdK7 - ok
    10:45:45.0067 3304 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
    10:45:45.0100 3304 AmdK8 - ok
    10:45:45.0139 3304 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files\Avira\AntiVir Desktop\sched.exe
    10:45:45.0154 3304 AntiVirSchedulerService - ok
    10:45:45.0178 3304 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    10:45:45.0194 3304 AntiVirService - ok
    10:45:45.0218 3304 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
    10:45:45.0242 3304 Appinfo - ok
    10:45:45.0274 3304 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    10:45:45.0291 3304 arc - ok
    10:45:45.0303 3304 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    10:45:45.0320 3304 arcsas - ok
    10:45:45.0382 3304 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    10:45:45.0398 3304 aspnet_state - ok
    10:45:45.0412 3304 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    10:45:45.0445 3304 AsyncMac - ok
    10:45:45.0475 3304 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    10:45:45.0492 3304 atapi - ok
    10:45:45.0520 3304 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    10:45:45.0555 3304 AudioEndpointBuilder - ok
    10:45:45.0560 3304 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    10:45:45.0591 3304 Audiosrv - ok
    10:45:45.0610 3304 avgntflt (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
    10:45:45.0625 3304 avgntflt - ok
    10:45:45.0648 3304 avipbb (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
    10:45:45.0663 3304 avipbb - ok
    10:45:45.0675 3304 avkmgr (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
    10:45:45.0690 3304 avkmgr - ok
    10:45:45.0701 3304 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    10:45:45.0734 3304 Beep - ok
    10:45:45.0764 3304 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
    10:45:45.0799 3304 BFE - ok
    10:45:45.0856 3304 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
    10:45:45.0902 3304 BITS - ok
    10:45:45.0934 3304 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    10:45:45.0976 3304 blbdrive - ok
    10:45:46.0042 3304 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
    10:45:46.0062 3304 Bonjour Service - ok
    10:45:46.0088 3304 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
    10:45:46.0121 3304 bowser - ok
    10:45:46.0131 3304 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    10:45:46.0160 3304 BrFiltLo - ok
    10:45:46.0171 3304 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    10:45:46.0199 3304 BrFiltUp - ok
    10:45:46.0218 3304 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
    10:45:46.0253 3304 Browser - ok
    10:45:46.0267 3304 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    10:45:46.0316 3304 Brserid - ok
    10:45:46.0325 3304 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    10:45:46.0375 3304 BrSerWdm - ok
    10:45:46.0385 3304 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    10:45:46.0434 3304 BrUsbMdm - ok
    10:45:46.0450 3304 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    10:45:46.0499 3304 BrUsbSer - ok
    10:45:46.0514 3304 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    10:45:46.0563 3304 BTHMODEM - ok
    10:45:46.0572 3304 catchme - ok
    10:45:46.0590 3304 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    10:45:46.0626 3304 cdfs - ok
    10:45:46.0648 3304 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    10:45:46.0678 3304 cdrom - ok
    10:45:46.0702 3304 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    10:45:46.0730 3304 CertPropSvc - ok
    10:45:46.0748 3304 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    10:45:46.0781 3304 circlass - ok
    10:45:46.0808 3304 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    10:45:46.0828 3304 CLFS - ok
    10:45:46.0875 3304 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    10:45:46.0892 3304 clr_optimization_v2.0.50727_32 - ok
    10:45:46.0943 3304 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    10:45:46.0969 3304 clr_optimization_v4.0.30319_32 - ok
    10:45:46.0998 3304 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    10:45:47.0013 3304 cmdide - ok
    10:45:47.0023 3304 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
    10:45:47.0038 3304 Compbatt - ok
    10:45:47.0043 3304 COMSysApp - ok
    10:45:47.0050 3304 cpuz134 - ok
    10:45:47.0076 3304 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    10:45:47.0091 3304 crcdisk - ok
    10:45:47.0105 3304 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    10:45:47.0139 3304 Crusoe - ok
    10:45:47.0171 3304 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
    10:45:47.0200 3304 CryptSvc - ok
    10:45:47.0264 3304 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    10:45:47.0320 3304 DcomLaunch - ok
    10:45:47.0340 3304 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    10:45:47.0369 3304 DfsC - ok
    10:45:47.0486 3304 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
    10:45:47.0581 3304 DFSR - ok
    10:45:47.0667 3304 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
    10:45:47.0699 3304 Dhcp - ok
    10:45:47.0726 3304 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    10:45:47.0744 3304 disk - ok
    10:45:47.0768 3304 Dnscache (30a08728740e71947ae1e073b5ce69b4) C:\Windows\System32\dnsrslvr.dll
    10:45:47.0800 3304 Dnscache - ok
    10:45:47.0825 3304 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
    10:45:47.0855 3304 dot3svc - ok
    10:45:47.0877 3304 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
    10:45:47.0911 3304 Dot4 - ok
    10:45:47.0922 3304 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    10:45:47.0957 3304 Dot4Print - ok
    10:45:47.0981 3304 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
    10:45:48.0013 3304 dot4usb - ok
    10:45:48.0026 3304 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
    10:45:48.0062 3304 DPS - ok
    10:45:48.0080 3304 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    10:45:48.0110 3304 drmkaud - ok
    10:45:48.0153 3304 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
    10:45:48.0227 3304 DXGKrnl - ok
    10:45:48.0245 3304 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    10:45:48.0281 3304 E1G60 - ok
    10:45:48.0292 3304 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
    10:45:48.0322 3304 EapHost - ok
    10:45:48.0349 3304 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    10:45:48.0368 3304 Ecache - ok
    10:45:48.0401 3304 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
    10:45:48.0427 3304 ehRecvr - ok
    10:45:48.0449 3304 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
    10:45:48.0471 3304 ehSched - ok
    10:45:48.0480 3304 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
    10:45:48.0501 3304 ehstart - ok
    10:45:48.0533 3304 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    10:45:48.0565 3304 elxstor - ok
    10:45:48.0609 3304 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
    10:45:48.0666 3304 EMDMgmt - ok
    10:45:48.0671 3304 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    10:45:48.0706 3304 ErrDev - ok
    10:45:48.0759 3304 ETService (23112102bc2a8fe44b8ac44a05bdf4c3) C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe
    10:45:48.0771 3304 ETService ( UnsignedFile.Multi.Generic ) - warning
    10:45:48.0771 3304 ETService - detected UnsignedFile.Multi.Generic (1)
    10:45:48.0801 3304 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
    10:45:48.0837 3304 EventSystem - ok
    10:45:48.0856 3304 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    10:45:48.0909 3304 exfat - ok
    10:45:48.0939 3304 ezSharedSvc (42f721c52eef2d6df9372a53813a83ef) C:\Windows\System32\ezsvc7.dll
    10:45:48.0953 3304 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
    10:45:48.0954 3304 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
    10:45:48.0999 3304 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    10:45:49.0028 3304 fastfat - ok
    10:45:49.0039 3304 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    10:45:49.0075 3304 fdc - ok
    10:45:49.0088 3304 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
    10:45:49.0126 3304 fdPHost - ok
    10:45:49.0132 3304 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
    10:45:49.0183 3304 FDResPub - ok
    10:45:49.0201 3304 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    10:45:49.0218 3304 FileInfo - ok
    10:45:49.0228 3304 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    10:45:49.0262 3304 Filetrace - ok
    10:45:49.0319 3304 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    10:45:49.0342 3304 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
    10:45:49.0342 3304 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
    10:45:49.0358 3304 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    10:45:49.0391 3304 flpydisk - ok
    10:45:49.0416 3304 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    10:45:49.0435 3304 FltMgr - ok
    10:45:49.0512 3304 FontCache (d49705f25390265cad9b620f55ea968c) C:\Windows\system32\FntCache.dll
    10:45:49.0546 3304 FontCache - ok
    10:45:49.0616 3304 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    10:45:49.0640 3304 FontCache3.0.0.0 - ok
    10:45:49.0666 3304 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
    10:45:49.0681 3304 fssfltr - ok
    10:45:49.0796 3304 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    10:45:49.0899 3304 fsssvc - ok
    10:45:50.0008 3304 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    10:45:50.0036 3304 Fs_Rec - ok
    10:45:50.0060 3304 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    10:45:50.0076 3304 gagp30kx - ok
    10:45:50.0108 3304 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    10:45:50.0121 3304 GEARAspiWDM - ok
    10:45:50.0178 3304 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    10:45:50.0192 3304 GoogleDesktopManager-051210-111108 - ok
    10:45:50.0196 3304 GoogleDesktopManager-110309-193829 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    10:45:50.0210 3304 GoogleDesktopManager-110309-193829 - ok
    10:45:50.0235 3304 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe
    10:45:50.0249 3304 GoToAssist - ok
    10:45:50.0297 3304 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
    10:45:50.0334 3304 gpsvc - ok
    10:45:50.0367 3304 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    10:45:50.0392 3304 gupdate - ok
    10:45:50.0396 3304 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
    10:45:50.0413 3304 gupdatem - ok
    10:45:50.0442 3304 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    10:45:50.0457 3304 gusvc - ok
    10:45:50.0499 3304 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
    10:45:50.0531 3304 HdAudAddService - ok
    10:45:50.0576 3304 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    10:45:50.0616 3304 HDAudBus - ok
    10:45:50.0641 3304 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    10:45:50.0691 3304 HidBth - ok
    10:45:50.0700 3304 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    10:45:50.0749 3304 HidIr - ok
    10:45:50.0763 3304 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
    10:45:50.0786 3304 hidserv - ok
    10:45:50.0803 3304 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    10:45:50.0831 3304 HidUsb - ok
    10:45:50.0848 3304 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
    10:45:50.0883 3304 hkmsvc - ok
    10:45:50.0895 3304 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    10:45:50.0910 3304 HpCISSs - ok
    10:45:50.0977 3304 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
    10:45:50.0990 3304 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
    10:45:50.0990 3304 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
    10:45:51.0024 3304 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
    10:45:51.0037 3304 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
    10:45:51.0037 3304 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
    10:45:51.0085 3304 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    10:45:51.0113 3304 HTTP - ok
    10:45:51.0132 3304 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    10:45:51.0148 3304 i2omp - ok
    10:45:51.0160 3304 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    10:45:51.0189 3304 i8042prt - ok
    10:45:51.0216 3304 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    10:45:51.0241 3304 iaStorV - ok
    10:45:51.0323 3304 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    10:45:51.0364 3304 idsvc - ok
    10:45:51.0383 3304 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    10:45:51.0399 3304 iirsp - ok
    10:45:51.0441 3304 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
    10:45:51.0508 3304 IKEEXT - ok
    10:45:51.0534 3304 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
    10:45:51.0548 3304 int15 - ok
    10:45:51.0748 3304 IntcAzAudAddService (bfcd7edc663f513e7c4a0b9400e58c70) C:\Windows\system32\drivers\RTKVHDA.sys
    10:45:52.0004 3304 IntcAzAudAddService - ok
    10:45:52.0097 3304 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    10:45:52.0113 3304 intelide - ok
    10:45:52.0141 3304 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    10:45:52.0174 3304 intelppm - ok
    10:45:52.0209 3304 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
    10:45:52.0243 3304 IPBusEnum - ok
    10:45:52.0258 3304 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    10:45:52.0293 3304 IpFilterDriver - ok
    10:45:52.0319 3304 iphlpsvc (7f83b06a929a981bc001b2ea304d2036) C:\Windows\System32\iphlpsvc.dll
    10:45:52.0357 3304 iphlpsvc - ok
    10:45:52.0362 3304 IpInIp - ok
    10:45:52.0376 3304 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    10:45:52.0409 3304 IPMIDRV - ok
    10:45:52.0438 3304 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    10:45:52.0474 3304 IPNAT - ok
    10:45:52.0502 3304 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    10:45:52.0534 3304 IRENUM - ok
    10:45:52.0547 3304 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    10:45:52.0564 3304 isapnp - ok
    10:45:52.0594 3304 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    10:45:52.0621 3304 iScsiPrt - ok
    10:45:52.0665 3304 ISWKL (ee8bed092a58a4faeb08dc140729189e) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
    10:45:52.0679 3304 ISWKL - ok
    10:45:52.0724 3304 IswSvc (aa7fd6a7532ef23fdcfc030195c148f9) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    10:45:52.0745 3304 IswSvc - ok
    10:45:52.0760 3304 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    10:45:52.0776 3304 iteatapi - ok
    10:45:52.0790 3304 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    10:45:52.0805 3304 iteraid - ok
    10:45:52.0813 3304 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    10:45:52.0828 3304 kbdclass - ok
    10:45:52.0852 3304 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
    10:45:52.0884 3304 kbdhid - ok
    10:45:52.0907 3304 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:45:52.0940 3304 KeyIso - ok
    10:45:52.0977 3304 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\kl1.sys
    10:45:52.0993 3304 KL1 - ok
    10:45:53.0008 3304 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\Windows\system32\DRIVERS\kl2.sys
    10:45:53.0021 3304 kl2 - ok
    10:45:53.0054 3304 KLIF (46fa00bef951762919b66269371c22af) C:\Windows\system32\DRIVERS\klif.sys
    10:45:53.0076 3304 KLIF - ok
    10:45:53.0100 3304 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    10:45:53.0124 3304 KSecDD - ok
    10:45:53.0306 3304 KService (0423bc118534ec23a063e54ebca9b92d) C:\Program Files\Kontiki\KService.exe
    10:45:53.0392 3304 KService - ok
    10:45:53.0484 3304 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
    10:45:53.0559 3304 KtmRm - ok
    10:45:53.0602 3304 LanmanServer (43446f197c74ef2030f84b3a4f39d570) C:\Windows\system32\srvsvc.dll
    10:45:53.0642 3304 LanmanServer - ok
    10:45:53.0668 3304 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
    10:45:53.0717 3304 LanmanWorkstation - ok
    10:45:53.0743 3304 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    10:45:53.0777 3304 lltdio - ok
    10:45:53.0808 3304 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
    10:45:53.0843 3304 lltdsvc - ok
    10:45:53.0855 3304 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
    10:45:53.0906 3304 lmhosts - ok
    10:45:53.0941 3304 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    10:45:53.0959 3304 LSI_FC - ok
    10:45:53.0976 3304 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    10:45:53.0994 3304 LSI_SAS - ok
    10:45:54.0010 3304 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    10:45:54.0029 3304 LSI_SCSI - ok
    10:45:54.0043 3304 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    10:45:54.0076 3304 luafv - ok
    10:45:54.0100 3304 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
    10:45:54.0116 3304 MBAMProtector - ok
    10:45:54.0196 3304 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    10:45:54.0230 3304 MBAMService - ok
    10:45:54.0286 3304 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files\Common Files\Motive\McciCMService.exe
    10:45:54.0305 3304 McciCMService ( UnsignedFile.Multi.Generic ) - warning
    10:45:54.0305 3304 McciCMService - detected UnsignedFile.Multi.Generic (1)
    10:45:54.0329 3304 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
    10:45:54.0353 3304 Mcx2Svc - ok
    10:45:54.0362 3304 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    10:45:54.0377 3304 megasas - ok
    10:45:54.0409 3304 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    10:45:54.0458 3304 MegaSR - ok
    10:45:54.0485 3304 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    10:45:54.0520 3304 MMCSS - ok
    10:45:54.0539 3304 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    10:45:54.0572 3304 Modem - ok
    10:45:54.0584 3304 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    10:45:54.0617 3304 monitor - ok
    10:45:54.0636 3304 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    10:45:54.0651 3304 mouclass - ok
    10:45:54.0663 3304 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    10:45:54.0696 3304 mouhid - ok
    10:45:54.0715 3304 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    10:45:54.0730 3304 MountMgr - ok
    10:45:54.0767 3304 MozillaMaintenance (166f0cbff55d16552161c154317287ca) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    10:45:54.0785 3304 MozillaMaintenance - ok
    10:45:54.0803 3304 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
    10:45:54.0822 3304 MpFilter - ok
    10:45:54.0835 3304 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    10:45:54.0855 3304 mpio - ok
    10:45:54.0866 3304 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    10:45:54.0896 3304 mpsdrv - ok
    10:45:54.0940 3304 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
    10:45:55.0019 3304 MpsSvc - ok
    10:45:55.0036 3304 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    10:45:55.0051 3304 Mraid35x - ok
    10:45:55.0091 3304 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
    10:45:55.0102 3304 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
    10:45:55.0102 3304 MREMP50 - detected UnsignedFile.Multi.Generic (1)
    10:45:55.0107 3304 MREMPR5 - ok
    10:45:55.0113 3304 MRENDIS5 - ok
    10:45:55.0128 3304 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
    10:45:55.0138 3304 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
    10:45:55.0138 3304 MRESP50 - detected UnsignedFile.Multi.Generic (1)
    10:45:55.0167 3304 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    10:45:55.0194 3304 MRxDAV - ok
    10:45:55.0220 3304 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    10:45:55.0248 3304 mrxsmb - ok
    10:45:55.0272 3304 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    10:45:55.0302 3304 mrxsmb10 - ok
    10:45:55.0312 3304 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    10:45:55.0340 3304 mrxsmb20 - ok
    10:45:55.0357 3304 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
    10:45:55.0372 3304 msahci - ok
    10:45:55.0393 3304 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    10:45:55.0413 3304 msdsm - ok
    10:45:55.0447 3304 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
    10:45:55.0484 3304 MSDTC - ok
    10:45:55.0505 3304 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    10:45:55.0538 3304 Msfs - ok
    10:45:55.0559 3304 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    10:45:55.0574 3304 msisadrv - ok
    10:45:55.0600 3304 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
    10:45:55.0634 3304 MSiSCSI - ok
    10:45:55.0638 3304 msiserver - ok
    10:45:55.0657 3304 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    10:45:55.0691 3304 MSKSSRV - ok
    10:45:55.0721 3304 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
    10:45:55.0737 3304 MsMpSvc - ok
    10:45:55.0749 3304 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    10:45:55.0781 3304 MSPCLOCK - ok
    10:45:55.0786 3304 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    10:45:55.0819 3304 MSPQM - ok
    10:45:55.0844 3304 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    10:45:55.0863 3304 MsRPC - ok
    10:45:55.0872 3304 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    10:45:55.0888 3304 mssmbios - ok
    10:45:55.0893 3304 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    10:45:55.0929 3304 MSTEE - ok
    10:45:55.0936 3304 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    10:45:55.0953 3304 Mup - ok
    10:45:55.0991 3304 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
    10:45:56.0051 3304 napagent - ok
    10:45:56.0083 3304 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    10:45:56.0116 3304 NativeWifiP - ok
    10:45:56.0150 3304 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    10:45:56.0190 3304 NDIS - ok
    10:45:56.0202 3304 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    10:45:56.0230 3304 NdisTapi - ok
    10:45:56.0245 3304 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    10:45:56.0278 3304 Ndisuio - ok
    10:45:56.0297 3304 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    10:45:56.0326 3304 NdisWan - ok
    10:45:56.0344 3304 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    10:45:56.0372 3304 NDProxy - ok
    10:45:56.0394 3304 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
    10:45:56.0406 3304 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    10:45:56.0406 3304 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    10:45:56.0426 3304 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    10:45:56.0459 3304 NetBIOS - ok
    10:45:56.0478 3304 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    10:45:56.0508 3304 netbt - ok
    10:45:56.0532 3304 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:45:56.0555 3304 Netlogon - ok
    10:45:56.0599 3304 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
    10:45:56.0639 3304 Netman - ok
    10:45:56.0691 3304 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:45:56.0708 3304 NetMsmqActivator - ok
    10:45:56.0712 3304 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:45:56.0729 3304 NetPipeActivator - ok
    10:45:56.0756 3304 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
    10:45:56.0806 3304 netprofm - ok
    10:45:56.0810 3304 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:45:56.0826 3304 NetTcpActivator - ok
    10:45:56.0831 3304 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    10:45:56.0847 3304 NetTcpPortSharing - ok
    10:45:56.0875 3304 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    10:45:56.0891 3304 nfrd960 - ok
    10:45:56.0912 3304 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    10:45:56.0928 3304 NisDrv - ok
    10:45:56.0974 3304 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
    10:45:57.0043 3304 NisSrv - ok
    10:45:57.0061 3304 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
    10:45:57.0120 3304 NlaSvc - ok
    10:45:57.0137 3304 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    10:45:57.0166 3304 Npfs - ok
    10:45:57.0181 3304 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
    10:45:57.0215 3304 nsi - ok
    10:45:57.0223 3304 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    10:45:57.0256 3304 nsiproxy - ok
    10:45:57.0337 3304 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    10:45:57.0373 3304 Ntfs - ok
    10:45:57.0402 3304 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    10:45:57.0452 3304 ntrigdigi - ok
    10:45:57.0476 3304 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    10:45:57.0508 3304 Null - ok
    10:45:57.0537 3304 NVHDA (3d7fb57354703809b5f0c23287fac1d6) C:\Windows\system32\drivers\nvhda32v.sys
    10:45:57.0554 3304 NVHDA - ok
    10:45:58.0107 3304 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    10:45:58.0395 3304 nvlddmkm - ok
    10:45:58.0479 3304 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    10:45:58.0501 3304 nvraid - ok
    10:45:58.0530 3304 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    10:45:58.0548 3304 nvstor - ok
    10:45:58.0574 3304 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
    10:45:58.0600 3304 nvstor32 - ok
    10:45:58.0649 3304 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
    10:45:58.0695 3304 nvsvc - ok
    10:45:58.0864 3304 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    10:45:58.0977 3304 nvUpdatusService - ok
    10:45:59.0117 3304 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    10:45:59.0138 3304 nv_agp - ok
    10:45:59.0144 3304 NwlnkFlt - ok
    10:45:59.0152 3304 NwlnkFwd - ok
    10:45:59.0184 3304 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
    10:45:59.0240 3304 ohci1394 - ok
    10:45:59.0279 3304 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    10:45:59.0306 3304 ose - ok
    10:45:59.0576 3304 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    10:45:59.0794 3304 osppsvc - ok
    10:45:59.0943 3304 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:46:00.0026 3304 p2pimsvc - ok
    10:46:00.0035 3304 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:46:00.0072 3304 p2psvc - ok
    10:46:00.0102 3304 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    10:46:00.0160 3304 Parport - ok
    10:46:00.0180 3304 Partizan (6ddcf3f801ec15fe698f6a215cf30a1f) C:\Windows\system32\drivers\Partizan.sys
    10:46:00.0194 3304 Partizan - ok
    10:46:00.0213 3304 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    10:46:00.0230 3304 partmgr - ok
    10:46:00.0245 3304 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    10:46:00.0293 3304 Parvdm - ok
    10:46:00.0311 3304 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
    10:46:00.0335 3304 PcaSvc - ok
    10:46:00.0352 3304 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    10:46:00.0370 3304 pci - ok
    10:46:00.0379 3304 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
    10:46:00.0395 3304 pciide - ok
    10:46:00.0425 3304 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    10:46:00.0452 3304 pcmcia - ok
    10:46:00.0521 3304 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    10:46:00.0585 3304 PEAUTH - ok
    10:46:00.0684 3304 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
    10:46:00.0764 3304 pla - ok
    10:46:00.0871 3304 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
    10:46:00.0924 3304 PlugPlay - ok
    10:46:00.0969 3304 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
    10:46:00.0980 3304 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    10:46:00.0980 3304 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    10:46:01.0050 3304 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:46:01.0083 3304 PNRPAutoReg - ok
    10:46:01.0092 3304 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    10:46:01.0124 3304 PNRPsvc - ok
    10:46:01.0156 3304 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
    10:46:01.0190 3304 PolicyAgent - ok
    10:46:01.0227 3304 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    10:46:01.0259 3304 PptpMiniport - ok
    10:46:01.0288 3304 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    10:46:01.0321 3304 Processor - ok
    10:46:01.0340 3304 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
    10:46:01.0373 3304 ProfSvc - ok
    10:46:01.0399 3304 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:46:01.0422 3304 ProtectedStorage - ok
    10:46:01.0449 3304 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    10:46:01.0476 3304 PSched - ok
    10:46:01.0483 3304 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
    10:46:01.0498 3304 PxHelp20 - ok
    10:46:01.0566 3304 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    10:46:01.0637 3304 ql2300 - ok
    10:46:01.0656 3304 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    10:46:01.0675 3304 ql40xx - ok
    10:46:01.0705 3304 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
    10:46:01.0732 3304 QWAVE - ok
    10:46:01.0748 3304 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    10:46:01.0770 3304 QWAVEdrv - ok
    10:46:01.0783 3304 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    10:46:01.0815 3304 RasAcd - ok
    10:46:01.0835 3304 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
    10:46:01.0869 3304 RasAuto - ok
    10:46:01.0884 3304 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    10:46:01.0917 3304 Rasl2tp - ok
    10:46:01.0945 3304 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
    10:46:01.0981 3304 RasMan - ok
    10:46:02.0002 3304 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    10:46:02.0031 3304 RasPppoe - ok
    10:46:02.0047 3304 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    10:46:02.0069 3304 RasSstp - ok
    10:46:02.0105 3304 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    10:46:02.0134 3304 rdbss - ok
    10:46:02.0144 3304 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    10:46:02.0176 3304 RDPCDD - ok
    10:46:02.0203 3304 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    10:46:02.0260 3304 rdpdr - ok
    10:46:02.0265 3304 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    10:46:02.0299 3304 RDPENCDD - ok
    10:46:02.0327 3304 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
    10:46:02.0351 3304 RDPWD - ok
    10:46:02.0369 3304 RegGuard (37ecebdd930395a9c399fb18a3c236d3) C:\Windows\system32\Drivers\regguard.sys
    10:46:02.0383 3304 RegGuard - ok
    10:46:02.0402 3304 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
    10:46:02.0437 3304 RemoteAccess - ok
    10:46:02.0460 3304 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
    10:46:02.0490 3304 RemoteRegistry - ok
    10:46:02.0503 3304 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
    10:46:02.0526 3304 RpcLocator - ok
    10:46:02.0631 3304 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    10:46:02.0673 3304 RpcSs - ok
    10:46:02.0696 3304 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    10:46:02.0728 3304 rspndr - ok
    10:46:02.0771 3304 RTL8169 (06992132cf20c3c1cba3f072c4086de8) C:\Windows\system32\DRIVERS\Rtlh86.sys
    10:46:02.0789 3304 RTL8169 - ok
    10:46:02.0807 3304 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
    10:46:02.0830 3304 SamSs - ok
    10:46:02.0867 3304 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    10:46:02.0881 3304 SASDIFSV - ok
    10:46:02.0891 3304 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    10:46:02.0907 3304 SASKUTIL - ok
    10:46:02.0923 3304 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    10:46:02.0941 3304 sbp2port - ok
    10:46:03.0053 3304 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    10:46:03.0106 3304 SBSDWSCService - ok
    10:46:03.0129 3304 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
    10:46:03.0159 3304 SCardSvr - ok
    10:46:03.0201 3304 Schedule (323ae0bdfd2eb15b668dda50cc597329) C:\Windows\system32\schedsvc.dll
    10:46:03.0241 3304 Schedule - ok
    10:46:03.0268 3304 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    10:46:03.0296 3304 SCPolicySvc - ok
    10:46:03.0313 3304 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
    10:46:03.0338 3304 SDRSVC - ok
    10:46:03.0364 3304 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    10:46:03.0413 3304 secdrv - ok
    10:46:03.0445 3304 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
    10:46:03.0479 3304 seclogon - ok
    10:46:03.0496 3304 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
    10:46:03.0531 3304 SENS - ok
    10:46:03.0541 3304 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    10:46:03.0590 3304 Serenum - ok
    10:46:03.0614 3304 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    10:46:03.0665 3304 Serial - ok
    10:46:03.0676 3304 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    10:46:03.0709 3304 sermouse - ok
    10:46:03.0785 3304 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
    10:46:03.0833 3304 SessionEnv - ok
    10:46:03.0847 3304 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    10:46:03.0875 3304 sffdisk - ok
    10:46:03.0887 3304 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    10:46:03.0919 3304 sffp_mmc - ok
    10:46:03.0936 3304 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    10:46:03.0968 3304 sffp_sd - ok
    10:46:04.0002 3304 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    10:46:04.0050 3304 sfloppy - ok
    10:46:04.0081 3304 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
    10:46:04.0129 3304 SharedAccess - ok
    10:46:04.0153 3304 ShellHWDetection (c818c44c201898399bf999bb6b35d4e3) C:\Windows\System32\shsvcs.dll
    10:46:04.0187 3304 ShellHWDetection - ok
    10:46:04.0198 3304 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    10:46:04.0215 3304 sisagp - ok
    10:46:04.0229 3304 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    10:46:04.0245 3304 SiSRaid2 - ok
    10:46:04.0257 3304 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    10:46:04.0274 3304 SiSRaid4 - ok
    10:46:04.0474 3304 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
    10:46:04.0595 3304 slsvc - ok
    10:46:04.0676 3304 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
    10:46:04.0709 3304 SLUINotify - ok
    10:46:04.0747 3304 SmartDefragDriver (cc48f88fe17bb8e5eb6fa1a8a9477006) C:\Windows\system32\Drivers\SmartDefragDriver.sys
    10:46:04.0761 3304 SmartDefragDriver - ok
    10:46:04.0787 3304 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    10:46:04.0818 3304 Smb - ok
    10:46:04.0848 3304 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
    10:46:04.0872 3304 SNMPTRAP - ok
    10:46:04.0887 3304 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    10:46:04.0904 3304 spldr - ok
    10:46:04.0926 3304 Spooler (524bfbea40e6e404737ccbc754647a2e) C:\Windows\System32\spoolsv.exe
    10:46:04.0960 3304 Spooler - ok
    10:46:04.0985 3304 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
    10:46:05.0014 3304 srv - ok
    10:46:05.0040 3304 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
    10:46:05.0063 3304 srv2 - ok
    10:46:05.0087 3304 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
    10:46:05.0115 3304 srvnet - ok
    10:46:05.0126 3304 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
    10:46:05.0163 3304 SSDPSRV - ok
    10:46:05.0186 3304 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
    10:46:05.0199 3304 ssmdrv - ok
    10:46:05.0219 3304 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
    10:46:05.0253 3304 SstpSvc - ok
    10:46:05.0291 3304 Steam Client Service - ok
    10:46:05.0310 3304 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
    10:46:05.0338 3304 StillCam - ok
    10:46:05.0381 3304 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
    10:46:05.0413 3304 stisvc - ok
    10:46:05.0429 3304 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    10:46:05.0445 3304 swenum - ok
    10:46:05.0466 3304 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
    10:46:05.0500 3304 swprv - ok
    10:46:05.0529 3304 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    10:46:05.0544 3304 Symc8xx - ok
    10:46:05.0578 3304 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    10:46:05.0593 3304 Sym_hi - ok
    10:46:05.0609 3304 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    10:46:05.0624 3304 Sym_u3 - ok
    10:46:05.0667 3304 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
    10:46:05.0706 3304 SysMain - ok
    10:46:05.0727 3304 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
    10:46:05.0752 3304 TabletInputService - ok
    10:46:05.0778 3304 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
    10:46:05.0814 3304 TapiSrv - ok
    10:46:05.0827 3304 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
    10:46:05.0861 3304 TBS - ok
    10:46:05.0943 3304 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys
    10:46:05.0978 3304 Tcpip - ok
    10:46:05.0990 3304 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys
    10:46:06.0024 3304 Tcpip6 - ok
    10:46:06.0059 3304 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys
    10:46:06.0080 3304 tcpipreg - ok
    10:46:06.0090 3304 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    10:46:06.0122 3304 TDPIPE - ok
    10:46:06.0137 3304 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    10:46:06.0169 3304 TDTCP - ok
    10:46:06.0193 3304 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    10:46:06.0222 3304 tdx - ok
    10:46:06.0248 3304 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    10:46:06.0265 3304 TermDD - ok
    10:46:06.0314 3304 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
    10:46:06.0365 3304 TermService - ok
    10:46:06.0390 3304 Themes (c818c44c201898399bf999bb6b35d4e3) C:\Windows\system32\shsvcs.dll
    10:46:06.0422 3304 Themes - ok
    10:46:06.0460 3304 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    10:46:06.0494 3304 THREADORDER - ok
    10:46:06.0528 3304 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
    10:46:06.0568 3304 TrkWks - ok
    10:46:06.0611 3304 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
    10:46:06.0639 3304 TrustedInstaller - ok
    10:46:06.0653 3304 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    10:46:06.0685 3304 tssecsrv - ok
    10:46:06.0698 3304 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    10:46:06.0721 3304 tunmp - ok
    10:46:06.0727 3304 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
    10:46:06.0756 3304 tunnel - ok
    10:46:06.0775 3304 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    10:46:06.0791 3304 uagp35 - ok
    10:46:06.0811 3304 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    10:46:06.0847 3304 udfs - ok
    10:46:06.0865 3304 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
    10:46:06.0900 3304 UI0Detect - ok
    10:46:06.0917 3304 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    10:46:06.0934 3304 uliagpkx - ok
    10:46:06.0980 3304 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    10:46:07.0014 3304 uliahci - ok
    10:46:07.0029 3304 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    10:46:07.0048 3304 UlSata - ok
    10:46:07.0061 3304 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    10:46:07.0080 3304 ulsata2 - ok
    10:46:07.0090 3304 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    10:46:07.0123 3304 umbus - ok
    10:46:07.0144 3304 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
    10:46:07.0184 3304 upnphost - ok
    10:46:07.0198 3304 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    10:46:07.0227 3304 usbccgp - ok
    10:46:07.0242 3304 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    10:46:07.0292 3304 usbcir - ok
    10:46:07.0312 3304 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    10:46:07.0340 3304 usbehci - ok
    10:46:07.0367 3304 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    10:46:07.0396 3304 usbhub - ok
    10:46:07.0403 3304 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
    10:46:07.0434 3304 usbohci - ok
    10:46:07.0459 3304 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    10:46:07.0492 3304 usbprint - ok
    10:46:07.0512 3304 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    10:46:07.0539 3304 usbscan - ok
    10:46:07.0547 3304 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    10:46:07.0575 3304 USBSTOR - ok
    10:46:07.0584 3304 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    10:46:07.0612 3304 usbuhci - ok
    10:46:07.0629 3304 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
    10:46:07.0658 3304 UxSms - ok
    10:46:07.0685 3304 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
    10:46:07.0720 3304 vds - ok
    10:46:07.0734 3304 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    10:46:07.0766 3304 vga - ok
    10:46:07.0781 3304 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    10:46:07.0813 3304 VgaSave - ok
    10:46:07.0827 3304 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    10:46:07.0843 3304 viaagp - ok
    10:46:07.0852 3304 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    10:46:07.0885 3304 ViaC7 - ok
    10:46:07.0891 3304 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    10:46:07.0907 3304 viaide - ok
    10:46:07.0919 3304 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    10:46:07.0935 3304 volmgr - ok
    10:46:07.0979 3304 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    10:46:07.0999 3304 volmgrx - ok
    10:46:08.0014 3304 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    10:46:08.0033 3304 volsnap - ok
    10:46:08.0072 3304 Vsdatant (6983d0bcac64c2d7460c2125f804f118) C:\Windows\system32\DRIVERS\vsdatant.sys
    10:46:08.0094 3304 Vsdatant - ok
    10:46:08.0100 3304 vsdatant7 - ok
    10:46:08.0138 3304 vsmon - ok
    10:46:08.0157 3304 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    10:46:08.0176 3304 vsmraid - ok
    10:46:08.0244 3304 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
    10:46:08.0290 3304 VSS - ok
    10:46:08.0386 3304 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
    10:46:08.0418 3304 vToolbarUpdater11.0.2 - ok
    10:46:08.0504 3304 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
    10:46:08.0538 3304 W32Time - ok
    10:46:08.0563 3304 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    10:46:08.0612 3304 WacomPen - ok
    10:46:08.0629 3304 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    10:46:08.0657 3304 Wanarp - ok
    10:46:08.0661 3304 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    10:46:08.0690 3304 Wanarpv6 - ok
    10:46:08.0730 3304 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
    10:46:08.0761 3304 wcncsvc - ok
    10:46:08.0789 3304 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
    10:46:08.0821 3304 WcsPlugInService - ok
    10:46:08.0842 3304 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    10:46:08.0857 3304 Wd - ok
    10:46:08.0892 3304 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    10:46:08.0917 3304 Wdf01000 - ok
    10:46:08.0947 3304 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    10:46:08.0983 3304 WdiServiceHost - ok
    10:46:08.0987 3304 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    10:46:09.0022 3304 WdiSystemHost - ok
    10:46:09.0036 3304 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
    10:46:09.0064 3304 WebClient - ok
    10:46:09.0076 3304 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
    10:46:09.0111 3304 Wecsvc - ok
    10:46:09.0119 3304 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
    10:46:09.0150 3304 wercplsupport - ok
    10:46:09.0163 3304 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
    10:46:09.0195 3304 WerSvc - ok
    10:46:09.0249 3304 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
    10:46:09.0268 3304 WinDefend - ok
    10:46:09.0278 3304 WinHttpAutoProxySvc - ok
    10:46:09.0318 3304 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
    10:46:09.0357 3304 Winmgmt - ok
    10:46:09.0406 3304 WinRM (01874d4689c212460fbabf0ecd7cb7f7) C:\Windows\system32\WsmSvc.dll
    10:46:09.0448 3304 WinRM - ok
    10:46:09.0494 3304 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
    10:46:09.0524 3304 Wlansvc - ok
    10:46:09.0552 3304 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    10:46:09.0566 3304 wlcrasvc - ok
    10:46:09.0685 3304 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    10:46:09.0771 3304 wlidsvc - ok
    10:46:09.0872 3304 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    10:46:09.0900 3304 WmiAcpi - ok
    10:46:09.0943 3304 WmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
    10:46:09.0971 3304 WmiApSrv - ok
    10:46:10.0046 3304 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
    10:46:10.0092 3304 WMPNetworkSvc - ok
    10:46:10.0107 3304 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
    10:46:10.0131 3304 WPCSvc - ok
    10:46:10.0154 3304 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
    10:46:10.0179 3304 WPDBusEnum - ok
    10:46:10.0267 3304 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    10:46:10.0295 3304 WPFFontCache_v0400 - ok
    10:46:10.0315 3304 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    10:46:10.0348 3304 ws2ifsl - ok
    10:46:10.0373 3304 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
    10:46:10.0401 3304 wscsvc - ok
    10:46:10.0406 3304 WSearch - ok
    10:46:10.0539 3304 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
    10:46:10.0625 3304 wuauserv - ok
    10:46:10.0696 3304 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
    10:46:10.0733 3304 wudfsvc - ok
    10:46:10.0754 3304 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    10:46:11.0066 3304 \Device\Harddisk0\DR0 - ok
    10:46:11.0070 3304 Boot (0x1200) (1564506fc0713d153b896ad06c0f6c1f) \Device\Harddisk0\DR0\Partition0
    10:46:11.0071 3304 \Device\Harddisk0\DR0\Partition0 - ok
    10:46:11.0073 3304 ============================================================
    10:46:11.0073 3304 Scan finished
    10:46:11.0073 3304 ============================================================
    10:46:11.0086 1180 Detected object count: 10
    10:46:11.0086 1180 Actual detected object count: 10
    10:48:35.0894 1180 ETService ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0894 1180 ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0896 1180 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0896 1180 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0898 1180 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0898 1180 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0902 1180 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0902 1180 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0905 1180 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0905 1180 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0907 1180 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0907 1180 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0910 1180 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0910 1180 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0912 1180 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0912 1180 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0915 1180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0916 1180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:48:35.0918 1180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:48:35.0918 1180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:50:51.0332 5836 Deinitialize success

    swMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-07-06 11:40:52
    -----------------------------
    11:40:52.092 OS Version: Windows 6.0.6002 Service Pack 2
    11:40:52.092 Number of processors: 4 586 0x1707
    11:40:52.093 ComputerName: EAMONNS UserName: currys
    11:41:25.580 Initialize success
    11:41:50.098 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
    11:41:50.100 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
    11:41:50.115 Disk 0 MBR read successfully
    11:41:50.117 Disk 0 MBR scan
    11:41:50.120 Disk 0 Windows VISTA default MBR code
    11:41:50.130 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10240 MB offset 2048
    11:41:50.137 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 600238 MB offset 20973568
    11:41:50.142 Disk 0 scanning sectors +1250261680
    11:41:50.204 Disk 0 scanning C:\Windows\system32\drivers
    11:41:57.639 Service scanning
    11:42:01.930 Service MpKsl87d25911 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{55FCADA8-9CD5-4ED3-BB75-FDAE65595041}\MpKsl87d25911.sys **LOCKED** 32
    11:42:08.215 Modules scanning
    11:42:11.228 Disk 0 trace - called modules:
    11:42:11.247 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
    11:42:11.252 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87524968]
    11:42:11.257 3 CLASSPNP.SYS[8bdb58b3] -> nt!IofCallDriver -> [0x857d96e0]
    11:42:11.261 5 acpi.sys[83a986bc] -> nt!IofCallDriver -> \Device\0000005e[0x857d9c90]
    11:42:11.266 Scan finished successfully
    11:42:54.736 Disk 0 MBR has been saved successfully to "C:\Users\currys\Desktop\MBR.dat"
    11:42:54.748 The log file has been saved successfully to "C:\Users\currys\Desktop\aswMBR.txt"
     
  7. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Okay, can you firstly uninstall this via AddRemove Programs:

    Advanced SystemCare 5

    Then, can you run the following tools:


    Download RogueKiller to your desktop

    1. Quit all running programs
    2. For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
    3. Wait until the Pre-scan has finished.
    4. Click on Scan
    5. If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
    6. Click on Report and copy/paste the contents here.


    -------------

    Download OTL to your Desktop

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Select All Users
    • Please copy the text in the code box below and paste it in the Custom Scans/Fixes box in OTL:

      Code:
      netsvcs
      activex
      msconfig
      %SYSTEMDRIVE%\*.
      %PROGRAMFILES%\*.exe
      %LOCALAPPDATA%\*.exe
      %windir%\Installer\*.*
      %windir%\system32\tasks\*.*
      %systemroot%\Fonts\*.exe
      %systemroot%\*. /mp /s
      /md5start
      consrv.dll
      explorer.exe
      winlogon.exe
      regedit.exe
      Userinit.exe
      svchost.exe
      MRESP50.SYS
      CBPSp50.sys
      /md5stop
      C:\Windows\assembly\tmp\U\*.* /s
      %Temp%\smtmp\1\*.*
      %Temp%\smtmp\2\*.*
      %Temp%\smtmp\3\*.*
      %Temp%\smtmp\4\*.*
      >C:\commands.txt echo list vol /raw /hide /c
      /wait
      >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
      /wait
      type c:\diskreport.txt /c
      /wait
      erase c:\commands.txt /hide /c
      /wait
      erase c:\diskreport.txt /hide /c
      CREATERESTOREPOINT
      
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

    eddie
     
  8. baffledUK

    baffledUK Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    114
    Hi Eddie I've done what you suggested! Except Oldtimergeekstogo are investigating their database back 7/9/2012

    RogueKiller V7.6.3 [07/08/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
    Started in : Normal mode
    User: currys [Admin rights]
    Mode: Scan -- Date: 07/08/2012 23:20:43

    ¤¤¤ Bad processes: 1 ¤¤¤
    [SUSP PATH] system32CmdLineExt.dll -- C:\Windows\system32CmdLineExt.dll -> UNLOADED

    ¤¤¤ Registry Entries: 2 ¤¤¤
    [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver: [LOADED] ¤¤¤
    SSDT[289] : NtSetContextThread @ 0x82CA5253 -> HOOKED (Unknown @ 0x8CD5FE03)
    SSDT[314] : NtSetSecurityObject @ 0x82BD2FE4 -> HOOKED (Unknown @ 0x8CD5FE0D)

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: WDC WD64 00AAKS-22A7B SCSI Disk Device +++++
    --- User ---
    [MBR] cb937bfbef932355cd34b6cb6f4027a9
    [BSP] 8484c7ec0314f855e9c1602adbcfff5f : Windows Vista MBR Code
    Partition table:
    0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 600238 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    +++++ PhysicalDrive1: HP Photosmart C4400 USB Device +++++
    Error reading User MBR!
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Finished : << RKreport[1].txt >>
    RKreport[1].txt

    all the best
     
  9. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Looks like it'll be back online today sometime, I'll wait until then, as OTL is a very good tool to help us with infections :)
     
  10. baffledUK

    baffledUK Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    114
    OTL logfile created on: 10/07/2012 18:55:16 - Run 1
    OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\currys\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.19222)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    3.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 65.67% Memory free
    6.22 Gb Paging File | 4.54 Gb Available in Paging File | 72.96% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 586.17 Gb Total Space | 420.59 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: EAMONNS | User Name: currys | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/07/10 18:50:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\currys\Downloads\OTL.exe
    PRC - [2012/06/26 18:33:03 | 003,906,432 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    PRC - [2012/05/07 01:27:06 | 000,932,736 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
    PRC - [2012/05/03 15:10:02 | 002,446,872 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    PRC - [2012/05/03 15:07:06 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
    PRC - [2012/04/30 20:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
    PRC - [2012/04/30 20:04:28 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2012/02/29 21:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    PRC - [2012/02/29 21:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011/09/30 19:04:54 | 000,142,848 | ---- | M] () -- C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
    PRC - [2011/08/26 13:56:04 | 000,685,912 | ---- | M] (IObit) -- C:\Program Files\IObit\Game Booster\gbtray.exe
    PRC - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
    PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2008/07/07 16:26:28 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
    PRC - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/07/10 18:36:21 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
    MOD - [2012/07/10 18:36:20 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
    MOD - [2012/07/04 11:19:20 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
    MOD - [2012/07/04 11:19:20 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
    MOD - [2011/09/30 19:04:54 | 000,142,848 | ---- | M] () -- C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
    MOD - [2011/08/26 13:56:08 | 000,516,440 | ---- | M] () -- C:\Program Files\IObit\Game Booster\sqlite3.dll
    MOD - [2011/02/22 16:01:26 | 000,345,088 | ---- | M] () -- C:\Program Files\IObit\Game Booster\madexcept_.bpl
    MOD - [2011/02/22 16:01:26 | 000,177,152 | ---- | M] () -- C:\Program Files\IObit\Game Booster\madbasic_.bpl
    MOD - [2011/02/22 16:01:26 | 000,044,544 | ---- | M] () -- C:\Program Files\IObit\Game Booster\maddisAsm_.bpl


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- -- (WMService)
    SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
    SRV - File not found [Auto | Stopped] -- -- (PLFlash DeviceIoControl Service)
    SRV - File not found [On_Demand | Stopped] -- -- (odserv)
    SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
    SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 3)
    SRV - File not found [On_Demand | Stopped] -- -- (iPod Service)
    SRV - File not found [Auto | Stopped] -- -- (IBUpdaterService)
    SRV - File not found [Auto | Stopped] -- -- (Apple Mobile Device)
    SRV - [2012/06/23 13:46:11 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/05/16 23:09:21 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/05/10 11:03:17 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2012/05/10 09:55:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2012/05/10 09:55:42 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2012/05/07 01:27:06 | 000,932,736 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- (vToolbarUpdater11.0.2)
    SRV - [2012/05/03 15:10:02 | 002,446,872 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
    SRV - [2012/04/30 20:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
    SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2012/03/26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2012/03/01 00:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
    SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
    SRV - [2010/12/10 13:47:24 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
    SRV - [2009/04/11 07:28:25 | 000,375,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
    SRV - [2009/01/02 13:05:42 | 003,098,152 | ---- | M] (Kontiki Inc.) [Auto | Stopped] -- C:\Program Files\Kontiki\KService.exe -- (KService)
    SRV - [2008/08/21 22:08:35 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008/07/16 15:00:00 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\PACKARDBELL\Packard Bell Recovery Management\Service\ETService.exe -- (ETService)
    SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
    SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (vsdatant7)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MRENDIS5)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MREMPR5)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (cpuz134)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\currys\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - [2012/06/23 12:42:47 | 000,024,416 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\regguard.sys -- (RegGuard)
    DRV - [2012/06/23 11:35:37 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | On_Demand | Unknown] -- C:\Windows\System32\drivers\Partizan.sys -- (Partizan)
    DRV - [2012/05/10 09:55:44 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV - [2012/05/10 09:55:44 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2012/04/30 20:05:40 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
    DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012/03/01 00:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2012/01/17 13:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
    DRV - [2012/01/09 19:59:32 | 000,468,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
    DRV - [2012/01/09 19:59:30 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
    DRV - [2012/01/09 19:59:30 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
    DRV - [2011/12/09 13:40:53 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
    DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/05/26 16:03:56 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
    DRV - [2011/05/26 16:03:50 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
    DRV - [2011/05/07 18:51:26 | 000,451,160 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
    DRV - [2011/02/23 17:52:34 | 000,016,184 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
    DRV - [2010/10/25 19:04:46 | 000,303,720 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
    DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2010/04/09 03:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
    DRV - [2008/07/16 14:56:06 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.goonsearch.com/web.html?source=IBR-IB-PDP-INS-DBS&q={searchTerms}
    IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
    IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
    IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2645238
    IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

    IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENUS/110
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=EIE9HP&PC=UP50
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C 08 D2 6F 60 88 CC 01 [binary data]
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101067&mntrId=50b4fa92000000000000002197a13750
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{12E234A8-7EC3-47EF-9DD4-E79D0259DB1B}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_en
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ALSV5&o=1665&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=AU&apn_dtid=YYYYYYYYGB&apn_uid=34399D31-44A3-4DA6-8AC7-C989A030269F&apn_sauid=A32CCD2B-3BB2-4310-B8FA-574A397D7115
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{2310B25F-E44D-4DCE-8978-173DBD1341C1}: "URL" = http://search.avg.com/route/?d=$instd$&v=$ver$&i=$dchid$&tp=chrome&q={searchTerms}&lng={moz:locale}&iy=&ychte=uk
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.goonsearch.com/web.html?source=IBR-IB-PDP-INS-DBS&q={searchTerms}
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.bing.com/search?FORM=UP50DF&PC=UP50&q={searchTerms}&src=IE-SearchBox
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=CrQt__Hz-oJhPpnLvuNAmY8Q990?q={searchTerms}
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = http://search.ibryte.com/i/playbryte/search/redirect/?type=default-ie&user_id=8a29f83a-1762-4abe-b6d2-85b8f55d9ff9&query={searchTerms}
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={2AB81444-0133-4A21-88D6-7236293CD844}&mid=86c7969f8ba047d19024d168d145dea3-9a877b0da52b245d0ae7330e6e4e92d782696eee&lang=en&ds=ts025&pr=&d=2011-12-14 00:04:00&v=8.0.0.34&sap=dsp&q={searchTerms}
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{98C169E2-613B-42D8-9716-3201888DF14E}: "URL" = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=380920&p={searchTerms}
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
    FF - prefs.js..browser.search.defaultthis.engineName: "WiseConvert Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.selectedEngine: "WiseConvert Customized Web Search"
    FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
    FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q="
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"
    FF - prefs.js..network.proxy.type: 0
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found
    FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll ()
    FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\currys\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\currys\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/10 10:44:51 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/01/03 12:29:42 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/05/23 18:09:14 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.0.0.9\ [2012/07/01 01:10:38 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/07 12:47:33 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/05 23:19:40 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/07 12:47:33 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/05 23:19:40 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/10 10:44:51 | 000,000,000 | ---D | M]

    [2012/01/22 11:08:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\currys\AppData\Roaming\mozilla\Extensions
    [2009/07/24 22:05:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\currys\AppData\Roaming\mozilla\Extensions\[email protected]
    [2012/01/22 11:56:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\extensions
    [2012/07/01 01:10:55 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
    [2012/07/08 19:39:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\extensions
    [2012/07/08 19:39:06 | 000,000,000 | ---D | M] (WiseConvert Community Toolbar) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
    [2012/06/27 14:38:40 | 000,000,925 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\conduit.xml
    [2012/06/23 14:03:40 | 000,002,203 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\MyStart Search.xml
    [2012/06/13 23:13:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012/07/07 12:47:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
    [2012/05/21 22:59:26 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\CURRYS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FWVAFGML.DEFAULT\EXTENSIONS\[email protected]
    [2012/07/07 12:47:33 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/06/29 17:07:04 | 000,003,703 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
    [2012/06/23 13:40:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2012/06/23 13:40:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - Extension: No name found = C:\Users\currys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmcccagmbagkpbdgpammblejlmiempb\
    CHR - Extension: No name found = C:\Users\currys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
    CHR - Extension: No name found = C:\Users\currys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje\2.0_0\

    O1 HOSTS File: ([2012/07/06 12:16:18 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll (Montera Technologeis LTD)
    O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O2 - BHO: (no name) - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll (Montera Technologeis LTD)
    O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O4 - HKLM..\Run: [4oD] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
    O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
    O4 - HKLM..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
    O4 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
    O4 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
    O4 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O4 - Startup: C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
    O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun- = 0
    O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun- = 0
    O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 253
    O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Download with &Media Finder - Reg Error: Value error. File not found
    O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. File not found
    O8 - Extra context menu item: Google Sidewiki... - Reg Error: Value error. File not found
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..Trusted Domains: localhost ([]http in Local intranet)
    O15 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
    O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20090910103721 (Reg Error: Key error.)
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (Reg Error: Key error.)
    O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com.../en/x86/MuCatalogWebControl.cab?1322783446664 (MUCatalogWebControl Class)
    O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.tescophoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
    O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.7.0_05)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27FA60FB-5855-47ED-90FC-73C7DFD953D2}: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\avgsecuritytoolbar - No CLSID value found
    O18 - Protocol\Handler\base64 - No CLSID value found
    O18 - Protocol\Handler\chrome - No CLSID value found
    O18 - Protocol\Handler\ms-itss - No CLSID value found
    O18 - Protocol\Handler\prox - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll ()
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
    O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img6.jpg
    O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img6.jpg
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
    O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2011/12/29 12:14:24 | 000,000,000 | ---D | M] - C:\Autorun.inf -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found
    NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

    ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Reg Error: Value error.
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
    ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
    ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
    ActiveX: {3CE02F38-C912-44CF-B02E-60F7964E61FF} - BingPack
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: >{184906ff-ed62-4ee5-bd9c-fd55a3fb7b2d} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{44ca04c9-b479-4ac6-9f6d-2161ab55aa7c} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    MsConfig - StartUpFolder: C:^Users^currys^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk - C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe - ()
    MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
    MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
    MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
    MsConfig - State: "bootini" - 2
    MsConfig - State: "services" - 2
    MsConfig - State: "startup" - 2

