dslreports logo
    All Forums Hot Topics Gallery
spc
Search Topic:
uniqs
2859
share rss forum feed


sawman
Premium
join:2002-04-25
BC KS

1 edit

claro search/jollywallet/pricepeep cleaned?no

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.26.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Steve :: OFFICE10 [administrator]

9/25/2012 9:08:25 PM
mbam-log-2012-09-25 (21-08-25).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 373782
Time elapsed: 16 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
E:\1gbmemflshdrv\stuff\stressreducers.exe (Joke.Stressreducer) -> Quarantined and deleted successfully.

(end)

OTL logfile created on: 9/25/2012 10:04:57 PM - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Steve\Desktop\security cleanup
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 3.62 Gb Available Physical Memory | 60.27% Memory free
12.00 Gb Paging File | 9.19 Gb Available in Paging File | 76.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 48.76 Gb Free Space | 40.93% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 121.56 Gb Free Space | 13.05% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 705.90 Gb Free Space | 75.78% Space Free | Partition Type: NTFS

Computer Name: OFFICE10 | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012/09/25 20:37:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Desktop\security cleanup\OTL.exe
PRC - [2012/08/30 19:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/08/30 19:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/08/30 19:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012/08/15 13:38:30 | 000,584,664 | ---- | M] (Binary Fortress Software) -- C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
PRC - [2012/08/14 10:52:28 | 001,014,624 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Users\Steve\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012/08/08 18:25:00 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/30 12:31:04 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2012/07/30 11:59:48 | 000,073,392 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/15 15:44:04 | 000,548,264 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2012/05/08 20:53:37 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/08 20:53:30 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/03/15 00:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2011/11/23 21:21:24 | 000,097,384 | R--- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
PRC - [2011/11/23 21:21:24 | 000,025,704 | R--- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
PRC - [2011/10/24 13:00:54 | 000,432,784 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
PRC - [2011/10/12 16:47:06 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2011/10/03 10:14:06 | 001,409,384 | ---- | M] (Garmin) -- C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2011/09/16 01:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011/08/24 15:57:48 | 000,021,880 | ---- | M] (Schneider Electric) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
PRC - [2011/08/24 15:48:02 | 000,705,912 | ---- | M] (Schneider Electric) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
PRC - [2011/08/24 15:42:48 | 000,673,144 | ---- | M] (Schneider Electric) -- C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
PRC - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/05/20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/08/20 10:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2010/03/24 14:55:10 | 000,996,704 | ---- | M] (PlantSense, INC) -- C:\Program Files (x86)\EasyBloom\EasyBloom.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012/09/25 21:06:00 | 000,115,137 | ---- | M] () -- C:\Users\Steve\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012/08/30 19:52:22 | 000,021,432 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012/08/04 19:58:13 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012/08/04 19:49:39 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012/08/04 19:49:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012/08/04 19:49:27 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a8079623eab0ba9e106436885a0281d\System.Xml.Linq.ni.dll
MOD - [2012/08/04 19:49:07 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012/08/04 18:31:38 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012/08/04 18:31:28 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012/08/04 18:31:27 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012/08/04 18:31:24 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012/08/04 18:31:22 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012/08/04 18:31:21 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012/08/04 18:31:21 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012/08/04 18:31:20 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012/08/04 18:31:20 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012/08/04 18:31:18 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012/08/04 18:31:14 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012/06/14 03:31:43 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0018dd52b56988a833ee41699cf49325\IAStorUtil.ni.dll
MOD - [2012/06/14 03:28:46 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:28:41 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/10 03:33:20 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\e7cd67fc34ad0fc611c1e1244cfc6584\IAStorCommon.ni.dll
MOD - [2012/05/10 03:31:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 03:31:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/10 03:30:59 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 03:30:57 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 03:30:56 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 03:30:52 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/03/16 15:42:58 | 000,315,392 | ---- | M] () -- C:\Users\Steve\AppData\Local\Apps\Evernote\Evernote\libtidy.dll
MOD - [2012/03/16 15:42:56 | 000,433,664 | ---- | M] () -- C:\Users\Steve\AppData\Local\Apps\Evernote\Evernote\libxml2.dll
MOD - [2011/10/24 13:00:54 | 000,067,728 | ---- | M] () -- C:\Program Files (x86)\Stardock\CursorFX\zlib1.dll
MOD - [2010/08/20 10:57:06 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2010/08/20 10:57:00 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2012/07/27 21:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/07/14 09:01:26 | 000,827,560 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/09/27 14:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/24 13:55:34 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/30 12:31:04 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/15 15:44:04 | 000,548,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012/05/08 20:53:37 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/08 20:53:30 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/03/15 00:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2011/11/23 21:21:24 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2011/08/24 15:57:48 | 000,021,880 | ---- | M] (Schneider Electric) [Auto | Running] -- C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe -- (APC Data Service)
SRV - [2011/08/24 15:48:02 | 000,705,912 | ---- | M] (Schneider Electric) [Auto | Running] -- C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/17 17:13:06 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2012/07/31 05:42:48 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/07/31 05:42:48 | 000,102,240 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/07/27 23:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/07/27 20:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/07/14 09:01:42 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2012/05/14 01:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/05/08 20:53:37 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/08 20:53:37 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/18 11:39:18 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/24 20:57:38 | 000,213,504 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/10/24 20:57:38 | 000,096,768 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/09/16 16:09:16 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/09/02 01:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 01:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/05/20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/05/07 18:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2011/03/14 04:29:46 | 000,313,136 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/03/14 04:29:46 | 000,024,880 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/04/22 15:08:14 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2009/11/19 13:27:10 | 001,562,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hcw89.sys -- (hcw89)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/04/27 21:00:44 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012/04/27 21:00:33 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012/02/12 17:00:21 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2012/01/27 17:16:57 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- E:\Downloads\pre 3-18-12\RealTemp_370\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A 34 C2 88 FE 1C CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {B6F80F28-695A-4A51-BC56-73BB99527653}
IE - HKCU\..\SearchScopes\{B6F80F28-695A-4A51-BC56-73BB99527653}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steve\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steve\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012/08/03 19:26:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/05/05 13:05:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012/08/03 19:26:43 | 000,000,000 | ---D | M]

