Search similar:
|
uniqs 2640 |
|
|
|
|
Intermittent Firefox redirectsI've scanned and scanned after I got some kind of bug on this laptop a couple of weeks ago and I think it's clean now as far as any infection, but I'm still getting intermittent redirects on Firefox once or twice a day to different search sites (I don't use IE enough to know if it's effected too.) I don't have any online virus scan report to attach, it just said I didn't have any issues. Thanks in advance for any help or advice! OTL.txt was way too big at almost 200 K, so I attached it.
Here are the logs:
Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org
Database version: v2012.03.12.05
Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Greg :: GREG-PC [administrator]
3/15/2012 7:15:12 PM mbam-log-2012-03-15 (19-15-12).txt
Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 366040 Time elapsed: 42 minute(s), 42 second(s)
Memory Processes Detected: 0 (No malicious items detected)
Memory Modules Detected: 0 (No malicious items detected)
Registry Keys Detected: 0 (No malicious items detected)
Registry Values Detected: 0 (No malicious items detected)
Registry Data Items Detected: 0 (No malicious items detected)
Folders Detected: 0 (No malicious items detected)
Files Detected: 0 (No malicious items detected)
(end)
OTL Extras logfile created on: 3/16/2012 6:39:58 PM - Run 1 OTL by OldTimer - Version 3.2.37.1 Folder = C:\Users\Greg\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.93 Gb Total Physical Memory | 2.89 Gb Available Physical Memory | 73.57% Memory free 7.86 Gb Paging File | 6.70 Gb Available in Paging File | 85.23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 286.27 Gb Total Space | 165.03 Gb Free Space | 57.65% Space Free | Partition Type: NTFS Drive D: | 305.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: GREG-PC | User Name: Greg | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS) Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series" = Canon MP495 series MP Drivers "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client "{57019733-78E6-43DE-8E6D-55349F0FDE6F}" = inSSIDer 2.0 "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D "{7D220A57-969F-4D09-9297-D48195A8ABDD}" = HP Deskjet 3050 J610 series Basic Device Software "{860B418B-F90B-465A-BC1D-04B518045C72}" = HP Deskjet 3050 J610 series Product Improvement Study "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "CNXT_AUDIO_HDA" = Conexant HD Audio "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP "CPUID CPU-Z_is1" = CPUID CPU-Z 1.53.1 "Creative VF0415" = Creative Live! Cam Video IM Ultra (VF0415) (1.01.03.00) "doPDF 7 printer_is1" = doPDF 7.1 printer "HDMI" = Intel(R) Graphics Media Accelerator Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{12A1B519-5934-4508-ADBD-335347B0DC87}" = Video Web Camera "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.0 "{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64) "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3DB0448D-AD82-4923-B305-D001E521A964}" = Gateway Power Management "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.40 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}" = Acrobat.com "{67D15B01-9A6B-0397-002A-D2A015212748}" = FlipShare "{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{85EBB283-65AF-4C53-9EBE-7C0A232762F7}" = AGEIA PhysX v7.03.21 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1" = Free YouTube Downloader 3.5.124 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AAF89271-2594-468D-B578-96B2E30C41C4}" = eBay Worldwide "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.0 MUI "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update "{B17E235C-7A3B-4482-B650-21FFDE1D452E}" = Empire Earth III "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{C61244F9-C335-4EE4-BF7B-5CAB855555E3}" = Linksys Wireless-G Print Server "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Gateway Updater "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F656270D-66A6-41D9-828A-436EE0228D3B}" = calibre "{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help "{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.7 "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Advanced Audio FX Engine" = Advanced Audio FX Engine "Advanced SystemCare 5_is1" = Advanced SystemCare 5 "Audacity_is1" = Audacity 1.2.6 "AudibleManager" = AudibleManager "Brain Workshop_is1" = Brain Workshop 4.8.1 "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Core FTP LE 2.1" = Core FTP LE 2.1 "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows "Creative Live! Central 2" = Creative Live! Central 2 "EASEUS Deleted File Recovery 3.0.1_is1" = EASEUS Deleted File Recovery 3.0.1 "FastStone Photo Resizer" = FastStone Photo Resizer 2.9 "ffdshow_is1" = ffdshow [rev 2527] [2008-12-19] "FreeFileViewer_is1" = Free File Viewer 2011 "Gateway InfoCentre" = Gateway InfoCentre "Gateway Registration" = Gateway Registration "Gateway Screensaver" = Gateway ScreenSaver "Gateway Welcome Center" = Welcome Center "HaaliMkx" = Haali Media Splitter "HyperCam 2" = HyperCam 2 "Identity Card" = Identity Card "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Gateway MyBackup "IrfanView" = IrfanView (remove only) "JBidwatcher_0" = JBidwatcher 2 "JBidwatcher_1" = JBidwatcher 2.1.4.1 "JBidwatcher_2" = JBidwatcher 2.1.6 "LManager" = Launch Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000 "MonkeyJam_is1" = MonkeyJam 3_050529 "Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US) "Picasa 3" = Picasa 3 "ST606_2011_0111_1248_is1" = Uninstall Dual Mode Camera (ST606) "SysInfo" = Creative System Information "TaxACT 2008" = TaxACT 2008 "TaxACT 2009" = TaxACT 2009 "TaxACT 2010" = TaxACT 2010 "TaxACT 2011 - 1040 Edition" = TaxACT 2011 - 1040 Edition "TaxACT 2011 Indiana" = TaxACT 2011 Indiana "TeamViewer 7" = TeamViewer 7 "Trusted Software Assistant_is1" = File Type Assistant "Ultravnc2_is1" = UltraVNC 1.0.8.2 "Vivitar Experience Image Manager" = Vivitar Experience Image Manager "VMware_Player" = VMware Player "WildTangent gateway Master Uninstall" = Gateway Games "WinLiveSuite" = Windows Live Essentials "Yahoo! Messenger" = Yahoo! Messenger
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "HuluDesktop" = Hulu Desktop
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ] Error - 3/10/2012 11:55:58 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3/10/2012 11:55:58 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3/10/2012 11:55:58 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3/10/2012 11:55:58 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3/11/2012 1:08:36 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842824 Description = Activation context generation failed for "c:\program files\microsoft security client\MSESysprep.dll".Error in manifest or policy file "c:\program files\microsoft security client\MSESysprep.dll" on line 10. The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.
Error - 3/11/2012 1:08:39 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error - 3/11/2012 1:10:04 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3/11/2012 1:10:04 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3/11/2012 1:10:04 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3/11/2012 1:10:04 AM | Computer Name = Greg-PC | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "c:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
[ System Events ] Error - 3/14/2012 6:36:33 PM | Computer Name = Greg-PC | Source = DCOM | ID = 10016 Description =
Error - 3/14/2012 6:37:07 PM | Computer Name = Greg-PC | Source = DCOM | ID = 10016 Description =
Error - 3/15/2012 6:49:58 PM | Computer Name = Greg-PC | Source = Service Control Manager | ID = 7034 Description = The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).
Error - 3/15/2012 6:53:42 PM | Computer Name = Greg-PC | Source = DCOM | ID = 10016 Description =
Error - 3/15/2012 6:53:42 PM | Computer Name = Greg-PC | Source = DCOM | ID = 10016 Description =
Error - 3/15/2012 7:10:53 PM | Computer Name = Greg-PC | Source = DCOM | ID = 10016 Description =
Error - 3/15/2012 7:10:57 PM | Computer Name = Greg-PC | Source = DCOM | ID = 10016 Description =
Error - 3/16/2012 6:36:33 PM | Computer Name = Greg-PC | Source = Service Control Manager | ID = 7034 Description = The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).
Error - 3/16/2012 6:39:48 PM | Computer Name = Greg-PC | Source = DCOM | ID = 10016 Description =
Error - 3/16/2012 6:39:53 PM | Computer Name = Greg-PC | Source = DCOM | ID = 10016 Description =
Results of screen317's Security Check version 0.99.31 Windows 7 x64 (UAC is enabled) Internet Explorer 9 `````````````````````````````` [u]Antivirus/Firewall Check:[/u] Windows Firewall Enabled! [size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size] ``````````````````````````````` [u]Anti-malware/Other Utilities Check:[/u] Java(TM) 6 Update 31 Adobe Reader 9 [color=red]Adobe Reader out of date![/color] Mozilla Firefox (11.0.) ```````````````````````````````` Process Check: [u]objlist.exe by Laurent[/u] Windows Defender MSMpEng.exe Microsoft Security Essentials msseces.exe Microsoft Security Client Antimalware MsMpEng.exe ``````````End of Log```````````` | actions · 2012-Mar-16 11:19 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
OTL logfile created on: 3/16/2012 6:39:58 PM - Run 1 OTL by OldTimer - Version 3.2.37.1 Folder = C:\Users\Greg\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.93 Gb Total Physical Memory | 2.89 Gb Available Physical Memory | 73.57% Memory free 7.86 Gb Paging File | 6.70 Gb Available in Paging File | 85.23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 286.27 Gb Total Space | 165.03 Gb Free Space | 57.65% Space Free | Partition Type: NTFS Drive D: | 305.33 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: GREG-PC | User Name: Greg | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012/03/16 18:35:50 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Greg\Desktop\OTL.exe PRC - [2012/02/23 06:40:41 | 002,886,528 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2011/12/29 23:29:04 | 000,497,496 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe PRC - [2011/12/29 17:43:30 | 000,620,376 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe PRC - [2011/12/20 16:23:42 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\Action Alert\pgtray.exe PRC - [2011/11/18 10:02:26 | 000,195,072 | ---- | M] () -- C:\Program Files (x86)\Action Alert\pgkeysrv.exe PRC - [2010/09/17 21:14:22 | 000,460,144 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe PRC - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe PRC - [2010/01/22 21:56:46 | 000,064,048 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\hqtray.exe PRC - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe PRC - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe PRC - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe PRC - [2009/08/27 16:48:30 | 001,194,504 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009/08/20 20:26:00 | 000,244,480 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe PRC - [2009/08/20 20:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe PRC - [2009/08/19 11:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2009/08/19 11:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2009/08/12 17:31:20 | 000,422,035 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe PRC - [2009/06/19 16:42:00 | 000,505,128 | ---- | M] () -- C:\Program Files (x86)\Linksys Wireless-G Print Server\PSDiagnosticM.exe PRC - [2009/06/04 22:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009/06/04 09:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe PRC - [2009/06/04 00:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009/04/16 03:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe PRC - [2008/12/10 23:21:04 | 000,630,784 | ---- | M] (Chicony) -- C:\Program Files (x86)\Video Web Camera\traybar.exe PRC - [2008/12/10 23:20:34 | 002,913,792 | ---- | M] (Chicony) -- C:\Program Files (x86)\Video Web Camera\CEC_MAIN.exe PRC - [2008/08/06 21:00:00 | 000,028,672 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0415Mon.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2011/12/20 16:23:42 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\Action Alert\pgtray.exe MOD - [2011/04/21 17:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\madexcept_.bpl MOD - [2011/04/21 17:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\madbasic_.bpl MOD - [2011/04/21 17:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\maddisAsm_.bpl MOD - [2010/03/03 13:32:22 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll MOD - [2010/01/22 21:57:04 | 000,970,288 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Player\libxml2.dll MOD - [2010/01/22 21:56:46 | 000,068,656 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Player\zlib1.dll MOD - [2009/08/18 16:54:22 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2009/06/19 16:42:00 | 000,505,128 | ---- | M] () -- C:\Program Files (x86)\Linksys Wireless-G Print Server\PSDiagnosticM.exe MOD - [2009/06/04 00:59:14 | 000,013,096 | ---- | M] () -- c:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/06/04 00:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009/04/02 19:03:10 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll MOD - [2009/02/02 20:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll MOD - [2008/12/19 19:26:06 | 002,625,536 | ---- | M] () -- C:\Program Files (x86)\ffdshow\ffdshow.ax MOD - [2008/09/25 18:35:56 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Linksys Wireless-G Print Server\scUsb.dll MOD - [2008/09/25 18:25:28 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Linksys Wireless-G Print Server\scUtil.dll MOD - [2008/09/24 20:54:44 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Linksys Wireless-G Print Server\scComm.