dslreports logo
site
    All Forums Hot Topics Gallery
spc
Search Topic:
uniqs
6118
share rss forum feed


mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter

1 edit

[RESOLVED] googleupdate.exe possible Virus

Running Win 7 x64 fully patched

I got a program from the internet and i ran it.
It seem to not do anything, no window opened but the screen flickered.
I few minutes later i had my Windows Firewall Control Program ask me to allow
internet access to googleupdate.exe. I did not think it was related and clicked YES allowing it internet access.
Then i started thinking about that program a few minutes later, and checked netstat and found many new
network connections (a lot like maybe 100) from the googleupdate.exe program, it did not look normal.
I blocked all outbound connections at the firewall, and went about removing the googleupdate.exe from my system.
Even though all connection were closed i could not just delete the file. Unlocker did not see any locks
on the file and could not delete it, i guess because it was a service (googleupdate service not gupdate),
i did not know that at this time. I have no google software installed so i should not have googleupdate.exe.
I rebooted in safe mode and deleted the file. I removed the autostart entry in the registry.
I searched the registry for all googleupdate items and deleted them.

After i rebooted the PC, googleupdate seems to be gone and it has not returned.
I ran CCcleaner and scanned with MSE and Malwarebytes and found no new issues.

I read about this googleupdate virus and some people had much worst problems then i seem to have had.
Maybe mine system would have been much worst if it was allowed to run longer with internet access.

So here are my logs, can someone look them over and let me know what you think. Am i clean or should i worry.



mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter

2 edits

Re: googleupdate.exe possible Virus

************************************************************************************
* Ran TFC.exe *
************************************************************************************

It ran and asked to reboot.

Onreboot there was something odd. Maybe this is because of TFC ?, i have not run that before.
my Windows Friewall Control program asked to allow two programs internet access
that had not asked for access beofre, and i blocked them. The programs were wermgr.exe and spoolsv.exe.

A window came up about a message waiting from a program.
I had a choice to view it so i did, and it covered my desktop with a backgoound color and showed me an
a error dialog that was for a Visual C++ runtime error for file spoolsv.exe.
Above that dialog was another dialog that would let me return to the normal desktop.
I returned to the normal desktop, after i clicked OK to close the runtime error dialog.

Note: I have rebooted since without any issues, so it was only the reboot after running TFC.exe.

************************************************************************************
* Ran Malware bytes *
************************************************************************************

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.24.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mike :: P7P55CM [administrator]

9/24/2012 11:29:23 PM
mbam-log-2012-09-25 (00-47-38).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 828212
Time elapsed: 1 hour(s), 17 minute(s), 11 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe (Spyware.Password) -> 1792 -> No action taken.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SYSTEM\CurrentControlSet\Services\AsSysCtrlService (Spyware.Password) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 6
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe (Spyware.Password) -> No action taken.
C:\Program Files (x86)\pdf995\res\drivedir\PSConvert.exe (Spyware.Password) -> No action taken.
C:\SharedData\Install\Adobe Flash Player\Adobe_Flash_Player_AX_11.4.402.265_SPS.exe (Spyware.Password) -> No action taken.
E:\Boot\EasyBoot\MyGhostV1.1\PROGRAMS\Keyfinder\keyfinder.exe (RiskWare.Tool.CK) -> No action taken.
E:\Boot\EasyBoot\MyGhostV2.0\PROGRAMS\Keyfinder\keyfinder.exe (RiskWare.Tool.CK) -> No action taken.
E:\Boot\EasyBoot\MyGhostV3.0\PROGRAMS\Crossloop\CrossLoopUpdate.exe (Spyware.Password) -> No action taken.

(end)

The ASUS software is a flase positive, i checked at the malwarebytes forum. The others are known program that get flagged but are tools of a boot CD i make.


mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter
reply to mmainprize

************************************************************************************
* ran OTL.exe OTL.txt *
************************************************************************************

OTL logfile created on: 9/24/2012 7:51:25 PM - Run 1
OTL by OldTimer - Version 3.2.66.2 Folder = C:\Users\Mike\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

16.00 Gb Total Physical Memory | 12.22 Gb Available Physical Memory | 76.40% Memory free
31.99 Gb Paging File | 27.97 Gb Available in Paging File | 87.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.91 Gb Total Space | 175.42 Gb Free Space | 39.25% Space Free | Partition Type: NTFS
Drive D: | 1412.82 Gb Total Space | 1312.73 Gb Free Space | 92.92% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 1627.90 Gb Free Space | 87.38% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 1268.83 Gb Free Space | 68.11% Space Free | Partition Type: NTFS
Drive L: | 1397.26 Gb Total Space | 642.73 Gb Free Space | 46.00% Space Free | Partition Type: NTFS
Drive V: | 1397.26 Gb Total Space | 833.87 Gb Free Space | 59.68% Space Free | Partition Type: NTFS

Computer Name: P7P55CM | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012/09/24 14:20:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
PRC - [2012/09/10 16:43:50 | 001,634,304 | ---- | M] (Don HO don.h@free.fr) -- C:\Program Files (x86)\Notepad++\notepad++.exe
PRC - [2012/09/01 18:07:22 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012/08/16 14:15:48 | 003,170,672 | ---- | M] (Conceiva Pty. Ltd.) -- C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/08/07 03:36:08 | 003,232,896 | ---- | M] (NTeWORKS) -- C:\Program Files (x86)\PicPick\picpick.exe
PRC - [2012/08/06 12:00:44 | 000,049,664 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
PRC - [2012/07/08 23:35:22 | 003,028,880 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe
PRC - [2012/04/30 20:56:16 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2012/04/30 20:56:04 | 000,433,264 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2012/04/30 20:55:40 | 000,103,536 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
PRC - [2012/04/30 17:54:52 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2012/02/16 12:31:20 | 001,110,480 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
PRC - [2011/11/15 13:20:26 | 000,095,608 | ---- | M] (Dyn, Inc.) -- C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe
PRC - [2011/11/15 13:20:26 | 000,078,192 | ---- | M] (Dyn, Inc.) -- C:\Program Files (x86)\DynDNS Updater\DynTray.exe
PRC - [2011/10/14 02:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2011/10/14 02:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2011/08/19 05:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/04/09 00:08:52 | 000,885,400 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe
PRC - [2011/04/08 23:21:06 | 000,386,864 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011/04/08 23:20:08 | 001,890,184 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
PRC - [2011/04/08 23:13:40 | 004,599,080 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
PRC - [2011/04/08 23:12:18 | 000,953,336 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe
PRC - [2011/02/04 08:18:14 | 000,408,590 | ---- | M] () -- C:\cygwin\usr\sbin\sshd.exe
PRC - [2011/01/01 15:44:03 | 000,151,552 | -HS- | M] () -- C:\Windows\kmsem\KMService.exe
PRC - [2011/01/01 15:44:03 | 000,008,192 | -HS- | M] () -- C:\Windows\SysWOW64\srvany.exe
PRC - [2010/12/22 23:35:38 | 000,476,160 | ---- | M] (DMT and Associates) -- C:\Utils\WallWatcher\WallWatcher.exe
PRC - [2010/10/12 14:57:40 | 000,354,232 | ---- | M] (GP Software) -- C:\Program Files\GPSoftware\Directory Opus\dopusx64.exe
PRC - [2010/07/07 11:58:02 | 001,089,664 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe
PRC - [2010/06/28 23:50:36 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/06/24 02:19:50 | 000,109,056 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
PRC - [2010/05/25 20:53:46 | 002,139,400 | ---- | M] () -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
PRC - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010/03/25 12:02:16 | 000,611,968 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe
PRC - [2010/02/10 09:39:06 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\lxdfamon.exe
PRC - [2010/02/10 09:39:02 | 000,455,336 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\lxdfmon.exe
PRC - [2010/02/03 01:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/01/22 13:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009/10/26 14:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009/10/26 14:15:56 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2008/03/18 06:28:46 | 000,068,096 | ---- | M] () -- C:\cygwin\bin\cygrunsrv.exe
PRC - [2004/09/16 10:52:42 | 001,605,632 | ---- | M] (Webshots.com) -- C:\Program Files (x86)\Webshots\webshots.scr

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012/09/19 14:30:35 | 000,361,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\205225c8a4545fde8cee36e3e5b3e03b\IAStorUtil.ni.dll
MOD - [2012/09/19 14:30:35 | 000,027,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMgrSvcInt#\496dfc86ced14d6a3389172061ebafe2\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2012/09/19 14:30:35 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\49472b1a7ed2a5a68070d885198f4eb2\IAStorCommon.ni.dll
MOD - [2012/09/14 16:38:07 | 001,226,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\6831f648f5b925f1194f691b0b491662\System.WorkflowServices.ni.dll
MOD - [2012/09/14 16:37:48 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ec057796972ce41b751eaa3a8306fbcb\System.ServiceModel.Discovery.ni.dll
MOD - [2012/09/14 16:37:48 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\dc86fe1c7a6e3a7ce9e9c1f13d9b1e8e\System.ServiceModel.Routing.ni.dll
MOD - [2012/09/14 16:37:47 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d09c237ee72af3935f1a01388ef8e315\System.ServiceModel.Channels.ni.dll
MOD - [2012/09/14 16:37:38 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\5055b60e339143bbace5871f5fe4b114\System.ServiceModel.Activities.ni.dll
MOD - [2012/09/14 16:37:36 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll
MOD - [2012/09/14 16:37:36 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll
MOD - [2012/09/14 16:37:25 | 001,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\f42c2acdb000001066c78acfc6cd8655\System.ServiceModel.Web.ni.dll
MOD - [2012/09/14 16:36:20 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/09/14 16:36:19 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
MOD - [2012/09/14 16:36:19 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
MOD - [2012/09/14 16:36:04 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/09/14 16:31:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/09/14 16:31:35 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/09/14 16:31:07 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/09/14 16:31:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/09/14 16:31:04 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/09/14 16:31:00 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/09/14 16:12:41 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/09/14 16:12:35 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/09/14 16:11:08 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/09/14 16:11:06 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/09/14 16:11:04 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/09/14 16:10:59 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/09/14 16:10:55 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2011/09/21 16:46:28 | 001,673,728 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
MOD - [2011/07/18 17:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
MOD - [2011/03/22 02:23:20 | 000,008,206 | ---- | M] () -- C:\cygwin\bin\cygssp-0.dll
MOD - [2011/03/22 02:23:02 | 000,044,558 | ---- | M] () -- C:\cygwin\bin\cyggcc_s-1.dll
MOD - [2011/03/16 17:09:48 | 001,174,542 | ---- | M] () -- C:\cygwin\bin\cygcrypto-0.9.8.dll
MOD - [2011/02/04 08:18:14 | 000,408,590 | ---- | M] () -- C:\cygwin\usr\sbin\sshd.exe
MOD - [2010/08/01 17:04:19 | 000,077,838 | ---- | M] () -- C:\cygwin\bin\cygz.dll
MOD - [2010/06/01 11:38:40 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
MOD - [2010/03/28 05:02:33 | 000,028,174 | ---- | M] () -- C:\cygwin\bin\cygwrap-0.dll
MOD - [2010/02/10 09:39:06 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\lxdfamon.exe
MOD - [2010/02/10 09:39:02 | 000,455,336 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\lxdfmon.exe
MOD - [2010/02/09 08:41:50 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\app4r.monitor.core.dll
MOD - [2010/02/09 08:41:50 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\app4r.monitor.common.dll
MOD - [2010/02/09 08:40:56 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\app4r.devmons.mcmdevmon.dll
MOD - [2010/02/08 18:19:52 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
MOD - [2010/01/21 02:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 21:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/09/29 23:33:07 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009/06/27 11:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2008/06/06 07:45:50 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2008/03/18 06:28:46 | 000,068,096 | ---- | M] () -- C:\cygwin\bin\cygrunsrv.exe
MOD - [2007/05/24 16:21:26 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\lxdfscw.dll
MOD - [2007/05/03 11:39:32 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Lexmark 6500 Series\lxdfdatr.dll
MOD - [2003/10/19 05:12:30 | 000,006,656 | ---- | M] () -- C:\cygwin\bin\cygcrypt-0.dll
MOD - [2003/01/02 16:32:06 | 000,020,480 | ---- | M] () -- C:\Utils\WallWatcher\NetUtils.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2012/09/07 23:36:24 | 000,144,024 | ---- | M] (BiniSoft.org) [Auto | Running] -- C:\Program Files\Windows Firewall Control\wfcs.exe -- (wfcs)
SRV:64bit: - [2012/07/27 22:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/03/24 07:24:58 | 000,095,976 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007/05/29 06:06:06 | 001,053,104 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdfcoms.exe -- (lxdf_device)
SRV:64bit: - [2007/05/29 06:05:48 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdfserv.exe -- (lxdfCATSCustConnectService)
SRV - [2012/09/20 01:49:50 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/07 01:50:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/08/16 14:15:48 | 003,170,672 | ---- | M] (Conceiva Pty. Ltd.) [Auto | Running] -- C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe -- (Mezzmo)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/30 20:56:16 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012/04/30 20:56:04 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2012/04/30 19:53:30 | 011,839,488 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2012/04/30 17:54:52 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2012/02/16 12:31:20 | 001,110,480 | ---- | M] (Hagel Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\DU Meter\DUMeterSvc.exe -- (DUMeterSvc)
SRV - [2011/11/15 13:20:26 | 000,095,608 | ---- | M] (Dyn, Inc.) [Auto | Running] -- C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe -- (Dyn Updater)
SRV - [2011/10/14 02:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/08/29 23:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2011/08/19 05:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/08 23:21:18 | 001,083,808 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/04/08 23:20:08 | 001,890,184 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe -- (AcronisAgent)
SRV - [2011/04/08 23:13:40 | 004,599,080 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe -- (MMS)
SRV - [2011/01/01 15:44:03 | 000,008,192 | -HS- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2010/07/08 09:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) [Disabled | Stopped] -- C:\Program Files (x86)\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2010/06/24 02:19:50 | 000,109,056 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/05/25 20:53:46 | 002,139,400 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector)
SRV - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/26 14:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/18 06:28:46 | 000,068,096 | ---- | M] () [Auto | Running] -- C:\cygwin\bin\cygrunsrv.exe -- (sshd)
SRV - [2007/05/29 06:06:44 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdfcoms.exe -- (lxdf_device)
SRV - [2007/05/29 06:05:48 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdfserv.exe -- (lxdfCATSCustConnectService)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/09/01 18:01:56 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012/07/28 00:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/07/27 21:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/07/19 23:21:19 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012/07/19 23:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012/07/19 23:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2012/05/14 02:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/04/30 20:56:36 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2012/04/30 20:54:56 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2012/04/30 17:22:42 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2012/04/30 17:22:42 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/14 05:26:53 | 000,116,504 | ---- | M] (Ray Hinchliffe) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SIVX64.sys -- (SIVDriver)
DRV:64bit: - [2011/08/29 23:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011/08/19 05:27:30 | 004,869,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011/08/19 05:27:30 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/08/08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011/06/12 16:09:53 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011/06/12 16:06:04 | 000,272,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011/03/24 07:24:54 | 000,148,072 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/11 23:01:26 | 000,038,944 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV:64bit: - [2010/12/07 02:47:32 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/09/01 04:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/08/06 04:53:14 | 000,293,416 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010/08/04 09:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010/07/01 13:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/05/07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 19:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/01/22 13:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 13:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/11/11 18:44:24 | 000,034,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64k.sys -- (Point64)
DRV:64bit: - [2009/10/18 21:56:10 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/07/15 23:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/22 10:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV - [2012/02/16 12:31:26 | 000,020,856 | ---- | M] (Hagel Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\DU Meter\DUMetr64.sys -- (DUMeterDrv)
DRV - [2011/11/12 01:21:07 | 000,003,869 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\HWACCESS.SYS -- (HWACCESS)
DRV - [2010/12/11 16:54:18 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\SysWow64\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2010/06/28 23:50:22 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/12/09 01:40:09] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010/01/29 12:40:14 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009/07/14 20:59:56 | 000,059,384 | ---- | M] (Ray Hinchliffe) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\SIVX64.sys -- (SIVDriver)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9E 31 2B D8 7E 90 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {9AB48EDD-2B42-432e-861C-76E7AD3CB8B0}
IE - HKCU\..\SearchScopes\{00979BBC-47A1-486f-BF1E-7390AC8E65BB}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9AB48EDD-2B42-432e-861C-76E7AD3CB8B0}: "URL" = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=en&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledAddons: collector@broceliand.fr:6.0.5
FF - prefs.js..extensions.enabledAddons: cookiemgr@jayapal.com:4.5
FF - prefs.js..extensions.enabledAddons: support@smart-hide-ip.com:1.0
FF - prefs.js..extensions.enabledAddons: text2voice@vik.josh:1.08
FF - prefs.js..extensions.enabledAddons: {29CB7FC4-9DD9-4357-9452-457BD5589D9E}:1.07
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.5
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120910
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110704
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.7
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.3.50136
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: collector@broceliand.fr:5.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 01:50:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/30 23:26:36 | 000,000,000 | ---D | M]