[2012/09/21 21:20:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Steve\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Steve\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Steve\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Steve\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: AccuWeather Forecast = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaabbcbolfcclofcpdipmefibpgacgc\1.3_0\
CHR - Extension: Google Drive = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Solitaire = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim\1.4.1.11_0\
CHR - Extension: Google Search = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Calendar = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: AdBlock = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
CHR - Extension: NPR Infinite Player = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf\2.1_0\
CHR - Extension: JollyWallet = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiekonljbeipfklhchhdjddejaennfnl\1.20.29_0\crossrider
CHR - Extension: JollyWallet = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiekonljbeipfklhchhdjddejaennfnl\1.20.29_0\
CHR - Extension: Evernote Web = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\
CHR - Extension: PricePeep = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.1.255.0_0\
CHR - Extension: Google Maps = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.5_0\
CHR - Extension: Giant Savings = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.20.40_0\crossrider
CHR - Extension: Giant Savings = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndkhncnongaclekkbelchmeafffimifj\1.20.40_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Picasa = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Psykopaint = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
CHR - Extension: Evernote Web Clipper = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.7_0\
CHR - Extension: Gmail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: RSS Feed Reader = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\3.3.10_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEButton Class) - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Display] C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe (Schneider Electric)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [AROReminder] File not found
O4 - HKCU..\Run: [CursorFX] C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [PlantSenseSysAgent] C:\Program Files (x86)\EasyBloom\EasyBloom.exe (PlantSense, INC)
O4 - Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Users\Steve\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Users\Steve\AppData\Local\Apps\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files (x86)\Canon\Easy-WebPrint\Resource.dll ()
O8:64bit: - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files (x86)\Canon\Easy-WebPrint\Resource.dll ()
O8:64bit: - Extra context menu item: Easy-WebPrint Preview - C:\Program Files (x86)\Canon\Easy-WebPrint\Resource.dll ()
O8:64bit: - Extra context menu item: Easy-WebPrint Print - C:\Program Files (x86)\Canon\Easy-WebPrint\Resource.dll ()
O8:64bit: - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Open Client to monitor &3 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Save Flash - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O8:64bit: - Extra context menu item: Save YouTube Video - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Users\Steve\AppData\Local\Apps\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files (x86)\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files (x86)\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files (x86)\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files (x86)\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Open Client to monitor &1 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &2 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Open Client to monitor &3 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Save Flash - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O8 - Extra context menu item: Save YouTube Video - C:\Program Files (x86)\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://192.168.1.118:8090/codebase/DVM_IPCam2.ocx (DVM_IPCam2 Control)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C68AACF8-8009-480F-AFC3-27B5FE2C9F52}: DhcpNameServer = 97.64.209.36 97.64.168.13 192.168.1.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012/09/25 20:36:04 | 000,000,000 | ---D | C] -- C:\Users\Steve\Desktop\security cleanup
[2012/09/23 09:47:38 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/09/22 03:00:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/22 03:00:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/22 03:00:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/22 03:00:46 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/22 03:00:46 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/22 03:00:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/22 03:00:46 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/22 03:00:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/22 03:00:45 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/22 03:00:45 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/22 03:00:45 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/22 03:00:45 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/22 03:00:43 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/22 03:00:43 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/22 03:00:43 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/09/21 21:45:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/09/21 21:41:05 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/09/21 21:22:11 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll
[2012/09/21 21:22:11 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll
[2012/09/21 21:22:11 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll
[2012/09/21 21:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2012/09/21 21:22:10 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax
[2012/09/21 21:22:10 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax
[2012/09/21 21:22:10 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax
[2012/09/21 21:22:10 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax
[2012/09/21 21:22:09 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax
[2012/09/21 21:22:09 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax
[2012/09/21 21:22:08 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax
[2012/09/21 21:22:08 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax
[2012/09/21 21:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/09/21 21:20:45 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\JollyWallet
[2012/09/21 21:20:37 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Babylon
[2012/09/21 21:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/09/19 17:46:41 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperTerminal Private Edition
[2012/09/19 17:46:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyperTerminal Private Edition
[2012/09/19 17:45:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HyperTerminal
[2012/09/19 17:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HyperTerminal
[2012/09/15 12:01:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/09/15 12:01:17 | 000,739,824 | ---- | C] (Google Inc.) -- C:\Users\Steve\Desktop\GoogleEarthSetup.exe
[2012/09/14 22:48:18 | 000,000,000 | ---D | C] -- C:\Users\Steve\Desktop\political compass
[2012/09/14 22:11:44 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\camera 5-8-12
[2012/09/14 22:09:41 | 000,000,000 | ---D | C] -- C:\Users\Steve\Documents\portland bike and sunset on beach
[2012/09/12 04:10:01 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/09/12 04:10:01 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012/09/12 03:25:31 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012/09/12 03:04:51 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/09/10 17:26:47 | 000,000,000 | ---D | C] -- C:\Users\Steve\Desktop\van keppel
[2012/09/01 22:06:20 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2012/09/01 22:06:19 | 000,102,240 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012/09/25 22:06:54 | 000,786,894 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/25 22:06:54 | 000,665,366 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/25 22:06:54 | 000,123,134 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/25 22:01:41 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/25 22:01:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/25 22:01:12 | 535,629,823 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/25 21:51:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-987773743-2321138738-466706492-1000UA.job
[2012/09/25 21:26:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/25 21:24:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/25 21:12:50 | 000,026,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/25 21:12:50 | 000,026,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/25 20:19:51 | 000,359,721 | ---- | M] () -- C:\Users\Steve\Desktop\Mandatory Steps Before Requesting Assistance Security Cleanup FAQ _ DSLReports.pdf
[2012/09/25 10:01:44 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-987773743-2321138738-466706492-1000Core.job
[2012/09/24 20:26:00 | 000,217,416 | ---- | M] () -- C:\Users\Steve\Desktop\IMG_6159.jpg
[2012/09/23 09:47:39 | 000,002,364 | ---- | M] () -- C:\Users\Steve\Desktop\Google Chrome.lnk
[2012/09/22 20:19:16 | 000,001,145 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/22 17:43:58 | 000,087,149 | ---- | M] () -- C:\Users\Steve\Desktop\Capture.JPG
[2012/09/21 21:41:01 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/09/21 21:41:00 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/09/21 21:41:00 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/09/21 21:40:59 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/09/21 21:40:59 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/09/21 21:40:59 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/09/21 21:22:11 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2012/09/21 21:20:53 | 000,000,095 | ---- | M] () -- C:\user.js
[2012/09/21 19:21:06 | 011,851,234 | ---- | M] () -- C:\Users\Steve\Desktop\EK000023.AVI.MP4
[2012/09/19 22:32:46 | 016,813,796 | ---- | M] () -- C:\Users\Steve\Desktop\EK000023.AVI
[2012/09/19 17:46:41 | 000,001,048 | ---- | M] () -- C:\Users\Steve\Desktop\HyperTerminal.lnk
[2012/09/15 12:01:59 | 000,002,248 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/09/15 12:01:14 | 000,739,824 | ---- | M] (Google Inc.) -- C:\Users\Steve\Desktop\GoogleEarthSetup.exe
[2012/09/15 10:43:27 | 000,298,482 | ---- | M] () -- C:\Users\Steve\Desktop\NuttyTime.png
[2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/09/25 20:19:51 | 000,359,721 | ---- | C] () -- C:\Users\Steve\Desktop\Mandatory Steps Before Requesting Assistance Security Cleanup FAQ _ DSLReports.pdf
[2012/09/24 20:26:00 | 000,217,416 | ---- | C] () -- C:\Users\Steve\Desktop\IMG_6159.jpg
[2012/09/23 09:47:39 | 000,002,364 | ---- | C] () -- C:\Users\Steve\Desktop\Google Chrome.lnk
[2012/09/23 09:46:50 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-987773743-2321138738-466706492-1000UA.job
[2012/09/23 09:46:50 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-987773743-2321138738-466706492-1000Core.job
[2012/09/22 20:19:16 | 000,001,145 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/22 17:43:58 | 000,087,149 | ---- | C] () -- C:\Users\Steve\Desktop\Capture.JPG
[2012/09/22 14:25:59 | 000,166,409 | ---- | C] () -- C:\Users\Steve\Desktop\aim recap 10-2006_eef.pdf
[2012/09/21 21:22:11 | 000,121,344 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax
[2012/09/21 21:22:11 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012/09/21 21:22:11 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2012/09/21 21:22:09 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax
[2012/09/21 21:22:09 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax
[2012/09/21 21:22:09 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax
[2012/09/21 21:22:09 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax
[2012/09/21 21:22:08 | 000,195,584 | RHS- | C] () -- C:\Windows\SysWow64\MatroskaDX.ax
[2012/09/21 21:22:08 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax
[2012/09/21 21:22:08 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax
[2012/09/21 21:22:07 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
[2012/09/21 21:22:07 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
[2012/09/21 21:20:53 | 000,000,095 | ---- | C] () -- C:\user.js
[2012/09/21 19:21:06 | 011,851,234 | ---- | C] () -- C:\Users\Steve\Desktop\EK000023.AVI.MP4
[2012/09/20 21:14:15 | 016,813,796 | ---- | C] () -- C:\Users\Steve\Desktop\EK000023.AVI
[2012/09/19 17:46:41 | 000,001,048 | ---- | C] () -- C:\Users\Steve\Desktop\HyperTerminal.lnk
[2012/09/19 17:45:32 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\UNWISE32.EXE
[2012/09/15 12:01:59 | 000,002,248 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/09/15 10:43:45 | 000,298,482 | ---- | C] () -- C:\Users\Steve\Desktop\NuttyTime.png
[2012/08/15 15:31:18 | 000,004,608 | ---- | C] () -- C:\Users\Steve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/26 16:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/06/26 16:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/06/26 16:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/06/26 16:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/06/26 16:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/06/19 20:00:24 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2012/05/31 16:44:22 | 000,000,036 | -H-- | C] () -- C:\Windows\SysWow64\f9t.dat
[2012/05/26 17:34:50 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012/04/27 16:22:04 | 000,188,538 | ---- | C] () -- C:\Users\Steve\AppData\Local\census.cache
[2012/04/27 16:21:59 | 000,108,325 | ---- | C] () -- C:\Users\Steve\AppData\Local\ars.cache
[2012/04/27 13:29:13 | 000,000,036 | ---- | C] () -- C:\Users\Steve\AppData\Local\housecall.guid.cache
[2012/03/15 14:20:40 | 000,003,072 | ---- | C] () -- C:\Users\Steve\AppData\Local\file__0.localstorage
[2012/03/10 11:06:49 | 000,780,618 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/03/04 13:16:07 | 000,007,605 | ---- | C] () -- C:\Users\Steve\AppData\Local\Resmon.ResmonCfg
[2012/03/04 11:54:51 | 000,000,079 | ---- | C] () -- C:\Users\Steve\AppData\Local\CrystalDiskMark30.ini
[2012/02/14 21:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/02/14 21:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/12/30 10:45:13 | 000,014,566 | ---- | C] () -- C:\Users\Steve\.TransferManager.db
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/06/10 08:15:20 | 000,005,718 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/07 15:27:12 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011/05/05 19:46:40 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/05/05 13:58:09 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/05/05 13:07:42 | 000,002,850 | ---- | C] () -- C:\Windows\hpwmdl22.dat.temp
[2011/05/05 13:04:05 | 000,233,110 | ---- | C] () -- C:\Windows\hpwins22.dat
[2011/05/05 13:04:05 | 000,002,850 | ---- | C] () -- C:\Windows\hpwmdl22.dat
[2011/05/05 12:29:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/05/05 12:16:09 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini


sawman
Premium
join:2002-04-25
BC KS
[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2012/04/01 22:51:46 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Ashisoft
[2012/09/21 21:20:37 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Babylon
[2012/08/04 14:06:21 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\CheckPoint
[2012/09/25 22:09:25 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DisplayFusion
[2012/09/16 15:57:01 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Folding@home-x86
[2012/09/22 23:31:47 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Folding@home-x86-2
[2012/09/16 15:57:07 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Folding@home-x86-3
[2012/09/21 22:50:21 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Folding@home-x86-4
[2011/11/11 20:13:26 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\GARMIN
[2011/12/11 20:06:17 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\GetRightToGo
[2012/03/09 17:10:29 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Leadertech
[2012/05/26 16:43:53 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Leawo
[2012/01/25 22:39:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\mjusbsp
[2012/03/05 12:35:22 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\OpenCandy
[2012/03/10 09:32:35 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Sammsoft
[2012/09/01 22:01:10 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Samsung
[2012/05/31 17:14:37 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Stamps.com Internet Postage
[2012/03/18 17:38:36 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\SystemRequirementsLab

[color=#E56717]========== Purity Check ==========[/color]

OTL Extras logfile created on: 9/25/2012 10:04:57 PM - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Steve\Desktop\security cleanup
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 3.62 Gb Available Physical Memory | 60.27% Memory free
12.00 Gb Paging File | 9.19 Gb Available in Paging File | 76.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 48.76 Gb Free Space | 40.93% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 121.56 Gb Free Space | 13.05% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 705.90 Gb Free Space | 75.78% Space Free | Partition Type: NTFS