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2009/08/06 01:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc) SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Updater Service) SRV - [2012/02/23 06:40:41 | 002,886,528 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011/12/29 23:29:04 | 000,497,496 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5) SRV - [2011/11/18 10:02:26 | 000,195,072 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Action Alert\pgkeysrv.exe -- (PGKey) SRV - [2010/09/17 21:14:22 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009/10/12 14:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60) SRV - [2009/08/20 20:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2009/06/04 09:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/05/22 14:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009/04/29 15:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/05/25 03:59:24 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm) DRV:64bit: - [2010/05/25 03:59:24 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV:64bit: - [2010/05/25 03:59:24 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb) DRV:64bit: - [2010/05/25 03:59:24 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV:64bit: - [2010/01/22 21:58:22 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2010/01/22 21:58:20 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2010/01/22 21:58:16 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2010/01/22 21:58:16 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2010/01/22 21:00:44 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2010/01/22 17:13:00 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb) DRV:64bit: - [2010/01/22 17:12:58 | 000,045,104 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge) DRV:64bit: - [2010/01/22 17:12:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2009/09/02 18:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/08/11 16:59:50 | 000,686,080 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2009/08/03 21:01:00 | 000,336,448 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\V0415Vid.sys -- (V0415Vid) DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009/07/13 20:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:64bit: - [2009/06/20 07:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) DRV:64bit: - [2009/06/19 19:56:08 | 000,712,704 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:64bit: - [2009/06/19 00:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt) DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:64bit: - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/04 21:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/06/04 20:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009/06/02 13:26:26 | 000,080,880 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jl2005c.sys -- (JLTECH0227) DRV:64bit: - [2009/05/26 08:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R) DRV:64bit: - [2009/05/05 19:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009/05/05 19:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2009/04/29 15:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio) DRV:64bit: - [2009/03/27 02:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132) DRV:64bit: - [2009/02/13 02:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV) DRV:64bit: - [2009/02/13 02:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL) DRV:64bit: - [2009/02/13 02:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf) DRV:64bit: - [2009/01/09 16:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort) DRV:64bit: - [2008/07/10 19:43:18 | 000,037,376 | ---- | M] (SerComm) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scnuhub20.sys -- (SCNUHUB20) DRV:64bit: - [2008/06/06 16:49:02 | 000,015,872 | ---- | M] (SerComm) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\scnuhst20.sys -- (scnuhst20) DRV:64bit: - [2006/06/18 10:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2010/11/08 17:29:52 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2010/11/08 17:29:40 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2009/10/12 14:31:04 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60) DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://safesearch.MyActionAlert.com/Custom?Key=T8CVNPQBQCBV7YRB6STFWAUHW&User=Greg IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 B4 5C 83 27 E9 CC 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 0F 00 11 0E D5 E8 28 4F BE C9 E1 42 87 82 A6 0C [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {CF745ACA-6FA6-45ED-AB49-E10A0D1870C5} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{4145C98D-1B41-41ED-9A66-927823FF48E4}: "URL" = http://safesearch.MyActionAlert.com/IESearch?q={searchTerms} IE - HKCU\..\SearchScopes\{56922A35-3828-4452-B08D-BE835B9C00EE}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW_enUS362 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search" FF - prefs.js..browser.search.selectedEngine: "Search" FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.5 FF - prefs.js..extensions.enabledItems: {ed0e5539-91e4-4b3f-ad58-75f8e19049ab}:1.0 FF - prefs.js..keyword.URL: "http://www.wicso.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=RkI5v3rL&q=" FF - prefs.js..network.proxy.type: 0
FF - user.js..browser.search.selectedEngine: "Search" FF - user.js..keyword.URL: "http://www.wicso.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=RkI5v3rL&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/02/11 12:48:13 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/02/11 12:48:13 | 000,000,000 | ---D | M] FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\Greg\AppData\Local\HuluDesktop\instances\0.9.10.1\npHDPlg.dll (Hulu LLC) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Greg\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Greg\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/15 05:51:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/02/14 23:54:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\VideoBar@meep.com: C:\Program Files (x86)\Meep\FF\
[2010/01/15 14:42:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greg\AppData\Roaming\Mozilla\Extensions [2012/03/15 18:54:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a7m58sm3.default\extensions [2012/03/15 18:54:04 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a7m58sm3.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011/03/04 22:30:43 | 000,002,197 | ---- | M] () -- C:\Users\Greg\AppData\Roaming\Mozilla\Firefox\Profiles\a7m58sm3.default\searchplugins\google-search.xml [2012/03/15 18:52:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions () (No name found) -- C:\USERS\GREG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A7M58SM3.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012/03/15 05:51:45 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2009/11/19 18:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll [2012/03/12 14:56:29 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2009/11/19 18:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll [2012/02/13 16:09:00 | 000,000,789 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\ActionAlert.xml [2012/02/13 13:36:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/02/13 13:36:19 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Yahoo! Search (Enabled) CHR - default_search_provider: search_url = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} CHR - default_search_provider: suggest_url = http://sugg.search.yahoo.com/sg/?command={searchTerms}&output=fxjson CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Greg\AppData\Local\Google\Chrome\Application\17.0.963.78\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Greg\AppData\Local\Google\Chrome\Application\17.0.963.78\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Greg\AppData\Local\Google\Chrome\Application\17.0.963.78\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Hulu Desktop (Enabled) = C:\Users\Greg\AppData\Local\HuluDesktop\instances\0.9.10.1\npHDPlg.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Entanglement = C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\ CHR - Extension: Entanglement = C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\ CHR - Extension: PDFescape Free PDF Editor = C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdefoklganepljiopdnglodohlgfikkl\0.19_0\ CHR - Extension: PDFescape Free PDF Editor = C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdefoklganepljiopdnglodohlgfikkl\0.20_0\ CHR - Extension: Poppit = C:\Users\Greg\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
O1 HOSTS File: ([2012/03/05 12:15:46 | 000,001,404 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 188.119.151.111 www.google-analytics.com. O1 - Hosts: 188.119.151.111 ad-emea.doubleclick.net. O1 - Hosts: 188.119.151.111 www.statcounter.com. O1 - Hosts: 108.163.215.51 www.google-analytics.com. O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net. O1 - Hosts: 108.163.215.51 www.statcounter.com. O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [C:\Windows\system32\V0415Ext.ax] C:\Windows\SysNative\V0415Ext.ax (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [C:\Windows\SysWOW64\V0415Ext.ax] C:\Windows\SysWOW64\V0415Ext.ax (Creative Technology Ltd.) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files (x86)\Video Web Camera\traybar.exe (Chicony) O4 - HKLM..\Run: [CLMLServer] c:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Live! Central 2] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PSDiagnosticM] C:\Program Files (x86)\Linksys Wireless-G Print Server\PSDiagnosticM.exe () O4 - HKLM..\Run: [RemoteControl8] c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [V0415Mon.exe] C:\Windows\V0415Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [VMware hqtray] C:\Program Files (x86)\VMware\VMware Player\hqtray.exe (VMware, Inc.) O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit) O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - Startup: C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files (x86)\Action Alert\pgdns764.dll (Keyware, Inc) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Program Files (x86)\VMware\VMware Player\x64\vsocklib.dll (VMware, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Action Alert\pgdns7.dll (Keyware, Inc) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Player\vsocklib.dll (VMware, Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} https://aglmailcls1.faa.gov/iNotes6W.cab (iNotes6 Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {BCBC9371-9827-11DA-A72B-0800200C9A66} http://merillat.view22.com/release_3_9_177/View22RTEv4.cab (View22RTEv4 Class) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49E58AF6-E57D-42BF-BC0B-AE3D56844DCE}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9032EB10-E7D6-4D2E-B9F5-0360F2CB9F29}: DhcpNameServer = 192.168.1.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/11/21 23:30:41 | 000,000,073 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{c24c924a-81bf-11e0-8219-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{c24c924a-81bf-11e0-8219-005056c00008}\Shell\AutoRun\command - "" = E:\setup.exe -a O33 - MountPoints2\{f4029613-d483-11de-90f3-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{f4029613-d483-11de-90f3-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Webcam\Setup\setup.exe -- [2003/11/10 07:55:38 | 000,116,880 | R--- | M] (InstallShield Software Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* | actions · 2012-Mar-16 11:20 pm · (locked) | lilhurricane |
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/03/16 18:35:46 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\Greg\Desktop\OTL.exe [2012/03/15 18:49:31 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Greg\Desktop\TFC.exe [2012/03/14 18:28:13 | 000,000,000 | ---D | C] -- C:\Users\Greg\Desktop\GooredFix Backups [2012/03/14 17:36:45 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/03/14 17:36:44 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/03/14 17:36:44 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/03/13 18:06:13 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012/03/13 18:05:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/03/13 18:05:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/03/13 18:05:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012/03/13 18:05:54 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012/03/13 18:05:54 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012/03/12 14:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/03/12 14:56:41 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012/03/12 14:56:41 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012/03/12 14:56:41 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012/03/05 11:39:32 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\{298583A0-3FF6-4971-B4C6-7B2738267E24} [2012/03/04 20:27:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Deleted File Recovery 3.0.1 [2012/03/04 20:27:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EASEUS [2012/02/22 20:54:49 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\Downloads [2012/02/22 20:53:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader [2012/02/22 20:53:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free YouTube Downloader [2012/02/22 20:49:53 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Local\TempDIR [2012/02/19 10:44:03 | 000,023,896 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe [2012/02/19 10:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2012/02/19 10:37:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5 [2012/02/19 10:09:01 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Reallusion [2012/02/19 10:06:56 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\Live! Central 2 [2012/02/19 09:56:57 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative [2012/02/19 09:56:57 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\Creative [2012/02/19 09:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative [2012/02/19 09:50:59 | 000,053,248 | ---- | C] (Creative Technology Ltd ) -- C:\Windows\Ctregrun.exe [2012/02/19 09:50:29 | 000,285,696 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\CTAFX64.dll [2012/02/19 09:50:23 | 000,336,448 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\V0415Vid.sys [2012/02/19 09:50:23 | 000,114,688 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0415Ext.ax [2012/02/19 09:50:23 | 000,108,032 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe [2012/02/19 09:50:23 | 000,056,832 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\V0415Ext.crl [2012/02/19 09:50:23 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0415Pin.dll [2012/02/19 09:50:23 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\CtCamMgr.dll [2012/02/19 09:50:23 | 000,029,184 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\CtCamMgr.dll [2012/02/19 09:50:23 | 000,023,040 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\V0415Hwx.dll [2012/02/19 09:50:23 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\CtCamPin.crl [2012/02/19 09:50:23 | 000,010,752 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\CtCamPin.crl [2012/02/19 09:50:22 | 000,134,656 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\V0415Ext.ax [2012/02/19 09:50:22 | 000,065,536 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0415Ext.crl [2012/02/19 09:50:22 | 000,043,520 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\V0415Pin.dll [2012/02/19 09:50:22 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\V0415Hwx.dll [2012/02/19 09:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative [2012/02/19 09:49:07 | 000,224,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtAudDrv.sys [2012/02/19 09:49:07 | 000,172,704 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\drivers\CtClsFlt.sys [2012/02/19 09:49:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative [2012/02/17 17:16:54 | 000,000,000 | ---D | C] -- C:\Users\Greg\Documents\Calibre Library [2012/02/17 17:14:46 | 000,000,000 | ---D | C] -- C:\Users\Greg\Calibre Library [2012/02/17 17:14:43 | 000,000,000 | ---D | C] -- C:\Users\Greg\AppData\Roaming\calibre [2012/02/17 17:14:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calibre2 [2012/02/17 17:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/03/16 18:41:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1400989614-3925164072-2012952838-1000UA.job [2012/03/16 18:38:54 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/03/16 18:38:54 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job [2012/03/16 18:38:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/03/16 18:38:26 | 3165,331,456 | -HS- | M] () -- C:\hiberfil.sys [2012/03/16 18:35:50 