|
|
| Computer Technical Help Post your questions about computer hardware and software and configuring same here. |
07-11-2012, 01:30 PM
|
#1
|
|
No reason to get excited
Join Date: May 2004
Location: Bingo, Bango, Bongo
Posts: 4,487
|
I think I have a virus but am not sure and need help.
This weekend I got a call from an airline asking if I bought tickets through paypal. I didn't. I checked my bank account and there were several small purchases that I didn't make. I went to the bank and closed my card.
So I'm thinking that I have a keylogger on my computer so I run my antivirus (avira). The scan turns up a hidden object and I am prompted to download and run a rescue disk. I download the disk but I can't find the file. When I try to open the folder it is in directly from Chrome, it gives me an error message. So I then save it to my desktop and I can't see the file there after it gets done downloading. I use another computer to download the file and it appears on the that desktop. I burn the disk and try to run it but I get this error message: "Self check failed--The file failed the check."
So I then download a rescue disk from Kaspersky from the infected computer and burn it. It runs and I do a scan. The scan completes and says that I am clean but during the scan I get a couple messages that say a file is password protected. This message doesn't have an option on it to explain what it means.
So now I don't know what to do. I don't really trust the Kaspersky scan. I did run Avira once again and I still get the hidden object message. I would really appreciate it if someone would tell me what to do next.
|
|
|
|
07-12-2012, 08:21 AM
|
#2
|
|
Malware Jedi
Join Date: Oct 2007
Location: In front of my monitor
Posts: 12,972
|
Re: I think I have a virus but am not sure and need help.
Hidden objects are not necessarily malware
Please download OTL by OldTimer from here and save it to your desktop. - Close all windows and double click OTL.exe.
- The Extra Registry setting should be Use Safelist
- Copy and paste the following text into the Custom Scans/Fixes box:
Code:
%APPDATA%\Microsoft\*.*
%systemroot%\system32\config\systemprofile\*.dat /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\winn32\*.*
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%PROGRAMFILES%\Mozilla Firefox\*.exe
%ProgramFiles%\TinyProxy.
%systemroot%\system32\*.* /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.* /lockedfiles
%PROGRAMFILES%\*.
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
netlogon.dll
explorer.exe
userinit.exe
winlogon.exe
services.exe
svchost.exe
*.xpi
/md5stop
CREATERESTOREPOINT
hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
hkcu\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
hklm\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
- Click the Run Scan button and allow it to run.
- It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
- You may need multiple posts to get it all.
====================
- Download TDSSKiller by Kaspersky from here and save it to your desktop
- Doubleclick TDSSKiller.exe to run the tool
- Click the Start Scan button
- After the scan has finished, click the Close button
- Click the Report button and copy/paste the contents of it into your next reply
- The report can also be found in the root of your Windows drive (most likely C:\).
|
|
|
|
|
07-12-2012, 08:33 PM
|
#3
|
|
No reason to get excited
Join Date: May 2004
Location: Bingo, Bango, Bongo
Posts: 4,487
|
Re: I think I have a virus but am not sure and need help.
Here's extras.txt
Quote:
OTL Extras logfile created on: 7/12/2012 3:35:55 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Nate\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 59.96% Memory free
8.21 Gb Paging File | 6.27 Gb Available in Paging File | 76.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.17 Gb Total Space | 141.69 Gb Free Space | 23.77% Space Free | Partition Type: NTFS
Drive D: | 267.90 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 596.17 Gb Total Space | 134.83 Gb Free Space | 22.62% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: Nate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = 4B 11 7D 48 91 38 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{ED4F0B63-33FE-4B50-B123-FE9D348BE49C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{035C0F00-6D38-47BE-B580-B9ACA0F109B3}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{0402FACF-EE61-4F69-B4F1-4D55E61058E4}" = protocol=6 | dir=in | app=c:\program files (x86)\veetle\player\veetlenet.exe |
"{06FB3CEB-3320-4D52-A6EC-0EC6EE7BC30D}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{0A5C36B1-D1C9-41AE-9CC5-A186C4BFEC88}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{0B1ADDD0-67AA-4FEB-B645-B0441BDE6E14}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{19A0D1A6-594D-4B8C-AA25-A4ED4FA0DE1D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{27E6421A-869E-4AAC-AEC0-11D9465E210D}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{28471EC6-54D7-4D4D-B82F-78A9800E1818}" = protocol=6 | dir=in | app=c:\program files (x86)\rapidsolution\tunebite\tunebitehelper.exe |
"{35824C6D-CBED-4921-9194-4E8911BA7BAC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{38B42393-3D40-414E-BCBC-91BE498AF218}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{3A44D5E7-0E0A-4275-A612-AC9DC82EFE2E}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{46D5F35B-77C1-4AC8-A1E7-1A7BF17804F9}" = protocol=6 | dir=in | app=c:\program files (x86)\rvg software\holdem manager\hmhud.exe |
"{47053E48-3A0F-439A-BD07-0201BBD652EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{48F2BAD0-EFE1-4B30-B611-92F62AF34ED0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4BA8038C-3FAD-43EC-81E8-4CA00FB4AEB4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4F48B32F-CDD0-4BC6-B5D0-F965C4022474}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{515080C1-4E49-4FB8-A387-30A13B85E3EF}" = protocol=17 | dir=in | app=c:\program files (x86)\cake poker 2.0\pokerclient.exe |
"{528153EE-E1C4-461C-BF1A-4CA67D90409C}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwupdate.exe |
"{55FA796F-42A0-43DD-9AF0-E15C5B27B7C1}" = protocol=6 | dir=in | app=c:\program files (x86)\lucasarts\star wars the force unleashed 2\swtfu2.exe |
"{59DF846B-3F78-4F10-BADB-3AB0E710303A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{5ACBBEE9-1998-4015-9AFF-AE1BD7244E02}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"{5BA1DBCC-F9E3-4C85-B4CF-C044FED10F24}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{5F7C4B80-A606-4FBD-8BDA-8E3FC09FD576}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{5FFC11D2-BF0A-4ED4-B2B7-15350BABC1FC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{6194873D-46C6-40F6-B9F9-B433AED6C9B2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{6FFB5F30-49C1-4A1C-B582-FE9DA36D1286}" = protocol=6 | dir=in | app=c:\program files (x86)\cake poker 2.0\pokerclient.exe |
"{7D4BC343-E84A-45EB-AFB3-B2D81B3D284F}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{92F5313F-84D0-4D6F-9D50-5C5BA97123EC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe |
"{9327E1EB-6BCF-45EE-BE46-AD5F5BAFFD7C}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2server.exe |
"{942FCD80-71E7-4914-BC8E-31DB83135674}" = protocol=6 | dir=in | app=c:\program files (x86)\rvg software\holdem manager\holdemmanager.exe |
"{9E3AE0C0-17ED-4599-8D96-C7EF78628F4C}" = dir=in | app=c:\windows\system32\lxeccoms.exe |
"{9ECB8F60-3775-47A3-8CB9-37C2CB371737}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{A0322E4A-4675-44FB-B279-FBA3F37A5CF9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe |
"{A965D681-1D5C-412E-B00D-355C0C35E7AD}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{AACB6E20-FC42-4288-8598-FB1010F25A6D}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main.exe |
"{ACBC3F9C-C37D-4EEE-B965-AD1292D6A7FA}" = protocol=17 | dir=in | app=c:\program files (x86)\rvg software\holdem manager\hmhud.exe |
"{AFA4BE68-C727-4114-BA2D-B0D430DC9D75}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B03F6427-D23D-4DAA-802F-D56FFB47AFEE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B4F91F33-19CA-4E6D-AD1C-D929CD0A0C9D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe |
"{B6F97962-4B3B-433B-8463-F09A5E938D24}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{BD42B070-85A2-4D7B-B128-30EFD4503CF0}" = protocol=17 | dir=in | app=c:\program files (x86)\rvg software\holdem manager\holdemmanager.exe |
"{BEBE6796-A4BF-49B3-8A06-FB1E9A1630C9}" = protocol=6 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\sp\builds\binaries\bioshock2.exe |
"{BFAD97FF-5D7B-4EF3-8CAE-2B64FF95FD64}" = protocol=17 | dir=in | app=c:\program files (x86)\rapidsolution\tunebite\tunebitehelper.exe |
"{C123F843-F468-4568-B0E8-5E8958B3EADA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C82C6893-40F9-42C4-9603-38A24F9F106F}" = protocol=6 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main.exe |
"{CFEA494B-C020-4928-AB7B-5B0DE76241C9}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwupdate.exe |
"{D0FB764D-0025-4150-BBF1-B5FA2A14ACCF}" = protocol=17 | dir=in | app=c:\program files (x86)\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{D1D1B687-B62F-4BD0-A521-21526406D829}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{D21B2D88-A96E-4155-89DA-359BC94BCC74}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{D70D5EA0-FACC-44EC-8B13-5B4D96FB46F9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DC21C302-C0FF-46E7-9163-A8B9D0A5FA6E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{DEADABED-7E7B-41E7-920E-8D06BE2527CB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E0460E2D-F69E-474C-892C-5B1C52283A59}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{E43F82ED-4AB6-432C-A6BD-1FD5929798FA}" = dir=in | app=c:\program files (x86)\freefileviewer\ffvcheckforupdates.exe |
"{ED397533-90C9-4265-B025-AF3F36013E88}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F1BA1B69-BC12-425F-B330-870735F62457}" = protocol=17 | dir=in | app=c:\program files (x86)\2k games\bioshock 2\mp\builds\binaries\bioshock2.exe |
"{F991D8F1-1B0A-4508-B616-51B896D20E45}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{FB863C78-5D1E-4A00-8D96-E0467B543ED7}" = protocol=17 | dir=in | app=c:\program files (x86)\lucasarts\star wars the force unleashed 2\swtfu2.exe |
"{FF8101B7-7B12-4EE8-BA8D-27BA55F3FFF8}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{0D77B768-02C5-423D-851C-33428C26278E}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{1DCD34E9-38DA-4D4E-B118-8FC0A141F0AF}C:\program files (x86)\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pfportchecker\pfportchecker.exe |
"TCP Query User{5A6E8281-20F7-4B17-8BB9-158FF18FD7E9}C:\program files (x86)\maple 12\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\maple 12\jre\bin\java.exe |
"TCP Query User{60D4C8B0-8320-4579-A606-6BEF3A35FF89}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe |
"TCP Query User{6C49D30C-F3E4-4706-A3E9-6791D7500E0C}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{9CF75615-58C9-45CD-9083-A8D9528938D5}C:\program files (x86)\maple 12\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files (x86)\maple 12\jre\bin\maple.exe |
"TCP Query User{A769376D-4C80-4694-A83A-069A34BA1C73}C:\xampp\apache\bin\apache.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\apache.exe |
"TCP Query User{B8522611-AA2F-4DCB-AD51-921A03389CC5}C:\program files (x86)\maxis\simcity 3000 unlimited\apps\updater\updater.exe" = protocol=6 | dir=in | app=c:\program files (x86)\maxis\simcity 3000 unlimited\apps\updater\updater.exe |
"TCP Query User{BACAF7BA-953A-4648-93EC-6679F6789C5A}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{C9DB4706-250A-4D6B-AEA7-4C801ED527AC}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{D4AC2A8A-0219-47CF-A2EE-A7E628AB7087}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{F1594BFB-59F1-4979-930D-423105370CBF}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{207E3CF7-48DC-4FB6-881C-3966ECC88E50}C:\program files (x86)\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pfportchecker\pfportchecker.exe |
"UDP Query User{3004AA38-2E23-4DEA-AB5C-0D00ADD0167F}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{393543A8-ADE4-45F8-AFC3-34E0A2A46B3B}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe |
"UDP Query User{411D31FF-9610-4F3D-9BE0-E92FB88AB83B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{44681135-7F5E-4A7A-98DC-E09AB0F02F5A}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{5AED880B-ACE1-42F9-8DB8-02D03FFD913E}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{5F77E7BF-0BCE-471C-8E1F-6F4307D70A8E}C:\program files (x86)\maxis\simcity 3000 unlimited\apps\updater\updater.exe" = protocol=17 | dir=in | app=c:\program files (x86)\maxis\simcity 3000 unlimited\apps\updater\updater.exe |
"UDP Query User{AE76CFFE-E592-4DEB-94A2-3F4C18AEDDE2}C:\program files (x86)\maple 12\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files (x86)\maple 12\jre\bin\maple.exe |
"UDP Query User{B099860B-B14F-45DD-ADAF-BDFA6F507668}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{B548CA41-C4DD-4EFC-A001-52B10160116A}C:\program files (x86)\maple 12\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\maple 12\jre\bin\java.exe |
"UDP Query User{C361A688-C73D-4FC1-BE34-1BB40C8CF6CF}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{DEAF37A5-E948-42B8-B0FC-69B5683E3AAB}C:\xampp\apache\bin\apache.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\apache.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23170F69-40C1-2702-0457-000001000000}" = 7-Zip 4.57 (x64 edition)
"{249E9ED4-1C67-4DA5-9E39-F0F09AFD93B7}" = Logitech QuickCam
"{39600969-41C3-4658-876E-16F108FC5C92}" = ISO Recorder
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{51AFB69C-1C54-4C77-A888-2860F8CD3E7E}" = Paint.NET v3.31
"{58BF5D14-CBCF-473C-B0E0-A7955A23224E}" = Logitech Gaming Software 64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"doPDF 6 printer_is1" = doPDF 6.2 printer
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"lvdrivers_11.80" = Logitech QuickCam Driver Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"OEMInformation" = OEM Logo and Information
"PeerGuardian_is1" = PeerGuardian 2.0
"UltSounds" = Windows Sound Schemes
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{081E9C12-640B-4EAD-8875-45F3592266E0}" = Flopzilla
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{173F2B02-2AAA-414F-A2D8-44870BB98F7A}" = Shaun White Skateboarding
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1E9141FE-2F97-43AC-B14E-0CE2635E59FD}" = United LTC Quote
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F701DBD-1660-4108-B10A-FB435EA63BF0}" = PostgreSQL 8.2
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 5
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{362F8AC6-4EA5-C5AC-ED7E-1F49F0EE20D5}" = TweetDeck
"{38CEB5E4-8F71-44C8-8D19-AD1045D9A50C}" = Windows OEM Preinstallation Kit
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{4B7IL77L-LKS1-75B1-SKYRIM-18CD6E6334R1}_is1" = The Elder Scrolls V - Skyrim version 1.0
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{588BE3E6-6043-4F8D-82C2-DFF118B5CEE1}" = Empire XP 6
"{5BF1A207-1D9B-4E97-8E95-147B9D0EA8BB}" = LTCCEO
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{621FCD24-4498-4324-A81E-07D331376EDF}" = PixiePack Codec Pack
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B755EC3-C709-4F5C-BC58-BC0D3967B6B6}" = Folding@home-x86
"{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.24
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BCC07D2-4841-4450-81AA-A074C0969C44}_is1" = Civilization V Deluxe Edition
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B307D9D-899A-4B51-A722-2A240D3C7748}" = Holdem Manager
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B33CD700-6738-11D4-87FE-0080C6F974A2}" = eyeQ
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B40EA8AE-322B-46DE-B422-480A40F43AEE}" = Brain Trainer
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"AutoHotkey" = AutoHotkey 1.0.47.06
"Avira AntiVir Desktop" = Avira Free Antivirus
"Braid/EN/PL-English_is1" = Braid
"Brain Builder 3.0" = Brain Builder 3.0
"Brain Fitness" = Brain Fitness
"Brain Fitness Program" = Brain Fitness Program
"Brain Workshop_is1" = Brain Workshop 4.8.1
"CDisplay_is1" = CDisplay 1.8
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B3204 85DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"Deus Ex" = Deus Ex
"DivX Setup.divx.com" = DivX Setup
"DriverAgent" = %s Plugin for Netscape by eSupport.com
"DVD Shrink_is1" = DVD Shrink 3.2
"ExpressBurn" = Express Burn
"ExpressRip" = Express Rip
"Fahrenheit (Indigo Prophecy)_is1" = Fahrenheit (Indigo Prophecy)
"Foldit" = Foldit
"FreeFileViewer_is1" = Free File Viewer 2011
"FuturixImager" = FuturixImager 5.8.8
"General 4.5e" = General 4.5e
"ImgBurn" = ImgBurn
"InfraRecorder" = InfraRecorder
"InstallShield_{58BF5D14-CBCF-473C-B0E0-A7955A23224E}" = Logitech Gaming Software 64
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mnemosyne_is1" = Mnemosyne 1.2
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MS Access 97 SP2" = MS Access 97 SP2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 11.62.1347" = Opera 11.62
"PFPortChecker" = PFPortChecker 1.0.36
"Play Attention" = Play Attention
"PokerStars.net" = PokerStars.net
"Prism" = Prism Video Converter
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 15.0" = RealPlayer
"Samsung ML-1710 Series" = Samsung ML-1710 Series
"Samsung ML-2525W Series" = Maintenance Samsung ML-2525W Series
"SitNGoWizard" = SitNGo Wizard
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"Stardock Central" = Stardock Central
"Transcribe!_is1" = Transcribe! 7.31
"Trusted Software Assistant_is1" = File Type Assistant
"TTSReader" = TTSReader 1.30
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Veetle TV" = Veetle TV
"VLC media player" = VideoLAN VLC media player 0.8.6h
"vShare" = vShare Plugin
"WheelMouse" = Mouse Suite v1.2
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"xampp" = XAMPP 1.7.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
"{DBFF7A38-F460-419A-A2E7-2D55BD2D9AD4}" = Dynasty Warriors 4 Hyper
"Black Chip Poker" = Black Chip Poker
"Google Chrome" = Google Chrome
"Universal Replayer" = Universal Replayer
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/9/2012 5:51:37 PM | Computer Name = User-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Warning:
DocumentRoot [C:/xampp/htdocs/drupal/sites/pokerrefugee] does not exist .
Error - 7/9/2012 5:52:41 PM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/9/2012 6:50:48 PM | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Faulting application CivilizationV_DX11.exe, version 1.0.0.17, time
stamp 0x4c9b9292, faulting module kernel32.dll, version 6.0.6002.18449, time stamp
0x4da47a32, exception code 0x0000087a, fault offset 0x0001c83b, process id 0x6d0,
application start time 0x01cd5e1e2e808988.
Error - 7/10/2012 9:46:50 PM | Computer Name = User-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Warning:
DocumentRoot [C:/xampp/htdocs/drupal/sites/pokerrefugee] does not exist .
Error - 7/10/2012 9:47:54 PM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/10/2012 9:54:19 PM | Computer Name = User-PC | Source = Application Hang | ID = 1002
Description = The program CivilizationV_DX11.exe version 1.0.0.17 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1aa8 Start Time: 01cd5f07d717d6cb Termination Time: 73
Error - 7/10/2012 11:56:08 PM | Computer Name = User-PC | Source = Application Error | ID = 1000
Description = Faulting application CivilizationV_DX11.exe, version 1.0.0.17, time
stamp 0x4c9b9292, faulting module kernel32.dll, version 6.0.6002.18449, time stamp
0x4da47a32, exception code 0x0000087a, fault offset 0x0001c83b, process id 0xbd4,
application start time 0x01cd5f087554eeeb.
Error - 7/11/2012 12:29:51 AM | Computer Name = User-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Warning:
DocumentRoot [C:/xampp/htdocs/drupal/sites/pokerrefugee] does not exist .
Error - 7/11/2012 12:30:49 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/12/2012 4:24:44 AM | Computer Name = User-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Warning:
DocumentRoot [C:/xampp/htdocs/drupal/sites/pokerrefugee] does not exist .
Error - 7/12/2012 4:24:58 AM | Computer Name = User-PC | Source = WinMgmt | ID = 10
Description =
[ SitNGoWizard Events ]
Error - 3/31/2012 12:07:07 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = at System.Collections.ArrayList.get_Item(Int32 index) at SitNGoWizard.NewGameForm.UpdatePlayers()
at SitNGoWizard.NewGameForm.NewGameForm_FormClosing(O bject sender, FormClosingEventArgs
e) at System.Windows.Forms.Form.OnFormClosing(FormClosin gEventArgs e) at System.Windows.Forms.Form.CheckCloseDialog(Boolean
closingOnly)
Error - 3/31/2012 12:07:08 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = Index was out of range. Must be non-negative and less than the size
of the collection. Parameter name: index
Error - 3/31/2012 12:07:08 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = at System.Collections.ArrayList.get_Item(Int32 index) at SitNGoWizard.NewGameForm.UpdatePlayers()
at SitNGoWizard.NewGameForm.NewGameForm_FormClosing(O bject sender, FormClosingEventArgs
e) at System.Windows.Forms.Form.OnFormClosing(FormClosin gEventArgs e) at System.Windows.Forms.Form.CheckCloseDialog(Boolean
closingOnly)
Error - 3/31/2012 12:07:09 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = Index was out of range. Must be non-negative and less than the size
of the collection. Parameter name: index
Error - 3/31/2012 12:07:09 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = at System.Collections.ArrayList.get_Item(Int32 index) at SitNGoWizard.NewGameForm.UpdatePlayers()
at SitNGoWizard.NewGameForm.NewGameForm_FormClosing(O bject sender, FormClosingEventArgs
e) at System.Windows.Forms.Form.OnFormClosing(FormClosin gEventArgs e) at System.Windows.Forms.Form.CheckCloseDialog(Boolean
closingOnly)
Error - 3/31/2012 12:07:10 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = Index was out of range. Must be non-negative and less than the size
of the collection. Parameter name: index
Error - 3/31/2012 12:07:10 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = at System.Collections.ArrayList.get_Item(Int32 index) at SitNGoWizard.NewGameForm.UpdatePlayers()
at SitNGoWizard.NewGameForm.NewGameForm_FormClosing(O bject sender, FormClosingEventArgs
e) at System.Windows.Forms.Form.OnFormClosing(FormClosin gEventArgs e) at System.Windows.Forms.Form.CheckCloseDialog(Boolean
closingOnly)
Error - 3/31/2012 12:07:13 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = Index was out of range. Must be non-negative and less than the size
of the collection. Parameter name: index
Error - 3/31/2012 12:07:13 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = at System.Collections.ArrayList.get_Item(Int32 index) at SitNGoWizard.NewGameForm.UpdatePlayers()
at SitNGoWizard.NewGameForm.NewGameForm_FormClosing(O bject sender, FormClosingEventArgs
e) at System.Windows.Forms.Form.OnFormClosing(FormClosin gEventArgs e) at System.Windows.Forms.Form.CheckCloseDialog(Boolean
closingOnly)
Error - 3/31/2012 12:07:15 PM | Computer Name = User-PC | Source = SitNGoWizard | ID = 1
Description = Index was out of range. Must be non-negative and less than the size
of the collection. Parameter name: index
[ System Events ]
Error - 7/11/2012 12:29:09 AM | Computer Name = User-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 7/11/2012 12:29:09 AM | Computer Name = User-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 7/11/2012 12:29:52 AM | Computer Name = User-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\lilsgt.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 7/11/2012 12:30:50 AM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7/11/2012 12:30:50 AM | Computer Name = User-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 7/12/2012 4:23:06 AM | Computer Name = User-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 7/12/2012 4:23:06 AM | Computer Name = User-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 7/12/2012 4:24:42 AM | Computer Name = User-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\DRIVERS\lilsgt.sys has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 7/12/2012 4:24:58 AM | Computer Name = User-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7/12/2012 4:25:06 AM | Computer Name = User-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
|
|
|
|
|
|
07-12-2012, 08:34 PM
|
#4
|
|
No reason to get excited
Join Date: May 2004
Location: Bingo, Bango, Bongo
Posts: 4,487
|
Re: I think I have a virus but am not sure and need help.
And here's OTL.txt
Quote:
OTL logfile created on: 7/12/2012 3:35:55 PM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Nate\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19272)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 59.96% Memory free
8.21 Gb Paging File | 6.27 Gb Available in Paging File | 76.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.17 Gb Total Space | 141.69 Gb Free Space | 23.77% Space Free | Partition Type: NTFS
Drive D: | 267.90 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 596.17 Gb Total Space | 134.83 Gb Free Space | 22.62% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: Nate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/12 15:33:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Nate\Desktop\OTL.exe
PRC - [2012/07/06 19:50:47 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/05/02 01:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/02 00:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/02 00:31:38 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/03/20 10:05:22 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Nate\AppData\Local\Google\Update\1.3.21.1 11\GoogleCrashHandler.exe
PRC - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/11/04 20:19:48 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010/11/04 20:19:34 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/09/23 18:17:27 | 000,016,384 | ---- | M] () -- C:\Windows\runservice.exe
PRC - [2010/09/16 15:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2009/08/28 06:37:24 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009/08/20 13:50:58 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
PRC - [2009/08/20 13:50:53 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
PRC - [2008/12/19 17:44:30 | 000,806,664 | ---- | M] (Logitech, Inc.) -- C:\Program Files (x86)\Common Files\Logitech\LU\LogitechUpdate.exe
PRC - [2008/12/19 17:44:14 | 000,300,296 | ---- | M] (Logitech, Inc.) -- C:\Program Files (x86)\Common Files\Logitech\LU\LULnchr.exe
PRC - [2008/12/09 18:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\apache.exe
PRC - [2008/12/09 18:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) -- c:\xampp\apache\bin\apache.exe
PRC - [2008/11/14 23:53:14 | 006,447,744 | ---- | M] () -- c:\xampp\mysql\bin\mysqld.exe
PRC - [2008/08/14 17:15:46 | 002,407,184 | ---- | M] () -- C:\Program Files (x86)\Logitech\QuickCam\Quickcam.exe
PRC - [2008/08/14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008/08/14 17:11:14 | 000,447,248 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008/07/26 08:25:36 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
PRC - [2008/05/16 00:51:58 | 000,109,104 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2008/05/16 00:51:54 | 000,150,064 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2008/05/16 00:51:54 | 000,055,856 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\hqtray.exe
PRC - [2008/05/16 00:51:40 | 000,072,240 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
PRC - [2008/05/16 00:51:34 | 000,121,392 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2008/04/01 04:39:48 | 000,486,856 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
PRC - [2008/01/25 14:32:48 | 000,191,240 | ---- | M] (Logitech, Inc.) -- c:\Program Files (x86)\Logitech\QuickCam\LU\LULnchr.exe
PRC - [2008/01/04 07:49:16 | 000,079,948 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe
PRC - [2008/01/04 07:48:12 | 003,607,592 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.2\bin\postgres.exe
PRC - [2007/03/23 10:02:52 | 000,269,104 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
PRC - [2002/02/14 17:13:22 | 000,323,584 | ---- | M] () -- C:\Program Files (x86)\Infinite Mind LC\eyeQ\ARLaunch.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/09/16 15:04:50 | 000,095,528 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010/09/16 15:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/08/28 06:37:24 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2009/08/20 13:50:58 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
MOD - [2009/08/20 13:50:53 | 000,770,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
MOD - [2009/08/18 16:09:20 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdrs.dll
MOD - [2009/08/18 16:08:28 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll
MOD - [2009/05/27 07:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll
MOD - [2009/04/07 14:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll
MOD - [2009/03/30 07:37:47 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epoemdll.dll
MOD - [2009/03/30 07:37:46 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll
MOD - [2009/03/30 07:37:44 | 002,203,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epwizres.dll
MOD - [2009/03/30 07:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epwizard.dll
MOD - [2009/03/30 07:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll
MOD - [2009/03/30 07:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epfunct.dll
MOD - [2009/03/30 07:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\eputil.dll
MOD - [2009/03/30 07:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\imagutil.dll
MOD - [2009/03/10 00:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll
MOD - [2009/03/02 09:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll
MOD - [2009/02/20 03:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXECsmr.dll
MOD - [2009/02/20 03:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXECsm.dll
MOD - [2008/08/14 17:22:36 | 000,112,912 | ---- | M] () -- C:\Program Files (x86)\Logitech\QuickCam\LAppRes.DLL
MOD - [2008/08/14 17:15:46 | 002,407,184 | ---- | M] () -- C:\Program Files (x86)\Logitech\QuickCam\Quickcam.exe
MOD - [2008/08/14 17:13:30 | 000,149,264 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
MOD - [2008/08/14 17:13:08 | 000,165,136 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
MOD - [2008/08/14 17:13:08 | 000,138,000 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\LogiCordless.dll
MOD - [2008/08/14 17:12:10 | 000,167,184 | ---- | M] () -- C:\Program Files (x86)\Logitech\QuickCam\EFVal.dll
MOD - [2008/08/14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2008/08/14 17:11:48 | 000,345,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\DevMngr.dll
MOD - [2008/07/26 08:24:04 | 000,068,120 | ---- | M] () -- C:\Program Files (x86)\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2008/05/16 00:51:50 | 000,080,432 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\zlib1.dll
MOD - [2008/05/16 00:51:38 | 000,970,288 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
MOD - [2008/04/01 04:39:26 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Lite\Lang\ENU.dll
MOD - [2007/11/09 05:39:56 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Lite\Plugins\Images\bw5mount.dll
MOD - [2002/02/14 17:13:22 | 000,323,584 | ---- | M] () -- C:\Program Files (x86)\Infinite Mind LC\eyeQ\ARLaunch.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/07/30 10:59:32 | 001,050,280 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxeccoms.exe -- (lxec_device)
SRV:64bit: - [2009/07/30 10:59:27 | 000,033,960 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv .exe -- (lxecCATSCustConnectService)
SRV:64bit: - [2008/07/26 08:25:24 | 000,187,928 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2008/07/26 08:23:54 | 000,255,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe -- (LVCOMSer)
SRV:64bit: - [2008/01/20 21:50:23 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/01/20 21:46:39 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/07/11 23:32:07 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/23 23:05:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/15 12:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/05/02 01:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/02 00:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/10/15 03:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/11/04 20:19:48 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/11/04 20:19:34 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/09/23 18:17:27 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Windows\runservice.exe -- (LicCtrlService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/01 16:40:13 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/07/30 10:59:27 | 000,033,960 | ---- | M] () [Auto | Running] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv. exe -- (lxecCATSCustConnectService)
SRV - [2009/07/30 10:59:18 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxeccoms.exe -- (lxec_device)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/09 18:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [Auto | Running] -- c:\xampp\apache\bin\apache.exe -- (Apache2.2)
SRV - [2008/11/14 23:53:14 | 006,447,744 | ---- | M] () [Auto | Running] -- c:\xampp\mysql\bin\mysqld.exe -- (mysql)
SRV - [2008/09/10 14:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/05/16 00:51:58 | 000,109,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2008/05/16 00:51:54 | 000,150,064 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2008/05/16 00:51:34 | 000,121,392 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2008/01/04 07:49:16 | 000,079,948 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe -- (pgsql-8.2)
SRV - [2007/11/30 17:23:02 | 000,186,928 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2007/03/23 10:02:52 | 000,269,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/05/02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/04/27 10:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/04/25 00:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/11/16 04:13:26 | 000,271,360 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/11 13:49:18 | 000,076,552 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2009/09/11 13:49:08 | 000,015,880 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2009/09/11 13:48:46 | 000,041,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009/09/11 13:48:36 | 000,026,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/25 19:16:35 | 000,312,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2008/09/25 19:16:34 | 000,043,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2008/07/26 10:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 10:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/07/26 08:24:40 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2008/07/26 08:24:40 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2008/07/03 22:55:52 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2008/05/16 00:52:30 | 000,043,568 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2008/05/16 00:52:28 | 000,100,912 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2008/05/16 00:52:28 | 000,029,232 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2008/05/16 00:52:28 | 000,029,232 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2008/05/16 00:52:26 | 000,018,992 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\VMparport.sys -- (VMparport)
DRV:64bit: - [2008/05/16 00:51:12 | 000,035,632 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2008/05/16 00:51:12 | 000,020,272 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2008/05/16 00:51:08 | 000,037,040 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2007/12/11 09:52:12 | 000,030,752 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2007/01/26 03:04:36 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\whfltr2k.sys -- (whfltr2k)
DRV:64bit: - [2006/11/02 15:01:26 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2006/11/02 11:27:00 | 000,054,072 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - [2011/03/17 16:00:16 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/11/13 15:45:23 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/13 15:45:23 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/11/13 15:45:23 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/28 02:37:33 | 000,012,032 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\lilsgt.sys -- (lilsgt)
DRV - [2009/08/27 00:30:17 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007/11/30 17:22:14 | 000,026,160 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2007/03/23 10:02:48 | 000,024,880 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys -- (vstor2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? }
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source? }
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A 35 D4 D1 B1 F0 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{9CC0CE6A-33A7-F5FF-A61D-F0902379161B}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z005&form=ZGAIDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?refresh=1"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {00084897-021a-4361-8423-083407a033e0}:1.4
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.http: "116.52.155.237"
FF - prefs.js..network.proxy.http_port: 8080
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_30 0_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_30 0_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin \MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nate\AppData\Local\Google\Update\1.3.21.1 11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nate\AppData\Local\Google\Update\1.3.21.1 11\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/07/06 19:44:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/06 19:50:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/07/06 19:51:20 | 000,000,000 | ---D | M]
[2008/07/03 22:04:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nate\AppData\Roaming\Mozilla\Extensions
[2012/07/04 10:46:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions
[2010/04/28 11:01:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/04/02 19:09:46 | 000,000,000 | ---D | M] (Abstract Classic) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions\{2fbc1200-ad13-11db-abbd-0800200c9a66}
[2009/12/15 17:27:27 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(86)
[2012/05/17 00:08:19 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/03/31 10:37:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/01/12 14:15:08 | 000,000,000 | ---D | M] (DriverAgent Plugin for Firefox and Opera) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2012/05/19 00:27:11 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions\en-US@dictionaries.addons.mozilla.org
[2012/03/28 12:55:59 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions\vshare@toolbar
[2012/06/03 17:27:04 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\extensions\vshareus@toolbar
[2011/01/01 22:14:41 | 000,001,919 | ---- | M] () -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\searchplugins\bing-zugo.xml
[2011/01/01 22:15:38 | 000,001,583 | ---- | M] () -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Prof iles\voyhob6o.default\searchplugins\web-search.xml
[2011/11/10 15:57:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/06 19:44:35 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2012/07/02 12:43:51 | 000,525,327 | ---- | M] () (No name found) -- C:\USERS\NATE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROF ILES\VOYHOB6O.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/01/06 05:04:58 | 000,012,748 | ---- | M] () (No name found) -- C:\USERS\NATE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROF ILES\VOYHOB6O.DEFAULT\EXTENSIONS\DESOPA@CONGRESS.P UBLIC.XPI
[2012/06/23 23:05:46 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/09/09 14:38:32 | 000,061,848 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files (x86)\mozilla firefox\plugins\npatgpc.dll
[2012/07/06 19:50:54 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2011/08/23 20:34:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/10 15:57:26 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: http://www.google.com/ig?refresh=1
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google riginalQueryForSuggestion}{go ogle:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}client=chrome&hl={language}&q={searc hTerms}
CHR - homepage: http://www.google.com/ig?refresh=1
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nate\AppData\Local\Google\Chrome\Applicat ion\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nate\AppData\Local\Google\Chrome\Applicat ion\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nate\AppData\Local\Google\Chrome\Applicat ion\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_20 2_235.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepao oicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npatgpc.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Entanglement = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchp hgkefd\2.7.9_0\
CHR - Extension: SiteAdvisor = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepao oicaho\3.50.146.1_0\
CHR - Extension: ******* = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom\2.5.38_0\
CHR - Extension: Poppit = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopgl ifcfmi\2.2_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmj gjcoja\3.0.12_0\
CHR - Extension: Google Calendar Checker (by Google) = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmo lfopek\1.2.2_0\
O1 HOSTS File: ([2009/03/27 00:03:35 | 000,000,790 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 pokerrefugee.local
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files (x86)\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VMware hqtray] C:\Program Files (x86)\VMware\VMware Workstation\hqtray.exe (VMware, Inc.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Mouse Suite v1.2\wh_exec.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.115.71.53 68.113.206.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{E2ED63AF-27CA-48D2-8AE2-53CFC2049D36}: DhcpNameServer = 192.168.1.1 68.115.71.53 68.113.206.10
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Nate\Wallpaper\wallpaper\Bubbles_1600.jpg
O24 - Desktop BackupWallPaper: C:\Nate\Wallpaper\wallpaper\Bubbles_1600.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{77204f43-49bc-11dd-b2f0-001d7d0b3d96}\Shell - "" = AutoRun
O33 - MountPoints2\{77204f43-49bc-11dd-b2f0-001d7d0b3d96}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk /r \??\F
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/12 15:33:52 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Nate\Desktop\OTL.exe
[2012/07/11 04:06:07 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/10 14:10:45 | 000,000,000 | ---D | C] -- C:\Program Files\Alex Feinman
[2012/07/06 21:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/07/06 21:58:33 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/07/06 21:57:39 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/07/06 21:57:39 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/07/06 19:51:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/07/06 19:50:58 | 000,198,864 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012/07/06 19:50:51 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012/07/06 19:50:51 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012/07/06 19:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/07/06 19:50:49 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/07/02 20:04:42 | 000,000,000 | ---D | C] -- C:\Users\Nate\AppData\Roaming\OpenCandy
[2012/06/23 21:11:06 | 000,000,000 | ---D | C] -- C:\Users\Nate\AppData\Local\Macromedia
[2012/06/12 16:48:30 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/12 16:48:29 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/06/12 16:48:28 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/06/12 16:48:28 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/06/12 16:48:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/12 16:48:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/12 16:48:27 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/06/12 16:48:27 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/12 16:48:27 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/06/12 16:48:27 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/06/12 16:48:27 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/12 16:48:27 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/06/12 16:48:27 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/06/12 16:48:27 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/12 16:48:27 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/06/12 16:48:27 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/12 16:48:27 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/06/12 16:48:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/06/12 16:48:27 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/12 16:48:27 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/06/12 16:48:27 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/06/12 16:48:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/06/12 16:48:27 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/06/12 16:48:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/06/12 16:48:26 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/06/12 16:48:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/06/12 16:48:26 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/06/12 16:48:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/06/12 16:48:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/06/12 16:48:22 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/12 16:48:22 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[9 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Nate\Documents\*.tmp files -> C:\Users\Nate\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/12 15:33:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Nate\Desktop\OTL.exe
[2012/07/12 15:32:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/12 15:31:06 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2012/07/12 15:28:04 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/12 15:24:12 | 000,004,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/12 15:24:12 | 000,004,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/12 15:10:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3270569418-3017299973-2421722264-1000UA.job
[2012/07/12 14:50:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/12 10:10:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3270569418-3017299973-2421722264-1000Core.job
[2012/07/12 03:32:04 | 000,820,576 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/12 03:32:04 | 000,684,628 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/12 03:32:04 | 000,136,864 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/12 03:24:43 | 000,000,049 | -HS- | M] () -- C:\Windows\SysWow64\mmf.sys
[2012/07/12 03:24:28 | 002,306,936 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/12 03:24:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/11 23:32:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/11 23:32:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/11 14:11:17 | 000,001,999 | ---- | M] () -- C:\Users\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/07/10 14:02:33 | 280,918,016 | ---- | M] () -- C:\Users\Nate\Desktop\kav_rescue_10.iso
[2012/07/10 10:26:01 | 000,000,680 | ---- | M] () -- C:\Users\Nate\AppData\Local\d3d9caps.dat
[2012/07/08 09:36:13 | 000,002,661 | ---- | M] () -- C:\Users\Nate\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk
[2012/07/08 05:57:02 | 000,219,648 | ---- | M] () -- C:\Users\Nate\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/06 19:50:58 | 000,198,864 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012/07/06 19:50:51 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012/07/06 19:50:51 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012/07/06 19:50:49 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/07/04 23:49:29 | 000,037,399 | ---- | M] () -- C:\Users\Nate\Desktop\oHrCL.jpg
[9 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Nate\Documents\*.tmp files -> C:\Users\Nate\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/10 13:59:36 | 280,918,016 | ---- | C] () -- C:\Users\Nate\Desktop\kav_rescue_10.iso
[2012/07/04 23:49:34 | 000,037,399 | ---- | C] () -- C:\Users\Nate\Desktop\oHrCL.jpg
[2012/06/19 10:26:54 | 000,000,680 | ---- | C] () -- C:\Users\Nate\AppData\Local\d3d9caps.dat
[2012/03/10 15:09:05 | 000,004,142 | ---- | C] () -- C:\ProgramData\kmytnfun.aqy
[2011/10/17 12:38:38 | 000,169,420 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/20 16:47:39 | 000,000,068 | ---- | C] () -- C:\Windows\eyeQ Screen Saver.ini
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/17 16:00:11 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011/03/16 23:26:20 | 000,002,233 | ---- | C] () -- C:\Users\Nate\URPreferences.xml
[2010/12/22 18:26:46 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2010/11/04 20:19:34 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/09/23 18:17:30 | 000,000,049 | -HS- | C] () -- C:\Windows\SysWow64\mmf.sys
[2010/09/23 18:17:27 | 000,048,640 | ---- | C] () -- C:\Windows\mmfs.dll
[2010/09/23 18:17:27 | 000,016,384 | ---- | C] () -- C:\Windows\runservice.exe
[2010/08/21 21:29:27 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2010/01/07 21:02:29 | 000,002,168 | ---- | C] () -- C:\Users\Nate\popopopPreferences.xml
[2009/07/13 18:23:37 | 000,314,925 | ---- | C] () -- C:\Users\Nate\simplebeauty.jpg
[2009/03/05 01:12:26 | 000,000,092 | ---- | C] () -- C:\Users\Nate\AppData\Local\fusioncache.dat
[2009/02/19 07:09:28 | 000,024,550 | ---- | C] () -- C:\Users\Nate\untitled0_MAS.bak
[2009/02/19 04:43:09 | 000,003,992 | ---- | C] () -- C:\Users\Nate\untitled2_MAS.bak
[2009/02/14 22:11:07 | 000,003,936 | ---- | C] () -- C:\Users\Nate\untitled7_MAS.bak
[2009/02/14 20:48:23 | 000,003,688 | ---- | C] () -- C:\Users\Nate\untitled6_MAS.bak
[2009/02/14 20:47:03 | 000,004,112 | ---- | C] () -- C:\Users\Nate\untitled5_MAS.bak
[2009/02/14 20:43:56 | 000,004,912 | ---- | C] () -- C:\Users\Nate\untitled4_MAS.bak
[2009/02/13 18:56:54 | 000,004,072 | ---- | C] () -- C:\Users\Nate\untitled3_MAS.bak
[2008/07/17 22:08:19 | 000,004,990 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/07/04 07:50:58 | 000,001,460 | ---- | C] () -- C:\Users\Nate\AppData\Local\d3d9caps64.dat
[2008/07/03 23:33:22 | 000,219,648 | ---- | C] () -- C:\Users\Nate\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 81 bytes -> C:\Program Files (x86)\Cake Poker:MID
< End of report >
|
|
|
|
|
|
07-12-2012, 08:40 PM
|
#5
|
|
No reason to get excited
Join Date: May 2004
Location: Bingo, Bango, Bongo
Posts: 4,487
|
Re: I think I have a virus but am not sure and need help.
And Kaspersky. I just skipped the one threat.
Quote:
19:35:37.0765 12744 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
19:35:38.0061 12744 ================================================== ==========
19:35:38.0061 12744 Current date / time: 2012/07/12 19:35:38.0061
19:35:38.0061 12744 SystemInfo:
19:35:38.0061 12744
19:35:38.0061 12744 OS Version: 6.0.6002 ServicePack: 2.0
19:35:38.0061 12744 Product type: Workstation
19:35:38.0061 12744 ComputerName: USER-PC
19:35:38.0061 12744 UserName: Nate
19:35:38.0061 12744 Windows directory: C:\Windows
19:35:38.0061 12744 System windows directory: C:\Windows
19:35:38.0061 12744 Running under WOW64
19:35:38.0061 12744 Processor architecture: Intel x64
19:35:38.0061 12744 Number of processors: 2
19:35:38.0061 12744 Page size: 0x1000
19:35:38.0061 12744 Boot type: Normal boot
19:35:38.0061 12744 ================================================== ==========
19:35:38.0857 12744 Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:35:41.0509 12744 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:35:41.0524 12744 ================================================== ==========
19:35:41.0524 12744 \Device\Harddisk0\DR0:
19:35:41.0524 12744 MBR partitions:
19:35:41.0524 12744 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A856800
19:35:41.0524 12744 \Device\Harddisk1\DR1:
19:35:41.0524 12744 MBR partitions:
19:35:41.0524 12744 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
19:35:41.0524 12744 ================================================== ==========
19:35:41.0540 12744 C: <-> \Device\Harddisk0\DR0\Partition0
19:35:41.0556 12744 H: <-> \Device\Harddisk1\DR1\Partition0
19:35:41.0556 12744 ================================================== ==========
19:35:41.0556 12744 Initialize success
19:35:41.0556 12744 ================================================== ==========
19:35:44.0020 12628 ================================================== ==========
19:35:44.0020 12628 Scan started
19:35:44.0020 12628 Mode: Manual;
19:35:44.0020 12628 ================================================== ==========
19:35:45.0300 12628 aawservice (17067069b9a7865028c1f2e6971d0ccc) C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
19:35:45.0300 12628 aawservice - ok
19:35:46.0048 12628 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
19:35:46.0064 12628 ACPI - ok
19:35:46.0423 12628 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
19:35:46.0423 12628 AdobeFlashPlayerUpdateSvc - ok
19:35:47.0203 12628 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
19:35:47.0218 12628 adp94xx - ok
19:35:47.0250 12628 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
19:35:47.0265 12628 adpahci - ok
19:35:47.0281 12628 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
19:35:47.0281 12628 adpu160m - ok
19:35:47.0312 12628 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
19:35:47.0312 12628 adpu320 - ok
19:35:47.0359 12628 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
19:35:47.0359 12628 AeLookupSvc - ok
19:35:47.0624 12628 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
19:35:47.0624 12628 AFD - ok
19:35:47.0640 12628 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
19:35:47.0640 12628 agp440 - ok
19:35:47.0655 12628 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
19:35:47.0655 12628 aic78xx - ok
19:35:47.0671 12628 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
19:35:47.0671 12628 ALG - ok
19:35:47.0718 12628 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
19:35:47.0733 12628 aliide - ok
19:35:47.0749 12628 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
19:35:47.0749 12628 amdide - ok
19:35:47.0764 12628 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
19:35:47.0764 12628 AmdK8 - ok
19:35:48.0076 12628 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:35:48.0076 12628 AntiVirSchedulerService - ok
19:35:48.0248 12628 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:35:48.0248 12628 AntiVirService - ok
19:35:48.0326 12628 Apache2.2 (375640f39f2d613b6fdcf8c2f956205a) c:\xampp\apache\bin\apache.exe
19:35:48.0326 12628 Apache2.2 - ok
19:35:48.0342 12628 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
19:35:48.0342 12628 Appinfo - ok
19:35:48.0404 12628 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:35:48.0404 12628 Apple Mobile Device - ok
19:35:48.0435 12628 AppMgmt (3da98c07b18a676180fe7eed924d1673) C:\Windows\System32\appmgmts.dll
19:35:48.0435 12628 AppMgmt - ok
19:35:48.0451 12628 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
19:35:48.0451 12628 arc - ok
19:35:48.0466 12628 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
19:35:48.0466 12628 arcsas - ok
19:35:48.0576 12628 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\as pnet_state.exe
19:35:48.0576 12628 aspnet_state - ok
19:35:48.0622 12628 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
19:35:48.0622 12628 AsyncMac - ok
19:35:48.0669 12628 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
19:35:48.0669 12628 atapi - ok
19:35:49.0012 12628 atksgt (09149d03629a44f4773e621c432d1d89) C:\Windows\system32\DRIVERS\atksgt.sys
19:35:49.0028 12628 atksgt - ok
19:35:49.0059 12628 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:35:49.0059 12628 AudioEndpointBuilder - ok
19:35:49.0059 12628 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:35:49.0059 12628 AudioSrv - ok
19:35:49.0215 12628 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:35:49.0215 12628 avgntflt - ok
19:35:49.0293 12628 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:35:49.0293 12628 avipbb - ok
19:35:49.0309 12628 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:35:49.0309 12628 avkmgr - ok
19:35:49.0340 12628 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
19:35:49.0356 12628 BFE - ok
19:35:49.0418 12628 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
19:35:49.0449 12628 BITS - ok
19:35:49.0636 12628 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
19:35:49.0636 12628 blbdrive - ok
19:35:49.0824 12628 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:35:49.0824 12628 Bonjour Service - ok
19:35:49.0870 12628 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
19:35:49.0870 12628 bowser - ok
19:35:49.0886 12628 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
19:35:49.0886 12628 BrFiltLo - ok
19:35:49.0902 12628 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
19:35:49.0902 12628 BrFiltUp - ok
19:35:49.0933 12628 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
19:35:49.0933 12628 Browser - ok
19:35:49.0948 12628 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
19:35:49.0948 12628 Brserid - ok
19:35:49.0964 12628 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
19:35:49.0964 12628 BrSerWdm - ok
19:35:49.0980 12628 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
19:35:49.0995 12628 BrUsbMdm - ok
19:35:50.0011 12628 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
19:35:50.0011 12628 BrUsbSer - ok
19:35:50.0026 12628 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
19:35:50.0026 12628 BTHMODEM - ok
19:35:50.0058 12628 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
19:35:50.0058 12628 cdfs - ok
19:35:50.0089 12628 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
19:35:50.0089 12628 cdrom - ok
19:35:50.0104 12628 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:35:50.0104 12628 CertPropSvc - ok
19:35:50.0151 12628 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
19:35:50.0151 12628 circlass - ok
19:35:50.0276 12628 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
19:35:50.0292 12628 CLFS - ok
19:35:50.0323 12628 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
19:35:50.0323 12628 clr_optimization_v2.0.50727_32 - ok
19:35:50.0370 12628 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe
19:35:50.0370 12628 clr_optimization_v2.0.50727_64 - ok
19:35:50.0432 12628 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
19:35:50.0448 12628 clr_optimization_v4.0.30319_32 - ok
19:35:50.0479 12628 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe
19:35:50.0479 12628 clr_optimization_v4.0.30319_64 - ok
19:35:50.0510 12628 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
19:35:50.0510 12628 cmdide - ok
19:35:50.0526 12628 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
19:35:50.0526 12628 Compbatt - ok
19:35:50.0526 12628 COMSysApp - ok
19:35:50.0526 12628 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
19:35:50.0526 12628 crcdisk - ok
19:35:50.0604 12628 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
19:35:50.0604 12628 CryptSvc - ok
19:35:50.0635 12628 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
19:35:50.0635 12628 CSC - ok
19:35:50.0666 12628 CscService (1b5f256d31836ed2ba60b3a6c800200c) C:\Windows\System32\cscsvc.dll
19:35:50.0728 12628 CscService - ok
19:35:50.0931 12628 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:35:50.0947 12628 DcomLaunch - ok
19:35:51.0025 12628 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
19:35:51.0025 12628 DfsC - ok
19:35:51.0181 12628 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
19:35:51.0212 12628 DFSR - ok
19:35:51.0274 12628 DgiVecp (cfbb4907c7542180b5e0282301240006) C:\Windows\system32\Drivers\DgiVecp.sys
19:35:51.0274 12628 DgiVecp - ok
19:35:51.0306 12628 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
19:35:51.0321 12628 Dhcp - ok
19:35:51.0337 12628 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
19:35:51.0337 12628 disk - ok
19:35:51.0368 12628 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
19:35:51.0368 12628 Dnscache - ok
19:35:51.0399 12628 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
19:35:51.0399 12628 dot3svc - ok
19:35:51.0430 12628 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
19:35:51.0430 12628 DPS - ok
19:35:51.0446 12628 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
19:35:51.0446 12628 drmkaud - ok
19:35:51.0493 12628 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
19:35:51.0508 12628 DXGKrnl - ok
19:35:51.0540 12628 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
19:35:51.0540 12628 E1G60 - ok
19:35:51.0571 12628 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
19:35:51.0571 12628 EapHost - ok
19:35:51.0586 12628 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
19:35:51.0586 12628 Ecache - ok
19:35:51.0618 12628 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
19:35:51.0618 12628 ehRecvr - ok
19:35:51.0633 12628 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
19:35:51.0633 12628 ehSched - ok
19:35:51.0649 12628 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
19:35:51.0649 12628 ehstart - ok
19:35:51.0664 12628 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
19:35:51.0664 12628 elxstor - ok
19:35:51.0711 12628 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
19:35:51.0711 12628 EMDMgmt - ok
19:35:51.0727 12628 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
19:35:51.0727 12628 ErrDev - ok
19:35:51.0758 12628 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
19:35:51.0774 12628 EventSystem - ok
19:35:51.0789 12628 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
19:35:51.0789 12628 exfat - ok
19:35:51.0805 12628 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
19:35:51.0820 12628 fastfat - ok
19:35:51.0852 12628 Fax (989a776a2ff32a148fcf15c44058b129) C:\Windows\system32\fxssvc.exe
19:35:51.0852 12628 Fax - ok
19:35:51.0867 12628 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
19:35:51.0867 12628 fdc - ok
19:35:51.0867 12628 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
19:35:51.0867 12628 fdPHost - ok
19:35:51.0867 12628 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
19:35:51.0867 12628 FDResPub - ok
19:35:51.0883 12628 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
19:35:51.0883 12628 FileInfo - ok
19:35:51.0883 12628 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
19:35:51.0898 12628 Filetrace - ok
19:35:51.0945 12628 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:35:51.0961 12628 FLEXnet Licensing Service - ok
19:35:51.0976 12628 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:35:51.0976 12628 flpydisk - ok
19:35:52.0008 12628 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
19:35:52.0008 12628 FltMgr - ok
19:35:52.0086 12628 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
19:35:52.0117 12628 FontCache - ok
19:35:52.0164 12628 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
19:35:52.0164 12628 FontCache3.0.0.0 - ok
19:35:52.0179 12628 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
19:35:52.0179 12628 Fs_Rec - ok
19:35:52.0195 12628 fvevol (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys
19:35:52.0195 12628 fvevol - ok
19:35:52.0210 12628 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
19:35:52.0210 12628 gagp30kx - ok
19:35:52.0257 12628 gdrv (f51fb25e1328fa14f446a8b24ac52709) C:\Windows\gdrv.sys
19:35:52.0257 12628 gdrv - ok
19:35:52.0288 12628 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:35:52.0288 12628 GEARAspiWDM - ok
19:35:52.0413 12628 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
19:35:52.0429 12628 gpsvc - ok
19:35:52.0616 12628 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:35:52.0616 12628 gupdate - ok
19:35:52.0616 12628 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:35:52.0616 12628 gupdatem - ok
19:35:52.0647 12628 hcmon (4c54f6bbe63e0c037d3c1fe06a9fa3db) C:\Windows\system32\drivers\hcmon.sys
19:35:52.0647 12628 hcmon - ok
19:35:52.0678 12628 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
19:35:52.0678 12628 HdAudAddService - ok
19:35:52.0725 12628 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:35:52.0741 12628 HDAudBus - ok
19:35:52.0756 12628 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
19:35:52.0756 12628 HidBth - ok
19:35:52.0772 12628 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
19:35:52.0772 12628 HidIr - ok
19:35:52.0772 12628 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
19:35:52.0772 12628 hidserv - ok
19:35:52.0803 12628 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
19:35:52.0803 12628 HidUsb - ok
19:35:52.0819 12628 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
19:35:52.0819 12628 hkmsvc - ok
19:35:52.0834 12628 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
19:35:52.0834 12628 HpCISSs - ok
19:35:52.0897 12628 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
19:35:52.0897 12628 HTTP - ok
19:35:52.0912 12628 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
19:35:52.0912 12628 i2omp - ok
19:35:52.0928 12628 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
19:35:52.0928 12628 i8042prt - ok
19:35:52.0959 12628 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
19:35:52.0959 12628 iaStorV - ok
19:35:53.0006 12628 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:35:53.0006 12628 IDriverT - ok
19:35:53.0084 12628 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:35:53.0084 12628 idsvc - ok
19:35:53.0146 12628 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
19:35:53.0146 12628 iirsp - ok
19:35:53.0178 12628 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
19:35:53.0178 12628 IKEEXT - ok
19:35:53.0209 12628 IntcAzAudAddService - ok
19:35:53.0224 12628 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
19:35:53.0224 12628 intelide - ok
19:35:53.0240 12628 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
19:35:53.0240 12628 intelppm - ok
19:35:53.0256 12628 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
19:35:53.0256 12628 IPBusEnum - ok
19:35:53.0287 12628 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:35:53.0287 12628 IpFilterDriver - ok
19:35:53.0334 12628 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
19:35:53.0334 12628 iphlpsvc - ok
19:35:53.0334 12628 IpInIp - ok
19:35:53.0349 12628 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
19:35:53.0349 12628 IPMIDRV - ok
19:35:53.0365 12628 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
19:35:53.0365 12628 IPNAT - ok
19:35:53.0443 12628 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files (x86)\iPod\bin\iPodService.exe
19:35:53.0458 12628 iPod Service - ok
19:35:53.0474 12628 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
19:35:53.0474 12628 IRENUM - ok
19:35:53.0490 12628 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
19:35:53.0490 12628 isapnp - ok
19:35:53.0505 12628 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
19:35:53.0521 12628 iScsiPrt - ok
19:35:53.0536 12628 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
19:35:53.0536 12628 iteatapi - ok
19:35:53.0552 12628 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
19:35:53.0552 12628 iteraid - ok
19:35:53.0583 12628 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
19:35:53.0583 12628 kbdclass - ok
19:35:53.0599 12628 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
19:35:53.0599 12628 kbdhid - ok
19:35:53.0646 12628 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:35:53.0646 12628 KeyIso - ok
19:35:53.0692 12628 KSecDD (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys
19:35:53.0692 12628 KSecDD - ok
19:35:53.0708 12628 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
19:35:53.0708 12628 ksthunk - ok
19:35:53.0739 12628 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
19:35:53.0739 12628 KtmRm - ok
19:35:53.0770 12628 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
19:35:53.0770 12628 LanmanServer - ok
19:35:53.0802 12628 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
19:35:53.0802 12628 LanmanWorkstation - ok
19:35:53.0833 12628 LicCtrlService (47901eadca0971a997ed926f0ec316c4) C:\Windows\runservice.exe
19:35:53.0833 12628 LicCtrlService - ok
19:35:53.0833 12628 lilsgt - ok
19:35:53.0864 12628 lirsgt (5ea407821bb3104c31a705175ab4f309) C:\Windows\system32\DRIVERS\lirsgt.sys
19:35:53.0864 12628 lirsgt - ok
19:35:53.0864 12628 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
19:35:53.0864 12628 lltdio - ok
19:35:53.0895 12628 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
19:35:53.0895 12628 lltdsvc - ok
19:35:53.0926 12628 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
19:35:53.0926 12628 lmhosts - ok
19:35:53.0942 12628 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
19:35:53.0942 12628 LSI_FC - ok
19:35:53.0958 12628 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
19:35:53.0958 12628 LSI_SAS - ok
19:35:53.0973 12628 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
19:35:53.0973 12628 LSI_SCSI - ok
19:35:53.0989 12628 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
19:35:53.0989 12628 luafv - ok
19:35:54.0051 12628 LVCOMSer (9c6fea1c7024fc81cf09cfdca4cce978) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe
19:35:54.0051 12628 LVCOMSer - ok
19:35:54.0051 12628 LVPr2M64 (247e95b54752a792d45a360c9c31b55b) C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:35:54.0067 12628 LVPr2M64 - ok
19:35:54.0067 12628 LVPr2Mon (247e95b54752a792d45a360c9c31b55b) C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:35:54.0067 12628 LVPr2Mon - ok
19:35:54.0082 12628 LVPrcS64 (d39fbb1d740aee8a5f8d655a8dcc2002) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:35:54.0082 12628 LVPrcS64 - ok
19:35:54.0098 12628 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys
19:35:54.0098 12628 LVUSBS64 - ok
19:35:54.0176 12628 lxecCATSCustConnectService (7be83d72fd34881841e9ab5af536d296) C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv. exe
19:35:54.0192 12628 lxecCATSCustConnectService - ok
19:35:54.0192 12628 lxec_device - ok
19:35:54.0270 12628 McAfee SiteAdvisor Service (b891e3920f24ff1a3bead6cd2b42ed99) C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
19:35:54.0270 12628 McAfee SiteAdvisor Service - ok
19:35:54.0270 12628 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
19:35:54.0285 12628 Mcx2Svc - ok
19:35:54.0301 12628 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
19:35:54.0301 12628 megasas - ok
19:35:54.0332 12628 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
19:35:54.0332 12628 MegaSR - ok
19:35:54.0410 12628 Microsoft SharePoint Workspace Audit Service - ok
19:35:54.0426 12628 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:35:54.0426 12628 MMCSS - ok
19:35:54.0441 12628 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
19:35:54.0441 12628 Modem - ok
19:35:54.0441 12628 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
19:35:54.0441 12628 monitor - ok
19:35:54.0472 12628 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
19:35:54.0472 12628 mouclass - ok
19:35:54.0472 12628 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
19:35:54.0472 12628 mouhid - ok
19:35:54.0488 12628 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
19:35:54.0488 12628 MountMgr - ok
19:35:54.0550 12628 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:35:54.0550 12628 MozillaMaintenance - ok
19:35:54.0582 12628 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
19:35:54.0582 12628 mpio - ok
19:35:54.0597 12628 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
19:35:54.0597 12628 mpsdrv - ok
19:35:54.0628 12628 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
19:35:54.0660 12628 MpsSvc - ok
19:35:54.0675 12628 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
19:35:54.0675 12628 Mraid35x - ok
19:35:54.0691 12628 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
19:35:54.0691 12628 MRxDAV - ok
19:35:54.0738 12628 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:35:54.0738 12628 mrxsmb - ok
19:35:54.0800 12628 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:35:54.0800 12628 mrxsmb10 - ok
19:35:54.0800 12628 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:35:54.0800 12628 mrxsmb20 - ok
19:35:54.0816 12628 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
19:35:54.0816 12628 msahci - ok
19:35:54.0831 12628 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
19:35:54.0831 12628 msdsm - ok
19:35:54.0847 12628 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
19:35:54.0847 12628 MSDTC - ok
19:35:54.0862 12628 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
19:35:54.0862 12628 Msfs - ok
19:35:54.0878 12628 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
19:35:54.0878 12628 msisadrv - ok
19:35:54.0894 12628 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
19:35:54.0894 12628 MSiSCSI - ok
19:35:54.0894 12628 msiserver - ok
19:35:54.0909 12628 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
19:35:54.0909 12628 MSKSSRV - ok
19:35:54.0925 12628 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
19:35:54.0925 12628 MSPCLOCK - ok
19:35:54.0925 12628 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
19:35:54.0925 12628 MSPQM - ok
19:35:54.0956 12628 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
19:35:54.0956 12628 MsRPC - ok
19:35:54.0972 12628 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
19:35:54.0972 12628 mssmbios - ok
19:35:54.0972 12628 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
19:35:54.0972 12628 MSTEE - ok
19:35:54.0987 12628 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
19:35:54.0987 12628 Mup - ok
19:35:55.0018 12628 mysql - ok
19:35:55.0050 12628 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
19:35:55.0050 12628 napagent - ok
19:35:55.0081 12628 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
19:35:55.0081 12628 NativeWifiP - ok
19:35:55.0128 12628 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
19:35:55.0128 12628 NDIS - ok
19:35:55.0143 12628 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
19:35:55.0143 12628 NdisTapi - ok
19:35:55.0159 12628 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
19:35:55.0159 12628 Ndisuio - ok
19:35:55.0190 12628 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
19:35:55.0190 12628 NdisWan - ok
19:35:55.0190 12628 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
19:35:55.0190 12628 NDProxy - ok
19:35:55.0206 12628 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
19:35:55.0206 12628 NetBIOS - ok
19:35:55.0377 12628 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
19:35:55.0377 12628 netbt - ok
19:35:55.0424 12628 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:35:55.0424 12628 Netlogon - ok
19:35:55.0455 12628 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
19:35:55.0455 12628 Netman - ok
19:35:55.0720 12628 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
19:35:55.0767 12628 NetMsmqActivator - ok
19:35:55.0783 12628 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
19:35:55.0783 12628 NetPipeActivator - ok
19:35:55.0798 12628 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
19:35:55.0814 12628 netprofm - ok
19:35:55.0814 12628 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
19:35:55.0814 12628 NetTcpActivator - ok
19:35:55.0814 12628 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
19:35:55.0814 12628 NetTcpPortSharing - ok
19:35:55.0845 12628 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
19:35:55.0845 12628 nfrd960 - ok
19:35:55.0861 12628 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
19:35:55.0876 12628 NlaSvc - ok
19:35:55.0876 12628 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
19:35:55.0876 12628 Npfs - ok
19:35:55.0892 12628 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
19:35:55.0892 12628 nsi - ok
19:35:55.0908 12628 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
19:35:55.0908 12628 nsiproxy - ok
19:35:56.0438 12628 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
19:35:56.0454 12628 Ntfs - ok
19:35:56.0594 12628 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
19:35:56.0594 12628 Null - ok
19:36:04.0644 12628 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:36:04.0831 12628 nvlddmkm - ok
19:36:05.0564 12628 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
19:36:05.0564 12628 nvraid - ok
19:36:05.0595 12628 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
19:36:05.0595 12628 nvstor - ok
19:36:06.0609 12628 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
19:36:06.0625 12628 nvsvc - ok
19:36:08.0606 12628 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
19:36:08.0637 12628 nvUpdatusService - ok
19:36:09.0604 12628 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
19:36:09.0604 12628 nv_agp - ok
19:36:09.0620 12628 NwlnkFlt - ok
19:36:09.0620 12628 NwlnkFwd - ok
19:36:09.0651 12628 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
19:36:09.0651 12628 ohci1394 - ok
19:36:09.0979 12628 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:36:09.0979 12628 ose - ok
19:36:12.0319 12628 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
19:36:12.0381 12628 osppsvc - ok
19:36:12.0678 12628 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:36:12.0709 12628 p2pimsvc - ok
19:36:12.0709 12628 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:36:12.0709 12628 p2psvc - ok
19:36:12.0756 12628 Parport (4c6a7fd04ddf4db88791048382e3edb1) C:\Windows\system32\DRIVERS\parport.sys
19:36:12.0756 12628 Parport - ok
19:36:12.0880 12628 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
19:36:12.0896 12628 partmgr - ok
19:36:12.0912 12628 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
19:36:12.0912 12628 PcaSvc - ok
19:36:12.0943 12628 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
19:36:12.0943 12628 pci - ok
19:36:12.0958 12628 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
19:36:12.0958 12628 pciide - ok
19:36:12.0990 12628 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
19:36:12.0990 12628 pcmcia - ok
19:36:13.0629 12628 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
19:36:13.0629 12628 PEAUTH - ok
19:36:13.0676 12628 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
19:36:13.0676 12628 PerfHost - ok
19:36:13.0910 12628 pgsql-8.2 (ec1176abea279b14bd48b89ff0b65020) C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe
19:36:13.0910 12628 pgsql-8.2 - ok
19:36:15.0532 12628 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS
19:36:15.0564 12628 PID_PEPI - ok
19:36:15.0829 12628 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
19:36:15.0860 12628 pla - ok
19:36:15.0891 12628 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
19:36:15.0907 12628 PlugPlay - ok
19:36:15.0922 12628 PnkBstrA - ok
19:36:15.0922 12628 PnkBstrB - ok
19:36:15.0969 12628 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:36:15.0985 12628 PNRPAutoReg - ok
19:36:15.0985 12628 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:36:15.0985 12628 PNRPsvc - ok
19:36:16.0156 12628 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
19:36:16.0172 12628 PolicyAgent - ok
19:36:16.0219 12628 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
19:36:16.0219 12628 PptpMiniport - ok
19:36:16.0250 12628 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
19:36:16.0250 12628 Processor - ok
19:36:16.0281 12628 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
19:36:16.0281 12628 ProfSvc - ok
19:36:16.0328 12628 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:36:16.0328 12628 ProtectedStorage - ok
19:36:16.0422 12628 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
19:36:16.0437 12628 PSched - ok
19:36:16.0484 12628 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
19:36:16.0546 12628 ql2300 - ok
19:36:16.0593 12628 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
19:36:16.0593 12628 ql40xx - ok
19:36:16.0702 12628 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
19:36:16.0702 12628 QWAVE - ok
19:36:16.0780 12628 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
19:36:16.0796 12628 QWAVEdrv - ok
19:36:16.0812 12628 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
19:36:16.0812 12628 RasAcd - ok
19:36:16.0827 12628 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
19:36:16.0827 12628 RasAuto - ok
19:36:16.0858 12628 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:36:16.0858 12628 Rasl2tp - ok
19:36:16.0874 12628 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
19:36:16.0874 12628 RasMan - ok
19:36:16.0921 12628 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
19:36:16.0921 12628 RasPppoe - ok
19:36:16.0936 12628 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
19:36:16.0936 12628 RasSstp - ok
19:36:16.0968 12628 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
19:36:16.0968 12628 rdbss - ok
19:36:16.0983 12628 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:36:16.0983 12628 RDPCDD - ok
19:36:17.0014 12628 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
19:36:17.0014 12628 rdpdr - ok
19:36:17.0014 12628 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
19:36:17.0014 12628 RDPENCDD - ok
19:36:17.0061 12628 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
19:36:17.0061 12628 RDPWD - ok
19:36:17.0092 12628 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
19:36:17.0092 12628 RemoteAccess - ok
19:36:17.0108 12628 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
19:36:17.0108 12628 RemoteRegistry - ok
19:36:17.0139 12628 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
19:36:17.0139 12628 RpcLocator - ok
19:36:17.0186 12628 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:36:17.0186 12628 RpcSs - ok
19:36:17.0186 12628 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
19:36:17.0186 12628 rspndr - ok
19:36:17.0373 12628 RTL8169 (bfeb9c99ae9ae0c635ac1dc38a2b2f1d) C:\Windows\system32\DRIVERS\Rtlh64.sys
19:36:17.0389 12628 RTL8169 - ok
19:36:17.0420 12628 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:36:17.0436 12628 SamSs - ok
19:36:17.0514 12628 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
19:36:17.0514 12628 SASDIFSV - ok
19:36:17.0529 12628 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
19:36:17.0529 12628 SASENUM - ok
19:36:17.0545 12628 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys
19:36:17.0545 12628 SASKUTIL - ok
19:36:17.0576 12628 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
19:36:17.0576 12628 sbp2port - ok
19:36:17.0607 12628 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
19:36:17.0607 12628 SCardSvr - ok
19:36:17.0748 12628 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
19:36:17.0794 12628 Schedule - ok
19:36:17.0810 12628 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:36:17.0810 12628 SCPolicySvc - ok
19:36:17.0826 12628 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
19:36:17.0826 12628 SDRSVC - ok
19:36:17.0872 12628 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:36:17.0872 12628 secdrv - ok
19:36:17.0950 12628 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
19:36:17.0950 12628 seclogon - ok
19:36:18.0013 12628 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
19:36:18.0028 12628 SENS - ok
19:36:18.0060 12628 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
19:36:18.0060 12628 Serenum - ok
19:36:18.0075 12628 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
19:36:18.0075 12628 Serial - ok
19:36:18.0138 12628 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
19:36:18.0138 12628 sermouse - ok
19:36:18.0169 12628 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
19:36:18.0169 12628 SessionEnv - ok
19:36:18.0184 12628 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
19:36:18.0184 12628 sffdisk - ok
19:36:18.0184 12628 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
19:36:18.0200 12628 sffp_mmc - ok
19:36:18.0200 12628 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
19:36:18.0200 12628 sffp_sd - ok
19:36:18.0216 12628 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
19:36:18.0216 12628 sfloppy - ok
19:36:18.0247 12628 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
19:36:18.0247 12628 SharedAccess - ok
19:36:18.0294 12628 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
19:36:18.0294 12628 ShellHWDetection - ok
19:36:18.0309 12628 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
19:36:18.0309 12628 SiSRaid2 - ok
19:36:18.0325 12628 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
19:36:18.0325 12628 SiSRaid4 - ok
19:36:19.0152 12628 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
19:36:19.0214 12628 slsvc - ok
19:36:19.0760 12628 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
19:36:19.0776 12628 SLUINotify - ok
19:36:19.0838 12628 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
19:36:19.0838 12628 Smb - ok
19:36:19.0885 12628 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
19:36:19.0885 12628 SNMPTRAP - ok
19:36:19.0947 12628 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
19:36:19.0947 12628 spldr - ok
19:36:20.0166 12628 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
19:36:20.0166 12628 Spooler - ok
19:36:20.0509 12628 sptd (9ab59cf736981ed1f83c6ab5faa8ba5c) C:\Windows\system32\Drivers\sptd.sys
19:36:20.0509 12628 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 9ab59cf736981ed1f83c6ab5faa8ba5c
19:36:20.0509 12628 sptd ( LockedFile****lti.Generic ) - warning
19:36:20.0509 12628 sptd - detected LockedFile****lti.Generic (1)
19:36:20.0774 12628 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
19:36:20.0774 12628 srv - ok
19:36:20.0821 12628 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
19:36:20.0821 12628 srv2 - ok
19:36:20.0914 12628 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
19:36:20.0930 12628 srvnet - ok
19:36:20.0961 12628 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
19:36:20.0977 12628 SSDPSRV - ok
19:36:20.0992 12628 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
19:36:20.0992 12628 SSPORT - ok
19:36:21.0008 12628 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
19:36:21.0008 12628 SstpSvc - ok
19:36:21.0367 12628 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:36:21.0367 12628 Stereo Service - ok
19:36:21.0788 12628 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
19:36:21.0819 12628 stisvc - ok
19:36:21.0835 12628 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
19:36:21.0835 12628 swenum - ok
19:36:21.0882 12628 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
19:36:21.0897 12628 swprv - ok
19:36:21.0897 12628 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
19:36:21.0897 12628 Symc8xx - ok
19:36:21.0913 12628 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
19:36:21.0913 12628 Sym_hi - ok
19:36:21.0928 12628 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
19:36:21.0928 12628 Sym_u3 - ok
19:36:22.0615 12628 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
19:36:22.0630 12628 SysMain - ok
19:36:22.0646 12628 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
19:36:22.0662 12628 TabletInputService - ok
19:36:22.0693 12628 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
19:36:22.0693 12628 TapiSrv - ok
19:36:22.0755 12628 tbhsd (5dcea09ceabd027a61ca634de3035dab) C:\Windows\system32\drivers\tbhsd.sys
19:36:22.0755 12628 tbhsd - ok
19:36:22.0786 12628 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
19:36:22.0786 12628 TBS - ok
19:36:23.0629 12628 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
19:36:23.0644 12628 Tcpip - ok
19:36:24.0346 12628 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
19:36:24.0346 12628 Tcpip6 - ok
19:36:24.0456 12628 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
19:36:24.0456 12628 tcpipreg - ok
19:36:24.0471 12628 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
19:36:24.0471 12628 TDPIPE - ok
19:36:24.0487 12628 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
19:36:24.0487 12628 TDTCP - ok
19:36:24.0502 12628 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
19:36:24.0502 12628 tdx - ok
19:36:24.0534 12628 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
19:36:24.0534 12628 TermDD - ok
19:36:24.0565 12628 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
19:36:24.0565 12628 TermService - ok
19:36:24.0596 12628 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
19:36:24.0612 12628 Themes - ok
19:36:24.0627 12628 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:36:24.0627 12628 THREADORDER - ok
19:36:24.0643 12628 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
19:36:24.0643 12628 TrkWks - ok
19:36:24.0674 12628 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
19:36:24.0674 12628 TrustedInstaller - ok
19:36:24.0690 12628 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:36:24.0690 12628 tssecsrv - ok
19:36:24.0705 12628 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
19:36:24.0705 12628 tunmp - ok
19:36:24.0752 12628 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
19:36:24.0752 12628 tunnel - ok
19:36:24.0768 12628 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
19:36:24.0783 12628 uagp35 - ok
19:36:24.0814 12628 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
19:36:24.0814 12628 udfs - ok
19:36:24.0877 12628 ufad-ws60 (600b573258ac4c868590936804efe034) C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
19:36:24.0877 12628 ufad-ws60 - ok
19:36:24.0892 12628 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
19:36:24.0892 12628 UI0Detect - ok
19:36:24.0924 12628 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
19:36:24.0924 12628 uliagpkx - ok
19:36:24.0939 12628 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
19:36:24.0939 12628 uliahci - ok
19:36:24.0970 12628 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
19:36:24.0970 12628 UlSata - ok
19:36:24.0986 12628 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
19:36:24.0986 12628 ulsata2 - ok
19:36:25.0017 12628 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
19:36:25.0017 12628 umbus - ok
19:36:25.0033 12628 UmRdpService (dc5e34f189b827199b9cc8481c648269) C:\Windows\System32\umrdp.dll
19:36:25.0048 12628 UmRdpService - ok
19:36:25.0080 12628 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
19:36:25.0080 12628 upnphost - ok
19:36:25.0142 12628 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
19:36:25.0142 12628 usbccgp - ok
19:36:25.0158 12628 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
19:36:25.0158 12628 usbcir - ok
19:36:25.0173 12628 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
19:36:25.0173 12628 usbehci - ok
19:36:25.0204 12628 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
19:36:25.0204 12628 usbhub - ok
19:36:25.0220 12628 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
19:36:25.0220 12628 usbohci - ok
19:36:25.0251 12628 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
19:36:25.0251 12628 usbprint - ok
19:36:25.0282 12628 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
19:36:25.0282 12628 usbscan - ok
19:36:25.0298 12628 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:36:25.0298 12628 USBSTOR - ok
19:36:25.0314 12628 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
19:36:25.0314 12628 usbuhci - ok
19:36:25.0345 12628 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
19:36:25.0345 12628 UxSms - ok
19:36:25.0376 12628 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
19:36:25.0376 12628 vds - ok
19:36:25.0392 12628 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
19:36:25.0392 12628 vga - ok
19:36:25.0392 12628 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
19:36:25.0392 12628 VgaSave - ok
19:36:25.0407 12628 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
19:36:25.0407 12628 viaide - ok
19:36:25.0454 12628 VMAuthdService (557a2b18fe116161a6f24f0f4c5c9a85) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
19:36:25.0454 12628 VMAuthdService - ok
19:36:25.0485 12628 vmkbd (09d7fc568fb7d72caa83165b1b2b1ce7) C:\Windows\system32\drivers\VMkbd.sys
19:36:25.0485 12628 vmkbd - ok
19:36:25.0501 12628 VMnetAdapter (b19471788066b717d3d621fbd0d7a996) C:\Windows\system32\DRIVERS\vmnetadapter.sys
19:36:25.0501 12628 VMnetAdapter - ok
19:36:25.0501 12628 VMnetBridge (878c11e87fa0ed9e4530cc204fc147fc) C:\Windows\system32\DRIVERS\vmnetbridge.sys
19:36:25.0516 12628 VMnetBridge - ok
19:36:25.0516 12628 VMnetDHCP - ok
19:36:25.0516 12628 VMnetuserif (23dafd1df5866673a71e8e02ef48cb8e) C:\Windows\system32\drivers\vmnetuserif.sys
19:36:25.0516 12628 VMnetuserif - ok
19:36:25.0563 12628 vmount2 (7becf16932abbcd71627c500e31a8be6) C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
19:36:25.0563 12628 vmount2 - ok
19:36:25.0579 12628 VMparport (4d5d23f9002744a59a047fe7a99ae91e) C:\Windows\system32\drivers\VMparport.sys
19:36:25.0579 12628 VMparport - ok
19:36:25.0594 12628 vmusb (0319956f52d04f7154bf692ee95f6b9f) C:\Windows\system32\Drivers\vmusb.sys
19:36:25.0594 12628 vmusb - ok
19:36:25.0594 12628 VMware NAT Service - ok
19:36:25.0610 12628 vmx86 (e460b045e06dd0652bf237909bf87568) C:\Windows\system32\drivers\vmx86.sys
19:36:25.0610 12628 vmx86 - ok
19:36:25.0626 12628 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
19:36:25.0626 12628 volmgr - ok
19:36:25.0641 12628 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
19:36:25.0657 12628 volmgrx - ok
19:36:25.0672 12628 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
19:36:25.0672 12628 volsnap - ok
19:36:25.0704 12628 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
19:36:25.0704 12628 vsmraid - ok
19:36:25.0766 12628 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
19:36:25.0797 12628 VSS - ok
19:36:25.0828 12628 vstor2 (27aefa452b63ae27cab446e8ffb64c9a) C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys
19:36:25.0828 12628 vstor2 - ok
19:36:25.0844 12628 vstor2-ws60 (d1c2e36483ae603f9ce3d4bf86516290) C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
19:36:25.0844 12628 vstor2-ws60 - ok
19:36:25.0922 12628 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
19:36:25.0922 12628 W32Time - ok
19:36:25.0984 12628 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
19:36:25.0984 12628 WacomPen - ok
19:36:26.0016 12628 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:36:26.0016 12628 Wanarp - ok
19:36:26.0016 12628 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:36:26.0016 12628 Wanarpv6 - ok
19:36:26.0328 12628 wbengine (48eee289df9e4989128b2283f3eeacc6) C:\Windows\system32\wbengine.exe
19:36:26.0359 12628 wbengine - ok
19:36:26.0390 12628 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
19:36:26.0406 12628 wcncsvc - ok
19:36:26.0421 12628 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
19:36:26.0421 12628 WcsPlugInService - ok
19:36:26.0468 12628 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
19:36:26.0468 12628 Wd - ok
19:36:26.0515 12628 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
19:36:26.0530 12628 Wdf01000 - ok
19:36:26.0546 12628 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:36:26.0546 12628 WdiServiceHost - ok
19:36:26.0546 12628 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:36:26.0546 12628 WdiSystemHost - ok
19:36:26.0562 12628 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
19:36:26.0562 12628 WebClient - ok
19:36:26.0608 12628 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
19:36:26.0608 12628 Wecsvc - ok
19:36:26.0624 12628 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
19:36:26.0624 12628 wercplsupport - ok
19:36:26.0640 12628 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
19:36:26.0640 12628 WerSvc - ok
19:36:26.0671 12628 whfltr2k (297b242a1a75baf5bb24530b3c31ec5a) C:\Windows\system32\DRIVERS\whfltr2k.sys
19:36:26.0671 12628 whfltr2k - ok
19:36:26.0702 12628 WinDefend - ok
19:36:26.0702 12628 WinHttpAutoProxySvc - ok
19:36:26.0749 12628 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
19:36:26.0764 12628 Winmgmt - ok
19:36:26.0874 12628 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
19:36:26.0936 12628 WinRM - ok
19:36:27.0014 12628 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
19:36:27.0030 12628 Wlansvc - ok
19:36:27.0342 12628 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:36:27.0373 12628 wlidsvc - ok
19:36:27.0435 12628 WmBEnum (e7f4937b613b1e4294100c9d4efc36a9) C:\Windows\system32\drivers\WmBEnum.sys
19:36:27.0435 12628 WmBEnum - ok
19:36:27.0435 12628 WmFilter (6f6f2b263002b243d3501c7e6c8fc11d) C:\Windows\system32\drivers\WmFilter.sys
19:36:27.0451 12628 WmFilter - ok
19:36:27.0466 12628 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
19:36:27.0466 12628 WmiAcpi - ok
19:36:27.0513 12628 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
19:36:27.0513 12628 wmiApSrv - ok
19:36:27.0544 12628 WMPNetworkSvc - ok
19:36:27.0560 12628 WmVirHid (52b4fcc6afaec0ffd80bda63f9b140cd) C:\Windows\system32\drivers\WmVirHid.sys
19:36:27.0560 12628 WmVirHid - ok
19:36:27.0576 12628 WmXlCore (395b3e7fba81bdc4501641b3b2cf2e20) C:\Windows\system32\drivers\WmXlCore.sys
19:36:27.0576 12628 WmXlCore - ok
19:36:27.0607 12628 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
19:36:27.0607 12628 WPCSvc - ok
19:36:27.0654 12628 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
19:36:27.0654 12628 WPDBusEnum - ok
19:36:27.0669 12628 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
19:36:27.0669 12628 WpdUsb - ok
19:36:27.0810 12628 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WP F\WPFFontCache_v0400.exe
19:36:27.0810 12628 WPFFontCache_v0400 - ok
19:36:27.0825 12628 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
19:36:27.0825 12628 ws2ifsl - ok
19:36:27.0856 12628 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
19:36:27.0856 12628 wscsvc - ok
19:36:27.0856 12628 WSearch - ok
19:36:27.0997 12628 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:36:28.0028 12628 wuauserv - ok
19:36:28.0090 12628 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:36:28.0090 12628 WUDFRd - ok
19:36:28.0106 12628 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
19:36:28.0106 12628 wudfsvc - ok
19:36:28.0122 12628 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:36:28.0278 12628 \Device\Harddisk0\DR0 - ok
19:36:28.0278 12628 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
19:36:28.0278 12628 \Device\Harddisk1\DR1 - ok
19:36:28.0278 12628 Boot (0x1200) (1a1b66e62ecdf31ddaa267e82d394518) \Device\Harddisk0\DR0\Partition0
19:36:28.0278 12628 \Device\Harddisk0\DR0\Partition0 - ok
19:36:28.0278 12628 Boot (0x1200) (6c46cc605eaf3af36fb3b38c9527f947) \Device\Harddisk1\DR1\Partition0
19:36:28.0278 12628 \Device\Harddisk1\DR1\Partition0 - ok
19:36:28.0278 12628 ================================================== ==========
19:36:28.0278 12628 Scan finished
19:36:28.0278 12628 ================================================== ==========
19:36:28.0278 13240 Detected object count: 1
19:36:28.0278 13240 Actual detected object count: 1
19:37:01.0240 13240 sptd ( LockedFile****lti.Generic ) - skipped by user
19:37:01.0240 13240 sptd ( LockedFile****lti.Generic ) - User select action: Skip
19:37:07.0278 7196 ================================================== ==========
19:37:07.0278 7196 Scan started
19:37:07.0278 7196 Mode: Manual;
19:37:07.0278 7196 ================================================== ==========
|
|
|
|
|
|
07-12-2012, 08:40 PM
|
#6
|
|
No reason to get excited
Join Date: May 2004
Location: Bingo, Bango, Bongo
Posts: 4,487
|
Re: I think I have a virus but am not sure and need help.
Kaspersky part 2.
Quote:
19:37:07.0527 7196 aawservice (17067069b9a7865028c1f2e6971d0ccc) C:\Program Files (x86)\Lavasoft\Ad-Aware\aawservice.exe
19:37:07.0527 7196 aawservice - ok
19:37:07.0558 7196 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
19:37:07.0558 7196 ACPI - ok
19:37:07.0652 7196 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
19:37:07.0652 7196 AdobeFlashPlayerUpdateSvc - ok
19:37:07.0699 7196 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
19:37:07.0699 7196 adp94xx - ok
19:37:07.0714 7196 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
19:37:07.0730 7196 adpahci - ok
19:37:07.0746 7196 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
19:37:07.0746 7196 adpu160m - ok
19:37:07.0761 7196 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
19:37:07.0761 7196 adpu320 - ok
19:37:07.0777 7196 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
19:37:07.0792 7196 AeLookupSvc - ok
19:37:07.0839 7196 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
19:37:07.0839 7196 AFD - ok
19:37:07.0855 7196 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
19:37:07.0855 7196 agp440 - ok
19:37:07.0886 7196 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
19:37:07.0886 7196 aic78xx - ok
19:37:07.0902 7196 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
19:37:07.0902 7196 ALG - ok
19:37:07.0917 7196 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
19:37:07.0917 7196 aliide - ok
19:37:07.0917 7196 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
19:37:07.0917 7196 amdide - ok
19:37:07.0933 7196 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
19:37:07.0933 7196 AmdK8 - ok
19:37:07.0995 7196 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:37:08.0011 7196 AntiVirSchedulerService - ok
19:37:08.0042 7196 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:37:08.0042 7196 AntiVirService - ok
19:37:08.0089 7196 Apache2.2 (375640f39f2d613b6fdcf8c2f956205a) c:\xampp\apache\bin\apache.exe
19:37:08.0089 7196 Apache2.2 - ok
19:37:08.0089 7196 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
19:37:08.0089 7196 Appinfo - ok
19:37:08.0136 7196 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:37:08.0136 7196 Apple Mobile Device - ok
19:37:08.0151 7196 AppMgmt (3da98c07b18a676180fe7eed924d1673) C:\Windows\System32\appmgmts.dll
19:37:08.0151 7196 AppMgmt - ok
19:37:08.0167 7196 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
19:37:08.0167 7196 arc - ok
19:37:08.0182 7196 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
19:37:08.0182 7196 arcsas - ok
19:37:08.0276 7196 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\as pnet_state.exe
19:37:08.0276 7196 aspnet_state - ok
19:37:08.0292 7196 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
19:37:08.0292 7196 AsyncMac - ok
19:37:08.0307 7196 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
19:37:08.0307 7196 atapi - ok
19:37:08.0338 7196 atksgt (09149d03629a44f4773e621c432d1d89) C:\Windows\system32\DRIVERS\atksgt.sys
19:37:08.0338 7196 atksgt - ok
19:37:08.0401 7196 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:37:08.0401 7196 AudioEndpointBuilder - ok
19:37:08.0401 7196 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:37:08.0401 7196 AudioSrv - ok
19:37:08.0448 7196 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:37:08.0448 7196 avgntflt - ok
19:37:08.0494 7196 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:37:08.0494 7196 avipbb - ok
19:37:08.0510 7196 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:37:08.0510 7196 avkmgr - ok
19:37:08.0541 7196 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
19:37:08.0557 7196 BFE - ok
19:37:08.0588 7196 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
19:37:08.0604 7196 BITS - ok
19:37:08.0635 7196 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
19:37:08.0635 7196 blbdrive - ok
19:37:08.0682 7196 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:37:08.0682 7196 Bonjour Service - ok
19:37:08.0713 7196 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
19:37:08.0713 7196 bowser - ok
19:37:08.0728 7196 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
19:37:08.0728 7196 BrFiltLo - ok
19:37:08.0744 7196 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
19:37:08.0744 7196 BrFiltUp - ok
19:37:08.0775 7196 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
19:37:08.0775 7196 Browser - ok
19:37:08.0791 7196 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
19:37:08.0791 7196 Brserid - ok
19:37:08.0806 7196 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
19:37:08.0806 7196 BrSerWdm - ok
19:37:08.0806 7196 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
19:37:08.0806 7196 BrUsbMdm - ok
19:37:08.0822 7196 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
19:37:08.0822 7196 BrUsbSer - ok
19:37:08.0838 7196 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
19:37:08.0838 7196 BTHMODEM - ok
19:37:08.0869 7196 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
19:37:08.0869 7196 cdfs - ok
19:37:08.0884 7196 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
19:37:08.0884 7196 cdrom - ok
19:37:08.0916 7196 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:37:08.0916 7196 CertPropSvc - ok
19:37:08.0916 7196 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
19:37:08.0916 7196 circlass - ok
19:37:08.0947 7196 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
19:37:08.0947 7196 CLFS - ok
19:37:08.0978 7196 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
19:37:08.0978 7196 clr_optimization_v2.0.50727_32 - ok
19:37:09.0009 7196 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe
19:37:09.0009 7196 clr_optimization_v2.0.50727_64 - ok
19:37:09.0056 7196 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
19:37:09.0056 7196 clr_optimization_v4.0.30319_32 - ok
19:37:09.0087 7196 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe
19:37:09.0087 7196 clr_optimization_v4.0.30319_64 - ok
19:37:09.0103 7196 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
19:37:09.0103 7196 cmdide - ok
19:37:09.0118 7196 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
19:37:09.0118 7196 Compbatt - ok
19:37:09.0118 7196 COMSysApp - ok
19:37:09.0118 7196 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
19:37:09.0118 7196 crcdisk - ok
19:37:09.0165 7196 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
19:37:09.0181 7196 CryptSvc - ok
19:37:09.0196 7196 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
19:37:09.0196 7196 CSC - ok
19:37:09.0243 7196 CscService (1b5f256d31836ed2ba60b3a6c800200c) C:\Windows\System32\cscsvc.dll
19:37:09.0243 7196 CscService - ok
19:37:09.0290 7196 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:37:09.0290 7196 DcomLaunch - ok
19:37:09.0352 7196 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
19:37:09.0352 7196 DfsC - ok
19:37:09.0493 7196 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
19:37:09.0508 7196 DFSR - ok
19:37:09.0586 7196 DgiVecp (cfbb4907c7542180b5e0282301240006) C:\Windows\system32\Drivers\DgiVecp.sys
19:37:09.0586 7196 DgiVecp - ok
19:37:09.0618 7196 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
19:37:09.0633 7196 Dhcp - ok
19:37:09.0633 7196 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
19:37:09.0633 7196 disk - ok
19:37:09.0664 7196 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
19:37:09.0664 7196 Dnscache - ok
19:37:09.0696 7196 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
19:37:09.0696 7196 dot3svc - ok
19:37:09.0727 7196 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
19:37:09.0727 7196 DPS - ok
19:37:09.0742 7196 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
19:37:09.0742 7196 drmkaud - ok
19:37:09.0805 7196 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
19:37:09.0805 7196 DXGKrnl - ok
19:37:09.0836 7196 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
19:37:09.0836 7196 E1G60 - ok
19:37:09.0852 7196 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
19:37:09.0852 7196 EapHost - ok
19:37:09.0867 7196 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
19:37:09.0867 7196 Ecache - ok
19:37:09.0898 7196 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
19:37:09.0898 7196 ehRecvr - ok
19:37:09.0914 7196 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
19:37:09.0914 7196 ehSched - ok
19:37:09.0930 7196 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
19:37:09.0930 7196 ehstart - ok
19:37:09.0945 7196 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
19:37:09.0945 7196 elxstor - ok
19:37:09.0992 7196 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
19:37:09.0992 7196 EMDMgmt - ok
19:37:10.0008 7196 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
19:37:10.0008 7196 ErrDev - ok
19:37:10.0039 7196 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
19:37:10.0039 7196 EventSystem - ok
19:37:10.0054 7196 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
19:37:10.0054 7196 exfat - ok
19:37:10.0086 7196 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
19:37:10.0086 7196 fastfat - ok
19:37:10.0117 7196 Fax (989a776a2ff32a148fcf15c44058b129) C:\Windows\system32\fxssvc.exe
19:37:10.0117 7196 Fax - ok
19:37:10.0132 7196 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
19:37:10.0132 7196 fdc - ok
19:37:10.0132 7196 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
19:37:10.0132 7196 fdPHost - ok
19:37:10.0148 7196 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
19:37:10.0148 7196 FDResPub - ok
19:37:10.0148 7196 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
19:37:10.0148 7196 FileInfo - ok
19:37:10.0164 7196 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
19:37:10.0164 7196 Filetrace - ok
19:37:10.0226 7196 FLEXnet Licensing Service (bb0667b0171b632b97ea759515476f07) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:37:10.0226 7196 FLEXnet Licensing Service - ok
19:37:10.0242 7196 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:37:10.0242 7196 flpydisk - ok
19:37:10.0273 7196 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
19:37:10.0273 7196 FltMgr - ok
19:37:10.0366 7196 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
19:37:10.0366 7196 FontCache - ok
19:37:10.0444 7196 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
19:37:10.0444 7196 FontCache3.0.0.0 - ok
19:37:10.0460 7196 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
19:37:10.0460 7196 Fs_Rec - ok
19:37:10.0476 7196 fvevol (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys
19:37:10.0476 7196 fvevol - ok
19:37:10.0491 7196 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
19:37:10.0491 7196 gagp30kx - ok
19:37:10.0522 7196 gdrv (f51fb25e1328fa14f446a8b24ac52709) C:\Windows\gdrv.sys
19:37:10.0522 7196 gdrv - ok
19:37:10.0554 7196 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:37:10.0554 7196 GEARAspiWDM - ok
19:37:10.0600 7196 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
19:37:10.0600 7196 gpsvc - ok
19:37:10.0678 7196 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:37:10.0678 7196 gupdate - ok
19:37:10.0694 7196 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:37:10.0694 7196 gupdatem - ok
19:37:10.0710 7196 hcmon (4c54f6bbe63e0c037d3c1fe06a9fa3db) C:\Windows\system32\drivers\hcmon.sys
19:37:10.0710 7196 hcmon - ok
19:37:10.0725 7196 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
19:37:10.0741 7196 HdAudAddService - ok
19:37:10.0772 7196 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:37:10.0788 7196 HDAudBus - ok
19:37:10.0803 7196 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
19:37:10.0803 7196 HidBth - ok
19:37:10.0819 7196 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
19:37:10.0819 7196 HidIr - ok
19:37:10.0834 7196 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
19:37:10.0834 7196 hidserv - ok
19:37:10.0850 7196 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
19:37:10.0850 7196 HidUsb - ok
19:37:10.0881 7196 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
19:37:10.0881 7196 hkmsvc - ok
19:37:10.0897 7196 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
19:37:10.0897 7196 HpCISSs - ok
19:37:10.0959 7196 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
19:37:10.0959 7196 HTTP - ok
19:37:10.0975 7196 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
19:37:10.0975 7196 i2omp - ok
19:37:10.0990 7196 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
19:37:10.0990 7196 i8042prt - ok
19:37:11.0006 7196 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
19:37:11.0006 7196 iaStorV - ok
19:37:11.0068 7196 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:37:11.0068 7196 IDriverT - ok
19:37:11.0146 7196 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:37:11.0146 7196 idsvc - ok
19:37:11.0193 7196 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
19:37:11.0193 7196 iirsp - ok
19:37:11.0224 7196 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
19:37:11.0240 7196 IKEEXT - ok
19:37:11.0240 7196 IntcAzAudAddService - ok
19:37:11.0240 7196 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
19:37:11.0240 7196 intelide - ok
19:37:11.0256 7196 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
19:37:11.0256 7196 intelppm - ok
19:37:11.0271 7196 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
19:37:11.0271 7196 IPBusEnum - ok
19:37:11.0287 7196 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:37:11.0287 7196 IpFilterDriver - ok
19:37:11.0334 7196 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
19:37:11.0349 7196 iphlpsvc - ok
19:37:11.0349 7196 IpInIp - ok
19:37:11.0380 7196 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
19:37:11.0380 7196 IPMIDRV - ok
19:37:11.0396 7196 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
19:37:11.0396 7196 IPNAT - ok
19:37:11.0458 7196 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files (x86)\iPod\bin\iPodService.exe
19:37:11.0458 7196 iPod Service - ok
19:37:11.0474 7196 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
19:37:11.0474 7196 IRENUM - ok
19:37:11.0490 7196 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
19:37:11.0490 7196 isapnp - ok
19:37:11.0505 7196 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
19:37:11.0505 7196 iScsiPrt - ok
19:37:11.0521 7196 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
19:37:11.0521 7196 iteatapi - ok
19:37:11.0536 7196 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
19:37:11.0536 7196 iteraid - ok
19:37:11.0568 7196 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
19:37:11.0568 7196 kbdclass - ok
19:37:11.0583 7196 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
19:37:11.0583 7196 kbdhid - ok
19:37:11.0630 7196 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:37:11.0630 7196 KeyIso - ok
19:37:11.0677 7196 KSecDD (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys
19:37:11.0677 7196 KSecDD - ok
19:37:11.0677 7196 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
19:37:11.0677 7196 ksthunk - ok
19:37:11.0708 7196 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
19:37:11.0708 7196 KtmRm - ok
19:37:11.0739 7196 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
19:37:11.0739 7196 LanmanServer - ok
19:37:11.0755 7196 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
19:37:11.0770 7196 LanmanWorkstation - ok
19:37:11.0786 7196 LicCtrlService (47901eadca0971a997ed926f0ec316c4) C:\Windows\runservice.exe
19:37:11.0786 7196 LicCtrlService - ok
19:37:11.0786 7196 lilsgt - ok
19:37:11.0817 7196 lirsgt (5ea407821bb3104c31a705175ab4f309) C:\Windows\system32\DRIVERS\lirsgt.sys
19:37:11.0817 7196 lirsgt - ok
19:37:11.0833 7196 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
19:37:11.0833 7196 lltdio - ok
19:37:11.0848 7196 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
19:37:11.0864 7196 lltdsvc - ok
19:37:11.0864 7196 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
19:37:11.0864 7196 lmhosts - ok
19:37:11.0880 7196 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
19:37:11.0880 7196 LSI_FC - ok
19:37:11.0895 7196 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
19:37:11.0895 7196 LSI_SAS - ok
19:37:11.0926 7196 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
19:37:11.0926 7196 LSI_SCSI - ok
19:37:11.0942 7196 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
19:37:11.0942 7196 luafv - ok
19:37:11.0989 7196 LVCOMSer (9c6fea1c7024fc81cf09cfdca4cce978) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe
19:37:11.0989 7196 LVCOMSer - ok
19:37:12.0004 7196 LVPr2M64 (247e95b54752a792d45a360c9c31b55b) C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:37:12.0004 7196 LVPr2M64 - ok
19:37:12.0004 7196 LVPr2Mon (247e95b54752a792d45a360c9c31b55b) C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:37:12.0004 7196 LVPr2Mon - ok
19:37:12.0020 7196 LVPrcS64 (d39fbb1d740aee8a5f8d655a8dcc2002) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:37:12.0020 7196 LVPrcS64 - ok
19:37:12.0036 7196 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys
19:37:12.0036 7196 LVUSBS64 - ok
19:37:12.0114 7196 lxecCATSCustConnectService (7be83d72fd34881841e9ab5af536d296) C:\Windows\system32\spool\DRIVERS\x64\3\\lxecserv. exe
19:37:12.0114 7196 lxecCATSCustConnectService - ok
19:37:12.0114 7196 lxec_device - ok
19:37:12.0192 7196 McAfee SiteAdvisor Service (b891e3920f24ff1a3bead6cd2b42ed99) C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
19:37:12.0192 7196 McAfee SiteAdvisor Service - ok
19:37:12.0192 7196 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
19:37:12.0207 7196 Mcx2Svc - ok
19:37:12.0223 7196 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
19:37:12.0223 7196 megasas - ok
19:37:12.0254 7196 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
19:37:12.0254 7196 MegaSR - ok
19:37:12.0316 7196 Microsoft SharePoint Workspace Audit Service - ok
19:37:12.0332 7196 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:37:12.0332 7196 MMCSS - ok
19:37:12.0348 7196 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
19:37:12.0348 7196 Modem - ok
19:37:12.0363 7196 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
19:37:12.0363 7196 monitor - ok
19:37:12.0394 7196 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
19:37:12.0394 7196 mouclass - ok
19:37:12.0410 7196 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
19:37:12.0410 7196 mouhid - ok
19:37:12.0426 7196 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
19:37:12.0426 7196 MountMgr - ok
19:37:12.0472 7196 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:37:12.0472 7196 MozillaMaintenance - ok
19:37:12.0488 7196 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
19:37:12.0488 7196 mpio - ok
19:37:12.0504 7196 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
19:37:12.0504 7196 mpsdrv - ok
19:37:12.0550 7196 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
19:37:12.0550 7196 MpsSvc - ok
19:37:12.0582 7196 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
19:37:12.0582 7196 Mraid35x - ok
19:37:12.0597 7196 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
19:37:12.0597 7196 MRxDAV - ok
19:37:12.0644 7196 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:37:12.0644 7196 mrxsmb - ok
19:37:12.0691 7196 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:37:12.0706 7196 mrxsmb10 - ok
19:37:12.0706 7196 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:37:12.0706 7196 mrxsmb20 - ok
19:37:12.0722 7196 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
19:37:12.0722 7196 msahci - ok
19:37:12.0738 7196 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
19:37:12.0738 7196 msdsm - ok
19:37:12.0753 7196 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
19:37:12.0753 7196 MSDTC - ok
19:37:12.0769 7196 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
19:37:12.0769 7196 Msfs - ok
19:37:12.0784 7196 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
19:37:12.0784 7196 msisadrv - ok
19:37:12.0800 7196 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
19:37:12.0800 7196 MSiSCSI - ok
19:37:12.0800 7196 msiserver - ok
19:37:12.0816 7196 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
19:37:12.0816 7196 MSKSSRV - ok
19:37:12.0831 7196 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
19:37:12.0831 7196 MSPCLOCK - ok
19:37:12.0831 7196 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
19:37:12.0831 7196 MSPQM - ok
19:37:12.0862 7196 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
19:37:12.0862 7196 MsRPC - ok
19:37:12.0862 7196 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
19:37:12.0862 7196 mssmbios - ok
19:37:12.0878 7196 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
19:37:12.0878 7196 MSTEE - ok
19:37:12.0878 7196 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
19:37:12.0878 7196 Mup - ok
19:37:12.0909 7196 mysql - ok
19:37:12.0940 7196 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
19:37:12.0940 7196 napagent - ok
19:37:12.0972 7196 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
19:37:12.0972 7196 NativeWifiP - ok
19:37:13.0018 7196 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
19:37:13.0018 7196 NDIS - ok
19:37:13.0034 7196 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
19:37:13.0034 7196 NdisTapi - ok
19:37:13.0050 7196 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
19:37:13.0050 7196 Ndisuio - ok
19:37:13.0065 7196 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
19:37:13.0065 7196 NdisWan - ok
19:37:13.0081 7196 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
19:37:13.0081 7196 NDProxy - ok
19:37:13.0081 7196 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
19:37:13.0096 7196 NetBIOS - ok
19:37:13.0112 7196 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
19:37:13.0112 7196 netbt - ok
19:37:13.0159 7196 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:37:13.0159 7196 Netlogon - ok
19:37:13.0190 7196 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
19:37:13.0190 7196 Netman - ok
19:37:13.0268 7196 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
19:37:13.0268 7196 NetMsmqActivator - ok
19:37:13.0268 7196 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
19:37:13.0268 7196 NetPipeActivator - ok
19:37:13.0299 7196 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
19:37:13.0299 7196 netprofm - ok
19:37:13.0299 7196 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
19:37:13.0299 7196 NetTcpActivator - ok
19:37:13.0299 7196 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
19:37:13.0299 7196 NetTcpPortSharing - ok
19:37:13.0330 7196 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
19:37:13.0330 7196 nfrd960 - ok
19:37:13.0346 7196 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
19:37:13.0346 7196 NlaSvc - ok
19:37:13.0362 7196 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
19:37:13.0362 7196 Npfs - ok
19:37:13.0362 7196 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
19:37:13.0362 7196 nsi - ok
19:37:13.0377 7196 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
19:37:13.0377 7196 nsiproxy - ok
19:37:13.0440 7196 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
19:37:13.0455 7196 Ntfs - ok
19:37:13.0518 7196 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
19:37:13.0518 7196 Null - ok
19:37:14.0048 7196 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:37:14.0110 7196 nvlddmkm - ok
19:37:14.0204 7196 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
19:37:14.0204 7196 nvraid - ok
19:37:14.0220 7196 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
19:37:14.0220 7196 nvstor - ok
19:37:14.0298 7196 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
19:37:14.0298 7196 nvsvc - ok
19:37:14.0500 7196 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
19:37:14.0516 7196 nvUpdatusService - ok
19:37:14.0578 7196 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
19:37:14.0578 7196 nv_agp - ok
19:37:14.0578 7196 NwlnkFlt - ok
19:37:14.0578 7196 NwlnkFwd - ok
19:37:14.0594 7196 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
19:37:14.0594 7196 ohci1394 - ok
19:37:14.0641 7196 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:37:14.0641 7196 ose - ok
19:37:14.0890 7196 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
19:37:14.0906 7196 osppsvc - ok
19:37:14.0984 7196 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:37:14.0984 7196 p2pimsvc - ok
19:37:14.0984 7196 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:37:15.0000 7196 p2psvc - ok
19:37:15.0031 7196 Parport (4c6a7fd04ddf4db88791048382e3edb1) C:\Windows\system32\DRIVERS\parport.sys
19:37:15.0031 7196 Parport - ok
19:37:15.0078 7196 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
19:37:15.0078 7196 partmgr - ok
19:37:15.0093 7196 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
19:37:15.0093 7196 PcaSvc - ok
19:37:15.0124 7196 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
19:37:15.0124 7196 pci - ok
19:37:15.0124 7196 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
19:37:15.0124 7196 pciide - ok
19:37:15.0156 7196 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
19:37:15.0156 7196 pcmcia - ok
19:37:15.0187 7196 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
19:37:15.0202 7196 PEAUTH - ok
19:37:15.0249 7196 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
19:37:15.0249 7196 PerfHost - ok
19:37:15.0312 7196 pgsql-8.2 (ec1176abea279b14bd48b89ff0b65020) C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe
19:37:15.0312 7196 pgsql-8.2 - ok
19:37:15.0452 7196 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS
19:37:15.0468 7196 PID_PEPI - ok
19:37:15.0592 7196 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
19:37:15.0592 7196 pla - ok
19:37:15.0624 7196 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
19:37:15.0624 7196 PlugPlay - ok
19:37:15.0624 7196 PnkBstrA - ok
19:37:15.0624 7196 PnkBstrB - ok
19:37:15.0686 7196 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:37:15.0686 7196 PNRPAutoReg - ok
19:37:15.0686 7196 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:37:15.0702 7196 PNRPsvc - ok
19:37:15.0733 7196 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
19:37:15.0733 7196 PolicyAgent - ok
19:37:15.0764 7196 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
19:37:15.0764 7196 PptpMiniport - ok
19:37:15.0795 7196 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
19:37:15.0795 7196 Processor - ok
19:37:15.0811 7196 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
19:37:15.0811 7196 ProfSvc - ok
19:37:15.0858 7196 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:37:15.0858 7196 ProtectedStorage - ok
19:37:15.0889 7196 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
19:37:15.0889 7196 PSched - ok
19:37:15.0951 7196 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
19:37:15.0951 7196 ql2300 - ok
19:37:15.0967 7196 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
19:37:15.0967 7196 ql40xx - ok
19:37:15.0998 7196 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
19:37:15.0998 7196 QWAVE - ok
19:37:16.0014 7196 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
19:37:16.0014 7196 QWAVEdrv - ok
19:37:16.0014 7196 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
19:37:16.0014 7196 RasAcd - ok
19:37:16.0029 7196 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
19:37:16.0029 7196 RasAuto - ok
19:37:16.0045 7196 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:37:16.0045 7196 Rasl2tp - ok
19:37:16.0060 7196 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
19:37:16.0060 7196 RasMan - ok
19:37:16.0076 7196 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
19:37:16.0076 7196 RasPppoe - ok
19:37:16.0107 7196 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
19:37:16.0107 7196 RasSstp - ok
19:37:16.0138 7196 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
19:37:16.0138 7196 rdbss - ok
19:37:16.0154 7196 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:37:16.0154 7196 RDPCDD - ok
19:37:16.0185 7196 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
19:37:16.0185 7196 rdpdr - ok
19:37:16.0185 7196 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
19:37:16.0185 7196 RDPENCDD - ok
19:37:16.0232 7196 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
19:37:16.0232 7196 RDPWD - ok
19:37:16.0263 7196 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
19:37:16.0263 7196 RemoteAccess - ok
19:37:16.0279 7196 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
19:37:16.0279 7196 RemoteRegistry - ok
19:37:16.0294 7196 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
19:37:16.0294 7196 RpcLocator - ok
19:37:16.0357 7196 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:37:16.0357 7196 RpcSs - ok
19:37:16.0357 7196 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
19:37:16.0357 7196 rspndr - ok
19:37:16.0388 7196 RTL8169 (bfeb9c99ae9ae0c635ac1dc38a2b2f1d) C:\Windows\system32\DRIVERS\Rtlh64.sys
19:37:16.0388 7196 RTL8169 - ok
19:37:16.0435 7196 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:37:16.0435 7196 SamSs - ok
19:37:16.0466 7196 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
19:37:16.0466 7196 SASDIFSV - ok
19:37:16.0482 7196 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
19:37:16.0482 7196 SASENUM - ok
19:37:16.0497 7196 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys
19:37:16.0497 7196 SASKUTIL - ok
19:37:16.0544 7196 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
19:37:16.0544 7196 sbp2port - ok
19:37:16.0575 7196 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
19:37:16.0575 7196 SCardSvr - ok
19:37:16.0638 7196 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
19:37:16.0638 7196 Schedule - ok
19:37:16.0669 7196 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:37:16.0669 7196 SCPolicySvc - ok
19:37:16.0684 7196 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
19:37:16.0684 7196 SDRSVC - ok
19:37:16.0684 7196 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:37:16.0700 7196 secdrv - ok
19:37:16.0700 7196 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
19:37:16.0700 7196 seclogon - ok
19:37:16.0716 7196 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
19:37:16.0716 7196 SENS - ok
19:37:16.0731 7196 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
19:37:16.0731 7196 Serenum - ok
19:37:16.0747 7196 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
19:37:16.0747 7196 Serial - ok
19:37:16.0762 7196 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
19:37:16.0762 7196 sermouse - ok
19:37:16.0778 7196 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
19:37:16.0778 7196 SessionEnv - ok
19:37:16.0794 7196 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
19:37:16.0794 7196 sffdisk - ok
19:37:16.0794 7196 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
19:37:16.0794 7196 sffp_mmc - ok
19:37:16.0809 7196 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
19:37:16.0809 7196 sffp_sd - ok
19:37:16.0809 7196 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
19:37:16.0809 7196 sfloppy - ok
19:37:16.0840 7196 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
19:37:16.0856 7196 SharedAccess - ok
19:37:16.0903 7196 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
19:37:16.0918 7196 ShellHWDetection - ok
19:37:16.0918 7196 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
19:37:16.0918 7196 SiSRaid2 - ok
19:37:16.0934 7196 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
19:37:16.0934 7196 SiSRaid4 - ok
19:37:17.0059 7196 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
19:37:17.0074 7196 slsvc - ok
19:37:17.0137 7196 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
19:37:17.0137 7196 SLUINotify - ok
19:37:17.0184 7196 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
19:37:17.0184 7196 Smb - ok
19:37:17.0199 7196 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
19:37:17.0199 7196 SNMPTRAP - ok
19:37:17.0215 7196 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
19:37:17.0215 7196 spldr - ok
19:37:17.0246 7196 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
19:37:17.0246 7196 Spooler - ok
19:37:17.0293 7196 sptd (9ab59cf736981ed1f83c6ab5faa8ba5c) C:\Windows\system32\Drivers\sptd.sys
19:37:17.0293 7196 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 9ab59cf736981ed1f83c6ab5faa8ba5c
19:37:17.0293 7196 sptd ( LockedFile****lti.Generic ) - warning
19:37:17.0293 7196 sptd - detected LockedFile****lti.Generic (1)
19:37:17.0355 7196 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
19:37:17.0355 7196 srv - ok
19:37:17.0402 7196 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
19:37:17.0402 7196 srv2 - ok
19:37:17.0449 7196 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
19:37:17.0449 7196 srvnet - ok
19:37:17.0464 7196 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
19:37:17.0464 7196 SSDPSRV - ok
19:37:17.0511 7196 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
19:37:17.0511 7196 SSPORT - ok
19:37:17.0527 7196 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
19:37:17.0527 7196 SstpSvc - ok
19:37:17.0620 7196 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:37:17.0620 7196 Stereo Service - ok
19:37:17.0667 7196 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
19:37:17.0667 7196 stisvc - ok
19:37:17.0683 7196 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
19:37:17.0683 7196 swenum - ok
19:37:17.0714 7196 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
19:37:17.0714 7196 swprv - ok
19:37:17.0730 7196 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
19:37:17.0730 7196 Symc8xx - ok
19:37:17.0745 7196 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
19:37:17.0745 7196 Sym_hi - ok
19:37:17.0761 7196 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
19:37:17.0761 7196 Sym_u3 - ok
19:37:17.0823 7196 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
19:37:17.0823 7196 SysMain - ok
19:37:17.0854 7196 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
19:37:17.0854 7196 TabletInputService - ok
19:37:17.0870 7196 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
19:37:17.0870 7196 TapiSrv - ok
19:37:17.0917 7196 tbhsd (5dcea09ceabd027a61ca634de3035dab) C:\Windows\system32\drivers\tbhsd.sys
19:37:17.0917 7196 tbhsd - ok
19:37:17.0932 7196 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
19:37:17.0932 7196 TBS - ok
19:37:18.0042 7196 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
19:37:18.0042 7196 Tcpip - ok
19:37:18.0151 7196 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
19:37:18.0166 7196 Tcpip6 - ok
19:37:18.0198 7196 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
19:37:18.0198 7196 tcpipreg - ok
19:37:18.0229 7196 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
19:37:18.0229 7196 TDPIPE - ok
19:37:18.0244 7196 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
19:37:18.0244 7196 TDTCP - ok
19:37:18.0260 7196 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
19:37:18.0260 7196 tdx - ok
19:37:18.0276 7196 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
19:37:18.0276 7196 TermDD - ok
19:37:18.0322 7196 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
19:37:18.0322 7196 TermService - ok
19:37:18.0354 7196 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
19:37:18.0369 7196 Themes - ok
19:37:18.0369 7196 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:37:18.0385 7196 THREADORDER - ok
19:37:18.0400 7196 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
19:37:18.0400 7196 TrkWks - ok
19:37:18.0432 7196 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
19:37:18.0432 7196 TrustedInstaller - ok
19:37:18.0432 7196 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:37:18.0432 7196 tssecsrv - ok
19:37:18.0447 7196 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
19:37:18.0447 7196 tunmp - ok
19:37:18.0510 7196 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
19:37:18.0510 7196 tunnel - ok
19:37:18.0525 7196 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
19:37:18.0525 7196 uagp35 - ok
19:37:18.0556 7196 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
19:37:18.0556 7196 udfs - ok
19:37:18.0634 7196 ufad-ws60 (600b573258ac4c868590936804efe034) C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
19:37:18.0634 7196 ufad-ws60 - ok
19:37:18.0650 7196 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
19:37:18.0650 7196 UI0Detect - ok
19:37:18.0666 7196 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
19:37:18.0666 7196 uliagpkx - ok
19:37:18.0681 7196 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
19:37:18.0681 7196 uliahci - ok
19:37:18.0712 7196 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
19:37:18.0712 7196 UlSata - ok
19:37:18.0728 7196 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
19:37:18.0728 7196 ulsata2 - ok
19:37:18.0744 7196 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
19:37:18.0744 7196 umbus - ok
19:37:18.0775 7196 UmRdpService (dc5e34f189b827199b9cc8481c648269) C:\Windows\System32\umrdp.dll
19:37:18.0775 7196 UmRdpService - ok
19:37:18.0790 7196 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
19:37:18.0790 7196 upnphost - ok
19:37:18.0806 7196 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
19:37:18.0806 7196 usbccgp - ok
19:37:18.0837 7196 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
19:37:18.0837 7196 usbcir - ok
19:37:18.0853 7196 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
19:37:18.0853 7196 usbehci - ok
19:37:18.0884 7196 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
19:37:18.0884 7196 usbhub - ok
19:37:18.0900 7196 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
19:37:18.0900 7196 usbohci - ok
19:37:18.0915 7196 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
19:37:18.0915 7196 usbprint - ok
19:37:18.0962 7196 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
19:37:18.0962 7196 usbscan - ok
19:37:18.0962 7196 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:37:18.0978 7196 USBSTOR - ok
19:37:18.0993 7196 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
19:37:18.0993 7196 usbuhci - ok
19:37:19.0009 7196 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
19:37:19.0009 7196 UxSms - ok
19:37:19.0040 7196 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
19:37:19.0056 7196 vds - ok
19:37:19.0056 7196 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
19:37:19.0056 7196 vga - ok
19:37:19.0071 7196 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
19:37:19.0071 7196 VgaSave - ok
19:37:19.0087 7196 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
19:37:19.0087 7196 viaide - ok
19:37:19.0149 7196 VMAuthdService (557a2b18fe116161a6f24f0f4c5c9a85) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
19:37:19.0149 7196 VMAuthdService - ok
19:37:19.0165 7196 vmkbd (09d7fc568fb7d72caa83165b1b2b1ce7) C:\Windows\system32\drivers\VMkbd.sys
19:37:19.0165 7196 vmkbd - ok
19:37:19.0180 7196 VMnetAdapter (b19471788066b717d3d621fbd0d7a996) C:\Windows\system32\DRIVERS\vmnetadapter.sys
19:37:19.0180 7196 VMnetAdapter - ok
19:37:19.0196 7196 VMnetBridge (878c11e87fa0ed9e4530cc204fc147fc) C:\Windows\system32\DRIVERS\vmnetbridge.sys
19:37:19.0196 7196 VMnetBridge - ok
19:37:19.0196 7196 VMnetDHCP - ok
19:37:19.0212 7196 VMnetuserif (23dafd1df5866673a71e8e02ef48cb8e) C:\Windows\system32\drivers\vmnetuserif.sys
19:37:19.0212 7196 VMnetuserif - ok
19:37:19.0243 7196 vmount2 (7becf16932abbcd71627c500e31a8be6) C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
19:37:19.0243 7196 vmount2 - ok
19:37:19.0243 7196 VMparport (4d5d23f9002744a59a047fe7a99ae91e) C:\Windows\system32\drivers\VMparport.sys
19:37:19.0243 7196 VMparport - ok
19:37:19.0274 7196 vmusb (0319956f52d04f7154bf692ee95f6b9f) C:\Windows\system32\Drivers\vmusb.sys
19:37:19.0274 7196 vmusb - ok
19:37:19.0274 7196 VMware NAT Service - ok
19:37:19.0290 7196 vmx86 (e460b045e06dd0652bf237909bf87568) C:\Windows\system32\drivers\vmx86.sys
19:37:19.0290 7196 vmx86 - ok
19:37:19.0305 7196 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
19:37:19.0305 7196 volmgr - ok
19:37:19.0336 7196 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
19:37:19.0336 7196 volmgrx - ok
19:37:19.0383 7196 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
19:37:19.0383 7196 volsnap - ok
19:37:19.0399 7196 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
19:37:19.0399 7196 vsmraid - ok
19:37:19.0477 7196 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
19:37:19.0477 7196 VSS - ok
19:37:19.0524 7196 vstor2 (27aefa452b63ae27cab446e8ffb64c9a) C:\Program Files (x86)\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys
19:37:19.0524 7196 vstor2 - ok
19:37:19.0539 7196 vstor2-ws60 (d1c2e36483ae603f9ce3d4bf86516290) C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
19:37:19.0539 7196 vstor2-ws60 - ok
19:37:19.0617 7196 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
19:37:19.0633 7196 W32Time - ok
19:37:19.0648 7196 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
19:37:19.0648 7196 WacomPen - ok
19:37:19.0664 7196 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:37:19.0664 7196 Wanarp - ok
19:37:19.0680 7196 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:37:19.0680 7196 Wanarpv6 - ok
19:37:19.0726 7196 wbengine (48eee289df9e4989128b2283f3eeacc6) C:\Windows\system32\wbengine.exe
19:37:19.0726 7196 wbengine - ok
19:37:19.0758 7196 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
19:37:19.0758 7196 wcncsvc - ok
19:37:19.0789 7196 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
19:37:19.0789 7196 WcsPlugInService - ok
19:37:19.0804 7196 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
19:37:19.0804 7196 Wd - ok
19:37:19.0851 7196 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
19:37:19.0851 7196 Wdf01000 - ok
19:37:19.0867 7196 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:37:19.0867 7196 WdiServiceHost - ok
19:37:19.0867 7196 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:37:19.0867 7196 WdiSystemHost - ok
19:37:19.0882 7196 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
19:37:19.0882 7196 WebClient - ok
19:37:19.0914 7196 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
19:37:19.0929 7196 Wecsvc - ok
19:37:19.0929 7196 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
19:37:19.0945 7196 wercplsupport - ok
19:37:19.0945 7196 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
19:37:19.0960 7196 WerSvc - ok
19:37:19.0976 7196 whfltr2k (297b242a1a75baf5bb24530b3c31ec5a) C:\Windows\system32\DRIVERS\whfltr2k.sys
19:37:19.0976 7196 whfltr2k - ok
19:37:19.0992 7196 WinDefend - ok
19:37:19.0992 7196 WinHttpAutoProxySvc - ok
19:37:20.0054 7196 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
19:37:20.0054 7196 Winmgmt - ok
19:37:20.0163 7196 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
19:37:20.0179 7196 WinRM - ok
19:37:20.0257 7196 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
19:37:20.0257 7196 Wlansvc - ok
19:37:20.0428 7196 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:37:20.0428 7196 wlidsvc - ok
19:37:20.0491 7196 WmBEnum (e7f4937b613b1e4294100c9d4efc36a9) C:\Windows\system32\drivers\WmBEnum.sys
19:37:20.0491 7196 WmBEnum - ok
19:37:20.0506 7196 WmFilter (6f6f2b263002b243d3501c7e6c8fc11d) C:\Windows\system32\drivers\WmFilter.sys
19:37:20.0506 7196 WmFilter - ok
19:37:20.0522 7196 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
19:37:20.0522 7196 WmiAcpi - ok
19:37:20.0584 7196 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
19:37:20.0584 7196 wmiApSrv - ok
19:37:20.0616 7196 WMPNetworkSvc - ok
19:37:20.0616 7196 WmVirHid (52b4fcc6afaec0ffd80bda63f9b140cd) C:\Windows\system32\drivers\WmVirHid.sys
19:37:20.0616 7196 WmVirHid - ok
19:37:20.0647 7196 WmXlCore (395b3e7fba81bdc4501641b3b2cf2e20) C:\Windows\system32\drivers\WmXlCore.sys
19:37:20.0647 7196 WmXlCore - ok
19:37:20.0678 7196 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
19:37:20.0678 7196 WPCSvc - ok
19:37:20.0709 7196 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
19:37:20.0725 7196 WPDBusEnum - ok
19:37:20.0740 7196 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
19:37:20.0740 7196 WpdUsb - ok
19:37:20.0865 7196 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WP F\WPFFontCache_v0400.exe
19:37:20.0865 7196 WPFFontCache_v0400 - ok
19:37:20.0896 7196 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
19:37:20.0896 7196 ws2ifsl - ok
19:37:20.0912 7196 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
19:37:20.0912 7196 wscsvc - ok
19:37:20.0928 7196 WSearch - ok
19:37:21.0068 7196 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:37:21.0084 7196 wuauserv - ok
19:37:21.0162 7196 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:37:21.0162 7196 WUDFRd - ok
19:37:21.0177 7196 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
19:37:21.0193 7196 wudfsvc - ok
19:37:21.0193 7196 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:37:21.0349 7196 \Device\Harddisk0\DR0 - ok
19:37:21.0349 7196 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
19:37:21.0349 7196 \Device\Harddisk1\DR1 - ok
19:37:21.0349 7196 Boot (0x1200) (1a1b66e62ecdf31ddaa267e82d394518) \Device\Harddisk0\DR0\Partition0
19:37:21.0349 7196 \Device\Harddisk0\DR0\Partition0 - ok
19:37:21.0349 7196 Boot (0x1200) (6c46cc605eaf3af36fb3b38c9527f947) \Device\Harddisk1\DR1\Partition0
19:37:21.0349 7196 \Device\Harddisk1\DR1\Partition0 - ok
19:37:21.0349 7196 ================================================== ==========
19:37:21.0349 7196 Scan finished
19:37:21.0349 7196 ================================================== ==========
19:37:21.0364 14016 Detected object count: 1
19:37:21.0364 14016 Actual detected object count: 1
19:37:51.0195 14016 sptd ( LockedFile****lti.Generic ) - skipped by user
19:37:51.0195 14016 sptd ( LockedFile****lti.Generic ) - User select action: Skip
|
|
|
|
|
|
07-13-2012, 03:23 AM
|
#7
|
|
Malware Jedi
Join Date: Oct 2007
Location: In front of my monitor
Posts: 12,972
|
Re: I think I have a virus but am not sure and need help.
It's OK to skip that "threat". This file is often locked.
Please download CKScanner by askey127 from here and save it to your desktop.
- Doubleclick CKScanner.exe and click Search For Files.
- After a very short time, when the cursor hourglass disappears, click Save List To File.
- A message box will verify that the file is saved.
- Please copy the contents of the CKFiles.txt file on your desktop and paste it into your next reply.
|
|
|
|
|
07-13-2012, 05:25 PM
|
#8
|
|
No reason to get excited
Join Date: May 2004
Location: Bingo, Bango, Bongo
Posts: 4,487
|
Re: I think I have a virus but am not sure and need help.
CKScanner - Additional Security Risks - These are not necessarily bad
c:\nate\adobe acrobat 9 pro extended\crack\keygen.only-edge\adobe.acrobat.v9.0.pro.extended.incl.keygen.o nly-edge\edgeiso.nfo
c:\nate\adobe illustrator cs3\crack\illustrator.exe
c:\nate\adobe illustrator cs3\crack\instruction.txt
c:\nate\limewire\guitar pro 4.1.0 + keygen.zip
c:\nate\tunebite.platnium.v5.0.330.12-yag\yagtbp5a\crack\serial.txt
c:\program files (x86)\rvg software\holdem manager\keygenerateclasslibrary.dll
c:\rosetta stone\rosetta stone v3.3.7.iso + mac crack.zip
c:\rosetta stone\rosetta stone v3.3.7 (hybrid mac_win) + mac crack\._rs crack.dmg
c:\rosetta stone\rosetta stone v3.3.7 (hybrid mac_win) + mac crack\rs application v3.3.7 (mac-win hybrid).iso
c:\rosetta stone\rosetta stone v3.3.7 (hybrid mac_win) + mac crack\rs crack.dmg
c:\torrents\books\4001_ebooks\crack in the cosmic egg - mike resnick.epub
c:\torrents\books\4001_ebooks\crackers - jerry oltion.epub
c:\torrents\books\4001_ebooks\the mirror crack's from side to side - christie_ agatha.epub
c:\torrents\software\scientific notebook 5.5\crack\scinoteb.exe
c:\users\nate\desktop\docs\keygens.txt
c:\users\nate\favorites\personal toolbar folder\forums\deucescracked.url
c:\windows\setup\scripts\biestart.exe
c:\xampp\php\ext\php_crack.dll
scanner sequence 3.KG.11.PTNAOU
----- EOF -----
|
|
|
|
|
07-14-2012, 02:49 AM
|
#9
|
|
veteran
Join Date: Oct 2011
Posts: 2,361
|
Re: I think I have a virus but am not sure and need help.
Good lord man, a keylogger wouldn't surprise me a bit with those habits.
Fwiw if you're a student, you can subscribe to the entire Adobe CS6 Creative suite for $30 a month ($50 if not). Has Illustrator, Acrobat Pro X plus a ton of their other programs and you get upgrades to new versions automatically.
|
|
|
|
|
07-14-2012, 09:35 AM
|
#10
|
|
Malware Jedi
Join Date: Oct 2007
Location: In front of my monitor
Posts: 12,972
|
Re: I think I have a virus but am not sure and need help.
Yes, I was afraid I would see that.
I am afraid my help stops here. I am here to help people against cybercriminals. You however, are one yourself.
GL
|
|
|
|
|
07-14-2012, 11:24 AM
|
#11
|
|
grinder
Join Date: Sep 2011
Location: NVG
Posts: 603
|
Re: I think I have a virus but am not sure and need help.
Quote:
Originally Posted by Gabethebabe
Yes, I was afraid I would see that.
I am afraid my help stops here. I am here to help people against cybercriminals. You however, are one yourself.
GL
|
Yeah, don't crack stuff.
/thread
|
|
|
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -4. The time now is 02:31 AM.
|
Two Plus Two