Computer Name: OFFICE10 | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04ABFD83-B706-49A6-AAED-46DE75E18F0C}" = lport=139 | protocol=6 | dir=in | app=system |
"{0D95C221-D634-4E30-AA55-2F23956CB95E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1440C81C-D3B4-4C26-8AA7-871E68FC6A0F}" = rport=137 | protocol=17 | dir=out | app=system |
"{2CF6645C-74DF-4F49-8217-6CCC8B81483C}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{2F3F49EB-77BA-4665-BD26-29BC2D83C984}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{2FB6BA59-69DD-44F5-BA09-DA4A28B67CED}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B3A2A24-590D-44EF-9761-7124CED489CF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{486EB901-FD36-4111-8651-B045B463EEFD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{73DF851C-EDB4-437B-BB13-899A45C825BC}" = rport=138 | protocol=17 | dir=out | app=system |
"{85C3E6B7-295C-49AC-8D05-9A3A3F109FE4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{96DB7996-B515-454C-822C-DC56A3141EF8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A8C3D29B-05A5-4074-AC81-91661EEB02A5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AB7B18FF-3EE2-4EE6-B197-FED006785D7C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0577299-AC8B-4735-8822-1AC36E724661}" = lport=138 | protocol=17 | dir=in | app=system |
"{B536445F-7806-45A2-8906-D020AB568647}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B84A9EA9-9EF3-4FB7-87CA-168BDE1F0411}" = rport=139 | protocol=6 | dir=out | app=system |
"{C2552B71-51B2-47F3-A3E6-E30D50BBB6DA}" = rport=445 | protocol=6 | dir=out | app=system |
"{C8B771FC-1A6C-469B-BFC1-43978F07D446}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CAC465CD-1E2A-4420-A620-878D25554394}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CD7B4EAE-F7AF-4696-B8F4-355766D62029}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D190BA56-68C3-48AE-A0A1-AAA81823C943}" = lport=137 | protocol=17 | dir=in | app=system |
"{DF5B91C7-9AA7-45F7-83AB-1CD3BC677FC6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E7632022-8CEB-4581-A973-D5CFFFAFC479}" = lport=445 | protocol=6 | dir=in | app=system |
"{EDCE6526-B25C-40EF-B9D3-652E158879F5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF8A179E-8564-4DFA-A209-1C4464BFF5A1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09A8A531-BD2A-4FFE-9128-9B5447A61DCC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{0DD6E010-9A38-4119-85C4-9F7275166B56}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0F06799F-3D61-4464-8177-41F540B3E69C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0FF7A686-1B13-4A45-A06D-5A33C39FECA8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1D6214B7-EA91-462A-9349-669EEC5A3CC0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1DC80CD3-FE87-42AF-8DD4-B9CD52DF804E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1FFC4A55-9CC1-4326-84F6-AF75746F5A46}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{2314630F-F66D-4672-9C57-0C3FC6FDB907}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2D9D873E-A050-430F-8D9B-6A1377FD0673}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{339ADA08-6B03-41AB-9862-00BA3E96F5EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{34A0C709-3CE7-425F-AF75-4D08440CB5EF}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3DEFE96D-8DB0-4193-BCC3-90B9780E2F9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3EDB38F1-D42E-4F5D-814E-13CF7D1F9E9F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4475EE31-2AEC-488B-AE31-EA894BD1BBEB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{480BF7C7-DE6A-4B14-A3C1-6B41D14536D1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4AF2F995-E764-42D3-BF6D-202CB850C9E2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50FD6174-0952-43D5-B4E3-01C73661CEA9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{539407A1-F7A2-4E76-B613-6A55E678184A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{54983D90-D343-4F94-8AB2-77BF13004503}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{55FAB16D-0560-45B8-B569-C3467472C69D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{5AB89271-5874-4D84-A52D-F00EF74A9CB1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{5E374930-D8A3-432E-9D8C-C7CEA76FDD44}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{604426D5-CF3E-4760-8BEE-8425117D4F4D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7449A0BA-D024-4002-B6AB-CEE2B34D86F3}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{748A25BB-9532-4B4E-8448-D48CD9F92A1D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{78C9C61B-6C3D-400D-BA6A-2280116F2D3F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7CEB03C1-A58E-4788-8D92-8E75AFEC9818}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{81A9F773-5BE8-4E70-A64D-4FAD4695FBF6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{83BE8AB2-7277-4BDA-91ED-C9C81EFD74D3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{85615814-2EB2-4269-81C7-C3DE1387C020}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{863E13EC-C7B3-4972-B0E2-C6027FB41AD3}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{8D68BECC-C270-4EAD-B304-CC2271F7E28A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{90EA2277-5E2F-46AD-BE8D-8DC6AB626A54}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9BA704E4-61DE-4256-AE70-6C7E1C160E88}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9FAC8395-536D-4885-8BF0-1060E07327E7}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A714BBEE-63BD-48F5-8A4E-0326E7CEAC4C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{AC4A27DD-12BC-4BE8-B37F-7C124AAAC420}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B01BCD24-B4E8-4D60-9CD0-009B5A9CCE54}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9AB824F-A903-4DFB-B6FD-19270B25A9E9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{BB22D0D7-C7DD-4D2F-AE66-192B7031AA90}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C1C2C8AE-C3C5-424B-9EA5-35C6FF70E047}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C38AB1F4-D86A-4A33-801A-80AFF678EDB7}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C79A58CA-FA27-415E-B5BA-FE097FDA5117}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CACD4BD8-6CFB-480C-AC8C-A6275B842CD3}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{CDDF19A4-9740-4505-AF2E-A726251002D0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{CF0769CF-9B47-45E1-95F7-85E6CD39783C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{D03AE73C-D951-48A3-B90E-CE7E676EE5E5}" = protocol=6 | dir=out | app=system |
"{D1937746-EB04-4657-A5B5-B7CE0B91F070}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{D321E5B7-7F39-4830-9181-7585F7E57FF6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{D582038C-E834-4627-88C1-D8BC3368A4F5}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D9FC5E52-82E3-47A1-81E5-A83810A0CD2F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{DAE31904-488B-4167-8B1E-833D95BE8F7D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\{f86d9734-d358-4c5b-bc2b-6d90557ff05b}\setup\hpznui40.exe |
"{E031D159-5E22-4B9D-9877-67541BADC120}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FB7CA8B9-36B1-42C4-910D-A1FB706CD697}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{FBEA93C9-51D5-4DD8-A458-CE490F58B9A3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"TCP Query User{36A29456-2481-49CC-B0ED-FFFCFC20DBE1}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{63AB6FF1-0649-4E88-88A4-602C4A61E3FA}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{799842C0-DC4E-40F4-9221-45494FEE8B6C}C:\windows\syswow64\ipcamera.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\ipcamera.exe |
"TCP Query User{8F28B846-9044-4090-AEA0-70E436E55997}C:\program files (x86)\printershare\paconsole.exe" = protocol=6 | dir=in | app=c:\program files (x86)\printershare\paconsole.exe |
"UDP Query User{21D7C78E-AABB-4880-A9A9-7046EFAA0462}C:\program files (x86)\printershare\paconsole.exe" = protocol=17 | dir=in | app=c:\program files (x86)\printershare\paconsole.exe |
"UDP Query User{84DBC8D2-1822-467F-841F-7C7C30109BF9}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{B1C744F2-23D5-4B47-88F2-D5331277F1FC}C:\windows\syswow64\ipcamera.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\ipcamera.exe |
"UDP Query User{E6532FCB-B37D-4E59-A1CA-1FF1C87F5A5C}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0210B563-198E-5A4B-E757-7BC4AC7677F8}" = AMD AVIVO64 Codecs
"{089E65D5-D06A-FE49-8D9C-9CABDF8858F5}" = ccc-utility64
"{0DA20600-6130-443B-9D4B-F30520315FA6}" = Bonjour Print Services
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{35B226DA-E3F6-21FD-31AB-0046C6E87043}" = ATI Problem Report Wizard
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{698EDD46-FC0B-926F-54DF-23B6BB20EDFC}" = AMD Drag and Drop Transcoding
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6DB97EF8-603B-FB96-9B56-6F0D23E14263}" = AMD Media Foundation Decoders
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Windows Mobile Device Center Driver Update
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A8F58241-BE2F-4D8E-88D9-2A5788EBFBCD}" = PrinterShare 2.3.06
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F4C71C2A-F068-8EEB-61AE-EA4707C57A1B}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F86D9734-D358-4C5B-BC2B-6D90557FF05B}" = HP Officejet Pro 8500 A909 Series
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"ARO 2012_is1" = ARO 2012
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60
"CrystalDiskMark_is1" = CrystalDiskMark 3.0.1c
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DriverAgent.exe" = DriverAgent by eSupport.com
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.32
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0670E1C9-84EF-4C85-B030-CF0A5A76B212}_is1" = Duplicate Finder
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0C976EC5-842F-4313-B2AB-EDDBCCD3A222}" = System Requirements Lab
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{0CE6E094-B07B-CC6B-F7FD-9D7BD7BE0D86}" = CCC Help Thai
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1A22A15D-E88A-427A-90E2-137245143239}" = Garmin Lifetime Updater
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{28EBD8EA-6050-431C-8258-23B268E9DB53}" = ZoneAlarm Firewall
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{3857A262-3B88-127A-96DB-5317B0F9B78C}" = CCC Help Dutch
"{3993DBF6-32F6-488B-9009-E156075AF7B7}" = CCC Help Greek
"{3A090DC5-ADF9-6B83-1095-017754BEC3D0}" = CCC Help Finnish
"{3BCD05CE-8CDE-9503-8794-D8CDB9FA8562}" = Catalyst Control Center InstallProxy
"{3D73DC7A-2D1D-45CF-8A67-24873925C716}" = bpd_scan
"{3D843732-70CD-4DEF-A36F-AEFB87C80DC9}" = ProductContext
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B10.0422.2
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}" = Alcor Micro USB Card Reader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"{59FB1BE3-155C-72B1-B5F6-B086DEB7D064}" = CCC Help Hungarian
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5EEA2FBB-1AAF-56D0-C2E5-580ACEA4DED5}" = CCC Help Russian
"{69754D89-C21E-4851-83C0-399DE63C6579}" = 8500A909_Help
"{698AC01B-DF0C-4BCE-940C-EB29AD23A560}" = Stamps.com
"{69EB5C18-1222-41F1-8C75-69B5F55F4321}" = Garmin Lifetime Updater
"{6B755EC3-C709-4F5C-BC58-BC0D3967B6B6}" = Folding@home-x86
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{7106B820-2071-2B46-7817-5F6ADD1FA112}" = CCC Help Polish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{725B5F90-BD27-A74D-7685-48795904FCF3}" = CCC Help Japanese
"{73ACFCD5-4CA0-4404-8A50-009942DE70AB}" = Intellicast Desktop
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{78887CA0-E5F1-3C99-B120-95310B217AB8}" = CCC Help French
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7EA8EF0D-F942-483B-8565-C9D6E3272378}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
"{82892947-1311-D6CA-8B79-2753E398FE32}" = CCC Help German
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{855E0BF8-5448-9681-B36E-B84029D355E4}" = CCC Help Danish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8AEA6737-8AF3-47BB-95CE-AAB62BE68985}" = MPM
"{8ED02445-D491-414C-A56D-2ED6BBB7239A}" = Garmin Communicator Plugin
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F311E72-C27F-4DF0-8254-B739A1831668}_is1" = SUPER © v2012.build.53 (Sep 13, 2012) version v2012.build.53
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9090E44B-CFBA-47D4-2225-3037C539E7E9}" = Catalyst Control Center Graphics Previews Common
"{90DCE328-65D6-0CC0-14FF-A86D6EC57035}" = CCC Help Chinese Traditional
"{91C3236F-645F-52FD-6A83-A4CE5EE8028D}" = CCC Help Czech
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{93E4DD5D-6937-4292-98FE-A567A5A51448}" = ZoneAlarm Security
"{943A7AF0-C019-0CFB-BA79-F063E7980B25}" = Catalyst Control Center
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-0137-0409-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A6CF1995-854B-0B57-BF9D-AD665C52493C}" = CCC Help Chinese Standard
"{A6F797DB-9D0C-4243-B15B-91CD21D7E980}" = 8500A909a
"{A7A02E23-805C-4AAC-B408-D59A1D53AEA6}" = BPDSoftware
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AB0670D8-C462-750A-D34D-F18D38C0D64E}" = CCC Help Swedish
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC4E477E-BBD4-4C68-8D6C-D10C3BB658F3}" = BPD_DSWizards
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AD0AA962-111E-41D5-A705-0E3D9178A661}" = BPDSoftware_Ini
"{AD59DD0E-E36C-9FF1-2F22-ADFA10A43D61}" = CCC Help Italian
"{B318D3D1-3421-4E2A-9C63-5D8FC2457B9C}" = 8500A909_eDocs
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE0AC13A-77D2-11E0-B15B-81BA4824019B}" = PowerChute Personal Edition 3.0.0.1
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C1C7818F-8270-BA45-D317-675187B9E33E}" = CCC Help Korean
"{C9115BBB-C00B-481A-FD6A-C2BCDC88D6A1}" = CCC Help Turkish
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE4C9170-F517-42EB-A5CB-F16DE610315A}" = Stamps.com Application Support for Microsoft Outlook 2000-2010
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D6D62F1D-E3D6-E982-48B4-A20663B1FB7D}" = HydraVision
"{D9261CAB-3E1D-423C-9DD6-2001056DA292}" = Manual CanoScan 5000,5000F,8000F
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DAD4DE93-9438-4823-AE5E-93A1BE846FE0}" = Stamps.com Application Support for Microsoft Word 2000-2010
"{DED01768-E634-11E1-AEB0-984BE15F174E}" = Evernote v. 4.5.8
"{E100AC00-5097-16FE-E007-3D5156FC2B93}" = CCC Help Portuguese
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3AA13F6-F494-D77F-C678-B8E6F8B66448}" = CCC Help Spanish
"{E56685FB-BC75-3BC4-526A-15FD1278F174}" = Catalyst Control Center Localization All
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECA16F5B-C5FD-2021-09B1-CA7CB49FDF46}" = CCC Help Norwegian
"{EF2586BE-6016-DBED-06AB-569B429893A1}" = CCC Help English
"{EFE3D683-903C-4B58-AB8F-C68C69F33758}" = System Requirements Lab for Intel
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AmUStor" = Alcor Micro USB Card Reader
"Avira AntiVir Desktop" = Avira Free Antivirus
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 4.1
"Canon iP90 Setup Utility" = Canon iP90 Setup Utility
"Cisco Connect" = Cisco Connect
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.3.0
"CursorFX" = CursorFX
"EasyBloom" = EasyBloom Companion
"Easy-WebPrint" = Easy-WebPrint
"EGREEN" = ASUS E-Green Uninstall
"Flash Saving Plugin" = Flash Saving Plugin
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Giant Savings" = Giant Savings
"HTPE3" = HyperTerminal Private Edition v7.0
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B09.1014.2
"IP Camera" = IP Camera
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Basic)
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"Pankaj Arora Software's Tumi Cursor PowerPack" = Pankaj Arora Software's Tumi Cursor PowerPack (Remove)
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"Stamps.com" = Stamps.com
"Stamps.com support for Microsoft Outlook 2000-2010" = Stamps.com support for Microsoft Outlook 2000-2010
"Stamps.com support for Microsoft Word 2000-2010" = Stamps.com support for Microsoft Word 2000-2010
"Unigine Heaven DX11 Benchmark 2.5_is1" = Unigine Heaven DX11 Benchmark 2.5 version 2.5
"VLC media player" = VLC media player 2.0.2
"YTdetect" = Yahoo! Detect
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{43F72AA1-A098-4AB7-B3D1-5CE4D688B086}" = Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7
"Google Chrome" = Google Chrome
"Kies Air Discovery Service" = Kies Air Discovery Service
"MyFreeCodec" = MyFreeCodec