[2010/12/05 20:08:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions
[2012/09/20 02:23:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions
[2011/11/04 03:30:07 | 000,000,000 | ---D | M] (Screen grab! with Online Upload) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\{29CB7FC4-9DD9-4357-9452-457BD5589D9E}
[2012/09/20 02:23:40 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/06/27 23:37:54 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\collector@broceliand.fr
[2012/09/07 01:50:08 | 000,000,000 | ---D | M] (Advanced Cookie Manager) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\cookiemgr@jayapal.com
[2012/09/03 00:32:28 | 000,064,861 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\alldebrid@alldebrid.com.xpi
[2012/08/06 21:08:30 | 000,273,552 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\sharemenot@franziroesner.com.xpi
[2012/03/14 00:06:23 | 000,004,527 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\support@smart-hide-ip.com.xpi
[2012/07/14 13:13:55 | 000,062,544 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\text2voice@vik.josh.xpi
[2012/09/14 14:25:33 | 000,527,915 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/01/07 01:47:24 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/09/14 14:25:33 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2011/12/07 17:50:34 | 000,003,915 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\7r2ofpbr.default\searchplugins\sweetim.xml
[2012/03/15 00:45:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/30 00:19:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/07 01:50:06 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/07 01:49:56 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/07 01:49:56 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/08/13 01:59:33 | 000,001,008 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O1 - Hosts: 192.168.1.15 BedRoomTV
O1 - Hosts: 192.168.1.16 LivingRoomTV
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (GretechBHO Class) - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll (Gretech Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [lxdfamon] C:\Program Files (x86)\Lexmark 6500 Series\lxdfamon.exe ()
O4:64bit: - HKLM..\Run: [lxdfmon.exe] C:\Program Files (x86)\Lexmark 6500 Series\lxdfmon.exe ()
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BackupAndRecoveryMonitor.exe] C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe (Acronis)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [Lexmark 6500 Series] C:\Program Files (x86)\Lexmark 6500 Series\fm3032.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [QFan Help] C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [T Probe] C:\Program Files\ASUS\T Probe\TProbe.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [TrayMonitor.exe] C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe (Acronis)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [Directory Opus Desktop Dblclk] C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe (GP Software)
O4 - HKCU..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKCU..\Run: [PicPick Start] C:\Program Files (x86)\PicPick\picpick.exe (NTeWORKS)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus.lnk = File not found
O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\Launcher.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 177
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAC9370E-2169-4711-B19A-B4F13AA27C20}: NameServer = 4.2.2.1,4.2.2.4
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
O28 - HKLM ShellExecuteHooks: {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll (GP Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3d8547c8-00a4-11e0-ad5e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3d8547c8-00a4-11e0-ad5e-806e6f6e6963}\Shell\AutoRun\command - "" = H:\.\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/09/24 18:06:23 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Scan
[2012/09/24 18:05:56 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\TFC.exe
[2012/09/24 14:25:16 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Mike\Desktop\dds.scr
[2012/09/24 14:20:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2012/09/24 14:18:19 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2012/09/23 23:12:11 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
[2012/09/23 19:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Hagel Technologies
[2012/09/21 17:45:46 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/21 17:45:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/21 17:45:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/21 17:45:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/21 17:45:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/21 17:45:44 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/21 17:45:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/21 17:45:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/21 17:45:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/21 17:45:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/21 17:45:43 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/21 17:45:43 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/21 17:45:42 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/21 17:45:42 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/21 17:45:42 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/09/19 14:37:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012/09/19 14:36:26 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Intel Corporation
[2012/09/19 14:30:06 | 000,647,736 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2012/09/19 14:30:06 | 000,028,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2012/09/18 20:03:41 | 000,000,000 | ---D | C] -- C:\Intel
[2012/09/14 19:20:35 | 000,000,000 | --SD | C] -- C:\Users\Mike\Documents\My Web Sites
[2012/09/14 17:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WPF Toolkit
[2012/09/14 17:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2012/09/14 17:25:02 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/09/14 17:24:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
[2012/09/14 17:24:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Expression
[2012/09/14 15:56:00 | 062,164,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012/09/13 17:48:05 | 000,000,000 | --SD | C] -- C:\Users\Mike\Documents\My Data Sources
[2012/09/12 22:41:40 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/12 22:41:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/12 22:41:39 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/12 22:41:39 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/11 20:51:11 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012/09/07 23:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Firewall Control
[2012/09/07 23:36:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\BiniSoft.org
[2012/09/01 02:21:26 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\GomPlayer
[2012/08/31 23:09:04 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\pdfforge
[2012/08/31 23:09:01 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012/08/31 23:09:01 | 000,096,768 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012/08/31 23:09:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012/08/31 23:09:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012/08/31 18:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\WorldWindData
[2012/08/31 18:11:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\.TraceRoute
[2012/08/30 23:26:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/08/30 23:26:36 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/30 23:26:36 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/30 23:26:31 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/30 23:26:31 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/30 23:26:31 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/30 23:23:32 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/08/30 23:23:28 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/08/30 23:23:28 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/08/30 23:23:28 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/08/30 23:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/08/26 12:09:13 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/26 12:09:11 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/26 12:09:10 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/26 12:09:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/26 12:09:05 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/26 12:09:04 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/26 12:09:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/26 12:08:57 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/09/24 18:22:55 | 000,027,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/24 18:22:55 | 000,027,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/24 18:20:38 | 000,793,026 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/24 18:20:38 | 000,669,104 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/24 18:20:38 | 000,124,896 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/24 18:15:37 | 000,000,043 | ---- | M] () -- C:\Windows\MezzmoMediaServer.INI
[2012/09/24 18:15:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/24 18:14:59 | 4293,431,294 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/24 18:09:05 | 000,881,724 | ---- | M] () -- C:\Users\Mike\Desktop\SecurityCheck.exe
[2012/09/24 18:05:56 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\TFC.exe
[2012/09/24 14:25:18 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Mike\Desktop\dds.scr
[2012/09/24 14:20:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2012/09/24 14:18:28 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2012/09/23 23:22:48 | 828,740,411 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/09/23 21:34:04 | 008,829,642 | ---- | M] () -- C:\Users\Mike\Documents\AutoRuns.arn
[2012/09/23 19:43:47 | 000,003,093 | ---- | M] () -- C:\Users\Mike\Documents\Auto DU Meter Report.html
[2012/09/21 18:05:12 | 000,007,622 | ---- | M] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2012/09/20 01:49:50 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/09/20 01:49:50 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/09/19 14:59:38 | 000,627,425 | ---- | M] () -- C:\Users\Mike\Documents\DU Meter Backup.sqbackup
[2012/09/19 14:37:04 | 000,808,264 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/16 21:23:37 | 000,418,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/16 17:40:00 | 000,004,810 | ---- | M] () -- C:\Users\Mike\Documents\Tracer.htm
[2012/09/16 17:39:02 | 000,003,424 | ---- | M] () -- C:\Users\Mike\Documents\Ping.htm
[2012/09/15 20:10:04 | 000,153,082 | ---- | M] () -- C:\Users\Mike\Documents\Premium Coder NETFLIX Premium Accounts (15 Sep 2012).pdf
[2012/09/11 01:35:02 | 000,000,950 | ---- | M] () -- C:\Users\Mike\Documents\cc_20120911_013421.reg
[2012/09/08 22:19:08 | 000,000,920 | ---- | M] () -- C:\Users\Mike\Desktop\TT.dlc
[2012/09/08 18:40:46 | 000,033,884 | ---- | M] () -- C:\Policy saved on 8.9.2012 -(Starting Policy backup).wfc
[2012/09/07 23:36:29 | 000,000,868 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Firewall Control.lnk
[2012/09/07 23:36:29 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\Windows Firewall Control.lnk
[2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/07 01:50:08 | 000,002,048 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/05 22:36:36 | 000,001,864 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/09/01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2012/09/01 18:01:56 | 000,028,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2012/08/31 00:12:46 | 062,164,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2012/08/30 23:26:24 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/30 23:26:23 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/30 23:26:23 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/08/30 23:26:23 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/30 23:26:23 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/30 23:26:23 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/30 23:23:26 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/08/30 23:23:25 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/08/30 23:23:25 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/08/30 23:23:25 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/08/30 23:23:24 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/08/30 23:23:24 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012/08/29 21:49:33 | 000,025,995 | ---- | M] () -- C:\Users\Mike\Documents\TRAU064 - Clip 01.wlmp


mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter
reply to mmainprize

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/09/24 18:09:04 | 000,881,724 | ---- | C] () -- C:\Users\Mike\Desktop\SecurityCheck.exe
[2012/09/23 23:22:48 | 828,740,411 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/09/23 21:34:04 | 008,829,642 | ---- | C] () -- C:\Users\Mike\Documents\AutoRuns.arn
[2012/09/19 14:59:38 | 000,627,425 | ---- | C] () -- C:\Users\Mike\Documents\DU Meter Backup.sqbackup
[2012/09/16 17:40:00 | 000,004,810 | ---- | C] () -- C:\Users\Mike\Documents\Tracer.htm
[2012/09/16 17:39:02 | 000,003,424 | ---- | C] () -- C:\Users\Mike\Documents\Ping.htm
[2012/09/15 20:10:02 | 000,153,082 | ---- | C] () -- C:\Users\Mike\Documents\Premium Coder NETFLIX Premium Accounts (15 Sep 2012).pdf
[2012/09/11 01:34:58 | 000,000,950 | ---- | C] () -- C:\Users\Mike\Documents\cc_20120911_013421.reg
[2012/09/08 22:19:08 | 000,000,920 | ---- | C] () -- C:\Users\Mike\Desktop\TT.dlc
[2012/09/08 18:40:46 | 000,033,884 | ---- | C] () -- C:\Policy saved on 8.9.2012 -(Starting Policy backup).wfc
[2012/09/07 23:36:29 | 000,000,868 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Firewall Control.lnk
[2012/09/07 23:36:29 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Windows Firewall Control.lnk
[2012/09/05 22:36:36 | 000,001,864 | ---- | C] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2012/08/29 20:45:49 | 000,025,995 | ---- | C] () -- C:\Users\Mike\Documents\TRAU064 - Clip 01.wlmp
[2012/08/24 19:30:55 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012/08/24 19:30:50 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/08/08 20:08:43 | 000,038,500 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012/08/04 18:27:39 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/08/04 18:27:39 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/07/27 21:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/07/27 21:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/06/06 15:41:20 | 047,737,820 | ---- | C] () -- C:\Program Files (x86)\JDownloader.rar
[2012/05/09 20:57:56 | 048,856,379 | ---- | C] () -- C:\Program Files (x86)\JDownloader V1 Backup.rar
[2012/03/15 00:51:37 | 000,000,620 | ---- | C] () -- C:\Windows\unins000.dat
[2012/01/31 20:54:03 | 000,000,910 | ---- | C] () -- C:\Users\Mike\.recently-used.xbel
[2011/12/19 20:01:39 | 000,000,107 | ---- | C] () -- C:\Windows\IfoEdit.INI
[2011/12/17 14:55:13 | 000,000,043 | ---- | C] () -- C:\Windows\MezzmoMediaServer.INI
[2011/12/10 16:49:31 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfpmui.dll
[2011/12/10 16:49:31 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdfcomx.dll
[2011/12/10 16:49:31 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfinpa.dll
[2011/12/10 16:49:31 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\lxdfinst.dll
[2011/12/10 16:49:31 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfiesc.dll
[2011/12/10 16:49:30 | 001,200,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfserv.dll
[2011/12/10 16:49:30 | 000,950,272 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfusb1.dll
[2011/12/10 16:49:30 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfhbn3.dll
[2011/12/10 16:49:30 | 000,565,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdflmpm.dll
[2011/12/10 16:49:30 | 000,320,432 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfih.exe
[2011/12/10 16:49:30 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfprox.dll
[2011/12/10 16:49:29 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfcomc.dll
[2011/12/10 16:49:29 | 000,598,960 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfcoms.exe
[2011/12/10 16:49:29 | 000,365,488 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfcfg.exe
[2011/12/10 16:49:29 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdfcomm.dll
[2011/12/10 16:20:27 | 000,000,047 | ---- | C] () -- C:\Windows\WinInit.Ini
[2011/11/24 20:07:02 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/11/12 01:21:07 | 000,003,869 | ---- | C] () -- C:\Windows\SysWow64\HWACCESS.SYS
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/08/19 05:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011/08/19 05:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011/08/19 05:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/03/19 23:22:12 | 000,001,970 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/03/07 21:24:47 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/02/11 01:39:01 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/01/01 15:12:17 | 000,008,192 | -HS- | C] () -- C:\Windows\SysWow64\srvany.exe
[2011/01/01 13:47:40 | 000,007,622 | ---- | C] () -- C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
[2010/12/26 18:39:17 | 000,063,488 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/23 18:46:35 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/12/16 00:39:47 | 000,000,028 | ---- | C] () -- C:\Windows\pdf995.ini
[2010/12/16 00:38:13 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\pdf995mon64.dll
[2010/12/16 00:38:13 | 000,000,160 | ---- | C] () -- C:\Windows\wpd99.drv
[2010/12/12 01:54:47 | 000,808,264 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/11 02:16:32 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/12/08 02:19:49 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2010/12/04 13:22:22 | 000,040,109 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010/12/04 13:17:03 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010/12/04 13:17:03 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010/12/04 13:17:02 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010/12/04 13:17:02 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010/12/04 13:02:51 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/12/04 13:02:47 | 000,033,212 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/12/04 13:00:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2003/10/06 04:21:31 | 000,000,000 | -H-- | C] () -- C:\ProgramData\sdpsenv.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2010/12/11 15:15:04 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\6500 Series
[2012/08/10 21:12:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\AC3Filter
[2010/12/08 03:31:01 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ACD Systems
[2011/06/12 19:08:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Acronis
[2012/02/06 02:07:41 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\anpo.republika.pl
[2010/12/07 02:32:23 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\DAEMON Tools Lite
[2010/12/08 02:28:26 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Desktopicon
[2012/03/15 01:26:47 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Downloaded Installations
[2011/12/29 17:30:40 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\FFSJ
[2012/02/06 02:05:09 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\fltk.org
[2012/08/05 20:27:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\FreeFileSync
[2011/08/19 18:45:24 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Garmin
[2011/01/03 20:34:33 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\GPSoftware
[2011/11/12 02:34:19 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\gtk-2.0
[2011/12/22 19:58:48 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\HandBrake
[2011/06/18 20:16:53 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ImgBurn
[2012/09/24 18:11:40 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\KeePass
[2010/12/22 23:18:15 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Leadertech
[2011/09/10 12:46:41 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\LEAPS
[2011/12/10 20:20:08 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Lexmark Productivity Studio
[2012/09/16 23:32:39 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\MediaMonkey
[2011/10/07 15:28:56 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Meeting Center
[2012/05/16 20:13:54 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mp3tag
[2012/09/24 04:28:00 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\NetStat Agent
[2012/06/15 23:06:54 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Nitro PDF
[2012/08/16 13:54:13 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Notepad++
[2012/07/27 17:17:55 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ooVoo Details
[2010/12/16 00:39:47 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\pdf995
[2012/08/31 23:09:04 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\pdfforge
[2011/09/10 12:44:13 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Pegasys Inc
[2011/10/20 02:08:55 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\picpick
[2012/03/30 01:06:56 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\RaimaRadioPro
[2012/03/14 00:05:53 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\SmartHideIP
[2012/01/16 16:54:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Thinstall
[2011/03/28 19:23:21 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\TightVNC
[2010/12/09 19:34:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Webshots
[2011/12/19 21:24:35 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Xilisoft

