BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
MSE Cannot Start, sporadic search redirect
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > MSE Cannot Start, sporadic search redirect  
Forum Quick Jump
 
New Topic Post reply to : MSE Cannot Start, sporadic search redirect Printable version of : MSE Cannot Start, sporadic search redirect
[ << Previous Thread | Next Thread >> ]

yinzerniner
New Member


Date Joined Jun 2012
Total Posts : 4
 
   Posted 7/8/2012 3:16 AM (GMT +3)    Quote: MSE Cannot Start, sporadic search redirectAlert an admin about: MSE Cannot Start, sporadic search redirect
As the subject says, Microsoft Security essentials cannot start (error code 0x80070424) and google searches and other windows redirect to crap sites. Happened after I restarted the computer this afternoon (1pm -500 GMT). Any help would be greatly appreciated.

Hijackthis Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:53:56 PM, on 7/7/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe
C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Polar\WebSync\WebSync.exe
C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\MediaMall\MediaMallServer.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Audiogalaxy] "C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe" /startup
O4 - HKCU\..\Run: [MysticThumbs] C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - Startup: Dropbox.lnk = Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Polar WebSync.lnk = ?
O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: MediaMall Server - MediaMall Technologies, Inc. - C:\Program Files (x86)\MediaMall\MediaMallServer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: Polar Daemon - Unknown owner - C:\Program Files (x86)\Polar\Daemon\polard.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 16678 bytes

MalwareBytes Log

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.07.06

Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 9.0.8112.16421
Sotheby Chung :: SOTHEBYSVAIO [administrator]

7/7/2012 3:11:15 PM
mbam-log-2012-07-07 (15-11-15).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 724361
Time elapsed: 25 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\g043oqxanu (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Update (Backdoor.IRCBot) -> Data: C:\Windows\system32\svohost.exe -> Quarantined and deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:18810 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Sotheby Chung\AppData\Local\wmeks.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Users\Sotheby Chung\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\3be75eb4-1f4e9d5e (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Sotheby Chung\Documents\Downloads\Autodesk - ADT\AutoCAD ADT_2006_Keygen\Keymaker.exe (Malware.Gen) -> Quarantined and deleted successfully.
C:\Windows\Installer\{d9b87c81-5340-e575-0dbc-2810a7f63932}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

(end)

DDS Log

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Sotheby Chung at 20:07:42 on 2012-07-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8159.5428 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\MediaMall\MediaMallServer.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files (x86)\Polar\Daemon\polard.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe
C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe
C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Polar\WebSync\WebSync.exe
C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\MediaMall\MediaMallServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\notepad.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\FlashGet\flashget.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = <local>;*.local
uURLSearchHooks: H - No File
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - C:\Program Files (x86)\FlashGet\jccatch.dll
BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - C:\Program Files (x86)\FlashGet\getflash.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Audiogalaxy] "C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe" /startup
uRun: [MysticThumbs] C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\SOTHEB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\POLARW~1.LNK - C:\Windows\Installer\{1A1F27A2-599F-46BC-B904-1053B3A4CFEB}\WebSync.exe2_4B58E052B1C94BE0AC42D7A472F5A651.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SPYDER~1.LNK - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm
IE: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 209.18.47.62
TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888} : DhcpNameServer = 192.168.1.1 209.18.47.62
TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\0435D61627476496 : DhcpNameServer = 8.8.8.8 4.2.2.3
TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\05F6F607 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\2427F6F6B6C697E624167656C6 : DhcpNameServer = 68.237.161.12 71.250.0.12
TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\348656C6375616441697C6967686473547574696F6D27657563747 : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.33.1
TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\46C696E6B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\C414E4F49414F564255454F575946494 : DhcpNameServer = 172.16.156.1 205.152.132.23 205.152.37.23
TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\C696E6B6379737 : DhcpNameServer = 167.206.251.130 167.206.251.129
TCP: Interfaces\{C97CF07A-B9F5-4DBB-A46A-6EDD1D7159D6} : DhcpNameServer = 192.168.1.1 209.18.47.62
Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL
Notify: VESWinlogon - VESWinlogon.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: FGCatchUrl: {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
BHO-X64: flashget urlcatch - No File
BHO-X64: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO-X64: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: FlashGet GetFlash Class: {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun-x64: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE-X64: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
SEH-X64: SABShellExecuteHook Class: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nytimes.com/
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\Sotheby Chung\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll
FF - plugin: C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 hotcore3;hc3ServiceName;C:\Windows\system32\DRIVERS\hotcore3.sys --> C:\Windows\system32\DRIVERS\hotcore3.sys [?]
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-7 44808]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-1-31 375176]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 MediaMall Server;MediaMall Server;C:\Program Files (x86)\MediaMall\MediaMallServer.exe [2011-5-27 4407152]
R2 PDFSFilter;PDFSFilter;C:\Windows\system32\DRIVERS\PDFsFilter.sys --> C:\Windows\system32\DRIVERS\PDFsFilter.sys [?]
R2 Polar Daemon;Polar Daemon;C:\Program Files (x86)\Polar\Daemon\polard.exe [2009-6-15 163840]
R2 ReflectService;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2011-6-7 301720]
R2 regi;regi;C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-4-22 189984]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-7-15 1153368]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-8-15 104960]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys --> C:\Windows\system32\DRIVERS\SFEP.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2009-6-23 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2009-6-23 67656]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-5-25 2151128]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-6-26 362992]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 250056]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-7-15 1038088]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 pwdrvio;pwdrvio;\??\C:\Windows\system32\pwdrvio.sys --> C:\Windows\system32\pwdrvio.sys [?]
S3 pwdspio;pwdspio;\??\C:\Windows\system32\pwdspio.sys --> C:\Windows\system32\pwdspio.sys [?]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840]
S3 SASENUM;SASENUM;C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [2009-6-23 12872]
S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-4-22 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-4-22 70952]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-4-22 427304]
S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-4-22 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-4-22 91432]
S3 Spyder3;Datacolor Spyder3;C:\Windows\system32\DRIVERS\Spyder3.sys --> C:\Windows\system32\DRIVERS\Spyder3.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2012-07-07 23:53:49 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-07-07 23:52:56 -------- d-----w- C:\Program Files (x86)\Oracle
2012-07-07 23:52:53 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-07-07 23:21:43 98816 ----a-w- C:\Windows\sed.exe
2012-07-07 23:21:43 518144 ----a-w- C:\Windows\SWREG.exe
2012-07-07 23:21:43 256000 ----a-w- C:\Windows\PEV.exe
2012-07-07 23:21:43 208896 ----a-w- C:\Windows\MBR.exe
2012-07-07 20:33:30 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-07-07 20:33:30 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-07-07 20:33:30 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-07-07 20:33:18 41224 ----a-w- C:\Windows\avastSS.scr
2012-07-07 20:33:07 -------- d-----w- C:\Program Files\AVAST Software
2012-07-07 20:29:36 -------- d-----w- C:\Program Files\CCleaner
2012-07-07 18:45:50 -------- d-----w- C:\Windows\System32\SPReview
2012-07-07 18:43:25 -------- d-----w- C:\FRST
2012-07-07 18:38:26 -------- d-----w- C:\Windows\System32\EventProviders
2012-07-04 20:06:31 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-04 07:28:21 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68A65EF2-2579-4B1F-9A46-8A8A82265EF3}\gapaengine.dll
2012-07-04 07:28:10 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C10BFCF9-1701-492D-9CEA-8A312DD72A24}\mpengine.dll
2012-07-03 07:28:12 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-23 18:39:58 -------- d-----w- C:\Users\Sotheby Chung\AppData\Local\Macromedia
2012-06-21 17:44:55 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 17:44:52 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 17:44:51 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-21 17:44:51 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-14 07:28:48 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35B81FBD-0A5B-4A7E-B73D-CCAEC5539E34}\gapaengine.dll
2012-06-13 04:16:44 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-06-13 04:16:43 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-13 04:16:43 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-06-13 04:16:39 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-06-13 04:16:35 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-06-13 04:16:33 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-06-13 04:16:06 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-06-13 04:16:05 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
.
==================== Find3M ====================
.
2012-07-07 18:43:07 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-07-07 18:43:07 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-06-23 18:15:18 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-23 18:15:18 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-22 06:53:50 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2012-05-22 06:53:50 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2012-05-22 06:53:50 34688 ----a-w- C:\Windows\System32\LMIport.dll
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-04 23:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-06-08 06:06:50 12535496 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe
.
============= FINISH: 20:08:24.54 ===============


Attach Log

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/21/2010 10:26:59 PM
System Uptime: 7/7/2012 7:31:07 PM (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz | N/A | 2534/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 213 GiB total, 24.537 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: EASEUS Disk Enumerator
Device ID: ROOT\SYSTEM\0001
Manufacturer: (Standard system devices)
Name: EASEUS Disk Enumerator
PNP Device ID: ROOT\SYSTEM\0001
Service: EUDISK
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
.
µTorrent
AAC Decoder
Acrobat.com
Ad-Aware
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS4
Adobe Asset Services CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles AE CS4
Adobe Color Video Profiles CS CS4
Adobe Contribute CS4
Adobe Creative Suite 4 Master Collection
Adobe CS4 American English Speech Analysis Models
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Dolby
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4 Support
Adobe Premiere Pro CS4
Adobe Premiere Pro CS4 Functional Content
Adobe Premiere Pro CS4 Third Party Content
Adobe Reader 9.1.3
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe SING CS4
Adobe Soundbooth CS4
Adobe Soundbooth CS4 Codecs
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe Version Cue CS4 Server
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Any DVD Cloner 1.2.6
Apple Application Support
Apple Software Update
Applian Director
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 2
Audiogalaxy
Autodesk Design Review 2010
AutoUpdate
avast! Free Antivirus
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chief Architect Premier X3
Click to Disc
Click to Disc Editor
Combined Community Codec Pack 2010-10-10
Connect
Corel WinDVD 9
Disk Space Fan 2.2.7.821
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
DriveImage XML (Private Edition)
Dropbox
DVD Decrypter (Remove Only)
DVDSmith Movie Backup 1.0.5
eMusic Download Manager 4.1.3.1
FlashGet 1.9.6.1073
FLV Player 2.0 (build 25)
Free MP3 WMA OGG Converter 8.9.1
Google Chrome
Google SketchUp 8
H.264 Decoder
HijackThis 2.0.2
iConcertCal
INI_FCFG_V03.14A05
inSSIDer
iTunes Export
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) 7 Update 5
Java(TM) SE Runtime Environment 6
JavaFX 2.1.1
Korean Fonts Support For Adobe Reader 9
kuler
LastPass (uninstall only)
LibreOffice 3.4
Logitech Harmony Remote Software 7
Logitech Touch Mouse Server 1.0
LogMeIn
Malwarebytes' Anti-Malware
MediaMonkey 4.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MiniTool Partition Wizard Home Edition 6.0
MKV Splitter
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Transfer
Paragon Backup & Recovery™ 2011 (Advanced) Free
PDF Settings CS4
Photoshop Camera Raw
Picasa 3
Pixel Bender Toolkit
PlayOn
Polar Daemon
Polar WebSync
Primo
PS3 Media Server
QuickTime
RAR Password Recovery Magic v6.1.1.393
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Remote Control USB Driver
Replay Music
ReproEFS
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Runtime
Setting Utility Series
SmartWi Connection Utility
Sony Home Network Library
Sony Picture Utility
Spotify
Spybot - Search & Destroy
Spyder3Elite
Suite Shared Configuration CS4
SUPERAntiSpyware Free Edition
TreeSize Free V2.3.3
Uninstall 1.0.0.1
VC80CRTRedist - 8.0.50727.762
VLC media player 1.0.3
VoiceOver Kit
WinDirStat 1.1.2
WinDVD BD for VAIO
.
==== Event Viewer Messages From Past Week ========
.
7/7/2012 7:31:57 PM, Error: Service Control Manager [7000] - The SASKUTIL service failed to start due to the following error: This driver has been blocked from loading
7/7/2012 7:31:57 PM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: This driver has been blocked from loading
7/7/2012 7:31:57 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/7/2012 7:31:57 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/7/2012 7:31:32 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL
7/7/2012 7:31:30 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
7/7/2012 7:31:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
7/7/2012 7:31:22 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter
7/7/2012 7:30:37 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
7/7/2012 7:29:52 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
7/7/2012 7:22:54 PM, Error: Service Control Manager [7034] - The Polar Daemon service terminated unexpectedly. It has done this 1 time(s).
7/7/2012 7:17:56 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
7/7/2012 6:15:06 PM, Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.
7/7/2012 6:15:02 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
7/7/2012 6:14:59 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
7/7/2012 4:22:08 PM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The service has not been started.
7/7/2012 3:23:50 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
7/7/2012 3:11:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
7/7/2012 3:11:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
7/7/2012 3:10:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/7/2012 3:10:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/7/2012 3:10:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/7/2012 3:10:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/7/2012 3:10:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/7/2012 3:09:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/7/2012 3:09:47 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache EUBKMON EUDSKACS MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx UimBus Uim_IM Wanarpv6 WfpLwf
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
7/7/2012 3:08:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
7/7/2012 3:06:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache EUBKMON EUDSKACS MpFilter SASDIFSV SASKUTIL spldr UimBus Uim_IM Wanarpv6
7/7/2012 3:01:47 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000ce (0xfffff8800363f100, 0x0000000000000008, 0xfffff8800363f100, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070712-32136-01.
7/7/2012 2:53:17 PM, Error: Service Control Manager [7031] - The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/7/2012 2:53:17 PM, Error: Service Control Manager [7031] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/7/2012 2:53:17 PM, Error: Service Control Manager [7031] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
7/7/2012 2:53:17 PM, Error: Service Control Manager [7031] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
7/7/2012 2:32:55 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
7/4/2012 7:18:02 PM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds.
.
==== End Of File ===========================


Thanks again guys
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 7/8/2012 6:43 PM (GMT +3)    Quote: MSE Cannot Start, sporadic search redirectAlert an admin about: MSE Cannot Start, sporadic search redirect
Hello  yinzerniner   smile
 
 
 
Download OTL by OldTimer, saving it to your desktop: http://oldtimer.geekstogo.com/OTL.exe
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
WSHELPER.*
services.exe
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /rs
CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Post both logs


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

yinzerniner
New Member


Date Joined Jun 2012
Total Posts : 4
 
   Posted 7/8/2012 8:09 PM (GMT +3)    Quote: MSE Cannot Start, sporadic search redirectAlert an admin about: MSE Cannot Start, sporadic search redirect
Ran OTL.exe using you instructions. Did not get an Extras.txt file though.
Here is the OTL.txt file

OTL logfile created on: 7/8/2012 12:39:36 PM - Run 3
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Sotheby Chung\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.97 Gb Total Physical Memory | 5.59 Gb Available Physical Memory | 70.16% Memory free
15.93 Gb Paging File | 13.77 Gb Available in Paging File | 86.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 213.19 Gb Total Space | 21.84 Gb Free Space | 10.25% Space Free | Partition Type: NTFS
Drive D: | 38.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 7.39 Gb Total Space | 1.74 Gb Free Space | 23.59% Space Free | Partition Type: FAT32

Computer Name: SOTHEBYSVAIO | User Name: Sotheby Chung | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/08 12:10:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sotheby Chung\Desktop\OTL.exe
PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/05/24 14:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/05/19 22:23:54 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/02/15 10:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2011/12/17 23:27:13 | 002,955,496 | ---- | M] (AG Entertainment Inc) -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe
PRC - [2011/08/02 23:23:21 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/05/27 14:04:32 | 004,407,152 | ---- | M] (MediaMall Technologies, Inc.) -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe
PRC - [2011/05/25 02:00:34 | 001,744,312 | ---- | M] (Lavasoft Limited ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
PRC - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/08/26 17:11:50 | 000,173,368 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2009/08/26 17:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
PRC - [2009/06/23 14:32:08 | 007,159,808 | ---- | M] (Polar Electro Oy) -- C:\Program Files (x86)\Polar\WebSync\WebSync.exe
PRC - [2009/06/15 13:14:08 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Polar\Daemon\polard.exe
PRC - [2009/05/26 09:23:14 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008/06/11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2007/09/25 04:10:50 | 002,007,088 | ---- | M] (FlashGet.com) -- C:\Program Files (x86)\FlashGet\flashget.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/07 15:54:54 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012/07/07 15:54:46 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/07/07 15:54:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/07/07 15:54:16 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/07/07 15:54:10 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/07/07 15:53:57 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/07/07 15:53:51 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/07/07 15:53:46 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/07/07 15:53:43 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/07/07 15:53:35 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/19 22:23:54 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/14 14:19:04 | 000,780,288 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\tag.dll
MOD - [2011/03/01 16:20:06 | 001,014,286 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\avcodec-52.dll
MOD - [2011/03/01 16:20:06 | 000,208,910 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\avformat-52.dll
MOD - [2011/03/01 16:20:06 | 000,082,958 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\avutil-50.dll
MOD - [2011/01/18 19:28:42 | 000,558,133 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\sqlite3.dll
MOD - [2010/11/17 00:11:16 | 000,117,760 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2010/03/29 03:13:33 | 000,052,224 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2009/08/26 17:11:50 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
MOD - [2009/08/26 17:11:50 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
MOD - [2009/08/26 17:11:50 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
MOD - [2009/08/26 17:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
MOD - [2009/08/26 17:11:50 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
MOD - [2009/08/26 17:11:48 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
MOD - [2009/08/26 17:11:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
MOD - [2009/08/26 17:11:48 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
MOD - [2009/06/23 14:36:52 | 001,175,552 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\libpolar.dll
MOD - [2009/05/30 14:11:42 | 000,059,904 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\zlib1.dll
MOD - [2007/06/15 02:35:38 | 000,626,688 | ---- | M] () -- C:\Program Files (x86)\FlashGet\FGBTCORE.dll
MOD - [2007/06/14 06:52:06 | 001,327,184 | ---- | M] () -- C:\Program Files (x86)\FlashGet\FGEMCORE.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/06/07 23:25:58 | 000,301,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV:64bit: - [2011/06/03 11:38:56 | 001,759,496 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)
SRV:64bit: - [2011/06/03 11:38:50 | 003,318,536 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe -- (PDEngine)
SRV:64bit: - [2010/03/29 02:02:12 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/09/03 16:15:38 | 000,189,984 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2009/09/01 10:15:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/01/24 11:23:16 | 000,839,720 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2008/08/01 19:44:42 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.exe -- (XAudioService)
SRV - [2012/06/23 14:15:21 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/16 18:16:53 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/22 02:53:59 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012/05/22 02:53:50 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/09/16 15:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011/05/27 14:04:32 | 004,407,152 | ---- | M] (MediaMall Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2011/05/25 02:00:34 | 002,151,128 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/03/29 01:59:58 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/17 11:31:28 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/07/17 11:31:28 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/07/17 11:31:28 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/07/17 11:31:26 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/07/17 11:31:26 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/06/26 11:25:36 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/06/26 11:25:24 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/15 13:14:08 | 000,163,840 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Polar\Daemon\polard.exe -- (Polar Daemon)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/08/15 06:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008/08/01 14:31:00 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 12:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/03 12:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/03 12:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/03 12:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/03 12:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/03 12:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/05/22 02:53:50 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/09/16 15:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011/09/16 15:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011/06/06 08:07:12 | 000,079,888 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFSFilter)
DRV:64bit: - [2011/05/26 11:13:10 | 000,140,816 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DefragFs.sys -- (DefragFS)
DRV:64bit: - [2011/05/25 02:00:36 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011/05/06 14:30:20 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2011/05/06 14:30:18 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2011/01/21 14:52:18 | 000,528,464 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2011/01/21 14:52:18 | 000,053,840 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2011/01/21 14:52:18 | 000,037,456 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 09:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/04/29 13:40:54 | 000,028,528 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2009/09/09 10:04:46 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/09/03 15:43:36 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/09/01 10:15:16 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/20 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/08 18:26:55 | 000,154,168 | R--- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2009/04/15 18:09:06 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2008/12/15 13:07:42 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2008/12/15 12:31:18 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2008/09/18 18:31:20 | 000,193,072 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/08/02 21:14:30 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/08/01 19:44:42 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2008/08/01 19:44:40 | 001,511,936 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/08/01 19:44:40 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/08/01 19:44:40 | 000,300,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/08/01 19:44:40 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/04/24 14:06:42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007/12/12 14:11:06 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3)
DRV:64bit: - [2007/04/16 20:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2011/09/16 15:10:50 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2010/12/06 15:22:51 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/25 00:49:35 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/25 00:49:35 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A2 F4 6E A3 CD 5C CD 01 [binary data]
IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sotheby Chung\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sotheby Chung\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Program Files (x86)\eMusic Download Manager\xulrunner\components [2011/09/29 23:34:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Program Files (x86)\eMusic Download Manager\xulrunner\plugins [2011/09/29 23:34:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/07 16:33:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/16 18:16:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/29 23:34:48 | 000,000,000 | ---D | M]

[2010/04/21 22:04:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Extensions
[2012/06/27 00:48:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions
[2010/06/13 23:17:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/19 17:14:41 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2012/06/04 00:31:39 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011/06/04 18:54:17 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2011/03/30 01:07:32 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\engine@conduit.com
[2012/06/06 00:03:44 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\LogMeInClient@logmein.com
[2012/06/27 00:48:43 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\support@lastpass.com
[2012/04/26 00:25:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/21 21:52:10 | 000,000,000 | ---D | M] (eMusic - Apple iTunes Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\DLM_ITUNES@EMUSIC.COM
[2010/04/21 21:52:10 | 000,000,000 | ---D | M] (eMusic - Nullsoft Winamp Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\DLM_WINAMP@EMUSIC.COM
[2010/04/21 21:52:10 | 000,000,000 | ---D | M] (eMusic - Microsoft Media Player Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\DLM_WMP@EMUSIC.COM
[2012/06/16 18:16:54 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/31 13:04:07 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/10 01:46:20 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/10 02:10:13 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: eMusic Remote Plugin (Enabled) = C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Sotheby Chung\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/07 19:31:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [Audiogalaxy] C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe (AG Entertainment Inc)
O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [MysticThumbs] C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe (MysticCoder)
O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Sotheby Chung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O8:64bit: - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}: DhcpNameServer = 192.168.1.1 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C97CF07A-B9F5-4DBB-A46A-6EDD1D7159D6}: DhcpNameServer = 192.168.1.1 209.18.47.62
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: winlogon - C:\Users\Sotheby Chung\AppData\Roaming\winlogon.exe - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk /p \??\H:)
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/07/08 12:10:10 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Sotheby Chung\Desktop\OTL.exe
[2012/07/08 02:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\BDJ
[2012/07/08 02:04:48 | 000,000,000 | ---D | C] -- C:\Users\Sotheby Chung\Corel
[2012/07/08 02:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
[2012/07/08 01:34:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/07 20:02:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Sotheby Chung\Desktop\dds.scr
[2012/07/07 19:53:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/07/07 19:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2012/07/07 19:53:01 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Sotheby Chung\Desktop\HJTInstall.exe
[2012/07/07 19:52:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/07/07 19:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/07/07 19:30:34 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/07 19:21:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/07 19:21:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/07 19:21:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/07 19:15:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/07/07 19:15:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/07/07 19:14:46 | 004,574,136 | R--- | C] (Swearware) -- C:\Users\Sotheby Chung\Desktop\ComboFix.exe
[2012/07/07 16:33:30 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/07/07 16:33:30 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/07/07 16:33:30 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/07/07 16:33:30 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/07/07 16:33:30 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/07/07 16:33:30 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/07/07 16:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/07/07 16:33:18 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/07/07 16:33:18 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/07 16:33:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/07/07 16:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/07/07 16:00:53 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sotheby Chung\Desktop\TDSSKiller.exe
[2012/07/07 15:08:27 | 000,000,000 | ---D | C] -- C:\Users\Sotheby Chung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/07/07 14:45:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012/07/07 14:43:25 | 000,000,000 | ---D | C] -- C:\FRST
[2012/07/07 14:38:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012/07/04 16:06:31 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/06/23 14:39:58 | 000,000,000 | ---D | C] -- C:\Users\Sotheby Chung\AppData\Local\Macromedia
[2011/06/08 02:06:47 | 012,535,496 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2009/07/22 00:33:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Sotheby Chung\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2012/07/08 12:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/08 12:10:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sotheby Chung\Desktop\OTL.exe
[2012/07/08 11:58:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000UA.job
[2012/07/08 02:07:31 | 000,003,766 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012/07/08 02:03:19 | 000,000,794 | ---- | M] () -- C:\Users\Public\Desktop\Corel WinDVD.lnk
[2012/07/08 01:34:58 | 000,000,088 | RHS- | M] () -- C:\ProgramData\DEB8B150A7.sys
[2012/07/07 20:02:58 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Sotheby Chung\Desktop\dds.scr
[2012/07/07 19:53:49 | 000,002,093 | ---- | M] () -- C:\Users\Sotheby Chung\Desktop\HijackThis.lnk
[2012/07/07 19:52:58 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Sotheby Chung\Desktop\HJTInstall.exe
[2012/07/07 19:38:48 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/07 19:38:48 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/07 19:35:53 | 000,717,260 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/07 19:35:53 | 000,617,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/07 19:35:53 | 000,104,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/07 19:31:55 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/07/07 19:31:31 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/07/07 19:31:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/07 19:14:50 | 004,574,136 | R--- | M] (Swearware) -- C:\Users\Sotheby Chung\Desktop\ComboFix.exe
[2012/07/07 16:35:49 | 000,208,552 | ---- | M] () -- C:\Users\Sotheby Chung\Documents\cc_20120707_163524.reg
[2012/07/07 16:33:30 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/07/07 16:33:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/07/07 15:58:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000Core.job
[2012/07/07 15:53:49 | 000,002,356 | ---- | M] () -- C:\Users\Sotheby Chung\Desktop\Google Chrome.lnk
[2012/07/07 14:52:56 | 003,006,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/04 22:24:05 | 000,000,496 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012/07/03 12:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/07/03 12:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/07/03 12:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/07/03 12:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/07/03 12:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/07/03 12:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/07/03 12:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/03 12:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/07/03 12:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/07/02 20:01:46 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Sotheby Chung\Desktop\TDSSKiller.exe

========== Files Created - No Company Name ==========

[2012/07/08 02:03:18 | 000,000,794 | ---- | C] () -- C:\Users\Public\Desktop\Corel WinDVD.lnk
[2012/07/08 01:34:57 | 000,000,088 | RHS- | C] () -- C:\ProgramData\DEB8B150A7.sys
[2012/07/07 19:53:49 | 000,002,093 | ---- | C] () -- C:\Users\Sotheby Chung\Desktop\HijackThis.lnk
[2012/07/07 19:21:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/07 19:21:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/07 19:21:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/07 19:21:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/07 19:21:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/07 16:35:41 | 000,208,552 | ---- | C] () -- C:\Users\Sotheby Chung\Documents\cc_20120707_163524.reg
[2012/07/07 16:33:30 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/07/07 15:53:41 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000UA.job
[2012/07/07 15:08:29 | 000,002,356 | ---- | C] () -- C:\Users\Sotheby Chung\Desktop\Google Chrome.lnk
[2012/07/07 15:08:00 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000Core.job
[2012/01/14 05:15:56 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/11 14:48:15 | 000,002,048 | -HS- | C] () -- C:\Users\Sotheby Chung\AppData\Local\{d9b87c81-5340-e575-0dbc-2810a7f63932}\@
[2011/11/24 21:12:27 | 000,167,876 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/12/10 21:02:46 | 000,098,130 | ---- | C] () -- C:\Users\Sotheby Chung\NYCSERV Payments Confirmation.pdf
[2010/05/17 01:05:20 | 000,003,766 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/04/21 22:27:01 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/07/22 00:33:18 | 000,007,859 | ---- | C] () -- C:\Users\Sotheby Chung\AppData\Roaming\pcouffin.cat
[2009/07/22 00:33:18 | 000,001,167 | ---- | C] () -- C:\Users\Sotheby Chung\AppData\Roaming\pcouffin.inf

========== LOP Check ==========

[2011/06/30 20:18:08 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\LastPass
[2010/08/28 16:36:10 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Any DVD Cloner
[2012/04/14 14:51:11 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Autodesk
[2012/07/07 16:32:52 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Azureus
[2011/07/20 01:08:55 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Chief Architect Premier X3
[2012/06/16 14:13:02 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\DiskSpaceFan
[2012/07/07 19:32:08 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Dropbox
[2010/04/21 22:04:13 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\eMusic
[2010/04/21 22:04:13 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\FlashGet
[2012/07/07 15:57:01 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\FMZilla
[2012/02/08 01:52:51 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Free MP3 WMA OGG Converter
[2012/04/28 20:27:45 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\iConcertCal
[2010/04/21 22:04:13 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\InterVideo
[2010/10/31 21:07:48 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1
[2010/04/21 22:04:13 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\JAM Software
[2010/08/21 16:34:55 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Lala Music Mover
[2011/11/26 19:24:44 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\LibreOffice
[2012/04/07 14:52:20 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\MediaMonkey
[2010/10/20 23:47:18 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\PMS
[2012/06/23 14:59:08 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Spotify
[2012/07/07 20:46:02 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\uTorrent
[2010/08/21 16:28:38 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Vso
[2012/07/04 22:24:05 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/07/07 15:01:47 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\erdnt\cache86\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WSHELPER.DLL >
[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< MD5 for: WSHELPER.DLL.MUI >
[2009/07/13 22:07:50 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=CD53AEA05D09943FDAA9E6E779D28A26 -- C:\Windows\SysWOW64\en-US\wshelper.dll.mui
[2009/07/13 22:07:50 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=CD53AEA05D09943FDAA9E6E779D28A26 -- C:\Windows\winsxs\x86_microsoft-windows-w..ure-other.resources_31bf3856ad364e35_6.1.7600.16385_en-us_adb3c1d9fa188607\wshelper.dll.mui
[2009/07/13 22:28:32 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=D3C8A35BD4D7F008A7D37AA6F235C8FD -- C:\Windows\SysNative\en-US\wshelper.dll.mui
[2009/07/13 22:28:32 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=D3C8A35BD4D7F008A7D37AA6F235C8FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..ure-other.resources_31bf3856ad364e35_6.1.7600.16385_en-us_09d25d5db275f73d\wshelper.dll.mui

< HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /rs >

< End of report >
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 7/9/2012 8:23 AM (GMT +3)    Quote: MSE Cannot Start, sporadic search redirectAlert an admin about: MSE Cannot Start, sporadic search redirect
 
We need to run an OTL Fix

  • Please reopen OTL on your desktop.
  • Copy and Paste the following in the codebox into the  Custom Scan textbox.



·         :Services 
·         :OTL 
·         IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
·         FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
·         O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
·         O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
·         O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
·          
·         :Reg 
·          
·         :Files 
·         ipconfig /flushdns /c 
·         C:\ProgramData\DEB8B150A7.sys

·         :Commands 
·         [purity] 
·         [resethosts] 
·         [CreateRestorePoint] 
·         [emptytemp] 
[EMPTYFLASH


  • Push  Run Fix Button
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click OK.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run
 
Please download Combofix from: [URL="http://download.bleepingcomputer.com/sUBs/ComboFix.exe"] Here[/URL]
 And save to the desktop.
 
After the download is complete, perform the following tasks before using the ComboFix tool to scan your PC:
Exit all windows that are currently open on your computer.
To prevent interference, temporarily disable your antivirus, antispyware, firewall and other security tools that may be running on your computer.
 
 
Double-click on the combofix icon found on your desktop.
 
Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

 When finished, it will produce a logfile located at C:\combofix.txt.
 

Post the contents of that log in your next reply
 
The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

yinzerniner
New Member


Date Joined Jun 2012
Total Posts : 4
 
   Posted 7/13/2012 8:59 AM (GMT +3)    Quote: MSE Cannot Start, sporadic search redirectAlert an admin about: MSE Cannot Start, sporadic search redirect
OTL Log:
All processes killed
Error: Unable to interpret <· :Services > in the current context!
Error: Unable to interpret <· :OTL > in the current context!
Error: Unable to interpret <· IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found> in the current context!
Error: Unable to interpret <· FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context!
Error: Unable to interpret <· O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.> in the current context!
Error: Unable to interpret <· O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.> in the current context!
Error: Unable to interpret <· O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)> in the current context!
Error: Unable to interpret <· > in the current context!
Error: Unable to interpret <· :Reg > in the current context!
Error: Unable to interpret <· > in the current context!
Error: Unable to interpret <· :Files > in the current context!
Error: Unable to interpret <· ipconfig /flushdns /c > in the current context!
Error: Unable to interpret <· C:\ProgramData\DEB8B150A7.sys> in the current context!
Error: Unable to interpret <· :Commands > in the current context!
Error: Unable to interpret <· [purity] > in the current context!
Error: Unable to interpret <· [resethosts] > in the current context!
Error: Unable to interpret <· [CreateRestorePoint] > in the current context!
Error: Unable to interpret <· [emptytemp] > in the current context!
Error: Unable to interpret <[EMPTYFLASH> in the current context!

OTL by OldTimer - Version 3.2.53.1 log created on 07102012_010017

Combofix Log
Also, Combofix had a few errors during running, like exporting to Qoobox and PEV.exe being killed during the run

ComboFix 12-07-08.03 - Sotheby Chung 07/11/2012 0:26.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8159.6279 [GMT -4:00]
Running from: c:\users\Sotheby Chung\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\DEB8B150A7.sys
.
c:\windows\SysWow64\Drivers\atapi.sys . . . is infected!!
.
.
((((((((((((((((((((((((( Files Created from 2012-06-11 to 2012-07-11 )))))))))))))))))))))))))))))))
.
.
2012-07-11 04:35 . 2012-07-11 04:35 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-07-11 04:35 . 2012-07-11 04:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-10 05:00 . 2012-07-10 05:00 -------- d-----w- C:\_OTL
2012-07-08 06:06 . 2012-07-08 06:06 -------- d-----w- c:\programdata\BDJ
2012-07-08 06:04 . 2012-07-08 06:04 -------- d-----w- c:\users\Sotheby Chung\Corel
2012-07-07 23:53 . 2012-07-07 23:53 -------- d-----w- c:\program files (x86)\Trend Micro
2012-07-07 23:52 . 2012-07-07 23:52 -------- d-----w- c:\program files (x86)\Oracle
2012-07-07 23:52 . 2012-05-04 23:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-07 23:52 . 2012-07-07 23:52 -------- d-----w- c:\programdata\McAfee
2012-07-07 20:33 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-07 20:33 . 2012-07-03 16:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-07 20:33 . 2012-07-03 16:21 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-07 20:33 . 2012-07-03 16:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-07 20:33 . 2012-07-03 16:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-07 20:33 . 2012-07-03 16:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-07 20:33 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-07-07 20:33 . 2012-07-03 16:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-07 20:33 . 2012-07-07 20:33 -------- d-----w- c:\program files\AVAST Software
2012-07-07 20:29 . 2012-07-07 20:29 -------- d-----w- c:\program files\CCleaner
2012-07-07 18:45 . 2012-07-07 18:45 -------- d-----w- c:\windows\system32\SPReview
2012-07-07 18:43 . 2012-07-07 19:12 -------- d-----w- C:\FRST
2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\windows\system32\EventProviders
2012-07-04 20:06 . 2012-07-04 20:06 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-07-04 07:28 . 2012-02-10 05:58 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68A65EF2-2579-4B1F-9A46-8A8A82265EF3}\gapaengine.dll
2012-07-04 07:28 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C10BFCF9-1701-492D-9CEA-8A312DD72A24}\mpengine.dll
2012-07-03 07:28 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-23 18:39 . 2012-06-23 18:39 -------- d-----w- c:\users\Sotheby Chung\AppData\Local\Macromedia
2012-06-21 17:44 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 17:44 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 17:44 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 17:44 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 17:44 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 17:44 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 17:44 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 17:44 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 17:44 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-14 07:28 . 2012-02-10 05:58 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{35B81FBD-0A5B-4A7E-B73D-CCAEC5539E34}\gapaengine.dll
2012-06-13 04:16 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 04:16 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 04:16 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 04:16 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-13 04:16 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 04:16 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 04:16 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 04:16 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-08 06:07 . 2010-05-17 05:05 3766 --sha-w- c:\programdata\KGyGaAvL.sys
2012-07-07 18:43 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-07 18:43 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-03 16:21 . 2011-02-01 03:58 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-23 18:15 . 2012-04-13 03:41 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 18:15 . 2011-05-29 06:12 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-22 06:53 . 2012-02-13 06:51 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-05-22 06:53 . 2012-02-13 06:51 34688 ----a-w- c:\windows\system32\LMIport.dll
2012-05-22 06:53 . 2012-02-13 06:51 80768 ----a-w- c:\windows\system32\LMIinit.dll
2012-05-04 23:29 . 2011-06-12 23:51 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-06-08 06:06 . 2011-06-08 06:06 12535496 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-07_23.32.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-22 04:50 . 2012-07-10 05:03 53340 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-10 05:03 45422 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-04-22 03:28 . 2012-07-10 05:03 13014 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3386721426-1089896885-116071575-1000_UserData.bin
- 2010-04-22 01:48 . 2012-07-07 23:31 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-04-22 01:48 . 2012-07-10 10:51 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-04-22 01:48 . 2012-07-07 23:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-04-22 01:48 . 2012-07-10 10:51 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-10 10:51 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-07 23:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-07-10 05:03 91408 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2012-07-07 23:31 . 2012-07-07 23:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-10 05:01 . 2012-07-10 05:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-07 23:31 . 2012-07-07 23:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-10 05:01 . 2012-07-10 05:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-12 23:51 . 2012-05-04 23:29 227720 c:\windows\SysWOW64\javaws.exe
+ 2011-06-12 23:51 . 2012-07-07 23:52 174064 c:\windows\SysWOW64\javaw.exe
+ 2011-06-12 23:51 . 2012-07-07 23:52 174064 c:\windows\SysWOW64\java.exe
- 2009-07-14 04:54 . 2012-07-07 23:31 638976 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-11 02:04 638976 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-04-22 02:11 . 2012-07-09 06:38 106896 c:\windows\SysWOW64\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
+ 2009-07-14 02:36 . 2012-07-11 04:08 617460 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-07 23:23 617460 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-07-11 04:08 104702 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-07-07 23:23 104702 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:01 . 2012-07-10 05:00 428104 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-05-26 04:44 . 2012-07-10 05:00 428104 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3386721426-1089896885-116071575-1000-12288.dat
+ 2012-03-18 14:34 . 2012-07-10 05:00 490960 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-07-07 23:53 . 2012-07-07 23:53 179200 c:\windows\Installer\13c192.msi
+ 2012-07-07 23:52 . 2012-07-07 23:52 461312 c:\windows\Installer\13c184.msi
+ 2012-07-08 06:03 . 2012-07-08 06:03 139264 c:\windows\Installer\{33017152-D6EA-46DD-93E0-7D2679CCBB51}\ARPPRODUCTICON.exe
+ 2009-07-14 04:54 . 2012-07-11 02:04 3686400 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-07 23:31 3686400 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:45 . 2012-07-10 05:01 3012528 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2012-07-10 05:03 7150416 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-07-07 19:04 7150416 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-02-24 17:47 . 2011-02-24 17:47 6498304 c:\windows\Installer\1645be1.msi
+ 2005-09-23 11:48 . 2005-09-23 11:48 2483200 c:\windows\Installer\1645bd8.msi
+ 2009-07-14 04:54 . 2012-07-11 02:04 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-07 23:31 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-07-07 23:52 . 2012-07-07 23:52 17379328 c:\windows\Installer\13c180.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SUPERAntiSpyware"="c:\program files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-03 2424192]
"Audiogalaxy"="c:\users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe" [2011-12-18 2955496]
"MysticThumbs"="c:\program files\MysticCoder\MysticThumbs\MysticThumbsTray.exe" [2011-06-23 6235648]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-04-14 879984]
"Spotify Web Helper"="c:\program files (x86)\Spotify\Data\SpotifyWebHelper.exe" [2012-05-20 932528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-05 98304]
"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-09-02 80384]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\users\Sotheby Chung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-1-24 1069608]
Polar WebSync.lnk - c:\windows\Installer\{1A1F27A2-599F-46BC-B904-1053B3A4CFEB}\WebSync.exe2_4B58E052B1C94BE0AC42D7A472F5A651.exe [2009-7-18 147456]
Spyder3Utility.lnk - c:\program files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files (x86)\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-12-12 06:45 548352 ----a-w- c:\program files (x86)\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-14 15:15 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\h:\0pdboot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
R1 SASDIFSV;SASDIFSV;c:\program files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files (x86)\SUPERAntiSpyware\SASKUTIL.sys [2010-12-06 67656]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-05-25 2151128]
R2 Polar Daemon;Polar Daemon;c:\program files (x86)\Polar\Daemon\polard.exe [2009-06-15 163840]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-03-29 1038088]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-05-06 19936]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-05-06 13280]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]
R3 SASENUM;SASENUM;c:\program files (x86)\SUPERAntiSpyware\SASENUM.SYS [2010-02-25 12872]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-17 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-17 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-17 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-17 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-17 91432]
R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [2007-12-12 15360]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-22 1255736]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [2011-01-21 37456]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-05-25 69376]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-01 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-05-22 375176]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 MediaMall Server;MediaMall Server;c:\program files (x86)\MediaMall\MediaMallServer.exe [2011-05-27 4407152]
S2 PDFSFilter;PDFSFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2011-06-06 79888]
S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-06-08 301720]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-09-03 189984]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 19968]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2008-08-01 300032]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-09-09 5435904]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2009-04-15 11392]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - AvgTdiA
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-05-25 06:00]
.
2012-07-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 18:15]
.
2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000Core.job
- c:\users\Sotheby Chung\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-07 19:08]
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000UA.job
- c:\users\Sotheby Chung\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-07 19:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-09-18 152576]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-03 7938080]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-09-03 1833504]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-08-13 415752]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-08-13 4195848]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: &Download All with FlashGet - c:\program files (x86)\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files (x86)\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1 209.18.47.62
FF - ProfilePath - c:\users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.nytimes.com/
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
SSODL-winlogon REG_SZ c:\users\Sotheby Chung\AppData\Roaming\winlogon.exe- - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-11 00:39:31
ComboFix-quarantined-files.txt 2012-07-11 04:39
ComboFix2.txt 2012-07-07 23:37
.
Pre-Run: 21,309,313,024 bytes free
Post-Run: 20,362,739,712 bytes free
.
- - End Of File - - BCAC42F22643C202E1AB70272A0FFDC6
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 7/14/2012 12:16 PM (GMT +3)    Quote: MSE Cannot Start, sporadic search redirectAlert an admin about: MSE Cannot Start, sporadic search redirect
Looks like atapi.sys areinfected.


 
and download Kaspersky's TDSSKiller to your desktop, then unzip that and place a copy of the TDSSKiller.exe file on your desktop. Then click that to open the scanner.

In the display that opens click Start scan. Once that completes, follow any prompts to act on anything it located, including as reboot if requested.

When the scan completes it will create a log file on your C drive.

Similar in name to this:

C:\TDSSKiller. (numbers) log.txt

 
Copy/paste those contents back here please.

-----------

Also click
http://ad13.geekstogo.com/MBRCheck.exe
to download AD13's MBRCheck.exe. Then right click that file, and select "Run as administrator".
Follow the prompts, and post back here the log it should have created on your desktop.



Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

yinzerniner
New Member


Date Joined Jun 2012
Total Posts : 4
 
   Posted 7/15/2012 11:27 PM (GMT +3)    Quote: MSE Cannot Start, sporadic search redirectAlert an admin about: MSE Cannot Start, sporadic search redirect
Here is the TDSS Killer log. It said it did not find any malicious objects

15:27:12.0592 41292 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
15:27:12.0939 41292 ============================================================
15:27:12.0939 41292 Current date / time: 2012/07/15 15:27:12.0939
15:27:12.0939 41292 SystemInfo:
15:27:12.0939 41292
15:27:12.0939 41292 OS Version: 6.1.7601 ServicePack: 1.0
15:27:12.0939 41292 Product type: Workstation
15:27:12.0940 41292 ComputerName: SOTHEBYSVAIO
15:27:12.0940 41292 UserName: Sotheby Chung
15:27:12.0940 41292 Windows directory: C:\Windows
15:27:12.0940 41292 System windows directory: C:\Windows
15:27:12.0940 41292 Running under WOW64
15:27:12.0940 41292 Processor architecture: Intel x64
15:27:12.0940 41292 Number of processors: 2
15:27:12.0941 41292 Page size: 0x1000
15:27:12.0941 41292 Boot type: Normal boot
15:27:12.0941 41292 ============================================================
15:27:13.0170 41292 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:27:13.0175 41292 Drive \Device\Harddisk1\DR1 - Size: 0x1D9800000 (7.40 Gb), SectorSize: 0x200, Cylinders: 0x3C208, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x1, Type 'W'
15:27:13.0201 41292 Drive \Device\Harddisk3\DR3 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:27:13.0214 41292 ============================================================
15:27:13.0214 41292 \Device\Harddisk0\DR0:
15:27:13.0214 41292 MBR partitions:
15:27:13.0214 41292 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14C0000, BlocksNum 0x1AA62FD3
15:27:13.0214 41292 \Device\Harddisk1\DR1:
15:27:13.0215 41292 MBR partitions:
15:27:13.0215 41292 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xECC000
15:27:13.0215 41292 \Device\Harddisk3\DR3:
15:27:13.0215 41292 MBR partitions:
15:27:13.0215 41292 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
15:27:13.0215 41292 ============================================================
15:27:13.0248 41292 K: <-> \Device\Harddisk3\DR3\Partition0
15:27:13.0251 41292 C: <-> \Device\Harddisk0\DR0\Partition0
15:27:13.0251 41292 ============================================================
15:27:13.0251 41292 Initialize success
15:27:13.0251 41292 ============================================================
15:27:23.0758 31884 ============================================================
15:27:23.0758 31884 Scan started
15:27:23.0758 31884 Mode: Manual;
15:27:23.0758 31884 ============================================================
15:27:24.0236 31884 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:27:24.0239 31884 1394ohci - ok
15:27:24.0247 31884 ACDaemon (fee588cdf60f2b541b5a3e803fa938a1) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:27:24.0249 31884 ACDaemon - ok
15:27:24.0263 31884 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:27:24.0266 31884 ACPI - ok
15:27:24.0270 31884 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:27:24.0271 31884 AcpiPmi - ok
15:27:24.0278 31884 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
15:27:24.0280 31884 adfs - ok
15:27:24.0294 31884 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
15:27:24.0297 31884 Adobe Version Cue CS4 - ok
15:27:24.0328 31884 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:27:24.0331 31884 AdobeFlashPlayerUpdateSvc - ok
15:27:24.0350 31884 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:27:24.0355 31884 adp94xx - ok
15:27:24.0369 31884 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:27:24.0373 31884 adpahci - ok
15:27:24.0382 31884 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:27:24.0384 31884 adpu320 - ok
15:27:24.0392 31884 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:27:24.0394 31884 AeLookupSvc - ok
15:27:24.0415 31884 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:27:24.0419 31884 AFD - ok
15:27:24.0425 31884 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:27:24.0426 31884 agp440 - ok
15:27:24.0432 31884 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:27:24.0434 31884 ALG - ok
15:27:24.0438 31884 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:27:24.0439 31884 aliide - ok
15:27:24.0451 31884 AMD External Events Utility (bcc32bf5ebb5dfd4380fa053d3651949) C:\Windows\system32\atiesrxx.exe
15:27:24.0454 31884 AMD External Events Utility - ok
15:27:24.0459 31884 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:27:24.0460 31884 amdide - ok
15:27:24.0465 31884 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:27:24.0467 31884 AmdK8 - ok
15:27:24.0472 31884 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:27:24.0474 31884 AmdPPM - ok
15:27:24.0480 31884 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
15:27:24.0482 31884 amdsata - ok
15:27:24.0491 31884 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:27:24.0493 31884 amdsbs - ok
15:27:24.0498 31884 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
15:27:24.0500 31884 amdxata - ok
15:27:24.0509 31884 ApfiltrService (22fecb5b3de1eb8b1b2761338922f681) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:27:24.0512 31884 ApfiltrService - ok
15:27:24.0520 31884 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:27:24.0521 31884 AppID - ok
15:27:24.0525 31884 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:27:24.0526 31884 AppIDSvc - ok
15:27:24.0533 31884 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:27:24.0534 31884 Appinfo - ok
15:27:24.0541 31884 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:27:24.0542 31884 Apple Mobile Device - ok
15:27:24.0551 31884 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:27:24.0552 31884 arc - ok
15:27:24.0559 31884 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:27:24.0561 31884 arcsas - ok
15:27:24.0566 31884 ArcSoftKsUFilter (1ce3822b05a5e229286a15ea39369870) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:27:24.0567 31884 ArcSoftKsUFilter - ok
15:27:24.0571 31884 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
15:27:24.0572 31884 aswFsBlk - ok
15:27:24.0578 31884 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
15:27:24.0579 31884 aswMonFlt - ok
15:27:24.0585 31884 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
15:27:24.0586 31884 aswRdr - ok
15:27:24.0615 31884 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
15:27:24.0624 31884 aswSnx - ok
15:27:24.0638 31884 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
15:27:24.0642 31884 aswSP - ok
15:27:24.0648 31884 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
15:27:24.0650 31884 aswTdi - ok
15:27:24.0653 31884 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:27:24.0655 31884 AsyncMac - ok
15:27:24.0659 31884 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:27:24.0660 31884 atapi - ok
15:27:24.0919 31884 atikmdag (a29087680a1c3b049e3c05438e8ff2b8) C:\Windows\system32\DRIVERS\atikmdag.sys
15:27:25.0003 31884 atikmdag - ok
15:27:25.0063 31884 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:27:25.0070 31884 AudioEndpointBuilder - ok
15:27:25.0076 31884 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:27:25.0080 31884 AudioSrv - ok
15:27:25.0086 31884 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:27:25.0087 31884 avast! Antivirus - ok
15:27:25.0096 31884 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:27:25.0098 31884 AxInstSV - ok
15:27:25.0120 31884 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:27:25.0125 31884 b06bdrv - ok
15:27:25.0137 31884 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:27:25.0140 31884 b57nd60a - ok
15:27:25.0150 31884 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:27:25.0152 31884 BDESVC - ok
15:27:25.0155 31884 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:27:25.0156 31884 Beep - ok
15:27:25.0186 31884 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:27:25.0193 31884 BFE - ok
15:27:25.0227 31884 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:27:25.0237 31884 BITS - ok
15:27:25.0245 31884 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:27:25.0247 31884 blbdrive - ok
15:27:25.0266 31884 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:27:25.0271 31884 Bonjour Service - ok
15:27:25.0276 31884 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:27:25.0278 31884 bowser - ok
15:27:25.0282 31884 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:27:25.0284 31884 BrFiltLo - ok
15:27:25.0287 31884 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:27:25.0288 31884 BrFiltUp - ok
15:27:25.0296 31884 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:27:25.0298 31884 BridgeMP - ok
15:27:25.0305 31884 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:27:25.0307 31884 Browser - ok
15:27:25.0319 31884 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:27:25.0322 31884 Brserid - ok
15:27:25.0327 31884 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:27:25.0328 31884 BrSerWdm - ok
15:27:25.0332 31884 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:27:25.0333 31884 BrUsbMdm - ok
15:27:25.0337 31884 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:27:25.0338 31884 BrUsbSer - ok
15:27:25.0344 31884 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:27:25.0345 31884 BthEnum - ok
15:27:25.0351 31884 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:27:25.0353 31884 BTHMODEM - ok
15:27:25.0360 31884 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:27:25.0363 31884 BthPan - ok
15:27:25.0382 31884 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
15:27:25.0388 31884 BTHPORT - ok
15:27:25.0394 31884 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:27:25.0396 31884 bthserv - ok
15:27:25.0402 31884 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
15:27:25.0403 31884 BTHUSB - ok
15:27:25.0436 31884 btwdins (f28dab823fcda98f50dd677552a4dc52) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:27:25.0441 31884 btwdins - ok
15:27:25.0444 31884 catchme - ok
15:27:25.0461 31884 CAXHWAZL (fdb53a8d3bc52dc29884587e768e3388) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
15:27:25.0465 31884 CAXHWAZL - ok
15:27:25.0471 31884 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:27:25.0473 31884 cdfs - ok
15:27:25.0481 31884 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:27:25.0483 31884 cdrom - ok
15:27:25.0489 31884 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:27:25.0491 31884 CertPropSvc - ok
15:27:25.0496 31884 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:27:25.0497 31884 circlass - ok
15:27:25.0514 31884 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:27:25.0518 31884 CLFS - ok
15:27:25.0525 31884 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:27:25.0526 31884 clr_optimization_v2.0.50727_32 - ok
15:27:25.0534 31884 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:27:25.0535 31884 clr_optimization_v2.0.50727_64 - ok
15:27:25.0539 31884 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:27:25.0541 31884 CmBatt - ok
15:27:25.0545 31884 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:27:25.0546 31884 cmdide - ok
15:27:25.0564 31884 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
15:27:25.0569 31884 CNG - ok
15:27:25.0577 31884 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:27:25.0578 31884 Compbatt - ok
15:27:25.0583 31884 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:27:25.0584 31884 CompositeBus - ok
15:27:25.0587 31884 COMSysApp - ok
15:27:25.0592 31884 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:27:25.0594 31884 crcdisk - ok
15:27:25.0605 31884 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:27:25.0608 31884 CryptSvc - ok
15:27:25.0632 31884 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:27:25.0639 31884 DcomLaunch - ok
15:27:25.0647 31884 DefragFS (952ac62074718c8f04f053e5073eeb45) C:\Windows\system32\drivers\DefragFS.sys
15:27:25.0649 31884 DefragFS - ok
15:27:25.0662 31884 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:27:25.0666 31884 defragsvc - ok
15:27:25.0673 31884 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:27:25.0675 31884 DfsC - ok
15:27:25.0692 31884 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:27:25.0696 31884 Dhcp - ok
15:27:25.0702 31884 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:27:25.0703 31884 discache - ok
15:27:25.0709 31884 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:27:25.0710 31884 Disk - ok
15:27:25.0720 31884 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:27:25.0723 31884 Dnscache - ok
15:27:25.0735 31884 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:27:25.0738 31884 dot3svc - ok
15:27:25.0747 31884 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:27:25.0750 31884 DPS - ok
15:27:25.0754 31884 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:27:25.0755 31884 drmkaud - ok
15:27:25.0792 31884 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:27:25.0801 31884 DXGKrnl - ok
15:27:25.0809 31884 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:27:25.0811 31884 EapHost - ok
15:27:25.0957 31884 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:27:25.0997 31884 ebdrv - ok
15:27:26.0031 31884 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:27:26.0034 31884 EFS - ok
15:27:26.0064 31884 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:27:26.0072 31884 ehRecvr - ok
15:27:26.0081 31884 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:27:26.0084 31884 ehSched - ok
15:27:26.0114 31884 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:27:26.0119 31884 elxstor - ok
15:27:26.0123 31884 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:27:26.0124 31884 ErrDev - ok
15:27:26.0148 31884 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:27:26.0153 31884 EventSystem - ok
15:27:26.0163 31884 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:27:26.0166 31884 exfat - ok
15:27:26.0176 31884 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:27:26.0179 31884 fastfat - ok
15:27:26.0207 31884 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:27:26.0215 31884 Fax - ok
15:27:26.0219 31884 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:27:26.0220 31884 fdc - ok
15:27:26.0224 31884 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:27:26.0226 31884 fdPHost - ok
15:27:26.0231 31884 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:27:26.0233 31884 FDResPub - ok
15:27:26.0239 31884 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:27:26.0241 31884 FileInfo - ok
15:27:26.0246 31884 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:27:26.0247 31884 Filetrace - ok
15:27:26.0275 31884 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:27:26.0279 31884 FLEXnet Licensing Service - ok
15:27:26.0318 31884 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:27:26.0328 31884 FLEXnet Licensing Service 64 - ok
15:27:26.0359 31884 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:27:26.0360 31884 flpydisk - ok
15:27:26.0374 31884 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:27:26.0377 31884 FltMgr - ok
15:27:26.0428 31884 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
15:27:26.0451 31884 FontCache - ok
15:27:26.0458 31884 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:27:26.0461 31884 FontCache3.0.0.0 - ok
15:27:26.0470 31884 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:27:26.0472 31884 FsDepends - ok
15:27:26.0477 31884 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:27:26.0479 31884 Fs_Rec - ok
15:27:26.0491 31884 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:27:26.0494 31884 fvevol - ok
15:27:26.0499 31884 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:27:26.0501 31884 gagp30kx - ok
15:27:26.0506 31884 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:27:26.0507 31884 GEARAspiWDM - ok
15:27:26.0534 31884 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:27:26.0543 31884 gpsvc - ok
15:27:26.0551 31884 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:27:26.0554 31884 gusvc - ok
15:27:26.0558 31884 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:27:26.0559 31884 hcw85cir - ok
15:27:26.0574 31884 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:27:26.0578 31884 HdAudAddService - ok
15:27:26.0585 31884 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:27:26.0587 31884 HDAudBus - ok
15:27:26.0593 31884 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:27:26.0595 31884 HidBatt - ok
15:27:26.0601 31884 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:27:26.0603 31884 HidBth - ok
15:27:26.0607 31884 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:27:26.0609 31884 HidIr - ok
15:27:26.0613 31884 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:27:26.0616 31884 hidserv - ok
15:27:26.0621 31884 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:27:26.0622 31884 HidUsb - ok
15:27:26.0628 31884 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:27:26.0631 31884 hkmsvc - ok
15:27:26.0641 31884 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:27:26.0645 31884 HomeGroupListener - ok
15:27:26.0655 31884 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:27:26.0660 31884 HomeGroupProvider - ok
15:27:26.0664 31884 hotcore3 - ok
15:27:26.0671 31884 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:27:26.0673 31884 HpSAMD - ok
15:27:26.0723 31884 HSF_DPV (e90d0e3d9715f3bec7db2d6321dddee8) C:\Windows\system32\DRIVERS\CAX_DPV.sys
15:27:26.0737 31884 HSF_DPV - ok
15:27:26.0789 31884 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:27:26.0796 31884 HTTP - ok
15:27:26.0800 31884 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:27:26.0801 31884 hwpolicy - ok
15:27:26.0809 31884 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:27:26.0811 31884 i8042prt - ok
15:27:26.0830 31884 iaStor (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys
15:27:26.0833 31884 iaStor - ok
15:27:26.0849 31884 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
15:27:26.0854 31884 iaStorV - ok
15:27:26.0884 31884 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:27:26.0893 31884 idsvc - ok
15:27:26.0899 31884 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:27:26.0900 31884 iirsp - ok
15:27:26.0931 31884 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:27:26.0941 31884 IKEEXT - ok
15:27:27.0025 31884 IntcAzAudAddService (b16fc828ce7a76a8f1ce682e6ead2627) C:\Windows\system32\drivers\RTKVHD64.sys
15:27:27.0039 31884 IntcAzAudAddService - ok
15:27:27.0076 31884 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:27:27.0077 31884 intelide - ok
15:27:27.0085 31884 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:27:27.0087 31884 intelppm - ok
15:27:27.0095 31884 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:27:27.0099 31884 IPBusEnum - ok
15:27:27.0108 31884 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:27:27.0110 31884 IpFilterDriver - ok
15:27:27.0134 31884 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:27:27.0141 31884 iphlpsvc - ok
15:27:27.0147 31884 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:27:27.0148 31884 IPMIDRV - ok
15:27:27.0155 31884 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:27:27.0157 31884 IPNAT - ok
15:27:27.0193 31884 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
15:27:27.0202 31884 iPod Service - ok
15:27:27.0207 31884 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:27:27.0208 31884 IRENUM - ok
15:27:27.0213 31884 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:27:27.0214 31884 isapnp - ok
15:27:27.0227 31884 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:27:27.0230 31884 iScsiPrt - ok
15:27:27.0239 31884 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:27:27.0240 31884 IviRegMgr - ok
15:27:27.0245 31884 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:27:27.0247 31884 kbdclass - ok
15:27:27.0252 31884 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:27:27.0253 31884 kbdhid - ok
15:27:27.0257 31884 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:27:27.0260 31884 KeyIso - ok
15:27:27.0266 31884 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
15:27:27.0268 31884 KSecDD - ok
15:27:27.0276 31884 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
15:27:27.0279 31884 KSecPkg - ok
15:27:27.0284 31884 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:27:27.0285 31884 ksthunk - ok
15:27:27.0299 31884 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:27:27.0305 31884 KtmRm - ok
15:27:27.0316 31884 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:27:27.0321 31884 LanmanServer - ok
15:27:27.0329 31884 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:27:27.0334 31884 LanmanWorkstation - ok
15:27:27.0399 31884 Lavasoft Ad-Aware Service (5ee22a614300a61136faf2d047d6e927) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
15:27:27.0411 31884 Lavasoft Ad-Aware Service - ok
15:27:27.0445 31884 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
15:27:27.0447 31884 Lbd - ok
15:27:27.0456 31884 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:27:27.0458 31884 lltdio - ok
15:27:27.0472 31884 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:27:27.0477 31884 lltdsvc - ok
15:27:27.0481 31884 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:27:27.0483 31884 lmhosts - ok
15:27:27.0500 31884 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
15:27:27.0502 31884 LMIGuardianSvc - ok
15:27:27.0506 31884 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
15:27:27.0507 31884 LMIInfo - ok
15:27:27.0516 31884 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
15:27:27.0517 31884 LMIMaint - ok
15:27:27.0522 31884 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
15:27:27.0523 31884 lmimirr - ok
15:27:27.0528 31884 LMIRfsClientNP - ok
15:27:27.0535 31884 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
15:27:27.0537 31884 LMIRfsDriver - ok
15:27:27.0553 31884 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
15:27:27.0556 31884 LogMeIn - ok
15:27:27.0566 31884 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:27:27.0568 31884 LSI_FC - ok
15:27:27.0574 31884 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:27:27.0576 31884 LSI_SAS - ok
15:27:27.0582 31884 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:27:27.0583 31884 LSI_SAS2 - ok
15:27:27.0590 31884 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:27:27.0592 31884 LSI_SCSI - ok
15:27:27.0600 31884 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:27:27.0602 31884 luafv - ok
15:27:27.0609 31884 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:27:27.0612 31884 Mcx2Svc - ok
15:27:27.0616 31884 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:27:27.0618 31884 mdmxsdk - ok
15:27:27.0805 31884 MediaMall Server (4f35064ed1ad8386bf6eb09d6e2cea79) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
15:27:27.0834 31884 MediaMall Server - ok
15:27:27.0869 31884 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:27:27.0871 31884 megasas - ok
15:27:27.0883 31884 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:27:27.0886 31884 MegaSR - ok
15:27:27.0892 31884 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:27:27.0896 31884 MMCSS - ok
15:27:27.0901 31884 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:27:27.0902 31884 Modem - ok
15:27:27.0907 31884 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:27:27.0909 31884 monitor - ok
15:27:27.0914 31884 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:27:27.0916 31884 mouclass - ok
15:27:27.0920 31884 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:27:27.0922 31884 mouhid - ok
15:27:27.0929 31884 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:27:27.0930 31884 mountmgr - ok
15:27:27.0939 31884 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:27:27.0941 31884 MozillaMaintenance - ok
15:27:27.0953 31884 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
15:27:27.0956 31884 MpFilter - ok
15:27:27.0965 31884 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:27:27.0967 31884 mpio - ok
15:27:27.0974 31884 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:27:27.0976 31884 mpsdrv - ok
15:27:28.0003 31884 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:27:28.0009 31884 MpsSvc - ok
15:27:28.0018 31884 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:27:28.0020 31884 MRxDAV - ok
15:27:28.0028 31884 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:27:28.0031 31884 mrxsmb - ok
15:27:28.0043 31884 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:27:28.0047 31884 mrxsmb10 - ok
15:27:28.0055 31884 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:27:28.0057 31884 mrxsmb20 - ok
15:27:28.0062 31884 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:27:28.0063 31884 msahci - ok
15:27:28.0071 31884 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:27:28.0073 31884 msdsm - ok
15:27:28.0081 31884 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:27:28.0085 31884 MSDTC - ok
15:27:28.0091 31884 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:27:28.0093 31884 Msfs - ok
15:27:28.0097 31884 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:27:28.0098 31884 mshidkmdf - ok
15:27:28.0103 31884 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:27:28.0104 31884 msisadrv - ok
15:27:28.0113 31884 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:27:28.0116 31884 MSiSCSI - ok
15:27:28.0119 31884 msiserver - ok
15:27:28.0125 31884 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:27:28.0127 31884 MSKSSRV - ok
15:27:28.0132 31884 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:27:28.0133 31884 MSPCLOCK - ok
15:27:28.0137 31884 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:27:28.0138 31884 MSPQM - ok
15:27:28.0154 31884 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:27:28.0158 31884 MsRPC - ok
15:27:28.0166 31884 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:27:28.0167 31884 mssmbios - ok
15:27:28.0171 31884 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:27:28.0173 31884 MSTEE - ok
15:27:28.0178 31884 msvad_simple (c83829c280f0207677b7aaa151ef9c4d) C:\Windows\system32\drivers\povrtdev.sys
15:27:28.0179 31884 msvad_simple - ok
15:27:28.0184 31884 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:27:28.0185 31884 MTConfig - ok
15:27:28.0191 31884 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:27:28.0192 31884 Mup - ok
15:27:28.0211 31884 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:27:28.0218 31884 napagent - ok
15:27:28.0233 31884 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:27:28.0237 31884 NativeWifiP - ok
15:27:28.0267 31884 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:27:28.0277 31884 NDIS - ok
15:27:28.0282 31884 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:27:28.0284 31884 NdisCap - ok
15:27:28.0288 31884 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:27:28.0289 31884 NdisTapi - ok
15:27:28.0294 31884 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:27:28.0296 31884 Ndisuio - ok
15:27:28.0306 31884 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:27:28.0308 31884 NdisWan - ok
15:27:28.0315 31884 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:27:28.0316 31884 NDProxy - ok
15:27:28.0321 31884 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:27:28.0323 31884 NetBIOS - ok
15:27:28.0336 31884 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:27:28.0339 31884 NetBT - ok
15:27:28.0344 31884 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:27:28.0346 31884 Netlogon - ok
15:27:28.0361 31884 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:27:28.0367 31884 Netman - ok
15:27:28.0387 31884 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:27:28.0393 31884 netprofm - ok
15:27:28.0400 31884 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:27:28.0402 31884 NetTcpPortSharing - ok
15:27:28.0559 31884 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
15:27:28.0608 31884 netw5v64 - ok
15:27:28.0648 31884 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:27:28.0649 31884 nfrd960 - ok
15:27:28.0657 31884 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:27:28.0659 31884 NisDrv - ok
15:27:28.0673 31884 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
15:27:28.0676 31884 NisSrv - ok
15:27:28.0691 31884 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:27:28.0696 31884 NlaSvc - ok
15:27:28.0702 31884 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:27:28.0703 31884 Npfs - ok
15:27:28.0708 31884 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:27:28.0711 31884 nsi - ok
15:27:28.0715 31884 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:27:28.0716 31884 nsiproxy - ok
15:27:28.0802 31884 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
15:27:28.0827 31884 Ntfs - ok
15:27:28.0862 31884 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:27:28.0864 31884 Null - ok
15:27:28.0875 31884 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
15:27:28.0878 31884 nvraid - ok
15:27:28.0890 31884 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
15:27:28.0893 31884 nvstor - ok
15:27:28.0902 31884 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:27:28.0905 31884 nv_agp - ok
15:27:28.0912 31884 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:27:28.0914 31884 ohci1394 - ok
15:27:28.0930 31884 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:27:28.0935 31884 p2pimsvc - ok
15:27:28.0954 31884 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:27:28.0961 31884 p2psvc - ok
15:27:28.0968 31884 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:27:28.0970 31884 Parport - ok
15:27:28.0976 31884 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:27:28.0978 31884 partmgr - ok
15:27:28.0989 31884 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:27:28.0993 31884 PcaSvc - ok
15:27:29.0004 31884 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:27:29.0006 31884 pci - ok
15:27:29.0011 31884 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:27:29.0012 31884 pciide - ok
15:27:29.0023 31884 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:27:29.0025 31884 pcmcia - ok
15:27:29.0032 31884 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:27:29.0033 31884 pcw - ok
15:27:29.0106 31884 PDAgent (1963155b9d5c22e66f2f7729cd0a6238) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
15:27:29.0125 31884 PDAgent - ok
15:27:29.0237 31884 PDEngine (a817f42ca419a7fffc813b393e45173c) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
15:27:29.0259 31884 PDEngine - ok
15:27:29.0295 31884 PDFSFilter (751500cefa3d3b7a7fcb52c392f3be78) C:\Windows\system32\DRIVERS\PDFsFilter.sys
15:27:29.0297 31884 PDFSFilter - ok
15:27:29.0327 31884 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:27:29.0334 31884 PEAUTH - ok
15:27:29.0359 31884 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:27:29.0361 31884 PerfHost - ok
15:27:29.0421 31884 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:27:29.0437 31884 pla - ok
15:27:29.0456 31884 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:27:29.0462 31884 PlugPlay - ok
15:27:29.0467 31884 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:27:29.0470 31884 PNRPAutoReg - ok
15:27:29.0487 31884 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:27:29.0491 31884 PNRPsvc - ok
15:27:29.0502 31884 Polar Daemon (8a2b3e18d0a2d2536ba304bc465ebeb1) C:\Program Files (x86)\Polar\Daemon\polard.exe
15:27:29.0503 31884 Polar Daemon - ok
15:27:29.0525 31884 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:27:29.0531 31884 PolicyAgent - ok
15:27:29.0543 31884 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:27:29.0547 31884 Power - ok
15:27:29.0558 31884 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:27:29.0560 31884 PptpMiniport - ok
15:27:29.0566 31884 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:27:29.0568 31884 Processor - ok
15:27:29.0580 31884 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:27:29.0584 31884 ProfSvc - ok
15:27:29.0589 31884 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:27:29.0592 31884 ProtectedStorage - ok
15:27:29.0601 31884 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:27:29.0603 31884 Psched - ok
15:27:29.0614 31884 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:27:29.0615 31884 PSI_SVC_2 - ok
15:27:29.0620 31884 pwdrvio (da3964d8fb8798dc741abaca9ed1b99d) C:\Windows\system32\pwdrvio.sys
15:27:29.0624 31884 pwdrvio - ok
15:27:29.0631 31884 pwdspio (a55ed5a63d0178a41ea05ac50a60f89a) C:\Windows\system32\pwdspio.sys
15:27:29.0634 31884 pwdspio - ok
15:27:29.0640 31884 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
15:27:29.0642 31884 PxHlpa64 - ok
15:27:29.0688 31884 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:27:29.0703 31884 ql2300 - ok
15:27:29.0737 31884 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:27:29.0739 31884 ql40xx - ok
15:27:29.0751 31884 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:27:29.0756 31884 QWAVE - ok
15:27:29.0762 31884 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:27:29.0763 31884 QWAVEdrv - ok
15:27:29.0767 31884 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:27:29.0769 31884 RasAcd - ok
15:27:29.0774 31884 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:27:29.0776 31884 RasAgileVpn - ok
15:27:29.0784 31884 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:27:29.0788 31884 RasAuto - ok
15:27:29.0796 31884 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:27:29.0798 31884 Rasl2tp - ok
15:27:29.0813 31884 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:27:29.0819 31884 RasMan - ok
15:27:29.0826 31884 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:27:29.0828 31884 RasPppoe - ok
15:27:29.0834 31884 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:27:29.0836 31884 RasSstp - ok
15:27:29.0849 31884 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:27:29.0853 31884 rdbss - ok
15:27:29.0858 31884 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:27:29.0859 31884 rdpbus - ok
15:27:29.0863 31884 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:27:29.0864 31884 RDPCDD - ok
15:27:29.0871 31884 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:27:29.0872 31884 RDPENCDD - ok
15:27:29.0879 31884 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:27:29.0879 31884 RDPREFMP - ok
15:27:29.0890 31884 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:27:29.0893 31884 RDPWD - ok
15:27:29.0904 31884 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:27:29.0908 31884 rdyboost - ok
15:27:29.0912 31884 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
15:27:29.0914 31884 regi - ok
15:27:29.0921 31884 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:27:29.0924 31884 RemoteAccess - ok
15:27:29.0933 31884 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:27:29.0937 31884 RemoteRegistry - ok
15:27:29.0946 31884 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:27:29.0948 31884 RFCOMM - ok
15:27:29.0956 31884 rimsptsk (7eae3999b94a8ce60bfbaa83462b89a1) C:\Windows\system32\DRIVERS\rimssn64.sys
15:27:29.0958 31884 rimsptsk - ok
15:27:29.0965 31884 risdptsk (fa6d7cd63ad08a01d9259f58e0c5c09e) C:\Windows\system32\DRIVERS\risdsn64.sys
15:27:29.0967 31884 risdptsk - ok
15:27:29.0982 31884 Roxio UPnP Renderer 10 (d02e5a46f77c182ca1964080bcd586f7) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
15:27:29.0984 31884 Roxio UPnP Renderer 10 - ok
15:27:30.0000 31884 Roxio Upnp Server 10 (e5809597278802d09273ee07b5fc56e1) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
15:27:30.0002 31884 Roxio Upnp Server 10 - ok
15:27:30.0008 31884 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:27:30.0012 31884 RpcEptMapper - ok
15:27:30.0017 31884 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:27:30.0019 31884 RpcLocator - ok
15:27:30.0040 31884 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
15:27:30.0046 31884 RpcSs - ok
15:27:30.0056 31884 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:27:30.0057 31884 rspndr - ok
15:27:30.0069 31884 RTHDMIAzAudService (34f05c417f038ffa3bef69b798d7d7dd) C:\Windows\system32\drivers\RtHDMIVX.sys
15:27:30.0072 31884 RTHDMIAzAudService - ok
15:27:30.0083 31884 RtkAudioService (01e6a1e53e39a0b1e2b6ae62bf52e8ec) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
15:27:30.0084 31884 RtkAudioService - ok
15:27:30.0089 31884 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:27:30.0092 31884 SamSs - ok
15:27:30.0097 31884 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
15:27:30.0099 31884 SASDIFSV - ok
15:27:30.0102 31884 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
15:27:30.0103 31884 SASENUM - ok
15:27:30.0109 31884 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys
15:27:30.0110 31884 SASKUTIL - ok
15:27:30.0117 31884 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:27:30.0119 31884 sbp2port - ok
15:27:30.0163 31884 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
15:27:30.0175 31884 SBSDWSCService - ok
15:27:30.0185 31884 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:27:30.0189 31884 SCardSvr - ok
15:27:30.0196 31884 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:27:30.0198 31884 scfilter - ok
15:27:30.0236 31884 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:27:30.0249 31884 Schedule - ok
15:27:30.0256 31884 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:27:30.0257 31884 SCPolicySvc - ok
15:27:30.0270 31884 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:27:30.0276 31884 SDRSVC - ok
15:27:30.0285 31884 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:27:30.0287 31884 secdrv - ok
15:27:30.0292 31884 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:27:30.0295 31884 seclogon - ok
15:27:30.0302 31884 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:27:30.0305 31884 SENS - ok
15:27:30.0310 31884 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:27:30.0314 31884 SensrSvc - ok
15:27:30.0318 31884 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:27:30.0320 31884 Serenum - ok
15:27:30.0326 31884 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:27:30.0328 31884 Serial - ok
15:27:30.0333 31884 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:27:30.0334 31884 sermouse - ok
15:27:30.0348 31884 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:27:30.0353 31884 SessionEnv - ok
15:27:30.0357 31884 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys
15:27:30.0358 31884 SFEP - ok
15:27:30.0363 31884 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:27:30.0365 31884 sffdisk - ok
15:27:30.0369 31884 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:27:30.0371 31884 sffp_mmc - ok
15:27:30.0375 31884 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:27:30.0376 31884 sffp_sd - ok
15:27:30.0381 31884 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:27:30.0382 31884 sfloppy - ok
15:27:30.0399 31884 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:27:30.0404 31884 SharedAccess - ok
15:27:30.0419 31884 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:27:30.0425 31884 ShellHWDetection - ok
15:27:30.0431 31884 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:27:30.0432 31884 SiSRaid2 - ok
15:27:30.0438 31884 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:27:30.0440 31884 SiSRaid4 - ok
15:27:30.0449 31884 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:27:30.0451 31884 Smb - ok
15:27:30.0458 31884 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:27:30.0461 31884 SNMPTRAP - ok
15:27:30.0470 31884 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:27:30.0472 31884 SOHCImp - ok
15:27:30.0478 31884 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
15:27:30.0479 31884 SOHDBSvr - ok
15:27:30.0494 31884 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:27:30.0499 31884 SOHDms - ok
15:27:30.0504 31884 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:27:30.0506 31884 SOHDs - ok
15:27:30.0511 31884 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
15:27:30.0513 31884 SOHPlMgr - ok
15:27:30.0518 31884 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:27:30.0519 31884 spldr - ok
15:27:30.0540 31884 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:27:30.0549 31884 Spooler - ok
15:27:30.0658 31884 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:27:30.0693 31884 sppsvc - ok
15:27:30.0726 31884 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:27:30.0729 31884 sppuinotify - ok
15:27:30.0737 31884 Spyder3 (d8b882c520fc83547e22014ff5ec66d7) C:\Windows\system32\DRIVERS\Spyder3.sys
15:27:30.0739 31884 Spyder3 - ok
15:27:30.0759 31884 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:27:30.0764 31884 srv - ok
15:27:30.0782 31884 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:27:30.0787 31884 srv2 - ok
15:27:30.0797 31884 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:27:30.0799 31884 srvnet - ok
15:27:30.0811 31884 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:27:30.0816 31884 SSDPSRV - ok
15:27:30.0823 31884 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:27:30.0826 31884 SstpSvc - ok
15:27:30.0831 31884 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:27:30.0833 31884 stexstor - ok
15:27:30.0857 31884 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:27:30.0866 31884 stisvc - ok
15:27:30.0871 31884 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:27:30.0872 31884 swenum - ok
15:27:30.0894 31884 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:27:30.0902 31884 swprv - ok
15:27:30.0965 31884 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:27:30.0983 31884 SysMain - ok
15:27:31.0015 31884 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:27:31.0019 31884 TabletInputService - ok
15:27:31.0033 31884 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:27:31.0039 31884 TapiSrv - ok
15:27:31.0046 31884 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:27:31.0050 31884 TBS - ok
15:27:31.0143 31884 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:27:31.0170 31884 Tcpip - ok
15:27:31.0279 31884 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:27:31.0294 31884 TCPIP6 - ok
15:27:31.0334 31884 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:27:31.0336 31884 tcpipreg - ok
15:27:31.0342 31884 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:27:31.0344 31884 TDPIPE - ok
15:27:31.0349 31884 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:27:31.0350 31884 TDTCP - ok
15:27:31.0358 31884 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:27:31.0361 31884 tdx - ok
15:27:31.0367 31884 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:27:31.0369 31884 TermDD - ok
15:27:31.0398 31884 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:27:31.0408 31884 TermService - ok
15:27:31.0413 31884 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:27:31.0417 31884 Themes - ok
15:27:31.0424 31884 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:27:31.0426 31884 THREADORDER - ok
15:27:31.0435 31884 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:27:31.0439 31884 TrkWks - ok
15:27:31.0451 31884 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:27:31.0453 31884 TrustedInstaller - ok
15:27:31.0461 31884 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:27:31.0463 31884 tssecsrv - ok
15:27:31.0469 31884 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:27:31.0471 31884 TsUsbFlt - ok
15:27:31.0483 31884 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:27:31.0486 31884 tunnel - ok
15:27:31.0494 31884 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:27:31.0495 31884 uagp35 - ok
15:27:31.0506 31884 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:27:31.0507 31884 uCamMonitor - ok
15:27:31.0523 31884 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:27:31.0527 31884 udfs - ok
15:27:31.0538 31884 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:27:31.0542 31884 UI0Detect - ok
15:27:31.0547 31884 UimBus (49b13845f0dbe39b47fc91dc46b2170a) C:\Windows\system32\DRIVERS\uimx64.sys
15:27:31.0549 31884 UimBus - ok
15:27:31.0573 31884 Uim_IM (dd46bec773c011eaa5e502c43a73a1cc) C:\Windows\system32\Drivers\Uim_IMx64.sys
15:27:31.0579 31884 Uim_IM - ok
15:27:31.0585 31884 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:27:31.0587 31884 uliagpkx - ok
15:27:31.0592 31884 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:27:31.0594 31884 umbus - ok
15:27:31.0599 31884 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:27:31.0601 31884 UmPass - ok
15:27:31.0618 31884 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:27:31.0625 31884 upnphost - ok
15:27:31.0634 31884 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:27:31.0636 31884 USBAAPL64 - ok
15:27:31.0644 31884 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:27:31.0646 31884 usbaudio - ok
15:27:31.0652 31884 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
15:27:31.0654 31884 usbccgp - ok
15:27:31.0664 31884 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:27:31.0666 31884 usbcir - ok
15:27:31.0672 31884 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
15:27:31.0674 31884 usbehci - ok
15:27:31.0688 31884 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
15:27:31.0692 31884 usbhub - ok
15:27:31.0697 31884 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
15:27:31.0699 31884 usbohci - ok
15:27:31.0704 31884 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:27:31.0705 31884 usbprint - ok
15:27:31.0712 31884 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS
15:27:31.0714 31884 USBSTOR - ok
15:27:31.0719 31884 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
15:27:31.0721 31884 usbuhci - ok
15:27:31.0731 31884 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:27:31.0734 31884 usbvideo - ok
15:27:31.0739 31884 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:27:31.0743 31884 UxSms - ok
15:27:31.0749 31884 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:27:31.0751 31884 VaultSvc - ok
15:27:31.0756 31884 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:27:31.0758 31884 vdrvroot - ok
15:27:31.0777 31884 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:27:31.0785 31884 vds - ok
15:27:31.0791 31884 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:27:31.0792 31884 vga - ok
15:27:31.0797 31884 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:27:31.0799 31884 VgaSave - ok
15:27:31.0810 31884 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:27:31.0813 31884 vhdmp - ok
15:27:31.0818 31884 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:27:31.0819 31884 viaide - ok
15:27:31.0825 31884 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:27:31.0827 31884 volmgr - ok
15:27:31.0843 31884 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:27:31.0847 31884 volmgrx - ok
15:27:31.0860 31884 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:27:31.0864 31884 volsnap - ok
15:27:31.0874 31884 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:27:31.0876 31884 vsmraid - ok
15:27:31.0926 31884 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:27:31.0944 31884 VSS - ok
15:27:31.0975 31884 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:27:31.0976 31884 vwifibus - ok
15:27:31.0995 31884 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:27:32.0002 31884 W32Time - ok
15:27:32.0009 31884 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:27:32.0011 31884 WacomPen - ok
15:27:32.0018 31884 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:27:32.0020 31884 WANARP - ok
15:27:32.0024 31884 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:27:32.0025 31884 Wanarpv6 - ok
15:27:32.0071 31884 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:27:32.0083 31884 WatAdminSvc - ok
15:27:32.0141 31884 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:27:32.0158 31884 wbengine - ok
15:27:32.0194 31884 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:27:32.0200 31884 WbioSrvc - ok
15:27:32.0217 31884 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:27:32.0224 31884 wcncsvc - ok
15:27:32.0230 31884 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:27:32.0233 31884 WcsPlugInService - ok
15:27:32.0241 31884 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:27:32.0243 31884 Wd - ok
15:27:32.0273 31884 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:27:32.0280 31884 Wdf01000 - ok
15:27:32.0290 31884 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:27:32.0295 31884 WdiServiceHost - ok
15:27:32.0298 31884 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:27:32.0302 31884 WdiSystemHost - ok
15:27:32.0316 31884 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:27:32.0322 31884 WebClient - ok
15:27:32.0334 31884 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:27:32.0339 31884 Wecsvc - ok
15:27:32.0347 31884 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:27:32.0350 31884 wercplsupport - ok
15:27:32.0358 31884 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:27:32.0362 31884 WerSvc - ok
15:27:32.0370 31884 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:27:32.0371 31884 WfpLwf - ok
15:27:32.0380 31884 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
15:27:32.0383 31884 WimFltr - ok
15:27:32.0388 31884 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:27:32.0389 31884 WIMMount - ok
15:27:32.0415 31884 winachsf (057b062cf9a11e04db45b8c3afc28b11) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
15:27:32.0422 31884 winachsf - ok
15:27:32.0428 31884 WinDefend - ok
15:27:32.0435 31884 WinHttpAutoProxySvc - ok
15:27:32.0453 31884 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:27:32.0455 31884 Winmgmt - ok
15:27:32.0540 31884 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:27:32.0568 31884 WinRM - ok
15:27:32.0614 31884 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:27:32.0616 31884 WinUsb - ok
15:27:32.0662 31884 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:27:32.0674 31884 Wlansvc - ok
15:27:32.0681 31884 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:27:32.0683 31884 WmiAcpi - ok
15:27:32.0701 31884 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:27:32.0703 31884 wmiApSrv - ok
15:27:32.0708 31884 WMPNetworkSvc - ok
15:27:32.0715 31884 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:27:32.0719 31884 WPCSvc - ok
15:27:32.0727 31884 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:27:32.0732 31884 WPDBusEnum - ok
15:27:32.0737 31884 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:27:32.0738 31884 ws2ifsl - ok
15:27:32.0746 31884 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:27:32.0750 31884 wscsvc - ok
15:27:32.0754 31884 WSearch - ok
15:27:32.0839 31884 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:27:32.0864 31884 wuauserv - ok
15:27:32.0900 31884 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:27:32.0902 31884 WudfPf - ok
15:27:32.0913 31884 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:27:32.0916 31884 WUDFRd - ok
15:27:32.0923 31884 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:27:32.0928 31884 wudfsvc - ok
15:27:32.0941 31884 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:27:32.0945 31884 WwanSvc - ok
15:27:32.0950 31884 XAudio (638c99d993afab0e1fab226e2bbe6d79) C:\Windows\system32\DRIVERS\xaudio64.sys
15:27:32.0952 31884 XAudio - ok
15:27:32.0974 31884 XAudioService (3e775f0bd28ddeff53d78578b97a3cff) C:\Windows\system32\DRIVERS\xaudio64.exe
15:27:32.0978 31884 XAudioService - ok
15:27:33.0000 31884 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
15:27:33.0005 31884 yukonw7 - ok
15:27:33.0015 31884 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:27:33.0142 31884 \Device\Harddisk0\DR0 - ok
15:27:33.0170 31884 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
15:27:33.0177 31884 \Device\Harddisk1\DR1 - ok
15:27:33.0185 31884 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
15:27:33.0193 31884 \Device\Harddisk3\DR3 - ok
15:27:33.0200 31884 Boot (0x1200) (97d1d3eb07c285d3f8307df654960579) \Device\Harddisk0\DR0\Partition0
15:27:33.0201 31884 \Device\Harddisk0\DR0\Partition0 - ok
15:27:33.0206 31884 Boot (0x1200) (7e6f9bda52a58a0f7568a81de5eb53e3) \Device\Harddisk1\DR1\Partition0
15:27:33.0208 31884 \Device\Harddisk1\DR1\Partition0 - ok
15:27:33.0211 31884 Boot (0x1200) (f274501b2d81ac1a57a590676bc2e8ea) \Device\Harddisk3\DR3\Partition0
15:27:33.0214 31884 \Device\Harddisk3\DR3\Partition0 - ok
15:27:33.0214 31884 ============================================================
15:27:33.0214 31884 Scan finished
15:27:33.0214 31884 ============================================================
15:27:33.0222 41764 Detected object count: 0
15:27:33.0223 41764 Actual detected object count: 0
15:27:55.0232 37680 ============================================================
15:27:55.0232 37680 Scan started
15:27:55.0232 37680 Mode: Manual; SigCheck; TDLFS;
15:27:55.0232 37680 ============================================================
15:27:55.0586 37680 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:27:55.0648 37680 1394ohci - ok
15:27:55.0655 37680 ACDaemon (fee588cdf60f2b541b5a3e803fa938a1) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:27:55.0674 37680 ACDaemon - ok
15:27:55.0688 37680 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:27:55.0705 37680 ACPI - ok
15:27:55.0709 37680 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:27:55.0727 37680 AcpiPmi - ok
15:27:55.0733 37680 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
15:27:55.0745 37680 adfs - ok
15:27:55.0756 37680 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
15:27:55.0769 37680 Adobe Version Cue CS4 - ok
15:27:55.0796 37680 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:27:55.0810 37680 AdobeFlashPlayerUpdateSvc - ok
15:27:55.0829 37680 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:27:55.0848 37680 adp94xx - ok
15:27:55.0862 37680 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:27:55.0879 37680 adpahci - ok
15:27:55.0887 37680 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:27:55.0902 37680 adpu320 - ok
15:27:55.0910 37680 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:27:55.0945 37680 AeLookupSvc - ok
15:27:55.0966 37680 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:27:55.0986 37680 AFD - ok
15:27:55.0991 37680 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:27:56.0005 37680 agp440 - ok
15:27:56.0011 37680 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:27:56.0028 37680 ALG - ok
15:27:56.0032 37680 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:27:56.0045 37680 aliide - ok
15:27:56.0056 37680 AMD External Events Utility (bcc32bf5ebb5dfd4380fa053d3651949) C:\Windows\system32\atiesrxx.exe
15:27:56.0074 37680 AMD External Events Utility - ok
15:27:56.0078 37680 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:27:56.0093 37680 amdide - ok
15:27:56.0101 37680 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:27:56.0117 37680 AmdK8 - ok
15:27:56.0121 37680 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:27:56.0137 37680 AmdPPM - ok
15:27:56.0144 37680 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
15:27:56.0158 37680 amdsata - ok
15:27:56.0167 37680 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:27:56.0182 37680 amdsbs - ok
15:27:56.0186 37680 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
15:27:56.0200 37680 amdxata - ok
15:27:56.0209 37680 ApfiltrService (22fecb5b3de1eb8b1b2761338922f681) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:27:56.0223 37680 ApfiltrService - ok
15:27:56.0229 37680 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:27:56.0263 37680 AppID - ok
15:27:56.0267 37680 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:27:56.0302 37680 AppIDSvc - ok
15:27:56.0308 37680 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:27:56.0342 37680 Appinfo - ok
15:27:56.0349 37680 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:27:56.0360 37680 Apple Mobile Device - ok
15:27:56.0368 37680 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:27:56.0382 37680 arc - ok
15:27:56.0388 37680 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:27:56.0402 37680 arcsas - ok
15:27:56.0406 37680 ArcSoftKsUFilter (1ce3822b05a5e229286a15ea39369870) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:27:56.0417 37680 ArcSoftKsUFilter - ok
15:27:56.0421 37680 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
15:27:56.0434 37680 aswFsBlk - ok
15:27:56.0439 37680 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
15:27:56.0452 37680 aswMonFlt - ok
15:27:56.0457 37680 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
15:27:56.0470 37680 aswRdr - ok
15:27:56.0499 37680 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
15:27:56.0523 37680 aswSnx - ok
15:27:56.0537 37680 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
15:27:56.0553 37680 aswSP - ok
15:27:56.0558 37680 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
15:27:56.0571 37680 aswTdi - ok
15:27:56.0575 37680 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:27:56.0610 37680 AsyncMac - ok
15:27:56.0614 37680 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:27:56.0627 37680 atapi - ok
15:27:56.0937 37680 atikmdag (a29087680a1c3b049e3c05438e8ff2b8) C:\Windows\system32\DRIVERS\atikmdag.sys
15:27:57.0007 37680 atikmdag - ok
15:27:57.0061 37680 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:27:57.0100 37680 AudioEndpointBuilder - ok
15:27:57.0106 37680 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:27:57.0145 37680 AudioSrv - ok
15:27:57.0150 37680 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:27:57.0163 37680 avast! Antivirus - ok
15:27:57.0171 37680 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:27:57.0192 37680 AxInstSV - ok
15:27:57.0211 37680 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:27:57.0230 37680 b06bdrv - ok
15:27:57.0241 37680 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:27:57.0258 37680 b57nd60a - ok
15:27:57.0267 37680 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:27:57.0283 37680 BDESVC - ok
15:27:57.0286 37680 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:27:57.0321 37680 Beep - ok
15:27:57.0346 37680 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:27:57.0385 37680 BFE - ok
15:27:57.0416 37680 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:27:57.0459 37680 BITS - ok
15:27:57.0466 37680 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:27:57.0482 37680 blbdrive - ok
15:27:57.0500 37680 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:27:57.0515 37680 Bonjour Service - ok
15:27:57.0521 37680 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:27:57.0536 37680 bowser - ok
15:27:57.0540 37680 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:27:57.0558 37680 BrFiltLo - ok
15:27:57.0561 37680 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:27:57.0578 37680 BrFiltUp - ok
15:27:57.0585 37680 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:27:57.0620 37680 BridgeMP - ok
15:27:57.0627 37680 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:27:57.0662 37680 Browser - ok
15:27:57.0674 37680 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:27:57.0692 37680 Brserid - ok
15:27:57.0696 37680 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:27:57.0714 37680 BrSerWdm - ok
15:27:57.0718 37680 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:27:57.0736 37680 BrUsbMdm - ok
15:27:57.0740 37680 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:27:57.0755 37680 BrUsbSer - ok
15:27:57.0760 37680 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:27:57.0775 37680 BthEnum - ok
15:27:57.0781 37680 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:27:57.0798 37680 BTHMODEM - ok
15:27:57.0806 37680 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:27:57.0825 37680 BthPan - ok
15:27:57.0845 37680 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
15:27:57.0864 37680 BTHPORT - ok
15:27:57.0870 37680 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:27:57.0906 37680 bthserv - ok
15:27:57.0912 37680 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
15:27:57.0948 37680 BTHUSB - ok
15:27:57.0984 37680 btwdins (f28dab823fcda98f50dd677552a4dc52) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:27:58.0005 37680 btwdins - ok
15:27:58.0008 37680 catchme - ok
15:27:58.0024 37680 CAXHWAZL (fdb53a8d3bc52dc29884587e768e3388) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
15:27:58.0040 37680 CAXHWAZL - ok
15:27:58.0047 37680 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:27:58.0087 37680 cdfs - ok
15:27:58.0094 37680 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:27:58.0111 37680 cdrom - ok
15:27:58.0117 37680 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:27:58.0163 37680 CertPropSvc - ok
15:27:58.0168 37680 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:27:58.0185 37680 circlass - ok
15:27:58.0202 37680 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:27:58.0220 37680 CLFS - ok
15:27:58.0226 37680 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:27:58.0241 37680 clr_optimization_v2.0.50727_32 - ok
15:27:58.0248 37680 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:27:58.0260 37680 clr_optimization_v2.0.50727_64 - ok
15:27:58.0264 37680 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:27:58.0280 37680 CmBatt - ok
15:27:58.0284 37680 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:27:58.0297 37680 cmdide - ok
15:27:58.0313 37680 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
15:27:58.0338 37680 CNG - ok
15:27:58.0342 37680 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:27:58.0355 37680 Compbatt - ok
15:27:58.0360 37680 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:27:58.0378 37680 CompositeBus - ok
15:27:58.0381 37680 COMSysApp - ok
15:27:58.0386 37680 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:27:58.0400 37680 crcdisk - ok
15:27:58.0410 37680 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:27:58.0427 37680 CryptSvc - ok
15:27:58.0449 37680 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:27:58.0489 37680 DcomLaunch - ok
15:27:58.0497 37680 DefragFS (952ac62074718c8f04f053e5073eeb45) C:\Windows\system32\drivers\DefragFS.sys
15:27:58.0510 37680 DefragFS - ok
15:27:58.0523 37680 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:27:58.0560 37680 defragsvc - ok
15:27:58.0567 37680 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:27:58.0602 37680 DfsC - ok
15:27:58.0618 37680 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:27:58.0654 37680 Dhcp - ok
15:27:58.0664 37680 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:27:58.0700 37680 discache - ok
15:27:58.0705 37680 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:27:58.0719 37680 Disk - ok
15:27:58.0728 37680 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:27:58.0745 37680 Dnscache - ok
15:27:58.0756 37680 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:27:58.0792 37680 dot3svc - ok
15:27:58.0800 37680 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:27:58.0836 37680 DPS - ok
15:27:58.0840 37680 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:27:58.0857 37680 drmkaud - ok
15:27:58.0892 37680 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:27:58.0917 37680 DXGKrnl - ok
15:27:58.0924 37680 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:27:58.0960 37680 EapHost - ok
15:27:59.0074 37680 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:27:59.0133 37680 ebdrv - ok
15:27:59.0163 37680 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:27:59.0180 37680 EFS - ok
15:27:59.0210 37680 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:27:59.0231 37680 ehRecvr - ok
15:27:59.0238 37680 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:27:59.0255 37680 ehSched - ok
15:27:59.0280 37680 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:27:59.0299 37680 elxstor - ok
15:27:59.0302 37680 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:27:59.0318 37680 ErrDev - ok
15:27:59.0342 37680 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:27:59.0380 37680 EventSystem - ok
15:27:59.0389 37680 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:27:59.0425 37680 exfat - ok
15:27:59.0435 37680 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:27:59.0473 37680 fastfat - ok
15:27:59.0498 37680 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:27:59.0520 37680 Fax - ok
15:27:59.0524 37680 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:27:59.0540 37680 fdc - ok
15:27:59.0544 37680 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:27:59.0580 37680 fdPHost - ok
15:27:59.0584 37680 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:27:59.0620 37680 FDResPub - ok
15:27:59.0626 37680 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:27:59.0640 37680 FileInfo - ok
15:27:59.0645 37680 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:27:59.0680 37680 Filetrace - ok
15:27:59.0705 37680 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:27:59.0723 37680 FLEXnet Licensing Service - ok
15:27:59.0759 37680 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:27:59.0781 37680 FLEXnet Licensing Service 64 - ok
15:27:59.0812 37680 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:27:59.0827 37680 flpydisk - ok
15:27:59.0840 37680 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:27:59.0856 37680 FltMgr - ok
15:27:59.0898 37680 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
15:27:59.0942 37680 FontCache - ok
15:27:59.0947 37680 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:27:59.0960 37680 FontCache3.0.0.0 - ok
15:27:59.0968 37680 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:27:59.0982 37680 FsDepends - ok
15:27:59.0986 37680 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:28:00.0000 37680 Fs_Rec - ok
15:28:00.0012 37680 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:28:00.0031 37680 fvevol - ok
15:28:00.0036 37680 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:28:00.0051 37680 gagp30kx - ok
15:28:00.0056 37680 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:28:00.0067 37680 GEARAspiWDM - ok
15:28:00.0091 37680 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:28:00.0132 37680 gpsvc - ok
15:28:00.0140 37680 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:28:00.0153 37680 gusvc - ok
15:28:00.0157 37680 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:28:00.0172 37680 hcw85cir - ok
15:28:00.0186 37680 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:28:00.0206 37680 HdAudAddService - ok
15:28:00.0213 37680 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:28:00.0232 37680 HDAudBus - ok
15:28:00.0236 37680 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:28:00.0251 37680 HidBatt - ok
15:28:00.0257 37680 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:28:00.0275 37680 HidBth - ok
15:28:00.0280 37680 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:28:00.0298 37680 HidIr - ok
15:28:00.0302 37680 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:28:00.0338 37680 hidserv - ok
15:28:00.0342 37680 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:28:00.0358 37680 HidUsb - ok
15:28:00.0364 37680 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:28:00.0400 37680 hkmsvc - ok
15:28:00.0410 37680 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:28:00.0428 37680 HomeGroupListener - ok
15:28:00.0437 37680 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:28:00.0456 37680 HomeGroupProvider - ok
15:28:00.0459 37680 hotcore3 - ok
15:28:00.0466 37680 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:28:00.0480 37680 HpSAMD - ok
15:28:00.0546 37680 HSF_DPV (e90d0e3d9715f3bec7db2d6321dddee8) C:\Windows\system32\DRIVERS\CAX_DPV.sys
15:28:00.0591 37680 HSF_DPV - ok
15:28:00.0643 37680 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:28:00.0684 37680 HTTP - ok
15:28:00.0688 37680 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:28:00.0702 37680 hwpolicy - ok
15:28:00.0708 37680 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:28:00.0724 37680 i8042prt - ok
15:28:00.0742 37680 iaStor (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys
15:28:00.0758 37680 iaStor - ok
15:28:00.0775 37680 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
15:28:00.0792 37680 iaStorV - ok
15:28:00.0825 37680 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:28:00.0846 37680 idsvc - ok
15:28:00.0851 37680 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:28:00.0865 37680 iirsp - ok
15:28:00.0896 37680 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:28:00.0937 37680 IKEEXT - ok
15:28:01.0018 37680 IntcAzAudAddService (b16fc828ce7a76a8f1ce682e6ead2627) C:\Windows\system32\drivers\RTKVHD64.sys
15:28:01.0058 37680 IntcAzAudAddService - ok
15:28:01.0089 37680 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:28:01.0102 37680 intelide - ok
15:28:01.0107 37680 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:28:01.0123 37680 intelppm - ok
15:28:01.0129 37680 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:28:01.0166 37680 IPBusEnum - ok
15:28:01.0178 37680 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:28:01.0212 37680 IpFilterDriver - ok
15:28:01.0234 37680 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:28:01.0274 37680 iphlpsvc - ok
15:28:01.0280 37680 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:28:01.0296 37680 IPMIDRV - ok
15:28:01.0303 37680 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:28:01.0339 37680 IPNAT - ok
15:28:01.0372 37680 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
15:28:01.0394 37680 iPod Service - ok
15:28:01.0399 37680 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:28:01.0418 37680 IRENUM - ok
15:28:01.0422 37680 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:28:01.0435 37680 isapnp - ok
15:28:01.0449 37680 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:28:01.0465 37680 iScsiPrt - ok
15:28:01.0473 37680 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:28:01.0485 37680 IviRegMgr - ok
15:28:01.0490 37680 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:28:01.0504 37680 kbdclass - ok
15:28:01.0509 37680 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:28:01.0525 37680 kbdhid - ok
15:28:01.0529 37680 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:28:01.0545 37680 KeyIso - ok
15:28:01.0552 37680 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
15:28:01.0566 37680 KSecDD - ok
15:28:01.0574 37680 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
15:28:01.0589 37680 KSecPkg - ok
15:28:01.0593 37680 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:28:01.0628 37680 ksthunk - ok
15:28:01.0640 37680 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:28:01.0679 37680 KtmRm - ok
15:28:01.0691 37680 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:28:01.0729 37680 LanmanServer - ok
15:28:01.0737 37680 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:28:01.0775 37680 LanmanWorkstation - ok
15:28:01.0875 37680 Lavasoft Ad-Aware Service (5ee22a614300a61136faf2d047d6e927) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
15:28:01.0917 37680 Lavasoft Ad-Aware Service - ok
15:28:01.0949 37680 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
15:28:01.0961 37680 Lbd - ok
15:28:01.0969 37680 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:28:02.0005 37680 lltdio - ok
15:28:02.0018 37680 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:28:02.0055 37680 lltdsvc - ok
15:28:02.0060 37680 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:28:02.0097 37680 lmhosts - ok
15:28:02.0112 37680 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
15:28:02.0126 37680 LMIGuardianSvc - ok
15:28:02.0129 37680 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
15:28:02.0141 37680 LMIInfo - ok
15:28:02.0149 37680 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
15:28:02.0160 37680 LMIMaint - ok
15:28:02.0164 37680 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
15:28:02.0176 37680 lmimirr - ok
15:28:02.0179 37680 LMIRfsClientNP - ok
15:28:02.0186 37680 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
15:28:02.0198 37680 LMIRfsDriver - ok
15:28:02.0211 37680 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
15:28:02.0226 37680 LogMeIn - ok
15:28:02.0235 37680 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:28:02.0250 37680 LSI_FC - ok
15:28:02.0257 37680 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:28:02.0271 37680 LSI_SAS - ok
15:28:02.0276 37680 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:28:02.0290 37680 LSI_SAS2 - ok
15:28:02.0296 37680 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:28:02.0310 37680 LSI_SCSI - ok
15:28:02.0317 37680 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:28:02.0353 37680 luafv - ok
15:28:02.0360 37680 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:28:02.0377 37680 Mcx2Svc - ok
15:28:02.0381 37680 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:28:02.0394 37680 mdmxsdk - ok
15:28:02.0613 37680 MediaMall Server (4f35064ed1ad8386bf6eb09d6e2cea79) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
15:28:02.0691 37680 MediaMall Server - ok
15:28:02.0724 37680 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:28:02.0738 37680 megasas - ok
15:28:02.0750 37680 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:28:02.0767 37680 MegaSR - ok
15:28:02.0773 37680 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:28:02.0810 37680 MMCSS - ok
15:28:02.0815 37680 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:28:02.0850 37680 Modem - ok
15:28:02.0855 37680 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:28:02.0873 37680 monitor - ok
15:28:02.0878 37680 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:28:02.0891 37680 mouclass - ok
15:28:02.0896 37680 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:28:02.0912 37680 mouhid - ok
15:28:02.0919 37680 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:28:02.0933 37680 mountmgr - ok
15:28:02.0940 37680 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:28:02.0953 37680 MozillaMaintenance - ok
15:28:02.0964 37680 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
15:28:02.0980 37680 MpFilter - ok
15:28:02.0988 37680 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:28:03.0003 37680 mpio - ok
15:28:03.0009 37680 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:28:03.0044 37680 mpsdrv - ok
15:28:03.0071 37680 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:28:03.0114 37680 MpsSvc - ok
15:28:03.0123 37680 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:28:03.0143 37680 MRxDAV - ok
15:28:03.0152 37680 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:28:03.0168 37680 mrxsmb - ok
15:28:03.0181 37680 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:28:03.0198 37680 mrxsmb10 - ok
15:28:03.0206 37680 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:28:03.0221 37680 mrxsmb20 - ok
15:28:03.0226 37680 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:28:03.0240 37680 msahci - ok
15:28:03.0248 37680 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:28:03.0262 37680 msdsm - ok
15:28:03.0270 37680 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:28:03.0289 37680 MSDTC - ok
15:28:03.0295 37680 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:28:03.0330 37680 Msfs - ok
15:28:03.0334 37680 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:28:03.0369 37680 mshidkmdf - ok
15:28:03.0373 37680 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:28:03.0386 37680 msisadrv - ok
15:28:03.0395 37680 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:28:03.0432 37680 MSiSCSI - ok
15:28:03.0435 37680 msiserver - ok
15:28:03.0442 37680 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:28:03.0478 37680 MSKSSRV - ok
15:28:03.0482 37680 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:28:03.0517 37680 MSPCLOCK - ok
15:28:03.0521 37680 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:28:03.0556 37680 MSPQM - ok
15:28:03.0573 37680 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:28:03.0590 37680 MsRPC - ok
15:28:03.0597 37680 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:28:03.0611 37680 mssmbios - ok
15:28:03.0615 37680 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:28:03.0650 37680 MSTEE - ok
15:28:03.0654 37680 msvad_simple (c83829c280f0207677b7aaa151ef9c4d) C:\Windows\system32\drivers\povrtdev.sys
15:28:03.0665 37680 msvad_simple - ok
15:28:03.0669 37680 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:28:03.0685 37680 MTConfig - ok
15:28:03.0690 37680 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:28:03.0704 37680 Mup - ok
15:28:03.0724 37680 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:28:03.0763 37680 napagent - ok
15:28:03.0779 37680 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:28:03.0801 37680 NativeWifiP - ok
15:28:03.0835 37680 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:28:03.0859 37680 NDIS - ok
15:28:03.0865 37680 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:28:03.0900 37680 NdisCap - ok
15:28:03.0904 37680 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:28:03.0939 37680 NdisTapi - ok
15:28:03.0944 37680 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:28:03.0978 37680 Ndisuio - ok
15:28:03.0988 37680 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:28:04.0024 37680 NdisWan - ok
15:28:04.0030 37680 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:28:04.0064 37680 NDProxy - ok
15:28:04.0069 37680 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:28:04.0104 37680 NetBIOS - ok
15:28:04.0118 37680 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:28:04.0153 37680 NetBT - ok
15:28:04.0158 37680 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:28:04.0174 37680 Netlogon - ok
15:28:04.0189 37680 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:28:04.0229 37680 Netman - ok
15:28:04.0254 37680 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:28:04.0295 37680 netprofm - ok
15:28:04.0302 37680 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:28:04.0314 37680 NetTcpPortSharing - ok
15:28:04.0487 37680 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
15:28:04.0550 37680 netw5v64 - ok
15:28:04.0590 37680 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:28:04.0604 37680 nfrd960 - ok
15:28:04.0611 37680 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:28:04.0624 37680 NisDrv - ok
15:28:04.0638 37680 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
15:28:04.0655 37680 NisSrv - ok
15:28:04.0669 37680 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:28:04.0707 37680 NlaSvc - ok
15:28:04.0713 37680 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:28:04.0748 37680 Npfs - ok
15:28:04.0753 37680 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:28:04.0789 37680 nsi - ok
15:28:04.0793 37680 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:28:04.0829 37680 nsiproxy - ok
15:28:04.0904 37680 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
15:28:04.0950 37680 Ntfs - ok
15:28:04.0981 37680 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:28:05.0016 37680 Null - ok
15:28:05.0024 37680 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
15:28:05.0039 37680 nvraid - ok
15:28:05.0047 37680 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
15:28:05.0062 37680 nvstor - ok
15:28:05.0069 37680 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:28:05.0084 37680 nv_agp - ok
15:28:05.0090 37680 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:28:05.0106 37680 ohci1394 - ok
15:28:05.0122 37680 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:28:05.0141 37680 p2pimsvc - ok
15:28:05.0161 37680 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:28:05.0181 37680 p2psvc - ok
15:28:05.0188 37680 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:28:05.0205 37680 Parport - ok
15:28:05.0211 37680 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:28:05.0225 37680 partmgr - ok
15:28:05.0236 37680 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:28:05.0260 37680 PcaSvc - ok
15:28:05.0269 37680 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:28:05.0285 37680 pci - ok
15:28:05.0289 37680 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:28:05.0303 37680 pciide - ok
15:28:05.0312 37680 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:28:05.0328 37680 pcmcia - ok
15:28:05.0334 37680 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:28:05.0348 37680 pcw - ok
15:28:05.0429 37680 PDAgent (1963155b9d5c22e66f2f7729cd0a6238) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
15:28:05.0476 37680 PDAgent - ok
15:28:05.0581 37680 PDEngine (a817f42ca419a7fffc813b393e45173c) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
15:28:05.0631 37680 PDEngine - ok
15:28:05.0664 37680 PDFSFilter (751500cefa3d3b7a7fcb52c392f3be78) C:\Windows\system32\DRIVERS\PDFsFilter.sys
15:28:05.0676 37680 PDFSFilter - ok
15:28:05.0706 37680 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:28:05.0746 37680 PEAUTH - ok
15:28:05.0770 37680 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:28:05.0788 37680 PerfHost - ok
15:28:05.0856 37680 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:28:05.0913 37680 pla - ok
15:28:05.0931 37680 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:28:05.0951 37680 PlugPlay - ok
15:28:05.0956 37680 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:28:05.0973 37680 PNRPAutoReg - ok
15:28:05.0989 37680 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:28:06.0008 37680 PNRPsvc - ok
15:28:06.0018 37680 Polar Daemon (8a2b3e18d0a2d2536ba304bc465ebeb1) C:\Program Files (x86)\Polar\Daemon\polard.exe
15:28:06.0024 37680 Polar Daemon ( UnsignedFile.Multi.Generic ) - warning
15:28:06.0024 37680 Polar Daemon - detected UnsignedFile.Multi.Generic (1)
15:28:06.0047 37680 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:28:06.0086 37680 PolicyAgent - ok
15:28:06.0097 37680 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:28:06.0136 37680 Power - ok
15:28:06.0147 37680 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:28:06.0181 37680 PptpMiniport - ok
15:28:06.0187 37680 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:28:06.0202 37680 Processor - ok
15:28:06.0214 37680 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:28:06.0251 37680 ProfSvc - ok
15:28:06.0256 37680 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:28:06.0272 37680 ProtectedStorage - ok
15:28:06.0280 37680 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:28:06.0314 37680 Psched - ok
15:28:06.0325 37680 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:28:06.0338 37680 PSI_SVC_2 - ok
15:28:06.0342 37680 pwdrvio (da3964d8fb8798dc741abaca9ed1b99d) C:\Windows\system32\pwdrvio.sys
15:28:06.0359 37680 pwdrvio - ok
15:28:06.0363 37680 pwdspio (a55ed5a63d0178a41ea05ac50a60f89a) C:\Windows\system32\pwdspio.sys
15:28:06.0379 37680 pwdspio - ok
15:28:06.0385 37680 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
15:28:06.0397 37680 PxHlpa64 - ok
15:28:06.0443 37680 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:28:06.0476 37680 ql2300 - ok
15:28:06.0512 37680 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:28:06.0527 37680 ql40xx - ok
15:28:06.0540 37680 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:28:06.0563 37680 QWAVE - ok
15:28:06.0568 37680 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:28:06.0588 37680 QWAVEdrv - ok
15:28:06.0592 37680 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:28:06.0627 37680 RasAcd - ok
15:28:06.0633 37680 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:28:06.0667 37680 RasAgileVpn - ok
15:28:06.0675 37680 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:28:06.0712 37680 RasAuto - ok
15:28:06.0721 37680 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:28:06.0755 37680 Rasl2tp - ok
15:28:06.0770 37680 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:28:06.0809 37680 RasMan - ok
15:28:06.0816 37680 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:28:06.0852 37680 RasPppoe - ok
15:28:06.0858 37680 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:28:06.0893 37680 RasSstp - ok
15:28:06.0907 37680 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:28:06.0943 37680 rdbss - ok
15:28:06.0947 37680 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:28:06.0965 37680 rdpbus - ok
15:28:06.0969 37680 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:28:07.0004 37680 RDPCDD - ok
15:28:07.0010 37680 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:28:07.0046 37680 RDPENCDD - ok
15:28:07.0052 37680 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:28:07.0087 37680 RDPREFMP - ok
15:28:07.0097 37680 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:28:07.0113 37680 RDPWD - ok
15:28:07.0125 37680 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:28:07.0141 37680 rdyboost - ok
15:28:07.0145 37680 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
15:28:07.0158 37680 regi - ok
15:28:07.0166 37680 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:28:07.0202 37680 RemoteAccess - ok
15:28:07.0211 37680 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:28:07.0249 37680 RemoteRegistry - ok
15:28:07.0258 37680 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:28:07.0277 37680 RFCOMM - ok
15:28:07.0284 37680 rimsptsk (7eae3999b94a8ce60bfbaa83462b89a1) C:\Windows\system32\DRIVERS\rimssn64.sys
15:28:07.0299 37680 rimsptsk - ok
15:28:07.0306 37680 risdptsk (fa6d7cd63ad08a01d9259f58e0c5c09e) C:\Windows\system32\DRIVERS\risdsn64.sys
15:28:07.0320 37680 risdptsk - ok
15:28:07.0334 37680 Roxio UPnP Renderer 10 (d02e5a46f77c182ca1964080bcd586f7) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
15:28:07.0348 37680 Roxio UPnP Renderer 10 - ok
15:28:07.0365 37680 Roxio Upnp Server 10 (e5809597278802d09273ee07b5fc56e1) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
15:28:07.0380 37680 Roxio Upnp Server 10 - ok
15:28:07.0386 37680 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:28:07.0424 37680 RpcEptMapper - ok
15:28:07.0428 37680 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:28:07.0445 37680 RpcLocator - ok
15:28:07.0467 37680 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
15:28:07.0506 37680 RpcSs - ok
15:28:07.0516 37680 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:28:07.0551 37680 rspndr - ok
15:28:07.0563 37680 RTHDMIAzAudService (34f05c417f038ffa3bef69b798d7d7dd) C:\Windows\system32\drivers\RtHDMIVX.sys
15:28:07.0577 37680 RTHDMIAzAudService - ok
15:28:07.0589 37680 RtkAudioService (01e6a1e53e39a0b1e2b6ae62bf52e8ec) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
15:28:07.0602 37680 RtkAudioService - ok
15:28:07.0607 37680 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:28:07.0623 37680 SamSs - ok
15:28:07.0628 37680 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS
15:28:07.0640 37680 SASDIFSV - ok
15:28:07.0643 37680 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
15:28:07.0654 37680 SASENUM - ok
15:28:07.0659 37680 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys
15:28:07.0671 37680 SASKUTIL - ok
15:28:07.0678 37680 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:28:07.0692 37680 sbp2port - ok
15:28:07.0745 37680 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
15:28:07.0789 37680 SBSDWSCService - ok
15:28:07.0800 37680 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:28:07.0838 37680 SCardSvr - ok
15:28:07.0846 37680 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:28:07.0880 37680 scfilter - ok
15:28:07.0919 37680 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:28:07.0964 37680 Schedule - ok
15:28:07.0970 37680 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:28:08.0004 37680 SCPolicySvc - ok
15:28:08.0017 37680 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:28:08.0035 37680 SDRSVC - ok
15:28:08.0043 37680 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:28:08.0078 37680 secdrv - ok
15:28:08.0083 37680 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:28:08.0119 37680 seclogon - ok
15:28:08.0126 37680 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:28:08.0163 37680 SENS - ok
15:28:08.0168 37680 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:28:08.0186 37680 SensrSvc - ok
15:28:08.0190 37680 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:28:08.0206 37680 Serenum - ok
15:28:08.0212 37680 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:28:08.0228 37680 Serial - ok
15:28:08.0232 37680 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:28:08.0248 37680 sermouse - ok
15:28:08.0262 37680 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:28:08.0299 37680 SessionEnv - ok
15:28:08.0304 37680 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys
15:28:08.0317 37680 SFEP - ok
15:28:08.0321 37680 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:28:08.0339 37680 sffdisk - ok
15:28:08.0343 37680 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:28:08.0361 37680 sffp_mmc - ok
15:28:08.0366 37680 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:28:08.0383 37680 sffp_sd - ok
15:28:08.0387 37680 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:28:08.0402 37680 sfloppy - ok
15:28:08.0417 37680 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:28:08.0456 37680 SharedAccess - ok
15:28:08.0471 37680 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:28:08.0510 37680 ShellHWDetection - ok
15:28:08.0516 37680 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:28:08.0530 37680 SiSRaid2 - ok
15:28:08.0536 37680 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:28:08.0550 37680 SiSRaid4 - ok
15:28:08.0557 37680 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:28:08.0593 37680 Smb - ok
15:28:08.0599 37680 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:28:08.0617 37680 SNMPTRAP - ok
15:28:08.0626 37680 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:28:08.0637 37680 SOHCImp - ok
15:28:08.0642 37680 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
15:28:08.0653 37680 SOHDBSvr - ok
15:28:08.0667 37680 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:28:08.0682 37680 SOHDms - ok
15:28:08.0687 37680 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:28:08.0699 37680 SOHDs - ok
15:28:08.0709 37680 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
15:28:08.0720 37680 SOHPlMgr - ok
15:28:08.0730 37680 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:28:08.0744 37680 spldr - ok
15:28:08.0765 37680 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:28:08.0806 37680 Spooler - ok
15:28:08.0920 37680 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:28:08.0987 37680 sppsvc - ok
15:28:09.0020 37680 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:28:09.0059 37680 sppuinotify - ok
15:28:09.0066 37680 Spyder3 (d8b882c520fc83547e22014ff5ec66d7) C:\Windows\system32\DRIVERS\Spyder3.sys
15:28:09.0079 37680 Spyder3 - ok
15:28:09.0099 37680 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:28:09.0118 37680 srv - ok
15:28:09.0135 37680 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:28:09.0153 37680 srv2 - ok
15:28:09.0162 37680 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:28:09.0179 37680 srvnet - ok
15:28:09.0190 37680 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:28:09.0228 37680 SSDPSRV - ok
15:28:09.0235 37680 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:28:09.0272 37680 SstpSvc - ok
15:28:09.0277 37680 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:28:09.0291 37680 stexstor - ok
15:28:09.0313 37680 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:28:09.0340 37680 stisvc - ok
15:28:09.0344 37680 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:28:09.0358 37680 swenum - ok
15:28:09.0379 37680 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:28:09.0421 37680 swprv - ok
15:28:09.0482 37680 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:28:09.0521 37680 SysMain - ok
15:28:09.0551 37680 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:28:09.0574 37680 TabletInputService - ok
15:28:09.0587 37680 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:28:09.0625 37680 TapiSrv - ok
15:28:09.0632 37680 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:28:09.0669 37680 TBS - ok
15:28:09.0761 37680 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:28:09.0803 37680 Tcpip - ok
15:28:09.0898 37680 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:28:09.0934 37680 TCPIP6 - ok
15:28:09.0971 37680 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:28:10.0005 37680 tcpipreg - ok
15:28:10.0011 37680 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:28:10.0026 37680 TDPIPE - ok
15:28:10.0031 37680 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:28:10.0046 37680 TDTCP - ok
15:28:10.0054 37680 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:28:10.0088 37680 tdx - ok
15:28:10.0093 37680 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:28:10.0107 37680 TermDD - ok
15:28:10.0135 37680 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:28:10.0177 37680 TermService - ok
15:28:10.0182 37680 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:28:10.0206 37680 Themes - ok
15:28:10.0212 37680 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:28:10.0248 37680 THREADORDER - ok
15:28:10.0256 37680 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:28:10.0294 37680 TrkWks - ok
15:28:10.0304 37680 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:28:10.0339 37680 TrustedInstaller - ok
15:28:10.0346 37680 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:28:10.0381 37680 tssecsrv - ok
15:28:10.0387 37680 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:28:10.0402 37680 TsUsbFlt - ok
15:28:10.0410 37680 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:28:10.0445 37680 tunnel - ok
15:28:10.0451 37680 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:28:10.0466 37680 uagp35 - ok
15:28:10.0475 37680 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:28:10.0487 37680 uCamMonitor - ok
15:28:10.0502 37680 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:28:10.0538 37680 udfs - ok
15:28:10.0548 37680 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:28:10.0567 37680 UI0Detect - ok
15:28:10.0573 37680 UimBus (49b13845f0dbe39b47fc91dc46b2170a) C:\Windows\system32\DRIVERS\uimx64.sys
15:28:10.0585 37680 UimBus - ok
15:28:10.0607 37680 Uim_IM (dd46bec773c011eaa5e502c43a73a1cc) C:\Windows\system32\Drivers\Uim_IMx64.sys
15:28:10.0625 37680 Uim_IM - ok
15:28:10.0631 37680 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:28:10.0645 37680 uliagpkx - ok
15:28:10.0651 37680 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:28:10.0667 37680 umbus - ok
15:28:10.0671 37680 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:28:10.0687 37680 UmPass - ok
15:28:10.0705 37680 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:28:10.0746 37680 upnphost - ok
15:28:10.0754 37680 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:28:10.0768 37680 USBAAPL64 - ok
15:28:10.0776 37680 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
15:28:10.0794 37680 usbaudio - ok
15:28:10.0801 37680 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
15:28:10.0817 37680 usbccgp - ok
15:28:10.0824 37680 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:28:10.0842 37680 usbcir - ok
15:28:10.0848 37680 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
15:28:10.0863 37680 usbehci - ok
15:28:10.0877 37680 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
15:28:10.0896 37680 usbhub - ok
15:28:10.0901 37680 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
15:28:10.0916 37680 usbohci - ok
15:28:10.0921 37680 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:28:10.0939 37680 usbprint - ok
15:28:10.0946 37680 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS
15:28:10.0962 37680 USBSTOR - ok
15:28:10.0967 37680 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
15:28:10.0983 37680 usbuhci - ok
15:28:10.0992 37680 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:28:11.0010 37680 usbvideo - ok
15:28:11.0016 37680 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:28:11.0054 37680 UxSms - ok
15:28:11.0061 37680 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:28:11.0077 37680 VaultSvc - ok
15:28:11.0082 37680 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:28:11.0099 37680 vdrvroot - ok
15:28:11.0117 37680 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:28:11.0158 37680 vds - ok
15:28:11.0163 37680 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:28:11.0180 37680 vga - ok
15:28:11.0185 37680 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:28:11.0221 37680 VgaSave - ok
15:28:11.0231 37680 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:28:11.0247 37680 vhdmp - ok
15:28:11.0252 37680 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:28:11.0266 37680 viaide - ok
15:28:11.0272 37680 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:28:11.0286 37680 volmgr - ok
15:28:11.0302 37680 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:28:11.0320 37680 volmgrx - ok
15:28:11.0333 37680 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:28:11.0350 37680 volsnap - ok
15:28:11.0359 37680 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:28:11.0375 37680 vsmraid - ok
15:28:11.0423 37680 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:28:11.0477 37680 VSS - ok
15:28:11.0509 37680 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:28:11.0527 37680 vwifibus - ok
15:28:11.0547 37680 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:28:11.0588 37680 W32Time - ok
15:28:11.0595 37680 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:28:11.0610 37680 WacomPen - ok
15:28:11.0617 37680 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:28:11.0652 37680 WANARP - ok
15:28:11.0655 37680 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:28:11.0689 37680 Wanarpv6 - ok
15:28:11.0736 37680 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:28:11.0765 37680 WatAdminSvc - ok
15:28:11.0818 37680 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:28:11.0851 37680 wbengine - ok
15:28:11.0887 37680 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:28:11.0910 37680 WbioSrvc - ok
15:28:11.0928 37680 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:28:11.0953 37680 wcncsvc - ok
15:28:11.0959 37680 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:28:11.0976 37680 WcsPlugInService - ok
15:28:11.0984 37680 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:28:11.0998 37680 Wd - ok
15:28:12.0025 37680 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:28:12.0046 37680 Wdf01000 - ok
15:28:12.0054 37680 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:28:12.0077 37680 WdiServiceHost - ok
15:28:12.0081 37680 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:28:12.0103 37680 WdiSystemHost - ok
15:28:12.0116 37680 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:28:12.0140 37680 WebClient - ok
15:28:12.0153 37680 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:28:12.0192 37680 Wecsvc - ok
15:28:12.0199 37680 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:28:12.0238 37680 wercplsupport - ok
15:28:12.0245 37680 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:28:12.0283 37680 WerSvc - ok
15:28:12.0290 37680 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:28:12.0326 37680 WfpLwf - ok
15:28:12.0334 37680 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
15:28:12.0350 37680 WimFltr - ok
15:28:12.0355 37680 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:28:12.0369 37680 WIMMount - ok
15:28:12.0394 37680 winachsf (057b062cf9a11e04db45b8c3afc28b11) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
15:28:12.0412 37680 winachsf - ok
15:28:12.0417 37680 WinDefend - ok
15:28:12.0424 37680 WinHttpAutoProxySvc - ok
15:28:12.0441 37680 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:28:12.0478 37680 Winmgmt - ok
15:28:12.0545 37680 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:28:12.0600 37680 WinRM - ok
15:28:12.0634 37680 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:28:12.0651 37680 WinUsb - ok
15:28:12.0689 37680 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:28:12.0718 37680 Wlansvc - ok
15:28:12.0724 37680 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:28:12.0739 37680 WmiAcpi - ok
15:28:12.0754 37680 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:28:12.0771 37680 wmiApSrv - ok
15:28:12.0776 37680 WMPNetworkSvc - ok
15:28:12.0782 37680 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:28:12.0799 37680 WPCSvc - ok
15:28:12.0807 37680 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:28:12.0827 37680 WPDBusEnum - ok
15:28:12.0832 37680 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:28:12.0867 37680 ws2ifsl - ok
15:28:12.0875 37680 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:28:12.0897 37680 wscsvc - ok
15:28:12.0901 37680 WSearch - ok
15:28:12.0986 37680 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:28:13.0031 37680 wuauserv - ok
15:28:13.0066 37680 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:28:13.0101 37680 WudfPf - ok
15:28:13.0111 37680 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:28:13.0146 37680 WUDFRd - ok
15:28:13.0153 37680 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:28:13.0190 37680 wudfsvc - ok
15:28:13.0202 37680 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:28:13.0226 37680 WwanSvc - ok
15:28:13.0233 37680 XAudio (638c99d993afab0e1fab226e2bbe6d79) C:\Windows\system32\DRIVERS\xaudio64.sys
15:28:13.0246 37680 XAudio - ok
15:28:13.0266 37680 XAudioService (3e775f0bd28ddeff53d78578b97a3cff) C:\Windows\system32\DRIVERS\xaudio64.exe
15:28:13.0281 37680 XAudioService - ok
15:28:13.0302 37680 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
15:28:13.0320 37680 yukonw7 - ok
15:28:13.0338 37680 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:28:13.0478 37680 \Device\Harddisk0\DR0 - ok
15:28:13.0507 37680 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
15:28:13.0639 37680 \Device\Harddisk1\DR1 - ok
15:28:13.0643 37680 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
15:28:13.0757 37680 \Device\Harddisk3\DR3 - ok
15:28:13.0760 37680 Boot (0x1200) (97d1d3eb07c285d3f8307df654960579) \Device\Harddisk0\DR0\Partition0
15:28:13.0763 37680 \Device\Harddisk0\DR0\Partition0 - ok
15:28:13.0774 37680 Boot (0x1200) (7e6f9bda52a58a0f7568a81de5eb53e3) \Device\Harddisk1\DR1\Partition0
15:28:13.0776 37680 \Device\Harddisk1\DR1\Partition0 - ok
15:28:13.0784 37680 Boot (0x1200) (f274501b2d81ac1a57a590676bc2e8ea) \Device\Harddisk3\DR3\Partition0
15:28:13.0789 37680 \Device\Harddisk3\DR3\Partition0 - ok
15:28:13.0789 37680 ============================================================
15:28:13.0789 37680 Scan finished
15:28:13.0789 37680 ============================================================
15:28:13.0796 32152 Detected object count: 1
15:28:13.0796 32152 Actual detected object count: 1
15:29:16.0052 32152 Polar Daemon ( UnsignedFile.Multi.Generic ) - skipped by user
15:29:16.0052 32152 Polar Daemon ( UnsignedFile.Multi.Generic ) - User select action: Skip
Back to Top
 
New Topic Post reply to : MSE Cannot Start, sporadic search redirect Printable version of : MSE Cannot Start, sporadic search redirect
 
Forum Information
Currently it is Monday, September 15, 2014 5:05 AM (GMT +3)
There are a total of 60,594 posts in 13,316 threads.
In the last 3 days there were 1 new threads and 4 reply posts. View Active Threads
Who's Online
This forum has 36349 registered members. Please welcome our newest member, s3n9kun1.
4 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Slow Performance Since Installing Bullguard (2)9/14/2014 8:38:23 PM (bcbjork)
Bullguard Backup: 3 GB of files are "missing" but freespace calcuation seems to think they (5)9/13/2014 3:08:24 PM (Robert Mateescu)
Bullguard Firewall sometimes fails to start automatically. Error: 0x41d Step 5 (1)9/13/2014 3:06:53 PM (Robert Mateescu)