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]


sawman
Premium
join:2002-04-25
BC KS
reply to sawman
[ Application Events ]
Error - 8/4/2012 7:43:08 PM | Computer Name = Office10 | Source = Application Error | ID = 1000
Description = Faulting application name: GoogleCrashHandler.exe, version: 1.3.21.115,
time stamp: 0x4fc67a1c Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id:
0xcc4 Faulting application start time: 0x01cd729adffd6725 Faulting application path:
C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe Faulting
module path: unknown Report Id: 2460938b-de8e-11e1-9189-1c6f659142c1

Error - 8/4/2012 10:42:48 PM | Computer Name = Office10 | Source = Application Hang | ID = 1002
Description = The program OUTLOOK.EXE version 14.0.6117.5001 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1ba8 Start
Time: 01cd72b13420f370 Termination Time: 0 Application Path: C:\Program Files (x86)\Microsoft
Office\Office14\OUTLOOK.EXE Report Id: 33d59b0b-dea7-11e1-8f0a-1c6f659142c1

Error - 8/8/2012 8:39:13 PM | Computer Name = Office10 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/8/2012 8:39:13 PM | Computer Name = Office10 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1404

Error - 8/8/2012 8:39:13 PM | Computer Name = Office10 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1404

Error - 8/10/2012 8:21:25 PM | Computer Name = Office10 | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 8/10/2012 8:21:25 PM | Computer Name = Office10 | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 8/12/2012 6:06:33 PM | Computer Name = Office10 | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 21.0.1180.60, time
stamp: 0x501758c9 Faulting module name: chrome.dll, version: 21.0.1180.60, time
stamp: 0x5017588a Exception code: 0xc0000005 Fault offset: 0x000149a0 Faulting process
id: 0x1acc Faulting application start time: 0x01cd733fb431f8eb Faulting application
path: C:\Users\Steve\AppData\Local\Google\Chrome\Application\chrome.exe Faulting
module path: C:\Users\Steve\AppData\Local\Google\Chrome\Application\21.0.1180.60\chrome.dll
Report
Id: f9d9a0f6-e4c9-11e1-809c-1c6f659142c1

Error - 8/13/2012 10:20:00 AM | Computer Name = Office10 | Source = Windows Backup | ID = 4104
Description =

Error - 8/13/2012 5:55:36 PM | Computer Name = Office10 | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16447 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 59f4 Start
Time: 01cd799db3886f9c Termination Time: 0 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id:

[ Media Center Events ]
Error - 8/30/2012 5:13:51 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 4:13:27 AM - Failed to retrieve EpgListings (Error: Unable to connect
to the remote server)

Error - 9/6/2012 5:54:41 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 4:54:41 AM - Error connecting to the internet. 4:54:41 AM - Unable
to contact server..

Error - 9/6/2012 5:55:15 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 4:55:10 AM - Error connecting to the internet. 4:55:10 AM - Unable
to contact server..

Error - 9/6/2012 6:55:46 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 5:55:46 AM - Error connecting to the internet. 5:55:46 AM - Unable
to contact server..

Error - 9/6/2012 6:56:20 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 5:56:15 AM - Error connecting to the internet. 5:56:15 AM - Unable
to contact server..

Error - 9/6/2012 7:56:51 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 6:56:51 AM - Error connecting to the internet. 6:56:51 AM - Unable
to contact server..

Error - 9/6/2012 7:57:25 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 6:57:20 AM - Error connecting to the internet. 6:57:20 AM - Unable
to contact server..

Error - 9/6/2012 8:57:56 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 7:57:56 AM - Error connecting to the internet. 7:57:56 AM - Unable
to contact server..

Error - 9/6/2012 8:58:30 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 7:58:25 AM - Error connecting to the internet. 7:58:25 AM - Unable
to contact server..

Error - 9/15/2012 5:21:39 AM | Computer Name = Office10 | Source = MCUpdate | ID = 0
Description = 4:21:39 AM - Failed to retrieve ClientUpdate (Error: Unable to connect
to the remote server)

[ System Events ]
Error - 8/24/2012 2:35:23 PM | Computer Name = Office10 | Source = DCOM | ID = 10005
Description =

Error - 8/24/2012 2:35:23 PM | Computer Name = Office10 | Source = DCOM | ID = 10005
Description =

Error - 8/26/2012 1:52:07 PM | Computer Name = Office10 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/2/2012 3:28:32 PM | Computer Name = Office10 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/5/2012 6:48:38 PM | Computer Name = Office10 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/8/2012 9:06:20 AM | Computer Name = Office10 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/16/2012 10:50:04 AM | Computer Name = Office10 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk4\DR13.

Error - 9/16/2012 10:50:09 AM | Computer Name = Office10 | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk4\DR13.

Error - 9/19/2012 6:49:51 PM | Computer Name = Office10 | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 9/22/2012 3:16:58 PM | Computer Name = Office10 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:15:20 PM on ?9/?22/?2012 was unexpected.

Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
[u]``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Disabled!
Avira Desktop
Microsoft Security Essentials
Antivirus up to date!
[u]`````````Anti-malware/Other Utilities Check:`````````[/u]
Malwarebytes Anti-Malware version 1.65.0.1400
JavaFX 2.1.1
Java 7 Update 7
Adobe Reader X (10.1.4)
Google Chrome 21.0.1180.89
[u]````````Process Check: objlist.exe by Laurent````````[/u]
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm zatray.exe
[u]`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 12% [color=red]Defragment your hard drive soon! (Do NOT defrag if SSD!)[/color]
[u]````````````````````End of Log``````````````````````[/u]

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

ESET only flagged stressreducers.exe on hard drive E, this is all that was in the log.txt. Claro search still opens in Chrome and jollywallet is ensconced in the bar. Thanks for your help.


lilhurricane
Crunchin' For Cures
Numquam oblita
join:2003-01-11
Purple Zone
kudos:57
If you could also download and run TDSS Killer (#4), posting the log in your next reply

We'll need the entire log, even if you 'think/see' nothing detected.

»Security Cleanup FAQ »Rootkit Detection Applications
.


sawman
Premium
join:2002-04-25
BC KS
I ran TDSS Killer and it found nothing, but I am unable to copy and paste the log for some reason.


lilhurricane
Crunchin' For Cures
Numquam oblita
join:2003-01-11
Purple Zone
kudos:57
Upload it as an attachment?