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Greg\Desktop\OTL.exe [2012/03/16 18:16:57 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/03/16 06:53:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1400989614-3925164072-2012952838-1000Core.job [2012/03/15 19:18:16 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/03/15 19:18:16 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/03/15 18:49:02 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Greg\Desktop\TFC.exe [2012/03/14 18:35:15 | 000,356,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/03/13 18:13:30 | 000,018,553 | ---- | M] () -- C:\Users\Greg\Desktop\vocab313scram.ods [2012/03/13 18:12:03 | 000,018,527 | ---- | M] () -- C:\Users\Greg\Desktop\vocab313.ods [2012/03/12 21:40:36 | 000,002,403 | ---- | M] () -- C:\Users\Greg\Desktop\Google Chrome.lnk [2012/03/12 14:57:07 | 000,733,964 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/03/12 14:57:07 | 000,629,196 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/03/12 14:57:07 | 000,108,966 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/03/12 14:56:28 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012/03/12 14:56:28 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012/03/12 14:56:28 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012/03/12 14:56:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012/03/12 14:21:24 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/03/06 19:55:02 | 000,000,376 | ---- | M] () -- C:\Windows\SysWow64\msxkwn.vxp [2012/03/06 19:49:58 | 000,000,061 | ---- | M] () -- C:\Windows\TaxACT11.ini [2012/03/05 12:15:46 | 000,001,404 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/03/04 20:27:27 | 000,001,286 | ---- | M] () -- C:\Users\Public\Desktop\EASEUS Deleted File Recovery 3.0.1.lnk [2012/03/04 00:55:37 | 000,000,061 | ---- | M] () -- C:\Windows\TaxACT09.ini [2012/03/04 00:54:38 | 000,000,061 | ---- | M] () -- C:\Windows\TaxACT10.ini [2012/03/01 22:32:41 | 001,764,239 | ---- | M] () -- C:\Users\Greg\Desktop\Getting Hyped Up For the ISTEP test!!.wmv [2012/02/29 20:20:33 | 000,024,642 | ---- | M] () -- C:\Users\Greg\Desktop\vocab.ods [2012/02/28 21:46:33 | 000,001,173 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012/02/26 15:49:05 | 000,019,266 | ---- | M] () -- C:\Users\Greg\Documents\Welcome to LearningExpress Library!.pdf [2012/02/22 20:53:47 | 000,002,118 | ---- | M] () -- C:\Users\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk [2012/02/22 20:53:47 | 000,002,094 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube Downloader.lnk [2012/02/22 20:35:31 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/02/19 22:50:19 | 000,000,419 | ---- | M] () -- C:\Users\Greg\Desktop\Untitled.xps [2012/02/19 22:49:42 | 000,099,804 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0001.png [2012/02/19 22:47:15 | 000,123,576 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0063.png [2012/02/19 22:47:12 | 000,123,088 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0062.png [2012/02/19 22:47:08 | 000,123,238 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0061.png [2012/02/19 22:47:06 | 000,122,172 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0060.png [2012/02/19 22:47:03 | 000,121,341 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0059.png [2012/02/19 22:46:59 | 000,121,924 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0058.png [2012/02/19 22:46:55 | 000,120,643 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0057.png [2012/02/19 22:46:50 | 000,120,803 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0056.png [2012/02/19 22:46:46 | 000,120,887 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0055.png [2012/02/19 22:46:41 | 000,118,531 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0054.png [2012/02/19 22:46:34 | 000,117,285 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0053.png [2012/02/19 22:46:25 | 000,119,873 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0052.png [2012/02/19 22:46:18 | 000,115,340 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0051.png [2012/02/19 22:46:12 | 000,115,397 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0050.png [2012/02/19 22:46:08 | 000,113,334 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0049.png [2012/02/19 22:46:04 | 000,117,373 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0048.png [2012/02/19 22:45:57 | 000,114,328 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0047.png [2012/02/19 22:45:47 | 000,114,243 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0046.png [2012/02/19 22:45:43 | 000,117,435 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0045.png [2012/02/19 22:45:39 | 000,119,974 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0044.png [2012/02/19 22:45:34 | 000,121,124 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0043.png [2012/02/19 22:45:27 | 000,120,179 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0042.png [2012/02/19 22:45:14 | 000,120,669 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0041.png [2012/02/19 22:45:09 | 000,120,584 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0040.png [2012/02/19 22:45:03 | 000,120,547 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0039.png [2012/02/19 22:44:58 | 000,120,225 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0038.png [2012/02/19 22:44:53 | 000,119,691 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0037.png [2012/02/19 22:44:43 | 000,120,013 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0036.png [2012/02/19 22:44:28 | 000,120,095 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0035.png [2012/02/19 22:44:22 | 000,119,881 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0034.png [2012/02/19 22:44:19 | 000,120,421 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0033.png [2012/02/19 22:44:16 | 000,120,271 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0032.png [2012/02/19 22:44:11 | 000,117,788 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0031.png [2012/02/19 22:44:08 | 000,115,653 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0030.png [2012/02/19 22:44:05 | 000,114,644 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0029.png [2012/02/19 22:43:57 | 000,118,693 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0028.png [2012/02/19 22:43:51 | 000,119,241 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0027.png [2012/02/19 22:43:41 | 000,114,463 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0026.png [2012/02/19 22:43:36 | 000,117,257 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0025.png [2012/02/19 22:43:31 | 000,116,135 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0024.png [2012/02/19 22:43:28 | 000,112,128 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0023.png [2012/02/19 22:43:24 | 000,114,626 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0022.png [2012/02/19 22:43:20 | 000,114,764 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0021.png [2012/02/19 22:43:15 | 000,108,597 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0020.png [2012/02/19 22:43:10 | 000,111,869 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0019.png [2012/02/19 22:43:05 | 000,111,019 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0018.png [2012/02/19 22:43:01 | 000,111,825 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0017.png [2012/02/19 22:42:49 | 000,118,239 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0016.png [2012/02/19 22:42:45 | 000,116,256 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0015.png [2012/02/19 22:42:41 | 000,116,727 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0014.png [2012/02/19 22:42:36 | 000,119,545 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0013.png [2012/02/19 22:42:31 | 000,120,043 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0012.png [2012/02/19 22:42:19 | 000,119,426 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0011.png [2012/02/19 22:42:16 | 000,118,826 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0010.png [2012/02/19 22:42:09 | 000,117,444 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0009.png [2012/02/19 22:42:04 | 000,119,355 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0008.png [2012/02/19 22:41:56 | 000,117,212 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0007.png [2012/02/19 22:41:50 | 000,123,625 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0006.png [2012/02/19 22:41:41 | 000,123,217 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0005.png [2012/02/19 22:41:35 | 000,117,707 | ---- | M] () -- C:\Users\Greg\Documents\ppok_0004.png [2012/02/19 22:40:06 | 000,121,944 | ---- | M] () -- C:\Users\Greg\Documents\tackel_0003.png [2012/02/19 22:40:02 | 000,111,045 | ---- | M] () -- C:\Users\Greg\Documents\tackel_0002.png [2012/02/19 22:39:56 | 000,115,345 | ---- | M] () -- C:\Users\Greg\Documents\tackel_0001.png [2012/02/19 22:38:43 | 000,109,482 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0012.png [2012/02/19 22:38:41 | 000,107,567 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0011.png [2012/02/19 22:38:37 | 000,109,410 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0010.png [2012/02/19 22:38:25 | 000,116,114 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0009.png [2012/02/19 22:38:16 | 000,110,538 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0008.png [2012/02/19 22:38:10 | 000,106,419 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0007.png [2012/02/19 22:37:30 | 000,112,061 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0006.png [2012/02/19 22:37:07 | 000,106,870 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0005.png [2012/02/19 22:36:58 | 000,109,549 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0004.png [2012/02/19 22:36:53 | 000,115,344 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0003.png [2012/02/19 22:36:48 | 000,115,641 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0002.png [2012/02/19 22:36:37 | 000,111,852 | ---- | M] () -- C:\Users\Greg\Documents\wwwuki_0001.png [2012/02/19 16:31:08 | 000,097,458 | ---- | M] () -- C:\Users\Greg\Documents\legoz_0009.png [2012/02/19 16:31:06 | 000,097,729 | ---- | M] () -- C:\Users\Greg\Documents\legoz_0008.png [2012/02/19 16:31:02 | 000,096,763 | ---- | M] () -- C:\Users\Greg\Documents\legoz_0007.png [2012/02/19 16:31:00 | 000,098,649 | ---- | M] () -- C:\Users\Greg\Documents\legoz_0006.png [2012/02/19 16:30:54 | 000,096,218 | ---- | M] () -- C:\Users\Greg\Documents\legoz_0005.png [2012/02/19 16:30:47 | 000,091,655 | ---- | M] () -- C:\Users\Greg\Documents\legoz_0004.png [2012/02/19 16:30:43 | 000,090,612 | ---- | M] () -- C:\Users\Greg\Documents\legoz_0003.png [2012/02/19 16:30:37 | 000,091,397 | ---- | M] () -- C:\Users\Greg\Documents\legoz_0002.png [2012/02/19 16:30:29 | 000,094,354 | ---- | M] () -- C:\Users\Greg\Documents\legoz_0001.png [2012/02/19 16:17:20 | 000,109,006 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0040.png [2012/02/19 16:17:17 | 000,107,451 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0039.png [2012/02/19 16:17:15 | 000,110,257 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0038.png [2012/02/19 16:17:13 | 000,110,304 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0037.png [2012/02/19 16:17:11 | 000,110,681 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0036.png [2012/02/19 16:17:08 | 000,107,327 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0035.png [2012/02/19 16:17:05 | 000,108,722 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0034.png [2012/02/19 16:16:54 | 000,110,087 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0033.png [2012/02/19 16:16:51 | 000,105,795 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0032.png [2012/02/19 16:16:47 | 000,105,649 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0031.png [2012/02/19 16:16:45 | 000,114,791 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0030.png [2012/02/19 16:16:41 | 000,099,766 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0029.png [2012/02/19 16:16:39 | 000,118,208 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0028.png [2012/02/19 16:16:35 | 000,113,937 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0027.png [2012/02/19 16:16:24 | 000,107,667 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0026.png [2012/02/19 16:16:19 | 000,109,458 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0025.png [2012/02/19 16:16:15 | 000,114,730 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0024.png [2012/02/19 16:15:51 | 000,112,246 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0023.png [2012/02/19 16:15:47 | 000,108,393 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0022.png [2012/02/19 16:15:40 | 000,112,890 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0021.png [2012/02/19 16:15:36 | 000,114,941 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0020.png [2012/02/19 16:15:34 | 000,114,012 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0019.png [2012/02/19 16:15:32 | 000,111,332 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0018.png [2012/02/19 16:15:27 | 000,113,117 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0017.png [2012/02/19 16:15:25 | 000,112,782 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0016.png [2012/02/19 16:15:23 | 000,112,482 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0015.png [2012/02/19 16:15:21 | 000,112,051 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0014.png [2012/02/19 16:15:19 | 000,111,943 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0013.png [2012/02/19 16:15:16 | 000,110,106 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0012.png [2012/02/19 16:15:14 | 000,111,817 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0011.png [2012/02/19 16:15:10 | 000,109,628 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0010.png [2012/02/19 16:15:08 | 000,109,737 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0009.png [2012/02/19 16:15:05 | 000,114,863 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0008.png [2012/02/19 16:14:59 | 000,114,731 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0007.png [2012/02/19 16:14:53 | 000,114,280 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0006.png [2012/02/19 16:14:48 | 000,117,288 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0005.png [2012/02/19 16:14:45 | 000,118,336 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0004.png [2012/02/19 16:14:40 | 000,119,242 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0003.png [2012/02/19 16:14:37 | 000,119,957 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0002.png [2012/02/19 16:14:04 | 000,116,458 | ---- | M] () -- C:\Users\Greg\Documents\workshops_0001.png [2012/02/19 16:10:15 | 000,104,719 | ---- | M] () -- C:\Users\Greg\Documents\pie_0039.png [2012/02/19 16:10:12 | 000,110,553 | ---- | M] () -- C:\Users\Greg\Documents\pie_0038.png [2012/02/19 16:10:09 | 000,109,344 | ---- | M] () -- C:\Users\Greg\Documents\pie_0037.png [2012/02/19 16:10:02 | 000,098,409 | ---- | M] () -- C:\Users\Greg\Documents\pie_0036.png [2012/02/19 16:09:58 | 000,100,020 | ---- | M] () -- C:\Users\Greg\Documents\pie_0035.png [2012/02/19 16:09:54 | 000,105,058 | ---- | M] () -- C:\Users\Greg\Documents\pie_0034.png [2012/02/19 16:09:38 | 000,092,386 | ---- | M] () -- C:\Users\Greg\Documents\pie_0033.png [2012/02/19 16:09:32 | 000,105,938 | ---- | M] () -- C:\Users\Greg\Documents\pie_0032.png [2012/02/19 16:09:18 | 000,105,076 | ---- | M] () -- C:\Users\Greg\Documents\pie_0031.png [2012/02/19 16:09:08 | 000,103,492 | ---- | M] () -- C:\Users\Greg\Documents\pie_0030.png [2012/02/19 16:09:06 | 000,103,743 | ---- | M] () -- C:\Users\Greg\Documents\pie_0029.png [2012/02/19 16:09:03 | 000,105,145 | ---- | M] () -- C:\Users\Greg\Documents\pie_0028.png [2012/02/19 16:09:01 | 000,104,383 | ---- | M] () -- C:\Users\Greg\Documents\pie_0027.png [2012/02/19 16:08:56 | 000,105,159 | ---- | M] () -- C:\Users\Greg\Documents\pie_0026.png [2012/02/19 16:08:54 | 000,103,804 | ---- | M] () -- C:\Users\Greg\Documents\pie_0025.png [2012/02/19 16:08:52 | 000,105,909 | ---- | M] () -- C:\Users\Greg\Documents\pie_0024.png [2012/02/19 16:08:49 | 000,106,008 | ---- | M] () -- C:\Users\Greg\Documents\pie_0023.png [2012/02/19 16:08:47 | 000,104,799 | ---- | M] () -- C:\Users\Greg\Documents\pie_0022.png [2012/02/19 16:08:44 | 000,105,015 | ---- | M] () -- C:\Users\Greg\Documents\pie_0021.png [2012/02/19 16:08:42 | 000,104,835 | ---- | M] () -- C:\Users\Greg\Documents\pie_0020.png [2012/02/19 16:08:39 | 000,105,776 | ---- | M] () -- C:\Users\Greg\Documents\pie_0019.png [2012/02/19 16:08:37 | 000,105,974 | ---- | M] () -- C:\Users\Greg\Documents\pie_0018.png [2012/02/19 16:08:35 | 000,104,394 | ---- | M] () -- C:\Users\Greg\Documents\pie_0017.png [2012/02/19 16:08:32 | 000,103,732 | ---- | M] () -- C:\Users\Greg\Documents\pie_0016.png [2012/02/19 16:08:29 | 000,104,847 | ---- | M] () -- C:\Users\Greg\Documents\pie_0015.png [2012/02/19 16:08:26 | 000,105,111 | ---- | M] () -- C:\Users\Greg\Documents\pie_0014.png [2012/02/19 16:08:23 | 000,103,837 | ---- | M] () -- C:\Users\Greg\Documents\pie_0013.png [2012/02/19 16:08:14 | 000,101,038 | ---- | M] () -- C:\Users\Greg\Documents\pie_0012.png [2012/02/19 16:08:07 | 000,107,915 | ---- | M] () -- C:\Users\Greg\Documents\pie_0011.png [2012/02/19 16:08:02 | 000,110,078 | ---- | M] () -- C:\Users\Greg\Documents\pie_0010.png [2012/02/19 16:07:57 | 000,110,040 | ---- | M] () -- C:\Users\Greg\Documents\pie_0009.png [2012/02/19 16:07:54 | 000,109,523 | ---- | M] () -- C:\Users\Greg\Documents\pie_0008.png [2012/02/19 16:07:50 | 000,103,150 | ---- | M] () -- C:\Users\Greg\Documents\pie_0007.png [2012/02/19 16:07:47 | 000,108,528 | ---- | M] () -- C:\Users\Greg\Documents\pie_0006.png [2012/02/19 16:07:43 | 000,108,892 | ---- | M] () -- C:\Users\Greg\Documents\pie_0005.png [2012/02/19 16:07:40 | 000,105,881 | ---- | M] () -- C:\Users\Greg\Documents\pie_0004.png [2012/02/19 16:07:31 | 000,107,786 | ---- | M] () -- C:\Users\Greg\Documents\pie_0003.png [2012/02/19 16:07:28 | 000,108,363 | ---- | M] () -- C:\Users\Greg\Documents\pie_0002.png [2012/02/19 16:07:24 | 000,107,958 | ---- | M] () -- C:\Users\Greg\Documents\pie_0001.png [2012/02/19 16:03:42 | 000,096,431 | ---- | M] () -- C:\Users\Greg\Documents\new_0009.png [2012/02/19 16:03:39 | 000,099,249 | ---- | M] () -- C:\Users\Greg\Documents\new_0008.png [2012/02/19 16:03:36 | 000,106,068 | ---- | M] () -- C:\Users\Greg\Documents\new_0007.png [2012/02/19 16:03:34 | 000,107,887 | ---- | M] () -- C:\Users\Greg\Documents\new_0006.png [2012/02/19 16:03:30 | 000,106,751 | ---- | M] () -- C:\Users\Greg\Documents\new_0005.png [2012/02/19 16:02:35 | 000,111,516 | ---- | M] () -- C:\Users\Greg\Documents\new_0004.png [2012/02/19 16:02:32 | 000,111,533 | ---- | M] () -- C:\Users\Greg\Documents\new_0003.png [2012/02/19 16:02:29 | 000,110,691 | ---- | M] () -- C:\Users\Greg\Documents\new_0002.png [2012/02/19 16:02:24 | 000,110,186 | ---- | M] () -- C:\Users\Greg\Documents\new_0001.png [2012/02/19 16:01:03 | 000,090,436 | ---- | M] () -- C:\Users\Greg\Documents\lego_0023.png [2012/02/19 16:01:00 | 000,092,202 | ---- | M] () -- C:\Users\Greg\Documents\lego_0022.png [2012/02/19 16:00:56 | 000,101,738 | ---- | M] () -- C:\Users\Greg\Documents\lego_0021.png [2012/02/19 16:00:50 | 000,102,721 | ---- | M] () -- C:\Users\Greg\Documents\lego_0020.png [2012/02/19 16:00:47 | 000,112,654 | ---- | M] () -- C:\Users\Greg\Documents\lego_0019.png [2012/02/19 16:00:44 | 000,108,189 | ---- | M] () -- C:\Users\Greg\Documents\lego_0018.png [2012/02/19 16:00:40 | 000,108,299 | ---- | M] () -- C:\Users\Greg\Documents\lego_0017.png [2012/02/19 16:00:37 | 000,108,384 | ---- | M] () -- C:\Users\Greg\Documents\lego_0016.png [2012/02/19 16:00:20 | 000,108,778 | ---- | M] () -- C:\Users\Greg\Documents\lego_0015.png [2012/02/19 16:00:05 | 000,109,272 | ---- | M] () -- C:\Users\Greg\Documents\lego_0014.png [2012/02/19 15:59:37 | 000,106,698 | ---- | M] () -- C:\Users\Greg\Documents\lego_0013.png [2012/02/19 15:59:17 | 000,106,388 | ---- | M] () -- C:\Users\Greg\Documents\lego_0012.png [2012/02/19 15:59:15 | 000,106,393 | ---- | M] () -- C:\Users\Greg\Documents\lego_0011.png [2012/02/19 15:59:14 | 000,105,676 | ---- | M] () -- C:\Users\Greg\Documents\lego_0010.png [2012/02/19 15:59:12 | 000,104,960 | ---- | M] () -- C:\Users\Greg\Documents\lego_0009.png [2012/02/19 15:59:10 | 000,103,916 | ---- | M] () -- C:\Users\Greg\Documents\lego_0008.png [2012/02/19 15:59:08 | 000,103,950 | ---- | M] () -- C:\Users\Greg\Documents\lego_0007.png [2012/02/19 15:59:06 | 000,103,452 | ---- | M] () -- C:\Users\Greg\Documents\lego_0006.png [2012/02/19 15:59:03 | 000,102,236 | ---- | M] () -- C:\Users\Greg\Documents\lego_0005.png [2012/02/19 15:59:00 | 000,101,148 | ---- | M] () -- C:\Users\Greg\Documents\lego_0004.png [2012/02/19 15:58:57 | 000,100,220 | ---- | M] () -- C:\Users\Greg\Documents\lego_0003.png [2012/02/19 15:58:56 | 000,100,242 | ---- | M] () -- C:\Users\Greg\Documents\lego_0002.png [2012/02/19 15:58:51 | 000,095,497 | ---- | M] () -- C:\Users\Greg\Documents\lego_0001.png [2012/02/19 10:37:32 | 000,001,283 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk [2012/02/19 10:37:32 | 000,001,232 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk [2012/02/19 09:51:00 | 000,002,364 | ---- | M] () -- C:\Users\Public\Desktop\Creative Product Registration.lnk [2012/02/19 09:27:30 | 000,099,837 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0021.png [2012/02/19 09:27:28 | 000,106,621 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0020.png [2012/02/19 09:27:26 | 000,105,836 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0019.png [2012/02/19 09:27:24 | 000,101,609 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0018.png [2012/02/19 09:27:22 | 000,102,537 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0017.png [2012/02/19 09:27:20 | 000,101,915 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0016.png [2012/02/19 09:27:18 | 000,102,032 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0015.png [2012/02/19 09:27:17 | 000,098,202 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0014.png [2012/02/19 09:27:15 | 000,091,117 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0013.png [2012/02/19 09:27:13 | 000,087,259 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0012.png [2012/02/19 09:27:10 | 000,092,596 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0011.png [2012/02/19 09:27:05 | 000,097,443 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0010.png [2012/02/19 09:26:58 | 000,084,224 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0009.png [2012/02/19 09:26:51 | 000,083,620 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0008.png [2012/02/19 09:26:46 | 000,084,526 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0007.png [2012/02/19 09:26:41 | 000,089,887 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0006.png [2012/02/19 09:26:37 | 000,096,193 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0005.png [2012/02/19 09:26:31 | 000,105,211 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0004.png [2012/02/19 09:26:25 | 000,110,618 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0003.png [2012/02/19 09:26:17 | 000,109,130 | ---- | M] () -- C:\Users\Greg\Documents\Layer 1_0002.png [2012/02/17 17:14:37 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk [2012/02/17 02:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012/02/17 01:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/03/13 18:13:29 | 000,018,553 | ---- | C] () -- C:\Users\Greg\Desktop\vocab313scram.ods [2012/03/13 18:12:02 | 000,018,527 | ---- | C] () -- C:\Users\Greg\Desktop\vocab313.ods [2012/03/12 14:21:24 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/03/04 20:27:27 | 000,001,286 | ---- | C] () -- C:\Users\Public\Desktop\EASEUS Deleted File Recovery 3.0.1.lnk [2012/03/01 22:32:34 | 001,764,239 | ---- | C] () -- C:\Users\Greg\Desktop\Getting Hyped Up For the ISTEP test!!.wmv [2012/02/29 20:20:32 | 000,024,642 | ---- | C] () -- C:\Users\Greg\Desktop\vocab.ods [2012/02/26 15:49:03 | 000,019,266 | ---- | C] () -- C:\Users\Greg\Documents\Welcome to LearningExpress Library!.pdf [2012/02/22 20:53:47 | 000,002,118 | ---- | C] () -- C:\Users\Greg\Application Data\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk [2012/02/22 20:53:47 | 000,002,094 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube Downloader.lnk [2012/02/19 22:50:19 | 000,000,419 | ---- | C] () -- C:\Users\Greg\Desktop\Untitled.xps [2012/02/19 22:47:15 | 000,123,576 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0063.png [2012/02/19 22:47:12 | 000,123,088 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0062.png [2012/02/19 22:47:08 | 000,123,238 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0061.png [2012/02/19 22:47:05 | 000,122,172 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0060.png [2012/02/19 22:47:02 | 000,121,341 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0059.png [2012/02/19 22:46:59 | 000,121,924 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0058.png [2012/02/19 22:46:55 | 000,120,643 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0057.png [2012/02/19 22:46:50 | 000,120,803 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0056.png [2012/02/19 22:46:46 | 000,120,887 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0055.png [2012/02/19 22:46:41 | 000,118,531 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0054.png [2012/02/19 22:46:34 | 000,117,285 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0053.png [2012/02/19 22:46:25 | 000,119,873 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0052.png [2012/02/19 22:46:18 | 000,115,340 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0051.png [2012/02/19 22:46:12 | 000,115,397 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0050.png [2012/02/19 22:46:08 | 000,113,334 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0049.png [2012/02/19 22:46:04 | 000,117,373 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0048.png [2012/02/19 22:45:57 | 000,114,328 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0047.png [2012/02/19 22:45:47 | 000,114,243 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0046.png [2012/02/19 22:45:43 | 000,117,435 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0045.png [2012/02/19 22:45:39 | 000,119,974 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0044.png [2012/02/19 22:45:34 | 000,121,124 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0043.png [2012/02/19 22:45:27 | 000,120,179 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0042.png [2012/02/19 22:45:14 | 000,120,669 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0041.png [2012/02/19 22:45:09 | 000,120,584 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0040.png [2012/02/19 22:45:03 | 000,120,547 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0039.png [2012/02/19 22:44:58 | 000,120,225 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0038.png [2012/02/19 22:44:53 | 000,119,691 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0037.png [2012/02/19 22:44:43 | 000,120,013 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0036.png [2012/02/19 22:44:28 | 000,120,095 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0035.png [2012/02/19 22:44:22 | 000,119,881 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0034.png [2012/02/19 22:44:19 | 000,120,421 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0033.png [2012/02/19 22:44:16 | 000,120,271 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0032.png [2012/02/19 22:44:11 | 000,117,788 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0031.png [2012/02/19 22:44:08 | 000,115,653 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0030.png [2012/02/19 22:44:05 | 000,114,644 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0029.png [2012/02/19 22:43:57 | 000,118,693 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0028.png [2012/02/19 22:43:50 | 000,119,241 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0027.png [2012/02/19 22:43:41 | 000,114,463 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0026.png [2012/02/19 22:43:36 | 000,117,257 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0025.png [2012/02/19 22:43:31 | 000,116,135 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0024.png [2012/02/19 22:43:28 | 000,112,128 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0023.png [2012/02/19 22:43:23 | 000,114,626 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0022.png [2012/02/19 22:43:20 | 000,114,764 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0021.png [2012/02/19 22:43:15 | 000,108,597 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0020.png [2012/02/19 22:43:10 | 000,111,869 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0019.png [2012/02/19 22:43:05 | 000,111,019 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0018.png [2012/02/19 22:43:01 | 000,111,825 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0017.png [2012/02/19 22:42:49 | 000,118,239 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0016.png [2012/02/19 22:42:45 | 000,116,256 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0015.png [2012/02/19 22:42:41 | 000,116,727 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0014.png [2012/02/19 22:42:36 | 000,119,545 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0013.png [2012/02/19 22:42:31 | 000,120,043 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0012.png [2012/02/19 22:42:19 | 000,119,426 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0011.png [2012/02/19 22:42:16 | 000,118,826 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0010.png [2012/02/19 22:42:09 | 000,117,444 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0009.png [2012/02/19 22:42:04 | 000,119,355 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0008.png [2012/02/19 22:41:56 | 000,117,212 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0007.png [2012/02/19 22:41:50 | 000,123,625 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0006.png [2012/02/19 22:41:41 | 000,123,217 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0005.png [2012/02/19 22:41:35 | 000,117,707 | ---- | C] () -- C:\Users\Greg\Documents\ppok_0004.png [2012/02/19 22:40:06 | 000,121,944 | ---- | C] () -- C:\Users\Greg\Documents\tackel_0003.png [2012/02/19 22:40:02 | 000,111,045 | ---- | C] () -- C:\Users\Greg\Documents\tackel_0002.png [2012/02/19 22:39:56 | 000,115,345 | ---- | C] () -- C:\Users\Greg\Documents\tackel_0001.png [2012/02/19 22:38:43 | 000,109,482 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0012.png [2012/02/19 22:38:41 | 000,107,567 