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 160 bytes -> C:\ProgramData\sdpsenv.dat:naughtypirates


mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter
reply to mmainprize

************************************************************************************
* ran OTL.exe extras.txt *
************************************************************************************

OTL Extras logfile created on: 9/24/2012 7:51:25 PM - Run 1
OTL by OldTimer - Version 3.2.66.2 Folder = C:\Users\Mike\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

16.00 Gb Total Physical Memory | 12.22 Gb Available Physical Memory | 76.40% Memory free
31.99 Gb Paging File | 27.97 Gb Available in Paging File | 87.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.91 Gb Total Space | 175.42 Gb Free Space | 39.25% Space Free | Partition Type: NTFS
Drive D: | 1412.82 Gb Total Space | 1312.73 Gb Free Space | 92.92% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 1627.90 Gb Free Space | 87.38% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 1268.83 Gb Free Space | 68.11% Space Free | Partition Type: NTFS
Drive L: | 1397.26 Gb Total Space | 642.73 Gb Free Space | 46.00% Space Free | Partition Type: NTFS
Drive V: | 1397.26 Gb Total Space | 833.87 Gb Free Space | 59.68% Space Free | Partition Type: NTFS

Computer Name: P7P55CM | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.ini [@ = Notepad++_file] -- Reg Error: Key error. File not found
.txt [@ = Notepad++_file] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Flash Renamer] -- "C:\Program Files (x86)\Flash Renamer\FlashRen.exe" "/p %1" (RL Vision)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Flash Renamer] -- "C:\Program Files (x86)\Flash Renamer\FlashRen.exe" "/p %1" (RL Vision)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"DefaultInboundAction" = 1
"DefaultOutboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"DefaultInboundAction" = 1
"DefaultOutboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"DefaultInboundAction" = 1
"DefaultOutboundAction" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D573A37-5D42-4346-A695-2256CE02367A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{0F9275D9-06FC-48BA-8C1F-AB2123D65A9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{141FF8B3-E11F-45D3-83DD-F4426C1DB7A2}" = rport=80 | protocol=6 | dir=out | app=c:\program files\windows firewall control\wfc.exe |
"{1711BF9A-FACA-42DB-93D2-CA6F619F08E9}" = lport=12972 | protocol=6 | dir=in | name=audials localhttpserver 12972 |
"{17D4587E-B7EB-46BC-AAFD-CCF8CD27B960}" = rport=123 | protocol=17 | dir=out | svc=w32time | app=c:\windows\system32\svchost.exe |
"{1B5F6A39-B16B-4B77-8315-1AF033414780}" = lport=137 | protocol=17 | dir=in | app=system |
"{2304619A-1825-46AB-A148-8F4E418645DB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{2F1C6BB8-4742-4461-AB4C-DBBC1E94EED3}" = rport=445 | protocol=6 | dir=out | app=system |
"{31762E98-2F93-4FAD-A156-AEFC1DA36034}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3BC3D872-6562-4FA9-B5AD-B4814E32B455}" = lport=138 | protocol=17 | dir=in | app=system |
"{46208CAB-1467-4E74-888D-0E290102D486}" = lport=1900 | protocol=17 | dir=in | name=mezzmo media server service |
"{4B0EDD99-1923-4627-9765-FBB8D1926BC0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5A73C1BA-4CAA-4135-A330-C0F9FF4D2738}" = lport=139 | protocol=6 | dir=in | app=system |
"{74598331-3DE7-44E0-9274-4A31DE0A5EC3}" = lport=72 | protocol=6 | dir=in | name=ssh |
"{756741C7-2BA7-4285-891C-23478F2FB37F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{79B283EA-4C8E-4D4B-8DB9-A66A7097CF06}" = lport=31931 | protocol=6 | dir=in | name=audials localhttpserver 31931 |
"{8434FA5A-EFC2-439B-ABB1-74BE3DC499AF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D8FACEE-8588-4419-B7F2-9EF86629BA84}" = lport=53168 | protocol=6 | dir=in | name=mezzmo media server service |
"{A3B97703-27AE-469A-9D5D-B74E859533F1}" = lport=2869 | protocol=6 | dir=in | name=mezzmo media server service |
"{A3BD714E-A960-4D24-8914-36C14D392F65}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A4B825BB-722C-4FE6-8510-F2A77BD900A3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{ABFA373C-415A-41D8-8C0F-713EB9B25D39}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{B21CB54A-144C-4FED-B3A5-5589A36301BB}" = lport=53168 | protocol=6 | dir=in | name=mezzmo media server service |
"{BA1C765E-0E09-40F5-AAD2-5969A653C38C}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BD45E275-8D39-489B-8540-0DEB0BF2850F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C6DC4138-8514-42CF-8903-F9001F73BE7C}" = lport=1900 | protocol=17 | dir=in | name=mezzmo media server service |
"{CA38A6BE-D54D-427E-82A9-6452304A2368}" = rport=137 | protocol=17 | dir=out | app=system |
"{D2F42DC4-1EB9-4653-88D7-85BFFC5CB98F}" = lport=2869 | protocol=6 | dir=in | name=mezzmo media server service |
"{D3065868-4AD6-4379-B107-F679C655A400}" = lport=53168 | protocol=6 | dir=in | name=mezzmo media server service |
"{D4C1D5F6-2630-4A15-AECB-C8747A0305D3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC437209-0E75-426B-ACBA-79B8D4868700}" = lport=1900 | protocol=17 | dir=in | name=mezzmo media server service |
"{DE271058-2AA0-46A3-9A72-0F6281A28CC9}" = lport=2869 | protocol=6 | dir=in | name=mezzmo media server service |
"{E8CEB580-10C4-4AF3-BCE9-FA0B15DE4E6A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EEEDCFEB-B9E4-4CF0-BCF7-7E2A528DD213}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F1956114-A17A-4FF7-B94C-C2D92D01676D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6990A20-A8A7-41DA-934C-1CA065A8249E}" = lport=14714 | protocol=6 | dir=in | name=audials localhttpserver 14714 |
"{F8197B34-3F8E-401C-B0D8-9E07DD6D5063}" = lport=445 | protocol=6 | dir=in | app=system |
"{FA0E25DD-DE35-46AB-852C-61469FB65309}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FB7AC1E3-D31E-4D24-992C-BA098CDADF92}" = rport=139 | protocol=6 | dir=out | app=system |
"{FE4B4CB2-A1F2-46AB-863C-F388B09CBFC4}" = rport=138 | protocol=17 | dir=out | app=system |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0077E57C-0BF0-4A0F-8DB1-BF131A6DA56D}" = dir=out | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{01674670-7FA6-42D3-8DC0-CCECB7D6CED9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{02F56C15-8ACD-4867-872E-4F40548AFAE6}" = dir=out | app=c:\program files (x86)\microsoft expression\design 4\dxsetup.exe |
"{0398B5C5-586B-4CC6-BA9D-DE7BD428B6A0}" = dir=out | app=c:\windows\system32\svchost.exe |
"{06A81C5A-0665-43FE-AD47-C4617C59161F}" = dir=out | app=c:\program files (x86)\skype\phone\skype.exe |
"{0D7B18AC-7CA0-44EE-BF62-F906089F6F66}" = protocol=17 | dir=in | app=c:\utils\wallwatcher\wallwatcher.exe |
"{0E926D57-9EFC-4DA8-8A17-991E9D7DC8AC}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe |
"{14F9AB9F-AC7B-41FA-BF47-BE2162E016B9}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfjswx.exe |
"{15677E1D-F8C3-44A2-A219-8F9086166B1B}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{15B831D0-CDAA-45FE-A404-4531C218974E}" = dir=out | app=c:\program files (x86)\gretech\gomplayer\gom.exe |
"{1618D5A4-C9A6-4B0E-9A83-6ABFD3B515C9}" = dir=out | app=c:\program files (x86)\conceiva\mezzmo\mezzmomediaserver.exe |
"{195DB493-1D75-4051-A87A-02C5460287C6}" = dir=out | app=c:\windows\system32\svchost.exe |
"{1AE10CF7-8373-46B6-B3F2-BDF95F88005F}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdftime.exe |
"{1C839443-4684-4563-89B3-19C5E13A7F3D}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe |
"{20DAE590-56A1-437F-88A4-B1C1BDE9E480}" = dir=out | app=c:\program files\gpsoftware\directory opus\dopus.exe |
"{215FDE39-6C9A-478A-BA69-A3617657C973}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe |
"{2283ED6F-A8E3-4857-AD8F-3514F8370CA1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{26B5FF67-C72D-4D31-9D4B-1ED441EFB5B9}" = dir=out | app=c:\program files (x86)\microsoft expression\blend 4\dxsetup.exe |
"{2C3E5BA8-507C-4A46-8BBF-4F65DEFAD8A5}" = protocol=17 | dir=in | app=c:\windows\system32\lxdfcoms.exe |
"{2D054235-E14A-46BB-8AA3-5ED36F722390}" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{30B607F6-2F3F-49DD-90B0-639BE7551A99}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{32DC041C-E99A-4FF8-87FB-42085DD58748}" = dir=out | app=c:\program files (x86)\windows live\photo gallery\moviemaker.exe |
"{33F51BEF-BC9E-4746-A351-BDD2C4E8CA07}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{34E52A37-AE61-4BFF-B02C-3CD4EDF0D8E2}" = dir=out | app=c:\program files (x86)\java\jre7\bin\java.exe |
"{34FFF554-AA24-4707-B878-4BB48DCFA761}" = protocol=17 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe |
"{3697405D-9ECF-4088-BEC0-A6209E2B0042}" = protocol=1 | dir=out | app=system |
"{38AA5D43-C5A4-4D04-BC18-D82F28F9C3C5}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe |
"{3A7169B6-7533-4352-95F3-B9D85097FF72}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3BA2E668-87A9-4CDB-AF88-68305FD9FFDA}" = dir=out | app=c:\program files (x86)\apple software update\softwareupdate.exe |
"{3E83DE04-74BA-4E51-8486-8566584EB743}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{40968C48-EE4A-4426-9511-87178B96163C}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{42BA94D6-CB80-4084-B3BA-5AF9A206A03B}" = dir=out | app=c:\program files (x86)\microsoft expression\web 4\dxsetup.exe |
"{42E13944-D1B1-40AB-B78B-F286221EC688}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe |
"{4407052E-1045-46D8-B1BA-D62A3A9B943F}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe |
"{442BD23B-1552-4CDB-889A-4B10108C6B88}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe |
"{45395410-6060-4AC8-8B5A-5A3052FAB030}" = dir=out | app=c:\program files\internet explorer\iexplore.exe |
"{4830FD68-D0A5-46EE-8C46-C07681A5866C}" = dir=out | app=c:\program files (x86)\webshots\webshots.scr |
"{49CEEAFD-372B-46E9-951E-E23A00EFC82B}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe |
"{49E490D5-13D1-47CF-B66B-0F3126E5A04C}" = dir=out | app=c:\program files (x86)\secunia\psi\psia.exe |
"{4B42F11D-4ECA-4FA1-B6F0-71B81CB96DBF}" = protocol=6 | dir=in | app=c:\utils\wallwatcher\wallwatcher.exe |
"{4EBCDCC4-AFFC-446F-992A-82DE02298400}" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"{511EFF6E-9E15-44B3-8378-B2504895279A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5446FCD7-10CB-4791-8BF7-8600B0995741}" = dir=out | app=c:\windows\microsoft.net\framework\v2.0.50727\installutil.exe |
"{545FC8A8-35ED-474A-A3FA-953670F834E5}" = dir=out | app=c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe |
"{56FA5951-590A-4FA8-AC71-9833DABD2A5E}" = dir=out | app=c:\program files (x86)\dyndns updater\dynupconfig.exe |
"{58A838CE-1CAC-422B-A011-C640DEEC81FD}" = protocol=6 | dir=in | app=c:\shareddata\myportable\network\network tools\lookatlan\lookatlan.exe |
"{59EED716-1ECC-4C03-94BF-734C43F5B530}" = dir=out | app=c:\program files\microsoft security client\mpcmdrun.exe |
"{5B59A7AB-6CCC-4C45-84D0-E64720239F7C}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe |
"{5B66235A-12D6-4504-9CEC-4E5E183942D7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5E7FB759-17FB-4B21-8E12-066C51B9E9E7}" = dir=out | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{5F5DDED3-08ED-43D2-955B-560D3A6252BE}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe |
"{6031013E-6990-4F2C-8F8C-54D87B43FC5F}" = dir=out | app=c:\windows\system32\rundll32.exe |
"{613B81F9-D661-43C5-AFB5-7801858A268E}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\wireless\lxdfwpss.exe |
"{65532739-E84C-41DA-BA61-D9BB11CB58FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{65AF4124-91AE-425A-BEFD-8E6EE3CCBFBE}" = dir=out | app=c:\windows\system32\svchost.exe |
"{65F9B15B-5AE0-45D6-99A4-275460CFDD51}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe |
"{69034932-94CE-49A6-8C85-839233FFD371}" = dir=out | app=c:\windows\helppane.exe |
"{69436C74-D94F-41B7-BAA4-3C771A4BE06C}" = protocol=17 | dir=in | app=c:\shareddata\myportable\network\network tools\lookatlan\lookatlan.exe |
"{69A08E56-2680-4AC2-9246-EF16417E2E83}" = dir=out | app=c:\windows\system32\svchost.exe |
"{6C3366B6-72C8-40AD-8E4D-872C45A36BD9}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe |
"{6EBB947B-2FB0-4BF9-B861-AC80EDC78B4E}" = dir=out | app=c:\windows\system32\svchost.exe |
"{7259E72A-EEAF-4C98-A8EE-C7CFA44663D3}" = protocol=17 | dir=in | app=c:\program files (x86)\acronis\backupandrecovery\mms.exe |
"{72765491-BD19-440B-A9B9-5407417FC26C}" = dir=out | app=c:\program files (x86)\common files\java\java update\jucheck.exe |
"{7321B786-7BFA-45BB-AFF7-DE04309CBD6E}" = dir=out | app=c:\program files (x86)\du meter\dumeter.exe |
"{757AE668-2E54-42B1-982C-EE9BCC72E136}" = protocol=6 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey.exe |
"{7BD4D5FD-192F-40E4-95EC-D12A69787A68}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\acronis\agent\agent.exe |
"{7D86E63B-1A50-4BFD-B178-5A476B4E8404}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe |
"{7DA5B2F5-1908-4B9A-911E-9A645ADA1C7B}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe |
"{7F596621-A063-4E36-AF69-45AFC4E34A2D}" = dir=out | app=c:\program files (x86)\dyndns updater\dyntray.exe |
"{8194B23D-5F09-49E2-A4E9-5F487BE0F098}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8396476C-BA8B-40FC-95B1-58171EA5B070}" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"{8767DD9C-D5E4-42B1-81B0-4D5817968E3F}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe |
"{885BD9A9-0270-454E-A179-9D4C69E55086}" = dir=out | app=c:\program files\microsoft office\office14\excel.exe |
"{88BC69B5-9ABD-4C21-96F0-F8B5FF856048}" = dir=out | app=c:\program files (x86)\conceiva\mezzmo\mezzmo.exe |
"{8A5A2963-CBBA-4D61-BEF6-D55E264D1D9F}" = dir=out | app=c:\windows\syswow64\macromed\flash\flashplayerplugin_11_4_402_278.exe |
"{8B1AD702-A819-4C2A-92B6-781061408676}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfjswx.exe |
"{8F20D9F2-F7B0-4272-AAD2-771E7CA78A0A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe |
"{8F76F512-B0F9-407F-916C-46BE25EF31B0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8FA3FFF6-35FF-40E1-9F19-6B21FF8B7DBD}" = protocol=6 | dir=in | app=c:\windows\system32\lxdfcoms.exe |
"{8FDA57F8-52F4-4752-8EAF-264C70A28941}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\x64\vmware-vmx.exe |
"{90F9235F-9EF1-47D1-ADC4-4AF55A8D5ECE}" = protocol=6 | dir=out | svc=wuauserv | app=c:\windows\system32\svchost.exe |
"{9143EDDC-4408-406F-B965-DBA25307CD85}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\wireless\lxdfwpss.exe |
"{923E0316-7F5B-4550-8A49-46C99AD16820}" = dir=out | app=c:\windows\syswow64\vmnat.exe |
"{9242A3F5-F3C0-4D0A-A6BC-1508D7100790}" = protocol=6 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"{94AFF7E2-6DA5-4874-9B04-4C2883BF497F}" = dir=out | app=c:\program files (x86)\collectorz.com\movie collector\moviecollector.exe |
"{95A47BF5-F0FD-4A4D-8916-56AA64C79CDE}" = dir=out | app=c:\program files (x86)\secunia\psi\psi.exe |
"{96E36771-4EB9-4A52-9F56-FF84B467C239}" = dir=out | app=c:\program files (x86)\dyndns updater\dynupup.exe |
"{98349BA5-3DC3-4E7E-8C58-7A47D885E2D2}" = dir=out | app=%programfiles% (x86)\xilisoft\video converter ultimate\vc.exe |
"{99454104-2AE9-47F9-BDD3-3799B1766CCE}" = dir=out | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe |
"{9982AF27-2F9A-4F88-B967-11A2C422B346}" = dir=out | app=c:\program files (x86)\malwarebytes' anti-malware\mbam.exe |
"{9D524141-C6A9-40F1-8E0E-A3D825302F55}" = dir=out | app=c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe |
"{A146BBB2-3FBA-4D98-8159-674576C9A138}" = dir=out | app=%programfiles% (x86)\xilisoft\dvd ripper ultimate\dr.exe |
"{A1657E20-0769-47A1-911F-F052D80C33D7}" = dir=out | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{A18FFC6A-BA53-44F8-A50F-2BB9A4A03703}" = dir=out | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"{A38EF6EE-E73A-47C7-B9DB-7C0B3F5FEAF6}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe |
"{A4AF0195-1C14-4BF0-9D6F-431717759A6D}" = dir=out | app=c:\program files (x86)\oovoo\oovoo.exe |
"{A57E2895-95CA-44A3-81BF-0FDED4F646C5}" = protocol=6 | dir=in | app=c:\program files (x86)\acronis\backupandrecovery\mms.exe |
"{A6682829-F16B-48DC-AF1E-14126238820F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\acronis\agent\agent.exe |
"{A7A3948E-6B11-4477-BA61-DE9FB2CC068D}" = dir=out | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"{A9B9292D-495F-40F6-8840-410D6AC6420C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AA093509-59F6-4917-83C1-6B52F014E929}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{ABC26250-F4A4-421F-8BA3-405EC974D63B}" = protocol=17 | dir=in | app=c:\windows\system32\lxdfcfg.exe |
"{AD829C84-D2AB-4E24-B247-8A61E92E9B3C}" = dir=out | app=c:\program files\java\jre7\bin\javaw.exe |
"{AE3F0B39-7BC5-4DB3-9765-16558509B73E}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
"{AF17A0AF-EF0D-4BB7-B57C-6692DD0B0ACB}" = dir=out | app=c:\windows\syswow64\dxdiag.exe |
"{B02F4549-4D5A-4E40-BD6E-10ABD69EA896}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B5D49299-1B3E-49FE-9325-2B2511CD678C}" = dir=out | app=c:\program files (x86)\dyndns updater\dynupsvc.exe |
"{B6D8D24D-A6FE-4FE0-8876-6BBF1DB3AFBC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BBDC3272-F381-4ECA-86C0-CDF1B9BE8819}" = protocol=6 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe |
"{C04B8394-1CBC-43CA-82F6-714B073D64D3}" = protocol=17 | dir=in | app=c:\program files (x86)\tightvnc\tvnserver.exe |
"{C22B4180-9D9F-45B8-A699-8039365D051C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C3231483-D651-4963-9BE3-6D7CB7885839}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdftime.exe |
"{C4A4C020-B57E-49DA-92C3-2C451F20F424}" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"{C85B2F9D-FB8C-4A2D-8B07-3C3CC97B4477}" = protocol=17 | dir=in | app=c:\utils\wallwatcher\wallwatcher.exe |
"{C89CCD3C-CF7C-4592-95B1-89187D6B3B22}" = dir=out | app=c:\utils\javara\javara.exe |
"{CB96A225-B4D7-4CB5-AE08-365B5925A98F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D0138C46-EADB-4ED8-8934-879B1DCF313C}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe |
"{D1C3C594-4FBB-47C3-A963-C1871B420E0A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{D616F76A-927B-4613-9582-7CDD6D1DFA43}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdfcoms.exe |
"{D94D22C8-5CF7-48FD-8C56-BB291EE325C0}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\x64\vmware-vmx.exe |
"{DB8694D4-D221-401C-9E1D-8AECA0AB3429}" = dir=out | app=c:\program files\microsoft office\office14\outlook.exe |
"{DD1AA0B6-D12F-41F9-ADF0-53B4177AB97B}" = dir=out | app=c:\windows\syswow64\werfault.exe |
"{DD1C0909-8AA7-4459-B4DD-40DDCE744985}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-authd.exe |
"{DFAAA421-009B-4EF5-B104-0DAB20010F83}" = dir=in | app=c:\program files (x86)\vmware\vmware workstation\vmware-hostd.exe |
"{E0043B4D-E8AA-49B9-9428-E6BAA5B35095}" = dir=out | app=c:\program files (x86)\picpick\picpick.exe |
"{E00519E4-985E-41CD-BF85-954A695F12A1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{E04CF133-4C41-4FAD-B136-4A65CFA101B5}" = dir=out | app=c:\program files (x86)\google\googleupdate.exe |
"{E0DF67DD-FEA3-4292-801A-A75E89801777}" = dir=out | app=%programfiles% (x86)\xilisoft\video converter ultimate\immdevice.exe |
"{E27BC5E0-E492-41E2-B23D-90DA5F96EB0F}" = protocol=6 | dir=in | app=c:\windows\system32\lxdfcfg.exe |
"{E44F3B85-9169-4160-BE80-5D97259EBC8F}" = dir=out | app=c:\windows\explorer.exe |
"{E495AFEF-6C8F-4442-895B-54B47666D687}" = dir=out | app=c:\program files (x86)\vmware\vmware workstation\vmware.exe |
"{E53A5332-9387-406E-A00B-0144BFA207C9}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E8ABF748-A7D8-4652-AC24-2F157DA0DD80}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdftime.exe |
"{E9050BED-5FB1-46BD-A749-9ED261224840}" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"{E9C909AD-F2E8-4CD7-8098-DEBF594B1DE0}" = protocol=6 | dir=in | app=c:\utils\wallwatcher\wallwatcher.exe |
"{EAB85696-8B53-440A-8382-613C4480798D}" = protocol=6 | dir=in | app=c:\program files (x86)\tightvnc\tvnserver.exe |
"{ED4B1BB5-3955-4866-9BDE-8B6DC3244629}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F2587C41-223E-4CA9-B1C4-E51B23C80AF5}" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"{F384F772-5D2A-40DA-9280-953F589785EF}" = protocol=17 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey.exe |
"{F39E1D67-9594-4BE2-BBA5-C5BD85C2FCC9}" = dir=out | app=c:\program files (x86)\common files\java\java update\jusched.exe |
"{F582031C-F34E-422A-93B5-EB2D4ED7723B}" = dir=out | app=c:\program files\common files\microsoft shared\windows live\wlidsvc.exe |
"{F5B4A8CD-CA08-47A9-88BB-9990816F7DBD}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdfcoms.exe |
"{F65D1B6E-BA5C-4729-8650-4C4C064A2C25}" = dir=out | app=c:\program files (x86)\notepad++\notepad++.exe |
"{F7402D26-C174-4FE8-87CB-F1046056E0A7}" = dir=out | app=c:\windows\system32\lxdfcoms.exe |
"{F921AF5D-CE51-4F6C-9BD5-AB86521B7B4C}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdftime.exe |
"{FAC050CA-B684-4A1C-9903-A7B70489AB5F}" = dir=in | app=c:\program files (x86)\rapidsolution\audials 9\audials.exe |
"{FB065476-1B77-4798-A7C5-C446FE6A1E28}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{FBB21F02-F9A1-44AE-9571-BEAE16D36755}" = dir=out | app=%programfiles% (x86)\xilisoft\dvd ripper ultimate\immdevice.exe |
"{FE16FAB7-2877-42C7-9339-5B0FAC4722F2}" = protocol=17 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"TCP Query User{368D07E8-0579-48BD-B8A1-713355E2EBD4}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{98538568-35CD-4425-8751-14943764710C}C:\shareddata\myportable\network\network tools\lookatlan\lookatlan.exe" = protocol=6 | dir=in | app=c:\shareddata\myportable\network\network tools\lookatlan\lookatlan.exe |
"TCP Query User{9CACFE33-0A41-4D55-AADC-E58ED1D8AAC2}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{C200A7B0-9F1B-43AB-8374-FA72DED6A37D}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe" = protocol=6 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe |
"TCP Query User{C89FCB27-A129-4F40-8C1F-6B1D3C092A02}C:\program files (x86)\mediamonkey\mediamonkey.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey.exe |
"TCP Query User{CC74AA33-9B37-4D27-B2F1-96169934DE27}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{CFB0AE55-38E2-4FB5-BF2E-C7B954E92589}C:\program files (x86)\vmware\vmware workstation\x64\vmware-vmx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\x64\vmware-vmx.exe |
"TCP Query User{D06CEAD3-1FEF-4AF0-9819-F66919EC3909}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{D73A0C1C-3D03-4658-9DDE-4375D52944BB}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"TCP Query User{E5DD4D90-F63D-4D2B-811A-19A1859343A3}C:\program files (x86)\lexmark 6500 series\lxdfmon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe |
"UDP Query User{0667F55E-D985-4CB1-BB31-54DD2473D087}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{2AC8CF6F-02B8-4C09-B0ED-6BC4C0A68A9E}C:\program files (x86)\vmware\vmware workstation\x64\vmware-vmx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware workstation\x64\vmware-vmx.exe |
"UDP Query User{33AF37AF-6BEA-4E31-BF9C-4B1B7DCCA861}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{3FE3A5BE-0624-4375-818B-E471C175CB14}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{75DEDB6B-0DB2-4D72-A938-E0F607EE8AA4}C:\program files (x86)\mediamonkey\mediamonkey.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey.exe |
"UDP Query User{7D045E22-4263-4492-A474-B2D8B0AD2765}C:\program files (x86)\lexmark 6500 series\lxdfmon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe |
"UDP Query User{B480EB0A-A387-4D3F-AE2B-D37E16FEAABF}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe" = protocol=17 | dir=in | app=c:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe |
"UDP Query User{CCFA9529-4D9D-4CCD-A6F1-AA966B548A41}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe |
"UDP Query User{D1B1B6FB-A1D8-4CE7-9E1F-384468DDC9C0}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{FB7612C4-886D-4B78-B6A9-B65E787BECA4}C:\shareddata\myportable\network\network tools\lookatlan\lookatlan.exe" = protocol=17 | dir=in | app=c:\shareddata\myportable\network\network tools\lookatlan\lookatlan.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{2BE3C45C-B0E3-4061-A3C5-C6ED9639C813}" = VmciSockets
"{35B226DA-E3F6-21FD-31AB-0046C6E87043}" = ATI Problem Report Wizard
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}" = Microsoft IntelliPoint 7.1
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{698EDD46-FC0B-926F-54DF-23B6BB20EDFC}" = AMD Drag and Drop Transcoding
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0081-0409-1000-0000000FF1CE}" = Microsoft Outlook Hotmail Connector 64-bit
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B45B5123-C009-F8B4-FE93-45B42C8A786F}" = ATI AVIVO64 Codecs
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E6F5D8BE-0B00-6DD9-18F9-D4045798FCBE}" = AMD Media Foundation Decoders
"{F4C71C2A-F068-8EEB-61AE-EA4707C57A1B}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"0630-0716-3135-7887" = JDownloader 2
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"FileMenu Tools_is1" = FileMenu Tools
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.3.0 (64-bit)
"Lexmark 6500 Series" = Lexmark 6500 Series
"MediaInfo" = MediaInfo 0.7.59
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Recuva" = Recuva
"Sandboxie" = Sandboxie 3.54 (64-bit)
"Unlocker" = Unlocker 1.9.1-x64
"Windows Firewall Control" = Windows Firewall Control
"WinRAR archiver" = WinRAR 4.01 (64-bit)
"Xvid_is1" = Xvid MPEG-4 Video Codec

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{0665E2D2-2CF0-47C3-A0BA-11DCEFB0636F}" = Acronis Backup & Recovery 10 Upgrade Tool
"{07EF3970-F8E5-4A27-A5A3-230484D35026}" = Microsoft Expression Encoder 4
"{07F6BABF-0653-41A0-BCB7-8C2148AD2F1A}" = Acronis Backup & Recovery 10 Tray Monitor
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D605B4-DCD1-451F-ABD7-52E6BB868E4E}" = Microsoft Expression Design 4
"{0BFEE7F5-4593-4C04-8373-EB3450C8885D}" = Acronis Backup & Recovery 10 Universal Restore
"{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}" = VMware Workstation
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{14757070-5AE3-434C-9880-8F571E5C0FCB}" = Anti-reCAPTCHA v3.02 JD
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{1873789F-59D5-4002-8A2F-60A827B78F98}_is1" = GmapTool 0.6.1
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{256E7DAC-9BE8-494E-8DE7-7857BF96B774}" = Microsoft Expression Blend 3 SDK
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{29A47E79-7287-4C52-9667-B4CDEEE14B58}" = T.Probe
"{2D416A80-0BB1-4D8B-B770-7BE8F53D5937}" = Windows Live UX Platform Language Pack
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}" = Movie Maker
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{46316411-80D8-4F68-8118-696E05FCE199}" = Windows Live Essentials
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{491D92A9-69CA-4EB4-81D3-0106F9337957}" = TurboV EVO
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{4C6D5779-A766-45DF-9938-D6F595A66F2B}" = Microsoft Expression Blend 4
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = Catalyst Control Center
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{5CC4C963-F772-4766-BFF2-DE551E205EE9}" = Photo Common
"{5D4F167D-CCC8-413E-A6EE-F2FABBBBF50D}" = GPSoftware Directory Opus
"{5EE6E987-1B79-4A93-832B-27472C7D1579}" = WPF Toolkit February 2010 (Version 3.5.50211.1)
"{5F8D931D-B230-47F3-A9C0-0C8CA459A332}" = Microsoft Expression Web 4
"{60A1253C-2D51-4166-95C2-52E9CF4F8D64}" = Photo Gallery
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}" = Garmin WebUpdater
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F702A65-629F-4E5A-B686-1A4826C83AB4}" = Adobe Flash Player 11 ActiveX
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}" = Microsoft Silverlight 4 SDK
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8C20787A-7402-4FA7-BF25-6E5750930FDC}" = PowerDVD
"{8C27E4F1-9CE6-4C32-ADBB-D51CD226649E}" = Adobe Flash Player 11 Plugin
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{901F9AB8-1E4E-4740-B579-740D12C0FE2D}" = Acronis Backup & Recovery 10 Bootable Media Builder
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{942DF6BD-E4F2-4915-B4FB-09C02B71284F}" = VT-Paul-M16-SAPI5
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE11DE3-4703-4482-BC77-A32D73951334}" = Mezzmo
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCC78EF-027E-40E0-9B61-39932C65E3FE}" = Acronis Disk Director Home
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9EF762D2-2D12-4865-91C4-87705F91C28F}" = Acronis Backup & Recovery 10 Agent
"{9FAD67A7-3A4E-4754-AAC4-0397F370611D}" = VT-Kate-M16-SAPI5
"{A06FE62B-CEBC-4E94-AED8-92DCC33BC8EA}" = Microsoft Expression Studio 4
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Movie ThemePack 4
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{B8812AF2-8483-4538-88AB-F1A4A145B209}" = Audials
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{BEC95E5B-46FA-4CFB-BD96-10384DBC465C}" = TMPGEnc Video Mastering Works 5
"{BF127B80-CFD5-4379-9752-E8AF1A5D0141}" = Microsoft Expression Encoder 4 Screen Capture Codec
"{BFE7E085-7327-43D8-B0A3-4A0DDC97D652}" = Acronis Backup & Recovery 10 Standalone Management Console
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C35BBC64-E7B7-B699-E5D8-CE5989061F93}" = HydraVision
"{C4367E67-52FE-45C6-889C-F48CE7883CA8}" = VT-Bridget-M16-SAPI5
"{C496F7CD-ED09-4D8D-872E-3470D4717714}" = VT-Julie-M16-SAPI5
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}" = WinZip 15.0
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{D793423B-FF18-4A54-B9C9-75B3396BAAC4}" = Browser Configuration Utility
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}" = Nero 10 Movie ThemePack 3
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}" = Nero 10 PiP EffectPack 1
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5993FCC-DF5D-4879-B70D-AA1F379C5C6B}" = Microsoft Expression Web 4 Service Pack 2
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}" = XML Notepad 2007
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Advanced Disk Catalog" = Advanced Disk Catalog
"Blend_4.0.20525.0" = Microsoft Expression Blend 4
"cGPSmapper Free_is1" = cGPSmapper Free 0100d
"Collectorz.com Movie Collector" = Collectorz.com Movie Collector
"Concise Oxford English Dictionary (Eleventh Edition)" = Concise Oxford English Dictionary (Eleventh Edition)
"CoreAAC" = CoreAAC
"Design_7.0.20516.0" = Microsoft Expression Design 4
"DUMeter3_is1" = DU Meter
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DynUpdater" = Dyn Updater
"EasyBoot_is1" = EasyBoot V5.12
"Encoder_4.0.1639.0" = Microsoft Expression Encoder 4
"ExpressionStudio_4.0.20525.0" = Microsoft Expression Studio 4
"FastStone Image Viewer" = FastStone Image Viewer 4.5
"Flash Renamer_is1" = Flash Renamer 6.3
"FreeFileSync" = FreeFileSync 5.6
"GOM Picker" = GOM PICKER
"GOM Player" = GOM Player
"GOM Video Converter" = GOM Video Converter
"HandBrake" = HandBrake 0.9.5
"ImgBurn" = ImgBurn
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{8C20787A-7402-4FA7-BF25-6E5750930FDC}" = CyberLink PowerDVD 10
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.20
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.3.0
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"MediaMonkey_is1" = MediaMonkey 4.0
"MKVToolNix" = MKVToolNix 5.2.1
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49b
"NetStat Agent_is1" = NetStat Agent 2.1.1
"Notepad++" = Notepad++
"Pdf995" = Pdf995
"PicPick" = PicPick
"PuTTY_is1" = PuTTY version 0.60
"QuickPar" = QuickPar 0.9
"RarmaRadio_is1" = RarmaRadio 2.68.1
"RealAlt_is1" = Real Alternative 2.0.2
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"SmartHideIP" = Smart Hide IP
"SpeedFan" = SpeedFan (remove only)
"Tag&Rename_is1" = Tag&Rename 3.5.7
"TightVNC" = TightVNC 2.0.2
"TTSReader" = TTSReader 1.30
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"UBCD4Win_is1" = UBCD4Win 3.60
"UltraISO_is1" = UltraISO Premium V9.5
"UnInstall Icon Restore_is1" = UnInstall Icon Restore 1.0
"Video Thumbnails Maker" = Video Thumbnails Maker by Scorp (remove only)
"VLC media player" = VLC media player 2.0.3
"VMware_Workstation" = VMware Workstation
"WallWatcher" = WallWatcher
"Web_4.0.1303.0" = Microsoft Expression Web 4
"Webshots Desktop" = Webshots Desktop
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"Xilisoft DVD Ripper Ultimate" = Xilisoft DVD Ripper Ultimate
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BoxEasy JukeBox" = BoxEasy JukeBox