sawman
Premium
join:2002-04-25
BC KS
17:37:16.0736 9920 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
17:37:17.0326 9920 ============================================================
17:37:17.0326 9920 Current date / time: 2012/09/26 17:37:17.0326
17:37:17.0326 9920 SystemInfo:
17:37:17.0326 9920
17:37:17.0326 9920 OS Version: 6.1.7601 ServicePack: 1.0
17:37:17.0326 9920 Product type: Workstation
17:37:17.0327 9920 ComputerName: OFFICE10
17:37:17.0327 9920 UserName: Steve
17:37:17.0327 9920 Windows directory: C:\Windows
17:37:17.0327 9920 System windows directory: C:\Windows
17:37:17.0327 9920 Running under WOW64
17:37:17.0327 9920 Processor architecture: Intel x64
17:37:17.0327 9920 Number of processors: 8
17:37:17.0327 9920 Page size: 0x1000
17:37:17.0327 9920 Boot type: Normal boot
17:37:17.0327 9920 ============================================================
17:37:23.0108 9920 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0xE584, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
17:37:23.0111 9920 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:37:23.0111 9920 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:37:23.0111 9920 Drive \Device\Harddisk3\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:37:23.0116 9920 ============================================================
17:37:23.0116 9920 \Device\Harddisk0\DR0:
17:37:23.0116 9920 MBR partitions:
17:37:23.0116 9920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:37:23.0116 9920 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
17:37:23.0116 9920 \Device\Harddisk1\DR1:
17:37:23.0116 9920 Invalid mbr signature
17:37:23.0116 9920 \Device\Harddisk2\DR2:
17:37:23.0116 9920 MBR partitions:
17:37:23.0116 9920 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:37:23.0116 9920 \Device\Harddisk3\DR3:
17:37:23.0117 9920 MBR partitions:
17:37:23.0117 9920 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:37:23.0117 9920 ============================================================
17:37:23.0117 9920 C: \Device\Harddisk0\DR0\Partition2
17:37:23.0126 9920 D: \Device\Harddisk2\DR2\Partition1
17:37:23.0170 9920 E: \Device\Harddisk3\DR3\Partition1
17:37:23.0170 9920 ============================================================
17:37:23.0170 9920 Initialize success
17:37:23.0170 9920 ============================================================
17:38:57.0116 4732 ============================================================
17:38:57.0116 4732 Scan started
17:38:57.0116 4732 Mode: Manual;
17:38:57.0116 4732 ============================================================
17:38:57.0318 4732 ================ Scan system memory ========================
17:38:57.0318 4732 System memory - ok
17:38:57.0319 4732 ================ Scan services =============================
17:38:57.0348 4732 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:38:57.0350 4732 1394ohci - ok
17:38:57.0357 4732 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:38:57.0361 4732 ACPI - ok
17:38:57.0365 4732 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:38:57.0365 4732 AcpiPmi - ok
17:38:57.0370 4732 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:38:57.0376 4732 AdobeARMservice - ok
17:38:57.0390 4732 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:38:57.0392 4732 AdobeFlashPlayerUpdateSvc - ok
17:38:57.0400 4732 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:38:57.0405 4732 adp94xx - ok
17:38:57.0412 4732 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:38:57.0416 4732 adpahci - ok
17:38:57.0421 4732 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:38:57.0423 4732 adpu320 - ok
17:38:57.0429 4732 [ 96A0FF09E226B023DC6ACA253AACEE2E ] ADVService C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
17:38:57.0429 4732 ADVService - ok
17:38:57.0434 4732 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:38:57.0435 4732 AeLookupSvc - ok
17:38:57.0442 4732 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:38:57.0445 4732 AFD - ok
17:38:57.0448 4732 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:38:57.0449 4732 agp440 - ok
17:38:57.0452 4732 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:38:57.0453 4732 ALG - ok
17:38:57.0455 4732 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:38:57.0456 4732 aliide - ok
17:38:57.0460 4732 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:38:57.0461 4732 AMD External Events Utility - ok
17:38:57.0463 4732 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:38:57.0464 4732 amdide - ok
17:38:57.0467 4732 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:38:57.0468 4732 AmdK8 - ok
17:38:57.0545 4732 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:38:57.0617 4732 amdkmdag - ok
17:38:57.0624 4732 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:38:57.0626 4732 amdkmdap - ok
17:38:57.0629 4732 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:38:57.0630 4732 AmdPPM - ok
17:38:57.0633 4732 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:38:57.0634 4732 amdsata - ok
17:38:57.0638 4732 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:38:57.0640 4732 amdsbs - ok
17:38:57.0642 4732 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:38:57.0643 4732 amdxata - ok
17:38:57.0647 4732 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:38:57.0648 4732 AntiVirSchedulerService - ok
17:38:57.0650 4732 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:38:57.0656 4732 AntiVirService - ok
17:38:57.0659 4732 [ 437A8FD32C54B9B072663127DF6F4A26 ] APC Data Service C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
17:38:57.0659 4732 APC Data Service - ok
17:38:57.0666 4732 [ 05111648D41351D1F0EBA05C9165B3DA ] APC UPS Service C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
17:38:57.0669 4732 APC UPS Service - ok
17:38:57.0672 4732 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:38:57.0673 4732 AppID - ok
17:38:57.0675 4732 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:38:57.0676 4732 AppIDSvc - ok
17:38:57.0678 4732 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:38:57.0679 4732 Appinfo - ok
17:38:57.0682 4732 [ A632D9EA15F37D2605A7FCAF3892EC96 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
17:38:57.0682 4732 AppleCharger - ok
17:38:57.0684 4732 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
17:38:57.0685 4732 AppleChargerSrv - ok
17:38:57.0689 4732 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:38:57.0690 4732 AppMgmt - ok
17:38:57.0693 4732 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:38:57.0694 4732 arc - ok
17:38:57.0697 4732 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:38:57.0698 4732 arcsas - ok
17:38:57.0705 4732 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:38:57.0709 4732 aspnet_state - ok
17:38:57.0712 4732 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:38:57.0712 4732 AsyncMac - ok
17:38:57.0715 4732 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:38:57.0715 4732 atapi - ok
17:38:57.0719 4732 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:38:57.0720 4732 AtiHDAudioService - ok
17:38:57.0727 4732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:38:57.0731 4732 AudioEndpointBuilder - ok
17:38:57.0738 4732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:38:57.0740 4732 AudioSrv - ok
17:38:57.0743 4732 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:38:57.0744 4732 avgntflt - ok
17:38:57.0747 4732 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:38:57.0748 4732 avipbb - ok
17:38:57.0750 4732 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:38:57.0751 4732 avkmgr - ok
17:38:57.0754 4732 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:38:57.0755 4732 AxInstSV - ok
17:38:57.0761 4732 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:38:57.0765 4732 b06bdrv - ok
17:38:57.0769 4732 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:38:57.0772 4732 b57nd60a - ok
17:38:57.0776 4732 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:38:57.0777 4732 BDESVC - ok
17:38:57.0779 4732 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:38:57.0779 4732 Beep - ok
17:38:57.0787 4732 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:38:57.0792 4732 BFE - ok
17:38:57.0800 4732 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:38:57.0806 4732 BITS - ok
17:38:57.0809 4732 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:38:57.0809 4732 blbdrive - ok
17:38:57.0814 4732 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:38:57.0820 4732 Bonjour Service - ok
17:38:57.0823 4732 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:38:57.0824 4732 bowser - ok
17:38:57.0826 4732 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:38:57.0827 4732 BrFiltLo - ok
17:38:57.0829 4732 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:38:57.0830 4732 BrFiltUp - ok
17:38:57.0833 4732 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:38:57.0834 4732 Browser - ok
17:38:57.0838 4732 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:38:57.0840 4732 Brserid - ok
17:38:57.0843 4732 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:38:57.0844 4732 BrSerWdm - ok
17:38:57.0846 4732 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:38:57.0847 4732 BrUsbMdm - ok
17:38:57.0849 4732 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:38:57.0850 4732 BrUsbSer - ok
17:38:57.0854 4732 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:38:57.0855 4732 BTHMODEM - ok
17:38:57.0859 4732 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:38:57.0860 4732 bthserv - ok
17:38:57.0862 4732 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:38:57.0863 4732 cdfs - ok
17:38:57.0867 4732 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:38:57.0867 4732 cdrom - ok
17:38:57.0870 4732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:38:57.0871 4732 CertPropSvc - ok
17:38:57.0873 4732 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:38:57.0874 4732 circlass - ok
17:38:57.0880 4732 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:38:57.0883 4732 CLFS - ok
17:38:57.0887 4732 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:57.0891 4732 clr_optimization_v2.0.50727_32 - ok
17:38:57.0894 4732 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:38:57.0898 4732 clr_optimization_v2.0.50727_64 - ok
17:38:57.0903 4732 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:38:57.0906 4732 clr_optimization_v4.0.30319_32 - ok
17:38:57.0909 4732 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:38:57.0910 4732 clr_optimization_v4.0.30319_64 - ok
17:38:57.0913 4732 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:38:57.0913 4732 CmBatt - ok
17:38:57.0916 4732 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:38:57.0916 4732 cmdide - ok
17:38:57.0922 4732 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:38:57.0925 4732 CNG - ok
17:38:57.0928 4732 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:38:57.0929 4732 Compbatt - ok
17:38:57.0931 4732 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:38:57.0932 4732 CompositeBus - ok
17:38:57.0934 4732 COMSysApp - ok
17:38:57.0937 4732 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:38:57.0938 4732 crcdisk - ok
17:38:57.0942 4732 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:38:57.0943 4732 CryptSvc - ok
17:38:57.0949 4732 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:38:57.0953 4732 CSC - ok
17:38:57.0960 4732 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:38:57.0964 4732 CscService - ok
17:38:57.0972 4732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:38:57.0976 4732 DcomLaunch - ok
17:38:57.0980 4732 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:38:57.0983 4732 defragsvc - ok
17:38:57.0986 4732 [ FDC0C5ADDE1CDE6EDB0BEF78F0699AF3 ] DES2 Service C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
17:38:57.0992 4732 DES2 Service - ok
17:38:57.0995 4732 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:38:57.0996 4732 DfsC - ok
17:38:57.0999 4732 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:38:58.0000 4732 dg_ssudbus - ok
17:38:58.0005 4732 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:38:58.0007 4732 Dhcp - ok
17:38:58.0010 4732 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:38:58.0010 4732 discache - ok
17:38:58.0014 4732 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:38:58.0015 4732 Disk - ok
17:38:58.0018 4732 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:38:58.0020 4732 Dnscache - ok
17:38:58.0024 4732 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:38:58.0026 4732 dot3svc - ok
17:38:58.0030 4732 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:38:58.0031 4732 DPS - ok
17:38:58.0033 4732 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:38:58.0033 4732 drmkaud - ok
17:38:58.0042 4732 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
17:38:58.0045 4732 DrvAgent64 - ok
17:38:58.0055 4732 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:38:58.0061 4732 DXGKrnl - ok
17:38:58.0065 4732 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:38:58.0065 4732 EapHost - ok
17:38:58.0092 4732 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:38:58.0115 4732 ebdrv - ok
17:38:58.0119 4732 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:38:58.0120 4732 EFS - ok
17:38:58.0127 4732 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:38:58.0130 4732 ehRecvr - ok
17:38:58.0133 4732 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:38:58.0133 4732 ehSched - ok
17:38:58.0140 4732 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:38:58.0144 4732 elxstor - ok
17:38:58.0146 4732 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:38:58.0147 4732 ErrDev - ok
17:38:58.0155 4732 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:38:58.0157 4732 EventSystem - ok
17:38:58.0161 4732 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:38:58.0163 4732 exfat - ok
17:38:58.0166 4732 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:38:58.0168 4732 fastfat - ok
17:38:58.0176 4732 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:38:58.0180 4732 Fax - ok
17:38:58.0183 4732 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:38:58.0184 4732 fdc - ok
17:38:58.0186 4732 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:38:58.0186 4732 fdPHost - ok
17:38:58.0189 4732 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:38:58.0189 4732 FDResPub - ok
17:38:58.0192 4732 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:38:58.0193 4732 FileInfo - ok
17:38:58.0195 4732 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:38:58.0196 4732 Filetrace - ok
17:38:58.0198 4732 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:38:58.0199 4732 flpydisk - ok
17:38:58.0203 4732 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:38:58.0205 4732 FltMgr - ok
17:38:58.0216 4732 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:38:58.0224 4732 FontCache - ok
17:38:58.0227 4732 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:38:58.0227 4732 FontCache3.0.0.0 - ok
17:38:58.0230 4732 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:38:58.0231 4732 FsDepends - ok
17:38:58.0233 4732 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:38:58.0234 4732 Fs_Rec - ok
17:38:58.0238 4732 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:38:58.0240 4732 fvevol - ok
17:38:58.0243 4732 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:38:58.0244 4732 gagp30kx - ok
17:38:58.0246 4732 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
17:38:58.0246 4732 gdrv - ok
17:38:58.0254 4732 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:38:58.0259 4732 gpsvc - ok
17:38:58.0263 4732 GPU-Z - ok
17:38:58.0267 4732 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:38:58.0267 4732 gupdate - ok
17:38:58.0270 4732 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:38:58.0271 4732 gupdatem - ok
17:38:58.0273 4732 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
17:38:58.0273 4732 GVTDrv64 - ok
17:38:58.0276 4732 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:38:58.0277 4732 hcw85cir - ok
17:38:58.0290 4732 [ CF2E500E1060D94F6259C3A9038018BC ] hcw89 C:\Windows\system32\DRIVERS\hcw89.sys
17:38:58.0301 4732 hcw89 - ok
17:38:58.0306 4732 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:38:58.0309 4732 HdAudAddService - ok
17:38:58.0313 4732 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:38:58.0313 4732 HDAudBus - ok
17:38:58.0316 4732 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:38:58.0317 4732 HidBatt - ok
17:38:58.0320 4732 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:38:58.0321 4732 HidBth - ok
17:38:58.0323 4732 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:38:58.0324 4732 HidIr - ok
17:38:58.0327 4732 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:38:58.0327 4732 hidserv - ok
17:38:58.0330 4732 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:38:58.0330 4732 HidUsb - ok
17:38:58.0333 4732 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:38:58.0334 4732 hkmsvc - ok
17:38:58.0338 4732 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:38:58.0340 4732 HomeGroupListener - ok
17:38:58.0344 4732 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:38:58.0345 4732 HomeGroupProvider - ok
17:38:58.0351 4732 [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:38:58.0352 4732 hpqcxs08 - ok
17:38:58.0355 4732 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:38:58.0356 4732 hpqddsvc - ok
17:38:58.0359 4732 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:38:58.0360 4732 HpSAMD - ok
17:38:58.0370 4732 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:38:58.0376 4732 HPSLPSVC - ok
17:38:58.0384 4732 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:38:58.0389 4732 HTTP - ok
17:38:58.0392 4732 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:38:58.0392 4732 hwpolicy - ok
17:38:58.0395 4732 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:38:58.0396 4732 i8042prt - ok
17:38:58.0403 4732 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:38:58.0405 4732 iaStor - ok
17:38:58.0408 4732 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:38:58.0408 4732 IAStorDataMgrSvc - ok
17:38:58.0414 4732 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:38:58.0417 4732 iaStorV - ok
17:38:58.0421 4732 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:38:58.0426 4732 IDriverT - ok
17:38:58.0435 4732 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:38:58.0449 4732 idsvc - ok
17:38:58.0452 4732 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:38:58.0453 4732 iirsp - ok
17:38:58.0462 4732 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:38:58.0469 4732 IKEEXT - ok
17:38:58.0507 4732 [ 150AC23F21DBDBF8488408BA944B0D65 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:38:58.0540 4732 IntcAzAudAddService - ok
17:38:58.0544 4732 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:38:58.0544 4732 intelide - ok
17:38:58.0547 4732 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:38:58.0547 4732 intelppm - ok
17:38:58.0550 4732 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:38:58.0552 4732 IPBusEnum - ok
17:38:58.0555 4732 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:38:58.0556 4732 IpFilterDriver - ok
17:38:58.0562 4732 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:38:58.0566 4732 iphlpsvc - ok
17:38:58.0569 4732 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:38:58.0571 4732 IPMIDRV - ok
17:38:58.0574 4732 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:38:58.0575 4732 IPNAT - ok
17:38:58.0577 4732 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:38:58.0578 4732 IRENUM - ok
17:38:58.0580 4732 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:38:58.0581 4732 isapnp - ok
17:38:58.0585 4732 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:38:58.0588 4732 iScsiPrt - ok
17:38:58.0591 4732 [ 420B9729A7DE07D4AAFFAA7D9D13B452 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
17:38:58.0591 4732 ISWKL - ok
17:38:58.0599 4732 [ EEDAC170E922A4BD19FDB3D0D55786BB ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
17:38:58.0602 4732 IswSvc - ok
17:38:58.0605 4732 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:38:58.0606 4732 kbdclass - ok
17:38:58.0608 4732 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:38:58.0609 4732 kbdhid - ok
17:38:58.0611 4732 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:38:58.0612 4732 KeyIso - ok
17:38:58.0614 4732 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:38:58.0616 4732 KSecDD - ok
17:38:58.0619 4732 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:38:58.0621 4732 KSecPkg - ok
17:38:58.0623 4732 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:38:58.0624 4732 ksthunk - ok
17:38:58.0628 4732 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:38:58.0632 4732 KtmRm - ok
17:38:58.0636 4732 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:38:58.0638 4732 LanmanServer - ok
17:38:58.0641 4732 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:38:58.0643 4732 LanmanWorkstation - ok
17:38:58.0650 4732 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:38:58.0653 4732 LBTServ - ok
17:38:58.0657 4732 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:38:58.0658 4732 LHidFilt - ok
17:38:58.0660 4732 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:38:58.0661 4732 lltdio - ok
17:38:58.0665 4732 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:38:58.0668 4732 lltdsvc - ok
17:38:58.0671 4732 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:38:58.0672 4732 lmhosts - ok
17:38:58.0674 4732 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:38:58.0675 4732 LMouFilt - ok
17:38:58.0679 4732 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:38:58.0680 4732 LSI_FC - ok
17:38:58.0683 4732 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:38:58.0685 4732 LSI_SAS - ok
17:38:58.0687 4732 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:38:58.0688 4732 LSI_SAS2 - ok
17:38:58.0691 4732 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:38:58.0692 4732 LSI_SCSI - ok
17:38:58.0695 4732 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:38:58.0696 4732 luafv - ok
17:38:58.0699 4732 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:38:58.0700 4732 Mcx2Svc - ok
17:38:58.0703 4732 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:38:58.0704 4732 megasas - ok
17:38:58.0708 4732 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:38:58.0710 4732 MegaSR - ok
17:38:58.0714 4732 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:38:58.0715 4732 MMCSS - ok
17:38:58.0717 4732 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:38:58.0718 4732 Modem - ok
17:38:58.0720 4732 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:38:58.0721 4732 monitor - ok
17:38:58.0723 4732 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:38:58.0724 4732 mouclass - ok
17:38:58.0726 4732 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:38:58.0727 4732 mouhid - ok
17:38:58.0730 4732 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:38:58.0731 4732 mountmgr - ok
17:38:58.0735 4732 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:38:58.0736 4732 MpFilter - ok
17:38:58.0740 4732 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:38:58.0741 4732 mpio - ok
17:38:58.0745 4732 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:38:58.0745 4732 mpsdrv - ok
17:38:58.0754 4732 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:38:58.0760 4732 MpsSvc - ok
17:38:58.0764 4732 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:38:58.0765 4732 MRxDAV - ok
17:38:58.0769 4732 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:38:58.0770 4732 mrxsmb - ok
17:38:58.0774 4732 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:38:58.0776 4732 mrxsmb10 - ok
17:38:58.0780 4732 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:38:58.0781 4732 mrxsmb20 - ok
17:38:58.0783 4732 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:38:58.0784 4732 msahci - ok
17:38:58.0787 4732 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:38:58.0789 4732 msdsm - ok
17:38:58.0792 4732 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:38:58.0794 4732 MSDTC - ok
17:38:58.0799 4732 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:38:58.0799 4732 Msfs - ok
17:38:58.0801 4732 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:38:58.0802 4732 mshidkmdf - ok