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0011.png [2012/02/19 22:38:37 | 000,109,410 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0010.png [2012/02/19 22:38:25 | 000,116,114 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0009.png [2012/02/19 22:38:16 | 000,110,538 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0008.png [2012/02/19 22:38:09 | 000,106,419 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0007.png [2012/02/19 22:37:30 | 000,112,061 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0006.png [2012/02/19 22:37:06 | 000,106,870 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0005.png [2012/02/19 22:36:57 | 000,109,549 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0004.png [2012/02/19 22:36:53 | 000,115,344 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0003.png [2012/02/19 22:36:48 | 000,115,641 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0002.png [2012/02/19 22:36:37 | 000,111,852 | ---- | C] () -- C:\Users\Greg\Documents\wwwuki_0001.png [2012/02/19 16:31:08 | 000,097,458 | ---- | C] () -- C:\Users\Greg\Documents\legoz_0009.png [2012/02/19 16:31:06 | 000,097,729 | ---- | C] () -- C:\Users\Greg\Documents\legoz_0008.png [2012/02/19 16:31:02 | 000,096,763 | ---- | C] () -- C:\Users\Greg\Documents\legoz_0007.png [2012/02/19 16:31:00 | 000,098,649 | ---- | C] () -- C:\Users\Greg\Documents\legoz_0006.png [2012/02/19 16:30:54 | 000,096,218 | ---- | C] () -- C:\Users\Greg\Documents\legoz_0005.png [2012/02/19 16:30:47 | 000,091,655 | ---- | C] () -- C:\Users\Greg\Documents\legoz_0004.png [2012/02/19 16:30:42 | 000,090,612 | ---- | C] () -- C:\Users\Greg\Documents\legoz_0003.png [2012/02/19 16:30:37 | 000,091,397 | ---- | C] () -- C:\Users\Greg\Documents\legoz_0002.png [2012/02/19 16:30:29 | 000,094,354 | ---- | C] () -- C:\Users\Greg\Documents\legoz_0001.png [2012/02/19 16:17:20 | 000,109,006 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0040.png [2012/02/19 16:17:17 | 000,107,451 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0039.png [2012/02/19 16:17:15 | 000,110,257 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0038.png [2012/02/19 16:17:13 | 000,110,304 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0037.png [2012/02/19 16:17:10 | 000,110,681 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0036.png [2012/02/19 16:17:08 | 000,107,327 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0035.png [2012/02/19 16:17:05 | 000,108,722 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0034.png [2012/02/19 16:16:54 | 000,110,087 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0033.png [2012/02/19 16:16:51 | 000,105,795 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0032.png [2012/02/19 16:16:47 | 000,105,649 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0031.png [2012/02/19 16:16:44 | 000,114,791 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0030.png [2012/02/19 16:16:41 | 000,099,766 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0029.png [2012/02/19 16:16:39 | 000,118,208 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0028.png [2012/02/19 16:16:35 | 000,113,937 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0027.png [2012/02/19 16:16:24 | 000,107,667 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0026.png [2012/02/19 16:16:19 | 000,109,458 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0025.png [2012/02/19 16:16:15 | 000,114,730 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0024.png [2012/02/19 16:15:51 | 000,112,246 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0023.png [2012/02/19 16:15:47 | 000,108,393 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0022.png [2012/02/19 16:15:40 | 000,112,890 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0021.png [2012/02/19 16:15:36 | 000,114,941 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0020.png [2012/02/19 16:15:34 | 000,114,012 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0019.png [2012/02/19 16:15:32 | 000,111,332 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0018.png [2012/02/19 16:15:27 | 000,113,117 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0017.png [2012/02/19 16:15:25 | 000,112,782 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0016.png [2012/02/19 16:15:23 | 000,112,482 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0015.png [2012/02/19 16:15:21 | 000,112,051 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0014.png [2012/02/19 16:15:19 | 000,111,943 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0013.png [2012/02/19 16:15:16 | 000,110,106 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0012.png [2012/02/19 16:15:14 | 000,111,817 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0011.png [2012/02/19 16:15:10 | 000,109,628 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0010.png [2012/02/19 16:15:08 | 000,109,737 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0009.png [2012/02/19 16:15:05 | 000,114,863 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0008.png [2012/02/19 16:14:59 | 000,114,731 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0007.png [2012/02/19 16:14:53 | 000,114,280 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0006.png [2012/02/19 16:14:48 | 000,117,288 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0005.png [2012/02/19 16:14:45 | 000,118,336 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0004.png [2012/02/19 16:14:40 | 000,119,242 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0003.png [2012/02/19 16:14:37 | 000,119,957 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0002.png [2012/02/19 16:14:04 | 000,116,458 | ---- | C] () -- C:\Users\Greg\Documents\workshops_0001.png [2012/02/19 16:10:15 | 000,104,719 | ---- | C] () -- C:\Users\Greg\Documents\pie_0039.png [2012/02/19 16:10:12 | 000,110,553 | ---- | C] () -- C:\Users\Greg\Documents\pie_0038.png [2012/02/19 16:10:09 | 000,109,344 | ---- | C] () -- C:\Users\Greg\Documents\pie_0037.png [2012/02/19 16:10:02 | 000,098,409 | ---- | C] () -- C:\Users\Greg\Documents\pie_0036.png [2012/02/19 16:09:58 | 000,100,020 | ---- | C] () -- C:\Users\Greg\Documents\pie_0035.png [2012/02/19 16:09:54 | 000,105,058 | ---- | C] () -- C:\Users\Greg\Documents\pie_0034.png [2012/02/19 16:09:38 | 000,092,386 | ---- | C] () -- C:\Users\Greg\Documents\pie_0033.png [2012/02/19 16:09:32 | 000,105,938 | ---- | C] () -- C:\Users\Greg\Documents\pie_0032.png [2012/02/19 16:09:18 | 000,105,076 | ---- | C] () -- C:\Users\Greg\Documents\pie_0031.png [2012/02/19 16:09:08 | 000,103,492 | ---- | C] () -- C:\Users\Greg\Documents\pie_0030.png [2012/02/19 16:09:06 | 000,103,743 | ---- | C] () -- C:\Users\Greg\Documents\pie_0029.png [2012/02/19 16:09:03 | 000,105,145 | ---- | C] () -- C:\Users\Greg\Documents\pie_0028.png [2012/02/19 16:09:01 | 000,104,383 | ---- | C] () -- C:\Users\Greg\Documents\pie_0027.png [2012/02/19 16:08:56 | 000,105,159 | ---- | C] () -- C:\Users\Greg\Documents\pie_0026.png [2012/02/19 16:08:54 | 000,103,804 | ---- | C] () -- C:\Users\Greg\Documents\pie_0025.png [2012/02/19 16:08:52 | 000,105,909 | ---- | C] () -- C:\Users\Greg\Documents\pie_0024.png [2012/02/19 16:08:49 | 000,106,008 | ---- | C] () -- C:\Users\Greg\Documents\pie_0023.png [2012/02/19 16:08:47 | 000,104,799 | ---- | C] () -- C:\Users\Greg\Documents\pie_0022.png [2012/02/19 16:08:44 | 000,105,015 | ---- | C] () -- C:\Users\Greg\Documents\pie_0021.png [2012/02/19 16:08:42 | 000,104,835 | ---- | C] () -- C:\Users\Greg\Documents\pie_0020.png [2012/02/19 16:08:39 | 000,105,776 | ---- | C] () -- C:\Users\Greg\Documents\pie_0019.png [2012/02/19 16:08:37 | 000,105,974 | ---- | C] () -- C:\Users\Greg\Documents\pie_0018.png [2012/02/19 16:08:35 | 000,104,394 | ---- | C] () -- C:\Users\Greg\Documents\pie_0017.png [2012/02/19 16:08:32 | 000,103,732 | ---- | C] () -- C:\Users\Greg\Documents\pie_0016.png [2012/02/19 16:08:29 | 000,104,847 | ---- | C] () -- C:\Users\Greg\Documents\pie_0015.png [2012/02/19 16:08:26 | 000,105,111 | ---- | C] () -- C:\Users\Greg\Documents\pie_0014.png [2012/02/19 16:08:22 | 000,103,837 | ---- | C] () -- C:\Users\Greg\Documents\pie_0013.png [2012/02/19 16:08:14 | 000,101,038 | ---- | C] () -- C:\Users\Greg\Documents\pie_0012.png [2012/02/19 16:08:07 | 000,107,915 | ---- | C] () -- C:\Users\Greg\Documents\pie_0011.png [2012/02/19 16:08:02 | 000,110,078 | ---- | C] () -- C:\Users\Greg\Documents\pie_0010.png [2012/02/19 16:07:57 | 000,110,040 | ---- | C] () -- C:\Users\Greg\Documents\pie_0009.png [2012/02/19 16:07:54 | 000,109,523 | ---- | C] () -- C:\Users\Greg\Documents\pie_0008.png [2012/02/19 16:07:50 | 000,103,150 | ---- | C] () -- C:\Users\Greg\Documents\pie_0007.png [2012/02/19 16:07:47 | 000,108,528 | ---- | C] () -- C:\Users\Greg\Documents\pie_0006.png [2012/02/19 16:07:43 | 000,108,892 | ---- | C] () -- C:\Users\Greg\Documents\pie_0005.png [2012/02/19 16:07:40 | 000,105,881 | ---- | C] () -- C:\Users\Greg\Documents\pie_0004.png [2012/02/19 16:07:31 | 000,107,786 | ---- | C] () -- C:\Users\Greg\Documents\pie_0003.png [2012/02/19 16:07:28 | 000,108,363 | ---- | C] () -- C:\Users\Greg\Documents\pie_0002.png [2012/02/19 16:07:24 | 000,107,958 | ---- | C] () -- C:\Users\Greg\Documents\pie_0001.png [2012/02/19 16:03:42 | 000,096,431 | ---- | C] () -- C:\Users\Greg\Documents\new_0009.png [2012/02/19 16:03:39 | 000,099,249 | ---- | C] () -- C:\Users\Greg\Documents\new_0008.png [2012/02/19 16:03:36 | 000,106,068 | ---- | C] () -- C:\Users\Greg\Documents\new_0007.png [2012/02/19 16:03:34 | 000,107,887 | ---- | C] () -- C:\Users\Greg\Documents\new_0006.png [2012/02/19 16:03:29 | 000,106,751 | ---- | C] () -- C:\Users\Greg\Documents\new_0005.png [2012/02/19 16:02:35 | 000,111,516 | ---- | C] () -- C:\Users\Greg\Documents\new_0004.png [2012/02/19 16:02:32 | 000,111,533 | ---- | C] () -- C:\Users\Greg\Documents\new_0003.png [2012/02/19 16:02:29 | 000,110,691 | ---- | C] () -- C:\Users\Greg\Documents\new_0002.png [2012/02/19 16:02:24 | 000,110,186 | ---- | C] () -- C:\Users\Greg\Documents\new_0001.png [2012/02/19 16:01:03 | 000,090,436 | ---- | C] () -- C:\Users\Greg\Documents\lego_0023.png [2012/02/19 16:01:00 | 000,092,202 | ---- | C] () -- C:\Users\Greg\Documents\lego_0022.png [2012/02/19 16:00:56 | 000,101,738 | ---- | C] () -- C:\Users\Greg\Documents\lego_0021.png [2012/02/19 16:00:50 | 000,102,721 | ---- | C] () -- C:\Users\Greg\Documents\lego_0020.png [2012/02/19 16:00:47 | 000,112,654 | ---- | C] () -- C:\Users\Greg\Documents\lego_0019.png [2012/02/19 16:00:44 | 000,108,189 | ---- | C] () -- C:\Users\Greg\Documents\lego_0018.png [2012/02/19 16:00:40 | 000,108,299 | ---- | C] () -- C:\Users\Greg\Documents\lego_0017.png [2012/02/19 16:00:37 | 000,108,384 | ---- | C] () -- C:\Users\Greg\Documents\lego_0016.png [2012/02/19 16:00:20 | 000,108,778 | ---- | C] () -- C:\Users\Greg\Documents\lego_0015.png [2012/02/19 16:00:05 | 000,109,272 | ---- | C] () -- C:\Users\Greg\Documents\lego_0014.png [2012/02/19 15:59:37 | 000,106,698 | ---- | C] () -- C:\Users\Greg\Documents\lego_0013.png [2012/02/19 15:59:17 | 000,106,388 | ---- | C] () -- C:\Users\Greg\Documents\lego_0012.png [2012/02/19 15:59:15 | 000,106,393 | ---- | C] () -- C:\Users\Greg\Documents\lego_0011.png [2012/02/19 15:59:14 | 000,105,676 | ---- | C] () -- C:\Users\Greg\Documents\lego_0010.png [2012/02/19 15:59:12 | 000,104,960 | ---- | C] () -- C:\Users\Greg\Documents\lego_0009.png [2012/02/19 15:59:10 | 000,103,916 | ---- | C] () -- C:\Users\Greg\Documents\lego_0008.png [2012/02/19 15:59:08 | 000,103,950 | ---- | C] () -- C:\Users\Greg\Documents\lego_0007.png [2012/02/19 15:59:06 | 000,103,452 | ---- | C] () -- C:\Users\Greg\Documents\lego_0006.png [2012/02/19 15:59:02 | 000,102,236 | ---- | C] () -- C:\Users\Greg\Documents\lego_0005.png [2012/02/19 15:59:00 | 000,101,148 | ---- | C] () -- C:\Users\Greg\Documents\lego_0004.png [2012/02/19 15:58:56 | 000,100,242 | ---- | C] () -- C:\Users\Greg\Documents\lego_0002.png [2012/02/19 15:58:56 | 000,100,220 | ---- | C] () -- C:\Users\Greg\Documents\lego_0003.png [2012/02/19 15:58:51 | 000,095,497 | ---- | C] () -- C:\Users\Greg\Documents\lego_0001.png [2012/02/19 10:37:32 | 000,001,283 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk [2012/02/19 10:37:32 | 000,001,232 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk [2012/02/19 09:51:00 | 000,002,364 | ---- | C] () -- C:\Users\Public\Desktop\Creative Product Registration.lnk [2012/02/19 09:50:51 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd [2012/02/19 09:50:23 | 000,057,656 | ---- | C] () -- C:\Windows\SysNative\drivers\V0415PC.bmp [2012/02/19 09:50:23 | 000,004,371 | ---- | C] () -- C:\Windows\VF0415.uns [2012/02/19 09:49:58 | 000,024,995 | ---- | C] () -- C:\Windows\SysNative\drivers\FilterPC.jpg [2012/02/19 09:49:57 | 000,057,656 | ---- | C] () -- C:\Windows\SysNative\drivers\FilterPC.bmp [2012/02/19 09:27:30 | 000,099,837 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0021.png [2012/02/19 09:27:28 | 000,106,621 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0020.png [2012/02/19 09:27:26 | 000,105,836 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0019.png [2012/02/19 09:27:24 | 000,101,609 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0018.png [2012/02/19 09:27:22 | 000,102,537 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0017.png [2012/02/19 09:27:20 | 000,101,915 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0016.png [2012/02/19 09:27:18 | 000,102,032 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0015.png [2012/02/19 09:27:17 | 000,098,202 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0014.png [2012/02/19 09:27:15 | 000,091,117 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0013.png [2012/02/19 09:27:13 | 000,087,259 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0012.png [2012/02/19 09:27:10 | 000,092,596 | ---- | C] () -- C:\Users\Greg\Documents\Layer 1_0011.png [2012/02/17 17:14:37 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\calibre - E-book management.lnk [2012/02/13 16:08:56 | 000,490,752 | ---- | C] () -- C:\Windows\SysWow64\UninstallWebsiteBlocking.exe [2012/02/12 16:56:15 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012/02/11 19:49:47 | 000,000,061 | ---- | C] () -- C:\Windows\TaxACT11.ini [2011/09/28 19:04:29 | 000,003,584 | ---- | C] () -- C:\Users\Greg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/02/06 09:24:24 | 000,000,061 | ---- | C] () -- C:\Windows\TaxACT10.ini [2010/07/08 22:35:51 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll [2010/07/08 22:35:51 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini [2010/05/17 13:57:40 | 000,000,073 | ---- | C] () -- C:\Windows\cdplayer.ini [2010/05/17 13:55:17 | 000,001,150 | ---- | C] () -- C:\ProgramData\ss.ini | actions · 2012-Mar-16 11:20 pm · (locked) | lilhurricane |
to homergreg
If you could also download and run TDSS Killer (#4), posting the log in your next reply We'll need the entire log, even if you 'think/see' nothing detected. » Security Cleanup FAQ » Rootkit Detection Applications | actions · 2012-Mar-16 11:21 pm · (locked) | |
I ran TDSS killer, and it says no trouble found. I'm trying to copy/paste the report, but I get no right click menu when I right click. Thanks again for your help!! | actions · 2012-Mar-16 11:33 pm · (locked) | homergreg
1 recommendation |
Control C worked, should have thought about that before posting.
23:27:44.0895 4728 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43 23:27:45.0235 4728 ============================================================ 23:27:45.0235 4728 Current date / time: 2012/03/16 23:27:45.0235 23:27:45.0235 4728 SystemInfo: 23:27:45.0235 4728 23:27:45.0237 4728 OS Version: 6.1.7601 ServicePack: 1.0 23:27:45.0237 4728 Product type: Workstation 23:27:45.0238 4728 ComputerName: GREG-PC 23:27:45.0238 4728 UserName: Greg 23:27:45.0238 4728 Windows directory: C:\Windows 23:27:45.0238 4728 System windows directory: C:\Windows 23:27:45.0238 4728 Running under WOW64 23:27:45.0238 4728 Processor architecture: Intel x64 23:27:45.0238 4728 Number of processors: 2 23:27:45.0238 4728 Page size: 0x1000 23:27:45.0238 4728 Boot type: Normal boot 23:27:45.0238 4728 ============================================================ 23:27:46.0718 4728 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:27:46.0729 4728 Drive \Device\Harddisk1\DR1 - Size: 0x1F400000 (0.49 Gb), SectorSize: 0x200, Cylinders: 0x3F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 23:27:46.0812 4728 \Device\Harddisk0\DR0: 23:27:46.0812 4728 MBR used 23:27:46.0812 4728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000 23:27:46.0812 4728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0 23:27:46.0812 4728 \Device\Harddisk1\DR1: 23:27:46.0813 4728 MBR used 23:27:46.0813 4728 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x6, StartLBA 0x35, BlocksNum 0xF9C4B 23:27:46.0852 4728 Initialize success 23:27:46.0852 4728 ============================================================ 23:27:49.0062 4672 ============================================================ 23:27:49.0062 4672 Scan started 23:27:49.0062 4672 Mode: Manual; 23:27:49.0062 4672 ============================================================ 23:27:49.0495 4672 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 23:27:49.0498 4672 1394ohci - ok 23:27:49.0560 4672 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 23:27:49.0563 4672 ACPI - ok 23:27:49.0607 4672 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 23:27:49.0608 4672 AcpiPmi - ok 23:27:49.0653 4672 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 23:27:49.0656 4672 adp94xx - ok 23:27:49.0681 4672 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 23:27:49.0684 4672 adpahci - ok 23:27:49.0706 4672 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 23:27:49.0707 4672 adpu320 - ok 23:27:49.0772 4672 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 23:27:49.0777 4672 AFD - ok 23:27:49.0828 4672 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 23:27:49.0829 4672 agp440 - ok 23:27:49.0856 4672 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 23:27:49.0857 4672 aliide - ok 23:27:49.0876 4672 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 23:27:49.0877 4672 amdide - ok 23:27:49.0908 4672 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 23:27:49.0909 4672 AmdK8 - ok 23:27:49.0922 4672 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 23:27:49.0923 4672 AmdPPM - ok 23:27:49.0971 4672 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 23:27:49.0972 4672 amdsata - ok 23:27:50.0009 4672 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 23:27:50.0011 4672 amdsbs - ok 23:27:50.0037 4672 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 23:27:50.0038 4672 amdxata - ok 23:27:50.0079 4672 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys 23:27:50.0080 4672 androidusb - ok 23:27:50.0126 4672 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 23:27:50.0127 4672 AppID - ok 23:27:50.0162 4672 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 23:27:50.0164 4672 arc - ok 23:27:50.0193 4672 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 23:27:50.0194 4672 arcsas - ok 23:27:50.0216 4672 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 23:27:50.0217 4672 AsyncMac - ok 23:27:50.0268 4672 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 23:27:50.0268 4672 atapi - ok 23:27:50.0316 4672 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 23:27:50.0322 4672 b06bdrv - ok 23:27:50.0356 4672 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 23:27:50.0359 4672 b57nd60a - ok 23:27:50.0423 4672 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys 23:27:50.0433 4672 BCM43XX - ok 23:27:50.0458 4672 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 23:27:50.0459 4672 Beep - ok 23:27:50.0504 4672 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 23:27:50.0504 4672 blbdrive - ok 23:27:50.0556 4672 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 23:27:50.0558 4672 bowser - ok 23:27:50.0582 4672 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:27:50.0583 4672 BrFiltLo - ok 23:27:50.0595 4672 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:27:50.0596 4672 BrFiltUp - ok 23:27:50.0629 4672 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 23:27:50.0633 4672 Brserid - ok 23:27:50.0652 4672 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 23:27:50.0654 4672 BrSerWdm - ok 23:27:50.0668 4672 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 23:27:50.0669 4672 BrUsbMdm - ok 23:27:50.0684 4672 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 23:27:50.0685 4672 BrUsbSer - ok 23:27:50.0700 4672 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 23:27:50.0701 4672 BTHMODEM - ok 23:27:50.0744 4672 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys 23:27:50.0747 4672 CAXHWAZL - ok 23:27:50.0764 4672 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 23:27:50.0765 4672 cdfs - ok 23:27:50.0815 4672 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 23:27:50.0817 4672 cdrom - ok 23:27:50.0853 4672 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 23:27:50.0854 4672 circlass - ok 23:27:50.0903 4672 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 23:27:50.0907 4672 CLFS - ok 23:27:50.0942 4672 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 23:27:50.0943 4672 CmBatt - ok 23:27:50.0976 4672 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 23:27:50.0976 4672 cmdide - ok 23:27:51.0042 4672 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 23:27:51.0047 4672 CNG - ok 23:27:51.0094 4672 CnxtHdAudService (20f3f8674d7dee5d90a352b775d5d5ba) C:\Windows\system32\drivers\CHDRT64.sys 23:27:51.0101 4672 CnxtHdAudService - ok 23:27:51.0129 4672 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 23:27:51.0129 4672 Compbatt - ok 23:27:51.0177 4672 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 23:27:51.0178 4672 CompositeBus - ok 23:27:51.0210 4672 cpuz132 (c9c25778efe890baa4087e32937016a0) C:\Windows\system32\drivers\cpuz132_x64.sys 23:27:51.0210 4672 cpuz132 - ok 23:27:51.0230 4672 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 23:27:51.0231 4672 crcdisk - ok 23:27:51.0317 4672 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys 23:27:51.0320 4672 CtClsFlt - ok 23:27:51.0393 4672 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 23:27:51.0394 4672 DfsC - ok 23:27:51.0422 4672 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 23:27:51.0424 4672 discache - ok 23:27:51.0445 4672 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 23:27:51.0447 4672 Disk - ok 23:27:51.0453 4672 DKbFltr - ok 23:27:51.0496 4672 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 23:27:51.0496 4672 drmkaud - ok 23:27:51.0562 4672 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 23:27:51.0568 4672 DXGKrnl - ok 23:27:51.0668 4672 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 23:27:51.0695 4672 ebdrv - ok 23:27:51.0730 4672 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 23:27:51.0733 4672 elxstor - ok 23:27:51.0780 4672 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 23:27:51.0781 4672 ErrDev - ok 23:27:51.0809 4672 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 23:27:51.0811 4672 exfat - ok 23:27:51.0837 4672 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 23:27:51.0838 4672 fastfat - ok 23:27:51.0863 4672 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 23:27:51.0864 4672 fdc - ok 23:27:51.0898 4672 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 23:27:51.0899 4672 FileInfo - ok 23:27:51.0912 4672 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 23:27:51.0914 4672 Filetrace - ok 23:27:51.0942 4672 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 23:27:51.0943 4672 flpydisk - ok 23:27:51.0995 4672 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 23:27:51.0998 4672 FltMgr - ok 23:27:52.0030 4672 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 23:27:52.0031 4672 FsDepends - ok 23:27:52.0054 4672 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 23:27:52.0055 4672 Fs_Rec - ok 23:27:52.0101 4672 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 23:27:52.0102 4672 fvevol - ok 23:27:52.0124 4672 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 23:27:52.0125 4672 gagp30kx - ok 23:27:52.0191 4672 hcmon (b93b24f258441820e575c7983ba47313) C:\Windows\system32\drivers\hcmon.sys 23:27:52.0192 4672 hcmon - ok 23:27:52.0215 4672 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 23:27:52.0216 4672 hcw85cir - ok 23:27:52.0276 4672 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 23:27:52.0278 4672 HdAudAddService - ok 23:27:52.0306 4672 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 23:27:52.0307 4672 HDAudBus - ok 23:27:52.0330 4672 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 23:27:52.0331 4672 HidBatt - ok 23:27:52.0348 4672 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 23:27:52.0349 4672 HidBth - ok 23:27:52.0362 4672 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 23:27:52.0363 4672 HidIr - ok 23:27:52.0390 4672 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 23:27:52.0391 4672 HidUsb - ok 23:27:52.0421 4672 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 23:27:52.0422 4672 HpSAMD - ok 23:27:52.0486 4672 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys 23:27:52.0495 4672 HSF_DPV - ok 23:27:52.0558 4672 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 23:27:52.0563 4672 HTTP - ok 23:27:52.0602 4672 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 23:27:52.0603 4672 hwpolicy - ok 23:27:52.0626 4672 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 23:27:52.0628 4672 i8042prt - ok 23:27:52.0670 4672 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys 23:27:52.0673 4672 iaStor - ok 23:27:52.0716 4672 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 23:27:52.0719 4672 iaStorV - ok 23:27:52.0964 4672 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys 23:27:53.0009 4672 igfx - ok 23:27:53.0048 4672 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 23:27:53.0049 4672 iirsp - ok 23:27:53.0090 4672 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys 23:27:53.0091 4672 IntcHdmiAddService - ok 23:27:53.0132 4672 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 23:27:53.0133 4672 intelide - ok 23:27:53.0157 4672 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 23:27:53.0159 4672 intelppm - ok 23:27:53.0209 4672 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:27:53.0210 4672 IpFilterDriver - ok 23:27:53.0256 4672 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 23:27:53.0258 4672 IPMIDRV - ok 23:27:53.0291 4672 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 23:27:53.0292 4672 IPNAT - ok 23:27:53.0313 4672 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 23:27:53.0314 4672 IRENUM - ok 23:27:53.0341 4672 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 23:27:53.0341 4672 isapnp - ok 23:27:53.0399 4672 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 23:27:53.0402 4672 iScsiPrt - ok 23:27:53.0448 4672 JLTECH0227 (cd91d1bd200d9f39682a08e987f0dbe2) C:\Windows\system32\Drivers\jl2005c.sys 23:27:53.0449 4672 JLTECH0227 - ok 23:27:53.0498 4672 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys 23:27:53.0502 4672 k57nd60a - ok 23:27:53.0522 4672 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 23:27:53.0523 4672 kbdclass - ok 23:27:53.0567 4672 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 23:27:53.0568 4672 kbdhid - ok 23:27:53.0628 4672 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 23:27:53.0629 4672 KSecDD - ok 23:27:53.0646 4672 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 23:27:53.0647 4672 KSecPkg - ok 23:27:53.0678 4672 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 23:27:53.0679 4672 ksthunk - ok 23:27:53.0702 4672 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys 23:27:53.0703 4672 L1E - ok 23:27:53.0731 4672 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 23:27:53.0732 4672 lltdio - ok 23:27:53.0767 4672 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 23:27:53.0768 4672 LSI_FC - ok 23:27:53.0780 4672 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 23:27:53.0782 4672 LSI_SAS - ok 23:27:53.0801 4672 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:27:53.0802 4672 LSI_SAS2 - ok 23:27:53.0814 4672 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:27:53.0815 4672 LSI_SCSI - ok 23:27:53.0838 4672 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 23:27:53.0839 4672 luafv - ok 23:27:53.0877 4672 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys 23:27:53.0877 4672 mdmxsdk - ok 23:27:53.0897 4672 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 23:27:53.0898 4672 megasas - ok 23:27:53.0918 4672 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 23:27:53.0920 4672 MegaSR - ok 23:27:53.0950 4672 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 23:27:53.0951 4672 Modem - ok 23:27:53.0962 4672 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 23:27:53.0963 4672 monitor - ok 23:27:54.0021 4672 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 23:27:54.0023 4672 mouclass - ok 23:27:54.0042 4672 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 23:27:54.0043 4672 mouhid - ok 23:27:54.0100 4672 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 23:27:54.0101 4672 mountmgr - ok 23:27:54.0157 4672 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys 23:27:54.0160 4672 MpFilter - ok 23:27:54.0218 4672 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 23:27:54.0220 4672 mpio - ok 23:27:54.0250 4672 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys 23:27:54.0250 4672 MpNWMon - ok 23:27:54.0272 4672 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 23:27:54.0273 4672 mpsdrv - ok 23:27:54.0385 4672 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS 23:27:54.0386 4672 MREMP50 - ok 23:27:54.0452 4672 MREMP50a64 - ok 23:27:54.0462 4672 MREMPR5 - ok 23:27:54.0474 4672 MRENDIS5 - ok 23:27:54.0493 4672 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS 23:27:54.0494 4672 MRESP50 - ok 23:27:54.0499 4672 MRESP50a64 - ok 23:27:54.0609 4672 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 23:27:54.0610 4672 MRxDAV - ok 23:27:54.0676 4672 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:27:54.0678 4672 mrxsmb - ok 23:27:54.0738 4672 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:27:54.0741 4672 mrxsmb10 - ok 23:27:54.0792 4672 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:27:54.0794 4672 mrxsmb20 - ok 23:27:54.0843 4672 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 23:27:54.0844 4672 msahci - ok 23:27:54.0893 4672 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 23:27:54.0895 4672 msdsm - ok 23:27:54.0944 4672 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 23:27:54.0945 4672 Msfs - ok 23:27:54.0964 4672 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 23:27:54.0965 4672 mshidkmdf - ok 23:27:54.0978 4672 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 23:27:54.0979 4672 msisadrv - ok 23:27:55.0005 4672 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 23:27:55.0005 4672 MSKSSRV - ok 23:27:55.0035 4672 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 23:27:55.0035 4672 MSPCLOCK - ok 23:27:55.0047 4672 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 23:27:55.0047 4672 MSPQM - ok 23:27:55.0099 4672 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 23:27:55.0102 4672 MsRPC - ok 23:27:55.0130 4672 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 23:27:55.0131 4672 mssmbios - ok 23:27:55.0156 4672 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 23:27:55.0156 4672 MSTEE - ok 23:27:55.0182 4672 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 23:27:55.0182 4672 MTConfig - ok 23:27:55.0208 4672 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 23:27:55.0209 4672 Mup - ok 23:27:55.0241 4672 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 23:27:55.0243 4672 NativeWifiP - ok 23:27:55.0311 4672 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 23:27:55.0320 4672 NDIS - ok 23:27:55.0346 4672 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 23:27:55.0347 4672 NdisCap - ok 23:27:55.0371 4672 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 23:27:55.0372 4672 NdisTapi - ok 23:27:55.0423 4672 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 23:27:55.0424 4672 Ndisuio - ok 23:27:55.0481 4672 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 23:27:55.0483 4672 NdisWan - ok 23:27:55.0531 4672 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 23:27:55.0533 4672 NDProxy - ok 23:27:55.0560 4672 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 23:27:55.0561 4672 NetBIOS - ok 23:27:55.0618 4672 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 23:27:55.0621 4672 NetBT - ok 23:27:55.0694 4672 netr28x (d66596db0a0739a89c25b590ce36d628) C:\Windows\system32\DRIVERS\netr28x.sys 23:27:55.0699 4672 netr28x - ok 23:27:55.0865 4672 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 23:27:55.0898 4672 netw5v64 - ok 23:27:55.0931 4672 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 23:27:55.0932 4672 nfrd960 - ok 23:27:55.0981 4672 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 23:27:55.0982 4672 NisDrv - ok 23:27:56.0014 4672 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 23:27:56.0015 4672 Npfs - ok 23:27:56.0036 4672 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 23:27:56.0037 4672 nsiproxy - ok 23:27:56.0119 4672 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 23:27:56.0129 4672 Ntfs - ok 23:27:56.0164 4672 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys 23:27:56.0165 4672 NTIDrvr - ok 23:27:56.0189 4672 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 23:27:56.0189 4672 Null - ok 23:27:56.0239 4672 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 23:27:56.0240 4672 nvraid - ok 23:27:56.0285 4672 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 23:27:56.0288 4672 nvstor - ok 23:27:56.0311 4672 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 23:27:56.0313 4672 nv_agp - ok 23:27:56.0368 4672 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 23:27:56.0370 4672 ohci1394 - ok 23:27:56.0409 4672 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 23:27:56.0410 4672 Parport - ok 23:27:56.0450 4672 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 23:27:56.0451 4672 partmgr - ok 23:27:56.0474 4672 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 23:27:56.0476 4672 pci - ok 23:27:56.0495 4672 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 23:27:56.0495 4672 pciide - ok 23:27:56.0525 4672 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 23:27:56.0527 4672 pcmcia - ok 23:27:56.0553 4672 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 23:27:56.0554 4672 pcw - ok 23:27:56.0583 4672 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 23:27:56.0588 4672 PEAUTH - ok 23:27:56.0689 4672 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 23:27:56.0690 4672 PptpMiniport - ok 23:27:56.0713 4672 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 23:27:56.0714 4672 Processor - ok 23:27:56.0778 4672 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 23:27:56.0780 4672 Psched - ok 23:27:56.0842 4672 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 23:27:56.0852 4672 ql2300 - ok 23:27:56.0866 4672 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 23:27:56.0868 4672 ql40xx - ok 23:27:56.0902 4672 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 23:27:56.0902 4672 QWAVEdrv - ok 23:27:56.0931 4672 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 23:27:56.0931 4672 RasAcd - ok 23:27:56.0970 4672 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 23:27:56.0971 4672 RasAgileVpn - ok 23:27:57.0040 4672 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:27:57.0041 4672 Rasl2tp - ok 23:27:57.0071 4672 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 23:27:57.0073 4672 RasPppoe - ok 23:27:57.0096 4672 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 23:27:57.0098 4672 RasSstp - ok 23:27:57.0156 4672 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 23:27:57.0160 4672 rdbss - ok 23:27:57.0183 4672 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 23:27:57.0184 4672 rdpbus - ok 23:27:57.0204 4672 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:27:57.0205 4672 RDPCDD - ok 23:27:57.0234 4672 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 23:27:57.0234 4672 RDPENCDD - ok 23:27:57.0263 4672 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 23:27:57.0263 4672 RDPREFMP - ok 23:27:57.0315 4672 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 23:27:57.0317 4672 RDPWD - ok 23:27:57.0367 4672 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 23:27:57.0369 4672 rdyboost - ok 23:27:57.0400 4672 RimUsb - ok 23:27:57.0446 4672 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 23:27:57.0447 4672 RimVSerPort - ok 23:27:57.0483 4672 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 23:27:57.0484 4672 ROOTMODEM - ok 23:27:57.0529 4672 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 23:27:57.0530 4672 rspndr - ok 23:27:57.0575 4672 RSUSBSTOR (2db8116d52b19216812c4e6d5d837810) C:\Windows\system32\Drivers\RtsUStor.sys 23:27:57.0578 4672 RSUSBSTOR - ok 23:27:57.0593 4672 RtsUIR - ok 23:27:57.0652 4672 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 23:27:57.0654 4672 sbp2port - ok 23:27:57.0711 4672 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 23:27:57.0712 4672 scfilter - ok 23:27:57.0761 4672 scnuhst20 (efea7d041af4cf3c0dedca445fcbe4c7) C:\Windows\system32\DRIVERS\scnuhst20.sys 23:27:57.0762 4672 scnuhst20 - ok 23:27:57.0787 4672 SCNUHUB20 (9fa744f6b1e492514f55c60d010e2af2) C:\Windows\system32\DRIVERS\scnuhub20.sys 23:27:57.0787 4672 SCNUHUB20 - ok 23:27:57.0839 4672 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 23:27:57.0840 4672 secdrv - ok 23:27:57.0875 4672 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 23:27:57.0876 4672 Serenum - ok 23:27:57.0899 4672 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 23:27:57.0900 4672 Serial - ok 23:27:57.0952 4672 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 23:27:57.0952 4672 sermouse - ok 23:27:58.0010 4672 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 23:27:58.0011 4672 sffdisk - ok 23:27:58.0035 4672 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 23:27:58.0036 4672 sffp_mmc - ok 23:27:58.0050 4672 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 23:27:58.0051 4672 sffp_sd - ok 23:27:58.0065 4672 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 23:27:58.0065 4672 sfloppy - ok 23:27:58.0100 4672 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:27:58.0101 4672 SiSRaid2 - ok 23:27:58.0116 4672 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 23:27:58.0117 4672 SiSRaid4 - ok 23:27:58.0140 4672 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 23:27:58.0142 4672 Smb - ok 23:27:58.0174 4672 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 23:27:58.0175 4672 spldr - ok 23:27:58.0255 4672 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 23:27:58.0260 4672 srv - ok 23:27:58.0330 4672 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 23:27:58.0335 4672 srv2 - ok 23:27:58.0386 4672 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 23:27:58.0388 4672 SrvHsfHDA - ok 23:27:58.0443 4672 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 23:27:58.0459 4672 SrvHsfV92 - ok 23:27:58.0484 4672 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 23:27:58.0490 4672 SrvHsfWinac - ok 23:27:58.0534 4672 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 23:27:58.0537 4672 srvnet - ok 23:27:58.0581 4672 ssadbus (866f8212ef7e75bac8bca03331e30cb4) C:\Windows\system32\DRIVERS\ssadbus.sys 23:27:58.0583 4672 ssadbus - ok 23:27:58.0632 4672 ssadmdfl (73e2ba39e7eb024dc686412e2e924a74) C:\Windows\system32\DRIVERS\ssadmdfl.sys 23:27:58.0633 4672 ssadmdfl - ok 23:27:58.0677 4672 ssadmdm (74b032d6c1e36ae2f790752fde8ce055) C:\Windows\system32\DRIVERS\ssadmdm.sys 23:27:58.0680 4672 ssadmdm - ok 23:27:58.0738 4672 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 23:27:58.0739 4672 stexstor - ok 23:27:58.0798 4672 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 23:27:58.0799 4672 StillCam - ok 23:27:58.0844 4672 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 23:27:58.0845 4672 swenum - ok 23:27:58.0904 4672 SynTP (bcf305959b53b200ceb2ad25ad22f8a7) C:\Windows\system32\DRIVERS\SynTP.sys 23:27:58.0906 4672 SynTP - ok 23:27:59.0033 4672 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 23:27:59.0046 4672 Tcpip - ok 23:27:59.0111 4672 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 23:27:59.0130 4672 TCPIP6 - ok 23:27:59.0178 4672 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 23:27:59.0179 4672 tcpipreg - ok 23:27:59.0212 4672 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 23:27:59.0212 4672 TDPIPE - ok 23:27:59.0268 4672 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 23:27:59.0268 4672 TDTCP - ok 23:27:59.0316 4672 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 23:27:59.0317 4672 tdx - ok 23:27:59.0382 4672 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 23:27:59.0383 4672 TermDD - ok 23:27:59.0479 4672 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:27:59.0480 4672 tssecsrv - ok 23:27:59.0522 4672 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 23:27:59.0524 4672 TsUsbFlt - ok 23:27:59.0575 4672 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 23:27:59.0578 4672 tunnel - ok 23:27:59.0613 4672 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 23:27:59.0615 4672 uagp35 - ok 23:27:59.0656 4672 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys 23:27:59.0657 4672 UBHelper - ok 23:27:59.0716 4672 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 23:27:59.0720 4672 udfs - ok 23:27:59.0798 4672 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 23:27:59.0799 4672 uliagpkx - ok 23:27:59.0855 4672 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 23:27:59.0857 4672 umbus - ok 23:27:59.0892 4672 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 23:27:59.0893 4672 UmPass - ok 23:27:59.0945 4672 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 23:27:59.0946 4672 usbaudio - ok 23:27:59.0959 4672 usbbus - ok 23:28:00.0016 4672 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 23:28:00.0017 4672 usbccgp - ok 23:28:00.0029 4672 USBCCID - ok 23:28:00.0083 4672 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 23:28:00.0084 4672 usbcir - ok 23:28:00.0097 4672 UsbDiag - ok 23:28:00.0147 4672 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 23:28:00.0148 4672 usbehci - ok 23:28:00.0173 4672 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 23:28:00.0176 4672 usbhub - ok 23:28:00.0189 4672 USBModem - ok 23:28:00.0245 4672 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 23:28:00.0246 4672 usbohci - ok 23:28:00.0291 4672 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 23:28:00.0292 4672 usbprint - ok 23:28:00.0350 4672 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 23:28:00.0351 4672 usbscan - ok 23:28:00.0410 4672 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:28:00.0412 4672 USBSTOR - ok 23:28:00.0465 4672 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 23:28:00.0466 4672 usbuhci - ok 23:28:00.0531 4672 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 23:28:00.0533 4672 usbvideo - ok 23:28:00.0603 4672 V0415Vid (48567d769bc51e422665b8cfc8a4918d) C:\Windows\system32\DRIVERS\V0415Vid.sys 23:28:00.0607 4672 V0415Vid - ok 23:28:00.0649 4672 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 23:28:00.0650 4672 vdrvroot - ok 23:28:00.0679 4672 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 23:28:00.0680 4672 vga - ok 23:28:00.0710 4672 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 23:28:00.0710 4672 VgaSave - ok 23:28:00.0739 4672 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 23:28:00.0741 4672 vhdmp - ok 23:28:00.0770 4672 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 23:28:00.0771 4672 viaide - ok 23:28:00.0821 4672 vmci (cc711ed4f3d1987e84745237358ff87c) C:\Windows\system32\drivers\vmci.sys 23:28:00.0822 4672 vmci - ok 23:28:00.0862 4672 vmkbd (98e05ba0c49aa98aa0fd998ebc33d763) C:\Windows\system32\drivers\VMkbd.sys 23:28:00.0862 4672 vmkbd - ok 23:28:00.0912 4672 VMnetAdapter (9d54f1339e78c95bf3d9939ebcb66378) C:\Windows\system32\DRIVERS\vmnetadapter.sys 23:28:00.0913 4672 VMnetAdapter - ok 23:28:00.0967 4672 VMnetBridge (fb54ef3aa613d2832fd3812e7cb2fc75) C:\Windows\system32\DRIVERS\vmnetbridge.sys 23:28:00.0968 4672 VMnetBridge - ok 23:28:01.0007 4672 VMnetuserif (3a9ad1d1fcf673b1b7f27140e45aeffd) C:\Windows\system32\drivers\vmnetuserif.sys 23:28:01.0008 4672 VMnetuserif - ok 23:28:01.0064 4672 vmusb (415b167695c4b5960a13098622ef3d80) C:\Windows\system32\Drivers\vmusb.sys 23:28:01.0065 4672 vmusb - ok 23:28:01.0129 4672 vmx86 (884737c95b3e1281525d7bc6e9e9d11f) C:\Windows\system32\drivers\vmx86.sys 23:28:01.0130 4672 vmx86 - ok 23:28:01.0170 4672 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 23:28:01.0171 4672 volmgr - ok 23:28:01.0229 4672 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 23:28:01.0233 4672 volmgrx - ok 23:28:01.0293 4672 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 23:28:01.0296 4672 volsnap - ok 23:28:01.0340 4672 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 23:28:01.0343 4672 vsmraid - ok 23:28:01.0459 4672 vstor2-ws60 (69f57e89e6ebc5012d210527af005a70) C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys 23:28:01.0461 4672 vstor2-ws60 - ok 23:28:01.0481 4672 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 23:28:01.0482 4672 vwifibus - ok 23:28:01.0511 4672 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 23:28:01.0512 4672 vwififlt - ok 23:28:01.0538 4672 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 23:28:01.0539 4672 vwifimp - ok 23:28:01.0563 4672 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 23:28:01.0564 4672 WacomPen - ok 23:28:01.0600 4672 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:28:01.0602 4672 WANARP - ok 23:28:01.0610 4672 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 23:28:01.0612 4672 Wanarpv6 - ok 23:28:01.0673 4672 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 23:28:01.0674 4672 Wd - ok 23:28:01.0710 4672 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 23:28:01.0715 4672 Wdf01000 - ok 23:28:01.0767 4672 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 23:28:01.0768 4672 WfpLwf - ok 23:28:01.0801 4672 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 23:28:01.0802 4672 WIMMount - ok 23:28:01.0850 4672 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys 23:28:01.0855 4672 winachsf - ok 23:28:01.0939 4672 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 23:28:01.0940 4672 WinUsb - ok 23:28:01.0980 4672 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 23:28:01.0981 4672 WmiAcpi - ok 23:28:02.0028 4672 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 23:28:02.0029 4672 ws2ifsl - ok 23:28:02.0081 4672 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 23:28:02.0082 4672 WSDPrintDevice - ok 23:28:02.0136 4672 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys 23:28:02.0137 4672 WSDScan - ok 23:28:02.0211 4672 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 23:28:02.0212 4672 WudfPf - ok 23:28:02.0239 4672 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:28:02.0241 4672 WUDFRd - ok 23:28:02.0293 4672 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys 23:28:02.0294 4672 XAudio - ok 23:28:02.0351 4672 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 23:28:02.0416 4672 \Device\Harddisk0\DR0 - ok 23:28:02.0430 4672 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1 23:28:02.0514 4672 \Device\Harddisk1\DR1 - ok 23:28:02.0519 4672 Boot (0x1200) (dde833b8071281af5a0536f44025944a) \Device\Harddisk0\DR0\Partition0 23:28:02.0521 4672 \Device\Harddisk0\DR0\Partition0 - ok 23:28:02.0539 4672 Boot (0x1200) (efef7f1418a2108bfa3f8396d5da7464) \Device\Harddisk0\DR0\Partition1 23:28:02.0541 4672 \Device\Harddisk0\DR0\Partition1 - ok 23:28:02.0548 4672 Boot (0x1200) (a1433f22136da3a38ef192a01f16c8ee) \Device\Harddisk1\DR1\Partition0 23:28:02.0549 4672 \Device\Harddisk1\DR1\Partition0 - ok 23:28:02.0550 4672 ============================================================ 23:28:02.0550 4672 Scan finished 23:28:02.0550 4672 ============================================================ 23:28:02.0563 3540 Detected object count: 0 23:28:02.0563 3540 Actual detected object count: 0 | actions · 2012-Mar-16 11:39 pm · (locked) |
1 recommendation |
to homergreg
First:Run OTL [*]Under the Custom Scans/Fixes box at the bottom, copy and paste the contents of the following box: :OTL O1 - Hosts: 188.119.151.111 www.google-analytics.com. O1 - Hosts: 188.119.151.111 ad-emea.doubleclick.net. O1 - Hosts: 188.119.151.111 www.statcounter.com. O1 - Hosts: 108.163.215.51 www.google-analytics.com. O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net. O1 - Hosts: 108.163.215.51 www.statcounter.com. O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
:Services
:Reg
:Files
:Commands [purity] [emptytemp] [EMPTYFLASH] [Reboot]
[*]Then click the Run Fix button at the top [*]Let the program run unhindered, reboot the PC when it is done [*]Once you see a message box "Fix complete! Click OK to open the fix log." [*]Click the OK button [*]The log will open in Notepad (your default text editor). {*]Save the log. Post a copy of that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start-All Programs-Accessories-Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post. Second:Please run OTL again, and post the new log in this thread. Note that there will not be a new Extras log this time. | actions · 2012-Mar-17 11:14 am · (locked) | |
I tried but I get an error: Cannot create file C:\Windows\System32\drivers\etc\Hosts. And then OTL just sits there. | actions · 2012-Mar-17 2:44 pm · (locked) | |
to homergreg
Try again, but this time use 'Run as Administrator' to start OTL, then proceed as before. | actions · 2012-Mar-17 5:20 pm · (locked) | |
I tried as you said, right clicked the OTL icon, then selected run as administrator. Same error. So I just rebooted and tried again, and it gives the same error. Thanks for your help and patience through this! | actions · 2012-Mar-17 6:43 pm · (locked) | homergreg |
Just as additional notes. I tried using Google Chrome, and it's getting these intermittent redirects too. And I remember a couple of days ago that looking on the internet about this problem, I saw something about the hosts file and that Microsoft had a fix to run to reset your hosts file and I did run that to see if it helped. Of course it didn't. I don't know if that is what is causing the problem with why I can't run that OTL fix. Here's a link to the Microsoft patch I ran: » support.microsoft.com/kb/972034 | actions · 2012-Mar-18 10:23 am · (locked) | | 1 edit |
to homergreg
Thanks for trying. I believe the redirects are caused by the entries in the Hosts file. Lets try a different method to remove them. 1.Download the HostsXpert from here:
http://www.funkytoad.com/download/HostsXpert.zip
2. Install the program and run it. 3. Press 'Restore MS Hosts File' button and press 'OK' 4. Exit Program. 5. Reboot your computer. Note: This program also has a Hosts file backup facility that may want to use if you have added custom entries to the Hosts file. For Vista and Windows 7, be sure to right click on the program icon and select 'Run As Administrator'. | actions · 2012-Mar-18 10:43 am · (locked) | |
Really interesting! This program says that my hosts file is set as a system file and to fix that if I want this to run. Then if I try to run it anyway, I get the same error as I was getting with OTL. I went and looked at my hosts file, it is set as a system file and it is set as read only. I also noted that the date on the hosts file is March 5th, about the time this all started. I started setting my hosts file to make it writable, then I thought I had better post this here before going on my own and changing my system attributes. | actions · 2012-Mar-18 10:55 am · (locked) |
1 recommendation |
to homergreg
Change it to writeable. It's just a text file that is normally not read only or system. (verified that on my system)
Then run HostsXpert as per previous post.
Post back and let me know how it works. | actions · 2012-Mar-18 11:00 am · (locked) |
1 recommendation |
Finally! After changing the permissions, I had to change the "read only" attribute under the "general" tab too, but that worked. I looked through the hosts file before running HostsXpert this time, which looked normal, until I realized there was a hundred lines of blank space and those entries were way down below what shows up normally on my screen. Then I saw the entries for the redirects for google analytics and the others. After running HostsXpert successfully, it is now clean.
Thanks so very much!! | actions · 2012-Mar-18 11:18 am · (locked) | |
to homergreg
Cleanup instructions are in my next post/. You should be free from the redirects.
Thanks for checking the attributes. I don't recall seeing this before, but now I know to look for them if the Hosts has those entries and is unchangeable. | actions · 2012-Mar-18 11:54 am · (locked) | LoPhatPhuud
1 recommendation |
to homergreg
Cleaning Up:Delete TFC: - Delete the TFC icon on your Desktop
Delete OTL: - Double click the OTL icon on your Desktop
- Press the 'Cleanup' button
Delete Security Check: - Delete the SecurityCheck icon on your Desktop
Delete Malware Bytes: - We recommend that you keep MalwareBytes (MBAM) and run it every week. There is no charge to keep the program however the real time protection will stop after the trial period. Be sure to update the definitions before each use. If you decide not to keep MBAM, use Add/Remove Programs to uninstall it.
Delete Sophos AntiRootkit- If we asked you to run Sophos AntiRootkit program, uninstall it thru Add/Remove Programs.
Other Programs: - If we asked you to install any other programs that are not removed by the OTL cleanup procedure, we will provide separate removal instructions.
| actions · 2012-Mar-18 11:54 am · (locked) |
1 recommendation |
Again, thank you so very much! I was pulling my hair out over this one! | actions · 2012-Mar-18 12:24 pm · (locked) |
your moderator at work
hidden :
|
|