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 9/23/2012 11:08:17 PM | Computer Name = P7P55CM | Source = DUMeterSvc | ID = 0
Description = Service error: System Error. Code: 1060. The specified service does
not exist as an installed service

Error - 9/24/2012 4:57:56 AM | Computer Name = P7P55CM | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/24/2012 4:58:23 AM | Computer Name = P7P55CM | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/24/2012 4:58:31 AM | Computer Name = P7P55CM | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe". Dependent Assembly
Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/24/2012 4:58:35 AM | Computer Name = P7P55CM | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
10\Nero SoundTrax\NMDllHost.exe.Manifest".Error in manifest or policy file "C:\Program
Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST" on line 3. Component identity
found in manifest does not match the identity of the component requested. Reference
is NFD,type="win32",version="5.2.0.0". Definition is NFD,type="win32",version="5.0.0.0".
Please
use sxstrace.exe for detailed diagnosis.

Error - 9/24/2012 4:58:35 AM | Computer Name = P7P55CM | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
10\Nero WaveEditor\NMDllHost.exe.Manifest".Error in manifest or policy file "C:\Program
Files (x86)\Nero\Nero 10\Nero WaveEditor\NScCoreComponents\NScCoreComponents.MANIFEST"
on line 3. Component identity found in manifest does not match the identity of the
component requested. Reference is NScCoreComponents,type="win32",version="5.3.2.0".
Definition
is NScCoreComponents,type="win32",version="5.3.0.0". Please use sxstrace.exe for
detailed diagnosis.

Error - 9/24/2012 4:58:36 AM | Computer Name = P7P55CM | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll". Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/24/2012 6:21:58 PM | Computer Name = P7P55CM | Source = Application Error | ID = 1000
Description = Faulting application name: spoolsv.exe, version: 6.1.7601.17777, time
stamp: 0x4f35fc1d Faulting module name: lxdflmpm.dll, version: 1.0.2.0, time stamp:
0x464c9d48 Exception code: 0x40000015 Fault offset: 0x0000000000077dbe Faulting process
id: 0x744 Faulting application start time: 0x01cd9aa219dd7912 Faulting application
path: C:\Windows\System32\spoolsv.exe Faulting module path: C:\Windows\System32\lxdflmpm.dll
Report
Id: 4084c831-0696-11e2-829b-005056c00008

Error - 9/24/2012 6:22:00 PM | Computer Name = P7P55CM | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start

Error - 9/24/2012 6:22:00 PM | Computer Name = P7P55CM | Source = ATIeRecord | ID = 16386
Description = ATI EEU Client has failed to start

[ Media Center Events ]
Error - 6/6/2011 3:30:02 AM | Computer Name = P7P55CM | Source = MCUpdate | ID = 0
Description = 3:30:01 AM - Error connecting to the internet. 3:30:01 AM - Unable
to contact server..

Error - 6/6/2011 4:30:34 AM | Computer Name = P7P55CM | Source = MCUpdate | ID = 0
Description = 4:30:33 AM - Error connecting to the internet. 4:30:33 AM - Unable
to contact server..

Error - 6/6/2011 5:31:06 AM | Computer Name = P7P55CM | Source = MCUpdate | ID = 0
Description = 5:31:05 AM - Error connecting to the internet. 5:31:05 AM - Unable
to contact server..

Error - 6/6/2011 6:31:38 AM | Computer Name = P7P55CM | Source = MCUpdate | ID = 0
Description = 6:31:37 AM - Error connecting to the internet. 6:31:37 AM - Unable
to contact server..

Error - 1/11/2012 1:46:20 AM | Computer Name = P7P55CM | Source = MCUpdate | ID = 0
Description = 12:46:16 AM - Error connecting to the internet. 12:46:16 AM - Unable
to contact server..

Error - 1/11/2012 2:46:57 AM | Computer Name = P7P55CM | Source = MCUpdate | ID = 0
Description = 1:46:53 AM - Error connecting to the internet. 1:46:53 AM - Unable
to contact server..

Error - 1/11/2012 3:47:28 AM | Computer Name = P7P55CM | Source = MCUpdate | ID = 0
Description = 2:47:27 AM - Error connecting to the internet. 2:47:27 AM - Unable
to contact server..

[ System Events ]
Error - 9/24/2012 6:12:45 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7034
Description = The UMVPFSrv service terminated unexpectedly. It has done this 1
time(s).

Error - 9/24/2012 6:12:46 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7034
Description = The CYGWIN sshd service terminated unexpectedly. It has done this
1 time(s).

Error - 9/24/2012 6:15:33 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdfCATSCustConnectService
service to connect.

Error - 9/24/2012 6:15:33 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7000
Description = The lxdfCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 9/24/2012 6:17:26 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7031
Description = The VMware Workstation Server service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 9/24/2012 6:18:28 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7031
Description = The VMware Workstation Server service terminated unexpectedly. It
has done this 2 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 9/24/2012 6:19:31 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7031
Description = The VMware Workstation Server service terminated unexpectedly. It
has done this 3 time(s). The following corrective action will be taken in 60000
milliseconds: Run the configured recovery program.

Error - 9/24/2012 6:20:31 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Run
the configured recovery program) after the unexpected termination of the VMware
Workstation Server service, but this action failed with the following error: %%193

Error - 9/24/2012 6:21:31 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the UmRdpService service.

Error - 9/24/2012 6:22:00 PM | Computer Name = P7P55CM | Source = Service Control Manager | ID = 7031
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.


mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter
reply to mmainprize


************************************************************************************
* Ran Security Checkup *
************************************************************************************
Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x64 [color=red](UAC is disabled!)[/color]
Internet Explorer 9
[u]``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
Microsoft Security Essentials
(On Access scanning disabled!)
[color=red]Error obtaining update status for antivirus![/color]
[u]`````````Anti-malware/Other Utilities Check:`````````[/u]
Secunia PSI (2.0.0.4003)
Malwarebytes Anti-Malware version 1.65.0.1400
Java 7 Update 7
Adobe Flash Player 11.4.402.278
Mozilla Firefox (15.0.1)
[u]````````Process Check: objlist.exe by Laurent````````[/u]
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Windows Firewall Control wfcs.exe
Windows Firewall Control wfc.exe
[u]`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 1%
[u]````````````````````End of Log``````````````````````[/u]

************************************************************************************
* ESET online scan *
************************************************************************************

C:\SharedData\Install\Jdownloader 7.x\JDDecrypt1.3.exe a variant of MSIL/Injector.AJG trojan
C:\SharedData\Install\Unlocker 1.9\Unlocker1.9.1-x64.exe Win32/Adware.ADON application
C:\SharedData\Install\Unlocker 1.9\Unlocker1.9.1.exe Win32/Adware.ADON application
C:\Windows\kmsem\KMService.exe a variant of Win32/HackKMS.A application
E:\Boot\EasyBoot\MyGhostV1.1\BootCD\WinTools\VDefs.exe probably a variant of Win32/TrojanDownloader.Agent.IPMCVMF trojan
E:\HTML\Offline Refernce\kellys-korner-xp.com\regs_edits\favdisable.vbs probably a variant of VBS/Seeker.R trojan
E:\HTML\Offline Refernce\kellys-korner-xp.com\regs_edits\favmenus.vbs probably a variant of VBS/Seeker.R trojan
E:\HTML\Offline Refernce\www.kellys-korner-xp.com\regs_edits\favdisable.vbs probably a variant of VBS/Seeker.R trojan
E:\HTML\Offline Refernce\www.kellys-korner-xp.com\regs_edits\favmenus.vbs probably a variant of VBS/Seeker.R trojan
E:\HTML\Offline Refernce\www.kellys-korner-xp.com\regs_edits\statusbar.vbs probably a variant of VBS/Seeker.R trojan


LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26
Reviews:
·Comcast

1 recommendation

reply to mmainprize

Download and run TDSS Killer, posting the log in this thread. Please post the log, even if nothing is detected.

You'll find the link(s) and instruction(s) here:
»Security Cleanup FAQ »Rootkit Detection Applications
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum



mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter
reply to mmainprize

00:58:25.0356 6568 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
00:58:25.0685 6568 ============================================================
00:58:25.0685 6568 Current date / time: 2012/09/25 00:58:25.0685
00:58:25.0685 6568 SystemInfo:
00:58:25.0685 6568
00:58:25.0686 6568 OS Version: 6.1.7601 ServicePack: 1.0
00:58:25.0686 6568 Product type: Workstation
00:58:25.0686 6568 ComputerName: P7P55CM
00:58:25.0686 6568 UserName: Mike
00:58:25.0686 6568 Windows directory: C:\Windows
00:58:25.0686 6568 System windows directory: C:\Windows
00:58:25.0686 6568 Running under WOW64
00:58:25.0686 6568 Processor architecture: Intel x64
00:58:25.0686 6568 Number of processors: 8
00:58:25.0686 6568 Page size: 0x1000
00:58:25.0686 6568 Boot type: Normal boot
00:58:25.0686 6568 ============================================================
00:58:44.0358 6568 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
00:58:44.0368 6568 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:58:44.0368 6568 Drive \Device\Harddisk2\DR2 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:58:44.0369 6568 Drive \Device\Harddisk3\DR3 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:58:44.0380 6568 Drive \Device\Harddisk4\DR4 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:58:44.0392 6568 ============================================================
00:58:44.0392 6568 \Device\Harddisk0\DR0:
00:58:44.0392 6568 MBR partitions:
00:58:44.0392 6568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
00:58:44.0392 6568 \Device\Harddisk1\DR1:
00:58:44.0392 6568 MBR partitions:
00:58:44.0392 6568 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:58:44.0392 6568 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x37DCF800
00:58:44.0393 6568 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x37E02000, BlocksNum 0xB09A6000
00:58:44.0393 6568 \Device\Harddisk2\DR2:
00:58:44.0393 6568 MBR partitions:
00:58:44.0393 6568 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800
00:58:44.0393 6568 \Device\Harddisk3\DR3:
00:58:44.0393 6568 MBR partitions:
00:58:44.0393 6568 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800
00:58:44.0393 6568 \Device\Harddisk4\DR4:
00:58:44.0393 6568 MBR partitions:
00:58:44.0393 6568 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
00:58:44.0393 6568 ============================================================
00:58:44.0411 6568 C: \Device\Harddisk1\DR1\Partition2
00:58:44.0431 6568 F: \Device\Harddisk4\DR4\Partition1
00:58:44.0456 6568 D: \Device\Harddisk1\DR1\Partition3
00:58:44.0486 6568 L: \Device\Harddisk3\DR3\Partition1
00:58:44.0494 6568 E: \Device\Harddisk0\DR0\Partition1
00:58:44.0522 6568 V: \Device\Harddisk2\DR2\Partition1
00:58:44.0522 6568 ============================================================
00:58:44.0522 6568 Initialize success
00:58:44.0522 6568 ============================================================
00:59:04.0924 4108 ============================================================
00:59:04.0924 4108 Scan started
00:59:04.0924 4108 Mode: Manual;
00:59:04.0924 4108 ============================================================
00:59:06.0212 4108 ================ Scan system memory ========================
00:59:06.0212 4108 System memory - ok
00:59:06.0213 4108 ================ Scan services =============================
00:59:06.0423 4108 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:59:06.0438 4108 1394ohci - ok
00:59:06.0473 4108 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:59:06.0489 4108 ACPI - ok
00:59:06.0508 4108 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:59:06.0509 4108 AcpiPmi - ok
00:59:06.0633 4108 [ 4FDA3F907ED8662628A35297DDA46F7A ] AcronisAgent C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
00:59:06.0649 4108 AcronisAgent - ok
00:59:06.0681 4108 [ 9F3598DCA949A55AAC28706F13C7774B ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
00:59:06.0686 4108 AcrSch2Svc - ok
00:59:06.0780 4108 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:59:06.0795 4108 AdobeFlashPlayerUpdateSvc - ok
00:59:06.0841 4108 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:59:06.0854 4108 adp94xx - ok
00:59:06.0880 4108 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:59:06.0892 4108 adpahci - ok
00:59:06.0904 4108 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:59:06.0911 4108 adpu320 - ok
00:59:06.0940 4108 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:59:06.0942 4108 AeLookupSvc - ok
00:59:06.0987 4108 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:59:06.0995 4108 AFD - ok
00:59:07.0030 4108 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:59:07.0031 4108 agp440 - ok
00:59:07.0062 4108 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:59:07.0063 4108 ALG - ok
00:59:07.0079 4108 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:59:07.0080 4108 aliide - ok
00:59:07.0118 4108 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:59:07.0122 4108 AMD External Events Utility - ok
00:59:07.0128 4108 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:59:07.0128 4108 amdide - ok
00:59:07.0145 4108 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:59:07.0146 4108 AmdK8 - ok
00:59:07.0307 4108 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:59:07.0413 4108 amdkmdag - ok
00:59:07.0467 4108 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
00:59:07.0484 4108 amdkmdap - ok
00:59:07.0499 4108 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:59:07.0501 4108 AmdPPM - ok
00:59:07.0545 4108 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:59:07.0546 4108 amdsata - ok
00:59:07.0576 4108 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:59:07.0586 4108 amdsbs - ok
00:59:07.0601 4108 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:59:07.0602 4108 amdxata - ok
00:59:07.0640 4108 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:59:07.0641 4108 AppID - ok
00:59:07.0662 4108 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:59:07.0663 4108 AppIDSvc - ok
00:59:07.0689 4108 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:59:07.0690 4108 Appinfo - ok
00:59:07.0716 4108 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
00:59:07.0720 4108 AppMgmt - ok
00:59:07.0738 4108 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
00:59:07.0740 4108 arc - ok
00:59:07.0751 4108 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:59:07.0753 4108 arcsas - ok
00:59:07.0790 4108 [ F6BDA026E4157DC4E321CA391E9D9BC6 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
00:59:07.0791 4108 AsIO - ok
00:59:07.0865 4108 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:59:07.0867 4108 aspnet_state - ok
00:59:07.0905 4108 [ 8C1FD73CC27EDD8D3344C632571C224C ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
00:59:07.0907 4108 AsSysCtrlService - ok
00:59:07.0937 4108 [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
00:59:07.0937 4108 AsUpIO - ok
00:59:07.0979 4108 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:59:07.0980 4108 AsyncMac - ok
00:59:08.0019 4108 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:59:08.0020 4108 atapi - ok
00:59:08.0071 4108 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
00:59:08.0072 4108 AtiHDAudioService - ok
00:59:08.0110 4108 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:59:08.0120 4108 AudioEndpointBuilder - ok
00:59:08.0127 4108 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:59:08.0130 4108 AudioSrv - ok
00:59:08.0179 4108 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:59:08.0181 4108 AxInstSV - ok
00:59:08.0218 4108 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:59:08.0231 4108 b06bdrv - ok
00:59:08.0249 4108 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:59:08.0261 4108 b57nd60a - ok
00:59:08.0296 4108 [ 7ED4E1D2E124AD4E6A287CF49DBC9BBA ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
00:59:08.0306 4108 BCUService - ok
00:59:08.0336 4108 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:59:08.0338 4108 BDESVC - ok
00:59:08.0374 4108 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:59:08.0375 4108 Beep - ok
00:59:08.0419 4108 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
00:59:08.0430 4108 BFE - ok
00:59:08.0457 4108 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
00:59:08.0468 4108 BITS - ok
00:59:08.0485 4108 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:59:08.0486 4108 blbdrive - ok
00:59:08.0512 4108 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:59:08.0513 4108 bowser - ok
00:59:08.0528 4108 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:59:08.0529 4108 BrFiltLo - ok
00:59:08.0543 4108 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:59:08.0543 4108 BrFiltUp - ok
00:59:08.0578 4108 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:59:08.0586 4108 Browser - ok
00:59:08.0600 4108 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:59:08.0609 4108 Brserid - ok
00:59:08.0617 4108 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:59:08.0618 4108 BrSerWdm - ok
00:59:08.0636 4108 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:59:08.0637 4108 BrUsbMdm - ok
00:59:08.0645 4108 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:59:08.0646 4108 BrUsbSer - ok
00:59:08.0664 4108 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:59:08.0665 4108 BTHMODEM - ok
00:59:08.0703 4108 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:59:08.0705 4108 bthserv - ok
00:59:08.0730 4108 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:59:08.0731 4108 cdfs - ok
00:59:08.0772 4108 [ 9456FAE4BF8ABF6316405724E7EA597E ] cdrbsdrv C:\Windows\system32\drivers\cdrbsdrv.sys
00:59:08.0772 4108 cdrbsdrv - ok
00:59:08.0805 4108 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:59:08.0809 4108 cdrom - ok
00:59:08.0832 4108 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:59:08.0834 4108 CertPropSvc - ok
00:59:08.0844 4108 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:59:08.0845 4108 circlass - ok
00:59:08.0864 4108 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:59:08.0869 4108 CLFS - ok
00:59:08.0927 4108 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:59:08.0929 4108 clr_optimization_v2.0.50727_32 - ok
00:59:08.0962 4108 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:59:08.0964 4108 clr_optimization_v2.0.50727_64 - ok
00:59:09.0019 4108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:59:09.0021 4108 clr_optimization_v4.0.30319_32 - ok
00:59:09.0052 4108 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:59:09.0065 4108 clr_optimization_v4.0.30319_64 - ok
00:59:09.0079 4108 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:59:09.0079 4108 CmBatt - ok
00:59:09.0098 4108 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:59:09.0099 4108 cmdide - ok
00:59:09.0126 4108 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
00:59:09.0143 4108 CNG - ok
00:59:09.0172 4108 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:59:09.0172 4108 Compbatt - ok
00:59:09.0203 4108 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
00:59:09.0204 4108 CompositeBus - ok
00:59:09.0218 4108 COMSysApp - ok
00:59:09.0235 4108 cpudrv64 - ok
00:59:09.0245 4108 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:59:09.0246 4108 crcdisk - ok
00:59:09.0285 4108 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:59:09.0292 4108 CryptSvc - ok
00:59:09.0321 4108 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
00:59:09.0330 4108 CSC - ok
00:59:09.0352 4108 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
00:59:09.0362 4108 CscService - ok
00:59:09.0382 4108 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:59:09.0389 4108 DcomLaunch - ok
00:59:09.0426 4108 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:59:09.0435 4108 defragsvc - ok
00:59:09.0461 4108 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:59:09.0463 4108 DfsC - ok
00:59:09.0489 4108 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:59:09.0494 4108 Dhcp - ok
00:59:09.0522 4108 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:59:09.0523 4108 discache - ok
00:59:09.0536 4108 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:59:09.0537 4108 Disk - ok
00:59:09.0575 4108 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:59:09.0579 4108 Dnscache - ok
00:59:09.0611 4108 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:59:09.0615 4108 dot3svc - ok
00:59:09.0627 4108 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:59:09.0631 4108 DPS - ok
00:59:09.0659 4108 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:59:09.0660 4108 drmkaud - ok
00:59:09.0677 4108 DS1410D - ok
00:59:09.0753 4108 [ 81048DC54E2A00BC4FD77DBFFEE94053 ] DUMeterDrv C:\Program Files (x86)\DU Meter\DUMETR64.SYS
00:59:09.0754 4108 DUMeterDrv - ok
00:59:09.0766 4108 DUMeterSvc - ok
00:59:09.0803 4108 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:59:09.0816 4108 DXGKrnl - ok
00:59:09.0871 4108 [ C3CDC19B715514200F5CEC8BE5B9C9A8 ] Dyn Updater C:\Program Files (x86)\DynDNS Updater\DynUpSvc.exe
00:59:09.0873 4108 Dyn Updater - ok
00:59:09.0904 4108 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
00:59:09.0909 4108 E1G60 - ok
00:59:09.0941 4108 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:59:09.0944 4108 EapHost - ok
00:59:10.0009 4108 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:59:10.0043 4108 ebdrv - ok
00:59:10.0060 4108 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:59:10.0062 4108 EFS - ok
00:59:10.0117 4108 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:59:10.0135 4108 ehRecvr - ok
00:59:10.0167 4108 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:59:10.0169 4108 ehSched - ok
00:59:10.0207 4108 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:59:10.0224 4108 elxstor - ok
00:59:10.0250 4108 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:59:10.0251 4108 ErrDev - ok
00:59:10.0307 4108 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:59:10.0320 4108 EventSystem - ok
00:59:10.0338 4108 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:59:10.0352 4108 exfat - ok
00:59:10.0365 4108 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:59:10.0379 4108 fastfat - ok
00:59:10.0417 4108 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:59:10.0433 4108 Fax - ok
00:59:10.0460 4108 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:59:10.0461 4108 fdc - ok
00:59:10.0478 4108 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:59:10.0479 4108 fdPHost - ok
00:59:10.0495 4108 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:59:10.0497 4108 FDResPub - ok
00:59:10.0513 4108 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:59:10.0514 4108 FileInfo - ok
00:59:10.0529 4108 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:59:10.0530 4108 Filetrace - ok
00:59:10.0548 4108 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:59:10.0548 4108 flpydisk - ok
00:59:10.0579 4108 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:59:10.0590 4108 FltMgr - ok
00:59:10.0631 4108 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
00:59:10.0647 4108 FontCache - ok
00:59:10.0682 4108 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:59:10.0683 4108 FontCache3.0.0.0 - ok
00:59:10.0706 4108 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:59:10.0708 4108 FsDepends - ok
00:59:10.0730 4108 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:59:10.0731 4108 Fs_Rec - ok
00:59:10.0773 4108 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:59:10.0782 4108 fvevol - ok
00:59:10.0792 4108 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:59:10.0794 4108 gagp30kx - ok
00:59:10.0832 4108 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:59:10.0842 4108 gpsvc - ok
00:59:10.0887 4108 [ ADB4348DA1345877B04E22203AFC8993 ] hcmon C:\Windows\system32\drivers\hcmon.sys
00:59:10.0887 4108 hcmon - ok
00:59:10.0901 4108 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:59:10.0902 4108 hcw85cir - ok
00:59:10.0941 4108 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:59:10.0947 4108 HdAudAddService - ok
00:59:10.0970 4108 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
00:59:10.0972 4108 HDAudBus - ok
00:59:10.0983 4108 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:59:10.0984 4108 HidBatt - ok
00:59:11.0014 4108 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:59:11.0016 4108 HidBth - ok
00:59:11.0028 4108 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:59:11.0029 4108 HidIr - ok
00:59:11.0059 4108 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:59:11.0061 4108 hidserv - ok
00:59:11.0082 4108 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:59:11.0082 4108 HidUsb - ok
00:59:11.0107 4108 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:59:11.0110 4108 hkmsvc - ok
00:59:11.0134 4108 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:59:11.0139 4108 HomeGroupListener - ok
00:59:11.0162 4108 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:59:11.0166 4108 HomeGroupProvider - ok
00:59:11.0175 4108 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:59:11.0176 4108 HpSAMD - ok
00:59:11.0221 4108 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:59:11.0228 4108 HTTP - ok
00:59:11.0255 4108 HWACCESS - ok
00:59:11.0276 4108 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:59:11.0276 4108 hwpolicy - ok
00:59:11.0309 4108 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
00:59:11.0311 4108 i8042prt - ok
00:59:11.0379 4108 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:59:11.0388 4108 iaStor - ok
00:59:11.0421 4108 [ 6C91E425ACE29594BD574DE38AC9B76D ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
00:59:11.0427 4108 iaStorA - ok
00:59:11.0471 4108 [ 0AB254994A460550258446950BB58311 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
00:59:11.0473 4108 IAStorDataMgrSvc - ok
00:59:11.0486 4108 [ 2B38F13E18E272459CD2CE83E6722C12 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
00:59:11.0487 4108 iaStorF - ok
00:59:11.0519 4108 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:59:11.0526 4108 iaStorV - ok
00:59:11.0571 4108 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:59:11.0583 4108 idsvc - ok
00:59:11.0611 4108 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:59:11.0612 4108 iirsp - ok
00:59:11.0644 4108 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:59:11.0659 4108 IKEEXT - ok
00:59:11.0691 4108 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:59:11.0691 4108 intelide - ok
00:59:11.0707 4108 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:59:11.0708 4108 intelppm - ok
00:59:11.0734 4108 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:59:11.0736 4108 IPBusEnum - ok
00:59:11.0750 4108 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:59:11.0751 4108 IpFilterDriver - ok
00:59:11.0779 4108 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:59:11.0788 4108 iphlpsvc - ok
00:59:11.0805 4108 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:59:11.0806 4108 IPMIDRV - ok
00:59:11.0819 4108 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:59:11.0821 4108 IPNAT - ok
00:59:11.0834 4108 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:59:11.0835 4108 IRENUM - ok
00:59:11.0840 4108 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:59:11.0841 4108 isapnp - ok
00:59:11.0854 4108 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:59:11.0860 4108 iScsiPrt - ok
00:59:11.0917 4108 [ 9C6F3F69163133FB8E56AC4A6E163452 ] ISODrive C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
00:59:11.0919 4108 ISODrive - ok
00:59:11.0949 4108 [ 6EBE4832B1A7C063FDF87035AFC1E3DC ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
00:59:11.0951 4108 JRAID - ok
00:59:11.0972 4108 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
00:59:11.0974 4108 kbdclass - ok
00:59:11.0999 4108 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:59:12.0000 4108 kbdhid - ok
00:59:12.0010 4108 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:59:12.0012 4108 KeyIso - ok
00:59:12.0016 4108 KMService - ok
00:59:12.0040 4108 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:59:12.0042 4108 KSecDD - ok
00:59:12.0052 4108 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:59:12.0056 4108 KSecPkg - ok
00:59:12.0067 4108 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:59:12.0068 4108 ksthunk - ok
00:59:12.0085 4108 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:59:12.0092 4108 KtmRm - ok
00:59:12.0124 4108 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:59:12.0130 4108 LanmanServer - ok
00:59:12.0149 4108 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:59:12.0153 4108 LanmanWorkstation - ok
00:59:12.0174 4108 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:59:12.0175 4108 lltdio - ok
00:59:12.0193 4108 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:59:12.0199 4108 lltdsvc - ok
00:59:12.0211 4108 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:59:12.0213 4108 lmhosts - ok
00:59:12.0238 4108 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:59:12.0240 4108 LSI_FC - ok
00:59:12.0250 4108 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:59:12.0251 4108 LSI_SAS - ok
00:59:12.0260 4108 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:59:12.0262 4108 LSI_SAS2 - ok
00:59:12.0277 4108 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:59:12.0278 4108 LSI_SCSI - ok
00:59:12.0287 4108 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:59:12.0288 4108 luafv - ok
00:59:12.0320 4108 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
00:59:12.0321 4108 LVPr2M64 - ok
00:59:12.0326 4108 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
00:59:12.0326 4108 LVPr2Mon - ok
00:59:12.0358 4108 [ EF2BE2F45D4F06410A3BD2A3467325B0 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
00:59:12.0364 4108 LVRS64 - ok
00:59:12.0462 4108 [ AC22F92C6078640FE8A70D662A2F3AD5 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
00:59:12.0510 4108 LVUVC64 - ok
00:59:12.0561 4108 [ 06407E13684E4B1AD56C62893E718248 ] lxdfCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdfserv.exe
00:59:12.0564 4108 lxdfCATSCustConnectService - ok
00:59:12.0600 4108 lxdf_device - ok
00:59:12.0622 4108 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:59:12.0625 4108 Mcx2Svc - ok
00:59:12.0650 4108 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:59:12.0650 4108 megasas - ok
00:59:12.0669 4108 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:59:12.0682 4108 MegaSR - ok
00:59:12.0792 4108 [ 77952968610C1C7854BE9BDA6B837A7D ] Mezzmo C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
00:59:12.0835 4108 Mezzmo - ok
00:59:12.0904 4108 Microsoft SharePoint Workspace Audit Service - ok
00:59:12.0947 4108 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:59:12.0949 4108 MMCSS - ok
00:59:13.0115 4108 [ 7B8FB1D57D28C896A8C599313EC6E6A8 ] MMS C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
00:59:13.0135 4108 MMS - ok
00:59:13.0145 4108 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:59:13.0145 4108 Modem - ok
00:59:13.0188 4108 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:59:13.0189 4108 monitor - ok
00:59:13.0208 4108 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
00:59:13.0210 4108 mouclass - ok
00:59:13.0241 4108 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:59:13.0242 4108 mouhid - ok
00:59:13.0265 4108 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:59:13.0266 4108 mountmgr - ok
00:59:13.0313 4108 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:59:13.0314 4108 MozillaMaintenance - ok
00:59:13.0346 4108 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
00:59:13.0350 4108 MpFilter - ok
00:59:13.0362 4108 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:59:13.0365 4108 mpio - ok
00:59:13.0384 4108 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:59:13.0386 4108 mpsdrv - ok
00:59:13.0421 4108 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:59:13.0433 4108 MpsSvc - ok
00:59:13.0452 4108 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:59:13.0458 4108 MRxDAV - ok
00:59:13.0487 4108 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:59:13.0492 4108 mrxsmb - ok
00:59:13.0518 4108 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:59:13.0525 4108 mrxsmb10 - ok
00:59:13.0535 4108 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:59:13.0538 4108 mrxsmb20 - ok
00:59:13.0556 4108 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:59:13.0558 4108 msahci - ok
00:59:13.0579 4108 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:59:13.0583 4108 msdsm - ok
00:59:13.0597 4108 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:59:13.0601 4108 MSDTC - ok
00:59:13.0626 4108 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:59:13.0627 4108 Msfs - ok
00:59:13.0643 4108 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:59:13.0643 4108 mshidkmdf - ok
00:59:13.0658 4108 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:59:13.0658 4108 msisadrv - ok
00:59:13.0694 4108 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:59:13.0699 4108 MSiSCSI - ok
00:59:13.0702 4108 msiserver - ok
00:59:13.0716 4108 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:59:13.0716 4108 MSKSSRV - ok
00:59:13.0779 4108 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
00:59:13.0780 4108 MsMpSvc - ok
00:59:13.0785 4108 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:59:13.0786 4108 MSPCLOCK - ok
00:59:13.0793 4108 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:59:13.0793 4108 MSPQM - ok
00:59:13.0820 4108 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:59:13.0826 4108 MsRPC - ok
00:59:13.0844 4108 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
00:59:13.0845 4108 mssmbios - ok
00:59:13.0857 4108 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:59:13.0857 4108 MSTEE - ok
00:59:13.0870 4108 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:59:13.0871 4108 MTConfig - ok
00:59:13.0912 4108 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
00:59:13.0913 4108 MTsensor - ok
00:59:13.0933 4108 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:59:13.0934 4108 Mup - ok
00:59:13.0962 4108 [ 19CBAAB0B1F214AF834EDD9256F55977 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
00:59:13.0965 4108 mv91xx - ok
00:59:13.0982 4108 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:59:13.0990 4108 napagent - ok
00:59:14.0021 4108 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:59:14.0026 4108 NativeWifiP - ok
00:59:14.0075 4108 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
00:59:14.0079 4108 NAUpdate - ok
00:59:14.0120 4108 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:59:14.0133 4108 NDIS - ok
00:59:14.0145 4108 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:59:14.0146 4108 NdisCap - ok
00:59:14.0168 4108 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:59:14.0169 4108 NdisTapi - ok
00:59:14.0194 4108 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:59:14.0195 4108 Ndisuio - ok
00:59:14.0219 4108 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:59:14.0224 4108 NdisWan - ok
00:59:14.0248 4108 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:59:14.0249 4108 NDProxy - ok
00:59:14.0261 4108 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:59:14.0262 4108 NetBIOS - ok
00:59:14.0287 4108 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:59:14.0291 4108 NetBT - ok
00:59:14.0302 4108 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:59:14.0303 4108 Netlogon - ok
00:59:14.0339 4108 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:59:14.0345 4108 Netman - ok
00:59:14.0359 4108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:59:14.0360 4108 NetMsmqActivator - ok
00:59:14.0363 4108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:59:14.0364 4108 NetPipeActivator - ok
00:59:14.0375 4108 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:59:14.0381 4108 netprofm - ok
00:59:14.0387 4108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:59:14.0387 4108 NetTcpActivator - ok
00:59:14.0390 4108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:59:14.0391 4108 NetTcpPortSharing - ok
00:59:14.0414 4108 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:59:14.0415 4108 nfrd960 - ok
00:59:14.0450 4108 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:59:14.0452 4108 NisDrv - ok
00:59:14.0477 4108 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
00:59:14.0482 4108 NisSrv - ok
00:59:14.0505 4108 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:59:14.0511 4108 NlaSvc - ok
00:59:14.0519 4108 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:59:14.0520 4108 Npfs - ok
00:59:14.0534 4108 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:59:14.0536 4108 nsi - ok
00:59:14.0543 4108 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:59:14.0544 4108 nsiproxy - ok
00:59:14.0590 4108 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:59:14.0607 4108 Ntfs - ok
00:59:14.0611 4108 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:59:14.0612 4108 Null - ok
00:59:14.0628 4108 [ 8EBCB9165EE7F1571842F4D9D624A74C ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:59:14.0629 4108 nusb3hub - ok
00:59:14.0659 4108 [ 5D54DBB12BBFE07CC283FD39F2CD6D63 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:59:14.0670 4108 nusb3xhc - ok
00:59:14.0685 4108 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:59:14.0695 4108 nvraid - ok
00:59:14.0717 4108 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:59:14.0726 4108 nvstor - ok
00:59:14.0756 4108 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:59:14.0758 4108 nv_agp - ok
00:59:14.0772 4108 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:59:14.0774 4108 ohci1394 - ok
00:59:14.0868 4108 [ 9BFD0A072459782E3638362A4473E283 ] OS Selector C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
00:59:14.0890 4108 OS Selector - ok
00:59:14.0921 4108 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:59:14.0934 4108 ose64 - ok
00:59:15.0038 4108 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:59:15.0085 4108 osppsvc - ok
00:59:15.0113 4108 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:59:15.0129 4108 p2pimsvc - ok
00:59:15.0150 4108 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:59:15.0165 4108 p2psvc - ok
00:59:15.0189 4108 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:59:15.0191 4108 Parport - ok
00:59:15.0216 4108 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:59:15.0218 4108 partmgr - ok
00:59:15.0240 4108 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:59:15.0252 4108 PcaSvc - ok
00:59:15.0276 4108 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:59:15.0287 4108 pci - ok
00:59:15.0295 4108 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:59:15.0296 4108 pciide - ok
00:59:15.0318 4108 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:59:15.0328 4108 pcmcia - ok
00:59:15.0343 4108 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:59:15.0344 4108 pcw - ok
00:59:15.0368 4108 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:59:15.0381 4108 PEAUTH - ok
00:59:15.0419 4108 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:59:15.0440 4108 PeerDistSvc - ok
00:59:15.0503 4108 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:59:15.0505 4108 PerfHost - ok
00:59:15.0551 4108 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:59:15.0572 4108 pla - ok
00:59:15.0613 4108 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:59:15.0629 4108 PlugPlay - ok
00:59:15.0643 4108 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:59:15.0646 4108 PNRPAutoReg - ok
00:59:15.0673 4108 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:59:15.0677 4108 PNRPsvc - ok
00:59:15.0711 4108 [ 7CA2487BC51FBE4FA30DE657C61D27D3 ] Point64 C:\Windows\system32\DRIVERS\point64k.sys
00:59:15.0712 4108 Point64 - ok
00:59:15.0742 4108 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:59:15.0755 4108 PolicyAgent - ok
00:59:15.0789 4108 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
00:59:15.0801 4108 Power - ok
00:59:15.0839 4108 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:59:15.0841 4108 PptpMiniport - ok
00:59:15.0870 4108 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:59:15.0872 4108 Processor - ok
00:59:15.0935 4108 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:59:15.0940 4108 ProfSvc - ok
00:59:15.0952 4108 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:59:15.0954 4108 ProtectedStorage - ok
00:59:15.0982 4108 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:59:15.0984 4108 Psched - ok
00:59:16.0010 4108 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
00:59:16.0011 4108 PSI - ok
00:59:16.0047 4108 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:59:16.0067 4108 ql2300 - ok
00:59:16.0083 4108 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:59:16.0085 4108 ql40xx - ok
00:59:16.0114 4108 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:59:16.0126 4108 QWAVE - ok
00:59:16.0139 4108 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:59:16.0140 4108 QWAVEdrv - ok
00:59:16.0159 4108 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:59:16.0159 4108 RasAcd - ok
00:59:16.0204 4108 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:59:16.0205 4108 RasAgileVpn - ok
00:59:16.0220 4108 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:59:16.0224 4108 RasAuto - ok
00:59:16.0249 4108 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:59:16.0251 4108 Rasl2tp - ok
00:59:16.0269 4108 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:59:16.0277 4108 RasMan - ok
00:59:16.0294 4108 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:59:16.0296 4108 RasPppoe - ok
00:59:16.0315 4108 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:59:16.0317 4108 RasSstp - ok
00:59:16.0336 4108 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:59:16.0341 4108 rdbss - ok
00:59:16.0350 4108 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:59:16.0351 4108 rdpbus - ok
00:59:16.0366 4108 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:59:16.0367 4108 RDPCDD - ok
00:59:16.0397 4108 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:59:16.0402 4108 RDPDR - ok
00:59:16.0420 4108 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:59:16.0421 4108 RDPENCDD - ok
00:59:16.0425 4108 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:59:16.0426 4108 RDPREFMP - ok
00:59:16.0465 4108 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:59:16.0466 4108 RdpVideoMiniport - ok
00:59:16.0484 4108 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:59:16.0488 4108 RDPWD - ok
00:59:16.0507 4108 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:59:16.0511 4108 rdyboost - ok
00:59:16.0536 4108 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:59:16.0540 4108 RemoteAccess - ok
00:59:16.0576 4108 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:59:16.0581 4108 RemoteRegistry - ok
00:59:16.0606 4108 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:59:16.0609 4108 RpcEptMapper - ok
00:59:16.0620 4108 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:59:16.0622 4108 RpcLocator - ok
00:59:16.0648 4108 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:59:16.0654 4108 RpcSs - ok
00:59:16.0684 4108 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
00:59:16.0685 4108 RRNetCap - ok
00:59:16.0689 4108 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
00:59:16.0689 4108 RRNetCapMP - ok
00:59:16.0717 4108 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:59:16.0718 4108 rspndr - ok
00:59:16.0749 4108 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:59:16.0753 4108 RTL8167 - ok
00:59:16.0768 4108 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
00:59:16.0769 4108 s3cap - ok
00:59:16.0777 4108 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:59:16.0778 4108 SamSs - ok
00:59:16.0816 4108 [ 152EE68830FFB13F0B1FEC6C9B99644F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
00:59:16.0821 4108 SbieDrv - ok
00:59:16.0833 4108 [ FD0287131D91352F225EBB5CD3527952 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
00:59:16.0835 4108 SbieSvc - ok
00:59:16.0848 4108 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:59:16.0849 4108 sbp2port - ok
00:59:16.0861 4108 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:59:16.0866 4108 SCardSvr - ok
00:59:16.0893 4108 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:59:16.0894 4108 scfilter - ok
00:59:16.0937 4108 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:59:16.0953 4108 Schedule - ok
00:59:16.0973 4108 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:59:16.0974 4108 SCPolicySvc - ok
00:59:16.0994 4108 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:59:17.0002 4108 SDRSVC - ok
00:59:17.0022 4108 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:59:17.0023 4108 secdrv - ok
00:59:17.0040 4108 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:59:17.0043 4108 seclogon - ok
00:59:17.0100 4108 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
00:59:17.0114 4108 Secunia PSI Agent - ok
00:59:17.0142 4108 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:59:17.0146 4108 SENS - ok
00:59:17.0161 4108 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:59:17.0164 4108 SensrSvc - ok
00:59:17.0201 4108 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:59:17.0202 4108 Serenum - ok
00:59:17.0220 4108 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:59:17.0222 4108 Serial - ok
00:59:17.0246 4108 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:59:17.0247 4108 sermouse - ok
00:59:17.0277 4108 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:59:17.0279 4108 SessionEnv - ok
00:59:17.0290 4108 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:59:17.0290 4108 sffdisk - ok
00:59:17.0296 4108 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:59:17.0297 4108 sffp_mmc - ok
00:59:17.0310 4108 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:59:17.0311 4108 sffp_sd - ok
00:59:17.0332 4108 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:59:17.0333 4108 sfloppy - ok
00:59:17.0362 4108 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:59:17.0369 4108 SharedAccess - ok
00:59:17.0390 4108 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:59:17.0395 4108 ShellHWDetection - ok
00:59:17.0403 4108 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:59:17.0404 4108 SiSRaid2 - ok
00:59:17.0408 4108 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:59:17.0409 4108 SiSRaid4 - ok
00:59:17.0438 4108 [ 4C977E2728C7D322BE05698AFEF1B37A ] SIVDriver C:\Windows\system32\Drivers\SIVX64.sys
00:59:17.0440 4108 SIVDriver - ok
00:59:17.0580 4108 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
00:59:17.0609 4108 Skype C2C Service - ok
00:59:17.0675 4108 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:59:17.0676 4108 SkypeUpdate - ok
00:59:17.0696 4108 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:59:17.0698 4108 Smb - ok
00:59:17.0734 4108 [ C194FC7F26B62DA92D121C3564F20712 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
00:59:17.0741 4108 snapman - ok
00:59:17.0771 4108 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:59:17.0774 4108 SNMPTRAP - ok
00:59:17.0808 4108 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
00:59:17.0810 4108 speedfan - ok
00:59:17.0837 4108 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:59:17.0838 4108 spldr - ok
00:59:17.0876 4108 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
00:59:17.0886 4108 Spooler - ok
00:59:17.0961 4108 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:59:17.0997 4108 sppsvc - ok
00:59:18.0010 4108 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:59:18.0011 4108 sppuinotify - ok
00:59:18.0064 4108 [ 51DE15CA5C05BCA46D8B110CD00A02FB ] sptd C:\Windows\system32\Drivers\sptd.sys
00:59:18.0064 4108 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 51DE15CA5C05BCA46D8B110CD00A02FB
00:59:18.0071 4108 sptd ( LockedFile.Multi.Generic ) - warning
00:59:18.0072 4108 sptd - detected LockedFile.Multi.Generic (1)
00:59:18.0098 4108 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:59:18.0111 4108 srv - ok
00:59:18.0121 4108 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:59:18.0135 4108 srv2 - ok
00:59:18.0147 4108 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:59:18.0160 4108 srvnet - ok
00:59:18.0190 4108 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:59:18.0201 4108 SSDPSRV - ok
00:59:18.0290 4108 [ A61D617F37456D9D32F98BF70EB5D414 ] sshd C:\cygwin\bin\cygrunsrv.exe
00:59:18.0291 4108 sshd - ok
00:59:18.0314 4108 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:59:18.0318 4108 SstpSvc - ok
00:59:18.0343 4108 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:59:18.0344 4108 stexstor - ok
00:59:18.0387 4108 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:59:18.0402 4108 stisvc - ok
00:59:18.0423 4108 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
00:59:18.0424 4108 storflt - ok
00:59:18.0440 4108 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
00:59:18.0442 4108 storvsc - ok
00:59:18.0458 4108 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
00:59:18.0459 4108 swenum - ok
00:59:18.0497 4108 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:59:18.0508 4108 swprv - ok
00:59:18.0519 4108 Synth3dVsc - ok
00:59:18.0570 4108 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:59:18.0596 4108 SysMain - ok
00:59:18.0620 4108 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:59:18.0622 4108 TabletInputService - ok
00:59:18.0648 4108 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:59:18.0665 4108 TapiSrv - ok
00:59:18.0694 4108 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
00:59:18.0696 4108 tbhsd - ok
00:59:18.0716 4108 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:59:18.0719 4108 TBS - ok



mmainprize

join:2001-12-06
Houghton Lake, MI
Reviews:
·Charter
reply to mmainprize

00:59:18.0767 4108 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:59:18.0791 4108 Tcpip - ok
00:59:18.0818 4108 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:59:18.0825 4108 TCPIP6 - ok
00:59:18.0849 4108 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:59:18.0850 4108 tcpipreg - ok
00:59:18.0880 4108 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:59:18.0881 4108 TDPIPE - ok
00:59:18.0906 4108 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:59:18.0907 4108 TDTCP - ok
00:59:18.0948 4108 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:59:18.0951 4108 tdx - ok
00:59:18.0971 4108 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
00:59:18.0972 4108 TermDD - ok
00:59:18.0998 4108 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:59:19.0011 4108 TermService - ok
00:59:19.0025 4108 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:59:19.0028 4108 Themes - ok
00:59:19.0047 4108 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:59:19.0048 4108 THREADORDER - ok
00:59:19.0090 4108 [ 6ADC063FD51F03EF0CAB3E716A725BD2 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
00:59:19.0107 4108 timounter - ok
00:59:19.0120 4108 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:59:19.0123 4108 TrkWks - ok
00:59:19.0178 4108 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:59:19.0186 4108 TrustedInstaller - ok
00:59:19.0215 4108 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:59:19.0217 4108 tssecsrv - ok
00:59:19.0253 4108 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:59:19.0255 4108 TsUsbFlt - ok
00:59:19.0259 4108 tsusbhub - ok
00:59:19.0296 4108 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:59:19.0298 4108 tunnel - ok
00:59:19.0344 4108 [ 711561440FDC396CB6E4C69C13375A38 ] tvnserver C:\Program Files (x86)\TightVNC\tvnserver.exe
00:59:19.0355 4108 tvnserver - ok
00:59:19.0381 4108 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:59:19.0382 4108 uagp35 - ok
00:59:19.0400 4108 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:59:19.0409 4108 udfs - ok
00:59:19.0432 4108 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:59:19.0436 4108 UI0Detect - ok
00:59:19.0454 4108 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:59:19.0455 4108 uliagpkx - ok
00:59:19.0481 4108 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
00:59:19.0483 4108 umbus - ok
00:59:19.0496 4108 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:59:19.0497 4108 UmPass - ok
00:59:19.0523 4108 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
00:59:19.0529 4108 UmRdpService - ok
00:59:19.0594 4108 [ 927754ABF077AEB5504BE4E0F2C60C1B ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
00:59:19.0602 4108 UMVPFSrv - ok
00:59:19.0649 4108 [ 9DC07E73A4ABB9ACF692113B36A5009F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
00:59:19.0650 4108 UnlockerDriver5 - ok
00:59:19.0668 4108 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:59:19.0675 4108 upnphost - ok
00:59:19.0697 4108 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
00:59:19.0699 4108 usbaudio - ok
00:59:19.0723 4108 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:59:19.0725 4108 usbccgp - ok
00:59:19.0742 4108 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:59:19.0744 4108 usbcir - ok
00:59:19.0760 4108 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:59:19.0761 4108 usbehci - ok
00:59:19.0787 4108 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:59:19.0794 4108 usbhub - ok
00:59:19.0818 4108 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:59:19.0819 4108 usbohci - ok
00:59:19.0851 4108 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:59:19.0852 4108 usbprint - ok
00:59:19.0882 4108 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:59:19.0884 4108 usbscan - ok
00:59:19.0910 4108 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:59:19.0911 4108 USBSTOR - ok
00:59:19.0939 4108 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:59:19.0940 4108 usbuhci - ok
00:59:19.0969 4108 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:59:19.0973 4108 usbvideo - ok
00:59:19.0990 4108 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:59:19.0994 4108 UxSms - ok
00:59:20.0003 4108 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:59:20.0004 4108 VaultSvc - ok
00:59:20.0019 4108 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:59:20.0020 4108 vdrvroot - ok
00:59:20.0050 4108 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:59:20.0060 4108 vds - ok
00:59:20.0068 4108 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:59:20.0070 4108 vga - ok
00:59:20.0083 4108 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:59:20.0084 4108 VgaSave - ok
00:59:20.0090 4108 VGPU - ok
00:59:20.0113 4108 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:59:20.0117 4108 vhdmp - ok
00:59:20.0165 4108 [ 8F69C38A8BA725F891F26AAC8888696E ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
00:59:20.0180 4108 VIAHdAudAddService - ok
00:59:20.0188 4108 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:59:20.0189 4108 viaide - ok
00:59:20.0238 4108 [ 94CF2D157C8FD9089AFA5DA78AA64C65 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
00:59:20.0240 4108 VMAuthdService - ok
00:59:20.0258 4108 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
00:59:20.0268 4108 vmbus - ok
00:59:20.0292 4108 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
00:59:20.0293 4108 VMBusHID - ok
00:59:20.0348 4108 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
00:59:20.0350 4108 vmci - ok
00:59:20.0375 4108 [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
00:59:20.0376 4108 VMnetAdapter - ok
00:59:20.0393 4108 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
00:59:20.0394 4108 VMnetBridge - ok
00:59:20.0407 4108 VMnetDHCP - ok
00:59:20.0420 4108 [ EC9456D3E0E194D67D7430C7AB4EAB2C ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
00:59:20.0421 4108 VMnetuserif - ok
00:59:20.0452 4108 [ 18903CA7936912C337C9D28858880CF2 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
00:59:20.0463 4108 VMUSBArbService - ok
00:59:20.0469 4108 VMware NAT Service - ok
00:59:20.0641 4108 [ 8C01AE115E9E6806A25A9B5136FD6FC0 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
00:59:20.0758 4108 VMwareHostd - ok
00:59:20.0787 4108 [ 940933DEF15495D50DC1232E28C70B48 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
00:59:20.0788 4108 vmx86 - ok
00:59:20.0814 4108 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:59:20.0815 4108 volmgr - ok
00:59:20.0848 4108 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:59:20.0862 4108 volmgrx - ok
00:59:20.0892 4108 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:59:20.0904 4108 volsnap - ok
00:59:20.0930 4108 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:59:20.0941 4108 vsmraid - ok
00:59:20.0987 4108 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:59:21.0007 4108 VSS - ok
00:59:21.0107 4108 [ 6107E33A30C0B923F31C872E1980D2D1 ] vstor2-mntapi10-shared C:\Windows\syswow64\drivers\vstor2-mntapi10-shared.sys
00:59:21.0108 4108 vstor2-mntapi10-shared - ok
00:59:21.0139 4108 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:59:21.0140 4108 vwifibus - ok
00:59:21.0178 4108 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:59:21.0189 4108 W32Time - ok
00:59:21.0206 4108 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:59:21.0207 4108 WacomPen - ok
00:59:21.0245 4108 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:59:21.0247 4108 WANARP - ok
00:59:21.0254 4108 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:59:21.0255 4108 Wanarpv6 - ok
00:59:21.0292 4108 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:59:21.0307 4108 WatAdminSvc - ok
00:59:21.0340 4108 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:59:21.0362 4108 wbengine - ok
00:59:21.0371 4108 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:59:21.0387 4108 WbioSrvc - ok
00:59:21.0399 4108 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:59:21.0417 4108 wcncsvc - ok
00:59:21.0431 4108 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:59:21.0433 4108 WcsPlugInService - ok
00:59:21.0464 4108 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:59:21.0465 4108 Wd - ok
00:59:21.0489 4108 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:59:21.0505 4108 Wdf01000 - ok
00:59:21.0516 4108 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:59:21.0519 4108 WdiServiceHost - ok
00:59:21.0529 4108 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:59:21.0532 4108 WdiSystemHost - ok
00:59:21.0549 4108 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:59:21.0562 4108 WebClient - ok
00:59:21.0591 4108 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:59:21.0603 4108 Wecsvc - ok
00:59:21.0620 4108 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:59:21.0624 4108 wercplsupport - ok
00:59:21.0664 4108 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:59:21.0667 4108 WerSvc - ok
00:59:21.0694 4108 [ DE6968588A51E02EA55BA2C331673EF0 ] wfcs C:\Program Files\Windows Firewall Control\wfcs.exe
00:59:21.0703 4108 wfcs - ok
00:59:21.0721 4108 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:59:21.0721 4108 WfpLwf - ok
00:59:21.0747 4108 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:59:21.0748 4108 WIMMount - ok
00:59:21.0762 4108 WinDefend - ok
00:59:21.0772 4108 WinHttpAutoProxySvc - ok
00:59:21.0820 4108 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:59:21.0832 4108 Winmgmt - ok
00:59:21.0882 4108 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:59:21.0907 4108 WinRM - ok
00:59:21.0943 4108 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
00:59:21.0944 4108 WinUsb - ok
00:59:21.0996 4108 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:59:22.0015 4108 Wlansvc - ok
00:59:22.0117 4108 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:59:22.0145 4108 wlidsvc - ok
00:59:22.0174 4108 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
00:59:22.0175 4108 WmiAcpi - ok
00:59:22.0204 4108 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:59:22.0217 4108 wmiApSrv - ok
00:59:22.0237 4108 WMPNetworkSvc - ok
00:59:22.0247 4108 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:59:22.0249 4108 WPCSvc - ok
00:59:22.0271 4108 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:59:22.0275 4108 WPDBusEnum - ok
00:59:22.0294 4108 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:59:22.0295 4108 ws2ifsl - ok
00:59:22.0324 4108 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
00:59:22.0328 4108 wscsvc - ok
00:59:22.0333 4108 WSearch - ok
00:59:22.0402 4108 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
00:59:22.0427 4108 wuauserv - ok
00:59:22.0448 4108 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:59:22.0450 4108 WudfPf - ok
00:59:22.0490 4108 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:59:22.0500 4108 WUDFRd - ok
00:59:22.0523 4108 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:59:22.0527 4108 wudfsvc - ok
00:59:22.0547 4108 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:59:22.0557 4108 WwanSvc - ok
00:59:22.0632 4108 [ 74983ADDCA2D9618512C088D856D6615 ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
00:59:22.0640 4108 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
00:59:22.0653 4108 ================ Scan global ===============================
00:59:22.0679 4108 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:59:22.0704 4108 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:59:22.0712 4108 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
00:59:22.0736 4108 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:59:22.0751 4108 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:59:22.0758 4108 [Global] - ok
00:59:22.0758 4108 ================ Scan MBR ==================================
00:59:22.0773 4108 [ 273EE1C54B713D6A159355940806F408 ] \Device\Harddisk0\DR0
00:59:22.0822 4108 \Device\Harddisk0\DR0 - ok
00:59:22.0826 4108 [ EFA978CACFC94837A0424E0BAF924522 ] \Device\Harddisk1\DR1
00:59:23.0144 4108 \Device\Harddisk1\DR1 - ok
00:59:23.0161 4108 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
00:59:23.0164 4108 \Device\Harddisk2\DR2 - ok
00:59:23.0178 4108 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
00:59:23.0181 4108 \Device\Harddisk3\DR3 - ok
00:59:23.0182 4108 [ 88BF09299B7111FD5EEBA047AD977B3C ] \Device\Harddisk4\DR4
00:59:23.0184 4108 \Device\Harddisk4\DR4 - ok
00:59:23.0185 4108 ================ Scan VBR ==================================
00:59:23.0186 4108 [ CB6F0F9A868C80EB84D573A92CB5B656 ] \Device\Harddisk0\DR0\Partition1
00:59:23.0187 4108 \Device\Harddisk0\DR0\Partition1 - ok
00:59:23.0189 4108 [ B68A6027FDB2B11089A5BF841CA6F76A ] \Device\Harddisk1\DR1\Partition1
00:59:23.0190 4108 \Device\Harddisk1\DR1\Partition1 - ok
00:59:23.0197 4108 [ 966FA51D2C972022FBCEA85A1F5EE823 ] \Device\Harddisk1\DR1\Partition2
00:59:23.0213 4108 \Device\Harddisk1\DR1\Partition2 - ok
00:59:23.0228 4108 [ 88AD180E63F93507F4251987BDA82D21 ] \Device\Harddisk1\DR1\Partition3
00:59:23.0246 4108 \Device\Harddisk1\DR1\Partition3 - ok
00:59:23.0250 4108 [ E1D798F6FCF18268031B6F1908A32360 ] \Device\Harddisk2\DR2\Partition1
00:59:23.0252 4108 \Device\Harddisk2\DR2\Partition1 - ok
00:59:23.0255 4108 [ 879A8983D4E89DF488A62358CA765B2F ] \Device\Harddisk3\DR3\Partition1
00:59:23.0257 4108 \Device\Harddisk3\DR3\Partition1 - ok
00:59:23.0259 4108 [ 9B110138804CFBC35238816C76A9DA0A ] \Device\Harddisk4\DR4\Partition1
00:59:23.0261 4108 \Device\Harddisk4\DR4\Partition1 - ok
00:59:23.0261 4108 ============================================================
00:59:23.0261 4108 Scan finished
00:59:23.0261 4108 ============================================================
00:59:23.0269 5212 Detected object count: 1
00:59:23.0269 5212 Actual detected object count: 1
00:59:41.0068 5212 sptd ( LockedFile.Multi.Generic ) - skipped by user
00:59:41.0068 5212 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
01:00:00.0420 5196 Deinitialize success



LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26
Reviews:
·Comcast

1 recommendation

reply to mmainprize

The logs are all clean. You've checked the MBAM results and confirmed the false positives.

TDSS Killer is ok, the detect is not a sign of an exploit.

Nothing more to do except cleanup.

Cleaning Up:

Delete TFC:

  • Delete the TFC icon on your Desktop

Delete OTL:
  • Double click the OTL icon on your Desktop
  • Press the 'Cleanup' button

Delete Security Check:
  • Delete the SecurityCheck icon on your Desktop

Delete Malware Bytes:
  • We recommend that you keep MalwareBytes (MBAM) and run it every week. There is no charge to keep the program however the real time protection will stop after the trial period. Be sure to update the definitions before each use. If you decide not to keep MBAM, use Add/Remove Programs to uninstall it.

Delete Sophos AntiRootkit
  • If we asked you to run Sophos AntiRootkit program, uninstall it thru Add/Remove Programs.

Other Programs:
  • If we asked you to install any other programs that are not removed by the OTL cleanup procedure, we will provide separate removal instructions.

--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum


mmainprize

join:2001-12-06
Houghton Lake, MI

Well that is good news.

Thanks LoPhatPhuud, for your analysis of the logs.