sawman
Premium
join:2002-04-25
BC KS

1 recommendation

17:38:58.0804 4732 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:38:58.0805 4732 msisadrv - ok
17:38:58.0808 4732 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:38:58.0810 4732 MSiSCSI - ok
17:38:58.0812 4732 msiserver - ok
17:38:58.0815 4732 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:38:58.0815 4732 MSKSSRV - ok
17:38:58.0818 4732 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
17:38:58.0819 4732 MsMpSvc - ok
17:38:58.0821 4732 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:38:58.0822 4732 MSPCLOCK - ok
17:38:58.0824 4732 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:38:58.0824 4732 MSPQM - ok
17:38:58.0830 4732 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:38:58.0834 4732 MsRPC - ok
17:38:58.0838 4732 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:38:58.0839 4732 mssmbios - ok
17:38:58.0841 4732 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:38:58.0842 4732 MSTEE - ok
17:38:58.0845 4732 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:38:58.0846 4732 MTConfig - ok
17:38:58.0848 4732 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:38:58.0849 4732 Mup - ok
17:38:58.0852 4732 [ BAA293F089077FE71F855BA5649648D9 ] mv91cons C:\Windows\system32\DRIVERS\mv91cons.sys
17:38:58.0853 4732 mv91cons - ok
17:38:58.0858 4732 [ A986DC81534582FA478C286E8F57A877 ] mvs91xx C:\Windows\system32\DRIVERS\mvs91xx.sys
17:38:58.0861 4732 mvs91xx - ok
17:38:58.0868 4732 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:38:58.0872 4732 napagent - ok
17:38:58.0877 4732 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:38:58.0880 4732 NativeWifiP - ok
17:38:58.0890 4732 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:38:58.0897 4732 NDIS - ok
17:38:58.0900 4732 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:38:58.0901 4732 NdisCap - ok
17:38:58.0903 4732 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:38:58.0903 4732 NdisTapi - ok
17:38:58.0906 4732 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:38:58.0907 4732 Ndisuio - ok
17:38:58.0911 4732 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:38:58.0911 4732 NdisWan - ok
17:38:58.0914 4732 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:38:58.0915 4732 NDProxy - ok
17:38:58.0918 4732 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:38:58.0919 4732 Net Driver HPZ12 - ok
17:38:58.0921 4732 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:38:58.0922 4732 NetBIOS - ok
17:38:58.0926 4732 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:38:58.0927 4732 NetBT - ok
17:38:58.0929 4732 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:38:58.0930 4732 Netlogon - ok
17:38:58.0935 4732 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:38:58.0938 4732 Netman - ok
17:38:58.0943 4732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:38:58.0948 4732 NetMsmqActivator - ok
17:38:58.0951 4732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:38:58.0952 4732 NetPipeActivator - ok
17:38:58.0958 4732 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:38:58.0961 4732 netprofm - ok
17:38:58.0964 4732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:38:58.0965 4732 NetTcpActivator - ok
17:38:58.0967 4732 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:38:58.0968 4732 NetTcpPortSharing - ok
17:38:58.0972 4732 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:38:58.0973 4732 nfrd960 - ok
17:38:58.0976 4732 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:38:58.0977 4732 NisDrv - ok
17:38:58.0981 4732 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
17:38:58.0983 4732 NisSrv - ok
17:38:58.0988 4732 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:38:58.0990 4732 NlaSvc - ok
17:38:58.0993 4732 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:38:58.0993 4732 Npfs - ok
17:38:58.0996 4732 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:38:58.0997 4732 nsi - ok
17:38:58.0999 4732 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:38:58.0999 4732 nsiproxy - ok
17:38:59.0016 4732 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:38:59.0029 4732 Ntfs - ok
17:38:59.0032 4732 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:38:59.0032 4732 Null - ok
17:38:59.0035 4732 [ B227E75AD10A142DD326B4CC8D73A6D9 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:38:59.0036 4732 nusb3hub - ok
17:38:59.0040 4732 [ 55959DB860E4E484681586824D09E52C ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:38:59.0041 4732 nusb3xhc - ok
17:38:59.0044 4732 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:38:59.0046 4732 nvraid - ok
17:38:59.0049 4732 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:38:59.0051 4732 nvstor - ok
17:38:59.0054 4732 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:38:59.0055 4732 nv_agp - ok
17:38:59.0058 4732 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:38:59.0059 4732 ohci1394 - ok
17:38:59.0063 4732 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:38:59.0068 4732 ose - ok
17:38:59.0108 4732 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:38:59.0125 4732 osppsvc - ok
17:38:59.0133 4732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:38:59.0135 4732 p2pimsvc - ok
17:38:59.0141 4732 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:38:59.0144 4732 p2psvc - ok
17:38:59.0148 4732 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:38:59.0149 4732 Parport - ok
17:38:59.0152 4732 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:38:59.0153 4732 partmgr - ok
17:38:59.0157 4732 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:38:59.0158 4732 PcaSvc - ok
17:38:59.0162 4732 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:38:59.0163 4732 pci - ok
17:38:59.0166 4732 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:38:59.0166 4732 pciide - ok
17:38:59.0170 4732 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:38:59.0172 4732 pcmcia - ok
17:38:59.0175 4732 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:38:59.0176 4732 pcw - ok
17:38:59.0182 4732 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:38:59.0186 4732 PEAUTH - ok
17:38:59.0199 4732 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:38:59.0209 4732 PeerDistSvc - ok
17:38:59.0219 4732 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:38:59.0221 4732 PerfHost - ok
17:38:59.0237 4732 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:38:59.0248 4732 pla - ok
17:38:59.0255 4732 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:38:59.0258 4732 PlugPlay - ok
17:38:59.0261 4732 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:38:59.0262 4732 Pml Driver HPZ12 - ok
17:38:59.0265 4732 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:38:59.0266 4732 PNRPAutoReg - ok
17:38:59.0270 4732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:38:59.0272 4732 PNRPsvc - ok
17:38:59.0278 4732 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:38:59.0282 4732 PolicyAgent - ok
17:38:59.0287 4732 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:38:59.0288 4732 Power - ok
17:38:59.0291 4732 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:38:59.0292 4732 PptpMiniport - ok
17:38:59.0295 4732 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:38:59.0296 4732 Processor - ok
17:38:59.0299 4732 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:38:59.0301 4732 ProfSvc - ok
17:38:59.0304 4732 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:38:59.0304 4732 ProtectedStorage - ok
17:38:59.0308 4732 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:38:59.0308 4732 Psched - ok
17:38:59.0322 4732 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:38:59.0333 4732 ql2300 - ok
17:38:59.0337 4732 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:38:59.0338 4732 ql40xx - ok
17:38:59.0342 4732 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:38:59.0345 4732 QWAVE - ok
17:38:59.0348 4732 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:38:59.0349 4732 QWAVEdrv - ok
17:38:59.0353 4732 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:38:59.0358 4732 RapiMgr - ok
17:38:59.0361 4732 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:38:59.0361 4732 RasAcd - ok
17:38:59.0364 4732 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:38:59.0364 4732 RasAgileVpn - ok
17:38:59.0368 4732 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:38:59.0370 4732 RasAuto - ok
17:38:59.0373 4732 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:38:59.0373 4732 Rasl2tp - ok
17:38:59.0378 4732 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:38:59.0382 4732 RasMan - ok
17:38:59.0385 4732 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:38:59.0386 4732 RasPppoe - ok
17:38:59.0388 4732 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:38:59.0389 4732 RasSstp - ok
17:38:59.0393 4732 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:38:59.0395 4732 rdbss - ok
17:38:59.0398 4732 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:38:59.0398 4732 rdpbus - ok
17:38:59.0401 4732 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:38:59.0401 4732 RDPCDD - ok
17:38:59.0407 4732 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:38:59.0409 4732 RDPDR - ok
17:38:59.0412 4732 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:38:59.0412 4732 RDPENCDD - ok
17:38:59.0416 4732 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:38:59.0417 4732 RDPREFMP - ok
17:38:59.0421 4732 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:38:59.0423 4732 RDPWD - ok
17:38:59.0428 4732 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:38:59.0431 4732 rdyboost - ok
17:38:59.0434 4732 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:38:59.0435 4732 RemoteAccess - ok
17:38:59.0439 4732 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:38:59.0441 4732 RemoteRegistry - ok
17:38:59.0444 4732 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:38:59.0445 4732 RpcEptMapper - ok
17:38:59.0447 4732 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:38:59.0448 4732 RpcLocator - ok
17:38:59.0454 4732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:38:59.0457 4732 RpcSs - ok
17:38:59.0460 4732 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:38:59.0460 4732 rspndr - ok
17:38:59.0467 4732 [ 6CF9DB101A75360E98659F823852E540 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:38:59.0472 4732 RTL8167 - ok
17:38:59.0474 4732 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:38:59.0475 4732 s3cap - ok
17:38:59.0477 4732 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:38:59.0478 4732 SamSs - ok
17:38:59.0481 4732 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:38:59.0482 4732 sbp2port - ok
17:38:59.0486 4732 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:38:59.0488 4732 SCardSvr - ok
17:38:59.0491 4732 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:38:59.0491 4732 scfilter - ok
17:38:59.0502 4732 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:38:59.0509 4732 Schedule - ok
17:38:59.0512 4732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:38:59.0513 4732 SCPolicySvc - ok
17:38:59.0517 4732 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:38:59.0519 4732 SDRSVC - ok
17:38:59.0521 4732 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:38:59.0521 4732 secdrv - ok
17:38:59.0524 4732 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:38:59.0525 4732 seclogon - ok
17:38:59.0528 4732 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:38:59.0529 4732 SENS - ok
17:38:59.0531 4732 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:38:59.0532 4732 SensrSvc - ok
17:38:59.0535 4732 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:38:59.0535 4732 Serenum - ok
17:38:59.0538 4732 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:38:59.0539 4732 Serial - ok
17:38:59.0542 4732 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:38:59.0542 4732 sermouse - ok
17:38:59.0549 4732 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:38:59.0550 4732 SessionEnv - ok
17:38:59.0553 4732 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:38:59.0553 4732 sffdisk - ok
17:38:59.0556 4732 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:38:59.0556 4732 sffp_mmc - ok
17:38:59.0558 4732 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:38:59.0559 4732 sffp_sd - ok
17:38:59.0561 4732 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:38:59.0562 4732 sfloppy - ok
17:38:59.0567 4732 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:38:59.0570 4732 SharedAccess - ok
17:38:59.0576 4732 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:38:59.0578 4732 ShellHWDetection - ok
17:38:59.0580 4732 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:38:59.0581 4732 SiSRaid2 - ok
17:38:59.0584 4732 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:38:59.0585 4732 SiSRaid4 - ok
17:38:59.0588 4732 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:38:59.0589 4732 Smb - ok
17:38:59.0594 4732 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:38:59.0595 4732 SNMPTRAP - ok
17:38:59.0601 4732 [ 5FA669007BD7874FBB70199211FFF64D ] SplashtopRemoteService C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
17:38:59.0603 4732 SplashtopRemoteService - ok
17:38:59.0606 4732 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:38:59.0606 4732 spldr - ok