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/07/06 18:53:42 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4
    [2012/07/06 16:38:06 | 000,000,000 | ---D | C] -- C:\Users\currys\Desktop\checkoutPaypalComplete.asp_files
    [2012/07/06 12:40:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2012/07/06 11:58:54 | 000,000,000 | ---D | C] -- C:\Config.Msi
    [2012/07/06 10:41:36 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\currys\Desktop\tdsskiller(4).exe
    [2012/07/05 23:20:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
    [2012/07/05 00:19:45 | 000,000,000 | ---D | C] -- C:\Users\currys\Desktop\OpenOffice.org 3.4 (en-US) Installation Files
    [2012/07/04 16:44:55 | 000,000,000 | ---D | C] -- C:\Users\currys\Desktop\New Folder
    [2012/07/04 11:19:08 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\SUPERAntiSpyware.com
    [2012/07/04 11:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2012/07/04 11:18:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2012/07/04 11:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2012/07/04 10:42:09 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    [2012/07/04 10:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2012/07/04 00:33:11 | 000,000,000 | ---D | C] -- C:\Users\currys\Documents\1059343-internet-options-control-panel-missing_files
    [2012/07/02 18:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/07/02 18:56:43 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2012/06/30 16:03:16 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\Sammsoft
    [2012/06/30 16:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\ARO 2012
    [2012/06/30 11:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2012/06/30 11:56:04 | 000,000,000 | ---D | C] -- C:\Users\currys\Desktop\RK_Quarantine
    [2012/06/29 23:55:11 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\DigitalSupport
    [2012/06/29 23:33:07 | 000,000,000 | ---D | C] -- C:\Users\currys\Documents\Simply Super Software
    [2012/06/29 23:33:07 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\Simply Super Software
    [2012/06/29 23:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
    [2012/06/29 23:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
    [2012/06/28 13:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\ReImageCompanion
    [2012/06/28 13:34:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
    [2012/06/28 13:31:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\~0
    [2012/06/25 00:35:19 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
    [2012/06/25 00:20:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
    [2012/06/24 11:12:28 | 000,000,000 | ---D | C] -- C:\Program Files\RegZooka
    [2012/06/23 13:46:38 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Local\Macromedia
    [2012/06/23 11:43:58 | 000,024,416 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\regguard.sys
    [2012/06/23 11:35:37 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\System32\Partizan.exe
    [2012/06/23 11:35:37 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
    [2012/06/23 11:26:49 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    [2012/06/23 10:45:42 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
    [2012/06/23 10:45:04 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RegRunInfo
    [2012/06/23 10:44:11 | 000,000,000 | ---D | C] -- C:\Users\currys\Documents\RegRun2
    [2012/06/23 10:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator
    [2012/06/23 10:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\Greatis
    [2012/06/20 00:21:52 | 000,000,000 | ---D | C] -- C:\f90e4393fac73d563b0e
    [2012/06/19 22:53:12 | 000,342,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
    [2012/06/19 22:53:07 | 000,203,088 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
    [2012/06/19 22:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
    [2012/06/19 22:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
    [2012/06/19 22:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
    [2012/06/19 22:52:47 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\TestApp
    [2012/06/18 23:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network
    [2012/06/18 23:34:17 | 000,000,000 | ---D | C] -- C:\Users\currys\AppData\Roaming\FlashGet
    [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/07/10 19:00:04 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-currys.job
    [2012/07/10 18:53:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/07/10 18:51:08 | 000,000,394 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A65AEF0B-B822-4C24-B3BE-67EE9605EB86}.job
    [2012/07/10 18:38:56 | 000,668,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2012/07/10 18:38:56 | 000,136,484 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2012/07/10 18:36:10 | 000,000,900 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
    [2012/07/10 18:35:43 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/07/10 18:34:07 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
    [2012/07/10 18:33:51 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/07/10 18:33:48 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-118059262-2797764304-1290977041-1000Core.job
    [2012/07/10 18:33:44 | 000,003,344 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/07/10 18:33:44 | 000,003,344 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/07/10 18:33:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/07/08 23:49:44 | 000,004,857 | ---- | M] () -- C:\Users\currys\Documents\Reply to thread 'Internet Options in Control Panel missing'.eml
    [2012/07/08 19:40:57 | 001,558,016 | ---- | M] () -- C:\Users\currys\Desktop\RogueKiller(1).exe
    [2012/07/06 18:57:15 | 000,322,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2012/07/06 16:38:07 | 000,048,211 | ---- | M] () -- C:\Users\currys\Desktop\checkoutPaypalComplete.asp.htm
    [2012/07/06 14:26:27 | 000,022,477 | ---- | M] () -- C:\Users\currys\Desktop\Argos - Thank you for your order number 201549843.eml
    [2012/07/06 13:47:29 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
    [2012/07/06 12:16:18 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2012/07/06 12:00:10 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
    [2012/07/06 11:46:44 | 000,000,890 | ---- | M] () -- C:\Users\currys\Desktop\baffledUK123.exe - Shortcut.lnk
    [2012/07/06 10:41:40 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\currys\Desktop\tdsskiller(4).exe
    [2012/07/06 00:46:13 | 000,002,525 | ---- | M] () -- C:\Users\currys\Desktop\HiJackThis.lnk
    [2012/07/05 23:31:17 | 000,001,359 | ---- | M] () -- C:\Users\currys\Desktop\java - Shortcut.lnk
    [2012/07/05 00:18:14 | 000,016,968 | ---- | M] () -- C:\Users\currys\Untitled 1.odt
    [2012/07/04 11:19:01 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2012/07/04 00:33:12 | 000,064,364 | ---- | M] () -- C:\Users\currys\Documents\1059343-internet-options-control-panel-missing.html
    [2012/07/02 23:38:28 | 000,002,605 | ---- | M] () -- C:\Users\Public\Desktop\Advanced Disk Cleaner.lnk
    [2012/07/02 18:56:52 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/07/01 00:05:13 | 3220,320,256 | -HS- | M] () -- C:\hiberfil.sys
    [2012/06/28 13:31:39 | 000,001,583 | ---- | M] () -- C:\Users\currys\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
    [2012/06/26 23:39:39 | 000,000,134 | ---- | M] () -- C:\Users\currys\Desktop\Microsoft Fix it.url
    [2012/06/24 11:02:03 | 000,000,487 | ---- | M] () -- C:\Windows\wininit.ini
    [2012/06/23 12:42:47 | 000,024,416 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\regguard.sys
    [2012/06/23 11:35:37 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\System32\Partizan.exe
    [2012/06/23 11:35:37 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\System32\drivers\Partizan.sys
    [2012/06/23 10:44:14 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2012/06/23 10:44:14 | 000,001,688 | ---- | M] () -- C:\Windows\System32\autoexec.nt
    [2012/06/23 10:44:14 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
    [2012/06/23 10:44:11 | 000,000,876 | ---- | M] () -- C:\Users\currys\Desktop\Reanimator.lnk
    [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/07/08 23:49:43 | 000,004,857 | ---- | C] () -- C:\Users\currys\Documents\Reply to thread 'Internet Options in Control Panel missing'.eml
    [2012/07/08 19:40:56 | 001,558,016 | ---- | C] () -- C:\Users\currys\Desktop\RogueKiller(1).exe
    [2012/07/08 00:57:14 | 000,000,394 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{A65AEF0B-B822-4C24-B3BE-67EE9605EB86}.job
    [2012/07/06 16:38:06 | 000,048,211 | ---- | C] () -- C:\Users\currys\Desktop\checkoutPaypalComplete.asp.htm
    [2012/07/06 14:26:17 | 000,022,477 | ---- | C] () -- C:\Users\currys\Desktop\Argos - Thank you for your order number 201549843.eml
    [2012/07/06 13:47:29 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
    [2012/07/06 11:46:44 | 000,000,890 | ---- | C] () -- C:\Users\currys\Desktop\baffledUK123.exe - Shortcut.lnk
    [2012/07/05 23:30:52 | 000,001,359 | ---- | C] () -- C:\Users\currys\Desktop\java - Shortcut.lnk
    [2012/07/05 00:18:12 | 000,016,968 | ---- | C] () -- C:\Users\currys\Untitled 1.odt
    [2012/07/04 11:19:01 | 000,001,802 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2012/07/04 10:42:09 | 000,002,525 | ---- | C] () -- C:\Users\currys\Desktop\HiJackThis.lnk
    [2012/07/04 00:33:10 | 000,064,364 | ---- | C] () -- C:\Users\currys\Documents\1059343-internet-options-control-panel-missing.html
    [2012/07/02 18:56:52 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/07/01 01:13:20 | 000,322,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2012/06/29 00:22:04 | 3220,320,256 | -HS- | C] () -- C:\hiberfil.sys
    [2012/06/29 00:06:55 | 000,000,900 | ---- | C] () -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
    [2012/06/28 13:31:39 | 000,001,583 | ---- | C] () -- C:\Users\currys\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
    [2012/06/26 23:39:39 | 000,000,134 | ---- | C] () -- C:\Users\currys\Desktop\Microsoft Fix it.url
    [2012/06/26 23:37:20 | 000,001,041 | ---- | C] () -- C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    [2012/06/24 11:02:02 | 000,000,487 | ---- | C] () -- C:\Windows\wininit.ini
    [2012/06/23 11:26:11 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-118059262-2797764304-1290977041-1000Core.job
    [2012/06/23 10:44:14 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
    [2012/06/23 10:44:11 | 000,000,876 | ---- | C] () -- C:\Users\currys\Desktop\Reanimator.lnk
    [2012/01/29 12:35:23 | 000,000,000 | ---- | C] () -- C:\Users\currys\AppData\Local\{A2C1D9E5-EF1E-4CB1-929A-1596A9DD93C5}
    [2012/01/01 19:41:40 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/01/01 19:41:40 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/01/01 19:41:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/01/01 19:41:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/01/01 19:41:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2011/12/29 20:48:31 | 000,016,918 | ---- | C] () -- C:\Users\currys\powerpoint-x-none.xml
    [2011/12/29 12:23:29 | 004,250,112 | ---- | C] () -- C:\Users\currys\powerpoint-x-none.msp
    [2011/12/26 14:05:56 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
    [2011/12/02 23:16:09 | 000,001,043 | ---- | C] () -- C:\ProgramData\repository.xml
    [2011/06/17 21:23:38 | 000,000,094 | ---- | C] () -- C:\Users\currys\AppData\Local\fusioncache.dat
    [2011/03/15 19:37:45 | 000,029,520 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
    [2011/03/15 19:37:45 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
    [2011/03/03 21:18:20 | 000,001,024 | ---- | C] () -- C:\Users\currys\.rnd
    [2011/03/03 21:18:09 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
    [2011/02/06 01:16:30 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
    [2010/08/09 22:45:44 | 000,128,356 | ---- | C] () -- C:\Windows\System32\mlfcache.dat
    [2009/09/16 16:06:15 | 000,001,356 | ---- | C] () -- C:\Users\currys\AppData\Local\d3d9caps.dat
    [2009/06/23 22:13:57 | 000,024,206 | ---- | C] () -- C:\Users\currys\AppData\Roaming\UserTile.png
    [2009/06/16 18:02:15 | 000,000,000 | ---- | C] () -- C:\Users\currys\AppData\Roaming\wklnhst.dat
    [2009/06/15 20:10:47 | 000,211,968 | ---- | C] () -- C:\Users\currys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== LOP Check ==========

    [2012/06/29 23:32:32 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\#ISW.FS#
    [2011/12/02 23:34:23 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Auslogics
    [2011/11/30 11:11:27 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\AVG10
    [2012/07/01 01:10:52 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Azureus
    [2009/06/28 09:30:24 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
    [2009/11/08 01:05:56 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Blitware
    [2009/06/23 23:20:53 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Canon
    [2012/05/06 11:42:39 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\CheckPoint
    [2012/06/29 23:59:57 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\DigitalSupport
    [2011/07/09 18:55:24 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\DMCache
    [2009/07/06 22:08:40 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\DriverCure
    [2011/06/09 23:09:10 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\FixCleaner
    [2012/06/18 23:34:17 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\FlashGet
    [2011/08/21 22:56:06 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\FrostWire
    [2011/07/09 22:30:36 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Internet Download Accelerator
    [2012/07/01 01:10:53 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\IObit
    [2011/12/02 19:27:27 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\iolo
    [2012/07/01 01:10:54 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\LimeWire
    [2012/02/02 01:12:53 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Media Finder
    [2011/12/15 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\OnlineArmor
    [2011/05/27 23:28:45 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\OpenCandy
    [2011/11/30 22:21:40 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\OpenOffice.org
    [2009/06/15 23:03:01 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Packard Bell
    [2011/07/09 18:14:06 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\ParetoLogic
    [2012/06/30 12:08:15 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PC Cleaners
    [2011/10/21 23:37:50 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PCCleaner
    [2012/05/21 23:36:31 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PCPro
    [2009/06/23 22:13:57 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PeerNetworking
    [2012/03/12 11:17:26 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\PerformerSoft
    [2011/11/30 01:00:18 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\RegistryKeys
    [2012/06/30 16:03:16 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Sammsoft
    [2012/06/29 23:33:07 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Simply Super Software
    [2011/12/10 00:39:29 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\SlimCleaner
    [2011/11/29 19:07:18 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\SpeedMaxPc
    [2012/06/04 17:06:02 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\SpeedyPC Software
    [2010/05/24 08:16:42 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\Sports Interactive
    [2011/12/29 11:45:09 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\T55
    [2012/06/19 22:52:47 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\TestApp
    [2010/05/09 20:02:30 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\The Creative Assembly
    [2012/01/22 11:12:27 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\TP
    [2010/07/15 11:42:50 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\TuneUp Software
    [2012/07/05 22:39:08 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\TweakNow RegCleaner 2011
    [2012/01/22 11:13:31 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\{90140011-0061-0409-0000-0000000FF1CE}
    [2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
    [2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
    [2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\IObit
    [2012/07/10 19:00:04 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-currys.job
    [2012/07/09 23:30:44 | 000,032,648 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2012/07/10 18:51:08 | 000,000,394 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A65AEF0B-B822-4C24-B3BE-67EE9605EB86}.job

    ========== Purity Check ==========



    ========== Custom Scans ==========

    < %SYSTEMDRIVE%\*. >
    [2012/07/06 12:40:40 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
    [2012/05/17 19:03:03 | 000,000,000 | ---D | M] -- C:\335cad22c2781a5a46ca189d
    [2012/01/04 00:08:27 | 000,000,000 | ---D | M] -- C:\ACER
    [2011/12/29 12:14:24 | 000,000,000 | ---D | M] -- C:\Autorun.inf
    [2012/06/30 08:29:58 | 000,000,000 | ---D | M] -- C:\Boot
    [2010/10/24 01:09:41 | 000,000,000 | ---D | M] -- C:\BraCa Soft
    [2011/12/26 14:09:46 | 000,000,000 | ---D | M] -- C:\cabs
    [2009/06/23 22:09:14 | 000,000,000 | ---D | M] -- C:\CanoScan
    [2012/07/06 11:49:41 | 000,000,000 | ---D | M] -- C:\ComboFix
    [2012/07/07 10:16:16 | 000,000,000 | ---D | M] -- C:\Config.Msi
    [2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
    [2009/06/26 23:48:14 | 000,000,000 | ---D | M] -- C:\drivers
    [2012/07/01 01:10:35 | 000,000,000 | ---D | M] -- C:\f90e4393fac73d563b0e
    [2012/06/23 13:31:04 | 000,000,000 | ---D | M] -- C:\Kontiki
    [2011/06/18 09:16:34 | 000,000,000 | ---D | M] -- C:\Macromedia
    [2008/08/21 22:17:18 | 000,000,000 | R--D | M] -- C:\MSOCache
    [2012/04/03 18:52:45 | 000,000,000 | ---D | M] -- C:\NVIDIA
    [2011/12/17 18:20:59 | 000,000,000 | ---D | M] -- C:\perflogs
    [2012/07/05 22:39:08 | 000,000,000 | R--D | M] -- C:\Program Files
    [2012/07/06 12:15:14 | 000,000,000 | -H-D | M] -- C:\ProgramData
    [2012/07/06 12:49:50 | 000,000,000 | ---D | M] -- C:\Qoobox
    [2012/03/09 23:30:17 | 000,000,000 | ---D | M] -- C:\Reg_Backup
    [2012/07/10 18:57:56 | 000,000,000 | -HSD | M] -- C:\System Volume Information
    [2012/07/01 01:11:07 | 000,000,000 | R--D | M] -- C:\Users
    [2012/07/06 16:34:02 | 000,000,000 | ---D | M] -- C:\Windows

    < %PROGRAMFILES%\*.exe >

    < %LOCALAPPDATA%\*.exe >

    < %windir%\Installer\*.* >
    [2012/04/22 22:37:42 | 001,182,720 | R--- | M] () -- C:\Windows\Installer\10022a7.msp
    [2011/06/13 10:35:09 | 000,219,648 | ---- | M] () -- C:\Windows\Installer\1171dd.msi
    [2009/03/20 11:48:56 | 000,183,808 | R--- | M] () -- C:\Windows\Installer\124062.msp
    [2009/12/11 09:49:42 | 000,324,608 | ---- | M] () -- C:\Windows\Installer\1263ed8d.msi
    [2009/12/11 09:51:09 | 000,821,760 | ---- | M] () -- C:\Windows\Installer\1263edd3.msi
    [2009/12/11 09:52:30 | 000,279,040 | ---- | M] () -- C:\Windows\Installer\1263ee06.msi
    [2009/12/11 09:52:50 | 000,577,024 | ---- | M] () -- C:\Windows\Installer\1263ee14.msi
    [2009/10/16 08:09:28 | 002,518,016 | R--- | M] () -- C:\Windows\Installer\1263ee24.msp
    [2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\133082.mst
    [2011/12/26 06:06:20 | 005,115,392 | R--- | M] () -- C:\Windows\Installer\13876f.msp
    [2012/01/22 11:07:51 | 004,201,984 | ---- | M] () -- C:\Windows\Installer\13bf24.msi
    [2010/08/04 15:13:04 | 000,686,080 | R--- | M] () -- C:\Windows\Installer\13f9f50.msp
    [2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\13fac2.mst
    [2011/01/16 11:43:05 | 000,415,744 | ---- | M] () -- C:\Windows\Installer\149f7c.msi
    [2011/09/15 19:37:40 | 037,148,160 | R--- | M] () -- C:\Windows\Installer\1543e9.msp
    [2011/09/15 19:37:52 | 034,428,416 | R--- | M] () -- C:\Windows\Installer\154408.msp
    [2010/04/24 17:10:46 | 008,486,400 | R--- | M] () -- C:\Windows\Installer\17537a0.msp
    [2010/04/24 17:07:04 | 010,118,144 | R--- | M] () -- C:\Windows\Installer\17537c1.msp
    [2010/04/24 17:07:58 | 004,667,392 | R--- | M] () -- C:\Windows\Installer\17537d2.msp
    [2010/03/24 18:54:54 | 002,516,992 | R--- | M] () -- C:\Windows\Installer\17537e3.msp
    [2010/04/24 17:08:48 | 009,129,984 | R--- | M] () -- C:\Windows\Installer\17537f4.msp
    [2010/04/24 17:09:46 | 011,750,912 | R--- | M] () -- C:\Windows\Installer\17537fc.msp
    [2009/06/16 22:29:21 | 000,648,192 | ---- | M] () -- C:\Windows\Installer\176fc53.msi
    [2011/12/01 23:59:50 | 010,988,544 | ---- | M] () -- C:\Windows\Installer\17df8d.msi
    [2011/07/27 07:39:50 | 009,892,352 | R--- | M] () -- C:\Windows\Installer\19c024f.msp
    [2011/09/06 21:48:02 | 008,181,248 | R--- | M] () -- C:\Windows\Installer\19c026c.msp
    [2011/08/10 17:42:04 | 007,070,208 | R--- | M] () -- C:\Windows\Installer\19c028d.msp
    [2011/09/06 21:46:22 | 009,006,080 | R--- | M] () -- C:\Windows\Installer\19c02ad.msp
    [2011/08/10 17:43:30 | 003,795,968 | R--- | M] () -- C:\Windows\Installer\19c02b5.msp
    [2011/11/15 20:44:06 | 001,435,136 | ---- | M] () -- C:\Windows\Installer\1a3843.msi
    [2012/01/22 11:09:26 | 001,700,352 | R--- | M] () -- C:\Windows\Installer\1af74f.msp
    [2012/01/30 21:46:22 | 007,069,184 | R--- | M] () -- C:\Windows\Installer\1af757.msp
    [2009/08/18 13:08:34 | 001,373,696 | R--- | M] () -- C:\Windows\Installer\1b940cf.msp
    [2009/07/27 04:31:24 | 003,738,624 | R--- | M] () -- C:\Windows\Installer\1b940d7.msp
    [2009/08/05 07:49:32 | 003,457,024 | R--- | M] () -- C:\Windows\Installer\1b940ff.msp
    [2010/01/14 20:49:10 | 000,463,360 | ---- | M] () -- C:\Windows\Installer\1c0b9ed5.msi
    [2009/08/18 13:57:54 | 009,122,304 | R--- | M] () -- C:\Windows\Installer\1c1063f.msp
    [2009/08/18 13:58:56 | 008,301,056 | R--- | M] () -- C:\Windows\Installer\1c10650.msp
    [2009/08/18 14:19:26 | 010,098,688 | R--- | M] () -- C:\Windows\Installer\1c10668.msp
    [2012/05/19 12:42:02 | 000,492,544 | ---- | M] () -- C:\Windows\Installer\1d2224.msi
    [2010/07/23 02:03:24 | 000,338,432 | R--- | M] () -- C:\Windows\Installer\1d821ac.msp
    [2009/08/08 18:09:01 | 000,152,576 | ---- | M] () -- C:\Windows\Installer\1df1552.msi
    [2009/08/11 23:51:12 | 000,550,912 | ---- | M] () -- C:\Windows\Installer\1df1e3a.msi
    [2009/08/11 23:51:54 | 000,613,376 | ---- | M] () -- C:\Windows\Installer\1df1e6c.msi
    [2009/08/11 23:52:00 | 000,444,416 | ---- | M] () -- C:\Windows\Installer\1df1e74.msi
    [2009/06/28 09:49:03 | 002,862,592 | ---- | M] () -- C:\Windows\Installer\1df8f3.msi
    [2012/07/05 00:20:50 | 000,228,864 | ---- | M] () -- C:\Windows\Installer\1f436a7.msi
    [2011/09/12 20:12:50 | 002,295,808 | ---- | M] () -- C:\Windows\Installer\2192cdf.msi
    [2008/12/13 09:58:22 | 000,754,688 | R--- | M] () -- C:\Windows\Installer\22de62e.msp
    [2009/05/26 18:53:56 | 000,579,072 | R--- | M] () -- C:\Windows\Installer\22de63e.msp
    [2009/04/04 11:36:32 | 021,390,848 | R--- | M] () -- C:\Windows\Installer\22de669.msp
    [2009/04/04 17:08:40 | 343,058,432 | R--- | M] () -- C:\Windows\Installer\22de753.msp
    [2009/04/24 12:28:00 | 004,450,816 | R--- | M] () -- C:\Windows\Installer\22de788.msp
    [2009/02/25 19:08:18 | 008,311,808 | R--- | M] () -- C:\Windows\Installer\22de798.msp
    [2009/04/24 12:30:16 | 002,583,552 | R--- | M] () -- C:\Windows\Installer\22de7be.msp
    [2009/05/04 07:47:22 | 009,124,864 | R--- | M] () -- C:\Windows\Installer\22de7de.msp
    [2011/06/17 20:51:40 | 003,443,712 | ---- | M] () -- C:\Windows\Installer\2355581.msi
    [2009/11/25 01:00:28 | 000,429,568 | ---- | M] () -- C:\Windows\Installer\23a02a.msi
    [2011/11/22 00:07:36 | 017,191,936 | R--- | M] () -- C:\Windows\Installer\25094f.msp
    [2009/04/04 18:09:34 | 015,190,016 | R--- | M] () -- C:\Windows\Installer\28cce1a.msp
    [2009/04/04 18:10:08 | 009,926,144 | R--- | M] () -- C:\Windows\Installer\28cce46.msp
    [2009/04/04 18:10:16 | 007,888,384 | R--- | M] () -- C:\Windows\Installer\28cce4f.msp
    [2009/04/04 18:10:24 | 001,282,560 | R--- | M] () -- C:\Windows\Installer\28cce56.msp
    [2011/09/21 17:18:24 | 004,985,856 | R--- | M] () -- C:\Windows\Installer\2b0694.msp
    [2010/08/13 18:00:36 | 009,404,928 | R--- | M] () -- C:\Windows\Installer\2bde389.msp
    [2010/08/13 18:02:20 | 002,545,664 | R--- | M] () -- C:\Windows\Installer\2bde391.msp
    [2010/08/13 17:59:46 | 008,182,272 | R--- | M] () -- C:\Windows\Installer\2bde3a8.msp
    [2010/08/13 18:01:28 | 008,993,280 | R--- | M] () -- C:\Windows\Installer\2bde3c8.msp
    [2009/06/28 09:19:34 | 000,583,680 | ---- | M] () -- C:\Windows\Installer\2cdad.msi
    [2012/07/05 23:19:12 | 000,863,744 | ---- | M] () -- C:\Windows\Installer\2d235db.msi
    [2012/07/05 23:20:05 | 000,176,128 | ---- | M] () -- C:\Windows\Installer\2d235e7.msi
    [2011/12/22 17:50:54 | 000,256,000 | R--- | M] () -- C:\Windows\Installer\2dc91f.msp
    [2012/01/19 14:37:24 | 008,999,936 | R--- | M] () -- C:\Windows\Installer\2dc92a.msp
    [2011/12/15 14:40:40 | 023,374,336 | R--- | M] () -- C:\Windows\Installer\2dc93b.msp
    [2009/04/04 07:35:48 | 036,977,152 | R--- | M] () -- C:\Windows\Installer\2e5bb0f.msp
    [2009/05/04 07:46:14 | 008,299,008 | R--- | M] () -- C:\Windows\Installer\2e5bb21.msp
    [2009/04/14 04:49:26 | 001,922,560 | R--- | M] () -- C:\Windows\Installer\2e5bb3c.msp
    [2010/12/30 00:34:10 | 001,710,592 | ---- | M] () -- C:\Windows\Installer\2e98d73.msi
    [2010/12/30 00:39:17 | 001,984,000 | ---- | M] () -- C:\Windows\Installer\2e98dbb.msi
    [2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\2efac3.mst
    [2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\300251.mst
    [2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\30f18f.mst
    [2011/06/16 00:08:52 | 000,467,456 | ---- | M] () -- C:\Windows\Installer\330c6c9.msi
    [2011/04/13 11:37:02 | 019,201,024 | R--- | M] () -- C:\Windows\Installer\330c6d6.msp
    [2011/04/29 12:33:30 | 008,173,568 | R--- | M] () -- C:\Windows\Installer\330c6dd.msp
    [2011/03/25 09:03:44 | 005,079,552 | R--- | M] () -- C:\Windows\Installer\330c6f3.msp
    [2011/06/16 00:24:33 | 000,223,744 | ---- | M] () -- C:\Windows\Installer\330c703.msi
    [2011/04/29 12:28:40 | 001,995,264 | R--- | M] () -- C:\Windows\Installer\330c70a.msp
    [2011/04/29 12:31:46 | 009,006,080 | R--- | M] () -- C:\Windows\Installer\330c730.msp
    [2009/07/01 10:51:21 | 001,013,248 | ---- | M] () -- C:\Windows\Installer\33d7038.msi
    [2011/10/16 08:15:06 | 000,028,160 | ---- | M] () -- C:\Windows\Installer\34eb5.msi
    [2010/01/21 21:23:34 | 000,119,296 | ---- | M] () -- C:\Windows\Installer\35f25e.msi
    [2012/04/04 14:32:41 | 016,613,376 | R--- | M] () -- C:\Windows\Installer\39647.msp
    [2011/12/26 23:33:26 | 000,501,248 | ---- | M] () -- C:\Windows\Installer\3d96e.msi
    [2011/12/26 23:33:33 | 001,713,152 | ---- | M] () -- C:\Windows\Installer\3d973.msi
    [2011/12/26 23:33:42 | 002,022,912 | ---- | M] () -- C:\Windows\Installer\3d978.msi
    [2011/12/26 23:33:49 | 001,640,960 | ---- | M] () -- C:\Windows\Installer\3d97d.msi
    [2011/12/26 23:33:55 | 000,513,024 | ---- | M] () -- C:\Windows\Installer\3d982.msi
    [2011/12/26 23:33:59 | 000,516,608 | ---- | M] () -- C:\Windows\Installer\3d988.msi
    [2011/12/26 23:34:03 | 000,506,880 | ---- | M] () -- C:\Windows\Installer\3d98e.msi
    [2011/12/26 23:34:06 | 000,501,248 | ---- | M] () -- C:\Windows\Installer\3d993.msi
    [2011/12/26 23:34:11 | 001,652,736 | ---- | M] () -- C:\Windows\Installer\3d998.msi
    [2011/12/26 23:34:23 | 002,397,184 | ---- | M] () -- C:\Windows\Installer\3d99d.msi
    [2009/06/15 18:14:33 | 000,024,064 | ---- | M] () -- C:\Windows\Installer\411500.msi
    [2010/09/24 07:08:50 | 017,518,080 | R--- | M] () -- C:\Windows\Installer\42115fb.msp
    [2009/06/15 17:14:16 | 001,479,680 | ---- | M] () -- C:\Windows\Installer\433d5.msi
    [2011/09/05 23:01:26 | 013,135,872 | R--- | M] () -- C:\Windows\Installer\4477b.msp
    [2010/06/25 22:48:50 | 001,160,192 | ---- | M] () -- C:\Windows\Installer\45ed8e.msi
    [2011/06/25 12:07:39 | 000,066,048 | ---- | M] () -- C:\Windows\Installer\4827ef.msi
    [2011/06/25 12:08:05 | 000,855,040 | ---- | M] () -- C:\Windows\Installer\48285c.msi
    [2010/05/18 17:29:30 | 000,822,272 | ---- | M] () -- C:\Windows\Installer\4c3c7cd.msi
    [2012/07/04 10:42:09 | 001,094,656 | ---- | M] () -- C:\Windows\Installer\4e5d046.msi
    [2010/03/04 19:48:30 | 000,228,352 | ---- | M] () -- C:\Windows\Installer\4ebadb9.msi
    [2011/11/11 17:15:00 | 001,795,584 | R--- | M] () -- C:\Windows\Installer\52fce5.msp
    [2011/12/21 23:19:28 | 000,036,352 | ---- | M] () -- C:\Windows\Installer\52fcee.msi
    [2011/12/21 23:19:30 | 023,622,656 | R--- | M] () -- C:\Windows\Installer\52fcf4.msp
    [2010/01/10 10:44:58 | 000,855,040 | ---- | M] () -- C:\Windows\Installer\548b5f2.msi
    [2012/05/06 11:36:40 | 000,041,472 | ---- | M] () -- C:\Windows\Installer\54a07e6.msi
    [2012/05/06 11:36:49 | 000,028,672 | ---- | M] () -- C:\Windows\Installer\54a081a.msi
    [2012/05/06 11:37:02 | 000,039,936 | ---- | M] () -- C:\Windows\Installer\54a0820.msi
    [2010/11/20 23:33:46 | 001,980,928 | R--- | M] () -- C:\Windows\Installer\54e58e.msp
    [2011/01/11 17:50:38 | 008,177,152 | R--- | M] () -- C:\Windows\Installer\54e59c.msp
    [2011/03/17 20:01:58 | 009,563,648 | R--- | M] () -- C:\Windows\Installer\54e5b3.msp
    [2011/02/11 08:43:44 | 010,951,168 | R--- | M] () -- C:\Windows\Installer\54e5d5.msp
    [2010/11/20 23:34:34 | 001,198,080 | R--- | M] () -- C:\Windows\Installer\54e5dc.msp
    [2010/11/20 23:32:52 | 004,165,120 | R--- | M] () -- C:\Windows\Installer\54e5f4.msp
    [2011/03/17 20:00:20 | 000,090,624 | R--- | M] () -- C:\Windows\Installer\54e5fb.msp
    [2011/01/11 17:49:20 | 009,003,008 | R--- | M] () -- C:\Windows\Installer\54e60c.msp
    [2008/08/21 22:05:38 | 000,115,200 | ---- | M] () -- C:\Windows\Installer\582f9.msi
    [2008/08/21 22:08:06 | 014,308,864 | ---- | M] () -- C:\Windows\Installer\58302.msi
    [2008/08/21 22:08:37 | 006,092,288 | ---- | M] () -- C:\Windows\Installer\58303.msi
    [2008/08/21 22:09:56 | 001,244,672 | ---- | M] () -- C:\Windows\Installer\58309.msi
    [2008/08/21 22:15:48 | 000,100,352 | ---- | M] () -- C:\Windows\Installer\58316.msi
    [2008/08/21 22:18:24 | 001,640,960 | ---- | M] () -- C:\Windows\Installer\58337.msi
    [2008/08/21 22:19:43 | 009,613,312 | ---- | M] () -- C:\Windows\Installer\58365.msi
    [2008/05/14 07:46:44 | 009,577,984 | R--- | M] () -- C:\Windows\Installer\58366.msp
    [2007/03/21 22:46:29 | 008,198,656 | R--- | M] () -- C:\Windows\Installer\58382.msp
    [2007/03/21 22:46:29 | 002,047,488 | R--- | M] () -- C:\Windows\Installer\5839e.msp
    [2008/08/21 22:21:46 | 000,360,448 | ---- | M] () -- C:\Windows\Installer\583a9.msi
    [2008/02/15 09:54:20 | 009,736,192 | R--- | M] () -- C:\Windows\Installer\583ce.msp
    [2007/10/15 00:43:32 | 021,981,184 | R--- | M] () -- C:\Windows\Installer\583d6.msp
    [2007/10/15 00:43:14 | 229,852,160 | R--- | M] () -- C:\Windows\Installer\584b2.msp
    [2009/04/14 05:50:22 | 005,191,680 | R--- | M] () -- C:\Windows\Installer\58bd0.msp
    [2009/04/14 05:56:18 | 020,498,944 | R--- | M] () -- C:\Windows\Installer\58be7.msp
    [2009/05/07 10:04:06 | 018,341,376 | R--- | M] () -- C:\Windows\Installer\58bef.msp
    [2009/04/14 04:46:12 | 015,438,848 | R--- | M] () -- C:\Windows\Installer\58bf7.msp
    [2009/04/14 05:51:24 | 001,303,040 | R--- | M] () -- C:\Windows\Installer\58bff.msp
    [2009/04/14 05:21:34 | 015,303,168 | R--- | M] () -- C:\Windows\Installer\58c07.msp
    [2011/04/28 17:51:24 | 001,375,744 | R--- | M] () -- C:\Windows\Installer\5bfb3.msp
    [2011/10/26 16:38:54 | 002,830,848 | R--- | M] () -- C:\Windows\Installer\5c073.msp
    [2012/01/12 03:01:16 | 021,030,912 | R--- | M] () -- C:\Windows\Installer\5c0a3.msp
    [2011/06/14 00:04:08 | 000,223,232 | ---- | M] () -- C:\Windows\Installer\5da4c.msi
    [2011/06/14 00:16:47 | 003,589,632 | ---- | M] () -- C:\Windows\Installer\5da8f.msi
    [2011/06/14 00:16:49 | 002,087,936 | ---- | M] () -- C:\Windows\Installer\5da93.msi
    [2011/06/14 00:16:52 | 000,023,040 | ---- | M] () -- C:\Windows\Installer\5da97.msi
    [2011/06/14 00:17:02 | 004,427,776 | R--- | M] () -- C:\Windows\Installer\5daa6.msp
    [2011/06/14 00:17:14 | 000,030,720 | ---- | M] () -- C:\Windows\Installer\5daaa.msi
    [2011/06/14 00:17:22 | 002,932,736 | R--- | M] () -- C:\Windows\Installer\5dabe.msp
    [2011/06/14 00:17:29 | 000,071,680 | ---- | M] () -- C:\Windows\Installer\5dac2.msi
    [2011/06/14 00:17:36 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\5dac6.msi
    [2011/06/14 00:17:42 | 000,191,488 | ---- | M] () -- C:\Windows\Installer\5daca.msi
    [2011/06/14 00:17:52 | 000,301,056 | ---- | M] () -- C:\Windows\Installer\5dace.msi
    [2011/06/14 00:17:55 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dad2.msi
    [2011/06/14 00:18:02 | 000,238,080 | ---- | M] () -- C:\Windows\Installer\5dad6.msi
    [2011/06/14 00:18:06 | 000,136,704 | R--- | M] () -- C:\Windows\Installer\5dadb.msp
    [2011/06/14 00:18:18 | 000,212,992 | ---- | M] () -- C:\Windows\Installer\5dadf.msi
    [2011/06/14 00:18:21 | 001,139,712 | R--- | M] () -- C:\Windows\Installer\5daeb.msp
    [2011/06/14 00:18:29 | 000,058,880 | ---- | M] () -- C:\Windows\Installer\5daef.msi
    [2011/06/14 00:18:40 | 000,200,192 | ---- | M] () -- C:\Windows\Installer\5daf3.msi
    [2011/06/14 00:18:48 | 003,314,688 | R--- | M] () -- C:\Windows\Installer\5db0f.msp
    [2011/06/14 00:19:13 | 000,417,792 | ---- | M] () -- C:\Windows\Installer\5db15.msi
    [2011/06/14 00:19:20 | 005,514,240 | R--- | M] () -- C:\Windows\Installer\5db28.msp
    [2011/06/14 00:19:31 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\5db2d.msi
    [2011/06/14 00:19:36 | 000,025,600 | ---- | M] () -- C:\Windows\Installer\5db31.msi
    [2011/06/14 00:19:41 | 000,038,912 | R--- | M] () -- C:\Windows\Installer\5db36.msp
    [2011/06/14 00:19:59 | 000,714,240 | ---- | M] () -- C:\Windows\Installer\5db3a.msi
    [2011/06/14 00:20:09 | 005,870,080 | R--- | M] () -- C:\Windows\Installer\5db51.msp
    [2011/06/14 00:20:22 | 000,205,312 | ---- | M] () -- C:\Windows\Installer\5db55.msi
    [2011/06/14 00:20:29 | 002,958,336 | R--- | M] () -- C:\Windows\Installer\5db6f.msp
    [2011/06/14 00:20:38 | 000,891,904 | ---- | M] () -- C:\Windows\Installer\5db73.msi
    [2011/06/14 00:21:12 | 000,216,064 | ---- | M] () -- C:\Windows\Installer\5db77.msi
    [2011/06/14 00:21:27 | 014,617,088 | R--- | M] () -- C:\Windows\Installer\5dba2.msp
    [2011/06/14 00:21:43 | 000,074,752 | ---- | M] () -- C:\Windows\Installer\5dba7.msi
    [2011/06/14 00:21:50 | 003,733,504 | R--- | M] () -- C:\Windows\Installer\5dbb0.msp
    [2011/06/14 00:21:57 | 000,187,904 | ---- | M] () -- C:\Windows\Installer\5dbb5.msi
    [2011/06/14 00:22:01 | 000,205,312 | R--- | M] () -- C:\Windows\Installer\5dbbf.msp
    [2011/06/14 00:22:22 | 000,139,264 | ---- | M] () -- C:\Windows\Installer\5dbc3.msi
    [2011/06/14 00:22:22 | 000,113,664 | R--- | M] () -- C:\Windows\Installer\5dc00.msp
    [2011/06/14 00:22:33 | 000,024,064 | ---- | M] () -- C:\Windows\Installer\5dc04.msi
    [2011/06/14 00:22:44 | 000,277,504 | ---- | M] () -- C:\Windows\Installer\5dc08.msi
    [2011/06/14 00:22:57 | 000,973,824 | ---- | M] () -- C:\Windows\Installer\5dc0c.msi
    [2011/06/14 00:23:04 | 000,099,840 | ---- | M] () -- C:\Windows\Installer\5dc10.msi
    [2011/06/14 00:23:10 | 001,830,400 | R--- | M] () -- C:\Windows\Installer\5dc19.msp
    [2011/06/14 00:23:16 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\5dc1d.msi
    [2011/06/14 00:23:23 | 000,029,184 | ---- | M] () -- C:\Windows\Installer\5dc21.msi
    [2011/06/14 00:23:29 | 000,624,640 | R--- | M] () -- C:\Windows\Installer\5dc2a.msp
    [2011/06/14 00:23:36 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dc2e.msi
    [2011/06/14 00:23:41 | 000,468,480 | R--- | M] () -- C:\Windows\Installer\5dc38.msp
    [2011/06/14 00:23:59 | 000,023,552 | ---- | M] () -- C:\Windows\Installer\5dc3d.msi
    [2011/06/14 00:24:09 | 005,124,608 | R--- | M] () -- C:\Windows\Installer\5dc47.msp
    [2011/06/14 00:24:19 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dc4c.msi
    [2011/06/14 00:24:24 | 000,636,928 | R--- | M] () -- C:\Windows\Installer\5dc52.msp
    [2011/06/14 00:24:33 | 000,201,216 | ---- | M] () -- C:\Windows\Installer\5dc56.msi
    [2011/06/14 00:24:38 | 000,510,976 | R--- | M] () -- C:\Windows\Installer\5dc5b.msp
    [2011/06/14 00:24:48 | 000,023,552 | ---- | M] () -- C:\Windows\Installer\5dc60.msi
    [2011/06/14 00:24:55 | 002,144,256 | R--- | M] () -- C:\Windows\Installer\5dc6b.msp
    [2011/06/14 00:25:01 | 000,021,504 | ---- | M] () -- C:\Windows\Installer\5dc70.msi
    [2011/06/14 00:25:06 | 000,060,416 | R--- | M] () -- C:\Windows\Installer\5dc75.msp
    [2011/06/14 00:25:13 | 000,021,504 | ---- | M] () -- C:\Windows\Installer\5dc7a.msi
    [2011/06/14 00:25:18 | 000,023,552 | R--- | M] () -- C:\Windows\Installer\5dc7f.msp
    [2011/06/14 00:25:29 | 000,087,552 | ---- | M] () -- C:\Windows\Installer\5dc83.msi
    [2011/06/14 00:25:33 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dc87.msi
    [2011/06/14 00:25:39 | 000,022,528 | ---- | M] () -- C:\Windows\Installer\5dc8b.msi
    [2011/06/14 00:25:44 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\5dc8f.msi
    [2011/06/14 00:25:50 | 000,020,992 | ---- | M] () -- C:\Windows\Installer\5dc93.msi
    [2011/06/14 00:25:56 | 000,038,912 | ---- | M] () -- C:\Windows\Installer\5dc97.msi
    [2011/06/14 00:26:01 | 000,024,576 | R--- | M] () -- C:\Windows\Installer\5dc9d.msp
    [2010/03/06 01:03:22 | 000,195,584 | ---- | M] () -- C:\Windows\Installer\5dd609.msi
    [2011/12/18 01:02:51 | 000,026,624 | ---- | M] () -- C:\Windows\Installer\5e727.msi
    [2010/08/13 13:58:24 | 000,540,160 | R--- | M] () -- C:\Windows\Installer\5e73b.msp
    [2010/08/27 16:34:58 | 000,540,160 | R--- | M] () -- C:\Windows\Installer\5e73c.msp
    [2010/09/30 19:13:46 | 000,680,960 | R--- | M] () -- C:\Windows\Installer\5e73d.msp
    [2011/02/08 18:20:46 | 000,843,264 | R--- | M] () -- C:\Windows\Installer\5e73e.msp
    [2011/02/15 11:19:46 | 000,818,688 | R--- | M] () -- C:\Windows\Installer\5e73f.msp
    [2011/03/08 12:33:20 | 000,818,688 | R--- | M] () -- C:\Windows\Installer\5e740.msp
    [2011/05/31 21:16:38 | 000,959,488 | R--- | M] () -- C:\Windows\Installer\5e741.msp
    [2011/11/15 12:38:46 | 000,665,600 | R--- | M] () -- C:\Windows\Installer\5e742.msp
    [2011/01/24 18:16:02 | 000,014,336 | R--- | M] () -- C:\Windows\Installer\5ed4c.msp
    [2011/08/22 00:14:54 | 020,647,936 | R--- | M] () -- C:\Windows\Installer\5ed74.msp
    [2010/09/23 21:02:28 | 000,798,208 | R--- | M] () -- C:\Windows\Installer\64e32c8.msp
    [2011/04/07 03:43:30 | 123,313,664 | R--- | M] () -- C:\Windows\Installer\6a344b.msp
    [2011/05/18 22:55:38 | 019,624,448 | R--- | M] () -- C:\Windows\Installer\6a345b.msp
    [2011/04/28 10:54:26 | 002,720,768 | R--- | M] () -- C:\Windows\Installer\6a3461.msp
    [2009/04/24 12:38:18 | 001,229,312 | R--- | M] () -- C:\Windows\Installer\6ac672.msp
    [2009/04/24 12:31:18 | 001,425,920 | R--- | M] () -- C:\Windows\Installer\6ac67c.msp
    [2010/10/07 19:43:04 | 001,980,416 | R--- | M] () -- C:\Windows\Installer\6bfe255.msp
    [2010/09/17 07:04:16 | 009,401,856 | R--- | M] () -- C:\Windows\Installer\6bfe263.msp
    [2010/10/21 21:05:14 | 002,086,912 | ---- | M] () -- C:\Windows\Installer\6e3648.msi
    [2010/07/10 20:06:20 | 010,120,192 | R--- | M] () -- C:\Windows\Installer\6e7adc.msp
    [2010/07/10 20:14:14 | 002,850,816 | R--- | M] () -- C:\Windows\Installer\6e7ae4.msp
    [2010/02/21 01:03:34 | 004,472,832 | R--- | M] () -- C:\Windows\Installer\6f912fd.msp
    [2010/03/22 16:03:14 | 011,732,992 | R--- | M] () -- C:\Windows\Installer\6f91305.msp
    [2011/04/29 12:30:12 | 001,197,056 | R--- | M] () -- C:\Windows\Installer\73df8d.msp
    [2011/04/29 12:27:04 | 004,158,464 | R--- | M] () -- C:\Windows\Installer\73dfa4.msp
    [2009/06/15 20:01:20 | 000,432,640 | ---- | M] () -- C:\Windows\Installer\78d94.msi
    [2012/01/03 18:58:05 | 015,929,344 | R--- | M] () -- C:\Windows\Installer\7b72f.msp
    [2011/11/28 20:18:12 | 000,062,464 | ---- | M] () -- C:\Windows\Installer\7bbce.msi
    [2010/12/11 04:04:38 | 000,472,064 | ---- | M] () -- C:\Windows\Installer\7f20b3.msi
    [2012/07/06 18:53:47 | 003,105,280 | ---- | M] () -- C:\Windows\Installer\7f469c.msi
    [2010/02/21 02:00:02 | 008,480,768 | R--- | M] () -- C:\Windows\Installer\8479f8.msp
    [2010/02/04 18:24:30 | 009,122,304 | R--- | M] () -- C:\Windows\Installer\847a18.msp
    [2011/12/26 10:02:58 | 019,677,184 | R--- | M] () -- C:\Windows\Installer\90ddc.msp
    [2011/12/25 06:40:46 | 000,819,200 | R--- | M] () -- C:\Windows\Installer\90de2.msp
    [2009/07/28 19:30:26 | 000,326,144 | ---- | M] () -- C:\Windows\Installer\910cb.msi
    [2009/07/28 19:30:32 | 000,320,512 | ---- | M] () -- C:\Windows\Installer\910d0.msi
    [2009/07/28 19:30:47 | 000,432,640 | ---- | M] () -- C:\Windows\Installer\910e2.msi
    [2009/07/28 19:30:52 | 000,519,680 | ---- | M] () -- C:\Windows\Installer\910e7.msi
    [2009/07/28 19:30:58 | 000,592,896 | ---- | M] () -- C:\Windows\Installer\910ec.msi
    [2009/07/28 19:31:00 | 000,501,248 | ---- | M] () -- C:\Windows\Installer\910f1.msi
    [2009/07/28 19:31:08 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\910f6.msi
    [2009/07/28 19:31:29 | 000,367,616 | ---- | M] () -- C:\Windows\Installer\9110d.msi
    [2009/07/28 19:31:37 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\91112.msi
    [2009/07/28 19:31:46 | 000,647,680 | ---- | M] () -- C:\Windows\Installer\9111c.msi
    [2009/07/28 19:32:14 | 000,472,576 | ---- | M] () -- C:\Windows\Installer\91136.msi
    [2009/07/28 19:32:15 | 000,339,968 | ---- | M] () -- C:\Windows\Installer\9113d.msi
    [2009/07/28 19:32:20 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\91142.msi
    [2009/07/28 19:32:23 | 000,596,480 | ---- | M] () -- C:\Windows\Installer\9114a.msi
    [2009/07/28 19:32:27 | 000,121,344 | ---- | M] () -- C:\Windows\Installer\9114f.msi
    [2009/07/28 19:32:41 | 000,343,552 | ---- | M] () -- C:\Windows\Installer\91157.msi
    [2009/07/28 19:33:26 | 000,988,160 | ---- | M] () -- C:\Windows\Installer\9117b.msi
    [2009/07/28 19:33:32 | 000,510,976 | ---- | M] () -- C:\Windows\Installer\91180.msi
    [2009/07/28 19:33:35 | 000,312,320 | ---- | M] () -- C:\Windows\Installer\91185.msi
    [2009/07/28 19:33:37 | 000,211,968 | ---- | M] () -- C:\Windows\Installer\9118a.msi
    [2009/07/28 19:33:39 | 000,623,616 | ---- | M] () -- C:\Windows\Installer\91190.msi
    [2009/07/28 19:35:46 | 000,634,880 | ---- | M] () -- C:\Windows\Installer\91195.msi
    [2009/07/28 19:35:51 | 000,301,568 | ---- | M] () -- C:\Windows\Installer\9119a.msi
    [2009/07/28 19:35:56 | 000,328,192 | ---- | M] () -- C:\Windows\Installer\911a0.msi
    [2012/03/15 13:43:28 | 004,216,320 | R--- | M] () -- C:\Windows\Installer\9e5ef9.msp
    [2012/02/17 08:45:24 | 002,299,392 | R--- | M] () -- C:\Windows\Installer\a47c8.msp
    [2012/04/28 21:43:58 | 008,459,264 | R--- | M] () -- C:\Windows\Installer\a47e8.msp
    [2012/03/15 02:24:28 | 001,795,584 | R--- | M] () -- C:\Windows\Installer\a47fd.msp
    [2011/11/01 13:34:26 | 001,169,920 | R--- | M] () -- C:\Windows\Installer\a4813.msp
    [2011/11/01 13:34:28 | 002,247,168 | R--- | M] () -- C:\Windows\Installer\a4828.msp
    [2012/04/04 22:38:16 | 003,620,864 | R--- | M] () -- C:\Windows\Installer\a4834.msp
    [2012/04/28 21:44:02 | 009,586,176 | R--- | M] () -- C:\Windows\Installer\a4868.msp
    [2012/03/23 14:59:02 | 007,899,648 | R--- | M] () -- C:\Windows\Installer\a487d.msp
    [2011/11/01 13:34:56 | 004,250,112 | R--- | M] () -- C:\Windows\Installer\a48a1.msp
    [2012/04/28 21:44:02 | 009,101,824 | R--- | M] () -- C:\Windows\Installer\a48c1.msp
    [2012/04/04 22:38:44 | 002,831,360 | R--- | M] () -- C:\Windows\Installer\a48d6.msp
    [2010/07/23 02:04:08 | 011,395,072 | R--- | M] () -- C:\Windows\Installer\a9da0.msp
    [2011/07/27 08:37:28 | 011,592,192 | R--- | M] () -- C:\Windows\Installer\a9dc5.msp
    [2011/01/03 12:28:08 | 000,092,672 | ---- | M] () -- C:\Windows\Installer\aae07f.msi
    [2011/01/03 12:29:53 | 000,018,944 | ---- | M] () -- C:\Windows\Installer\aae088.msi
    [2010/12/21 10:29:44 | 009,472,000 | ---- | M] () -- C:\Windows\Installer\bb1b0.msi
    [2011/06/18 09:08:44 | 019,210,240 | R--- | M] () -- C:\Windows\Installer\ccdf0.msp
    [2009/10/16 07:08:48 | 002,237,952 | R--- | M] () -- C:\Windows\Installer\d2b186.msp
    [2009/06/23 22:38:16 | 000,691,200 | ---- | M] () -- C:\Windows\Installer\d2e1d8.msi
    [2009/07/28 23:55:44 | 000,248,832 | ---- | M] () -- C:\Windows\Installer\d7bc64.msi
    [2009/04/24 12:29:02 | 009,013,760 | R--- | M] () -- C:\Windows\Installer\da822.msp
    [2010/10/12 13:54:19 | 000,212,992 | ---- | M] () -- C:\Windows\Installer\db5538.msi
    [2010/12/10 13:47:21 | 000,083,456 | ---- | M] () -- C:\Windows\Installer\dbc9e.msi
    [2012/03/28 20:48:47 | 000,022,016 | ---- | M] () -- C:\Windows\Installer\e1fb7.msi
    [2011/11/01 14:34:30 | 002,531,840 | R--- | M] () -- C:\Windows\Installer\eae3c9.msp
    [2011/11/01 14:34:30 | 001,552,384 | R--- | M] () -- C:\Windows\Installer\eae3dc.msp
    [2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\ef0b4.mst
    [2008/08/21 22:19:45 | 000,061,952 | ---- | M] () -- C:\Windows\Installer\fbb81.mst
    [2011/07/12 15:50:24 | 017,555,968 | R--- | M] () -- C:\Windows\Installer\fd45f0.msp
    [2011/07/11 17:19:28 | 010,619,904 | R--- | M] () -- C:\Windows\Installer\fd45fb.msp
    [2011/12/21 01:05:47 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{05BFB060-4F22-4710-B0A2-2801A1B606C5}.SchedServiceConfig.rmi
    [2011/06/14 00:16:49 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}.SchedServiceConfig.rmi
    [2010/12/30 00:42:01 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{308B6AEA-DE50-4666-996D-0FA461719D6B}.SchedServiceConfig.rmi
    [2012/06/20 00:19:39 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{3C3901C5-3455-3E0A-A214-0B093A5070A6}.SchedServiceConfig.rmi
    [2011/06/13 13:45:27 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{774088D4-0777-4D78-904D-E435B318F5D2}.SchedServiceConfig.rmi
    [2010/08/08 12:09:17 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{85991ED2-010C-4930-96FA-52F43C2CE98A}.SchedServiceConfig.rmi
    [2010/05/03 13:52:23 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}.SchedServiceConfig.rmi
    [2009/11/16 23:03:30 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}.SchedServiceConfig.rmi
    [2009/08/10 15:00:58 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}.SchedServiceConfig.rmi
    [2011/06/14 00:22:57 | 000,000,000 | ---- | M] () -- C:\Windows\Installer\wix{F53D678E-238F-4A71-9742-08BB6774E9DC}.SchedServiceConfig.rmi

    < %windir%\system32\tasks\*.* >
    [2012/06/23 13:46:14 | 000,003,682 | ---- | M] () -- C:\Windows\system32\tasks\Adobe Flash Player Updater
    [2010/07/15 21:33:02 | 000,003,678 | ---- | M] () -- C:\Windows\system32\tasks\Adobe Reader and Acrobat Manager
    [2012/02/26 13:05:42 | 000,003,082 | ---- | M] () -- C:\Windows\system32\tasks\ASC5_PerformanceMonitor
    [2010/04/21 19:49:15 | 000,003,160 | ---- | M] () -- C:\Windows\system32\tasks\CreateChoiceProcessTask
    [2011/02/26 04:52:51 | 000,003,060 | ---- | M] () -- C:\Windows\system32\tasks\Game_Booster_Startup
    [2012/03/28 20:48:09 | 000,003,630 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
    [2012/03/28 20:48:15 | 000,003,882 | ---- | M] () -- C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
    [2010/07/15 21:33:02 | 000,003,660 | ---- | M] () -- C:\Windows\system32\tasks\HP online update program
    [2010/08/08 16:30:13 | 000,003,846 | ---- | M] () -- C:\Windows\system32\tasks\Real Networks Scheduler
    [2011/11/15 23:46:18 | 000,003,196 | ---- | M] () -- C:\Windows\system32\tasks\RealUpgradeLogonTaskS-1-5-21-118059262-2797764304-1290977041-1000
    [2011/11/15 23:46:18 | 000,003,328 | ---- | M] () -- C:\Windows\system32\tasks\RealUpgradeScheduledTaskS-1-5-21-118059262-2797764304-1290977041-1000
    [2009/06/15 16:54:52 | 000,003,202 | ---- | M] () -- C:\Windows\system32\tasks\Recovery DVD Creator-currys
    [2010/10/21 21:05:16 | 000,003,806 | ---- | M] () -- C:\Windows\system32\tasks\Scheduled Update for Ask Toolbar
    [2010/07/17 23:06:11 | 000,002,758 | ---- | M] () -- C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance
    [2012/05/14 19:43:35 | 000,003,686 | ---- | M] () -- C:\Windows\system32\tasks\User_Feed_Synchronization-{5FCC3B7B-7333-4018-B6CB-058AB397226F}
    [2012/07/10 18:51:08 | 000,003,940 | ---- | M] () -- C:\Windows\system32\tasks\User_Feed_Synchronization-{A65AEF0B-B822-4C24-B3BE-67EE9605EB86}
    [2012/05/10 10:07:14 | 000,003,150 | ---- | M] () -- C:\Windows\system32\tasks\{066D67B3-8FF6-40F2-AE4C-FCD397779332}
    [2011/12/26 23:35:47 | 000,003,168 | ---- | M] () -- C:\Windows\system32\tasks\{6A6C8641-9252-4A7B-AD0E-22E5CD41E78F}
    [2009/12/30 18:08:43 | 000,003,188 | ---- | M] () -- C:\Windows\system32\tasks\{9314AEE8-62B5-46E1-9371-CEBBD1505854}
    [2011/12/19 19:39:42 | 000,003,208 | ---- | M] () -- C:\Windows\system32\tasks\{953E484D-EA99-46B4-A95B-80A40D9FD657}
    [2011/12/26 23:02:13 | 000,003,212 | ---- | M] () -- C:\Windows\system32\tasks\{9A51833A-65CA-4472-81F6-7A8B7C220054}
    [2009/06/23 22:33:02 | 000,003,056 | ---- | M] () -- C:\Windows\system32\tasks\{A951A895-488A-4F20-95BB-2FD4A1404939}

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\*. /mp /s >

    < MD5 for: EXPLORER.EXE >
    [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
    [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
    [2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
    [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
    [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
    [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
    [2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
    [2008/04/29 16:42:08 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\explorer.exe
    [2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

    < MD5 for: MRESP50.SYS >
    [2011/05/26 16:03:50 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) MD5=07C02C892E8E1A72D6BF35004F0E9C5E -- C:\Program Files\Common Files\Motive\MRESP50.sys

    < MD5 for: REGEDIT.EXE >
    [2008/01/21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\ERDNT\cache\regedit.exe
    [2008/01/21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\regedit.exe
    [2008/01/21 03:24:53 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe

    < MD5 for: SVCHOST.EXE >
    [2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
    [2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
    [2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
    [2008/01/21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
    [2008/07/01 14:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\svchost.exe

    < MD5 for: USERINIT.EXE >
    [2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
    [2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
    [2008/01/21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

    < MD5 for: WINLOGON.EXE >
    [2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
    [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
    [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
    [2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
    [2008/01/21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
    [2008/07/01 14:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\winlogon.exe

    < C:\Windows\assembly\tmp\U\*.* /s >

    < %Temp%\smtmp\1\*.* >

    < %Temp%\smtmp\2\*.* >

    < %Temp%\smtmp\3\*.* >

    < %Temp%\smtmp\4\*.* >

    < type c:\diskreport.txt /c >
    Microsoft DiskPart version 6.0.6002
    Copyright (C) 1999-2007 Microsoft Corporation.
    On computer: EAMONNS
    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    Volume 0 D DVD-ROM 0 B No Media
    Volume 1 C OS NTFS Partition 586 GB Healthy System
    Volume 2 I Removable 0 B No Media
    Volume 3 E Removable 0 B No Media
    Volume 4 F Removable 0 B No Media
    Volume 5 G Removable 0 B No Media
    Volume 6 H Removable 0 B No Media

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:07BF512B
    @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4
    @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
    @Alternate Data Stream - 1077 bytes -> C:\Users\currys\Documents\Reply to thread 'Internet Options in Control Panel missing'.eml:OECustomProperty
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
    @Alternate Data Stream - 1005 bytes -> C:\Users\currys\Desktop\Argos - Thank you for your order number 201549843.eml:OECustomProperty

    < End of report >
     
  11. baffledUK

    baffledUK Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    114
    OTL Extras logfile created on: 10/07/2012 18:55:16 - Run 1
    OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\currys\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.19222)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    3.00 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 65.67% Memory free
    6.22 Gb Paging File | 4.54 Gb Available in Paging File | 72.96% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 586.17 Gb Total Space | 420.59 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: EAMONNS | User Name: currys | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
    https [open] -- Reg Error: Key error.
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- Reg Error: Key error.
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe"

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0
    "DoNotAllowExceptions" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{077FC2C3-74FB-403F-A334-E774484F5960}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{14A4E836-AB4A-44A9-933F-91CE46AFE2B5}" = lport=139 | protocol=6 | dir=in | app=system |
    "{22C706A7-3A8D-4B6D-A9AE-88DC09214501}" = lport=445 | protocol=6 | dir=in | app=system |
    "{35A60B16-287F-46C1-A5F9-4354D7EF89F4}" = rport=139 | protocol=6 | dir=out | app=system |
    "{36A75987-D56E-4F05-9A03-5AAA81F306CB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{40901B14-999D-4D88-BE80-A291E6744CA7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{5AA588C7-C691-43EB-865B-9E359D8682EF}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{65B64942-38C9-482A-8194-CA0F6EE0F88B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{665A566B-2B80-4935-97CB-5FCCF0113726}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{69B487AE-551B-455B-B78A-C91099B96EBA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{96AAD2FA-FBEA-40E3-80EF-FAF5A323A1A3}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{AD375AD2-C012-412F-816A-4AB8299D8624}" = rport=137 | protocol=17 | dir=out | app=system |
    "{B67AF908-280F-43F1-8C3A-F4C46F7CD957}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{B925A4F0-24F0-4686-95FD-C8E82CCC3594}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{BC3E63E3-F375-4AE4-99E8-5C1A2E938EE1}" = lport=137 | protocol=17 | dir=in | app=system |
    "{C306F9DC-2929-4F98-A820-5587109B462D}" = rport=445 | protocol=6 | dir=out | app=system |
    "{D2C7D018-F349-4D98-92E1-5870132BB37D}" = rport=138 | protocol=17 | dir=out | app=system |
    "{EA7CDFC7-D863-4A3E-9E6B-E3F1F7A9A914}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{ECAE8F2A-4601-40C3-A807-958837B9750C}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F2F1F212-C4A9-42C1-AA7B-F5BE2C82ADD1}" = lport=138 | protocol=17 | dir=in | app=system |
    "{F85E7310-B7C8-44DD-AF53-CAF849547520}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0CD6F7B4-6243-42A3-8E8E-74C595DFF8C9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\napoleon total war\napoleon.exe |
    "{0DE8C8DE-E774-4A91-8DD3-3756847058BB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{0DFE3D5E-1292-4F0F-8015-6361B7DE97F5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{1086D784-1C71-4146-8BE1-4F9E492EA384}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
    "{1B2DC0D8-4758-467A-A820-D679BE61F5A6}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
    "{27EA6E02-5D1B-4BCA-B4E9-B8EFDA209DDE}" = protocol=6 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
    "{351F9051-5177-4A0C-8BFA-79628A9A3EDE}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
    "{36A82E00-DF4C-4707-BE58-D3FB7674860A}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe |
    "{42828803-D75E-4CA6-B629-25FAFF64DE83}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{45AA8F1B-F05C-4A55-B2CE-632972E4D84D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{5F4261BA-17EE-4191-8D14-CB29B9B7ACCC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{5FC77053-37BB-4589-80D4-7007A07940AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{646E010A-8A31-4AAB-A714-060466A26699}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{65D2826D-0863-46B5-ADC5-0AAED43ECBA2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{669A9609-CE9A-412B-91CE-17B4F501CDDE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{6E684EF5-B3CC-4D88-9AB2-C6E03414FF36}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
    "{6F269D87-6FC8-4A0A-9A1F-771D5E724FF0}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpnotifier.exe |
    "{70E74B53-44BD-4761-9FD4-4161C4B29CA9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{75CF704A-CE5F-48B1-BE5F-13DFEAE36786}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{7E145D01-BC9F-4A80-AFC8-021AED9E5E5A}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
    "{8E4D13B1-F004-4907-82EF-462BF3DBEB93}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
    "{952BB108-C89A-4288-9A43-11A3D95B86D4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\napoleon total war\napoleon.exe |
    "{98D2DA95-07EE-402E-830A-F1CA26B6B023}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{9E58EDF0-68E3-4F6F-9087-1589B2E849F0}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe |
    "{A16D46C9-8208-46AF-BF6F-DBC58CDD66E8}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
    "{AB4EC5BD-B183-4837-8DBB-747E3BEBE443}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe |
    "{ACA92CFD-F44B-4D19-9D56-1A76E4C48CA5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2010\fm.exe |
    "{ADF50129-A0D0-4A09-B01C-6C85490C5468}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
    "{B3C7A140-7DEF-448F-9F84-F5E0243A75C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{B50BD5F2-FF67-4DD4-851B-2DC64366E332}" = protocol=6 | dir=out | app=system |
    "{B8D7047F-E01B-4317-97FA-9CBD1A1F2944}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{BA141541-D4B6-4D5B-BD03-37FD58A6C371}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{BDA6A4A2-8D5B-4DF4-B92D-B698121867CF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{BE68E580-C2B2-456D-B409-5B1743F0D7E2}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\beyond the sword\civ4beyondsword.exe |
    "{BF0309EB-A94D-44BD-9F37-55002BAED87C}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
    "{C965B8E4-CD54-4750-9251-5681E7E415E2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{D23B8769-4D9A-44A3-A159-01AF507C6EFB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{D41CA142-1B1E-43ED-99E9-93C0E6F05ADD}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
    "{D8129F23-28D1-498D-9DC2-3A2F9BC48A20}" = protocol=6 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\warlords\civ4warlords.exe |
    "{DF984537-12F5-4F19-B213-ED5F723E3162}" = protocol=17 | dir=in | app=c:\program files\bt broadband desktop help\btbb\bthelpbrowser.exe |
    "{E81A495F-B905-4CB9-AC84-4D2DC4806A8C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{E97292A2-833B-4AE1-9BBF-ED5F22BE57E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{F1D928A8-6CB1-49EC-B34E-20053F210C1A}" = protocol=17 | dir=in | app=c:\program files\2k games\firaxis games\sid meier's civilization 4 complete\civilization4.exe |
    "{F24FC09A-47E9-4A92-8560-A53264E39319}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
    "{F4986326-7C1D-462A-80E2-D6DB7B1DEA97}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\football manager 2010\fm.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
    "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
    "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
    "{121C477C-5B7B-44E3-B621-BDDB542AE8FD}" = TuneUp Utilities Language Pack (en-GB)
    "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
    "{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
    "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
    "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
    "{28518520-F25C-48C3-A224-861F331602F4}" = Setup My PC
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
    "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
    "{2BD94085-2E05-4EBD-8F2D-AF7499C50D92}" = LCD test
    "{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{3350E9B0-DCE6-4AE1-B3AC-D0C11FBEEDA1}_is1" = SeaTools for Windows
    "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3559CDE0-11FC-4D7B-A65C-D646035B1033}" = Nero 8 Essentials
    "{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
    "{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{4B41AE13-BA0E-4328-8E83-AD2A0BEB33EB}" = Sky Player
    "{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
    "{4F923F90-46D1-4492-9CC6-13FBBA00E7EC}" = C4400
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
    "{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5884CB45-C54B-4550-BAD5-3E060FD75D17}" = ZoneAlarm Firewall
    "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
    "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
    "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
    "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
    "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
    "{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6B407945-AE16-4A2A-BAAF-497FE62EDED3}" = PS_AIO_03_C4400_Software_Min
    "{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
    "{6C2EDF63-C83B-4AAD-AC26-1784660F618B}" = Advanced Disk Cleaner
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{709817E4-5439-4206-8738-796B34B623BD}" = MetaBoli
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
    "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
    "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
    "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{848139E5-DC9D-44E6-934E-F64BB648ED6E}_is1" = CD & DVD Label Maker 1.2
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
    "{8B7443F5-E141-42A0-AB61-ED2331AAD606}" = 4oD
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{954B7F64-D1D4-476F-8919-99585D0A6ABF}" = PS_AIO_03_C4400_Software
    "{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
    "{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9F38A000-31A6-4A46-B5AF-07523E3B1E7C}_is1" = Packard Bell ImageWriter v1.1
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
    "{A3E8FC19-2107-49DA-967F-23E1B5210D9C}" = ZoneAlarm Security
    "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
    "{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AB7032FF-AFED-4C58-AA5C-8473B273793A}" = HDReg
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
    "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
    "{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
    "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
    "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
    "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
    "{BEA18030-8B42-1286-EF64-CDA6BD083888}" = BBC iPlayer Desktop
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{C591601B-4F3C-4756-B7B1-1C36637D4AFE}" = Chanalyzer 4
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C9CE9393-B568-428D-AD5B-55452B9748DB}" = PS_AIO_03_C4400_ProductContext
    "{CA786CFF-1D31-4804-B436-F3405B14357F}" = Updator
    "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
    "{DAB5C521-80B2-48C3-B0DA-326A1B331F55}" = GoToAssist Corporate
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
    "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
    "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
    "{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
    "{F012A635-8E2C-4AF2-BD46-C508D00289B2}" = ZoneAlarm Antivirus
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
    "{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}" = Image Writer
    "{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
    "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
    "{F7B72805-2F58-4C04-AE9E-E7AD6A6EF62E}" = C4400_Help
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8}" = HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3
    "4oD" = 4oD
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
    "BT Broadband Desktop Help" = BT Broadband Desktop Help
    "CCleaner" = CCleaner
    "conduitEngine" = Conduit Engine
    "Game Booster_is1" = Game Booster 3
    "Google Desktop" = Google Desktop
    "GoToAssist" = GoToAssist Corporate
    "Greatis Reanimator_is1" = RegRun Reanimator
    "HP Imaging Device Functions" = HP Imaging Device Functions 10.0
    "HP Photosmart Essential" = HP Photosmart Essential 2.5
    "HP Smart Web Printing" = HP Smart Web Printing
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPExtendedCapabilities" = HP Customer Participation Program 10.0
    "HPOCR" = OCR Software by I.R.I.S. 10.0
    "LimeWire" = LimeWire 5.4.6
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Mozilla Firefox 14.0 (x86 en-US)" = Mozilla Firefox 14.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "NVIDIA Display Control Panel" = NVIDIA Display Control Panel
    "NVIDIA Drivers" = NVIDIA Drivers
    "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
    "RealPlayer 12.0" = RealPlayer
    "Smart Defrag 2_is1" = Smart Defrag 2
    "Steam App 34000" = Football Manager 2010
    "Steam App 34030" = Napoleon: Total War
    "SystemRequirementsLab" = System Requirements Lab
    "WinLiveSuite" = Windows Live Essentials
    "ZoneAlarm Free Antivirus + Firewall" = ZoneAlarm Free Antivirus + Firewall
    "ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar
    "ZoneAlarm_Security Toolbar" = ZoneAlarm Security Toolbar

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 10/07/2012 13:46:12 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
    description: Class not registered .

    Error - 10/07/2012 13:46:12 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
    description: Class not registered .

    Error - 10/07/2012 13:49:50 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
    description: Class not registered .

    Error - 10/07/2012 13:49:50 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
    description: Class not registered .

    Error - 10/07/2012 13:58:01 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
    description: Class not registered .

    Error - 10/07/2012 13:58:01 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
    description: Class not registered .

    Error - 10/07/2012 14:07:42 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
    description: Class not registered .

    Error - 10/07/2012 14:07:42 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
    description: Class not registered .

    Error - 10/07/2012 14:10:39 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.1 cannot be loaded. Error
    description: Class not registered .

    Error - 10/07/2012 14:10:39 | Computer Name = Eamonns | Source = Windows Search Service | ID = 3083
    Description = The protocol handler Search.OneIndexHandler.2 cannot be loaded. Error
    description: Class not registered .

    [ OSession Events ]
    Error - 07/07/2009 16:32:25 | Computer Name = Eamonns | Source = Microsoft Office 12 Sessions | ID = 7001
    Description =

    Error - 07/07/2009 16:44:49 | Computer Name = Eamonns | Source = Microsoft Office 12 Sessions | ID = 7001
    Description =

    Error - 07/07/2009 16:50:58 | Computer Name = Eamonns | Source = Microsoft Office 12 Sessions | ID = 7001
    Description =

    [ System Events ]
    Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/07/2012 13:35:20 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
    Description =

    Error - 10/07/2012 13:35:41 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7022
    Description =

    Error - 10/07/2012 13:35:41 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7034
    Description =

    Error - 10/07/2012 13:38:11 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7009
    Description =

    Error - 10/07/2012 13:38:14 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7038
    Description =

    Error - 10/07/2012 13:38:14 | Computer Name = Eamonns | Source = Service Control Manager | ID = 7000
    Description =


    < End of report >
     
  12. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Okay, looks like you have quite a lot there that is not needed, so lets get rid of those :)

    Firstly, can you uninstall these via AddRemove Programs:

    Conduit Engine
    Game Booster 3
    Smart Defrag 2
    ZoneAlarm Security Toolbar


    ------

    Then, can you do the following:

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following
      Code:
      :OTL
      PRC - [2011/08/26 13:56:04 | 000,685,912 | ---- | M] (IObit) -- C:\Program Files\IObit\Game Booster\gbtray.exe
      MOD - [2011/08/26 13:56:08 | 000,516,440 | ---- | M] () -- C:\Program Files\IObit\Game Booster\sqlite3.dll
      MOD - [2011/02/22 16:01:26 | 000,345,088 | ---- | M] () -- C:\Program Files\IObit\Game Booster\madexcept_.bpl
      MOD - [2011/02/22 16:01:26 | 000,177,152 | ---- | M] () -- C:\Program Files\IObit\Game Booster\madbasic_.bpl
      MOD - [2011/02/22 16:01:26 | 000,044,544 | ---- | M] () -- C:\Program Files\IObit\Game Booster\maddisAsm_.bpl
      SRV - File not found [Auto | Stopped] -- -- (WMService)
      SRV - File not found [Disabled | Stopped] -- C:\Program Files\Spybot -- (SBSDWSCService)
      SRV - File not found [Auto | Stopped] -- -- (PLFlash DeviceIoControl Service)
      SRV - File not found [On_Demand | Stopped] -- -- (odserv)
      SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
      SRV - File not found [Auto | Stopped] -- -- (Nero BackItUp Scheduler 3)
      SRV - File not found [On_Demand | Stopped] -- -- (iPod Service)
      SRV - File not found [Auto | Stopped] -- -- (IBUpdaterService)
      SRV - File not found [Auto | Stopped] -- -- (Apple Mobile Device)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (vsdatant7)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MRENDIS5)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MREMPR5)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
      DRV - File not found [Kernel | On_Demand | Stopped] -- -- (cpuz134)
      DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\currys\AppData\Local\Temp\catchme.sys -- (catchme)
      DRV - [2011/02/23 17:52:34 | 000,016,184 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
      IE - HKLM\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found
      IE - HKLM\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.goonsearch.com/web.html?source=IBR-IB-PDP-INS-DBS&q={searchTerms}
      IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
      IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
      IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2645238
      IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
      IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
      IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101067&mntrId=50b4fa92000000000000002197a13750
      IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ALSV5&o=1665&src=crm&q={searchTerms}&locale=en_UK&apn _ptnrs=AU&apn_dtid=YYYYYYYYGB&apn_uid=34399D31-44A3-4DA6-8AC7-C989A030269F&apn_sauid=A32CCD2B-3BB2-4310-B8FA-574A397D7115
      IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.goonsearch.com/web.html?source=IBR-IB-PDP-INS-DBS&q={searchTerms}
      IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=CrQt__Hz-oJhPpnLvuNAmY8Q990?q={searchTerms}
      IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=406&q={searchTerms}
      IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = http://search.ibryte.com/i/playbryte/search/redirect/?type=default-ie&user_id=8a29f83a-1762-4abe-b6d2-85b8f55d9ff9&query={searchTerms}
      IE - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
      FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
      FF - prefs.js..browser.search.defaultthis.engineName: "WiseConvert Customized Web Search"
      FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}"
      FF - prefs.js..browser.search.selectedEngine: "WiseConvert Customized Web Search"
      FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q="
      FF - user.js - File not found
      FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found
      FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: File not found
      FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
      FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
      [2012/07/01 01:10:55 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
      [2012/07/08 19:39:06 | 000,000,000 | ---D | M] (WiseConvert Community Toolbar) -- C:\Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}
      [2012/06/27 14:38:40 | 000,000,925 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\conduit.xml
      [2012/06/23 14:03:40 | 000,002,203 | ---- | M] () -- C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\MyStart Search.xml
      O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll (Montera Technologeis LTD)
      O2 - BHO: (no name) - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll (Montera Technologeis LTD)
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O7 - HKU\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
      O8 - Extra context menu item: Download with &Media Finder - Reg Error: Value error. File not found
      O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. File not found
      O8 - Extra context menu item: Google Sidewiki... - Reg Error: Value error. File not found
      O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} http://assets.photobox.com/assets/au...20090910103721 (Reg Error: Key error.)
      O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/Driver...reqlab_nvd.cab (Reg Error: Key error.)
      O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/s...irector/sw.cab (Reg Error: Key error.)
      O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/Driver...aSmartScan.cab (Reg Error: Key error.)
      O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
      O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.tescophoto.com/upload/act...eX_Control.cab (Reg Error: Key error.)
      O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_17)
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
      O18 - Protocol\Handler\avgsecuritytoolbar - No CLSID value found
      O18 - Protocol\Handler\base64 - No CLSID value found
      O18 - Protocol\Handler\chrome - No CLSID value found
      O18 - Protocol\Handler\ms-itss - No CLSID value found
      O18 - Protocol\Handler\prox - No CLSID value found
      [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
      [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
      [2011/03/15 19:37:45 | 000,029,520 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
      [2011/03/15 19:37:45 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
      [2012/07/01 01:10:53 | 000,000,000 | ---D | M] -- C:\Users\currys\AppData\Roaming\IObit
      [2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
      [2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
      [2012/02/04 12:18:30 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\IObit
      [2011/02/26 04:52:51 | 000,003,060 | ---- | M] () -- C:\Windows\system32\tasks\Game_Booster_Startup
      @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:07BF512B
      @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
      @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4
      @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
      @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
      :Files
      ipconfig /flushdns /c
      :Commands 
      [purity] 
      [resethosts] 
      [emptytemp] 
      [emptyjava]
      [EMPTYFLASH] 
      [CREATERESTOREPOINT] 
      [Reboot]
    • Then click the Run Fix button at the top
    • Click OK.
    • OTL may ask to reboot the machine. Please do so if asked.
    • The report should appear in Notepad after the reboot. Copy/Paste the report in your next reply.
     
  13. baffledUK

    baffledUK Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    114
    All processes killed
    ========== OTL ==========
    No active process named gbtray.exe was found!
    Error: No service named WMService was found to stop!
    Service\Driver key WMService not found.
    Error: No service named SBSDWSCService was found to stop!
    Service\Driver key SBSDWSCService not found.
    File C:\Program Files\Spybot not found.
    Error: No service named PLFlash DeviceIoControl Service was found to stop!
    Service\Driver key PLFlash DeviceIoControl Service not found.
    Error: No service named odserv was found to stop!
    Service\Driver key odserv not found.
    Error: No service named NMIndexingService was found to stop!
    Service\Driver key NMIndexingService not found.
    Error: No service named Nero BackItUp Scheduler 3 was found to stop!
    Service\Driver key Nero BackItUp Scheduler 3 not found.
    Error: No service named iPod Service was found to stop!
    Service\Driver key iPod Service not found.
    Error: No service named IBUpdaterService was found to stop!
    Service\Driver key IBUpdaterService not found.
    Error: No service named Apple Mobile Device was found to stop!
    Service\Driver key Apple Mobile Device not found.
    Error: No service named vsdatant7 was found to stop!
    Service\Driver key vsdatant7 not found.
    Error: No service named NwlnkFwd was found to stop!
    Service\Driver key NwlnkFwd not found.
    Error: No service named NwlnkFlt was found to stop!
    Service\Driver key NwlnkFlt not found.
    Error: No service named MRENDIS5 was found to stop!
    Service\Driver key MRENDIS5 not found.
    Error: No service named MREMPR5 was found to stop!
    Service\Driver key MREMPR5 not found.
    Error: No service named IpInIp was found to stop!
    Service\Driver key IpInIp not found.
    Error: No service named cpuz134 was found to stop!
    Service\Driver key cpuz134 not found.
    Error: No service named catchme was found to stop!
    Service\Driver key catchme not found.
    File C:\Users\currys\AppData\Local\Temp\catchme.sys not found.
    Error: No service named SmartDefragDriver was found to stop!
    Service\Driver key SmartDefragDriver not found.
    File C:\Windows\System32\drivers\SmartDefragDriver.sys not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{91da5e8a-3318-4f8c-b67e-5964de3ab546} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
    Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
    Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
    Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
    Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
    Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}\ not found.
    Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}\ not found.
    Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
    Prefs.js: "WiseConvert Customized Web Search" removed from browser.search.defaultthis.engineName
    Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
    Prefs.js: "WiseConvert Customized Web Search" removed from browser.search.selectedEngine
    Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q=" removed from keyword.URL
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/ShockwavePlayer\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ not found.
    Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=8\ not found.
    Folder C:\Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
    Folder C:\Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\ not found.
    File C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\conduit.xml not found.
    File C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\MyStart Search.xml not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}\ not found.
    File C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\bh\zonealarm.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a0e8bc7d-6959-40b6-8e05-204d9768ad6e}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0e8bc7d-6959-40b6-8e05-204d9768ad6e}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}\ not found.
    File C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.23.8\zonealarmTlbr.dll not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ not found.
    Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-21-118059262-2797764304-1290977041-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder\ not found.
    Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
    Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ not found.
    Starting removal of ActiveX control {0972B098-DEE9-4279-AC7E-4BAAA029102D}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0972B098-DEE9-4279-AC7E-4BAAA029102D}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0972B098-DEE9-4279-AC7E-4BAAA029102D}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0972B098-DEE9-4279-AC7E-4BAAA029102D}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0972B098-DEE9-4279-AC7E-4BAAA029102D}\ not found.
    Starting removal of ActiveX control {1E54D648-B804-468d-BC78-4AFFED8E262F}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1E54D648-B804-468d-BC78-4AFFED8E262F}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E54D648-B804-468d-BC78-4AFFED8E262F}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1E54D648-B804-468d-BC78-4AFFED8E262F}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E54D648-B804-468d-BC78-4AFFED8E262F}\ not found.
    Starting removal of ActiveX control {233C1507-6A77-46A4-9443-F871F945D258}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
    Starting removal of ActiveX control {74DBCB52-F298-4110-951D-AD2FF67BC8AB}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
    Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
    Starting removal of ActiveX control {BEA7310D-06C4-4339-A784-DC3804819809}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{BEA7310D-06C4-4339-A784-DC3804819809}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEA7310D-06C4-4339-A784-DC3804819809}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{BEA7310D-06C4-4339-A784-DC3804819809}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEA7310D-06C4-4339-A784-DC3804819809}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\avgsecuritytoolbar\ not found.
    File Protocol\Handler\avgsecuritytoolbar - No CLSID value found not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\base64\ not found.
    File Protocol\Handler\base64 - No CLSID value found not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\chrome\ not found.
    File Protocol\Handler\chrome - No CLSID value found not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ not found.
    File Protocol\Handler\ms-itss - No CLSID value found not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\prox\ not found.
    File Protocol\Handler\prox - No CLSID value found not found.
    File/Folder C:\Windows\System32\*.tmp not found.
    File/Folder C:\Windows\*.tmp not found.
    File C:\Windows\System32\SmartDefragBootTime.exe not found.
    File C:\Windows\System32\drivers\SmartDefragDriver.sys not found.
    Folder C:\Users\currys\AppData\Roaming\IObit\ not found.
    Folder C:\Users\Default\AppData\Roaming\IObit\ not found.
    Folder C:\Users\Default User\AppData\Roaming\IObit\ not found.
    Folder C:\Users\UpdatusUser\AppData\Roaming\IObit\ not found.
    File C:\Windows\system32\tasks\Game_Booster_Startup not found.
    Unable to delete ADS C:\ProgramData\TEMP:07BF512B .
    Unable to delete ADS C:\ProgramData\TEMP:430C6D84 .
    Unable to delete ADS C:\ProgramData\TEMP:0B4227B4 .
    Unable to delete ADS C:\ProgramData\TEMP:A8ADE5D8 .
    Unable to delete ADS C:\ProgramData\TEMP:DFC5A2B2 .
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\currys\Downloads\cmd.bat deleted successfully.
    C:\Users\currys\Downloads\cmd.txt deleted successfully.
    ========== COMMANDS ==========
    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: All Users

    User: currys
    ->Temp folder emptied: 1050496 bytes
    ->Temporary Internet Files folder emptied: 1439217 bytes
    ->Java cache emptied: 1 bytes
    ->FireFox cache emptied: 59824564 bytes
    ->Apple Safari cache emptied: 0 bytes
    ->Flash cache emptied: 56967 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->Flash cache emptied: 56475 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes
    ->Flash cache emptied: 56475 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 27915180 bytes
    RecycleBin emptied: 1146246 bytes

    Total Files Cleaned = 87.00 mb


    [EMPTYJAVA]

    User: All Users

    User: currys
    ->Java cache emptied: 0 bytes

    User: Default

    User: Default User

    User: Public

    User: UpdatusUser

    Total Java Files Cleaned = 0.00 mb


    [EMPTYFLASH]

    User: All Users

    User: currys
    ->Flash cache emptied: 0 bytes

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Public

    User: UpdatusUser
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb

    Unable to start System Restore Service. Error code -2146959355

    OTL by OldTimer - Version 3.2.53.1 log created on 07112012_220830

    Files\Folders moved on Reboot...
    C:\Users\currys\AppData\Local\Temp\~DF6D18.tmp moved successfully.
    C:\Windows\temp\ZLT02723.TMP moved successfully.

    PendingFileRenameOperations files...
    File C:\Users\currys\AppData\Local\Temp\~DF6D18.tmp not found!
    File C:\Windows\temp\ZLT02723.TMP not found!

    Registry entries deleted on Reboot...

    Eddie can't find conduit engine in add/remove any ideas?
     
  14. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,801
    Its okay about the Conduit Engine, it may have been removed after uninstalling the others ;)

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :filefind
      *Conduit*
      *Game Booster*
      *Smart Defrag*
      *ZoneAlarm*
      *IObit*
      *SmartDefragDriver*
      *goonsearch*
      *searchqu*
      *ask.com*
      *babylon*
      *ibryte*
      *MyStart*
      *uTorrentBar*
      *WiseConvert*
      *Blabbers*
      :folderfind
      *Conduit*
      *Game Booster*
      *Smart Defrag*
      *ZoneAlarm*
      *IObit*
      *SmartDefragDriver*
      *goonsearch*
      *searchqu*
      *ask.com*
      *babylon*
      *ibryte*
      *MyStart*
      *uTorrentBar*
      *WiseConvert*
      *Blabbers*
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found at on your Desktop entitled SystemLook.txt
     
  15. baffledUK

    baffledUK Thread Starter

    Joined:
    Jul 1, 2012
    Messages:
    114
    SystemLook 30.07.11 by jpshortstuff
    Log created at 21:05 on 16/07/2012 by currys
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "*Conduit*"
    C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServices\Clients\com.yahoo.go.sync\com.yahoo.go.sync.client.resources\PhoneConduit.plist --a---- 11408 bytes [07:36 16/04/2010] [07:36 16/04/2010] AB18CD2A656AE753C30E6276EC3DA0C2
    C:\Program Files\ConduitEngine\ConduitEngine.dll --a---- 3911776 bytes [22:45 21/12/2010] [12:51 09/12/2010] D9A0CE26ADA5BD15B1B03A752DDF14A6
    C:\Program Files\ConduitEngine\ConduitEngineHelper.exe --a---- 38496 bytes [22:45 21/12/2010] [08:08 19/12/2010] A320DF2B47CFCAF98D06EB59CD72084C
    C:\Program Files\ConduitEngine\ConduitEngineUninstall.exe --a---- 23648 bytes [22:45 21/12/2010] [10:32 25/11/2010] DF465BE110DC0F7E5329D1B8065A405F
    C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1037922_1033633_UK.xml --a---- 197 bytes [19:19 28/11/2011] [23:09 04/12/2011] F1FF673270D84B6548C27BE92BF4520F
    C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1161838_1157525_UK.xml --a---- 184 bytes [22:46 21/12/2010] [00:10 03/03/2011] F74147AF8D71A423E2E1DABCA44BC712
    C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1178763_1174448_UK.xml --a---- 179 bytes [11:55 22/01/2012] [10:13 12/03/2012] F7598DCC137C5BC7A12A1A69CF63D58D
    C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_900783_896578_UK.xml --a---- 198 bytes [23:55 02/03/2011] [00:10 03/03/2011] 44D5CE8ECD2976E626B8D997EF454F36
    C:\Users\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_UK.xml --a---- 191 bytes [22:46 21/12/2010] [00:10 03/03/2011] 43C93B80235159F037CEA9A173922F92
    C:\Users\currys\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=6_7_0_6.xml --a---- 10909 bytes [19:18 28/11/2011] [14:48 04/12/2011] 1B3B574AA349758343D3C80787B9739E
    C:\Users\currys\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=6_8_2_0.xml --a---- 10909 bytes [14:59 04/12/2011] [18:27 28/12/2011] 1B3B574AA349758343D3C80787B9739E
    C:\Users\currys\AppData\LocalLow\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=6_8_5_1.xml --a---- 10909 bytes [11:55 22/01/2012] [11:55 11/03/2012] 1B3B574AA349758343D3C80787B9739E
    C:\Users\currys\AppData\LocalLow\ConduitEngine\ConduitEngine.dll --a---- 4214056 bytes [18:49 09/03/2011] [15:14 16/02/2011] 4CF003B5D20C351A1AA4A343267A7832
    C:\Users\currys\AppData\LocalLow\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu&locale=en-gb.xml --a---- 6613 bytes [22:45 21/12/2010] [22:45 21/12/2010] FE3E6F69A41E7532957D7814E3E433E1
    C:\Users\currys\AppData\LocalLow\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu2_0&locale=en-gb.xml --a---- 6819 bytes [22:45 21/12/2010] [18:48 09/03/2011] A278FCD81E7E9E287A0F8BB1C89CD2C6
    C:\Users\currys\AppData\LocalLow\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu&locale=en-gb.xml --a---- 4060 bytes [22:45 21/12/2010] [22:45 21/12/2010] D36423CECBFE5F806725E13ED7101201
    C:\Users\currys\AppData\LocalLow\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu2_0&locale=en-gb.xml --a---- 4475 bytes [22:45 21/12/2010] [18:48 09/03/2011] 74F81E98677EB434ADD4BC697F677185
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_634062498888125000_png.png --a---- 509 bytes [19:18 28/11/2011] [19:18 28/11/2011] 40ECBDFF6DF6593ACDEAD0021DCC7336
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_634062499232812500_png.png --a---- 670 bytes [19:18 28/11/2011] [19:18 28/11/2011] D9CE725CB6F7C294C96BDF01D653A8D5
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_634062507244523750_png.png --a---- 542 bytes [19:18 28/11/2011] [19:18 28/11/2011] 9D05DCA26B67565D14A9449C99151904
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_634072035938731250_png.png --a---- 1233 bytes [19:18 28/11/2011] [19:18 28/11/2011] DBE61127540140F646C5CBF6C861EF7C
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_634086668687710000_png.png --a---- 1220 bytes [19:18 28/11/2011] [19:18 28/11/2011] E47D3E82CF24455F91AFF9C5CC0B97EB
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_634104326720878750_gif.gif --a---- 405 bytes [19:18 28/11/2011] [19:18 28/11/2011] 2221BD773E94BC9C07D9433BDC91A234
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_634182163591881250_png.png --a---- 1272 bytes [19:18 28/11/2011] [19:18 28/11/2011] 3894229CBC80234B1321515E51A063A9
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_634449653283568750_png.png --a---- 529 bytes [19:18 28/11/2011] [19:18 28/11/2011] 810FDF4A283DB1CFFFF73828531AC0D7
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_Menu-silkset_accept_gif-Silk_1-634051179887806250_gif.gif --a---- 403 bytes [19:18 28/11/2011] [19:18 28/11/2011] 87B062CE740BE13817F46B8F381E8A2B
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_38_264_CT2645238_Images_PopUpBlocker-02_gif-Shiny-634461580123626958_gif.gif --a---- 1008 bytes [19:18 28/11/2011] [19:18 28/11/2011] AE12636E9E2B22BCD58053E57E8709C7
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankimages_commandcomps_block_gif.gif --a---- 159 bytes [19:18 28/11/2011] [19:18 28/11/2011] FF164EABA285C2E614EBFD967FEF9732
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png --a---- 821 bytes [19:18 28/11/2011] [19:18 28/11/2011] 99D5F75C338F2A877CBF891E0F18746E
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png --a---- 729 bytes [19:18 28/11/2011] [19:18 28/11/2011] F2291FAB46ED9291A1A2FFE9F88E9D84
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png --a---- 531 bytes [19:18 28/11/2011] [19:18 28/11/2011] A847C5F6CE2C700048749892DD2E0619
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png --a---- 669 bytes [19:18 28/11/2011] [19:18 28/11/2011] FED9E00C76F647EE6A0B7CC684C89F0C
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png --a---- 263 bytes [19:18 28/11/2011] [19:18 28/11/2011] 36BD416D16391EFAAAFB2C3C54EAE986
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png --a---- 734 bytes [19:18 28/11/2011] [19:18 28/11/2011] 943ADFD9E0DF1507F7BC419802BF4303
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png --a---- 562 bytes [19:18 28/11/2011] [19:18 28/11/2011] 36C6FB9C84D4AF5C5D7C5B277A0E4A01
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png --a---- 493 bytes [19:18 28/11/2011] [19:18 28/11/2011] 275C9DA2D536F18F528C80E050C3D705
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png --a---- 706 bytes [19:18 28/11/2011] [19:18 28/11/2011] 3AD88BD8E832DA39FAAEDF07AD595F94
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png --a---- 674 bytes [19:18 28/11/2011] [19:18 28/11/2011] 650731EEF807C292E699779B12CBE552
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png --a---- 607 bytes [19:18 28/11/2011] [19:18 28/11/2011] 9B4D914888BCFFCBAE6757A0E450551C
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Events_png.png --a---- 705 bytes [19:18 28/11/2011] [19:18 28/11/2011] 70B83DCDF7A6FA34240E1AA1D23EE535
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Friends_png.png --a---- 746 bytes [19:18 28/11/2011] [19:18 28/11/2011] 2AE805114215925E00858FD2FEFF1439
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Groups_png.png --a---- 669 bytes [19:18 28/11/2011] [19:18 28/11/2011] 6CFEA2D0DB786FDB4D72C1C1DE036822
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Home_png.png --a---- 338 bytes [19:18 28/11/2011] [19:18 28/11/2011] DB45ACA16C515F2FD8CB3B6F5E4FC386
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Inbox_png.png --a---- 545 bytes [19:18 28/11/2011] [19:18 28/11/2011] 6EB69BFCBFD422247C103705B532BFE1
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Logout_png.png --a---- 514 bytes [19:18 28/11/2011] [19:18 28/11/2011] 7F396C3A400239B9B66DEC2D503D86BB
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Photos_png.png --a---- 3355 bytes [19:18 28/11/2011] [19:18 28/11/2011] EC261A170D34BE434129E71B9C2C0408
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Profile_png.png --a---- 594 bytes [19:18 28/11/2011] [19:18 28/11/2011] 62C86296694EF7F41D380804A58EF5CA
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Settings_png.png --a---- 415 bytes [19:18 28/11/2011] [19:18 28/11/2011] E42D284CC0436B66C1DB4AAFFCCC1957
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Share_png.png --a---- 461 bytes [19:18 28/11/2011] [19:18 28/11/2011] B4AEAC6600360BC4148538F716453AAC
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Status_png.png --a---- 699 bytes [19:18 28/11/2011] [19:18 28/11/2011] 640E17444F44717CA5039BCB7FD3551E
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif --a---- 419 bytes [19:18 28/11/2011] [19:18 28/11/2011] 01B83C91554738F6AFFB7895BBBA73FB
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif --a---- 403 bytes [19:18 28/11/2011] [19:18 28/11/2011] EC3C2B4E0DEC4D880BAFF88ABBF94188
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif --a---- 414 bytes [19:18 28/11/2011] [19:18 28/11/2011] A9E001CBC00B06B121DFBC80707F5298
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif --a---- 278 bytes [19:18 28/11/2011] [19:18 28/11/2011] 15DEF39E438E807E2F0E22D44FDC7FB7
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif --a---- 405 bytes [19:18 28/11/2011] [19:18 28/11/2011] 995595D4C685D659E8F03CD0A287EDDF
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif --a---- 361 bytes [19:18 28/11/2011] [19:18 28/11/2011] 464E244E7E2F27FB85E0C3AB69D72104
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif --a---- 425 bytes [19:18 28/11/2011] [19:18 28/11/2011] 6427565C7105DC497287866100F260BB
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif --a---- 381 bytes [19:18 28/11/2011] [19:18 28/11/2011] AE7C9F67594A84B096D225601ACB0B2A
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif --a---- 351 bytes [19:18 28/11/2011] [19:18 28/11/2011] C3EBA0237D68F665AF6D663906221092
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_tell_a_friend_gif.gif --a---- 392 bytes [19:18 28/11/2011] [19:18 28/11/2011] 5E7217A3357550F9749A095631F51015
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif --a---- 399 bytes [19:18 28/11/2011] [19:18 28/11/2011] 8BE02D510B4B2E05AD2611B1E9A0BD56
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif --a---- 405 bytes [19:18 28/11/2011] [19:18 28/11/2011] 66018EAE0906C9831A821CAE5D1089BB
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif --a---- 371 bytes [19:18 28/11/2011] [19:18 28/11/2011] 84896837EDB1A78C14DB6A2F3A0AEE3A
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif --a---- 322 bytes [19:18 28/11/2011] [19:18 28/11/2011] 948781E4B6478290050ECA4423B89B1E
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif --a---- 606 bytes [19:18 28/11/2011] [19:18 28/11/2011] 2A1D4FB45F62D3D260F2134228FAB05E
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif --a---- 240 bytes [19:18 28/11/2011] [19:18 28/11/2011] AE5A39669C623937C0839E079E1088D5
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif --a---- 335 bytes [19:18 28/11/2011] [19:18 28/11/2011] 766433EF38BDA83C4FD4932027A4B9D5
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_MarketPlace_27_580_2760e0b4-18bf-4506-b490-68675d529580_Appearance_634162503573491253_24x24_png.png --a---- 1942 bytes [19:18 28/11/2011] [19:18 28/11/2011] 6FB2D7B7D0D5AB90592A88F6ECE99F52
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_MarketPlace_9b_1c5_9b145804-a2fe-4b13-aa3d-2a7d0d2e71c5_Appearance_634045313698673754_png.png --a---- 1521 bytes [19:18 28/11/2011] [19:18 28/11/2011] 9923EFB40AEB86E5663330985042FF62
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___storage_conduit_com_MarketPlace_d2_909_d2d47f0a-2c1d-48a1-8dba-fdebac043909_Appearance_634211716261212501_24x24_png.png --a---- 1164 bytes [19:18 28/11/2011] [19:18 28/11/2011] 31739E90689A4A6E14D8782F8E4C3434
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weather_conduit_com_images_weather_Default_drizzle_gif.gif --a---- 351 bytes [23:02 04/12/2011] [23:02 04/12/2011] 703A98E0FBFB8C9B617E732C9E62DB04
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_gif.gif --a---- 173 bytes [14:48 04/12/2011] [14:48 04/12/2011] E509575F473727B14C87367068C42353
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_night_gif.gif --a---- 212 bytes [19:19 28/11/2011] [19:19 28/11/2011] 88CD5B8D6F007347115A8A602E5D158B
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weather_conduit_com_images_weather_Default_rain_gif.gif --a---- 386 bytes [20:02 12/12/2011] [20:02 12/12/2011] 8006B1A5A88AB3451A5E58AA361815DD
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weather_conduit_com_images_weather_Default_showers_gif.gif --a---- 379 bytes [23:29 28/12/2011] [23:29 28/12/2011] 8ACA902931FBDF51B3BB293D6E15D70F
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_gif.gif --a---- 259 bytes [09:26 30/11/2011] [09:26 30/11/2011] 110EC9BCA8470D6488B626EA28914A6C
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_night_gif.gif --a---- 204 bytes [21:19 29/11/2011] [21:19 29/11/2011] 5EBD213E8A460652C883CBF68C152B5B
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en.xml --a---- 7042 bytes [19:18 28/11/2011] [18:27 28/12/2011] C159A6BEAA8E32AAEFE7172DD5C2481E
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en.xml --a---- 5520 bytes [19:18 28/11/2011] [18:27 28/12/2011] D2E48F631F8A9768E9BBCB0964C7878F
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en.xml --a---- 6586 bytes [19:18 28/11/2011] [18:27 28/12/2011] 0DC95CF28A384D3BFBFA60244A55125A
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en.xml --a---- 5519 bytes [19:18 28/11/2011] [18:27 28/12/2011] 2B856ABBDD6E033594465C4945D5C93A
    C:\Windows\System32\config\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1161838_1157525_UK.xml --a---- 184 bytes [22:38 10/02/2011] [16:02 23/02/2011] F74147AF8D71A423E2E1DABCA44BC712
    C:\Windows\System32\config\currys\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_UK.xml --a---- 191 bytes [22:38 10/02/2011] [16:02 23/02/2011] 43C93B80235159F037CEA9A173922F92
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png --a---- 821 bytes [22:32 10/02/2011] [22:32 10/02/2011] 99D5F75C338F2A877CBF891E0F18746E
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png --a---- 729 bytes [22:32 10/02/2011] [22:32 10/02/2011] F2291FAB46ED9291A1A2FFE9F88E9D84
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png --a---- 531 bytes [22:32 10/02/2011] [22:32 10/02/2011] A847C5F6CE2C700048749892DD2E0619
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png --a---- 669 bytes [22:32 10/02/2011] [22:32 10/02/2011] FED9E00C76F647EE6A0B7CC684C89F0C
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png --a---- 263 bytes [22:32 10/02/2011] [22:32 10/02/2011] 36BD416D16391EFAAAFB2C3C54EAE986
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png --a---- 734 bytes [22:32 10/02/2011] [22:32 10/02/2011] 943ADFD9E0DF1507F7BC419802BF4303
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png --a---- 562 bytes [22:32 10/02/2011] [22:32 10/02/2011] 36C6FB9C84D4AF5C5D7C5B277A0E4A01
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoveLeft_png.png --a---- 610 bytes [22:32 10/02/2011] [22:32 10/02/2011] 68E9E9252E45ED7BD51B8680E8DD4462
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoveRight_png.png --a---- 606 bytes [22:32 10/02/2011] [22:32 10/02/2011] 8D8D187BA99DBEF76E4286668B474A4E
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png --a---- 493 bytes [22:32 10/02/2011] [22:32 10/02/2011] 275C9DA2D536F18F528C80E050C3D705
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png --a---- 706 bytes [22:32 10/02/2011] [22:32 10/02/2011] 3AD88BD8E832DA39FAAEDF07AD595F94
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png --a---- 674 bytes [22:32 10/02/2011] [22:32 10/02/2011] 650731EEF807C292E699779B12CBE552
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png --a---- 696 bytes [22:32 10/02/2011] [22:32 10/02/2011] 70D43EC3F4BD7C10D5534EFCEC6D7AE5
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png --a---- 607 bytes [22:32 10/02/2011] [22:32 10/02/2011] 9B4D914888BCFFCBAE6757A0E450551C
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu&locale=en-gb.xml --a---- 6613 bytes [22:32 10/02/2011] [22:32 10/02/2011] FE3E6F69A41E7532957D7814E3E433E1
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu2_0&locale=en-gb.xml --a---- 6819 bytes [22:32 10/02/2011] [22:32 10/02/2011] A278FCD81E7E9E287A0F8BB1C89CD2C6
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu&locale=en-gb.xml --a---- 4060 bytes [22:32 10/02/2011] [22:32 10/02/2011] D36423CECBFE5F806725E13ED7101201
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu2_0&locale=en-gb.xml --a---- 4475 bytes [22:32 10/02/2011] [22:32 10/02/2011] 74F81E98677EB434ADD4BC697F677185
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_633887384515212500_png.png --a---- 431 bytes [22:32 10/02/2011] [22:32 10/02/2011] C07B41CE42E51B3BEA6018B07CB7E3A5
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_633887385401150000_png.png --a---- 234 bytes [22:32 10/02/2011] [22:32 10/02/2011] FC109501BBC006458D9EC3C786EC0D63
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255835779568750_gif.gif --a---- 462 bytes [22:32 10/02/2011] [22:32 10/02/2011] ACBE6609E815630977767A9F858B80C6
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255836123318750_gif.gif --a---- 440 bytes [22:32 10/02/2011] [22:32 10/02/2011] 68AEF48DF3C3B4CEEE1281CE50E21D87
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255836456912500_gif.gif --a---- 458 bytes [22:32 10/02/2011] [22:32 10/02/2011] 55932819DB4A8970A9C61C22C281F6B7
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255836791287500_gif.gif --a---- 440 bytes [22:32 10/02/2011] [22:32 10/02/2011] 68AEF48DF3C3B4CEEE1281CE50E21D87
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255836997850000_gif.gif --a---- 696 bytes [22:32 10/02/2011] [22:32 10/02/2011] C0C6DF053D83A35E33AE70965F0FE917
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255837217537500_gif.gif --a---- 289 bytes [22:32 10/02/2011] [22:32 10/02/2011] 4CEAAE67B8871D5CCC0DCBE6D2901345
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255837399881250_gif.gif --a---- 412 bytes [22:32 10/02/2011] [22:32 10/02/2011] E9F0CCBC43F6612BA259E59EA43183D0
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255837581600000_gif.gif --a---- 472 bytes [22:32 10/02/2011] [22:32 10/02/2011] 8B61C11CADDB14B8C88842C0BC0F6287
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255837766443750_gif.gif --a---- 1075 bytes [22:32 10/02/2011] [22:32 10/02/2011] 62F9C5DF7F25782EF45F934D39545730
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255837954881250_gif.gif --a---- 658 bytes [22:32 10/02/2011] [22:32 10/02/2011] B6BF0A9C02D283294E314E81A50D84D7
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255838153318750_gif.gif --a---- 206 bytes [22:32 10/02/2011] [22:32 10/02/2011] 57AB7F2947B7357C353CD58FEC11215E
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255838345818750_gif.gif --a---- 1415 bytes [22:32 10/02/2011] [22:32 10/02/2011] 23C34B3EE5582922B29DEC4CD7909719
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255838549100000_gif.gif --a---- 1039 bytes [22:32 10/02/2011] [22:32 10/02/2011] 0E265B20DE60F9CB087D35D0513D0127
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255838733162500_gif.gif --a---- 1144 bytes [22:32 10/02/2011] [22:32 10/02/2011] 5D064A7B1D48DBD08F54CD93CDA1A8E7
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634255840460818750_gif.gif --a---- 787 bytes [22:32 10/02/2011] [22:32 10/02/2011] 97BCF57BD3BF80F5225AE25C44F1FEF6
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_26_276_CT2769726_Images_634273524687875000_gif.gif --a---- 1288 bytes [22:32 10/02/2011] [22:32 10/02/2011] 782AE3076DBF8BDAA280AF650B503A98
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png --a---- 821 bytes [22:32 10/02/2011] [22:32 10/02/2011] 99D5F75C338F2A877CBF891E0F18746E
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png --a---- 729 bytes [22:32 10/02/2011] [22:32 10/02/2011] F2291FAB46ED9291A1A2FFE9F88E9D84
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png --a---- 531 bytes [22:32 10/02/2011] [22:32 10/02/2011] A847C5F6CE2C700048749892DD2E0619
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png --a---- 669 bytes [22:32 10/02/2011] [22:32 10/02/2011] FED9E00C76F647EE6A0B7CC684C89F0C
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png --a---- 263 bytes [22:32 10/02/2011] [22:32 10/02/2011] 36BD416D16391EFAAAFB2C3C54EAE986
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png --a---- 734 bytes [22:32 10/02/2011] [22:32 10/02/2011] 943ADFD9E0DF1507F7BC419802BF4303
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png --a---- 562 bytes [22:32 10/02/2011] [22:32 10/02/2011] 36C6FB9C84D4AF5C5D7C5B277A0E4A01
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png --a---- 493 bytes [22:32 10/02/2011] [22:32 10/02/2011] 275C9DA2D536F18F528C80E050C3D705
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png --a---- 706 bytes [22:32 10/02/2011] [22:32 10/02/2011] 3AD88BD8E832DA39FAAEDF07AD595F94
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png --a---- 674 bytes [22:32 10/02/2011] [22:32 10/02/2011] 650731EEF807C292E699779B12CBE552
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png --a---- 696 bytes [22:32 10/02/2011] [22:32 10/02/2011] 70D43EC3F4BD7C10D5534EFCEC6D7AE5
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___Storage_conduit_com_BankImages_ConduitEngine_ContextMenu_Upgrade_png.png --a---- 607 bytes [22:32 10/02/2011] [22:32 10/02/2011] 9B4D914888BCFFCBAE6757A0E450551C
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif --a---- 419 bytes [22:32 10/02/2011] [22:32 10/02/2011] 01B83C91554738F6AFFB7895BBBA73FB
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif --a---- 403 bytes [22:32 10/02/2011] [22:32 10/02/2011] EC3C2B4E0DEC4D880BAFF88ABBF94188
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif --a---- 414 bytes [22:32 10/02/2011] [22:32 10/02/2011] A9E001CBC00B06B121DFBC80707F5298
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif --a---- 278 bytes [22:32 10/02/2011] [22:32 10/02/2011] 15DEF39E438E807E2F0E22D44FDC7FB7
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif --a---- 405 bytes [22:32 10/02/2011] [22:32 10/02/2011] 995595D4C685D659E8F03CD0A287EDDF
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif --a---- 405 bytes [22:32 10/02/2011] [22:32 10/02/2011] AA39D8A6B65E208901EBA9F3D4728D3E
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif --a---- 361 bytes [22:32 10/02/2011] [22:32 10/02/2011] 464E244E7E2F27FB85E0C3AB69D72104
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif --a---- 425 bytes [22:32 10/02/2011] [22:32 10/02/2011] 6427565C7105DC497287866100F260BB
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif --a---- 381 bytes [22:32 10/02/2011] [22:32 10/02/2011] AE7C9F67594A84B096D225601ACB0B2A
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif --a---- 351 bytes [22:32 10/02/2011] [22:32 10/02/2011] C3EBA0237D68F665AF6D663906221092
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_tell_a_friend_gif.gif --a---- 392 bytes [22:32 10/02/2011] [22:32 10/02/2011] 5E7217A3357550F9749A095631F51015
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif --a---- 399 bytes [22:32 10/02/2011] [22:32 10/02/2011] 8BE02D510B4B2E05AD2611B1E9A0BD56
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_searchengines_go_btn_new_gif.gif --a---- 891 bytes [22:32 10/02/2011] [22:32 10/02/2011] F74F91E7DF0A5A5283AB2D2F0E6E58DE
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif --a---- 405 bytes [22:32 10/02/2011] [22:32 10/02/2011] 66018EAE0906C9831A821CAE5D1089BB
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif --a---- 371 bytes [22:32 10/02/2011] [22:32 10/02/2011] 84896837EDB1A78C14DB6A2F3A0AEE3A
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif --a---- 322 bytes [22:32 10/02/2011] [22:32 10/02/2011] 948781E4B6478290050ECA4423B89B1E
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_SearchEngines_site_search_gif.gif --a---- 625 bytes [22:32 10/02/2011] [22:32 10/02/2011] C23D4DB18B6BB4F38ECBA57AD414A5CF
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif --a---- 606 bytes [22:32 10/02/2011] [22:32 10/02/2011] 2A1D4FB45F62D3D260F2134228FAB05E
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif --a---- 240 bytes [22:32 10/02/2011] [22:32 10/02/2011] AE5A39669C623937C0839E079E1088D5
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif --a---- 335 bytes [22:32 10/02/2011] [22:32 10/02/2011] 766433EF38BDA83C4FD4932027A4B9D5
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___weather_conduit_com_images_weather_Default_drizzle_gif.gif --a---- 351 bytes [11:02 19/02/2011] [11:02 19/02/2011] 703A98E0FBFB8C9B617E732C9E62DB04
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___weather_conduit_com_images_weather_Default_hazy_gif.gif --a---- 468 bytes [09:52 22/02/2011] [09:52 22/02/2011] 25C37C070415AAC32DD6C50BD64276CC
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_night_gif.gif --a---- 212 bytes [22:32 10/02/2011] [22:32 10/02/2011] 88CD5B8D6F007347115A8A602E5D158B
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=en.xml --a---- 7046 bytes [22:32 10/02/2011] [22:32 10/02/2011] 2FEB6772FE1EAADE909B94F77730A174
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=en.xml --a---- 5524 bytes [22:32 10/02/2011] [22:32 10/02/2011] A682A34DF1ECD0DAD55086A5288F23CA
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=en.xml --a---- 6586 bytes [22:32 10/02/2011] [22:32 10/02/2011] 0DC95CF28A384D3BFBFA60244A55125A
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=en.xml --a---- 5519 bytes [22:32 10/02/2011] [22:32 10/02/2011] 2B856ABBDD6E033594465C4945D5C93A
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.js --a---- 9052 bytes [10:56 22/01/2012] [11:47 11/01/2012] AF98421711C6CFA73D6720C455D92DAC
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\ConduitAutoCompleteSearch.xpt --a---- 166 bytes [10:56 22/01/2012] [11:47 11/01/2012] 806EA6CC4DCBF88A20AA3331BCDC9918
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin\conduit.xml --a---- 925 bytes [10:56 22/01/2012] [11:47 11/01/2012] EC559A6ABEC972452F52CFB3A2AA9F7E
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\components\ConduitAutoCompleteSearch.js --a---- 9181 bytes [18:38 08/07/2012] [08:38 05/07/2012] 6E6B7E00632DF1BA5A48D74E1B41ABE3
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\components\ConduitAutoCompleteSearch.xpt --a---- 166 bytes [18:38 08/07/2012] [08:38 05/07/2012] 806EA6CC4DCBF88A20AA3331BCDC9918
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\searchplugin\conduit.xml --a---- 925 bytes [18:38 08/07/2012] [08:38 05/07/2012] C8FF51E75F948A1CDA26BB32BA874D96
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\conduit.xml --a---- 925 bytes [11:17 30/06/2012] [13:38 27/06/2012] 2B398647E19F5F1D7404363B028AEDB5

    Searching for "*Game Booster*"
    No files found.

    Searching for "*Smart Defrag*"
    No files found.

    Searching for "*ZoneAlarm*"
    C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe --a---- 65832 bytes [08:20 04/08/2011] [08:20 04/08/2011] DA11D78D765E4B8FA4CFA5A37E8A94FF
    C:\ProgramData\CheckPoint\ZoneAlarm\Data\ZoneAlarm.xml ------- 818 bytes [19:19 28/11/2011] [10:39 06/05/2012] 39D8F6146B8D10EFE83B9555E1C48703
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Diagnostics Tool.lnk --a---- 1096 bytes [10:36 06/05/2012] [10:36 06/05/2012] 6C45A729F95E090DF54007F10D437C12
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Logs.lnk --a---- 730 bytes [10:36 06/05/2012] [10:36 06/05/2012] F4251299966AEFE8071AED631351A4B2
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Readme.lnk --a---- 897 bytes [10:36 06/05/2012] [10:36 06/05/2012] 96528DD91E46FAA64E221B0FB49EEE83
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk --a---- 890 bytes [10:36 06/05/2012] [10:36 06/05/2012] C5F5A25394AC57E2569B8044713D9D5E
    C:\Users\All Users\CheckPoint\ZoneAlarm\Data\ZoneAlarm.xml ------- 818 bytes [19:19 28/11/2011] [10:39 06/05/2012] 39D8F6146B8D10EFE83B9555E1C48703
    C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Diagnostics Tool.lnk --a---- 1096 bytes [10:36 06/05/2012] [10:36 06/05/2012] 6C45A729F95E090DF54007F10D437C12
    C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Logs.lnk --a---- 730 bytes [10:36 06/05/2012] [10:36 06/05/2012] F4251299966AEFE8071AED631351A4B2
    C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Readme.lnk --a---- 897 bytes [10:36 06/05/2012] [10:36 06/05/2012] 96528DD91E46FAA64E221B0FB49EEE83
    C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm\ZoneAlarm Security.lnk --a---- 890 bytes [10:36 06/05/2012] [10:36 06/05/2012] C5F5A25394AC57E2569B8044713D9D5E
    C:\Users\currys\AppData\Local\Conduit\CT2645238\ZoneAlarm_SecurityAutoUpdateHelper.exe --a---- 1811312 bytes [08:20 04/08/2011] [14:49 04/12/2011] 57D2E8FE20DE00388FE81556BCF644CB
    C:\Users\Public\Desktop\ZoneAlarm Security.lnk --a---- 639 bytes [10:36 06/05/2012] [10:36 06/05/2012] C1648C8C6336319085A9141E01ACAECA

    Searching for "*IObit*"
    C:\Users\currys\ntuser.dat.iobit --a---- 9523200 bytes [12:33 30/06/2012] [22:45 30/06/2012] 1D0372EABFAC26767EF61DCCCA1FFC8B
    C:\Users\currys\AppData\Local\Microsoft\Windows\UsrClass.dat.iobit --a---- 3227648 bytes [12:33 30/06/2012] [22:45 30/06/2012] 6FFE2FB9F66A1FEA3A3BB7740BDAC9A8
    C:\Users\currys\AppData\Roaming\Microsoft\Windows\Start Menu\IObit Freeware.url --a---- 136 bytes [10:36 22/04/2011] [10:36 22/04/2011] C6D38380E1C4930AB319F1AE2FAA183E
    C:\Users\currys\Favorites\Download IObit Freeware.url --a---- 103 bytes [21:29 30/11/2011] [17:03 23/06/2012] 1CC05D805C3A8DF2CFAE8C93767B051C
    C:\Windows\ServiceProfiles\LocalService\ntuser.dat.iobit --a---- 217088 bytes [12:33 30/06/2012] [22:45 30/06/2012] 868B125BEFA04EE8051B630D9F4EA789
    C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.iobit --a---- 299008 bytes [12:33 30/06/2012] [22:45 30/06/2012] EC874DF5AFF48B29502CFE627A1517A1
    C:\Windows\System32\config\components.iobit --a---- 38457344 bytes [12:33 30/06/2012] [22:45 30/06/2012] 7BAA4BD156BB98CC912DD8F2880F2D52
    C:\Windows\System32\config\default.iobit --a---- 368640 bytes [12:33 30/06/2012] [22:45 30/06/2012] 30D8542D89C12A639FF1C16B151D6016
    C:\Windows\System32\config\sam.iobit --a---- 57344 bytes [12:33 30/06/2012] [22:45 30/06/2012] D2E74A171FF1AB11469E58D1B3E239FB
    C:\Windows\System32\config\security.iobit --a---- 28672 bytes [12:33 30/06/2012] [22:45 30/06/2012] 2F89C09E34E462C24D074637B2481DC8
    C:\Windows\System32\config\software.iobit --a---- 60305408 bytes [12:33 30/06/2012] [22:45 30/06/2012] 8CFC42FC4609A640E48F5167FE1FFF0D
    C:\Windows\System32\config\system.iobit --a---- 30273536 bytes [12:33 30/06/2012] [22:45 30/06/2012] A419A4182724147C6C66092E24C23589
    C:\Windows\System32\SMI\Store\Machine\schema.dat.iobit --a---- 6684672 bytes [12:33 30/06/2012] [12:33 30/06/2012] EA8127E68CAA95AD8BF6FBB6C812A41B

    Searching for "*SmartDefragDriver*"
    No files found.

    Searching for "*goonsearch*"
    No files found.

    Searching for "*searchqu*"
    No files found.

    Searching for "*ask.com*"
    No files found.

    Searching for "*babylon*"
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Interface\TeamColor\FlagDECAL_Babylon.dds --a---- 22000 bytes [23:04 23/06/2011] [10:10 30/08/2007] 0466FF1DB856D50C32001C8C75F1949B
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden.nif --a---- 23440 bytes [23:04 23/06/2011] [10:10 30/08/2007] 84EA0F128622D2D39726401DDC933BD2
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden_DIFF.dds --a---- 22000 bytes [23:04 23/06/2011] [10:10 30/08/2007] 8954B466D0733394596A51E1AC0B2485
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden_environment_land.dds --a---- 11064 bytes [23:04 23/06/2011] [10:10 30/08/2007] 1490E93FC1320D3A1A243DF1E4A7992B
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden_GLOSS.dds --a---- 11064 bytes [23:04 23/06/2011] [10:10 30/08/2007] 6845CA4D70551666125B29CA51737961
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden\Babylonian_Garden_SHADOW.dds --a---- 22000 bytes [23:04 23/06/2011] [10:10 30/08/2007] 3F17EC09D414B99D44512C6EA3854569
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Chariot_Middle_East\Babylon_Worker_128.dds --a---- 22000 bytes [23:05 23/06/2011] [10:11 30/08/2007] 4D1F64D67E927B46807BBFC34DB1E6FB
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Chariot_Middle_East\Babylon_Worker_128_Gloss.dds --a---- 2176 bytes [23:05 23/06/2011] [10:11 30/08/2007] 80E538C24E1DB96718B6CB3B18C02E0D
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Chariot_Middle_East\Unique_Babylon_Bowman_128.dds --a---- 21632 bytes [23:05 23/06/2011] [10:11 30/08/2007] F8B55C7CB510D19B0AA88525BB7963E1
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Chariot_Middle_East\Unique_Babylon_Bowman_128_Gloss.dds --a---- 8320 bytes [23:05 23/06/2011] [10:11 30/08/2007] EDBD395C8F46702DC743D6D7BA86B141
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman.kfm --a---- 1666 bytes [23:05 23/06/2011] [10:11 30/08/2007] 48E626DDD29490506662AFD0760343D6
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman.nif --a---- 68498 bytes [23:05 23/06/2011] [10:11 30/08/2007] AFE137FFAA5C582BE913089B2EA8928B
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_128.dds --a---- 22000 bytes [23:05 23/06/2011] [10:11 30/08/2007] F196A9D394634AC567F6E98A47E9B0D4
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_128_Gloss.dds --a---- 22000 bytes [23:05 23/06/2011] [10:11 30/08/2007] C030C9FC3FAAA45DE9491ECD618AC9C5
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_Arrow_64.dds --a---- 1552 bytes [23:05 23/06/2011] [10:11 30/08/2007] 03C00006AA1A836D4C98492D144526B1
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_freeze0000.nif --a---- 25712 bytes [23:05 23/06/2011] [10:11 30/08/2007] 441A5DB363F65DD22DFA99167CC8B38B
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_freeze0001.nif --a---- 25712 bytes [23:05 23/06/2011] [10:11 30/08/2007] B686864DCAB6CCF2AF0DA13C217CF13A
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_freeze1000.nif --a---- 25712 bytes [23:05 23/06/2011] [10:11 30/08/2007] 4919C8A8C90EC8497B01FD46562DFEEE
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_freeze1031.nif --a---- 25712 bytes [23:05 23/06/2011] [10:11 30/08/2007] AC2B5170545050D651958A34F0E00D66
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Fidget.kf --a---- 23339 bytes [23:05 23/06/2011] [10:11 30/08/2007] 28B69B65CD7C9122430323B44F0F75B4
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Heal.kf --a---- 7697 bytes [23:05 23/06/2011] [10:11 30/08/2007] 76E008140D29B57F696BFC482611A200
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Idle.kf --a---- 22161 bytes [23:05 23/06/2011] [10:11 30/08/2007] 4C5CC447131B76CA953CA792F1E8EE3D
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_RangedDieA.kf --a---- 10382 bytes [23:05 23/06/2011] [10:11 30/08/2007] DD7001DC3A06AC173D4853B6B1FBDB4C
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_RangedDieA_Fade.kf --a---- 4549 bytes [23:05 23/06/2011] [10:11 30/08/2007] 069FD82764E81B2F3EFDD0B2DA090B1B
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_RangedDieB.kf --a---- 13151 bytes [23:05 23/06/2011] [10:11 30/08/2007] C38EF6C2EAB9CE273A60A9ABB8B495B2
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_RangedDieB_Fade.kf --a---- 4485 bytes [23:05 23/06/2011] [10:11 30/08/2007] 268147B8ED9ED217C9BA2769D353C5CC
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_RangedFortify.kf --a---- 7483 bytes [23:05 23/06/2011] [10:11 30/08/2007] EE56769D3C135458C1D03E503D71ED1A
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_RangedStrike.kf --a---- 8955 bytes [23:05 23/06/2011] [10:11 30/08/2007] 92DC2FFB60F5473CF26AC2BE1BCCD879
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Ranged_Idle.kf --a---- 18352 bytes [23:05 23/06/2011] [10:11 30/08/2007] 57A1F691C6E160955D6E6574CDB4B59D
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_Run.kf --a---- 7414 bytes [23:05 23/06/2011] [10:11 30/08/2007] 6A493D2418C261AF47B4634834C292F5
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_XFadeIn.kf --a---- 898 bytes [23:05 23/06/2011] [10:11 30/08/2007] 01C417DD3534CD07AFF1F3C5B08446A9
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Longbowman_Middle_East\Unique_Babylon_Bowman_MD_XFadeOut.kf --a---- 853 bytes [23:05 23/06/2011] [10:11 30/08/2007] 6EF958AE973CFC6F314F821BAD68FAF4
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman.kfm --a---- 1666 bytes [23:05 23/06/2011] [10:12 30/08/2007] 48E626DDD29490506662AFD0760343D6
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman.nif --a---- 72531 bytes [23:06 23/06/2011] [10:12 30/08/2007] 4A6BDC53713CA9E7C2F8E93413BFD4B3
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_128.dds --a---- 22000 bytes [23:05 23/06/2011] [10:12 30/08/2007] F196A9D394634AC567F6E98A47E9B0D4
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_128_Gloss.dds --a---- 22000 bytes [23:05 23/06/2011] [10:12 30/08/2007] C030C9FC3FAAA45DE9491ECD618AC9C5
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_Arrow_64.dds --a---- 1552 bytes [23:05 23/06/2011] [10:12 30/08/2007] 03C00006AA1A836D4C98492D144526B1
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_freeze0000.nif --a---- 27083 bytes [23:06 23/06/2011] [10:12 30/08/2007] 13DB9B2278E9B071E9ED090D2740590E
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_freeze0001.nif --a---- 27083 bytes [23:06 23/06/2011] [10:12 30/08/2007] 6EEF07A834F5573B3017BB18B2131C93
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_freeze1000.nif --a---- 26943 bytes [23:06 23/06/2011] [10:12 30/08/2007] BAD065C4A30DB4EB2AF36D861B942723
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_freeze1031.nif --a---- 27083 bytes [23:06 23/06/2011] [10:12 30/08/2007] B8F95BFAA31D28B809439068A752349D
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_FX.nif --a---- 70653 bytes [23:06 23/06/2011] [10:12 30/08/2007] 9BD68B1924165A2DBED74D2F8759D79A
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Fidget.kf --a---- 23339 bytes [23:05 23/06/2011] [10:12 30/08/2007] 28B69B65CD7C9122430323B44F0F75B4
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Heal.kf --a---- 7697 bytes [23:05 23/06/2011] [10:12 30/08/2007] 76E008140D29B57F696BFC482611A200
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Idle.kf --a---- 22161 bytes [23:05 23/06/2011] [10:12 30/08/2007] 4C5CC447131B76CA953CA792F1E8EE3D
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_RangedDieA.kf --a---- 10382 bytes [23:05 23/06/2011] [10:12 30/08/2007] DD7001DC3A06AC173D4853B6B1FBDB4C
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_RangedDieA_Fade.kf --a---- 4549 bytes [23:05 23/06/2011] [10:12 30/08/2007] 069FD82764E81B2F3EFDD0B2DA090B1B
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_RangedDieB.kf --a---- 13151 bytes [23:05 23/06/2011] [10:12 30/08/2007] C38EF6C2EAB9CE273A60A9ABB8B495B2
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_RangedDieB_Fade.kf --a---- 4485 bytes [23:05 23/06/2011] [10:12 30/08/2007] 268147B8ED9ED217C9BA2769D353C5CC
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_RangedFortify.kf --a---- 7483 bytes [23:05 23/06/2011] [10:12 30/08/2007] EE56769D3C135458C1D03E503D71ED1A
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_RangedStrike.kf --a---- 8955 bytes [23:05 23/06/2011] [10:12 30/08/2007] 92DC2FFB60F5473CF26AC2BE1BCCD879
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Ranged_Idle.kf --a---- 18352 bytes [23:05 23/06/2011] [10:12 30/08/2007] 57A1F691C6E160955D6E6574CDB4B59D
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_Run.kf --a---- 7414 bytes [23:05 23/06/2011] [10:12 30/08/2007] 6A493D2418C261AF47B4634834C292F5
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_XFadeIn.kf --a---- 898 bytes [23:05 23/06/2011] [10:12 30/08/2007] 01C417DD3534CD07AFF1F3C5B08446A9
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman\Unique_Babylon_Bowman_MD_XFadeOut.kf --a---- 853 bytes [23:05 23/06/2011] [10:12 30/08/2007] 6EF958AE973CFC6F314F821BAD68FAF4
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Worker_Middle_East\Unique_Babylon_Bowman_128.dds --a---- 22000 bytes [23:06 23/06/2011] [10:12 30/08/2007] 0C6DCA2D24794766863B44F0260B26C2
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Worker_Middle_East\Unique_Babylon_Bowman_128_Gloss.dds --a---- 8320 bytes [23:05 23/06/2011] [10:12 30/08/2007] 7A4F186050CA1F1A4DE4C146FD90739D
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-000.wav --a---- 12736 bytes [23:07 23/06/2011] [10:12 30/08/2007] 92728529BB97C219031852BB60484C9F
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-001.wav --a---- 6704 bytes [23:07 23/06/2011] [10:12 30/08/2007] A9E6E840570726C363DE140F528F87B4
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-002.wav --a---- 7536 bytes [23:07 23/06/2011] [10:12 30/08/2007] B1C183E9EA60DDFC0E72D7C6FB247EF1
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-003.wav --a---- 10580 bytes [23:07 23/06/2011] [10:12 30/08/2007] AABEE294F2069A5BAA3DD33F9461F3D9
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-004.wav --a---- 15912 bytes [23:07 23/06/2011] [10:12 30/08/2007] CB61DD9D340EBD5F0748C6F3943EB425
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-005.wav --a---- 12520 bytes [23:07 23/06/2011] [10:12 30/08/2007] 0701B1DD21982E382C76E4494EB475AC
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-006.wav --a---- 9084 bytes [23:07 23/06/2011] [10:12 30/08/2007] 151E015E40482CCDCE66A12DCA2BD001
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-007.wav --a---- 16392 bytes [23:07 23/06/2011] [10:12 30/08/2007] 4B1ED3B134662EA2AA402460E80D3E92
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-008.wav --a---- 10360 bytes [23:07 23/06/2011] [10:12 30/08/2007] 360B84ED0FA0CECD1B9F1CA5314797AD
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonOrder-009.wav --a---- 27340 bytes [23:07 23/06/2011] [10:12 30/08/2007] DBB7198D771893E5DDDDFB5960B65616
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-000.wav --a---- 20540 bytes [23:07 23/06/2011] [10:12 30/08/2007] D542B96A0769D4C018083FA6802D3903
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-001.wav --a---- 10056 bytes [23:07 23/06/2011] [10:12 30/08/2007] A320BF2015DBED0D40816F18E284C3D2
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-002.wav --a---- 10028 bytes [23:07 23/06/2011] [10:12 30/08/2007] 1681C8721902D408F1F4B01591E8A24A
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-003.wav --a---- 18880 bytes [23:07 23/06/2011] [10:12 30/08/2007] 231ACE0AE12AAB3D1EDF813A0030DA11
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-004.wav --a---- 14676 bytes [23:07 23/06/2011] [10:12 30/08/2007] BA6D5EB9F10B969192638E1B6E753E1E
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-005.wav --a---- 11796 bytes [23:07 23/06/2011] [10:12 30/08/2007] 8C6E482C826FB1D19166C8879F1CD2E2
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-006.wav --a---- 6704 bytes [23:07 23/06/2011] [10:12 30/08/2007] A8236C5788E66926692390B864E7AFC8
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-007.wav --a---- 9224 bytes [23:07 23/06/2011] [10:12 30/08/2007] 4C1C5174F844172DA2DD74740AC50706
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-008.wav --a---- 15036 bytes [23:07 23/06/2011] [10:12 30/08/2007] 8CD2906B92FB7C9AFD7453F771B10080
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Sounds\Units\BabylonSelect-009.wav --a---- 27340 bytes [23:07 23/06/2011] [10:12 30/08/2007] C992650800600179D8ABF505BC6A0A54
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Mods\Rhye's and Fall of Civilization\Assets\Art\Interface\Buttons\civilizations\babylonia.dds --a---- 5616 bytes [23:12 23/06/2011] [10:16 30/08/2007] 7845B9023D4844A2E6F10C00E6B202F3
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Mods\Rhye's and Fall of Civilization\Assets\XML\Text\Babylon_TextInfos_Objects.xml --a---- 6812 bytes [23:12 23/06/2011] [03:00 11/09/2007] F1C436931E15BBE5485BA6727994A531
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] D3DC0CDCA8224147A94CCAE3B7892846
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar1.zip --a---- 731 bytes [21:05 28/01/2012] [21:05 28/01/2012] 55D99B78EFC6DB4D2A4A80A796042744
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar10.zip --a---- 637 bytes [21:05 28/01/2012] [21:05 28/01/2012] B694C5EC1F5D31E805D270E2CC418368
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar11.zip --a---- 596 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0493E7326155521EC71A032CDF455AE8
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar12.zip --a---- 653 bytes [21:05 28/01/2012] [21:05 28/01/2012] 2015BB3E0A9E1DFBF2758AD205BBC69D
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar13.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8D47462367FE1A5A019B8058D096F7F1
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar14.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] FC4DFD06C51D1D69BE4B2C32D62B57B3
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar15.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] 115DD6C6303EAE99B1E98641FD12E7FB
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar16.zip --a---- 539 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7629511B6A5606A55E5C178D894F7286
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar17.zip --a---- 542 bytes [21:05 28/01/2012] [21:05 28/01/2012] 6AD2268095B8587CA2F3F37DAD68963C
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar18.zip --a---- 636 bytes [21:05 28/01/2012] [21:05 28/01/2012] 72C06B6E2A5DD503FED0C160C220AE1D
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar19.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7C696ED9B56D75DBD8B8F5817298DB0F
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar2.zip --a---- 1042921 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8DC86B72A2D123D6790FDB86244BDAD0
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar20.zip --a---- 649 bytes [21:05 28/01/2012] [21:05 28/01/2012] B747E0A686BCF36D38F612CB965A6111
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar21.zip --a---- 589 bytes [21:05 28/01/2012] [21:05 28/01/2012] 283B59784459743F8CCCE13E9E5066FB
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar22.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0EC6C8FDBB230B372DFCCDAD7DD1BE38
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar23.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] 986EC5513790477C8903972D5F4A559F
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar24.zip --a---- 630 bytes [21:05 28/01/2012] [21:05 28/01/2012] D9B13AFFDCAB4195A578BD1597051A65
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar25.zip --a---- 540 bytes [21:05 28/01/2012] [21:05 28/01/2012] 26A887B5BA795EC574C92D2D83DE86EE
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar26.zip --a---- 544 bytes [21:05 28/01/2012] [21:05 28/01/2012] B3702E754EFAE23BE41E5A69589B1D4E
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar27.zip --a---- 640 bytes [21:05 28/01/2012] [21:05 28/01/2012] DF9EB44D9E3525BF8EC08C9D2A313F0F
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar28.zip --a---- 597 bytes [21:05 28/01/2012] [21:05 28/01/2012] 41CE6C052314F7C19CF595C715FF4E31
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar29.zip --a---- 652 bytes [21:05 28/01/2012] [21:05 28/01/2012] 451181CB3C05AF1329F62C82899CC725
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar3.zip --a---- 1042924 bytes [21:05 28/01/2012] [21:05 28/01/2012] 51ED3BB804F7960E97F02ED6510396BA
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar30.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0044525E226A58650C2CF2E12F07ED73
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar31.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7BC1BE427F2DE5C3D54E2D0E74916E02
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar32.zip --a---- 541 bytes [21:05 28/01/2012] [21:05 28/01/2012] 20EA9C4647FFFE3F06977592FE7594B5
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar33.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] C377570215A586FC337B61B349E86432
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar34.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] 992124D079B637F6E42BC327690D6E3A
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar35.zip --a---- 645 bytes [21:05 28/01/2012] [21:05 28/01/2012] 56CEB9FAD4A193B4BEAF242C5A73E5A9
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar36.zip --a---- 705 bytes [21:05 28/01/2012] [21:05 28/01/2012] C954ACC9399324A114659B053B66B3AF
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar37.zip --a---- 598 bytes [21:05 28/01/2012] [21:05 28/01/2012] 2C6618AEE36F2EFF91C00F89877CAFA4
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar38.zip --a---- 645 bytes [21:05 28/01/2012] [21:05 28/01/2012] 56502D505E8AC91EDCBCEE1F0D7ECF00
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar39.zip --a---- 739 bytes [21:05 28/01/2012] [21:05 28/01/2012] 1C454E06963E4687B91E069EE682A7DE
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar4.zip --a---- 1042931 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7F47394F0CBEC3C7968ADEB086023EAF
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar40.zip --a---- 595 bytes [21:05 28/01/2012] [21:05 28/01/2012] F2EBD73F2ACA19AEBBC2B896F30BE223
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar41.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0AD2A3992C3551E617A05645921D58DE
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar42.zip --a---- 611 bytes [21:05 28/01/2012] [21:05 28/01/2012] A13C99E78F5FCEB76B6A3F168C6432CE
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar43.zip --a---- 612 bytes [21:05 28/01/2012] [21:05 28/01/2012] 3E282072ECFAAF9AA8B8A7C6FA8587B7
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar44.zip --a---- 538 bytes [21:05 28/01/2012] [21:05 28/01/2012] 464819912452D10CA3555F789E75E0F3
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar45.zip --a---- 547 bytes [21:05 28/01/2012] [21:05 28/01/2012] E96CE1A24F15828F007C83F5EF1390FE
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar46.zip --a---- 550 bytes [21:05 28/01/2012] [21:05 28/01/2012] 21ADB1647F0CF8FA47DE8530C03A0698
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar47.zip --a---- 637 bytes [21:05 28/01/2012] [21:05 28/01/2012] 46ED61937BC07EA5FEC430A657B5DDF2
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar48.zip --a---- 597 bytes [21:05 28/01/2012] [21:05 28/01/2012] 72F38657769AA8587DC6716F1C78F09C
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar49.zip --a---- 647 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7D0A9FFBF374673DBA2217519128F550
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar5.zip --a---- 124705 bytes [21:05 28/01/2012] [21:05 28/01/2012] B3E37A19D52E4DBF30BA67E45FEABF6F
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar50.zip --a---- 594 bytes [21:05 28/01/2012] [21:05 28/01/2012] F0F9C25AA6EF515DC43549055F9809C7
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar51.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 900BC9761928D2A81616025DABB5D2A0
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar52.zip --a---- 568 bytes [21:05 28/01/2012] [21:05 28/01/2012] AA4AED7EC5568F2E04501E420CB7EEA6
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar53.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 4508D720BC5918E6B84A54D7DDF93E7C
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar54.zip --a---- 569 bytes [21:05 28/01/2012] [21:05 28/01/2012] C3880E8B2B5AFD7D805B4B2A80E4CD4A
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar55.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 9525B801F0FE3390C8F3E4377CD6A048
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar56.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 52CF42534D72EE8B631EA30AE6D63D09
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar57.zip --a---- 568 bytes [21:05 28/01/2012] [21:05 28/01/2012] C478E4D5683FA0F443E300A062CF89B5
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar58.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8DC8DEA75A4C2B752BCCCF06B440E586
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar59.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 67F00AA272D03CD870E118021606800E
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar6.zip --a---- 683 bytes [21:05 28/01/2012] [21:05 28/01/2012] 31E17DE5B3303D7753FE8D2C9844BA7B
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar60.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 17F128C548A1EF046DC0CF903A9F8818
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar61.zip --a---- 550 bytes [21:05 28/01/2012] [21:05 28/01/2012] 5C72BBE1949D3F8E686A01CCD5509FDC
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar62.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 533F4E71A8AB798BCEE6C0B5CABD3364
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar63.zip --a---- 500 bytes [21:05 28/01/2012] [21:05 28/01/2012] BCDAACE8985469652F807F2730CFE920
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar64.zip --a---- 309 bytes [11:30 13/03/2012] [11:30 13/03/2012] 74AC79AF159148988F45543AAFEF2B77
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar65.zip --a---- 1625 bytes [11:30 13/03/2012] [11:30 13/03/2012] EA5E1F4021BA154FE05C1F77C9A9CD24
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar66.zip --a---- 3372005 bytes [11:30 13/03/2012] [11:30 13/03/2012] B605FD1F55FBF40BB13862C04767121B
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar67.zip --a---- 492 bytes [11:30 13/03/2012] [11:30 13/03/2012] A489C7F88E3AAA7A825D0ED432734BD4
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar68.zip --a---- 550 bytes [00:40 04/06/2012] [00:40 04/06/2012] 41105D21A058E743D81865FA8C858D24
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar69.zip --a---- 551 bytes [00:40 04/06/2012] [00:40 04/06/2012] 2B47F8E41617B11358901B25089D1685
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar7.zip --a---- 638 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7A4A816A8CC2FA266696863CCA19EE21
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip --a---- 541 bytes [00:40 04/06/2012] [00:40 04/06/2012] 9F6E5B96FD21370A9F3A08B2CB0C465A
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar71.zip --a---- 544 bytes [00:40 04/06/2012] [00:40 04/06/2012] DD2B4234CEBBC0D5E96FB76563D10F3D
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar72.zip --a---- 642 bytes [00:40 04/06/2012] [00:40 04/06/2012] 5AEB1E9162061301E9ABFF18C26F8260
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar73.zip --a---- 597 bytes [00:40 04/06/2012] [00:40 04/06/2012] 96FE5AE3E353F25548EAF7A73CBCF048
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar74.zip --a---- 644 bytes [00:40 04/06/2012] [00:40 04/06/2012] EEC7B22B065CAEAA300C86FF0252306B
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar75.zip --a---- 593 bytes [00:40 04/06/2012] [00:40 04/06/2012] 493014707682518C91872232F89E5F7C
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar76.zip --a---- 551 bytes [23:09 19/06/2012] [23:09 19/06/2012] 45263984673EE387036B93CFA546183A
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar77.zip --a---- 552 bytes [23:09 19/06/2012] [23:09 19/06/2012] C729741C0423CC1D3CB3745A580A4D5A
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar78.zip --a---- 540 bytes [23:09 19/06/2012] [23:09 19/06/2012] 802649ED579950E9A76F18532EA859D9
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar79.zip --a---- 544 bytes [23:09 19/06/2012] [23:09 19/06/2012] 8DD013D237C55765FD42719BA85C8B30
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar8.zip --a---- 542 bytes [21:05 28/01/2012] [21:05 28/01/2012] 9CD6D0129DAC4E482029F24FE0F657C4
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar80.zip --a---- 642 bytes [23:09 19/06/2012] [23:09 19/06/2012] 19280CED1D8390990A175AC2807239A7
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar81.zip --a---- 597 bytes [23:09 19/06/2012] [23:09 19/06/2012] 2F2699993F08F9179940C6F1A9271FFE
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar82.zip --a---- 644 bytes [23:09 19/06/2012] [23:09 19/06/2012] AE3FB0A40D9CE43CA35088D2273637C1
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar83.zip --a---- 592 bytes [23:09 19/06/2012] [23:09 19/06/2012] D0F8B741F9FB35401C67240D9704B80E
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar84.zip --a---- 597 bytes [23:09 19/06/2012] [23:09 19/06/2012] F3862BCAA9B75AF71A1FD497B2B4E608
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar85.zip --a---- 644 bytes [23:09 19/06/2012] [23:09 19/06/2012] 2D2E33FD03A7E4EC90E24A2AF58AC523
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar86.zip --a---- 592 bytes [23:09 19/06/2012] [23:09 19/06/2012] 74CBD93A747D09B56D9F20371AB857B9
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar87.zip --a---- 551 bytes [10:57 30/06/2012] [10:57 30/06/2012] 565D8B04EA9466D3D12BC4B7EBB24028
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar88.zip --a---- 551 bytes [10:57 30/06/2012] [10:57 30/06/2012] 624296A1F4231EA88A098EF8BFB3251B
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar89.zip --a---- 541 bytes [10:57 30/06/2012] [10:57 30/06/2012] 506A655027E77E16A34F525425DB6374
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar9.zip --a---- 545 bytes [21:05 28/01/2012] [21:05 28/01/2012] 1FC9828EE4B72A352CD9A96B7A9BF438
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar90.zip --a---- 544 bytes [10:57 30/06/2012] [10:57 30/06/2012] DA1AFAD33FB3B05EA599AD0E523DFD18
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar91.zip --a---- 642 bytes [10:57 30/06/2012] [10:57 30/06/2012] 0011DDB235C6BF70E98EF05F136EA85C
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar92.zip --a---- 597 bytes [10:57 30/06/2012] [10:57 30/06/2012] EE214072C589ED5DCF5279220B5B4C83
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar93.zip --a---- 644 bytes [10:57 30/06/2012] [10:57 30/06/2012] 83FE2DE1BE9059667734CA75F918E378
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar94.zip --a---- 593 bytes [10:57 30/06/2012] [10:57 30/06/2012] 0EAC9E6BDA732F6B6A284175095088A6
    C:\Qoobox\Quarantine\C\Program Files\file2linkib\chrome\skin\babylon_logo.png.vir --a---- 3577 bytes [13:51 25/10/2011] [13:51 25/10/2011] 30FF3A31EDC0442F934F703C26B9F572
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] D3DC0CDCA8224147A94CCAE3B7892846
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar1.zip --a---- 731 bytes [21:05 28/01/2012] [21:05 28/01/2012] 55D99B78EFC6DB4D2A4A80A796042744
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar10.zip --a---- 637 bytes [21:05 28/01/2012] [21:05 28/01/2012] B694C5EC1F5D31E805D270E2CC418368
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar11.zip --a---- 596 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0493E7326155521EC71A032CDF455AE8
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar12.zip --a---- 653 bytes [21:05 28/01/2012] [21:05 28/01/2012] 2015BB3E0A9E1DFBF2758AD205BBC69D
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar13.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8D47462367FE1A5A019B8058D096F7F1
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar14.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] FC4DFD06C51D1D69BE4B2C32D62B57B3
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar15.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] 115DD6C6303EAE99B1E98641FD12E7FB
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar16.zip --a---- 539 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7629511B6A5606A55E5C178D894F7286
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar17.zip --a---- 542 bytes [21:05 28/01/2012] [21:05 28/01/2012] 6AD2268095B8587CA2F3F37DAD68963C
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar18.zip --a---- 636 bytes [21:05 28/01/2012] [21:05 28/01/2012] 72C06B6E2A5DD503FED0C160C220AE1D
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar19.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7C696ED9B56D75DBD8B8F5817298DB0F
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar2.zip --a---- 1042921 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8DC86B72A2D123D6790FDB86244BDAD0
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar20.zip --a---- 649 bytes [21:05 28/01/2012] [21:05 28/01/2012] B747E0A686BCF36D38F612CB965A6111
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar21.zip --a---- 589 bytes [21:05 28/01/2012] [21:05 28/01/2012] 283B59784459743F8CCCE13E9E5066FB
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar22.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0EC6C8FDBB230B372DFCCDAD7DD1BE38
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar23.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] 986EC5513790477C8903972D5F4A559F
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar24.zip --a---- 630 bytes [21:05 28/01/2012] [21:05 28/01/2012] D9B13AFFDCAB4195A578BD1597051A65
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar25.zip --a---- 540 bytes [21:05 28/01/2012] [21:05 28/01/2012] 26A887B5BA795EC574C92D2D83DE86EE
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar26.zip --a---- 544 bytes [21:05 28/01/2012] [21:05 28/01/2012] B3702E754EFAE23BE41E5A69589B1D4E
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar27.zip --a---- 640 bytes [21:05 28/01/2012] [21:05 28/01/2012] DF9EB44D9E3525BF8EC08C9D2A313F0F
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar28.zip --a---- 597 bytes [21:05 28/01/2012] [21:05 28/01/2012] 41CE6C052314F7C19CF595C715FF4E31
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar29.zip --a---- 652 bytes [21:05 28/01/2012] [21:05 28/01/2012] 451181CB3C05AF1329F62C82899CC725
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar3.zip --a---- 1042924 bytes [21:05 28/01/2012] [21:05 28/01/2012] 51ED3BB804F7960E97F02ED6510396BA
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar30.zip --a---- 592 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0044525E226A58650C2CF2E12F07ED73
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar31.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7BC1BE427F2DE5C3D54E2D0E74916E02
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar32.zip --a---- 541 bytes [21:05 28/01/2012] [21:05 28/01/2012] 20EA9C4647FFFE3F06977592FE7594B5
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar33.zip --a---- 548 bytes [21:05 28/01/2012] [21:05 28/01/2012] C377570215A586FC337B61B349E86432
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar34.zip --a---- 551 bytes [21:05 28/01/2012] [21:05 28/01/2012] 992124D079B637F6E42BC327690D6E3A
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar35.zip --a---- 645 bytes [21:05 28/01/2012] [21:05 28/01/2012] 56CEB9FAD4A193B4BEAF242C5A73E5A9
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar36.zip --a---- 705 bytes [21:05 28/01/2012] [21:05 28/01/2012] C954ACC9399324A114659B053B66B3AF
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar37.zip --a---- 598 bytes [21:05 28/01/2012] [21:05 28/01/2012] 2C6618AEE36F2EFF91C00F89877CAFA4
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar38.zip --a---- 645 bytes [21:05 28/01/2012] [21:05 28/01/2012] 56502D505E8AC91EDCBCEE1F0D7ECF00
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar39.zip --a---- 739 bytes [21:05 28/01/2012] [21:05 28/01/2012] 1C454E06963E4687B91E069EE682A7DE
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar4.zip --a---- 1042931 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7F47394F0CBEC3C7968ADEB086023EAF
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar40.zip --a---- 595 bytes [21:05 28/01/2012] [21:05 28/01/2012] F2EBD73F2ACA19AEBBC2B896F30BE223
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar41.zip --a---- 549 bytes [21:05 28/01/2012] [21:05 28/01/2012] 0AD2A3992C3551E617A05645921D58DE
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar42.zip --a---- 611 bytes [21:05 28/01/2012] [21:05 28/01/2012] A13C99E78F5FCEB76B6A3F168C6432CE
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar43.zip --a---- 612 bytes [21:05 28/01/2012] [21:05 28/01/2012] 3E282072ECFAAF9AA8B8A7C6FA8587B7
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar44.zip --a---- 538 bytes [21:05 28/01/2012] [21:05 28/01/2012] 464819912452D10CA3555F789E75E0F3
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar45.zip --a---- 547 bytes [21:05 28/01/2012] [21:05 28/01/2012] E96CE1A24F15828F007C83F5EF1390FE
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar46.zip --a---- 550 bytes [21:05 28/01/2012] [21:05 28/01/2012] 21ADB1647F0CF8FA47DE8530C03A0698
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar47.zip --a---- 637 bytes [21:05 28/01/2012] [21:05 28/01/2012] 46ED61937BC07EA5FEC430A657B5DDF2
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar48.zip --a---- 597 bytes [21:05 28/01/2012] [21:05 28/01/2012] 72F38657769AA8587DC6716F1C78F09C
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar49.zip --a---- 647 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7D0A9FFBF374673DBA2217519128F550
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar5.zip --a---- 124705 bytes [21:05 28/01/2012] [21:05 28/01/2012] B3E37A19D52E4DBF30BA67E45FEABF6F
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar50.zip --a---- 594 bytes [21:05 28/01/2012] [21:05 28/01/2012] F0F9C25AA6EF515DC43549055F9809C7
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar51.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 900BC9761928D2A81616025DABB5D2A0
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar52.zip --a---- 568 bytes [21:05 28/01/2012] [21:05 28/01/2012] AA4AED7EC5568F2E04501E420CB7EEA6
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar53.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 4508D720BC5918E6B84A54D7DDF93E7C
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar54.zip --a---- 569 bytes [21:05 28/01/2012] [21:05 28/01/2012] C3880E8B2B5AFD7D805B4B2A80E4CD4A
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar55.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 9525B801F0FE3390C8F3E4377CD6A048
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar56.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 52CF42534D72EE8B631EA30AE6D63D09
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar57.zip --a---- 568 bytes [21:05 28/01/2012] [21:05 28/01/2012] C478E4D5683FA0F443E300A062CF89B5
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar58.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 8DC8DEA75A4C2B752BCCCF06B440E586
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar59.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 67F00AA272D03CD870E118021606800E
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar6.zip --a---- 683 bytes [21:05 28/01/2012] [21:05 28/01/2012] 31E17DE5B3303D7753FE8D2C9844BA7B
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar60.zip --a---- 567 bytes [21:05 28/01/2012] [21:05 28/01/2012] 17F128C548A1EF046DC0CF903A9F8818
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar61.zip --a---- 550 bytes [21:05 28/01/2012] [21:05 28/01/2012] 5C72BBE1949D3F8E686A01CCD5509FDC
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar62.zip --a---- 566 bytes [21:05 28/01/2012] [21:05 28/01/2012] 533F4E71A8AB798BCEE6C0B5CABD3364
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar63.zip --a---- 500 bytes [21:05 28/01/2012] [21:05 28/01/2012] BCDAACE8985469652F807F2730CFE920
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar64.zip --a---- 309 bytes [11:30 13/03/2012] [11:30 13/03/2012] 74AC79AF159148988F45543AAFEF2B77
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar65.zip --a---- 1625 bytes [11:30 13/03/2012] [11:30 13/03/2012] EA5E1F4021BA154FE05C1F77C9A9CD24
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar66.zip --a---- 3372005 bytes [11:30 13/03/2012] [11:30 13/03/2012] B605FD1F55FBF40BB13862C04767121B
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar67.zip --a---- 492 bytes [11:30 13/03/2012] [11:30 13/03/2012] A489C7F88E3AAA7A825D0ED432734BD4
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar68.zip --a---- 550 bytes [00:40 04/06/2012] [00:40 04/06/2012] 41105D21A058E743D81865FA8C858D24
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar69.zip --a---- 551 bytes [00:40 04/06/2012] [00:40 04/06/2012] 2B47F8E41617B11358901B25089D1685
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar7.zip --a---- 638 bytes [21:05 28/01/2012] [21:05 28/01/2012] 7A4A816A8CC2FA266696863CCA19EE21
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar70.zip --a---- 541 bytes [00:40 04/06/2012] [00:40 04/06/2012] 9F6E5B96FD21370A9F3A08B2CB0C465A
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar71.zip --a---- 544 bytes [00:40 04/06/2012] [00:40 04/06/2012] DD2B4234CEBBC0D5E96FB76563D10F3D
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar72.zip --a---- 642 bytes [00:40 04/06/2012] [00:40 04/06/2012] 5AEB1E9162061301E9ABFF18C26F8260
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar73.zip --a---- 597 bytes [00:40 04/06/2012] [00:40 04/06/2012] 96FE5AE3E353F25548EAF7A73CBCF048
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar74.zip --a---- 644 bytes [00:40 04/06/2012] [00:40 04/06/2012] EEC7B22B065CAEAA300C86FF0252306B
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar75.zip --a---- 593 bytes [00:40 04/06/2012] [00:40 04/06/2012] 493014707682518C91872232F89E5F7C
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar76.zip --a---- 551 bytes [23:09 19/06/2012] [23:09 19/06/2012] 45263984673EE387036B93CFA546183A
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar77.zip --a---- 552 bytes [23:09 19/06/2012] [23:09 19/06/2012] C729741C0423CC1D3CB3745A580A4D5A
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar78.zip --a---- 540 bytes [23:09 19/06/2012] [23:09 19/06/2012] 802649ED579950E9A76F18532EA859D9
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar79.zip --a---- 544 bytes [23:09 19/06/2012] [23:09 19/06/2012] 8DD013D237C55765FD42719BA85C8B30
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar8.zip --a---- 542 bytes [21:05 28/01/2012] [21:05 28/01/2012] 9CD6D0129DAC4E482029F24FE0F657C4
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar80.zip --a---- 642 bytes [23:09 19/06/2012] [23:09 19/06/2012] 19280CED1D8390990A175AC2807239A7
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar81.zip --a---- 597 bytes [23:09 19/06/2012] [23:09 19/06/2012] 2F2699993F08F9179940C6F1A9271FFE
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar82.zip --a---- 644 bytes [23:09 19/06/2012] [23:09 19/06/2012] AE3FB0A40D9CE43CA35088D2273637C1
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar83.zip --a---- 592 bytes [23:09 19/06/2012] [23:09 19/06/2012] D0F8B741F9FB35401C67240D9704B80E
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar84.zip --a---- 597 bytes [23:09 19/06/2012] [23:09 19/06/2012] F3862BCAA9B75AF71A1FD497B2B4E608
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar85.zip --a---- 644 bytes [23:09 19/06/2012] [23:09 19/06/2012] 2D2E33FD03A7E4EC90E24A2AF58AC523
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar86.zip --a---- 592 bytes [23:09 19/06/2012] [23:09 19/06/2012] 74CBD93A747D09B56D9F20371AB857B9
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar87.zip --a---- 551 bytes [10:57 30/06/2012] [10:57 30/06/2012] 565D8B04EA9466D3D12BC4B7EBB24028
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar88.zip --a---- 551 bytes [10:57 30/06/2012] [10:57 30/06/2012] 624296A1F4231EA88A098EF8BFB3251B
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar89.zip --a---- 541 bytes [10:57 30/06/2012] [10:57 30/06/2012] 506A655027E77E16A34F525425DB6374
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar9.zip --a---- 545 bytes [21:05 28/01/2012] [21:05 28/01/2012] 1FC9828EE4B72A352CD9A96B7A9BF438
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar90.zip --a---- 544 bytes [10:57 30/06/2012] [10:57 30/06/2012] DA1AFAD33FB3B05EA599AD0E523DFD18
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar91.zip --a---- 642 bytes [10:57 30/06/2012] [10:57 30/06/2012] 0011DDB235C6BF70E98EF05F136EA85C
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar92.zip --a---- 597 bytes [10:57 30/06/2012] [10:57 30/06/2012] EE214072C589ED5DCF5279220B5B4C83
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar93.zip --a---- 644 bytes [10:57 30/06/2012] [10:57 30/06/2012] 83FE2DE1BE9059667734CA75F918E378
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BabylonToolbar94.zip --a---- 593 bytes [10:57 30/06/2012] [10:57 30/06/2012] 0EAC9E6BDA732F6B6A284175095088A6

    Searching for "*ibryte*"
    C:\Users\currys\AppData\Local\ApplicationHistory\iBryteDesktop.exe.df844634.ini --a---- 2227 bytes [09:12 02/10/2011] [18:25 05/12/2011] 06249F3B08F80EC7CCC78D1C703D045E
    C:\Users\currys\AppData\Local\ApplicationHistory\ibryte_installer.exe.e72fda6d.ini --a---- 2125 bytes [22:37 01/10/2011] [22:37 01/10/2011] A8068185C5222157D2C647DFA5B95B6C

    Searching for "*MyStart*"
    C:\Qoobox\Quarantine\C\Program Files\file2linkib\chrome\content\newtab\newtab_mystart.html.vir --a---- 5816 bytes [13:51 25/10/2011] [13:51 25/10/2011] 1CF001A4E176A483AC570123FABD64E1
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\searchplugins\MyStart Search.xml --a---- 2203 bytes [13:03 23/06/2012] [13:03 23/06/2012] 70CB5F2DEC382A937224295149304474

    Searching for "*uTorrentBar*"
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar --a---- 713115 bytes [10:56 22/01/2012] [11:47 11/01/2012] 0E4E8DE71F59F404FB7056BFCDB856EC

    Searching for "*WiseConvert*"
    C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\CT3196716\externalmenu\http___tools_wiseconvert_com_tools_xml --a---- 3830 bytes [11:17 30/06/2012] [22:30 01/07/2012] 0F321C3EAEA35893F19C41384CD49F49
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\mozilla\Firefox\Profiles\fwvafgml.default\extensions\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}\chrome\wiseconvert.jar --a---- 716986 bytes [18:38 08/07/2012] [08:38 05/07/2012] 2618DABF93565993B71FB6F274C95C63

    Searching for "*Blabbers*"
    No files found.

    ========== folderfind ==========

    Searching for "*Conduit*"
    C:\Program Files\Conduit d------ [10:56 22/01/2012]
    C:\Program Files\ConduitEngine d------ [22:45 21/12/2010]
    C:\Users\currys\AppData\Local\Conduit d------ [22:57 02/03/2011]
    C:\Users\currys\AppData\LocalLow\Conduit d------ [22:45 21/12/2010]
    C:\Users\currys\AppData\LocalLow\ConduitEngine d------ [22:45 21/12/2010]
    C:\Users\currys\AppData\LocalLow\ConduitEngine\Repository\conduit_ConduitEngine d------ [18:52 09/03/2011]
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\Repository\conduit_CT2645238_CT2645238 d------ [19:18 28/11/2011]
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security\Repository\conduit_CT2645238_en d------ [19:18 28/11/2011]
    C:\Users\currys\AppData\Roaming\Mozilla\Firefox\Profiles\fwvafgml.default\conduitCommon d------ [11:17 30/06/2012]
    C:\Windows\System32\config\currys\AppData\LocalLow\Conduit d------ [22:32 10/02/2011]
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\ConduitEngine d------ [22:32 10/02/2011]
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\SearchElf_1.2\Repository\conduit_CT2769726_CT2769726 d------ [22:32 10/02/2011]

    Searching for "*Game Booster*"
    C:\Program Files\IObit\Game Booster d------ [03:52 26/02/2011]
    C:\ProgramData\IObit\Game Booster d------ [03:52 26/02/2011]
    C:\ProgramData\IObit\Game Booster 3 d------ [23:37 06/09/2011]
    C:\Users\All Users\IObit\Game Booster d------ [03:52 26/02/2011]
    C:\Users\All Users\IObit\Game Booster 3 d------ [23:37 06/09/2011]

    Searching for "*Smart Defrag*"
    C:\Program Files\IObit\Smart Defrag 2 d------ [03:49 26/02/2011]
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\IObit\Smart Defrag 2 d------ [03:49 26/02/2011]

    Searching for "*ZoneAlarm*"
    C:\Program Files\ZoneAlarm_Security d------ [16:48 13/06/2011]
    C:\Program Files\CheckPoint\ZoneAlarm d------ [19:17 28/11/2011]
    C:\ProgramData\CheckPoint\ZoneAlarm d------ [16:47 13/06/2011]
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm d------ [10:36 06/05/2012]
    C:\Users\All Users\CheckPoint\ZoneAlarm d------ [16:47 13/06/2011]
    C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Check Point\ZoneAlarm d------ [10:36 06/05/2012]
    C:\Users\currys\AppData\LocalLow\ZoneAlarm_Security d------ [16:48 13/06/2011]
    C:\Users\currys\AppData\LocalLow\Check Point Software Technologies LTD\zonealarm d------ [19:45 15/05/2012]
    C:\Users\currys\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar d------ [10:42 06/05/2012]
    C:\Users\currys\AppData\Roaming\CheckPoint\ZoneAlarm Toolbar d------ [16:48 13/06/2011]
    C:\Windows\System32\config\systemprofile\AppData\LocalLow\Check Point Software Technologies LTD\zonealarm d------ [19:40 31/05/2012]

    Searching for "*IObit*"
    C:\Program Files\IObit d------ [00:54 06/02/2011]
    C:\Program Files\IObit\IObit Malware Fighter d------ [18:17 19/05/2011]
    C:\Program Files\IObit\IObit Security 360 d------ [22:37 10/02/2011]
    C:\ProgramData\IObit d------ [00:54 06/02/2011]
    C:\ProgramData\IObit\IObit Security 360 d------ [22:34 10/02/2011]
    C:\Users\All Users\IObit d------ [00:54 06/02/2011]
    C:\Users\All Users\IObit\IObit Security 360 d------ [22:34 10/02/2011]
    C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit d------ [09:53 19/06/2011]
    C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\IObit Malware Fighter d------ [09:53 19/06/2011]
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\IObit d----c- [22:37 10/02/2011]
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\IObit\IObit Malware Fighter d------ [18:18 19/05/2011]
    C:\_OTL\MovedFiles\07102012_230543\C_Users\currys\AppData\Roaming\IObit\IObit Uninstaller d----c- [21:28 09/06/2011]
    C:\_OTL\MovedFiles\07102012_230543\C_Users\Default\AppData\Roaming\IObit d----c- [11:18 04/02/2012]
    C:\_OTL\MovedFiles\07102012_230543\C_Users\UpdatusUser\AppData\Roaming\IObit d----c- [09:06 24/02/2012]

    Searching for "*SmartDefragDriver*"
    No folders found.

    Searching for "*goonsearch*"
    No folders found.

    Searching for "*searchqu*"
    C:\Users\currys\AppData\LocalLow\searchquband d------ [22:09 18/04/2011]

    Searching for "*ask.com*"
    C:\Program Files\Ask.com d------ [13:02 12/10/2010]

    Searching for "*babylon*"
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Structures\Buildings\Babylonian_Garden d------ [23:04 23/06/2011]
    C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Assets\Art\Units\Unique_Babylon_Bowman d------ [23:05 23/06/2011]

    Searching for "*ibryte*"
    No folders found.

    Searching for "*MyStart*"
    C:\Qoobox\Quarantine\C\Program Files\file2linkib\chrome\content\widgets\net.vmn.www.MyStartFacebook d----c- [00:00 23/02/2012]

    Searching for "*uTorrentBar*"
    No folders found.

    Searching for "*WiseConvert*"
    No folders found.

    Searching for "*Blabbers*"
    No folders found.

    -= EOF
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1059343