17:38:59.0613 4732 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:38:59.0616 4732 Spooler - ok
17:38:59.0647 4732 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:38:59.0661 4732 sppsvc - ok
17:38:59.0665 4732 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:38:59.0667 4732 sppuinotify - ok
17:38:59.0674 4732 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:38:59.0676 4732 srv - ok
17:38:59.0682 4732 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:38:59.0684 4732 srv2 - ok
17:38:59.0688 4732 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:38:59.0689 4732 srvnet - ok
17:38:59.0692 4732 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:38:59.0694 4732 SSDPSRV - ok
17:38:59.0697 4732 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:38:59.0699 4732 SstpSvc - ok
17:38:59.0703 4732 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:38:59.0705 4732 ssudmdm - ok
17:38:59.0710 4732 [ 1CFA4A1F3C7BB4C8F299E00428EB8677 ] SSUService C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
17:38:59.0712 4732 SSUService - ok
17:38:59.0714 4732 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:38:59.0715 4732 stexstor - ok
17:38:59.0718 4732 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:38:59.0718 4732 StillCam - ok
17:38:59.0726 4732 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:38:59.0731 4732 stisvc - ok
17:38:59.0734 4732 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:38:59.0735 4732 storflt - ok
17:38:59.0737 4732 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:38:59.0738 4732 StorSvc - ok
17:38:59.0741 4732 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:38:59.0741 4732 storvsc - ok
17:38:59.0744 4732 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:38:59.0744 4732 swenum - ok
17:38:59.0750 4732 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:38:59.0755 4732 swprv - ok
17:38:59.0772 4732 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:38:59.0786 4732 SysMain - ok
17:38:59.0789 4732 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:38:59.0790 4732 TabletInputService - ok
17:38:59.0795 4732 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:38:59.0798 4732 TapiSrv - ok
17:38:59.0801 4732 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:38:59.0803 4732 TBS - ok
17:38:59.0819 4732 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:38:59.0834 4732 Tcpip - ok
17:38:59.0850 4732 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:38:59.0857 4732 TCPIP6 - ok
17:38:59.0861 4732 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:38:59.0862 4732 tcpipreg - ok
17:38:59.0866 4732 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:38:59.0866 4732 TDPIPE - ok
17:38:59.0870 4732 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:38:59.0870 4732 TDTCP - ok
17:38:59.0873 4732 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:38:59.0874 4732 tdx - ok
17:38:59.0877 4732 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:38:59.0877 4732 TermDD - ok
17:38:59.0885 4732 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:38:59.0890 4732 TermService - ok
17:38:59.0893 4732 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:38:59.0894 4732 Themes - ok
17:38:59.0897 4732 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:38:59.0898 4732 THREADORDER - ok
17:38:59.0901 4732 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:38:59.0902 4732 TrkWks - ok
17:38:59.0907 4732 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:38:59.0908 4732 TrustedInstaller - ok
17:38:59.0912 4732 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:38:59.0913 4732 tssecsrv - ok
17:38:59.0916 4732 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:38:59.0917 4732 TsUsbFlt - ok
17:38:59.0921 4732 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:38:59.0922 4732 tunnel - ok
17:38:59.0925 4732 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:38:59.0926 4732 uagp35 - ok
17:38:59.0931 4732 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:38:59.0934 4732 udfs - ok
17:38:59.0940 4732 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:38:59.0942 4732 UI0Detect - ok
17:38:59.0945 4732 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:38:59.0946 4732 uliagpkx - ok
17:38:59.0949 4732 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:38:59.0950 4732 umbus - ok
17:38:59.0953 4732 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:38:59.0954 4732 UmPass - ok
17:38:59.0958 4732 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:38:59.0960 4732 UmRdpService - ok
17:38:59.0966 4732 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:38:59.0970 4732 upnphost - ok
17:38:59.0975 4732 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:38:59.0976 4732 usbaudio - ok
17:38:59.0980 4732 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:38:59.0981 4732 usbccgp - ok
17:38:59.0985 4732 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:38:59.0986 4732 usbcir - ok
17:38:59.0990 4732 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:38:59.0990 4732 usbehci - ok
17:38:59.0996 4732 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:38:59.0999 4732 usbhub - ok
17:39:00.0002 4732 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:39:00.0003 4732 usbohci - ok
17:39:00.0006 4732 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:39:00.0007 4732 usbprint - ok
17:39:00.0010 4732 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:39:00.0011 4732 USBSTOR - ok
17:39:00.0015 4732 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:39:00.0016 4732 usbuhci - ok
17:39:00.0020 4732 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:39:00.0021 4732 UxSms - ok
17:39:00.0024 4732 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:39:00.0025 4732 VaultSvc - ok
17:39:00.0028 4732 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:39:00.0029 4732 vdrvroot - ok
17:39:00.0037 4732 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:39:00.0041 4732 vds - ok
17:39:00.0044 4732 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:39:00.0045 4732 vga - ok
17:39:00.0048 4732 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:39:00.0048 4732 VgaSave - ok
17:39:00.0053 4732 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:39:00.0055 4732 vhdmp - ok
17:39:00.0057 4732 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:39:00.0058 4732 viaide - ok
17:39:00.0062 4732 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:39:00.0064 4732 vmbus - ok
17:39:00.0068 4732 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:39:00.0069 4732 VMBusHID - ok
17:39:00.0072 4732 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:39:00.0073 4732 volmgr - ok
17:39:00.0078 4732 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:39:00.0082 4732 volmgrx - ok
17:39:00.0087 4732 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:39:00.0090 4732 volsnap - ok
17:39:00.0096 4732 [ 239D8D72730226CD460BDC8CA0A23D43 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
17:39:00.0098 4732 Vsdatant - ok
17:39:00.0100 4732 vsmon - ok
17:39:00.0104 4732 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:39:00.0106 4732 vsmraid - ok
17:39:00.0120 4732 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:39:00.0127 4732 VSS - ok
17:39:00.0135 4732 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:39:00.0136 4732 vwifibus - ok
17:39:00.0141 4732 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:39:00.0144 4732 W32Time - ok
17:39:00.0148 4732 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:39:00.0149 4732 WacomPen - ok
17:39:00.0152 4732 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:39:00.0152 4732 WANARP - ok
17:39:00.0155 4732 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:39:00.0155 4732 Wanarpv6 - ok
17:39:00.0167 4732 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:39:00.0188 4732 WatAdminSvc - ok
17:39:00.0203 4732 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:39:00.0217 4732 wbengine - ok
17:39:00.0221 4732 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:39:00.0224 4732 WbioSrvc - ok
17:39:00.0229 4732 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:39:00.0237 4732 WcesComm - ok
17:39:00.0242 4732 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:39:00.0245 4732 wcncsvc - ok
17:39:00.0248 4732 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:39:00.0249 4732 WcsPlugInService - ok
17:39:00.0252 4732 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:39:00.0253 4732 Wd - ok
17:39:00.0259 4732 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:39:00.0265 4732 Wdf01000 - ok
17:39:00.0268 4732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:39:00.0269 4732 WdiServiceHost - ok
17:39:00.0272 4732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:39:00.0273 4732 WdiSystemHost - ok
17:39:00.0277 4732 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:39:00.0281 4732 WebClient - ok
17:39:00.0285 4732 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:39:00.0288 4732 Wecsvc - ok
17:39:00.0291 4732 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:39:00.0292 4732 wercplsupport - ok
17:39:00.0295 4732 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:39:00.0296 4732 WerSvc - ok
17:39:00.0299 4732 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:39:00.0299 4732 WfpLwf - ok
17:39:00.0302 4732 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:39:00.0302 4732 WIMMount - ok
17:39:00.0304 4732 WinDefend - ok
17:39:00.0309 4732 WinHttpAutoProxySvc - ok
17:39:00.0315 4732 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:39:00.0321 4732 Winmgmt - ok
17:39:00.0398 4732 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 E:\Downloads\pre 3-18-12\RealTemp_370\WinRing0x64.sys
17:39:00.0401 4732 WinRing0_1_2_0 - ok
17:39:00.0418 4732 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:39:00.0434 4732 WinRM - ok
17:39:00.0440 4732 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:39:00.0440 4732 WinUsb - ok
17:39:00.0449 4732 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:39:00.0457 4732 Wlansvc - ok
17:39:00.0459 4732 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:39:00.0460 4732 WmiAcpi - ok
17:39:00.0465 4732 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:39:00.0469 4732 wmiApSrv - ok
17:39:00.0471 4732 WMPNetworkSvc - ok
17:39:00.0474 4732 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:39:00.0476 4732 WPCSvc - ok
17:39:00.0479 4732 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:39:00.0481 4732 WPDBusEnum - ok
17:39:00.0483 4732 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:39:00.0484 4732 ws2ifsl - ok
17:39:00.0487 4732 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:39:00.0489 4732 wscsvc - ok
17:39:00.0491 4732 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:39:00.0492 4732 WSDPrintDevice - ok
17:39:00.0494 4732 WSearch - ok
17:39:00.0526 4732 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:39:00.0543 4732 wuauserv - ok
17:39:00.0547 4732 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:39:00.0548 4732 WudfPf - ok
17:39:00.0552 4732 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:39:00.0552 4732 WUDFRd - ok
17:39:00.0555 4732 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:39:00.0557 4732 wudfsvc - ok
17:39:00.0561 4732 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:39:00.0564 4732 WwanSvc - ok
17:39:00.0567 4732 ================ Scan global ===============================
17:39:00.0569 4732 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:39:00.0572 4732 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:39:00.0577 4732 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:39:00.0580 4732 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:39:00.0585 4732 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:39:00.0587 4732 [Global] - ok
17:39:00.0587 4732 ================ Scan MBR ==================================
17:39:00.0589 4732 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:39:00.0628 4732 \Device\Harddisk0\DR0 - ok
17:39:00.0667 4732 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:39:00.0685 4732 \Device\Harddisk1\DR1 - ok
17:39:00.0688 4732 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:39:00.0690 4732 \Device\Harddisk2\DR2 - ok
17:39:00.0699 4732 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
17:39:00.0701 4732 \Device\Harddisk3\DR3 - ok
17:39:00.0723 4732 ================ Scan VBR ==================================
17:39:00.0725 4732 [ ABD741CF29BDB0933B1F8A44770A3C71 ] \Device\Harddisk0\DR0\Partition1
17:39:00.0725 4732 \Device\Harddisk0\DR0\Partition1 - ok
17:39:00.0727 4732 [ 0CEAFF4423B9C5452D46F5981965B3BA ] \Device\Harddisk0\DR0\Partition2
17:39:00.0728 4732 \Device\Harddisk0\DR0\Partition2 - ok
17:39:00.0730 4732 [ C3F9D1C1736107D7DE71831DD4BC8ECF ] \Device\Harddisk2\DR2\Partition1
17:39:00.0731 4732 \Device\Harddisk2\DR2\Partition1 - ok
17:39:00.0733 4732 [ 49B5E89B31168E0E3A866EAE7981067E ] \Device\Harddisk3\DR3\Partition1
17:39:00.0734 4732 \Device\Harddisk3\DR3\Partition1 - ok
17:39:00.0743 4732 ============================================================
17:39:00.0743 4732 Scan finished
17:39:00.0743 4732 ============================================================
17:39:00.0776 4996 Detected object count: 0
17:39:00.0776 4996 Actual detected object count: 0
17:42:04.0120 4396 Deinitialize success


LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26
Reviews:
·Comcast

2 recommendations

reply to sawman
The logs do not show Jolywallet or PricePeep anywhere except Chrome. No sign of Claro search but it may ahve come with Jolywallet.

Check your Chrome extensions and remove Jolywallet and PricePeep. Restart Chrome.

Then post back with a status update re these annoyances and also if Claro still shows up

Note: I am making the assumption that Claro, JolyWallet and PricePeep are only affecting Chrome. This is based on your commenst and the logs. If I'm wrong, let me know.
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum


sawman
Premium
join:2002-04-25
BC KS

Re: claro search/jollywallet/pricepeep cleaned?I believe so.

Well thank you, it was as simple as removing it's entry as a Chrome strarup page. I was imagining more insidious goings on.


LoPhatPhuud
Premium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:26
Reviews:
·Comcast

2 recommendations

reply to sawman

Re: claro search/jollywallet/pricepeep cleaned?no

It never hurts to be safe!

Here are the cleanup instructions...

Cleaning Up:

Delete TFC:
  • Delete the TFC icon on your Desktop

Delete OTL:
  • Double click the OTL icon on your Desktop
  • Press the 'Cleanup' button

Delete Security Check:
  • Delete the SecurityCheck icon on your Desktop

Delete Malware Bytes:
  • We recommend that you keep MalwareBytes (MBAM) and run it every week. There is no charge to keep the program however the real time protection will stop after the trial period. Be sure to update the definitions before each use. If you decide not to keep MBAM, use Add/Remove Programs to uninstall it.

Delete Sophos AntiRootkit
  • If we asked you to run Sophos AntiRootkit program, uninstall it thru Add/Remove Programs.

Other Programs:
  • If we asked you to install any other programs that are not removed by the OTL cleanup procedure, we will provide separate removal instructions.

--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum