It's Cyber Monday - fantastic 70% discount

Buy Now

Limited time offer:

03

Days

/

00

Hrs

/

04

Min

/

04

Sec

MSE Cannot Start, sporadic search redirect

Posted 7/8/2012 12:16 AM
#94098
User avatar

yinzerniner Member

Date Joined Nov 2016
Total Posts: 4
As the subject says, Microsoft Security essentials cannot start (error code 0x80070424) and google searches and other windows redirect to crap sites. Happened after I restarted the computer this afternoon (1pm -500 GMT). Any help would be greatly appreciated. <br/> <br/>Hijackthis Log[/u] <br/> <br/>Logfile of Trend Micro HijackThis v2.0.2 <br/>Scan saved at 7:53:56 PM, on 7/7/2012 <br/>Platform: Unknown Windows (WinNT 6.01.3505 SP1) <br/>MSIE: Internet Explorer v9.00 (9.00.8112.16446) <br/>Boot mode: Normal <br/> <br/>Running processes: <br/>C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE <br/>C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe <br/>C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe <br/>C:\Program Files (x86)\Polar\WebSync\WebSync.exe <br/>C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe <br/>C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe <br/>C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe <br/>C:\Program Files (x86)\iTunes\iTunesHelper.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Program Files (x86)\MediaMall\MediaMallServer.exe <br/>C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe <br/>C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe <br/>C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\Program Files (x86)\uTorrent\uTorrent.exe <br/>C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe <br/> <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 <br/>R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = <br/>R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll <br/>O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll <br/>O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll <br/>O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll <br/>O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file) <br/>O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) <br/>O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll <br/>O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <br/>O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll <br/>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll <br/>O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll <br/>O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <br/>O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) <br/>O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll <br/>O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll <br/>O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <br/>O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll <br/>O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin <br/>O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" <br/>O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun <br/>O4 - HKLM\..\Run: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup <br/>O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" <br/>O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe <br/>O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" <br/>O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" <br/>O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE <br/>O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime <br/>O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" <br/>O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" <br/>O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun <br/>O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>O4 - HKCU\..\Run: [Audiogalaxy] "C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe" /startup <br/>O4 - HKCU\..\Run: [MysticThumbs] C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe <br/>O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED <br/>O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" <br/>O4 - Startup: Dropbox.lnk = Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>O4 - Global Startup: Bluetooth.lnk = ? <br/>O4 - Global Startup: Polar WebSync.lnk = ? <br/>O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe <br/>O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm <br/>O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm <br/>O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 <br/>O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html <br/>O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html <br/>O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html <br/>O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html <br/>O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm <br/>O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm <br/>O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm <br/>O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm <br/>O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe <br/>O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe <br/>O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics <br/>O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL <br/>O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe <br/>O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe <br/>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) <br/>O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) <br/>O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe <br/>O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe <br/>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) <br/>O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe <br/>O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe <br/>O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe <br/>O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe <br/>O23 - Service: IviRegMgr - InterVideo - c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe <br/>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe <br/>O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe <br/>O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe <br/>O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe <br/>O23 - Service: MediaMall Server - MediaMall Technologies, Inc. - C:\Program Files (x86)\MediaMall\MediaMallServer.exe <br/>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe <br/>O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe <br/>O23 - Service: Polar Daemon - Unknown owner - C:\Program Files (x86)\Polar\Daemon\polard.exe <br/>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe <br/>O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe <br/>O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe <br/>O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe <br/>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) <br/>O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe <br/>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) <br/>O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe <br/>O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe <br/>O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe <br/>O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe <br/>O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe <br/>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) <br/>O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe <br/>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) <br/>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) <br/>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) <br/>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) <br/>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) <br/>O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing) <br/> <br/>-- <br/>End of file - 16678 bytes <br/> <br/>MalwareBytes Log[/u] <br/> <br/>Malwarebytes Anti-Malware 1.61.0.1400 <br/>www.malwarebytes.org <br/> <br/>Database version: v2012.07.07.06 <br/> <br/>Windows 7 Service Pack 1 x64 NTFS (Safe Mode) <br/>Internet Explorer 9.0.8112.16421 <br/>Sotheby Chung :: SOTHEBYSVAIO [administrator] <br/> <br/>7/7/2012 3:11:15 PM <br/>mbam-log-2012-07-07 (15-11-15).txt <br/> <br/>Scan type: Full scan <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 724361 <br/>Time elapsed: 25 minute(s), 15 second(s) <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 1 <br/>HKCU\SOFTWARE\g043oqxanu (Trojan.FakeAlert) -> Quarantined and deleted successfully. <br/> <br/>Registry Values Detected: 2 <br/>HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Update (Backdoor.IRCBot) -> Data: C:\Windows\system32\svohost.exe -> Quarantined and deleted successfully. <br/>HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:18810 -> Quarantined and deleted successfully. <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 4 <br/>C:\Users\Sotheby Chung\AppData\Local\wmeks.exe (Trojan.FakeMS) -> Quarantined and deleted successfully. <br/>C:\Users\Sotheby Chung\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\3be75eb4-1f4e9d5e (Trojan.Agent) -> Quarantined and deleted successfully. <br/>C:\Users\Sotheby Chung\Documents\Downloads\Autodesk - ADT\AutoCAD ADT_2006_Keygen\Keymaker.exe (Malware.Gen) -> Quarantined and deleted successfully. <br/>C:\Windows\Installer\{d9b87c81-5340-e575-0dbc-2810a7f63932}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully. <br/> <br/>(end) <br/> <br/>DDS Log[/u] <br/> <br/>. <br/>DDS (Ver_2011-08-26.01) - NTFSAMD64 <br/>Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 <br/>Run by Sotheby Chung at 20:07:42 on 2012-07-07 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8159.5428 [GMT -4:00] <br/>. <br/>AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} <br/>SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} <br/>. <br/>============== Running Processes =============== <br/>. <br/>C:\Windows\system32\wininit.exe <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Windows\system32\svchost.exe -k RPCSS <br/>C:\Windows\system32\atiesrxx.exe <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\atieclxx.exe <br/>C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>C:\Windows\System32\spoolsv.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>C:\Program Files\Bonjour\mDNSResponder.exe <br/>C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>c:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe <br/>C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe <br/>C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe <br/>C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe <br/>C:\Program Files (x86)\MediaMall\MediaMallServer.exe <br/>C:\Program Files\Raxco\PerfectDisk\PDAgent.exe <br/>C:\Program Files (x86)\Polar\Daemon\polard.exe <br/>C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe <br/>C:\Program Files\Macrium\Reflect\ReflectService.exe <br/>C:\Windows\system32\svchost.exe -k imgsvc <br/>C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe <br/>C:\Windows\system32\DRIVERS\xaudio64.exe <br/>C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe <br/>C:\Windows\system32\WUDFHost.exe <br/>C:\Windows\system32\taskhost.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Program Files\Apoint\Apoint.exe <br/>C:\Program Files\Apoint\ApMsgFwd.exe <br/>C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe <br/>C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe <br/>C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe <br/>C:\Program Files\Microsoft Security Client\msseces.exe <br/>C:\Program Files\Windows Sidebar\sidebar.exe <br/>C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE <br/>C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe <br/>C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe <br/>C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe <br/>C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe <br/>C:\Program Files (x86)\Polar\WebSync\WebSync.exe <br/>C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>C:\Program Files\Apoint\Apntex.exe <br/>C:\Windows\system32\conhost.exe <br/>C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe <br/>C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe <br/>C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe <br/>C:\Program Files (x86)\iTunes\iTunesHelper.exe <br/>C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>C:\Windows\system32\SearchIndexer.exe <br/>C:\Program Files (x86)\MediaMall\MediaMallServer.exe <br/>C:\Windows\system32\conhost.exe <br/>C:\Program Files\iPod\bin\iPodService.exe <br/>C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe <br/>C:\Windows\system32\taskmgr.exe <br/>C:\Program Files\Windows Media Player\wmpnetwk.exe <br/>C:\Program Files (x86)\Mozilla Firefox\firefox.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe <br/>C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe <br/>C:\Windows\notepad.exe <br/>C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe <br/>C:\Program Files (x86)\uTorrent\uTorrent.exe <br/>C:\Program Files (x86)\FlashGet\flashget.exe <br/>C:\Windows\system32\conhost.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Windows\system32\SearchProtocolHost.exe <br/>C:\Windows\system32\SearchFilterHost.exe <br/>C:\Windows\SysWOW64\cmd.exe <br/>C:\Windows\system32\conhost.exe <br/>C:\Windows\SysWOW64\cscript.exe <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uInternet Settings,ProxyOverride = <local>;*.local <br/>uURLSearchHooks: H - No File <br/>BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll <br/>BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - C:\Program Files (x86)\FlashGet\jccatch.dll <br/>BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File <br/>BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File <br/>BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll <br/>BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll <br/>BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - C:\Program Files (x86)\FlashGet\getflash.dll <br/>BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <br/>TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File <br/>TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <br/>TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll <br/>TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File <br/>uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun <br/>uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe <br/>uRun: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe <br/>uRun: [Audiogalaxy] "C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe" /startup <br/>uRun: [MysticThumbs] C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe <br/>uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED <br/>uRun: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" <br/>mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin <br/>mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" <br/>mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun <br/>mRun: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup <br/>mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" <br/>mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe <br/>mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" <br/>mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" <br/>mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE <br/>mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime <br/>mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" <br/>mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" <br/>StartupFolder: C:\Users\SOTHEB~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe <br/>StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\POLARW~1.LNK - C:\Windows\Installer\{1A1F27A2-599F-46BC-B904-1053B3A4CFEB}\WebSync.exe2_4B58E052B1C94BE0AC42D7A472F5A651.exe <br/>StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SPYDER~1.LNK - C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe <br/>mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) <br/>mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) <br/>mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) <br/>mPolicies-system: EnableLUA = 0 (0x0) <br/>mPolicies-system: EnableUIADesktopToggle = 0 (0x0) <br/>mPolicies-system: PromptOnSecureDesktop = 0 (0x0) <br/>IE: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm <br/>IE: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm <br/>IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 <br/>IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html <br/>IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html <br/>IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html <br/>IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html <br/>IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm <br/>IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm <br/>IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm <br/>IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe <br/>IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab <br/>TCP: DhcpNameServer = 192.168.1.1 209.18.47.62 <br/>TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888} : DhcpNameServer = 192.168.1.1 209.18.47.62 <br/>TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\0435D61627476496 : DhcpNameServer = 8.8.8.8 4.2.2.3 <br/>TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\05F6F607 : DhcpNameServer = 192.168.0.1 <br/>TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\2427F6F6B6C697E624167656C6 : DhcpNameServer = 68.237.161.12 71.250.0.12 <br/>TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\348656C6375616441697C6967686473547574696F6D27657563747 : DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.33.1 <br/>TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\46C696E6B6 : DhcpNameServer = 192.168.0.1 <br/>TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\C414E4F49414F564255454F575946494 : DhcpNameServer = 172.16.156.1 205.152.132.23 205.152.37.23 <br/>TCP: Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}\C696E6B6379737 : DhcpNameServer = 167.206.251.130 167.206.251.129 <br/>TCP: Interfaces\{C97CF07A-B9F5-4DBB-A46A-6EDD1D7159D6} : DhcpNameServer = 192.168.1.1 209.18.47.62 <br/>Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL <br/>Notify: VESWinlogon - VESWinlogon.dll <br/>SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL <br/>BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll <br/>BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll <br/>BHO-X64: AcroIEHelperStub - No File <br/>BHO-X64: FGCatchUrl: {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll <br/>BHO-X64: flashget urlcatch - No File <br/>BHO-X64: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File <br/>BHO-X64: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File <br/>BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File <br/>BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll <br/>BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll <br/>BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <br/>BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll <br/>BHO-X64: FlashGet GetFlash Class: {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll <br/>BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <br/>BHO-X64: SmartSelect - No File <br/>TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File <br/>TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll <br/>TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll <br/>TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll <br/>TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File <br/>mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin <br/>mRun-x64: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" <br/>mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun <br/>mRun-x64: [SmartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup <br/>mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" <br/>mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe <br/>mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" <br/>mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" <br/>mRun-x64: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE <br/>mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime <br/>mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" <br/>mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" <br/>mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui <br/>mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" <br/>IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm <br/>IE-X64: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe <br/>SEH-X64: SABShellExecuteHook Class: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL <br/>. <br/>================= FIREFOX =================== <br/>. <br/>FF - ProfilePath - C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\ <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.nytimes.com/ <br/>FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= <br/>FF - prefs.js: network.proxy.type - 0 <br/>FF - plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll <br/>FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll <br/>FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll <br/>FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll <br/>FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll <br/>FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll <br/>FF - plugin: C:\Users\Sotheby Chung\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll <br/>FF - plugin: C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll <br/>FF - plugin: C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll <br/>FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll <br/>FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll <br/>FF - plugin: C:\Windows\SysWOW64\npmproxy.dll <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 hotcore3;hc3ServiceName;C:\Windows\system32\DRIVERS\hotcore3.sys --> C:\Windows\system32\DRIVERS\hotcore3.sys [?] <br/>R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?] <br/>R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] <br/>R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] <br/>R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] <br/>R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] <br/>R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] <br/>R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] <br/>R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] <br/>R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-7 44808] <br/>R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-1-31 375176] <br/>R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928] <br/>R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?] <br/>R2 MediaMall Server;MediaMall Server;C:\Program Files (x86)\MediaMall\MediaMallServer.exe [2011-5-27 4407152] <br/>R2 PDFSFilter;PDFSFilter;C:\Windows\system32\DRIVERS\PDFsFilter.sys --> C:\Windows\system32\DRIVERS\PDFsFilter.sys [?] <br/>R2 Polar Daemon;Polar Daemon;C:\Program Files (x86)\Polar\Daemon\polard.exe [2009-6-15 163840] <br/>R2 ReflectService;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2011-6-7 301720] <br/>R2 regi;regi;C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?] <br/>R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2010-4-22 189984] <br/>R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-7-15 1153368] <br/>R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-8-15 104960] <br/>R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] <br/>R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?] <br/>R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] <br/>R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys --> C:\Windows\system32\DRIVERS\SFEP.sys [?] <br/>R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] <br/>S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2009-6-23 12872] <br/>S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2009-6-23 67656] <br/>S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-5-25 2151128] <br/>S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-6-26 362992] <br/>S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016] <br/>S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 250056] <br/>S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-7-15 1038088] <br/>S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120] <br/>S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] <br/>S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] <br/>S3 pwdrvio;pwdrvio;\??\C:\Windows\system32\pwdrvio.sys --> C:\Windows\system32\pwdrvio.sys [?] <br/>S3 pwdspio;pwdspio;\??\C:\Windows\system32\pwdspio.sys --> C:\Windows\system32\pwdspio.sys [?] <br/>S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840] <br/>S3 SASENUM;SASENUM;C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [2009-6-23 12872] <br/>S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-4-22 120104] <br/>S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-4-22 70952] <br/>S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-4-22 427304] <br/>S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-4-22 75048] <br/>S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-4-22 91432] <br/>S3 Spyder3;Datacolor Spyder3;C:\Windows\system32\DRIVERS\Spyder3.sys --> C:\Windows\system32\DRIVERS\Spyder3.sys [?] <br/>S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] <br/>S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] <br/>S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] <br/>. <br/>=============== File Associations =============== <br/>. <br/>.scr=AutoCADScriptFile <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2012-07-07 23:53:49 -------- d-----w- C:\Program Files (x86)\Trend Micro <br/>2012-07-07 23:52:56 -------- d-----w- C:\Program Files (x86)\Oracle <br/>2012-07-07 23:52:53 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll <br/>2012-07-07 23:21:43 98816 ----a-w- C:\Windows\sed.exe <br/>2012-07-07 23:21:43 518144 ----a-w- C:\Windows\SWREG.exe <br/>2012-07-07 23:21:43 256000 ----a-w- C:\Windows\PEV.exe <br/>2012-07-07 23:21:43 208896 ----a-w- C:\Windows\MBR.exe <br/>2012-07-07 20:33:30 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys <br/>2012-07-07 20:33:30 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys <br/>2012-07-07 20:33:30 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys <br/>2012-07-07 20:33:18 41224 ----a-w- C:\Windows\avastSS.scr <br/>2012-07-07 20:33:07 -------- d-----w- C:\Program Files\AVAST Software <br/>2012-07-07 20:29:36 -------- d-----w- C:\Program Files\CCleaner <br/>2012-07-07 18:45:50 -------- d-----w- C:\Windows\System32\SPReview <br/>2012-07-07 18:43:25 -------- d-----w- C:\FRST <br/>2012-07-07 18:38:26 -------- d-----w- C:\Windows\System32\EventProviders <br/>2012-07-04 20:06:31 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% <br/>2012-07-04 07:28:21 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68A65EF2-2579-4B1F-9A46-8A8A82265EF3}\gapaengine.dll <br/>2012-07-04 07:28:10 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C10BFCF9-1701-492D-9CEA-8A312DD72A24}\mpengine.dll <br/>2012-07-03 07:28:12 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll <br/>2012-06-23 18:39:58 -------- d-----w- C:\Users\Sotheby Chung\AppData\Local\Macromedia <br/>2012-06-21 17:44:55 2622464 ----a-w- C:\Windows\System32\wucltux.dll <br/>2012-06-21 17:44:52 99840 ----a-w- C:\Windows\System32\wudriver.dll <br/>2012-06-21 17:44:51 36864 ----a-w- C:\Windows\System32\wuapp.exe <br/>2012-06-21 17:44:51 186752 ----a-w- C:\Windows\System32\wuwebv.dll <br/>2012-06-14 07:28:48 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{35B81FBD-0A5B-4A7E-B73D-CCAEC5539E34}\gapaengine.dll <br/>2012-06-13 04:16:44 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll <br/>2012-06-13 04:16:43 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe <br/>2012-06-13 04:16:43 77312 ----a-w- C:\Windows\System32\rdpwsx.dll <br/>2012-06-13 04:16:39 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe <br/>2012-06-13 04:16:35 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe <br/>2012-06-13 04:16:33 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe <br/>2012-06-13 04:16:06 3146752 ----a-w- C:\Windows\System32\win32k.sys <br/>2012-06-13 04:16:05 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2012-07-07 18:43:07 175616 ----a-w- C:\Windows\System32\msclmd.dll <br/>2012-07-07 18:43:07 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll <br/>2012-06-23 18:15:18 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2012-06-23 18:15:18 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe <br/>2012-05-22 06:53:50 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll <br/>2012-05-22 06:53:50 80768 ----a-w- C:\Windows\System32\LMIinit.dll <br/>2012-05-22 06:53:50 34688 ----a-w- C:\Windows\System32\LMIport.dll <br/>2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll <br/>2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll <br/>2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl <br/>2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe <br/>2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb <br/>2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll <br/>2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll <br/>2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl <br/>2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe <br/>2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb <br/>2012-05-04 23:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll <br/>2011-06-08 06:06:50 12535496 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe <br/>. <br/>============= FINISH: 20:08:24.54 =============== <br/> <br/> <br/>Attach Log[/u] <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2011-08-26.01) <br/>. <br/>Microsoft Windows 7 Home Premium <br/>Boot Device: \Device\HarddiskVolume2 <br/>Install Date: 4/21/2010 10:26:59 PM <br/>System Uptime: 7/7/2012 7:31:07 PM (1 hours ago) <br/>. <br/>Motherboard: Sony Corporation | | VAIO <br/>Processor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz | N/A | 2534/266mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 213 GiB total, 24.537 GiB free. <br/>D: is CDROM () <br/>E: is CDROM () <br/>F: is Removable <br/>G: is Removable <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318} <br/>Description: EASEUS Disk Enumerator <br/>Device ID: ROOT\SYSTEM\0001 <br/>Manufacturer: (Standard system devices) <br/>Name: EASEUS Disk Enumerator <br/>PNP Device ID: ROOT\SYSTEM\0001 <br/>Service: EUDISK <br/>. <br/>==== System Restore Points =================== <br/>. <br/>No restore point in system. <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>. <br/>µTorrent <br/>AAC Decoder <br/>Acrobat.com <br/>Ad-Aware <br/>Adobe Acrobat 9 Pro - English, Français, Deutsch <br/>Adobe After Effects CS4 <br/>Adobe After Effects CS4 Presets <br/>Adobe After Effects CS4 Third Party Content <br/>Adobe AIR <br/>Adobe Anchor Service CS4 <br/>Adobe Asset Services CS4 <br/>Adobe Bridge CS4 <br/>Adobe CMaps CS4 <br/>Adobe Color - Photoshop Specific CS4 <br/>Adobe Color EU Extra Settings CS4 <br/>Adobe Color JA Extra Settings CS4 <br/>Adobe Color NA Recommended Settings CS4 <br/>Adobe Color Video Profiles AE CS4 <br/>Adobe Color Video Profiles CS CS4 <br/>Adobe Contribute CS4 <br/>Adobe Creative Suite 4 Master Collection <br/>Adobe CS4 American English Speech Analysis Models <br/>Adobe CSI CS4 <br/>Adobe Default Language CS4 <br/>Adobe Device Central CS4 <br/>Adobe Dreamweaver CS4 <br/>Adobe Drive CS4 <br/>Adobe Dynamiclink Support <br/>Adobe Encore CS4 <br/>Adobe Encore CS4 Codecs <br/>Adobe ExtendScript Toolkit CS4 <br/>Adobe Extension Manager CS4 <br/>Adobe Fireworks CS4 <br/>Adobe Flash CS4 <br/>Adobe Flash CS4 Extension - Flash Lite STI en <br/>Adobe Flash CS4 STI-en <br/>Adobe Flash Player 11 Plugin <br/>Adobe Fonts All <br/>Adobe Illustrator CS4 <br/>Adobe InDesign CS4 <br/>Adobe InDesign CS4 Application Feature Set Files (Roman) <br/>Adobe InDesign CS4 Common Base Files <br/>Adobe InDesign CS4 Icon Handler <br/>Adobe Linguistics CS4 <br/>Adobe Media Encoder CS4 <br/>Adobe Media Encoder CS4 Additional Exporter <br/>Adobe Media Encoder CS4 Dolby <br/>Adobe Media Encoder CS4 Exporter <br/>Adobe Media Encoder CS4 Importer <br/>Adobe Media Player <br/>Adobe MotionPicture Color Files CS4 <br/>Adobe OnLocation CS4 <br/>Adobe Output Module <br/>Adobe PDF Library Files CS4 <br/>Adobe Photoshop CS4 Support <br/>Adobe Premiere Pro CS4 <br/>Adobe Premiere Pro CS4 Functional Content <br/>Adobe Premiere Pro CS4 Third Party Content <br/>Adobe Reader 9.1.3 <br/>Adobe Search for Help <br/>Adobe Service Manager Extension <br/>Adobe Setup <br/>Adobe SGM CS4 <br/>Adobe SING CS4 <br/>Adobe Soundbooth CS4 <br/>Adobe Soundbooth CS4 Codecs <br/>Adobe Type Support CS4 <br/>Adobe Update Manager CS4 <br/>Adobe Version Cue CS4 Server <br/>Adobe WinSoft Linguistics Plugin <br/>Adobe XMP Panels CS4 <br/>AdobeColorCommonSetCMYK <br/>AdobeColorCommonSetRGB <br/>Any DVD Cloner 1.2.6 <br/>Apple Application Support <br/>Apple Software Update <br/>Applian Director <br/>ArcSoft Magic-i Visual Effects 2 <br/>ArcSoft WebCam Companion 2 <br/>Audiogalaxy <br/>Autodesk Design Review 2010 <br/>AutoUpdate <br/>avast! Free Antivirus <br/>Catalyst Control Center - Branding <br/>Catalyst Control Center Core Implementation <br/>Catalyst Control Center Graphics Full Existing <br/>Catalyst Control Center Graphics Full New <br/>Catalyst Control Center Graphics Light <br/>Catalyst Control Center Graphics Previews Common <br/>Catalyst Control Center Graphics Previews Vista <br/>Catalyst Control Center InstallProxy <br/>Catalyst Control Center Localization All <br/>ccc-core-static <br/>CCC Help Chinese Standard <br/>CCC Help Chinese Traditional <br/>CCC Help Czech <br/>CCC Help Danish <br/>CCC Help Dutch <br/>CCC Help English <br/>CCC Help Finnish <br/>CCC Help French <br/>CCC Help German <br/>CCC Help Greek <br/>CCC Help Hungarian <br/>CCC Help Italian <br/>CCC Help Japanese <br/>CCC Help Korean <br/>CCC Help Norwegian <br/>CCC Help Polish <br/>CCC Help Portuguese <br/>CCC Help Russian <br/>CCC Help Spanish <br/>CCC Help Swedish <br/>CCC Help Thai <br/>CCC Help Turkish <br/>Chief Architect Premier X3 <br/>Click to Disc <br/>Click to Disc Editor <br/>Combined Community Codec Pack 2010-10-10 <br/>Connect <br/>Corel WinDVD 9 <br/>Disk Space Fan 2.2.7.821 <br/>DivX Codec <br/>DivX Converter <br/>DivX Player <br/>DivX Plus DirectShow Filters <br/>DivX Version Checker <br/>DivX Web Player <br/>DriveImage XML (Private Edition) <br/>Dropbox <br/>DVD Decrypter (Remove Only) <br/>DVDSmith Movie Backup 1.0.5 <br/>eMusic Download Manager 4.1.3.1 <br/>FlashGet 1.9.6.1073 <br/>FLV Player 2.0 (build 25) <br/>Free MP3 WMA OGG Converter 8.9.1 <br/>Google Chrome <br/>Google SketchUp 8 <br/>H.264 Decoder <br/>HijackThis 2.0.2 <br/>iConcertCal <br/>INI_FCFG_V03.14A05 <br/>inSSIDer <br/>iTunes Export <br/>Java Auto Updater <br/>Java(TM) 6 Update 31 <br/>Java(TM) 7 Update 5 <br/>Java(TM) SE Runtime Environment 6 <br/>JavaFX 2.1.1 <br/>Korean Fonts Support For Adobe Reader 9 <br/>kuler <br/>LastPass (uninstall only) <br/>LibreOffice 3.4 <br/>Logitech Harmony Remote Software 7 <br/>Logitech Touch Mouse Server 1.0 <br/>LogMeIn <br/>Malwarebytes' Anti-Malware <br/>MediaMonkey 4.0 <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>MiniTool Partition Wizard Home Edition 6.0 <br/>MKV Splitter <br/>Mozilla Firefox 13.0.1 (x86 en-US) <br/>Mozilla Maintenance Service <br/>MSXML 4.0 SP2 (KB927978) <br/>MSXML 4.0 SP2 (KB954430) <br/>MSXML 4.0 SP2 (KB973688) <br/>Music Transfer <br/>Paragon Backup & Recovery™ 2011 (Advanced) Free <br/>PDF Settings CS4 <br/>Photoshop Camera Raw <br/>Picasa 3 <br/>Pixel Bender Toolkit <br/>PlayOn <br/>Polar Daemon <br/>Polar WebSync <br/>Primo <br/>PS3 Media Server <br/>QuickTime <br/>RAR Password Recovery Magic v6.1.1.393 <br/>Realtek HDMI Audio Driver for ATI <br/>Realtek High Definition Audio Driver <br/>Remote Control USB Driver <br/>Replay Music <br/>ReproEFS <br/>Roxio Central Audio <br/>Roxio Central Copy <br/>Roxio Central Core <br/>Roxio Central Data <br/>Roxio Central Tools <br/>Roxio Easy Media Creator 10 LJ <br/>Roxio Easy Media Creator Home <br/>Runtime <br/>Setting Utility Series <br/>SmartWi Connection Utility <br/>Sony Home Network Library <br/>Sony Picture Utility <br/>Spotify <br/>Spybot - Search & Destroy <br/>Spyder3Elite <br/>Suite Shared Configuration CS4 <br/>SUPERAntiSpyware Free Edition <br/>TreeSize Free V2.3.3 <br/>Uninstall 1.0.0.1 <br/>VC80CRTRedist - 8.0.50727.762 <br/>VLC media player 1.0.3 <br/>VoiceOver Kit <br/>WinDirStat 1.1.2 <br/>WinDVD BD for VAIO <br/>. <br/>==== Event Viewer Messages From Past Week ======== <br/>. <br/>7/7/2012 7:31:57 PM, Error: Service Control Manager [7000] - The SASKUTIL service failed to start due to the following error: This driver has been blocked from loading <br/>7/7/2012 7:31:57 PM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: This driver has been blocked from loading <br/>7/7/2012 7:31:57 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. <br/>7/7/2012 7:31:57 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. <br/>7/7/2012 7:31:32 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL <br/>7/7/2012 7:31:30 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found. <br/>7/7/2012 7:31:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect. <br/>7/7/2012 7:31:22 PM, Error: atikmdag [52236] - CPLIB :: General - Invalid Parameter <br/>7/7/2012 7:30:37 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. <br/>7/7/2012 7:29:52 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. <br/>7/7/2012 7:22:54 PM, Error: Service Control Manager [7034] - The Polar Daemon service terminated unexpectedly. It has done this 1 time(s). <br/>7/7/2012 7:17:56 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. <br/>7/7/2012 6:15:06 PM, Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed. <br/>7/7/2012 6:15:02 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. <br/>7/7/2012 6:14:59 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. <br/>7/7/2012 4:22:08 PM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The service has not been started. <br/>7/7/2012 3:23:50 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. <br/>7/7/2012 3:11:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} <br/>7/7/2012 3:11:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} <br/>7/7/2012 3:10:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} <br/>7/7/2012 3:10:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} <br/>7/7/2012 3:10:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} <br/>7/7/2012 3:10:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} <br/>7/7/2012 3:10:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} <br/>7/7/2012 3:09:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache EUBKMON EUDSKACS MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx UimBus Uim_IM Wanarpv6 WfpLwf <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. <br/>7/7/2012 3:09:47 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. <br/>7/7/2012 3:08:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} <br/>7/7/2012 3:06:21 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache EUBKMON EUDSKACS MpFilter SASDIFSV SASKUTIL spldr UimBus Uim_IM Wanarpv6 <br/>7/7/2012 3:01:47 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000ce (0xfffff8800363f100, 0x0000000000000008, 0xfffff8800363f100, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 070712-32136-01. <br/>7/7/2012 2:53:17 PM, Error: Service Control Manager [7031] - The Windows Event Log service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. <br/>7/7/2012 2:53:17 PM, Error: Service Control Manager [7031] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. <br/>7/7/2012 2:53:17 PM, Error: Service Control Manager [7031] - The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. <br/>7/7/2012 2:53:17 PM, Error: Service Control Manager [7031] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. <br/>7/7/2012 2:32:55 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891 <br/>7/4/2012 7:18:02 PM, Error: Microsoft-Windows-WMPNSS-Service [14365] - Proximity detection failed due to unknown error '0x80004004'. The best proximity time detected was -1 milliseconds. <br/>. <br/>==== End Of File =========================== <br/> <br/> <br/>Thanks again guys
Posted 7/8/2012 3:43 PM
#94103
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hello yinzerniner :smile: <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN-GB" lang=EN-GB>Download OTL by OldTimer, saving it to your desktop: <SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt"><SPAN style="COLOR: black; mso-ansi-language: EN-GB" lang=EN-GB>http://oldtimer.geekstogo.com/OTL.exe<SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN-GB" lang=EN-GB><?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p> <br/> <br/><UL type=disc> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l1 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9.5pt; mso-ansi-language: EN-GB" lang=EN-GB>Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.<o:p></o:p></LI> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l1 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9.5pt">Select <SPAN style="FONT-FAMILY: Verdana">All Users<o:p></o:p></LI> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l1 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9.5pt; mso-ansi-language: EN-GB" lang=EN-GB>Under the Custom Scan box paste this in<o:p></o:p></LI></UL> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9.5pt; mso-ansi-language: EN-GB" lang=EN-GB>netsvcs<SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9.5pt; mso-ansi-language: EN-GB" lang=EN-GB> <br/><b><SPAN style="FONT-FAMILY: Verdana">%SYSTEMDRIVE%\*.exe <br/><SPAN style="FONT-FAMILY: Verdana">/md5start <br/><SPAN style="FONT-FAMILY: Verdana">WSHELPER.* <br/><SPAN style="FONT-FAMILY: Verdana">services.exe <br/><SPAN style="FONT-FAMILY: Verdana">explorer.exe <br/><SPAN style="FONT-FAMILY: Verdana">winlogon.exe <br/><SPAN style="FONT-FAMILY: Verdana">Userinit.exe <br/><SPAN style="FONT-FAMILY: Verdana">svchost.exe <br/><SPAN style="FONT-FAMILY: Verdana">/md5stop <br/><SPAN style="FONT-FAMILY: Verdana">HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /rs <br/><SPAN style="FONT-FAMILY: Verdana">CREATERESTOREPOINT</B><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9.5pt; mso-ansi-language: EN-GB" lang=EN-GB><o:p></o:p> <br/> <br/><UL type=disc> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo2; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9.5pt; mso-ansi-language: EN-GB" lang=EN-GB>Click the <SPAN class=bbcu1>Quick Scan button. Do not change any settings unless otherwise told to do so. <SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9.5pt">The scan wont take long.<o:p></o:p></LI></UL> <br/><UL type=disc> <br/><UL type=disc> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level2 lfo3; tab-stops: list 72.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9.5pt; mso-ansi-language: EN-GB" lang=EN-GB>When the scan completes, it will open two notepad windows. <SPAN style="FONT-FAMILY: Verdana">OTL.Txt and <SPAN style="FONT-FAMILY: Verdana">Extras.Txt. These are saved in the same location as OTL.</LI> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level2 lfo3; tab-stops: list 72.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9.5pt; mso-ansi-language: EN-GB" lang=EN-GB><o:p></o:p></LI> <br/><LI style="LINE-HEIGHT: 16.8pt; MARGIN: 0cm 0cm 0pt; BACKGROUND: #e7eaef; COLOR: black; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level2 lfo3; tab-stops: list 72.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9.5pt">Post both logs<o:p></o:p></LI></UL></UL>

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 7/8/2012 5:09 PM
#94104
User avatar

yinzerniner Member

Date Joined Nov 2016
Total Posts: 4
Ran OTL.exe using you instructions. Did not get an Extras.txt file though. <br/>Here is the OTL.txt file <br/> <br/>OTL logfile created on: 7/8/2012 12:39:36 PM - Run 3 <br/>OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Sotheby Chung\Desktop <br/>64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation <br/>Internet Explorer (Version = 9.0.8112.16421) <br/>Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy <br/> <br/>7.97 Gb Total Physical Memory | 5.59 Gb Available Physical Memory | 70.16% Memory free <br/>15.93 Gb Paging File | 13.77 Gb Available in Paging File | 86.45% Paging File free <br/>Paging file location(s): ?:\pagefile.sys [binary data] <br/> <br/>%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) <br/>Drive C: | 213.19 Gb Total Space | 21.84 Gb Free Space | 10.25% Space Free | Partition Type: NTFS <br/>Drive D: | 38.33 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF <br/>Drive G: | 7.39 Gb Total Space | 1.74 Gb Free Space | 23.59% Space Free | Partition Type: FAT32 <br/> <br/>Computer Name: SOTHEBYSVAIO | User Name: Sotheby Chung | Logged in as Administrator. <br/>Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans <br/>Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days <br/> <br/>[color=#E56717]========== Processes (SafeList) ==========[/color] <br/> <br/>PRC - [2012/07/08 12:10:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sotheby Chung\Desktop\OTL.exe <br/>PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe <br/>PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>PRC - [2012/05/24 14:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe <br/>PRC - [2012/05/19 22:23:54 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe <br/>PRC - [2012/02/15 10:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe <br/>PRC - [2011/12/17 23:27:13 | 002,955,496 | ---- | M] (AG Entertainment Inc) -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe <br/>PRC - [2011/08/02 23:23:21 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE <br/>PRC - [2011/05/27 14:04:32 | 004,407,152 | ---- | M] (MediaMall Technologies, Inc.) -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe <br/>PRC - [2011/05/25 02:00:34 | 001,744,312 | ---- | M] (Lavasoft Limited ) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe <br/>PRC - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe <br/>PRC - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe <br/>PRC - [2009/08/26 17:11:50 | 000,173,368 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe <br/>PRC - [2009/08/26 17:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe <br/>PRC - [2009/06/23 14:32:08 | 007,159,808 | ---- | M] (Polar Electro Oy) -- C:\Program Files (x86)\Polar\WebSync\WebSync.exe <br/>PRC - [2009/06/15 13:14:08 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Polar\Daemon\polard.exe <br/>PRC - [2009/05/26 09:23:14 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe <br/>PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe <br/>PRC - [2008/06/11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe <br/>PRC - [2007/09/25 04:10:50 | 002,007,088 | ---- | M] (FlashGet.com) -- C:\Program Files (x86)\FlashGet\flashget.exe <br/> <br/> <br/>[color=#E56717]========== Modules (No Company Name) ==========[/color] <br/> <br/>MOD - [2012/07/07 15:54:54 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll <br/>MOD - [2012/07/07 15:54:46 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll <br/>MOD - [2012/07/07 15:54:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll <br/>MOD - [2012/07/07 15:54:16 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll <br/>MOD - [2012/07/07 15:54:10 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll <br/>MOD - [2012/07/07 15:53:57 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll <br/>MOD - [2012/07/07 15:53:51 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll <br/>MOD - [2012/07/07 15:53:46 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll <br/>MOD - [2012/07/07 15:53:43 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll <br/>MOD - [2012/07/07 15:53:35 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll <br/>MOD - [2012/05/19 22:23:54 | 000,932,528 | ---- | M] () -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe <br/>MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll <br/>MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll <br/>MOD - [2011/06/14 14:19:04 | 000,780,288 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\tag.dll <br/>MOD - [2011/03/01 16:20:06 | 001,014,286 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\avcodec-52.dll <br/>MOD - [2011/03/01 16:20:06 | 000,208,910 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\avformat-52.dll <br/>MOD - [2011/03/01 16:20:06 | 000,082,958 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\avutil-50.dll <br/>MOD - [2011/01/18 19:28:42 | 000,558,133 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\sqlite3.dll <br/>MOD - [2010/11/17 00:11:16 | 000,117,760 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL <br/>MOD - [2010/03/29 03:13:33 | 000,052,224 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll <br/>MOD - [2009/08/26 17:11:50 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll <br/>MOD - [2009/08/26 17:11:50 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll <br/>MOD - [2009/08/26 17:11:50 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll <br/>MOD - [2009/08/26 17:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe <br/>MOD - [2009/08/26 17:11:50 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll <br/>MOD - [2009/08/26 17:11:48 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll <br/>MOD - [2009/08/26 17:11:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll <br/>MOD - [2009/08/26 17:11:48 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll <br/>MOD - [2009/06/23 14:36:52 | 001,175,552 | ---- | M] () -- C:\Program Files (x86)\Polar\WebSync\libpolar.dll <br/>MOD - [2009/05/30 14:11:42 | 000,059,904 | ---- | M] () -- C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\zlib1.dll <br/>MOD - [2007/06/15 02:35:38 | 000,626,688 | ---- | M] () -- C:\Program Files (x86)\FlashGet\FGBTCORE.dll <br/>MOD - [2007/06/14 06:52:06 | 001,327,184 | ---- | M] () -- C:\Program Files (x86)\FlashGet\FGEMCORE.dll <br/> <br/> <br/>[color=#E56717]========== Win32 Services (SafeList) ==========[/color] <br/> <br/>SRV:64bit: - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) <br/>SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) <br/>SRV:64bit: - [2011/06/07 23:25:58 | 000,301,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService) <br/>SRV:64bit: - [2011/06/03 11:38:56 | 001,759,496 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent) <br/>SRV:64bit: - [2011/06/03 11:38:50 | 003,318,536 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe -- (PDEngine) <br/>SRV:64bit: - [2010/03/29 02:02:12 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) <br/>SRV:64bit: - [2009/09/03 16:15:38 | 000,189,984 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService) <br/>SRV:64bit: - [2009/09/01 10:15:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) <br/>SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) <br/>SRV:64bit: - [2009/01/24 11:23:16 | 000,839,720 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) <br/>SRV:64bit: - [2008/08/01 19:44:42 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.exe -- (XAudioService) <br/>SRV - [2012/06/23 14:15:21 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) <br/>SRV - [2012/06/16 18:16:53 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) <br/>SRV - [2012/05/22 02:53:59 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint) <br/>SRV - [2012/05/22 02:53:50 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc) <br/>SRV - [2011/09/16 15:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn) <br/>SRV - [2011/05/27 14:04:32 | 004,407,152 | ---- | M] (MediaMall Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server) <br/>SRV - [2011/05/25 02:00:34 | 002,151,128 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) <br/>SRV - [2010/05/20 16:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) <br/>SRV - [2010/03/29 01:59:58 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) <br/>SRV - [2010/03/11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) <br/>SRV - [2009/07/17 11:31:28 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) <br/>SRV - [2009/07/17 11:31:28 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr) <br/>SRV - [2009/07/17 11:31:28 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) <br/>SRV - [2009/07/17 11:31:26 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) <br/>SRV - [2009/07/17 11:31:26 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr) <br/>SRV - [2009/06/26 11:25:36 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10) <br/>SRV - [2009/06/26 11:25:24 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10) <br/>SRV - [2009/06/15 13:14:08 | 000,163,840 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Polar\Daemon\polard.exe -- (Polar Daemon) <br/>SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) <br/>SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) <br/>SRV - [2008/08/15 06:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) <br/>SRV - [2008/08/01 14:31:00 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) <br/> <br/> <br/>[color=#E56717]========== Driver Services (SafeList) ==========[/color] <br/> <br/>DRV:64bit: - [2012/07/03 12:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) <br/>DRV:64bit: - [2012/07/03 12:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) <br/>DRV:64bit: - [2012/07/03 12:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) <br/>DRV:64bit: - [2012/07/03 12:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) <br/>DRV:64bit: - [2012/07/03 12:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) <br/>DRV:64bit: - [2012/07/03 12:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) <br/>DRV:64bit: - [2012/05/22 02:53:50 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP) <br/>DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) <br/>DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) <br/>DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) <br/>DRV:64bit: - [2011/09/16 15:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) <br/>DRV:64bit: - [2011/09/16 15:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr) <br/>DRV:64bit: - [2011/06/06 08:07:12 | 000,079,888 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\PDFsFilter.sys -- (PDFSFilter) <br/>DRV:64bit: - [2011/05/26 11:13:10 | 000,140,816 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DefragFs.sys -- (DefragFS) <br/>DRV:64bit: - [2011/05/25 02:00:36 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) <br/>DRV:64bit: - [2011/05/06 14:30:20 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) <br/>DRV:64bit: - [2011/05/06 14:30:18 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) <br/>DRV:64bit: - [2011/01/21 14:52:18 | 000,528,464 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM) <br/>DRV:64bit: - [2011/01/21 14:52:18 | 000,053,840 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus) <br/>DRV:64bit: - [2011/01/21 14:52:18 | 000,037,456 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3) <br/>DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) <br/>DRV:64bit: - [2010/11/20 09:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) <br/>DRV:64bit: - [2010/11/20 09:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) <br/>DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) <br/>DRV:64bit: - [2010/04/29 13:40:54 | 000,028,528 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple) <br/>DRV:64bit: - [2009/09/09 10:04:46 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel(R) <br/>DRV:64bit: - [2009/09/03 15:43:36 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) <br/>DRV:64bit: - [2009/09/01 10:15:16 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) <br/>DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) <br/>DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) <br/>DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) <br/>DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) <br/>DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) <br/>DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) <br/>DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) <br/>DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) <br/>DRV:64bit: - [2009/05/20 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) <br/>DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) <br/>DRV:64bit: - [2009/05/08 18:26:55 | 000,154,168 | R--- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) <br/>DRV:64bit: - [2009/04/15 18:09:06 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) <br/>DRV:64bit: - [2008/12/15 13:07:42 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk) <br/>DRV:64bit: - [2008/12/15 12:31:18 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk) <br/>DRV:64bit: - [2008/09/18 18:31:20 | 000,193,072 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) <br/>DRV:64bit: - [2008/08/02 21:14:30 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) <br/>DRV:64bit: - [2008/08/01 19:44:42 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio) <br/>DRV:64bit: - [2008/08/01 19:44:40 | 001,511,936 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV) <br/>DRV:64bit: - [2008/08/01 19:44:40 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf) <br/>DRV:64bit: - [2008/08/01 19:44:40 | 000,300,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL) <br/>DRV:64bit: - [2008/08/01 19:44:40 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk) <br/>DRV:64bit: - [2008/06/27 08:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) <br/>DRV:64bit: - [2008/04/24 14:06:42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) <br/>DRV:64bit: - [2007/12/12 14:11:06 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3) <br/>DRV:64bit: - [2007/04/16 20:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi) <br/>DRV - [2011/09/16 15:10:50 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo) <br/>DRV - [2010/12/06 15:22:51 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) <br/>DRV - [2010/02/25 00:49:35 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV) <br/>DRV - [2010/02/25 00:49:35 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) <br/>DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) <br/>DRV - [2008/08/14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) <br/> <br/> <br/>[color=#E56717]========== Standard Registry (SafeList) ==========[/color] <br/> <br/> <br/>[color=#E56717]========== Internet Explorer ==========[/color] <br/> <br/>IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm <br/>IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} <br/>IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} <br/>IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm <br/>IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} <br/>IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} <br/>IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} <br/> <br/> <br/>IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/>IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/> <br/> <br/> <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A2 F4 6E A3 CD 5C CD 01 [binary data] <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 <br/>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local <br/> <br/>[color=#E56717]========== FireFox ==========[/color] <br/> <br/>FF - user.js - File not found <br/> <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found <br/>FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () <br/>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found <br/>FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () <br/>FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) <br/>FF - HKLM\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll (eMusic.com) <br/>FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) <br/>FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found <br/>FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) <br/>FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) <br/>FF - HKCU\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll (eMusic.com) <br/>FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sotheby Chung\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) <br/>FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sotheby Chung\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) <br/> <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Program Files (x86)\eMusic Download Manager\xulrunner\components [2011/09/29 23:34:48 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Program Files (x86)\eMusic Download Manager\xulrunner\plugins [2011/09/29 23:34:47 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/07 16:33:23 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/16 18:16:54 | 000,000,000 | ---D | M] <br/>FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/09/29 23:34:48 | 000,000,000 | ---D | M] <br/> <br/>[2010/04/21 22:04:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Extensions <br/>[2012/06/27 00:48:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions <br/>[2010/06/13 23:17:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} <br/>[2011/11/19 17:14:41 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9} <br/>[2012/06/04 00:31:39 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} <br/>[2011/06/04 18:54:17 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B} <br/>[2011/03/30 01:07:32 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\engine@conduit.com <br/>[2012/06/06 00:03:44 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\LogMeInClient@logmein.com <br/>[2012/06/27 00:48:43 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\extensions\support@lastpass.com <br/>[2012/04/26 00:25:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions <br/>[2010/04/21 21:52:10 | 000,000,000 | ---D | M] (eMusic - Apple iTunes Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\DLM_ITUNES@EMUSIC.COM <br/>[2010/04/21 21:52:10 | 000,000,000 | ---D | M] (eMusic - Nullsoft Winamp Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\DLM_WINAMP@EMUSIC.COM <br/>[2010/04/21 21:52:10 | 000,000,000 | ---D | M] (eMusic - Microsoft Media Player Support) -- C:\PROGRAM FILES (X86)\EMUSIC DOWNLOAD MANAGER\XULRUNNER\EXTENSIONS\DLM_WMP@EMUSIC.COM <br/>[2012/06/16 18:16:54 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll <br/>[2012/03/31 13:04:07 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll <br/>[2011/05/10 01:46:20 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml <br/>[2011/11/10 02:10:13 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml <br/> <br/>[color=#E56717]========== Chrome ==========[/color] <br/> <br/>CHR - default_search_provider: Google (Enabled) <br/>CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} <br/>CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} <br/>CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer <br/>CHR - plugin: Native Client (Enabled) = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll <br/>CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll <br/>CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll <br/>CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll <br/>CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll <br/>CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll <br/>CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll <br/>CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll <br/>CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll <br/>CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll <br/>CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll <br/>CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll <br/>CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll <br/>CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll <br/>CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll <br/>CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll <br/>CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll <br/>CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll <br/>CHR - plugin: eMusic Remote Plugin (Enabled) = C:\Program Files (x86)\eMusic Download Manager\plugin\npemusic.dll <br/>CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll <br/>CHR - plugin: Google Update (Enabled) = C:\Users\Sotheby Chung\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll <br/>CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll <br/>CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll <br/>CHR - Extension: YouTube = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ <br/>CHR - Extension: Google Search = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ <br/>CHR - Extension: Gmail = C:\Users\Sotheby Chung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ <br/> <br/>O1 HOSTS File: ([2012/07/07 19:31:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts <br/>O1 - Hosts: 127.0.0.1 localhost <br/>O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) <br/>O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () <br/>O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com) <br/>O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found. <br/>O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. <br/>O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) <br/>O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) <br/>O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) <br/>O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) <br/>O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com) <br/>O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) <br/>O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () <br/>O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) <br/>O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. <br/>O3 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) <br/>O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) <br/>O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) <br/>O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.) <br/>O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) <br/>O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) <br/>O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) <br/>O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) <br/>O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) <br/>O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) <br/>O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) <br/>O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) <br/>O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) <br/>O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) <br/>O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation) <br/>O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) <br/>O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [Audiogalaxy] C:\Users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe (AG Entertainment Inc) <br/>O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [MysticThumbs] C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe (MysticCoder) <br/>O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe () <br/>O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) <br/>O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) <br/>O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) <br/>O4 - Startup: C:\Users\Sotheby Chung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) <br/>O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 <br/>O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 <br/>O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present <br/>O7 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 <br/>O7 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 <br/>O8:64bit: - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\JC_ALL.HTM () <br/>O8:64bit: - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\JC_LINK.HTM () <br/>O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found <br/>O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () <br/>O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () <br/>O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\JC_ALL.HTM () <br/>O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\JC_LINK.HTM () <br/>O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) <br/>O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) <br/>O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () <br/>O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () <br/>O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () <br/>O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () <br/>O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () <br/>O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () <br/>O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com) <br/>O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com) <br/>O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) <br/>O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) <br/>O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) <br/>O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1) <br/>O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) <br/>O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) <br/>O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1) <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 209.18.47.62 <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D514A2C-2B7B-4E82-9E74-63CB16888888}: DhcpNameServer = 192.168.1.1 209.18.47.62 <br/>O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C97CF07A-B9F5-4DBB-A46A-6EDD1D7159D6}: DhcpNameServer = 192.168.1.1 209.18.47.62 <br/>O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) <br/>O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) <br/>O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) <br/>O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found <br/>O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) <br/>O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found <br/>O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) <br/>O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) <br/>O21:64bit: - SSODL: winlogon - C:\Users\Sotheby Chung\AppData\Roaming\winlogon.exe - No CLSID value found. <br/>O24 - Desktop WallPaper: <br/>O24 - Desktop BackupWallPaper: <br/>O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) <br/>O32 - HKLM CDRom: AutoRun - 1 <br/>O34 - HKLM BootExecute: (autocheck autochk /p \??\H:) <br/>O34 - HKLM BootExecute: (PDBoot.exe) <br/>O34 - HKLM BootExecute: (autocheck autochk *) <br/>O35:64bit: - HKLM\..comfile [open] -- "%1" %* <br/>O35:64bit: - HKLM\..exefile [open] -- "%1" %* <br/>O35 - HKLM\..comfile [open] -- "%1" %* <br/>O35 - HKLM\..exefile [open] -- "%1" %* <br/>O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* <br/>O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O37 - HKLM\...com [@ = ComFile] -- "%1" %* <br/>O37 - HKLM\...exe [@ = exefile] -- "%1" %* <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) <br/>O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) <br/>O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) <br/> <br/> <br/>CREATERESTOREPOINT <br/>Restore point Set: OTL Restore Point <br/> <br/>[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] <br/> <br/>[2012/07/08 12:10:10 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Sotheby Chung\Desktop\OTL.exe <br/>[2012/07/08 02:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\BDJ <br/>[2012/07/08 02:04:48 | 000,000,000 | ---D | C] -- C:\Users\Sotheby Chung\Corel <br/>[2012/07/08 02:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel <br/>[2012/07/08 01:34:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN <br/>[2012/07/07 20:02:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Sotheby Chung\Desktop\dds.scr <br/>[2012/07/07 19:53:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro <br/>[2012/07/07 19:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis <br/>[2012/07/07 19:53:01 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Sotheby Chung\Desktop\HJTInstall.exe <br/>[2012/07/07 19:52:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle <br/>[2012/07/07 19:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee <br/>[2012/07/07 19:30:34 | 000,000,000 | ---D | C] -- C:\Windows\temp <br/>[2012/07/07 19:21:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe <br/>[2012/07/07 19:21:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe <br/>[2012/07/07 19:21:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe <br/>[2012/07/07 19:15:55 | 000,000,000 | ---D | C] -- C:\Qoobox <br/>[2012/07/07 19:15:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt <br/>[2012/07/07 19:14:46 | 004,574,136 | R--- | C] (Swearware) -- C:\Users\Sotheby Chung\Desktop\ComboFix.exe <br/>[2012/07/07 16:33:30 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys <br/>[2012/07/07 16:33:30 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys <br/>[2012/07/07 16:33:30 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys <br/>[2012/07/07 16:33:30 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys <br/>[2012/07/07 16:33:30 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys <br/>[2012/07/07 16:33:30 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys <br/>[2012/07/07 16:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus <br/>[2012/07/07 16:33:18 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe <br/>[2012/07/07 16:33:18 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr <br/>[2012/07/07 16:33:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software <br/>[2012/07/07 16:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner <br/>[2012/07/07 16:00:53 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Sotheby Chung\Desktop\TDSSKiller.exe <br/>[2012/07/07 15:08:27 | 000,000,000 | ---D | C] -- C:\Users\Sotheby Chung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome <br/>[2012/07/07 14:45:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview <br/>[2012/07/07 14:43:25 | 000,000,000 | ---D | C] -- C:\FRST <br/>[2012/07/07 14:38:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders <br/>[2012/07/04 16:06:31 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA% <br/>[2012/06/23 14:39:58 | 000,000,000 | ---D | C] -- C:\Users\Sotheby Chung\AppData\Local\Macromedia <br/>[2011/06/08 02:06:47 | 012,535,496 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe <br/>[2009/07/22 00:33:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Sotheby Chung\AppData\Roaming\pcouffin.sys <br/> <br/>[color=#E56717]========== Files - Modified Within 30 Days ==========[/color] <br/> <br/>[2012/07/08 12:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job <br/>[2012/07/08 12:10:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sotheby Chung\Desktop\OTL.exe <br/>[2012/07/08 11:58:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000UA.job <br/>[2012/07/08 02:07:31 | 000,003,766 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys <br/>[2012/07/08 02:03:19 | 000,000,794 | ---- | M] () -- C:\Users\Public\Desktop\Corel WinDVD.lnk <br/>[2012/07/08 01:34:58 | 000,000,088 | RHS- | M] () -- C:\ProgramData\DEB8B150A7.sys <br/>[2012/07/07 20:02:58 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Sotheby Chung\Desktop\dds.scr <br/>[2012/07/07 19:53:49 | 000,002,093 | ---- | M] () -- C:\Users\Sotheby Chung\Desktop\HijackThis.lnk <br/>[2012/07/07 19:52:58 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Sotheby Chung\Desktop\HJTInstall.exe <br/>[2012/07/07 19:38:48 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 <br/>[2012/07/07 19:38:48 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 <br/>[2012/07/07 19:35:53 | 000,717,260 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI <br/>[2012/07/07 19:35:53 | 000,617,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat <br/>[2012/07/07 19:35:53 | 000,104,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat <br/>[2012/07/07 19:31:55 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts <br/>[2012/07/07 19:31:31 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol <br/>[2012/07/07 19:31:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat <br/>[2012/07/07 19:14:50 | 004,574,136 | R--- | M] (Swearware) -- C:\Users\Sotheby Chung\Desktop\ComboFix.exe <br/>[2012/07/07 16:35:49 | 000,208,552 | ---- | M] () -- C:\Users\Sotheby Chung\Documents\cc_20120707_163524.reg <br/>[2012/07/07 16:33:30 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk <br/>[2012/07/07 16:33:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt <br/>[2012/07/07 15:58:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000Core.job <br/>[2012/07/07 15:53:49 | 000,002,356 | ---- | M] () -- C:\Users\Sotheby Chung\Desktop\Google Chrome.lnk <br/>[2012/07/07 14:52:56 | 003,006,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT <br/>[2012/07/04 22:24:05 | 000,000,496 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job <br/>[2012/07/03 12:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys <br/>[2012/07/03 12:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys <br/>[2012/07/03 12:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys <br/>[2012/07/03 12:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys <br/>[2012/07/03 12:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys <br/>[2012/07/03 12:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys <br/>[2012/07/03 12:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr <br/>[2012/07/03 12:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe <br/>[2012/07/03 12:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe <br/>[2012/07/02 20:01:46 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Sotheby Chung\Desktop\TDSSKiller.exe <br/> <br/>[color=#E56717]========== Files Created - No Company Name ==========[/color] <br/> <br/>[2012/07/08 02:03:18 | 000,000,794 | ---- | C] () -- C:\Users\Public\Desktop\Corel WinDVD.lnk <br/>[2012/07/08 01:34:57 | 000,000,088 | RHS- | C] () -- C:\ProgramData\DEB8B150A7.sys <br/>[2012/07/07 19:53:49 | 000,002,093 | ---- | C] () -- C:\Users\Sotheby Chung\Desktop\HijackThis.lnk <br/>[2012/07/07 19:21:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe <br/>[2012/07/07 19:21:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe <br/>[2012/07/07 19:21:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe <br/>[2012/07/07 19:21:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe <br/>[2012/07/07 19:21:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe <br/>[2012/07/07 16:35:41 | 000,208,552 | ---- | C] () -- C:\Users\Sotheby Chung\Documents\cc_20120707_163524.reg <br/>[2012/07/07 16:33:30 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk <br/>[2012/07/07 15:53:41 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000UA.job <br/>[2012/07/07 15:08:29 | 000,002,356 | ---- | C] () -- C:\Users\Sotheby Chung\Desktop\Google Chrome.lnk <br/>[2012/07/07 15:08:00 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000Core.job <br/>[2012/01/14 05:15:56 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI <br/>[2012/01/11 14:48:15 | 000,002,048 | -HS- | C] () -- C:\Users\Sotheby Chung\AppData\Local\{d9b87c81-5340-e575-0dbc-2810a7f63932}\@ <br/>[2011/11/24 21:12:27 | 000,167,876 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat <br/>[2010/12/10 21:02:46 | 000,098,130 | ---- | C] () -- C:\Users\Sotheby Chung\NYCSERV Payments Confirmation.pdf <br/>[2010/05/17 01:05:20 | 000,003,766 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys <br/>[2010/04/21 22:27:01 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol <br/>[2009/07/22 00:33:18 | 000,007,859 | ---- | C] () -- C:\Users\Sotheby Chung\AppData\Roaming\pcouffin.cat <br/>[2009/07/22 00:33:18 | 000,001,167 | ---- | C] () -- C:\Users\Sotheby Chung\AppData\Roaming\pcouffin.inf <br/> <br/>[color=#E56717]========== LOP Check ==========[/color] <br/> <br/>[2011/06/30 20:18:08 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\LastPass <br/>[2010/08/28 16:36:10 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Any DVD Cloner <br/>[2012/04/14 14:51:11 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Autodesk <br/>[2012/07/07 16:32:52 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Azureus <br/>[2011/07/20 01:08:55 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Chief Architect Premier X3 <br/>[2012/06/16 14:13:02 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\DiskSpaceFan <br/>[2012/07/07 19:32:08 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Dropbox <br/>[2010/04/21 22:04:13 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\eMusic <br/>[2010/04/21 22:04:13 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\FlashGet <br/>[2012/07/07 15:57:01 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\FMZilla <br/>[2012/02/08 01:52:51 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Free MP3 WMA OGG Converter <br/>[2012/04/28 20:27:45 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\iConcertCal <br/>[2010/04/21 22:04:13 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\InterVideo <br/>[2010/10/31 21:07:48 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1 <br/>[2010/04/21 22:04:13 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\JAM Software <br/>[2010/08/21 16:34:55 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Lala Music Mover <br/>[2011/11/26 19:24:44 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\LibreOffice <br/>[2012/04/07 14:52:20 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\MediaMonkey <br/>[2010/10/20 23:47:18 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\PMS <br/>[2012/06/23 14:59:08 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Spotify <br/>[2012/07/07 20:46:02 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\uTorrent <br/>[2010/08/21 16:28:38 | 000,000,000 | ---D | M] -- C:\Users\Sotheby Chung\AppData\Roaming\Vso <br/>[2012/07/04 22:24:05 | 000,000,496 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job <br/>[2012/07/07 15:01:47 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT <br/> <br/>[color=#E56717]========== Purity Check ==========[/color] <br/> <br/> <br/> <br/>[color=#E56717]========== Custom Scans ==========[/color] <br/> <br/>[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] <br/> <br/>[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] <br/>[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe <br/>[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe <br/>[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe <br/>[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe <br/>[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe <br/>[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe <br/>[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe <br/>[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\erdnt\cache86\explorer.exe <br/>[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe <br/>[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe <br/>[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe <br/>[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe <br/>[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe <br/>[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe <br/>[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe <br/> <br/>[color=#A23BEC]< MD5 for: SERVICES.EXE >[/color] <br/>[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe <br/>[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe <br/>[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe <br/> <br/>[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color] <br/>[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe <br/>[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe <br/>[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe <br/>[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe <br/>[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe <br/>[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe <br/>[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe <br/> <br/>[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] <br/>[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe <br/>[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe <br/>[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe <br/>[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe <br/>[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe <br/>[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe <br/>[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe <br/>[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe <br/> <br/>[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] <br/>[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe <br/>[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe <br/>[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe <br/>[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe <br/>[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe <br/>[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe <br/>[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe <br/> <br/>[color=#A23BEC]< MD5 for: WSHELPER.DLL >[/color] <br/>[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll <br/>[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll <br/>[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll <br/>[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll <br/> <br/>[color=#A23BEC]< MD5 for: WSHELPER.DLL.MUI >[/color] <br/>[2009/07/13 22:07:50 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=CD53AEA05D09943FDAA9E6E779D28A26 -- C:\Windows\SysWOW64\en-US\wshelper.dll.mui <br/>[2009/07/13 22:07:50 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=CD53AEA05D09943FDAA9E6E779D28A26 -- C:\Windows\winsxs\x86_microsoft-windows-w..ure-other.resources_31bf3856ad364e35_6.1.7600.16385_en-us_adb3c1d9fa188607\wshelper.dll.mui <br/>[2009/07/13 22:28:32 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=D3C8A35BD4D7F008A7D37AA6F235C8FD -- C:\Windows\SysNative\en-US\wshelper.dll.mui <br/>[2009/07/13 22:28:32 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=D3C8A35BD4D7F008A7D37AA6F235C8FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..ure-other.resources_31bf3856ad364e35_6.1.7600.16385_en-us_09d25d5db275f73d\wshelper.dll.mui <br/> <br/>[color=#A23BEC]< HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /rs >[/color] <br/> <br/>< End of report >
Posted 7/9/2012 5:23 AM
#94106
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
<SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB" lang=EN-GB><?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p> </o:p> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN>We need to run an OTL Fix<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN><BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break"><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN; mso-fareast-font-family: 'Arial Unicode MS'; mso-bidi-font-family: 'Arial Unicode MS'" lang=EN><o:p></o:p> <br/> <br/> <br/><UL type=disc> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN>Please reopen OTL on your desktop.<o:p></o:p></LI> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN>Copy<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN> and <SPAN style="FONT-FAMILY: Verdana">Paste the following in the codebox into the<SPAN style="mso-spacerun: yes"> Custom Scan textbox. <o:p></o:p></LI> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN> <br/><BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break"><o:p></o:p></LI></UL><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN><o:p>[code]<PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><b><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>:<SPAN class=typ><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>Services<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>:<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>OTL <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB>IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN><o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB>FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN><o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB>O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found. <br/> <br/>O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN><o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB>O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN><o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt; mso-ansi-language: EN-GB" lang=EN-GB>O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN><o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>:<SPAN class=typ><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>Reg<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>:<SPAN class=typ><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>Files<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>ipconfig <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>/<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>flushdns <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>/<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>c <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 8pt">C:\ProgramData\DEB8B150A7.sys<BR style="mso-special-character: line-break"> <br/><BR style="mso-special-character: line-break"> <br/><SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN><o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>:<SPAN class=typ><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>Commands<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>[<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>purity<SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>]<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>[<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>resethosts<SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>]<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>[<SPAN class=typ><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>CreateRestorePoint<SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>]<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="TEXT-INDENT: -18pt; MARGIN-LEFT: 36pt; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt left 45.8pt 91.6pt 137.4pt 183.2pt 229.0pt 274.8pt 320.6pt 366.4pt 412.2pt 458.0pt 503.8pt 549.6pt 595.4pt 641.2pt 687.0pt 732.8pt"><SPAN class=pln><SPAN style="FONT-FAMILY: Symbol; mso-ansi-language: EN; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol" lang=EN><SPAN style="mso-list: Ignore">·<SPAN style="FONT: 7pt 'Times New Roman'"> <SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>[<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>emptytemp<SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>]<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p></PRE><PRE style="MARGIN-LEFT: 36pt"><SPAN class=pun><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>[<SPAN class=pln><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 10.0pt; mso-ansi-language: EN" lang=EN>EMPTYFLASH</PRE> <br/>[/code]</o:p></b></PRE> <br/><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN><BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break"><o:p></o:p> <br/> <br/> <br/><UL type=disc> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN>Push<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN><SPAN style="mso-spacerun: yes"> Run Fix Button<o:p></o:p></LI> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; COLOR: red; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN>OTL may ask to reboot the machine. Please do so if asked.<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN><o:p></o:p></LI> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN>Click<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN> OK.<o:p></o:p></LI> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN>A report will open. <SPAN style="FONT-FAMILY: Verdana">Copy and <SPAN style="FONT-FAMILY: Verdana">Paste that report in your next reply.</LI> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN></LI> <br/><LI style="MARGIN: 0cm 0cm 0pt; mso-margin-top-alt: auto; mso-margin-bottom-alt: auto; mso-list: l0 level1 lfo1; tab-stops: list 36.0pt" class=MsoNormal><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN>If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run</LI></UL> <br/><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN" lang=EN> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB>Please download Combofix from: [URL="http://download.bleepingcomputer.com/sUBs/ComboFix.exe"] Here[/URL]<o:p></o:p> <br/> <br/> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><SPAN style="mso-spacerun: yes"> And save to the desktop.<o:p></o:p> <br/> <br/> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><o:p> </o:p> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Arial; FONT-SIZE: 9pt; mso-ansi-language: EN-GB" lang=EN-GB>After the download is complete, perform the following tasks before using the ComboFix tool to scan your PC: <br/>Exit all windows that are currently open on your computer.<o:p></o:p> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Arial; FONT-SIZE: 9pt; mso-ansi-language: EN-GB" lang=EN-GB>To prevent interference, temporarily disable your antivirus, antispyware, firewall and other security tools that may be running on your computer.<o:p></o:p> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 11.0pt; mso-ansi-language: EN-GB" lang=EN-GB><o:p> </o:p> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 11.0pt; mso-ansi-language: EN" lang=EN> <o:p></o:p> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB" lang=EN-GB>Double-click on the combofix icon found on your desktop. <o:p></o:p> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB" lang=EN-GB> <o:p></o:p> <br/> <br/> <br/><B style="mso-bidi-font-weight: normal"><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 11.0pt; mso-ansi-language: EN-GB" lang=EN-GB>Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.<o:p></o:p></B> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 11.0pt; mso-ansi-language: EN-GB" lang=EN-GB> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><SPAN style="mso-spacerun: yes"> When finished, it will produce a logfile located at C:\combofix.txt.<SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><o:p></o:p> <br/> <br/> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB> <SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><o:p></o:p> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 11.0pt; mso-ansi-language: EN-GB" lang=EN-GB> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB>Post the contents of that log in your next reply <o:p></o:p> <br/> <br/> <br/><SPAN class=postbody><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-ansi-language: EN-GB; mso-bidi-font-family: Tahoma" lang=EN-GB><o:p> </o:p> <br/> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: black; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN; mso-fareast-font-family: 'Times New Roman'; mso-fareast-language: DA; mso-bidi-language: AR-SA; mso-bidi-font-family: 'Times New Roman'" lang=EN>The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.<BR style="mso-special-character: line-break"><BR style="mso-special-character: line-break">

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 7/13/2012 5:59 AM
#94134
User avatar

yinzerniner Member

Date Joined Nov 2016
Total Posts: 4
OTL Log: <br/>All processes killed <br/>Error: Unable to interpret <· :Services > in the current context! <br/>Error: Unable to interpret <· :OTL > in the current context! <br/>Error: Unable to interpret <· IE - HKU\S-1-5-21-3386721426-1089896885-116071575-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found> in the current context! <br/>Error: Unable to interpret <· FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found> in the current context! <br/>Error: Unable to interpret <· O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.> in the current context! <br/>Error: Unable to interpret <O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.> in the current context! <br/>Error: Unable to interpret <· O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.> in the current context! <br/>Error: Unable to interpret <· O4 - HKU\S-1-5-21-3386721426-1089896885-116071575-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)> in the current context! <br/>Error: Unable to interpret <· > in the current context! <br/>Error: Unable to interpret <· :Reg > in the current context! <br/>Error: Unable to interpret <· > in the current context! <br/>Error: Unable to interpret <· :Files > in the current context! <br/>Error: Unable to interpret <· ipconfig /flushdns /c > in the current context! <br/>Error: Unable to interpret <· C:\ProgramData\DEB8B150A7.sys> in the current context! <br/>Error: Unable to interpret <· :Commands > in the current context! <br/>Error: Unable to interpret <· [purity] > in the current context! <br/>Error: Unable to interpret <· [resethosts] > in the current context! <br/>Error: Unable to interpret <· [CreateRestorePoint] > in the current context! <br/>Error: Unable to interpret <· [emptytemp] > in the current context! <br/>Error: Unable to interpret <[EMPTYFLASH> in the current context! <br/> <br/>OTL by OldTimer - Version 3.2.53.1 log created on 07102012_010017 <br/> <br/> Combofix Log <br/>Also, Combofix had a few errors during running, like exporting to Qoobox and PEV.exe being killed during the run <br/> <br/>ComboFix 12-07-08.03 - Sotheby Chung 07/11/2012 0:26.2.2 - x64 <br/>Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8159.6279 [GMT -4:00] <br/>Running from: c:\users\Sotheby Chung\Desktop\ComboFix.exe <br/>AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} <br/>SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} <br/>SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} <br/>SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/> * Created a new restore point <br/>. <br/>. <br/>((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>c:\programdata\DEB8B150A7.sys <br/>. <br/>c:\windows\SysWow64\Drivers\atapi.sys . . . is infected!! <br/>. <br/>. <br/>((((((((((((((((((((((((( Files Created from 2012-06-11 to 2012-07-11 ))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>2012-07-11 04:35 . 2012-07-11 04:35 -------- d-----w- c:\users\Guest\AppData\Local\temp <br/>2012-07-11 04:35 . 2012-07-11 04:35 -------- d-----w- c:\users\Default\AppData\Local\temp <br/>2012-07-10 05:00 . 2012-07-10 05:00 -------- d-----w- C:\_OTL <br/>2012-07-08 06:06 . 2012-07-08 06:06 -------- d-----w- c:\programdata\BDJ <br/>2012-07-08 06:04 . 2012-07-08 06:04 -------- d-----w- c:\users\Sotheby Chung\Corel <br/>2012-07-07 23:53 . 2012-07-07 23:53 -------- d-----w- c:\program files (x86)\Trend Micro <br/>2012-07-07 23:52 . 2012-07-07 23:52 -------- d-----w- c:\program files (x86)\Oracle <br/>2012-07-07 23:52 . 2012-05-04 23:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll <br/>2012-07-07 23:52 . 2012-07-07 23:52 -------- d-----w- c:\programdata\McAfee <br/>2012-07-07 20:33 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys <br/>2012-07-07 20:33 . 2012-07-03 16:21 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys <br/>2012-07-07 20:33 . 2012-07-03 16:21 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys <br/>2012-07-07 20:33 . 2012-07-03 16:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys <br/>2012-07-07 20:33 . 2012-07-03 16:21 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys <br/>2012-07-07 20:33 . 2012-07-03 16:21 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys <br/>2012-07-07 20:33 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr <br/>2012-07-07 20:33 . 2012-07-03 16:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe <br/>2012-07-07 20:33 . 2012-07-07 20:33 -------- d-----w- c:\program files\AVAST Software <br/>2012-07-07 20:29 . 2012-07-07 20:29 -------- d-----w- c:\program files\CCleaner <br/>2012-07-07 18:45 . 2012-07-07 18:45 -------- d-----w- c:\windows\system32\SPReview <br/>2012-07-07 18:43 . 2012-07-07 19:12 -------- d-----w- C:\FRST <br/>2012-07-07 18:38 . 2012-07-07 18:38 -------- d-----w- c:\windows\system32\EventProviders <br/>2012-07-04 20:06 . 2012-07-04 20:06 -------- d-sh--w- c:\windows\SysWow64\%APPDATA% <br/>2012-07-04 07:28 . 2012-02-10 05:58 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68A65EF2-2579-4B1F-9A46-8A8A82265EF3}\gapaengine.dll <br/>2012-07-04 07:28 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C10BFCF9-1701-492D-9CEA-8A312DD72A24}\mpengine.dll <br/>2012-07-03 07:28 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll <br/>2012-06-23 18:39 . 2012-06-23 18:39 -------- d-----w- c:\users\Sotheby Chung\AppData\Local\Macromedia <br/>2012-06-21 17:44 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll <br/>2012-06-21 17:44 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll <br/>2012-06-21 17:44 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe <br/>2012-06-21 17:44 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll <br/>2012-06-21 17:44 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll <br/>2012-06-21 17:44 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll <br/>2012-06-21 17:44 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll <br/>2012-06-21 17:44 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll <br/>2012-06-21 17:44 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe <br/>2012-06-14 07:28 . 2012-02-10 05:58 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{35B81FBD-0A5B-4A7E-B73D-CCAEC5539E34}\gapaengine.dll <br/>2012-06-13 04:16 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll <br/>2012-06-13 04:16 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll <br/>2012-06-13 04:16 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe <br/>2012-06-13 04:16 . 2012-05-04 11:06 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe <br/>2012-06-13 04:16 . 2012-05-04 10:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe <br/>2012-06-13 04:16 . 2012-05-04 10:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe <br/>2012-06-13 04:16 . 2012-05-15 01:32 3146752 ----a-w- c:\windows\system32\win32k.sys <br/>2012-06-13 04:16 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys <br/>. <br/>. <br/>. <br/>(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>2012-07-08 06:07 . 2010-05-17 05:05 3766 --sha-w- c:\programdata\KGyGaAvL.sys <br/>2012-07-07 18:43 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll <br/>2012-07-07 18:43 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll <br/>2012-07-03 16:21 . 2011-02-01 03:58 285328 ----a-w- c:\windows\system32\aswBoot.exe <br/>2012-06-23 18:15 . 2012-04-13 03:41 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe <br/>2012-06-23 18:15 . 2011-05-29 06:12 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl <br/>2012-05-22 06:53 . 2012-02-13 06:51 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll <br/>2012-05-22 06:53 . 2012-02-13 06:51 34688 ----a-w- c:\windows\system32\LMIport.dll <br/>2012-05-22 06:53 . 2012-02-13 06:51 80768 ----a-w- c:\windows\system32\LMIinit.dll <br/>2012-05-04 23:29 . 2011-06-12 23:51 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll <br/>2011-06-08 06:06 . 2011-06-08 06:06 12535496 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe <br/>. <br/>. <br/>((((((((((((((((((((((((((((( SnapShot@2012-07-07_23.32.14 ))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>+ 2010-04-22 04:50 . 2012-07-10 05:03 53340 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin <br/>+ 2009-07-14 05:10 . 2012-07-10 05:03 45422 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin <br/>+ 2010-04-22 03:28 . 2012-07-10 05:03 13014 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3386721426-1089896885-116071575-1000_UserData.bin <br/>- 2010-04-22 01:48 . 2012-07-07 23:31 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat <br/>+ 2010-04-22 01:48 . 2012-07-10 10:51 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat <br/>- 2010-04-22 01:48 . 2012-07-07 23:31 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat <br/>+ 2010-04-22 01:48 . 2012-07-10 10:51 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat <br/>+ 2009-07-14 04:54 . 2012-07-10 10:51 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat <br/>- 2009-07-14 04:54 . 2012-07-07 23:31 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat <br/>+ 2009-07-14 04:46 . 2012-07-10 05:03 91408 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat <br/>- 2012-07-07 23:31 . 2012-07-07 23:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat <br/>+ 2012-07-10 05:01 . 2012-07-10 05:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat <br/>- 2012-07-07 23:31 . 2012-07-07 23:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat <br/>+ 2012-07-10 05:01 . 2012-07-10 05:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat <br/>+ 2011-06-12 23:51 . 2012-05-04 23:29 227720 c:\windows\SysWOW64\javaws.exe <br/>+ 2011-06-12 23:51 . 2012-07-07 23:52 174064 c:\windows\SysWOW64\javaw.exe <br/>+ 2011-06-12 23:51 . 2012-07-07 23:52 174064 c:\windows\SysWOW64\java.exe <br/>- 2009-07-14 04:54 . 2012-07-07 23:31 638976 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat <br/>+ 2009-07-14 04:54 . 2012-07-11 02:04 638976 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat <br/>+ 2010-04-22 02:11 . 2012-07-09 06:38 106896 c:\windows\SysWOW64\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT <br/>+ 2009-07-14 02:36 . 2012-07-11 04:08 617460 c:\windows\system32\perfh009.dat <br/>- 2009-07-14 02:36 . 2012-07-07 23:23 617460 c:\windows\system32\perfh009.dat <br/>+ 2009-07-14 02:36 . 2012-07-11 04:08 104702 c:\windows\system32\perfc009.dat <br/>- 2009-07-14 02:36 . 2012-07-07 23:23 104702 c:\windows\system32\perfc009.dat <br/>+ 2009-07-14 05:01 . 2012-07-10 05:00 428104 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat <br/>+ 2011-05-26 04:44 . 2012-07-10 05:00 428104 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3386721426-1089896885-116071575-1000-12288.dat <br/>+ 2012-03-18 14:34 . 2012-07-10 05:00 490960 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat <br/>+ 2012-07-07 23:53 . 2012-07-07 23:53 179200 c:\windows\Installer\13c192.msi <br/>+ 2012-07-07 23:52 . 2012-07-07 23:52 461312 c:\windows\Installer\13c184.msi <br/>+ 2012-07-08 06:03 . 2012-07-08 06:03 139264 c:\windows\Installer\{33017152-D6EA-46DD-93E0-7D2679CCBB51}\ARPPRODUCTICON.exe <br/>+ 2009-07-14 04:54 . 2012-07-11 02:04 3686400 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat <br/>- 2009-07-14 04:54 . 2012-07-07 23:31 3686400 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat <br/>+ 2009-07-14 04:45 . 2012-07-10 05:01 3012528 c:\windows\system32\FNTCACHE.DAT <br/>+ 2009-07-14 04:45 . 2012-07-10 05:03 7150416 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat <br/>- 2009-07-14 04:45 . 2012-07-07 19:04 7150416 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat <br/>+ 2011-02-24 17:47 . 2011-02-24 17:47 6498304 c:\windows\Installer\1645be1.msi <br/>+ 2005-09-23 11:48 . 2005-09-23 11:48 2483200 c:\windows\Installer\1645bd8.msi <br/>+ 2009-07-14 04:54 . 2012-07-11 02:04 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat <br/>- 2009-07-14 04:54 . 2012-07-07 23:31 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat <br/>+ 2012-07-07 23:52 . 2012-07-07 23:52 17379328 c:\windows\Installer\13c180.msi <br/>. <br/>((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) <br/>. <br/>. <br/>*Note* empty entries & legit default entries are not shown <br/>REGEDIT4 <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] <br/>@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] <br/>2011-02-18 05:12 94208 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] <br/>@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] <br/>2011-02-18 05:12 94208 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] <br/>@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] <br/>2011-02-18 05:12 94208 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] <br/>@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] <br/>2011-02-18 05:12 94208 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll <br/>. <br/>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] <br/>"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] <br/>"SUPERAntiSpyware"="c:\program files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-08-03 2424192] <br/>"Audiogalaxy"="c:\users\Sotheby Chung\AppData\Local\Audiogalaxy\Audiogalaxy.exe" [2011-12-18 2955496] <br/>"MysticThumbs"="c:\program files\MysticCoder\MysticThumbs\MysticThumbsTray.exe" [2011-06-23 6235648] <br/>"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-04-14 879984] <br/>"Spotify Web Helper"="c:\program files (x86)\Spotify\Data\SpotifyWebHelper.exe" [2012-05-20 932528] <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] <br/>"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] <br/>"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288] <br/>"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-05 98304] <br/>"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-09-02 80384] <br/>"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] <br/>"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] <br/>"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] <br/>"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376] <br/>"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888] <br/>"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240] <br/>"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736] <br/>"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976] <br/>"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296] <br/>. <br/>c:\users\Sotheby Chung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>Dropbox.lnk - c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] <br/>. <br/>c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ <br/>Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-1-24 1069608] <br/>Polar WebSync.lnk - c:\windows\Installer\{1A1F27A2-599F-46BC-B904-1053B3A4CFEB}\WebSync.exe2_4B58E052B1C94BE0AC42D7A472F5A651.exe [2009-7-18 147456] <br/>Spyder3Utility.lnk - c:\program files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe [N/A] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] <br/>"ConsentPromptBehaviorAdmin"= 0 (0x0) <br/>"ConsentPromptBehaviorUser"= 3 (0x3) <br/>"EnableLUA"= 0 (0x0) <br/>"EnableUIADesktopToggle"= 0 (0x0) <br/>"PromptOnSecureDesktop"= 0 (0x0) <br/>. <br/>[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] <br/>"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files (x86)\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] <br/>2009-12-12 06:45 548352 ----a-w- c:\program files (x86)\SUPERAntiSpyware\SASWINLO.DLL <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] <br/>2009-07-14 15:15 98304 ------w- c:\windows\System32\VESWinlogon.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] <br/>BootExecute REG_MULTI_SZ autocheck autochk /p \??\h:\0pdboot.exe\0autocheck autochk * <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] <br/>@="Service" <br/>. <br/>R1 SASDIFSV;SASDIFSV;c:\program files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-25 12872] <br/>R1 SASKUTIL;SASKUTIL;c:\program files (x86)\SUPERAntiSpyware\SASKUTIL.sys [2010-12-06 67656] <br/>R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-05-25 2151128] <br/>R2 Polar Daemon;Polar Daemon;c:\program files (x86)\Polar\Daemon\polard.exe [2009-06-15 163840] <br/>R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992] <br/>R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016] <br/>R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056] <br/>R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-03-29 1038088] <br/>R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120] <br/>R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688] <br/>R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] <br/>R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2011-05-06 19936] <br/>R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2011-05-06 13280] <br/>R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840] <br/>R3 SASENUM;SASENUM;c:\program files (x86)\SUPERAntiSpyware\SASENUM.SYS [2010-02-25 12872] <br/>R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-17 120104] <br/>R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-17 70952] <br/>R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-17 427304] <br/>R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-17 75048] <br/>R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-17 91432] <br/>R3 Spyder3;Datacolor Spyder3;c:\windows\system32\DRIVERS\Spyder3.sys [2007-12-12 15360] <br/>R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] <br/>R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-22 1255736] <br/>S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [2011-01-21 37456] <br/>S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-05-25 69376] <br/>S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280] <br/>S1 aswSnx;aswSnx; [x] <br/>S1 aswSP;aswSP; [x] <br/>S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-01 203264] <br/>S2 aswFsBlk;aswFsBlk; [x] <br/>S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064] <br/>S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-05-22 375176] <br/>S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928] <br/>S2 MediaMall Server;MediaMall Server;c:\program files (x86)\MediaMall\MediaMallServer.exe [2011-05-27 4407152] <br/>S2 PDFSFilter;PDFSFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2011-06-06 79888] <br/>S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-06-08 301720] <br/>S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112] <br/>S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-09-03 189984] <br/>S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] <br/>S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960] <br/>S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-24 19968] <br/>S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2008-08-01 300032] <br/>S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-09-09 5435904] <br/>S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2009-04-15 11392] <br/>S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] <br/>S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120] <br/>. <br/>. <br/>--- Other Services/Drivers In Memory --- <br/>. <br/>*Deregistered* - AvgTdiA <br/>. <br/>Contents of the 'Scheduled Tasks' folder <br/>. <br/>2012-07-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job <br/>- c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-05-25 06:00] <br/>. <br/>2012-07-11 c:\windows\Tasks\Adobe Flash Player Updater.job <br/>- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 18:15] <br/>. <br/>2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000Core.job <br/>- c:\users\Sotheby Chung\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-07 19:08] <br/>. <br/>2012-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3386721426-1089896885-116071575-1000UA.job <br/>- c:\users\Sotheby Chung\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-07 19:08] <br/>. <br/>. <br/>--------- X64 Entries ----------- <br/>. <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] <br/>@="{472083B0-C522-11CF-8763-00608CC02F24}" <br/>[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] <br/>2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] <br/>@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] <br/>2011-02-18 05:12 97792 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] <br/>@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] <br/>2011-02-18 05:12 97792 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] <br/>@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] <br/>2011-02-18 05:12 97792 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] <br/>@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" <br/>[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] <br/>2011-02-18 05:12 97792 ----a-w- c:\users\Sotheby Chung\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <br/>"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-09-18 152576] <br/>"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-03 7938080] <br/>"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-09-03 1833504] <br/>"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-08-13 415752] <br/>"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-08-13 4195848] <br/>"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928] <br/>"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] <br/>. <br/>------- Supplementary Scan ------- <br/>. <br/>uLocal Page = c:\windows\system32\blank.htm <br/>mLocal Page = c:\windows\SysWOW64\blank.htm <br/>uInternet Settings,ProxyOverride = <local>;*.local <br/>IE: &Download All with FlashGet - c:\program files (x86)\FlashGet\jc_all.htm <br/>IE: &Download with FlashGet - c:\program files (x86)\FlashGet\jc_link.htm <br/>IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 <br/>IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html <br/>IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html <br/>IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html <br/>IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html <br/>IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm <br/>IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm <br/>TCP: DhcpNameServer = 192.168.1.1 209.18.47.62 <br/>FF - ProfilePath - c:\users\Sotheby Chung\AppData\Roaming\Mozilla\Firefox\Profiles\63hj64j2.default\ <br/>FF - prefs.js: browser.startup.homepage - hxxp://www.nytimes.com/ <br/>FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= <br/>FF - prefs.js: network.proxy.type - 0 <br/>. <br/>- - - - ORPHANS REMOVED - - - - <br/>. <br/>URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) <br/>Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) <br/>WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) <br/>SSODL-winlogon REG_SZ c:\users\Sotheby Chung\AppData\Roaming\winlogon.exe- - (no file) <br/>. <br/>. <br/>. <br/>--------------------- LOCKED REGISTRY KEYS --------------------- <br/>. <br/>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*] <br/>"Licence0"="04F0D21-79D8-7A25-D702-433F" <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] <br/>@Denied: (A) (Users) <br/>@Denied: (A) (Everyone) <br/>@Allowed: (B 1 2 3 4 5) (S-1-5-20) <br/>"BlindDial"=dword:00000001 <br/>. <br/>[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] <br/>@Denied: (Full) (Everyone) <br/>. <br/>Completion time: 2012-07-11 00:39:31 <br/>ComboFix-quarantined-files.txt 2012-07-11 04:39 <br/>ComboFix2.txt 2012-07-07 23:37 <br/>. <br/>Pre-Run: 21,309,313,024 bytes free <br/>Post-Run: 20,362,739,712 bytes free <br/>. <br/>- - End Of File - - BCAC42F22643C202E1AB70272A0FFDC6
Posted 7/14/2012 9:16 AM
#94138
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Looks like atapi.sys areinfected. <br/> <br/><br /><br /> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: #333333; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB" lang=EN-GB><?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p> </o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: #333333; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB" lang=EN-GB>Click <SPAN style="FONT-FAMILY: Verdana; COLOR: #333333; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt"><SPAN style="mso-ansi-language: EN-GB" lang=EN-GB>[color=#0000ff>http://support.kaspersky.com/downloads/utils/tdsskiller.zip</FONT>[/url]<SPAN] <o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: #333333; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB" lang=EN-GB>and download Kaspersky's TDSSKiller to your desktop, then unzip that and place a copy of the TDSSKiller.exe file on your desktop. Then click that to open the scanner. <br/> <br/>In the display that opens click Start scan. Once that completes, follow any prompts to act on anything it located, including as reboot if requested. <br/> <br/>When the scan completes it will create a log file on your C drive. <br/> <br/>Similar in name to this: <br/> <br/>C:\TDSSKiller. (numbers) log.txt <br/> <br/><SPAN style="mso-spacerun: yes"> <br/>Copy/paste those contents back here please. <br/> <br/>----------- <br/> <br/>Also click <SPAN style="FONT-FAMILY: Verdana; COLOR: #333333; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt"><SPAN style="mso-ansi-language: EN-GB" lang=EN-GB><FONT color=#0000ff>http://ad13.geekstogo.com/MBRCheck.exe[/color]<SPAN style="FONT-FAMILY: Verdana; COLOR: #333333; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB" lang=EN-GB> <o:p></o:p> <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: #333333; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB" lang=EN-GB>to download AD13's MBRCheck.exe. Then right click that file, and select "Run as administrator". <br/> <br/><SPAN style="FONT-FAMILY: Verdana; COLOR: #333333; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB" lang=EN-GB>Follow the prompts, and post back here the log it should have created on your desktop.<SPAN style="FONT-FAMILY: Verdana; FONT-SIZE: 9pt; mso-bidi-font-size: 12.0pt; mso-ansi-language: EN-GB" lang=EN-GB><o:p></o:p> <br/> <br/><br /><br />

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 7/15/2012 8:27 PM
#94145
User avatar

yinzerniner Member

Date Joined Nov 2016
Total Posts: 4
Here is the TDSS Killer log. It said it did not find any malicious objects <br/> <br/>15:27:12.0592 41292 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35 <br/>15:27:12.0939 41292 ============================================================ <br/>15:27:12.0939 41292 Current date / time: 2012/07/15 15:27:12.0939 <br/>15:27:12.0939 41292 SystemInfo: <br/>15:27:12.0939 41292 <br/>15:27:12.0939 41292 OS Version: 6.1.7601 ServicePack: 1.0 <br/>15:27:12.0939 41292 Product type: Workstation <br/>15:27:12.0940 41292 ComputerName: SOTHEBYSVAIO <br/>15:27:12.0940 41292 UserName: Sotheby Chung <br/>15:27:12.0940 41292 Windows directory: C:\Windows <br/>15:27:12.0940 41292 System windows directory: C:\Windows <br/>15:27:12.0940 41292 Running under WOW64 <br/>15:27:12.0940 41292 Processor architecture: Intel x64 <br/>15:27:12.0940 41292 Number of processors: 2 <br/>15:27:12.0941 41292 Page size: 0x1000 <br/>15:27:12.0941 41292 Boot type: Normal boot <br/>15:27:12.0941 41292 ============================================================ <br/>15:27:13.0170 41292 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 <br/>15:27:13.0175 41292 Drive \Device\Harddisk1\DR1 - Size: 0x1D9800000 (7.40 Gb), SectorSize: 0x200, Cylinders: 0x3C208, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x1, Type 'W' <br/>15:27:13.0201 41292 Drive \Device\Harddisk3\DR3 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' <br/>15:27:13.0214 41292 ============================================================ <br/>15:27:13.0214 41292 \Device\Harddisk0\DR0: <br/>15:27:13.0214 41292 MBR partitions: <br/>15:27:13.0214 41292 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14C0000, BlocksNum 0x1AA62FD3 <br/>15:27:13.0214 41292 \Device\Harddisk1\DR1: <br/>15:27:13.0215 41292 MBR partitions: <br/>15:27:13.0215 41292 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xECC000 <br/>15:27:13.0215 41292 \Device\Harddisk3\DR3: <br/>15:27:13.0215 41292 MBR partitions: <br/>15:27:13.0215 41292 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2 <br/>15:27:13.0215 41292 ============================================================ <br/>15:27:13.0248 41292 K: <-> \Device\Harddisk3\DR3\Partition0 <br/>15:27:13.0251 41292 C: <-> \Device\Harddisk0\DR0\Partition0 <br/>15:27:13.0251 41292 ============================================================ <br/>15:27:13.0251 41292 Initialize success <br/>15:27:13.0251 41292 ============================================================ <br/>15:27:23.0758 31884 ============================================================ <br/>15:27:23.0758 31884 Scan started <br/>15:27:23.0758 31884 Mode: Manual; <br/>15:27:23.0758 31884 ============================================================ <br/>15:27:24.0236 31884 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys <br/>15:27:24.0239 31884 1394ohci - ok <br/>15:27:24.0247 31884 ACDaemon (fee588cdf60f2b541b5a3e803fa938a1) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe <br/>15:27:24.0249 31884 ACDaemon - ok <br/>15:27:24.0263 31884 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys <br/>15:27:24.0266 31884 ACPI - ok <br/>15:27:24.0270 31884 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys <br/>15:27:24.0271 31884 AcpiPmi - ok <br/>15:27:24.0278 31884 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys <br/>15:27:24.0280 31884 adfs - ok <br/>15:27:24.0294 31884 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe <br/>15:27:24.0297 31884 Adobe Version Cue CS4 - ok <br/>15:27:24.0328 31884 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>15:27:24.0331 31884 AdobeFlashPlayerUpdateSvc - ok <br/>15:27:24.0350 31884 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys <br/>15:27:24.0355 31884 adp94xx - ok <br/>15:27:24.0369 31884 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys <br/>15:27:24.0373 31884 adpahci - ok <br/>15:27:24.0382 31884 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys <br/>15:27:24.0384 31884 adpu320 - ok <br/>15:27:24.0392 31884 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll <br/>15:27:24.0394 31884 AeLookupSvc - ok <br/>15:27:24.0415 31884 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys <br/>15:27:24.0419 31884 AFD - ok <br/>15:27:24.0425 31884 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys <br/>15:27:24.0426 31884 agp440 - ok <br/>15:27:24.0432 31884 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe <br/>15:27:24.0434 31884 ALG - ok <br/>15:27:24.0438 31884 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys <br/>15:27:24.0439 31884 aliide - ok <br/>15:27:24.0451 31884 AMD External Events Utility (bcc32bf5ebb5dfd4380fa053d3651949) C:\Windows\system32\atiesrxx.exe <br/>15:27:24.0454 31884 AMD External Events Utility - ok <br/>15:27:24.0459 31884 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys <br/>15:27:24.0460 31884 amdide - ok <br/>15:27:24.0465 31884 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys <br/>15:27:24.0467 31884 AmdK8 - ok <br/>15:27:24.0472 31884 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys <br/>15:27:24.0474 31884 AmdPPM - ok <br/>15:27:24.0480 31884 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys <br/>15:27:24.0482 31884 amdsata - ok <br/>15:27:24.0491 31884 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys <br/>15:27:24.0493 31884 amdsbs - ok <br/>15:27:24.0498 31884 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys <br/>15:27:24.0500 31884 amdxata - ok <br/>15:27:24.0509 31884 ApfiltrService (22fecb5b3de1eb8b1b2761338922f681) C:\Windows\system32\DRIVERS\Apfiltr.sys <br/>15:27:24.0512 31884 ApfiltrService - ok <br/>15:27:24.0520 31884 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys <br/>15:27:24.0521 31884 AppID - ok <br/>15:27:24.0525 31884 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll <br/>15:27:24.0526 31884 AppIDSvc - ok <br/>15:27:24.0533 31884 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll <br/>15:27:24.0534 31884 Appinfo - ok <br/>15:27:24.0541 31884 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>15:27:24.0542 31884 Apple Mobile Device - ok <br/>15:27:24.0551 31884 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys <br/>15:27:24.0552 31884 arc - ok <br/>15:27:24.0559 31884 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys <br/>15:27:24.0561 31884 arcsas - ok <br/>15:27:24.0566 31884 ArcSoftKsUFilter (1ce3822b05a5e229286a15ea39369870) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys <br/>15:27:24.0567 31884 ArcSoftKsUFilter - ok <br/>15:27:24.0571 31884 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys <br/>15:27:24.0572 31884 aswFsBlk - ok <br/>15:27:24.0578 31884 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys <br/>15:27:24.0579 31884 aswMonFlt - ok <br/>15:27:24.0585 31884 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys <br/>15:27:24.0586 31884 aswRdr - ok <br/>15:27:24.0615 31884 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys <br/>15:27:24.0624 31884 aswSnx - ok <br/>15:27:24.0638 31884 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys <br/>15:27:24.0642 31884 aswSP - ok <br/>15:27:24.0648 31884 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys <br/>15:27:24.0650 31884 aswTdi - ok <br/>15:27:24.0653 31884 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys <br/>15:27:24.0655 31884 AsyncMac - ok <br/>15:27:24.0659 31884 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys <br/>15:27:24.0660 31884 atapi - ok <br/>15:27:24.0919 31884 atikmdag (a29087680a1c3b049e3c05438e8ff2b8) C:\Windows\system32\DRIVERS\atikmdag.sys <br/>15:27:25.0003 31884 atikmdag - ok <br/>15:27:25.0063 31884 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll <br/>15:27:25.0070 31884 AudioEndpointBuilder - ok <br/>15:27:25.0076 31884 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll <br/>15:27:25.0080 31884 AudioSrv - ok <br/>15:27:25.0086 31884 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>15:27:25.0087 31884 avast! Antivirus - ok <br/>15:27:25.0096 31884 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll <br/>15:27:25.0098 31884 AxInstSV - ok <br/>15:27:25.0120 31884 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys <br/>15:27:25.0125 31884 b06bdrv - ok <br/>15:27:25.0137 31884 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys <br/>15:27:25.0140 31884 b57nd60a - ok <br/>15:27:25.0150 31884 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll <br/>15:27:25.0152 31884 BDESVC - ok <br/>15:27:25.0155 31884 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys <br/>15:27:25.0156 31884 Beep - ok <br/>15:27:25.0186 31884 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll <br/>15:27:25.0193 31884 BFE - ok <br/>15:27:25.0227 31884 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll <br/>15:27:25.0237 31884 BITS - ok <br/>15:27:25.0245 31884 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys <br/>15:27:25.0247 31884 blbdrive - ok <br/>15:27:25.0266 31884 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe <br/>15:27:25.0271 31884 Bonjour Service - ok <br/>15:27:25.0276 31884 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys <br/>15:27:25.0278 31884 bowser - ok <br/>15:27:25.0282 31884 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys <br/>15:27:25.0284 31884 BrFiltLo - ok <br/>15:27:25.0287 31884 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys <br/>15:27:25.0288 31884 BrFiltUp - ok <br/>15:27:25.0296 31884 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys <br/>15:27:25.0298 31884 BridgeMP - ok <br/>15:27:25.0305 31884 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll <br/>15:27:25.0307 31884 Browser - ok <br/>15:27:25.0319 31884 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys <br/>15:27:25.0322 31884 Brserid - ok <br/>15:27:25.0327 31884 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys <br/>15:27:25.0328 31884 BrSerWdm - ok <br/>15:27:25.0332 31884 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys <br/>15:27:25.0333 31884 BrUsbMdm - ok <br/>15:27:25.0337 31884 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys <br/>15:27:25.0338 31884 BrUsbSer - ok <br/>15:27:25.0344 31884 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys <br/>15:27:25.0345 31884 BthEnum - ok <br/>15:27:25.0351 31884 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys <br/>15:27:25.0353 31884 BTHMODEM - ok <br/>15:27:25.0360 31884 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys <br/>15:27:25.0363 31884 BthPan - ok <br/>15:27:25.0382 31884 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys <br/>15:27:25.0388 31884 BTHPORT - ok <br/>15:27:25.0394 31884 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll <br/>15:27:25.0396 31884 bthserv - ok <br/>15:27:25.0402 31884 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys <br/>15:27:25.0403 31884 BTHUSB - ok <br/>15:27:25.0436 31884 btwdins (f28dab823fcda98f50dd677552a4dc52) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe <br/>15:27:25.0441 31884 btwdins - ok <br/>15:27:25.0444 31884 catchme - ok <br/>15:27:25.0461 31884 CAXHWAZL (fdb53a8d3bc52dc29884587e768e3388) C:\Windows\system32\DRIVERS\CAXHWAZL.sys <br/>15:27:25.0465 31884 CAXHWAZL - ok <br/>15:27:25.0471 31884 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys <br/>15:27:25.0473 31884 cdfs - ok <br/>15:27:25.0481 31884 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys <br/>15:27:25.0483 31884 cdrom - ok <br/>15:27:25.0489 31884 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll <br/>15:27:25.0491 31884 CertPropSvc - ok <br/>15:27:25.0496 31884 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys <br/>15:27:25.0497 31884 circlass - ok <br/>15:27:25.0514 31884 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys <br/>15:27:25.0518 31884 CLFS - ok <br/>15:27:25.0525 31884 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe <br/>15:27:25.0526 31884 clr_optimization_v2.0.50727_32 - ok <br/>15:27:25.0534 31884 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe <br/>15:27:25.0535 31884 clr_optimization_v2.0.50727_64 - ok <br/>15:27:25.0539 31884 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys <br/>15:27:25.0541 31884 CmBatt - ok <br/>15:27:25.0545 31884 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys <br/>15:27:25.0546 31884 cmdide - ok <br/>15:27:25.0564 31884 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys <br/>15:27:25.0569 31884 CNG - ok <br/>15:27:25.0577 31884 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys <br/>15:27:25.0578 31884 Compbatt - ok <br/>15:27:25.0583 31884 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys <br/>15:27:25.0584 31884 CompositeBus - ok <br/>15:27:25.0587 31884 COMSysApp - ok <br/>15:27:25.0592 31884 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys <br/>15:27:25.0594 31884 crcdisk - ok <br/>15:27:25.0605 31884 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll <br/>15:27:25.0608 31884 CryptSvc - ok <br/>15:27:25.0632 31884 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll <br/>15:27:25.0639 31884 DcomLaunch - ok <br/>15:27:25.0647 31884 DefragFS (952ac62074718c8f04f053e5073eeb45) C:\Windows\system32\drivers\DefragFS.sys <br/>15:27:25.0649 31884 DefragFS - ok <br/>15:27:25.0662 31884 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll <br/>15:27:25.0666 31884 defragsvc - ok <br/>15:27:25.0673 31884 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys <br/>15:27:25.0675 31884 DfsC - ok <br/>15:27:25.0692 31884 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll <br/>15:27:25.0696 31884 Dhcp - ok <br/>15:27:25.0702 31884 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys <br/>15:27:25.0703 31884 discache - ok <br/>15:27:25.0709 31884 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys <br/>15:27:25.0710 31884 Disk - ok <br/>15:27:25.0720 31884 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll <br/>15:27:25.0723 31884 Dnscache - ok <br/>15:27:25.0735 31884 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll <br/>15:27:25.0738 31884 dot3svc - ok <br/>15:27:25.0747 31884 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll <br/>15:27:25.0750 31884 DPS - ok <br/>15:27:25.0754 31884 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys <br/>15:27:25.0755 31884 drmkaud - ok <br/>15:27:25.0792 31884 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys <br/>15:27:25.0801 31884 DXGKrnl - ok <br/>15:27:25.0809 31884 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll <br/>15:27:25.0811 31884 EapHost - ok <br/>15:27:25.0957 31884 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys <br/>15:27:25.0997 31884 ebdrv - ok <br/>15:27:26.0031 31884 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe <br/>15:27:26.0034 31884 EFS - ok <br/>15:27:26.0064 31884 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe <br/>15:27:26.0072 31884 ehRecvr - ok <br/>15:27:26.0081 31884 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe <br/>15:27:26.0084 31884 ehSched - ok <br/>15:27:26.0114 31884 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys <br/>15:27:26.0119 31884 elxstor - ok <br/>15:27:26.0123 31884 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys <br/>15:27:26.0124 31884 ErrDev - ok <br/>15:27:26.0148 31884 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll <br/>15:27:26.0153 31884 EventSystem - ok <br/>15:27:26.0163 31884 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys <br/>15:27:26.0166 31884 exfat - ok <br/>15:27:26.0176 31884 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys <br/>15:27:26.0179 31884 fastfat - ok <br/>15:27:26.0207 31884 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe <br/>15:27:26.0215 31884 Fax - ok <br/>15:27:26.0219 31884 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys <br/>15:27:26.0220 31884 fdc - ok <br/>15:27:26.0224 31884 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll <br/>15:27:26.0226 31884 fdPHost - ok <br/>15:27:26.0231 31884 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll <br/>15:27:26.0233 31884 FDResPub - ok <br/>15:27:26.0239 31884 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys <br/>15:27:26.0241 31884 FileInfo - ok <br/>15:27:26.0246 31884 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys <br/>15:27:26.0247 31884 Filetrace - ok <br/>15:27:26.0275 31884 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe <br/>15:27:26.0279 31884 FLEXnet Licensing Service - ok <br/>15:27:26.0318 31884 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe <br/>15:27:26.0328 31884 FLEXnet Licensing Service 64 - ok <br/>15:27:26.0359 31884 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys <br/>15:27:26.0360 31884 flpydisk - ok <br/>15:27:26.0374 31884 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys <br/>15:27:26.0377 31884 FltMgr - ok <br/>15:27:26.0428 31884 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll <br/>15:27:26.0451 31884 FontCache - ok <br/>15:27:26.0458 31884 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe <br/>15:27:26.0461 31884 FontCache3.0.0.0 - ok <br/>15:27:26.0470 31884 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys <br/>15:27:26.0472 31884 FsDepends - ok <br/>15:27:26.0477 31884 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys <br/>15:27:26.0479 31884 Fs_Rec - ok <br/>15:27:26.0491 31884 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys <br/>15:27:26.0494 31884 fvevol - ok <br/>15:27:26.0499 31884 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys <br/>15:27:26.0501 31884 gagp30kx - ok <br/>15:27:26.0506 31884 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys <br/>15:27:26.0507 31884 GEARAspiWDM - ok <br/>15:27:26.0534 31884 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll <br/>15:27:26.0543 31884 gpsvc - ok <br/>15:27:26.0551 31884 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe <br/>15:27:26.0554 31884 gusvc - ok <br/>15:27:26.0558 31884 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys <br/>15:27:26.0559 31884 hcw85cir - ok <br/>15:27:26.0574 31884 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys <br/>15:27:26.0578 31884 HdAudAddService - ok <br/>15:27:26.0585 31884 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys <br/>15:27:26.0587 31884 HDAudBus - ok <br/>15:27:26.0593 31884 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys <br/>15:27:26.0595 31884 HidBatt - ok <br/>15:27:26.0601 31884 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys <br/>15:27:26.0603 31884 HidBth - ok <br/>15:27:26.0607 31884 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys <br/>15:27:26.0609 31884 HidIr - ok <br/>15:27:26.0613 31884 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll <br/>15:27:26.0616 31884 hidserv - ok <br/>15:27:26.0621 31884 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys <br/>15:27:26.0622 31884 HidUsb - ok <br/>15:27:26.0628 31884 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll <br/>15:27:26.0631 31884 hkmsvc - ok <br/>15:27:26.0641 31884 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll <br/>15:27:26.0645 31884 HomeGroupListener - ok <br/>15:27:26.0655 31884 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll <br/>15:27:26.0660 31884 HomeGroupProvider - ok <br/>15:27:26.0664 31884 hotcore3 - ok <br/>15:27:26.0671 31884 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys <br/>15:27:26.0673 31884 HpSAMD - ok <br/>15:27:26.0723 31884 HSF_DPV (e90d0e3d9715f3bec7db2d6321dddee8) C:\Windows\system32\DRIVERS\CAX_DPV.sys <br/>15:27:26.0737 31884 HSF_DPV - ok <br/>15:27:26.0789 31884 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys <br/>15:27:26.0796 31884 HTTP - ok <br/>15:27:26.0800 31884 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys <br/>15:27:26.0801 31884 hwpolicy - ok <br/>15:27:26.0809 31884 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys <br/>15:27:26.0811 31884 i8042prt - ok <br/>15:27:26.0830 31884 iaStor (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys <br/>15:27:26.0833 31884 iaStor - ok <br/>15:27:26.0849 31884 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys <br/>15:27:26.0854 31884 iaStorV - ok <br/>15:27:26.0884 31884 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe <br/>15:27:26.0893 31884 idsvc - ok <br/>15:27:26.0899 31884 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys <br/>15:27:26.0900 31884 iirsp - ok <br/>15:27:26.0931 31884 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll <br/>15:27:26.0941 31884 IKEEXT - ok <br/>15:27:27.0025 31884 IntcAzAudAddService (b16fc828ce7a76a8f1ce682e6ead2627) C:\Windows\system32\drivers\RTKVHD64.sys <br/>15:27:27.0039 31884 IntcAzAudAddService - ok <br/>15:27:27.0076 31884 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys <br/>15:27:27.0077 31884 intelide - ok <br/>15:27:27.0085 31884 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys <br/>15:27:27.0087 31884 intelppm - ok <br/>15:27:27.0095 31884 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll <br/>15:27:27.0099 31884 IPBusEnum - ok <br/>15:27:27.0108 31884 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys <br/>15:27:27.0110 31884 IpFilterDriver - ok <br/>15:27:27.0134 31884 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll <br/>15:27:27.0141 31884 iphlpsvc - ok <br/>15:27:27.0147 31884 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys <br/>15:27:27.0148 31884 IPMIDRV - ok <br/>15:27:27.0155 31884 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys <br/>15:27:27.0157 31884 IPNAT - ok <br/>15:27:27.0193 31884 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe <br/>15:27:27.0202 31884 iPod Service - ok <br/>15:27:27.0207 31884 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys <br/>15:27:27.0208 31884 IRENUM - ok <br/>15:27:27.0213 31884 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys <br/>15:27:27.0214 31884 isapnp - ok <br/>15:27:27.0227 31884 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys <br/>15:27:27.0230 31884 iScsiPrt - ok <br/>15:27:27.0239 31884 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe <br/>15:27:27.0240 31884 IviRegMgr - ok <br/>15:27:27.0245 31884 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys <br/>15:27:27.0247 31884 kbdclass - ok <br/>15:27:27.0252 31884 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys <br/>15:27:27.0253 31884 kbdhid - ok <br/>15:27:27.0257 31884 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:27:27.0260 31884 KeyIso - ok <br/>15:27:27.0266 31884 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys <br/>15:27:27.0268 31884 KSecDD - ok <br/>15:27:27.0276 31884 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys <br/>15:27:27.0279 31884 KSecPkg - ok <br/>15:27:27.0284 31884 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys <br/>15:27:27.0285 31884 ksthunk - ok <br/>15:27:27.0299 31884 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll <br/>15:27:27.0305 31884 KtmRm - ok <br/>15:27:27.0316 31884 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll <br/>15:27:27.0321 31884 LanmanServer - ok <br/>15:27:27.0329 31884 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll <br/>15:27:27.0334 31884 LanmanWorkstation - ok <br/>15:27:27.0399 31884 Lavasoft Ad-Aware Service (5ee22a614300a61136faf2d047d6e927) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe <br/>15:27:27.0411 31884 Lavasoft Ad-Aware Service - ok <br/>15:27:27.0445 31884 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys <br/>15:27:27.0447 31884 Lbd - ok <br/>15:27:27.0456 31884 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys <br/>15:27:27.0458 31884 lltdio - ok <br/>15:27:27.0472 31884 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll <br/>15:27:27.0477 31884 lltdsvc - ok <br/>15:27:27.0481 31884 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll <br/>15:27:27.0483 31884 lmhosts - ok <br/>15:27:27.0500 31884 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe <br/>15:27:27.0502 31884 LMIGuardianSvc - ok <br/>15:27:27.0506 31884 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys <br/>15:27:27.0507 31884 LMIInfo - ok <br/>15:27:27.0516 31884 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe <br/>15:27:27.0517 31884 LMIMaint - ok <br/>15:27:27.0522 31884 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys <br/>15:27:27.0523 31884 lmimirr - ok <br/>15:27:27.0528 31884 LMIRfsClientNP - ok <br/>15:27:27.0535 31884 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys <br/>15:27:27.0537 31884 LMIRfsDriver - ok <br/>15:27:27.0553 31884 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe <br/>15:27:27.0556 31884 LogMeIn - ok <br/>15:27:27.0566 31884 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys <br/>15:27:27.0568 31884 LSI_FC - ok <br/>15:27:27.0574 31884 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys <br/>15:27:27.0576 31884 LSI_SAS - ok <br/>15:27:27.0582 31884 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys <br/>15:27:27.0583 31884 LSI_SAS2 - ok <br/>15:27:27.0590 31884 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys <br/>15:27:27.0592 31884 LSI_SCSI - ok <br/>15:27:27.0600 31884 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys <br/>15:27:27.0602 31884 luafv - ok <br/>15:27:27.0609 31884 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll <br/>15:27:27.0612 31884 Mcx2Svc - ok <br/>15:27:27.0616 31884 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys <br/>15:27:27.0618 31884 mdmxsdk - ok <br/>15:27:27.0805 31884 MediaMall Server (4f35064ed1ad8386bf6eb09d6e2cea79) C:\Program Files (x86)\MediaMall\MediaMallServer.exe <br/>15:27:27.0834 31884 MediaMall Server - ok <br/>15:27:27.0869 31884 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys <br/>15:27:27.0871 31884 megasas - ok <br/>15:27:27.0883 31884 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys <br/>15:27:27.0886 31884 MegaSR - ok <br/>15:27:27.0892 31884 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll <br/>15:27:27.0896 31884 MMCSS - ok <br/>15:27:27.0901 31884 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys <br/>15:27:27.0902 31884 Modem - ok <br/>15:27:27.0907 31884 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys <br/>15:27:27.0909 31884 monitor - ok <br/>15:27:27.0914 31884 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys <br/>15:27:27.0916 31884 mouclass - ok <br/>15:27:27.0920 31884 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys <br/>15:27:27.0922 31884 mouhid - ok <br/>15:27:27.0929 31884 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys <br/>15:27:27.0930 31884 mountmgr - ok <br/>15:27:27.0939 31884 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>15:27:27.0941 31884 MozillaMaintenance - ok <br/>15:27:27.0953 31884 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys <br/>15:27:27.0956 31884 MpFilter - ok <br/>15:27:27.0965 31884 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys <br/>15:27:27.0967 31884 mpio - ok <br/>15:27:27.0974 31884 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys <br/>15:27:27.0976 31884 mpsdrv - ok <br/>15:27:28.0003 31884 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll <br/>15:27:28.0009 31884 MpsSvc - ok <br/>15:27:28.0018 31884 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys <br/>15:27:28.0020 31884 MRxDAV - ok <br/>15:27:28.0028 31884 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys <br/>15:27:28.0031 31884 mrxsmb - ok <br/>15:27:28.0043 31884 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys <br/>15:27:28.0047 31884 mrxsmb10 - ok <br/>15:27:28.0055 31884 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys <br/>15:27:28.0057 31884 mrxsmb20 - ok <br/>15:27:28.0062 31884 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys <br/>15:27:28.0063 31884 msahci - ok <br/>15:27:28.0071 31884 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys <br/>15:27:28.0073 31884 msdsm - ok <br/>15:27:28.0081 31884 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe <br/>15:27:28.0085 31884 MSDTC - ok <br/>15:27:28.0091 31884 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys <br/>15:27:28.0093 31884 Msfs - ok <br/>15:27:28.0097 31884 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys <br/>15:27:28.0098 31884 mshidkmdf - ok <br/>15:27:28.0103 31884 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys <br/>15:27:28.0104 31884 msisadrv - ok <br/>15:27:28.0113 31884 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll <br/>15:27:28.0116 31884 MSiSCSI - ok <br/>15:27:28.0119 31884 msiserver - ok <br/>15:27:28.0125 31884 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys <br/>15:27:28.0127 31884 MSKSSRV - ok <br/>15:27:28.0132 31884 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys <br/>15:27:28.0133 31884 MSPCLOCK - ok <br/>15:27:28.0137 31884 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys <br/>15:27:28.0138 31884 MSPQM - ok <br/>15:27:28.0154 31884 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys <br/>15:27:28.0158 31884 MsRPC - ok <br/>15:27:28.0166 31884 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys <br/>15:27:28.0167 31884 mssmbios - ok <br/>15:27:28.0171 31884 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys <br/>15:27:28.0173 31884 MSTEE - ok <br/>15:27:28.0178 31884 msvad_simple (c83829c280f0207677b7aaa151ef9c4d) C:\Windows\system32\drivers\povrtdev.sys <br/>15:27:28.0179 31884 msvad_simple - ok <br/>15:27:28.0184 31884 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys <br/>15:27:28.0185 31884 MTConfig - ok <br/>15:27:28.0191 31884 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys <br/>15:27:28.0192 31884 Mup - ok <br/>15:27:28.0211 31884 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll <br/>15:27:28.0218 31884 napagent - ok <br/>15:27:28.0233 31884 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys <br/>15:27:28.0237 31884 NativeWifiP - ok <br/>15:27:28.0267 31884 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys <br/>15:27:28.0277 31884 NDIS - ok <br/>15:27:28.0282 31884 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys <br/>15:27:28.0284 31884 NdisCap - ok <br/>15:27:28.0288 31884 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys <br/>15:27:28.0289 31884 NdisTapi - ok <br/>15:27:28.0294 31884 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys <br/>15:27:28.0296 31884 Ndisuio - ok <br/>15:27:28.0306 31884 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys <br/>15:27:28.0308 31884 NdisWan - ok <br/>15:27:28.0315 31884 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys <br/>15:27:28.0316 31884 NDProxy - ok <br/>15:27:28.0321 31884 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys <br/>15:27:28.0323 31884 NetBIOS - ok <br/>15:27:28.0336 31884 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys <br/>15:27:28.0339 31884 NetBT - ok <br/>15:27:28.0344 31884 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:27:28.0346 31884 Netlogon - ok <br/>15:27:28.0361 31884 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll <br/>15:27:28.0367 31884 Netman - ok <br/>15:27:28.0387 31884 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll <br/>15:27:28.0393 31884 netprofm - ok <br/>15:27:28.0400 31884 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe <br/>15:27:28.0402 31884 NetTcpPortSharing - ok <br/>15:27:28.0559 31884 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys <br/>15:27:28.0608 31884 netw5v64 - ok <br/>15:27:28.0648 31884 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys <br/>15:27:28.0649 31884 nfrd960 - ok <br/>15:27:28.0657 31884 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys <br/>15:27:28.0659 31884 NisDrv - ok <br/>15:27:28.0673 31884 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe <br/>15:27:28.0676 31884 NisSrv - ok <br/>15:27:28.0691 31884 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll <br/>15:27:28.0696 31884 NlaSvc - ok <br/>15:27:28.0702 31884 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys <br/>15:27:28.0703 31884 Npfs - ok <br/>15:27:28.0708 31884 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll <br/>15:27:28.0711 31884 nsi - ok <br/>15:27:28.0715 31884 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys <br/>15:27:28.0716 31884 nsiproxy - ok <br/>15:27:28.0802 31884 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys <br/>15:27:28.0827 31884 Ntfs - ok <br/>15:27:28.0862 31884 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys <br/>15:27:28.0864 31884 Null - ok <br/>15:27:28.0875 31884 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys <br/>15:27:28.0878 31884 nvraid - ok <br/>15:27:28.0890 31884 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys <br/>15:27:28.0893 31884 nvstor - ok <br/>15:27:28.0902 31884 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys <br/>15:27:28.0905 31884 nv_agp - ok <br/>15:27:28.0912 31884 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys <br/>15:27:28.0914 31884 ohci1394 - ok <br/>15:27:28.0930 31884 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll <br/>15:27:28.0935 31884 p2pimsvc - ok <br/>15:27:28.0954 31884 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll <br/>15:27:28.0961 31884 p2psvc - ok <br/>15:27:28.0968 31884 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys <br/>15:27:28.0970 31884 Parport - ok <br/>15:27:28.0976 31884 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys <br/>15:27:28.0978 31884 partmgr - ok <br/>15:27:28.0989 31884 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll <br/>15:27:28.0993 31884 PcaSvc - ok <br/>15:27:29.0004 31884 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys <br/>15:27:29.0006 31884 pci - ok <br/>15:27:29.0011 31884 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys <br/>15:27:29.0012 31884 pciide - ok <br/>15:27:29.0023 31884 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys <br/>15:27:29.0025 31884 pcmcia - ok <br/>15:27:29.0032 31884 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys <br/>15:27:29.0033 31884 pcw - ok <br/>15:27:29.0106 31884 PDAgent (1963155b9d5c22e66f2f7729cd0a6238) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe <br/>15:27:29.0125 31884 PDAgent - ok <br/>15:27:29.0237 31884 PDEngine (a817f42ca419a7fffc813b393e45173c) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe <br/>15:27:29.0259 31884 PDEngine - ok <br/>15:27:29.0295 31884 PDFSFilter (751500cefa3d3b7a7fcb52c392f3be78) C:\Windows\system32\DRIVERS\PDFsFilter.sys <br/>15:27:29.0297 31884 PDFSFilter - ok <br/>15:27:29.0327 31884 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys <br/>15:27:29.0334 31884 PEAUTH - ok <br/>15:27:29.0359 31884 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe <br/>15:27:29.0361 31884 PerfHost - ok <br/>15:27:29.0421 31884 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll <br/>15:27:29.0437 31884 pla - ok <br/>15:27:29.0456 31884 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll <br/>15:27:29.0462 31884 PlugPlay - ok <br/>15:27:29.0467 31884 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll <br/>15:27:29.0470 31884 PNRPAutoReg - ok <br/>15:27:29.0487 31884 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll <br/>15:27:29.0491 31884 PNRPsvc - ok <br/>15:27:29.0502 31884 Polar Daemon (8a2b3e18d0a2d2536ba304bc465ebeb1) C:\Program Files (x86)\Polar\Daemon\polard.exe <br/>15:27:29.0503 31884 Polar Daemon - ok <br/>15:27:29.0525 31884 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll <br/>15:27:29.0531 31884 PolicyAgent - ok <br/>15:27:29.0543 31884 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll <br/>15:27:29.0547 31884 Power - ok <br/>15:27:29.0558 31884 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys <br/>15:27:29.0560 31884 PptpMiniport - ok <br/>15:27:29.0566 31884 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys <br/>15:27:29.0568 31884 Processor - ok <br/>15:27:29.0580 31884 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll <br/>15:27:29.0584 31884 ProfSvc - ok <br/>15:27:29.0589 31884 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:27:29.0592 31884 ProtectedStorage - ok <br/>15:27:29.0601 31884 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys <br/>15:27:29.0603 31884 Psched - ok <br/>15:27:29.0614 31884 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe <br/>15:27:29.0615 31884 PSI_SVC_2 - ok <br/>15:27:29.0620 31884 pwdrvio (da3964d8fb8798dc741abaca9ed1b99d) C:\Windows\system32\pwdrvio.sys <br/>15:27:29.0624 31884 pwdrvio - ok <br/>15:27:29.0631 31884 pwdspio (a55ed5a63d0178a41ea05ac50a60f89a) C:\Windows\system32\pwdspio.sys <br/>15:27:29.0634 31884 pwdspio - ok <br/>15:27:29.0640 31884 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys <br/>15:27:29.0642 31884 PxHlpa64 - ok <br/>15:27:29.0688 31884 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys <br/>15:27:29.0703 31884 ql2300 - ok <br/>15:27:29.0737 31884 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys <br/>15:27:29.0739 31884 ql40xx - ok <br/>15:27:29.0751 31884 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll <br/>15:27:29.0756 31884 QWAVE - ok <br/>15:27:29.0762 31884 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys <br/>15:27:29.0763 31884 QWAVEdrv - ok <br/>15:27:29.0767 31884 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys <br/>15:27:29.0769 31884 RasAcd - ok <br/>15:27:29.0774 31884 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys <br/>15:27:29.0776 31884 RasAgileVpn - ok <br/>15:27:29.0784 31884 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll <br/>15:27:29.0788 31884 RasAuto - ok <br/>15:27:29.0796 31884 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys <br/>15:27:29.0798 31884 Rasl2tp - ok <br/>15:27:29.0813 31884 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll <br/>15:27:29.0819 31884 RasMan - ok <br/>15:27:29.0826 31884 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys <br/>15:27:29.0828 31884 RasPppoe - ok <br/>15:27:29.0834 31884 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys <br/>15:27:29.0836 31884 RasSstp - ok <br/>15:27:29.0849 31884 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys <br/>15:27:29.0853 31884 rdbss - ok <br/>15:27:29.0858 31884 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys <br/>15:27:29.0859 31884 rdpbus - ok <br/>15:27:29.0863 31884 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys <br/>15:27:29.0864 31884 RDPCDD - ok <br/>15:27:29.0871 31884 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys <br/>15:27:29.0872 31884 RDPENCDD - ok <br/>15:27:29.0879 31884 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys <br/>15:27:29.0879 31884 RDPREFMP - ok <br/>15:27:29.0890 31884 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys <br/>15:27:29.0893 31884 RDPWD - ok <br/>15:27:29.0904 31884 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys <br/>15:27:29.0908 31884 rdyboost - ok <br/>15:27:29.0912 31884 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys <br/>15:27:29.0914 31884 regi - ok <br/>15:27:29.0921 31884 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll <br/>15:27:29.0924 31884 RemoteAccess - ok <br/>15:27:29.0933 31884 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll <br/>15:27:29.0937 31884 RemoteRegistry - ok <br/>15:27:29.0946 31884 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys <br/>15:27:29.0948 31884 RFCOMM - ok <br/>15:27:29.0956 31884 rimsptsk (7eae3999b94a8ce60bfbaa83462b89a1) C:\Windows\system32\DRIVERS\rimssn64.sys <br/>15:27:29.0958 31884 rimsptsk - ok <br/>15:27:29.0965 31884 risdptsk (fa6d7cd63ad08a01d9259f58e0c5c09e) C:\Windows\system32\DRIVERS\risdsn64.sys <br/>15:27:29.0967 31884 risdptsk - ok <br/>15:27:29.0982 31884 Roxio UPnP Renderer 10 (d02e5a46f77c182ca1964080bcd586f7) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe <br/>15:27:29.0984 31884 Roxio UPnP Renderer 10 - ok <br/>15:27:30.0000 31884 Roxio Upnp Server 10 (e5809597278802d09273ee07b5fc56e1) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe <br/>15:27:30.0002 31884 Roxio Upnp Server 10 - ok <br/>15:27:30.0008 31884 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll <br/>15:27:30.0012 31884 RpcEptMapper - ok <br/>15:27:30.0017 31884 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe <br/>15:27:30.0019 31884 RpcLocator - ok <br/>15:27:30.0040 31884 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll <br/>15:27:30.0046 31884 RpcSs - ok <br/>15:27:30.0056 31884 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys <br/>15:27:30.0057 31884 rspndr - ok <br/>15:27:30.0069 31884 RTHDMIAzAudService (34f05c417f038ffa3bef69b798d7d7dd) C:\Windows\system32\drivers\RtHDMIVX.sys <br/>15:27:30.0072 31884 RTHDMIAzAudService - ok <br/>15:27:30.0083 31884 RtkAudioService (01e6a1e53e39a0b1e2b6ae62bf52e8ec) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe <br/>15:27:30.0084 31884 RtkAudioService - ok <br/>15:27:30.0089 31884 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:27:30.0092 31884 SamSs - ok <br/>15:27:30.0097 31884 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS <br/>15:27:30.0099 31884 SASDIFSV - ok <br/>15:27:30.0102 31884 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS <br/>15:27:30.0103 31884 SASENUM - ok <br/>15:27:30.0109 31884 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys <br/>15:27:30.0110 31884 SASKUTIL - ok <br/>15:27:30.0117 31884 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys <br/>15:27:30.0119 31884 sbp2port - ok <br/>15:27:30.0163 31884 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>15:27:30.0175 31884 SBSDWSCService - ok <br/>15:27:30.0185 31884 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll <br/>15:27:30.0189 31884 SCardSvr - ok <br/>15:27:30.0196 31884 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys <br/>15:27:30.0198 31884 scfilter - ok <br/>15:27:30.0236 31884 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll <br/>15:27:30.0249 31884 Schedule - ok <br/>15:27:30.0256 31884 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll <br/>15:27:30.0257 31884 SCPolicySvc - ok <br/>15:27:30.0270 31884 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll <br/>15:27:30.0276 31884 SDRSVC - ok <br/>15:27:30.0285 31884 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys <br/>15:27:30.0287 31884 secdrv - ok <br/>15:27:30.0292 31884 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll <br/>15:27:30.0295 31884 seclogon - ok <br/>15:27:30.0302 31884 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll <br/>15:27:30.0305 31884 SENS - ok <br/>15:27:30.0310 31884 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll <br/>15:27:30.0314 31884 SensrSvc - ok <br/>15:27:30.0318 31884 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys <br/>15:27:30.0320 31884 Serenum - ok <br/>15:27:30.0326 31884 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys <br/>15:27:30.0328 31884 Serial - ok <br/>15:27:30.0333 31884 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys <br/>15:27:30.0334 31884 sermouse - ok <br/>15:27:30.0348 31884 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll <br/>15:27:30.0353 31884 SessionEnv - ok <br/>15:27:30.0357 31884 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys <br/>15:27:30.0358 31884 SFEP - ok <br/>15:27:30.0363 31884 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys <br/>15:27:30.0365 31884 sffdisk - ok <br/>15:27:30.0369 31884 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys <br/>15:27:30.0371 31884 sffp_mmc - ok <br/>15:27:30.0375 31884 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys <br/>15:27:30.0376 31884 sffp_sd - ok <br/>15:27:30.0381 31884 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys <br/>15:27:30.0382 31884 sfloppy - ok <br/>15:27:30.0399 31884 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll <br/>15:27:30.0404 31884 SharedAccess - ok <br/>15:27:30.0419 31884 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll <br/>15:27:30.0425 31884 ShellHWDetection - ok <br/>15:27:30.0431 31884 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys <br/>15:27:30.0432 31884 SiSRaid2 - ok <br/>15:27:30.0438 31884 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys <br/>15:27:30.0440 31884 SiSRaid4 - ok <br/>15:27:30.0449 31884 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys <br/>15:27:30.0451 31884 Smb - ok <br/>15:27:30.0458 31884 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe <br/>15:27:30.0461 31884 SNMPTRAP - ok <br/>15:27:30.0470 31884 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe <br/>15:27:30.0472 31884 SOHCImp - ok <br/>15:27:30.0478 31884 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe <br/>15:27:30.0479 31884 SOHDBSvr - ok <br/>15:27:30.0494 31884 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe <br/>15:27:30.0499 31884 SOHDms - ok <br/>15:27:30.0504 31884 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe <br/>15:27:30.0506 31884 SOHDs - ok <br/>15:27:30.0511 31884 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe <br/>15:27:30.0513 31884 SOHPlMgr - ok <br/>15:27:30.0518 31884 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys <br/>15:27:30.0519 31884 spldr - ok <br/>15:27:30.0540 31884 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe <br/>15:27:30.0549 31884 Spooler - ok <br/>15:27:30.0658 31884 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe <br/>15:27:30.0693 31884 sppsvc - ok <br/>15:27:30.0726 31884 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll <br/>15:27:30.0729 31884 sppuinotify - ok <br/>15:27:30.0737 31884 Spyder3 (d8b882c520fc83547e22014ff5ec66d7) C:\Windows\system32\DRIVERS\Spyder3.sys <br/>15:27:30.0739 31884 Spyder3 - ok <br/>15:27:30.0759 31884 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys <br/>15:27:30.0764 31884 srv - ok <br/>15:27:30.0782 31884 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys <br/>15:27:30.0787 31884 srv2 - ok <br/>15:27:30.0797 31884 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys <br/>15:27:30.0799 31884 srvnet - ok <br/>15:27:30.0811 31884 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll <br/>15:27:30.0816 31884 SSDPSRV - ok <br/>15:27:30.0823 31884 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll <br/>15:27:30.0826 31884 SstpSvc - ok <br/>15:27:30.0831 31884 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys <br/>15:27:30.0833 31884 stexstor - ok <br/>15:27:30.0857 31884 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll <br/>15:27:30.0866 31884 stisvc - ok <br/>15:27:30.0871 31884 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys <br/>15:27:30.0872 31884 swenum - ok <br/>15:27:30.0894 31884 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll <br/>15:27:30.0902 31884 swprv - ok <br/>15:27:30.0965 31884 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll <br/>15:27:30.0983 31884 SysMain - ok <br/>15:27:31.0015 31884 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll <br/>15:27:31.0019 31884 TabletInputService - ok <br/>15:27:31.0033 31884 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll <br/>15:27:31.0039 31884 TapiSrv - ok <br/>15:27:31.0046 31884 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll <br/>15:27:31.0050 31884 TBS - ok <br/>15:27:31.0143 31884 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys <br/>15:27:31.0170 31884 Tcpip - ok <br/>15:27:31.0279 31884 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys <br/>15:27:31.0294 31884 TCPIP6 - ok <br/>15:27:31.0334 31884 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys <br/>15:27:31.0336 31884 tcpipreg - ok <br/>15:27:31.0342 31884 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys <br/>15:27:31.0344 31884 TDPIPE - ok <br/>15:27:31.0349 31884 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys <br/>15:27:31.0350 31884 TDTCP - ok <br/>15:27:31.0358 31884 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys <br/>15:27:31.0361 31884 tdx - ok <br/>15:27:31.0367 31884 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys <br/>15:27:31.0369 31884 TermDD - ok <br/>15:27:31.0398 31884 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll <br/>15:27:31.0408 31884 TermService - ok <br/>15:27:31.0413 31884 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll <br/>15:27:31.0417 31884 Themes - ok <br/>15:27:31.0424 31884 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll <br/>15:27:31.0426 31884 THREADORDER - ok <br/>15:27:31.0435 31884 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll <br/>15:27:31.0439 31884 TrkWks - ok <br/>15:27:31.0451 31884 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe <br/>15:27:31.0453 31884 TrustedInstaller - ok <br/>15:27:31.0461 31884 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys <br/>15:27:31.0463 31884 tssecsrv - ok <br/>15:27:31.0469 31884 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys <br/>15:27:31.0471 31884 TsUsbFlt - ok <br/>15:27:31.0483 31884 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys <br/>15:27:31.0486 31884 tunnel - ok <br/>15:27:31.0494 31884 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys <br/>15:27:31.0495 31884 uagp35 - ok <br/>15:27:31.0506 31884 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe <br/>15:27:31.0507 31884 uCamMonitor - ok <br/>15:27:31.0523 31884 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys <br/>15:27:31.0527 31884 udfs - ok <br/>15:27:31.0538 31884 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe <br/>15:27:31.0542 31884 UI0Detect - ok <br/>15:27:31.0547 31884 UimBus (49b13845f0dbe39b47fc91dc46b2170a) C:\Windows\system32\DRIVERS\uimx64.sys <br/>15:27:31.0549 31884 UimBus - ok <br/>15:27:31.0573 31884 Uim_IM (dd46bec773c011eaa5e502c43a73a1cc) C:\Windows\system32\Drivers\Uim_IMx64.sys <br/>15:27:31.0579 31884 Uim_IM - ok <br/>15:27:31.0585 31884 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys <br/>15:27:31.0587 31884 uliagpkx - ok <br/>15:27:31.0592 31884 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys <br/>15:27:31.0594 31884 umbus - ok <br/>15:27:31.0599 31884 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys <br/>15:27:31.0601 31884 UmPass - ok <br/>15:27:31.0618 31884 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll <br/>15:27:31.0625 31884 upnphost - ok <br/>15:27:31.0634 31884 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys <br/>15:27:31.0636 31884 USBAAPL64 - ok <br/>15:27:31.0644 31884 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys <br/>15:27:31.0646 31884 usbaudio - ok <br/>15:27:31.0652 31884 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys <br/>15:27:31.0654 31884 usbccgp - ok <br/>15:27:31.0664 31884 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys <br/>15:27:31.0666 31884 usbcir - ok <br/>15:27:31.0672 31884 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys <br/>15:27:31.0674 31884 usbehci - ok <br/>15:27:31.0688 31884 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys <br/>15:27:31.0692 31884 usbhub - ok <br/>15:27:31.0697 31884 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys <br/>15:27:31.0699 31884 usbohci - ok <br/>15:27:31.0704 31884 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys <br/>15:27:31.0705 31884 usbprint - ok <br/>15:27:31.0712 31884 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS <br/>15:27:31.0714 31884 USBSTOR - ok <br/>15:27:31.0719 31884 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys <br/>15:27:31.0721 31884 usbuhci - ok <br/>15:27:31.0731 31884 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys <br/>15:27:31.0734 31884 usbvideo - ok <br/>15:27:31.0739 31884 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll <br/>15:27:31.0743 31884 UxSms - ok <br/>15:27:31.0749 31884 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:27:31.0751 31884 VaultSvc - ok <br/>15:27:31.0756 31884 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys <br/>15:27:31.0758 31884 vdrvroot - ok <br/>15:27:31.0777 31884 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe <br/>15:27:31.0785 31884 vds - ok <br/>15:27:31.0791 31884 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys <br/>15:27:31.0792 31884 vga - ok <br/>15:27:31.0797 31884 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys <br/>15:27:31.0799 31884 VgaSave - ok <br/>15:27:31.0810 31884 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys <br/>15:27:31.0813 31884 vhdmp - ok <br/>15:27:31.0818 31884 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys <br/>15:27:31.0819 31884 viaide - ok <br/>15:27:31.0825 31884 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys <br/>15:27:31.0827 31884 volmgr - ok <br/>15:27:31.0843 31884 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys <br/>15:27:31.0847 31884 volmgrx - ok <br/>15:27:31.0860 31884 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys <br/>15:27:31.0864 31884 volsnap - ok <br/>15:27:31.0874 31884 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys <br/>15:27:31.0876 31884 vsmraid - ok <br/>15:27:31.0926 31884 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe <br/>15:27:31.0944 31884 VSS - ok <br/>15:27:31.0975 31884 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys <br/>15:27:31.0976 31884 vwifibus - ok <br/>15:27:31.0995 31884 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll <br/>15:27:32.0002 31884 W32Time - ok <br/>15:27:32.0009 31884 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys <br/>15:27:32.0011 31884 WacomPen - ok <br/>15:27:32.0018 31884 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys <br/>15:27:32.0020 31884 WANARP - ok <br/>15:27:32.0024 31884 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys <br/>15:27:32.0025 31884 Wanarpv6 - ok <br/>15:27:32.0071 31884 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe <br/>15:27:32.0083 31884 WatAdminSvc - ok <br/>15:27:32.0141 31884 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe <br/>15:27:32.0158 31884 wbengine - ok <br/>15:27:32.0194 31884 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll <br/>15:27:32.0200 31884 WbioSrvc - ok <br/>15:27:32.0217 31884 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll <br/>15:27:32.0224 31884 wcncsvc - ok <br/>15:27:32.0230 31884 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll <br/>15:27:32.0233 31884 WcsPlugInService - ok <br/>15:27:32.0241 31884 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys <br/>15:27:32.0243 31884 Wd - ok <br/>15:27:32.0273 31884 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys <br/>15:27:32.0280 31884 Wdf01000 - ok <br/>15:27:32.0290 31884 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll <br/>15:27:32.0295 31884 WdiServiceHost - ok <br/>15:27:32.0298 31884 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll <br/>15:27:32.0302 31884 WdiSystemHost - ok <br/>15:27:32.0316 31884 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll <br/>15:27:32.0322 31884 WebClient - ok <br/>15:27:32.0334 31884 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll <br/>15:27:32.0339 31884 Wecsvc - ok <br/>15:27:32.0347 31884 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll <br/>15:27:32.0350 31884 wercplsupport - ok <br/>15:27:32.0358 31884 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll <br/>15:27:32.0362 31884 WerSvc - ok <br/>15:27:32.0370 31884 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys <br/>15:27:32.0371 31884 WfpLwf - ok <br/>15:27:32.0380 31884 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys <br/>15:27:32.0383 31884 WimFltr - ok <br/>15:27:32.0388 31884 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys <br/>15:27:32.0389 31884 WIMMount - ok <br/>15:27:32.0415 31884 winachsf (057b062cf9a11e04db45b8c3afc28b11) C:\Windows\system32\DRIVERS\CAX_CNXT.sys <br/>15:27:32.0422 31884 winachsf - ok <br/>15:27:32.0428 31884 WinDefend - ok <br/>15:27:32.0435 31884 WinHttpAutoProxySvc - ok <br/>15:27:32.0453 31884 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll <br/>15:27:32.0455 31884 Winmgmt - ok <br/>15:27:32.0540 31884 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll <br/>15:27:32.0568 31884 WinRM - ok <br/>15:27:32.0614 31884 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys <br/>15:27:32.0616 31884 WinUsb - ok <br/>15:27:32.0662 31884 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll <br/>15:27:32.0674 31884 Wlansvc - ok <br/>15:27:32.0681 31884 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys <br/>15:27:32.0683 31884 WmiAcpi - ok <br/>15:27:32.0701 31884 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe <br/>15:27:32.0703 31884 wmiApSrv - ok <br/>15:27:32.0708 31884 WMPNetworkSvc - ok <br/>15:27:32.0715 31884 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll <br/>15:27:32.0719 31884 WPCSvc - ok <br/>15:27:32.0727 31884 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll <br/>15:27:32.0732 31884 WPDBusEnum - ok <br/>15:27:32.0737 31884 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys <br/>15:27:32.0738 31884 ws2ifsl - ok <br/>15:27:32.0746 31884 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll <br/>15:27:32.0750 31884 wscsvc - ok <br/>15:27:32.0754 31884 WSearch - ok <br/>15:27:32.0839 31884 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll <br/>15:27:32.0864 31884 wuauserv - ok <br/>15:27:32.0900 31884 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys <br/>15:27:32.0902 31884 WudfPf - ok <br/>15:27:32.0913 31884 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys <br/>15:27:32.0916 31884 WUDFRd - ok <br/>15:27:32.0923 31884 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll <br/>15:27:32.0928 31884 wudfsvc - ok <br/>15:27:32.0941 31884 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll <br/>15:27:32.0945 31884 WwanSvc - ok <br/>15:27:32.0950 31884 XAudio (638c99d993afab0e1fab226e2bbe6d79) C:\Windows\system32\DRIVERS\xaudio64.sys <br/>15:27:32.0952 31884 XAudio - ok <br/>15:27:32.0974 31884 XAudioService (3e775f0bd28ddeff53d78578b97a3cff) C:\Windows\system32\DRIVERS\xaudio64.exe <br/>15:27:32.0978 31884 XAudioService - ok <br/>15:27:33.0000 31884 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys <br/>15:27:33.0005 31884 yukonw7 - ok <br/>15:27:33.0015 31884 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 <br/>15:27:33.0142 31884 \Device\Harddisk0\DR0 - ok <br/>15:27:33.0170 31884 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1 <br/>15:27:33.0177 31884 \Device\Harddisk1\DR1 - ok <br/>15:27:33.0185 31884 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3 <br/>15:27:33.0193 31884 \Device\Harddisk3\DR3 - ok <br/>15:27:33.0200 31884 Boot (0x1200) (97d1d3eb07c285d3f8307df654960579) \Device\Harddisk0\DR0\Partition0 <br/>15:27:33.0201 31884 \Device\Harddisk0\DR0\Partition0 - ok <br/>15:27:33.0206 31884 Boot (0x1200) (7e6f9bda52a58a0f7568a81de5eb53e3) \Device\Harddisk1\DR1\Partition0 <br/>15:27:33.0208 31884 \Device\Harddisk1\DR1\Partition0 - ok <br/>15:27:33.0211 31884 Boot (0x1200) (f274501b2d81ac1a57a590676bc2e8ea) \Device\Harddisk3\DR3\Partition0 <br/>15:27:33.0214 31884 \Device\Harddisk3\DR3\Partition0 - ok <br/>15:27:33.0214 31884 ============================================================ <br/>15:27:33.0214 31884 Scan finished <br/>15:27:33.0214 31884 ============================================================ <br/>15:27:33.0222 41764 Detected object count: 0 <br/>15:27:33.0223 41764 Actual detected object count: 0 <br/>15:27:55.0232 37680 ============================================================ <br/>15:27:55.0232 37680 Scan started <br/>15:27:55.0232 37680 Mode: Manual; SigCheck; TDLFS; <br/>15:27:55.0232 37680 ============================================================ <br/>15:27:55.0586 37680 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys <br/>15:27:55.0648 37680 1394ohci - ok <br/>15:27:55.0655 37680 ACDaemon (fee588cdf60f2b541b5a3e803fa938a1) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe <br/>15:27:55.0674 37680 ACDaemon - ok <br/>15:27:55.0688 37680 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys <br/>15:27:55.0705 37680 ACPI - ok <br/>15:27:55.0709 37680 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys <br/>15:27:55.0727 37680 AcpiPmi - ok <br/>15:27:55.0733 37680 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys <br/>15:27:55.0745 37680 adfs - ok <br/>15:27:55.0756 37680 Adobe Version Cue CS4 (57a3b9a69f14414ace12afd6ba701773) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe <br/>15:27:55.0769 37680 Adobe Version Cue CS4 - ok <br/>15:27:55.0796 37680 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe <br/>15:27:55.0810 37680 AdobeFlashPlayerUpdateSvc - ok <br/>15:27:55.0829 37680 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys <br/>15:27:55.0848 37680 adp94xx - ok <br/>15:27:55.0862 37680 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys <br/>15:27:55.0879 37680 adpahci - ok <br/>15:27:55.0887 37680 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys <br/>15:27:55.0902 37680 adpu320 - ok <br/>15:27:55.0910 37680 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll <br/>15:27:55.0945 37680 AeLookupSvc - ok <br/>15:27:55.0966 37680 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys <br/>15:27:55.0986 37680 AFD - ok <br/>15:27:55.0991 37680 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys <br/>15:27:56.0005 37680 agp440 - ok <br/>15:27:56.0011 37680 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe <br/>15:27:56.0028 37680 ALG - ok <br/>15:27:56.0032 37680 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys <br/>15:27:56.0045 37680 aliide - ok <br/>15:27:56.0056 37680 AMD External Events Utility (bcc32bf5ebb5dfd4380fa053d3651949) C:\Windows\system32\atiesrxx.exe <br/>15:27:56.0074 37680 AMD External Events Utility - ok <br/>15:27:56.0078 37680 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys <br/>15:27:56.0093 37680 amdide - ok <br/>15:27:56.0101 37680 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys <br/>15:27:56.0117 37680 AmdK8 - ok <br/>15:27:56.0121 37680 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys <br/>15:27:56.0137 37680 AmdPPM - ok <br/>15:27:56.0144 37680 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys <br/>15:27:56.0158 37680 amdsata - ok <br/>15:27:56.0167 37680 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys <br/>15:27:56.0182 37680 amdsbs - ok <br/>15:27:56.0186 37680 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys <br/>15:27:56.0200 37680 amdxata - ok <br/>15:27:56.0209 37680 ApfiltrService (22fecb5b3de1eb8b1b2761338922f681) C:\Windows\system32\DRIVERS\Apfiltr.sys <br/>15:27:56.0223 37680 ApfiltrService - ok <br/>15:27:56.0229 37680 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys <br/>15:27:56.0263 37680 AppID - ok <br/>15:27:56.0267 37680 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll <br/>15:27:56.0302 37680 AppIDSvc - ok <br/>15:27:56.0308 37680 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll <br/>15:27:56.0342 37680 Appinfo - ok <br/>15:27:56.0349 37680 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>15:27:56.0360 37680 Apple Mobile Device - ok <br/>15:27:56.0368 37680 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys <br/>15:27:56.0382 37680 arc - ok <br/>15:27:56.0388 37680 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys <br/>15:27:56.0402 37680 arcsas - ok <br/>15:27:56.0406 37680 ArcSoftKsUFilter (1ce3822b05a5e229286a15ea39369870) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys <br/>15:27:56.0417 37680 ArcSoftKsUFilter - ok <br/>15:27:56.0421 37680 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys <br/>15:27:56.0434 37680 aswFsBlk - ok <br/>15:27:56.0439 37680 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys <br/>15:27:56.0452 37680 aswMonFlt - ok <br/>15:27:56.0457 37680 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys <br/>15:27:56.0470 37680 aswRdr - ok <br/>15:27:56.0499 37680 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys <br/>15:27:56.0523 37680 aswSnx - ok <br/>15:27:56.0537 37680 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys <br/>15:27:56.0553 37680 aswSP - ok <br/>15:27:56.0558 37680 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys <br/>15:27:56.0571 37680 aswTdi - ok <br/>15:27:56.0575 37680 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys <br/>15:27:56.0610 37680 AsyncMac - ok <br/>15:27:56.0614 37680 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys <br/>15:27:56.0627 37680 atapi - ok <br/>15:27:56.0937 37680 atikmdag (a29087680a1c3b049e3c05438e8ff2b8) C:\Windows\system32\DRIVERS\atikmdag.sys <br/>15:27:57.0007 37680 atikmdag - ok <br/>15:27:57.0061 37680 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll <br/>15:27:57.0100 37680 AudioEndpointBuilder - ok <br/>15:27:57.0106 37680 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll <br/>15:27:57.0145 37680 AudioSrv - ok <br/>15:27:57.0150 37680 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe <br/>15:27:57.0163 37680 avast! Antivirus - ok <br/>15:27:57.0171 37680 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll <br/>15:27:57.0192 37680 AxInstSV - ok <br/>15:27:57.0211 37680 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys <br/>15:27:57.0230 37680 b06bdrv - ok <br/>15:27:57.0241 37680 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys <br/>15:27:57.0258 37680 b57nd60a - ok <br/>15:27:57.0267 37680 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll <br/>15:27:57.0283 37680 BDESVC - ok <br/>15:27:57.0286 37680 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys <br/>15:27:57.0321 37680 Beep - ok <br/>15:27:57.0346 37680 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll <br/>15:27:57.0385 37680 BFE - ok <br/>15:27:57.0416 37680 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll <br/>15:27:57.0459 37680 BITS - ok <br/>15:27:57.0466 37680 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys <br/>15:27:57.0482 37680 blbdrive - ok <br/>15:27:57.0500 37680 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe <br/>15:27:57.0515 37680 Bonjour Service - ok <br/>15:27:57.0521 37680 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys <br/>15:27:57.0536 37680 bowser - ok <br/>15:27:57.0540 37680 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys <br/>15:27:57.0558 37680 BrFiltLo - ok <br/>15:27:57.0561 37680 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys <br/>15:27:57.0578 37680 BrFiltUp - ok <br/>15:27:57.0585 37680 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys <br/>15:27:57.0620 37680 BridgeMP - ok <br/>15:27:57.0627 37680 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll <br/>15:27:57.0662 37680 Browser - ok <br/>15:27:57.0674 37680 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys <br/>15:27:57.0692 37680 Brserid - ok <br/>15:27:57.0696 37680 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys <br/>15:27:57.0714 37680 BrSerWdm - ok <br/>15:27:57.0718 37680 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys <br/>15:27:57.0736 37680 BrUsbMdm - ok <br/>15:27:57.0740 37680 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys <br/>15:27:57.0755 37680 BrUsbSer - ok <br/>15:27:57.0760 37680 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys <br/>15:27:57.0775 37680 BthEnum - ok <br/>15:27:57.0781 37680 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys <br/>15:27:57.0798 37680 BTHMODEM - ok <br/>15:27:57.0806 37680 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys <br/>15:27:57.0825 37680 BthPan - ok <br/>15:27:57.0845 37680 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys <br/>15:27:57.0864 37680 BTHPORT - ok <br/>15:27:57.0870 37680 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll <br/>15:27:57.0906 37680 bthserv - ok <br/>15:27:57.0912 37680 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys <br/>15:27:57.0948 37680 BTHUSB - ok <br/>15:27:57.0984 37680 btwdins (f28dab823fcda98f50dd677552a4dc52) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe <br/>15:27:58.0005 37680 btwdins - ok <br/>15:27:58.0008 37680 catchme - ok <br/>15:27:58.0024 37680 CAXHWAZL (fdb53a8d3bc52dc29884587e768e3388) C:\Windows\system32\DRIVERS\CAXHWAZL.sys <br/>15:27:58.0040 37680 CAXHWAZL - ok <br/>15:27:58.0047 37680 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys <br/>15:27:58.0087 37680 cdfs - ok <br/>15:27:58.0094 37680 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys <br/>15:27:58.0111 37680 cdrom - ok <br/>15:27:58.0117 37680 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll <br/>15:27:58.0163 37680 CertPropSvc - ok <br/>15:27:58.0168 37680 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys <br/>15:27:58.0185 37680 circlass - ok <br/>15:27:58.0202 37680 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys <br/>15:27:58.0220 37680 CLFS - ok <br/>15:27:58.0226 37680 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe <br/>15:27:58.0241 37680 clr_optimization_v2.0.50727_32 - ok <br/>15:27:58.0248 37680 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe <br/>15:27:58.0260 37680 clr_optimization_v2.0.50727_64 - ok <br/>15:27:58.0264 37680 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys <br/>15:27:58.0280 37680 CmBatt - ok <br/>15:27:58.0284 37680 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys <br/>15:27:58.0297 37680 cmdide - ok <br/>15:27:58.0313 37680 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys <br/>15:27:58.0338 37680 CNG - ok <br/>15:27:58.0342 37680 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys <br/>15:27:58.0355 37680 Compbatt - ok <br/>15:27:58.0360 37680 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys <br/>15:27:58.0378 37680 CompositeBus - ok <br/>15:27:58.0381 37680 COMSysApp - ok <br/>15:27:58.0386 37680 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys <br/>15:27:58.0400 37680 crcdisk - ok <br/>15:27:58.0410 37680 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll <br/>15:27:58.0427 37680 CryptSvc - ok <br/>15:27:58.0449 37680 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll <br/>15:27:58.0489 37680 DcomLaunch - ok <br/>15:27:58.0497 37680 DefragFS (952ac62074718c8f04f053e5073eeb45) C:\Windows\system32\drivers\DefragFS.sys <br/>15:27:58.0510 37680 DefragFS - ok <br/>15:27:58.0523 37680 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll <br/>15:27:58.0560 37680 defragsvc - ok <br/>15:27:58.0567 37680 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys <br/>15:27:58.0602 37680 DfsC - ok <br/>15:27:58.0618 37680 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll <br/>15:27:58.0654 37680 Dhcp - ok <br/>15:27:58.0664 37680 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys <br/>15:27:58.0700 37680 discache - ok <br/>15:27:58.0705 37680 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys <br/>15:27:58.0719 37680 Disk - ok <br/>15:27:58.0728 37680 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll <br/>15:27:58.0745 37680 Dnscache - ok <br/>15:27:58.0756 37680 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll <br/>15:27:58.0792 37680 dot3svc - ok <br/>15:27:58.0800 37680 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll <br/>15:27:58.0836 37680 DPS - ok <br/>15:27:58.0840 37680 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys <br/>15:27:58.0857 37680 drmkaud - ok <br/>15:27:58.0892 37680 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys <br/>15:27:58.0917 37680 DXGKrnl - ok <br/>15:27:58.0924 37680 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll <br/>15:27:58.0960 37680 EapHost - ok <br/>15:27:59.0074 37680 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys <br/>15:27:59.0133 37680 ebdrv - ok <br/>15:27:59.0163 37680 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe <br/>15:27:59.0180 37680 EFS - ok <br/>15:27:59.0210 37680 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe <br/>15:27:59.0231 37680 ehRecvr - ok <br/>15:27:59.0238 37680 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe <br/>15:27:59.0255 37680 ehSched - ok <br/>15:27:59.0280 37680 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys <br/>15:27:59.0299 37680 elxstor - ok <br/>15:27:59.0302 37680 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys <br/>15:27:59.0318 37680 ErrDev - ok <br/>15:27:59.0342 37680 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll <br/>15:27:59.0380 37680 EventSystem - ok <br/>15:27:59.0389 37680 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys <br/>15:27:59.0425 37680 exfat - ok <br/>15:27:59.0435 37680 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys <br/>15:27:59.0473 37680 fastfat - ok <br/>15:27:59.0498 37680 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe <br/>15:27:59.0520 37680 Fax - ok <br/>15:27:59.0524 37680 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys <br/>15:27:59.0540 37680 fdc - ok <br/>15:27:59.0544 37680 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll <br/>15:27:59.0580 37680 fdPHost - ok <br/>15:27:59.0584 37680 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll <br/>15:27:59.0620 37680 FDResPub - ok <br/>15:27:59.0626 37680 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys <br/>15:27:59.0640 37680 FileInfo - ok <br/>15:27:59.0645 37680 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys <br/>15:27:59.0680 37680 Filetrace - ok <br/>15:27:59.0705 37680 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe <br/>15:27:59.0723 37680 FLEXnet Licensing Service - ok <br/>15:27:59.0759 37680 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe <br/>15:27:59.0781 37680 FLEXnet Licensing Service 64 - ok <br/>15:27:59.0812 37680 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys <br/>15:27:59.0827 37680 flpydisk - ok <br/>15:27:59.0840 37680 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys <br/>15:27:59.0856 37680 FltMgr - ok <br/>15:27:59.0898 37680 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll <br/>15:27:59.0942 37680 FontCache - ok <br/>15:27:59.0947 37680 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe <br/>15:27:59.0960 37680 FontCache3.0.0.0 - ok <br/>15:27:59.0968 37680 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys <br/>15:27:59.0982 37680 FsDepends - ok <br/>15:27:59.0986 37680 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys <br/>15:28:00.0000 37680 Fs_Rec - ok <br/>15:28:00.0012 37680 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys <br/>15:28:00.0031 37680 fvevol - ok <br/>15:28:00.0036 37680 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys <br/>15:28:00.0051 37680 gagp30kx - ok <br/>15:28:00.0056 37680 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys <br/>15:28:00.0067 37680 GEARAspiWDM - ok <br/>15:28:00.0091 37680 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll <br/>15:28:00.0132 37680 gpsvc - ok <br/>15:28:00.0140 37680 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe <br/>15:28:00.0153 37680 gusvc - ok <br/>15:28:00.0157 37680 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys <br/>15:28:00.0172 37680 hcw85cir - ok <br/>15:28:00.0186 37680 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys <br/>15:28:00.0206 37680 HdAudAddService - ok <br/>15:28:00.0213 37680 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys <br/>15:28:00.0232 37680 HDAudBus - ok <br/>15:28:00.0236 37680 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys <br/>15:28:00.0251 37680 HidBatt - ok <br/>15:28:00.0257 37680 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys <br/>15:28:00.0275 37680 HidBth - ok <br/>15:28:00.0280 37680 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys <br/>15:28:00.0298 37680 HidIr - ok <br/>15:28:00.0302 37680 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll <br/>15:28:00.0338 37680 hidserv - ok <br/>15:28:00.0342 37680 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys <br/>15:28:00.0358 37680 HidUsb - ok <br/>15:28:00.0364 37680 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll <br/>15:28:00.0400 37680 hkmsvc - ok <br/>15:28:00.0410 37680 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll <br/>15:28:00.0428 37680 HomeGroupListener - ok <br/>15:28:00.0437 37680 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll <br/>15:28:00.0456 37680 HomeGroupProvider - ok <br/>15:28:00.0459 37680 hotcore3 - ok <br/>15:28:00.0466 37680 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys <br/>15:28:00.0480 37680 HpSAMD - ok <br/>15:28:00.0546 37680 HSF_DPV (e90d0e3d9715f3bec7db2d6321dddee8) C:\Windows\system32\DRIVERS\CAX_DPV.sys <br/>15:28:00.0591 37680 HSF_DPV - ok <br/>15:28:00.0643 37680 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys <br/>15:28:00.0684 37680 HTTP - ok <br/>15:28:00.0688 37680 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys <br/>15:28:00.0702 37680 hwpolicy - ok <br/>15:28:00.0708 37680 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys <br/>15:28:00.0724 37680 i8042prt - ok <br/>15:28:00.0742 37680 iaStor (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys <br/>15:28:00.0758 37680 iaStor - ok <br/>15:28:00.0775 37680 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys <br/>15:28:00.0792 37680 iaStorV - ok <br/>15:28:00.0825 37680 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe <br/>15:28:00.0846 37680 idsvc - ok <br/>15:28:00.0851 37680 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys <br/>15:28:00.0865 37680 iirsp - ok <br/>15:28:00.0896 37680 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll <br/>15:28:00.0937 37680 IKEEXT - ok <br/>15:28:01.0018 37680 IntcAzAudAddService (b16fc828ce7a76a8f1ce682e6ead2627) C:\Windows\system32\drivers\RTKVHD64.sys <br/>15:28:01.0058 37680 IntcAzAudAddService - ok <br/>15:28:01.0089 37680 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys <br/>15:28:01.0102 37680 intelide - ok <br/>15:28:01.0107 37680 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys <br/>15:28:01.0123 37680 intelppm - ok <br/>15:28:01.0129 37680 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll <br/>15:28:01.0166 37680 IPBusEnum - ok <br/>15:28:01.0178 37680 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys <br/>15:28:01.0212 37680 IpFilterDriver - ok <br/>15:28:01.0234 37680 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll <br/>15:28:01.0274 37680 iphlpsvc - ok <br/>15:28:01.0280 37680 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys <br/>15:28:01.0296 37680 IPMIDRV - ok <br/>15:28:01.0303 37680 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys <br/>15:28:01.0339 37680 IPNAT - ok <br/>15:28:01.0372 37680 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe <br/>15:28:01.0394 37680 iPod Service - ok <br/>15:28:01.0399 37680 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys <br/>15:28:01.0418 37680 IRENUM - ok <br/>15:28:01.0422 37680 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys <br/>15:28:01.0435 37680 isapnp - ok <br/>15:28:01.0449 37680 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys <br/>15:28:01.0465 37680 iScsiPrt - ok <br/>15:28:01.0473 37680 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe <br/>15:28:01.0485 37680 IviRegMgr - ok <br/>15:28:01.0490 37680 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys <br/>15:28:01.0504 37680 kbdclass - ok <br/>15:28:01.0509 37680 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys <br/>15:28:01.0525 37680 kbdhid - ok <br/>15:28:01.0529 37680 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:28:01.0545 37680 KeyIso - ok <br/>15:28:01.0552 37680 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys <br/>15:28:01.0566 37680 KSecDD - ok <br/>15:28:01.0574 37680 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys <br/>15:28:01.0589 37680 KSecPkg - ok <br/>15:28:01.0593 37680 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys <br/>15:28:01.0628 37680 ksthunk - ok <br/>15:28:01.0640 37680 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll <br/>15:28:01.0679 37680 KtmRm - ok <br/>15:28:01.0691 37680 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll <br/>15:28:01.0729 37680 LanmanServer - ok <br/>15:28:01.0737 37680 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll <br/>15:28:01.0775 37680 LanmanWorkstation - ok <br/>15:28:01.0875 37680 Lavasoft Ad-Aware Service (5ee22a614300a61136faf2d047d6e927) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe <br/>15:28:01.0917 37680 Lavasoft Ad-Aware Service - ok <br/>15:28:01.0949 37680 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys <br/>15:28:01.0961 37680 Lbd - ok <br/>15:28:01.0969 37680 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys <br/>15:28:02.0005 37680 lltdio - ok <br/>15:28:02.0018 37680 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll <br/>15:28:02.0055 37680 lltdsvc - ok <br/>15:28:02.0060 37680 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll <br/>15:28:02.0097 37680 lmhosts - ok <br/>15:28:02.0112 37680 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe <br/>15:28:02.0126 37680 LMIGuardianSvc - ok <br/>15:28:02.0129 37680 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys <br/>15:28:02.0141 37680 LMIInfo - ok <br/>15:28:02.0149 37680 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe <br/>15:28:02.0160 37680 LMIMaint - ok <br/>15:28:02.0164 37680 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys <br/>15:28:02.0176 37680 lmimirr - ok <br/>15:28:02.0179 37680 LMIRfsClientNP - ok <br/>15:28:02.0186 37680 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys <br/>15:28:02.0198 37680 LMIRfsDriver - ok <br/>15:28:02.0211 37680 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe <br/>15:28:02.0226 37680 LogMeIn - ok <br/>15:28:02.0235 37680 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys <br/>15:28:02.0250 37680 LSI_FC - ok <br/>15:28:02.0257 37680 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys <br/>15:28:02.0271 37680 LSI_SAS - ok <br/>15:28:02.0276 37680 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys <br/>15:28:02.0290 37680 LSI_SAS2 - ok <br/>15:28:02.0296 37680 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys <br/>15:28:02.0310 37680 LSI_SCSI - ok <br/>15:28:02.0317 37680 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys <br/>15:28:02.0353 37680 luafv - ok <br/>15:28:02.0360 37680 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll <br/>15:28:02.0377 37680 Mcx2Svc - ok <br/>15:28:02.0381 37680 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys <br/>15:28:02.0394 37680 mdmxsdk - ok <br/>15:28:02.0613 37680 MediaMall Server (4f35064ed1ad8386bf6eb09d6e2cea79) C:\Program Files (x86)\MediaMall\MediaMallServer.exe <br/>15:28:02.0691 37680 MediaMall Server - ok <br/>15:28:02.0724 37680 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys <br/>15:28:02.0738 37680 megasas - ok <br/>15:28:02.0750 37680 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys <br/>15:28:02.0767 37680 MegaSR - ok <br/>15:28:02.0773 37680 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll <br/>15:28:02.0810 37680 MMCSS - ok <br/>15:28:02.0815 37680 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys <br/>15:28:02.0850 37680 Modem - ok <br/>15:28:02.0855 37680 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys <br/>15:28:02.0873 37680 monitor - ok <br/>15:28:02.0878 37680 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys <br/>15:28:02.0891 37680 mouclass - ok <br/>15:28:02.0896 37680 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys <br/>15:28:02.0912 37680 mouhid - ok <br/>15:28:02.0919 37680 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys <br/>15:28:02.0933 37680 mountmgr - ok <br/>15:28:02.0940 37680 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe <br/>15:28:02.0953 37680 MozillaMaintenance - ok <br/>15:28:02.0964 37680 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys <br/>15:28:02.0980 37680 MpFilter - ok <br/>15:28:02.0988 37680 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys <br/>15:28:03.0003 37680 mpio - ok <br/>15:28:03.0009 37680 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys <br/>15:28:03.0044 37680 mpsdrv - ok <br/>15:28:03.0071 37680 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll <br/>15:28:03.0114 37680 MpsSvc - ok <br/>15:28:03.0123 37680 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys <br/>15:28:03.0143 37680 MRxDAV - ok <br/>15:28:03.0152 37680 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys <br/>15:28:03.0168 37680 mrxsmb - ok <br/>15:28:03.0181 37680 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys <br/>15:28:03.0198 37680 mrxsmb10 - ok <br/>15:28:03.0206 37680 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys <br/>15:28:03.0221 37680 mrxsmb20 - ok <br/>15:28:03.0226 37680 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys <br/>15:28:03.0240 37680 msahci - ok <br/>15:28:03.0248 37680 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys <br/>15:28:03.0262 37680 msdsm - ok <br/>15:28:03.0270 37680 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe <br/>15:28:03.0289 37680 MSDTC - ok <br/>15:28:03.0295 37680 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys <br/>15:28:03.0330 37680 Msfs - ok <br/>15:28:03.0334 37680 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys <br/>15:28:03.0369 37680 mshidkmdf - ok <br/>15:28:03.0373 37680 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys <br/>15:28:03.0386 37680 msisadrv - ok <br/>15:28:03.0395 37680 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll <br/>15:28:03.0432 37680 MSiSCSI - ok <br/>15:28:03.0435 37680 msiserver - ok <br/>15:28:03.0442 37680 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys <br/>15:28:03.0478 37680 MSKSSRV - ok <br/>15:28:03.0482 37680 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys <br/>15:28:03.0517 37680 MSPCLOCK - ok <br/>15:28:03.0521 37680 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys <br/>15:28:03.0556 37680 MSPQM - ok <br/>15:28:03.0573 37680 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys <br/>15:28:03.0590 37680 MsRPC - ok <br/>15:28:03.0597 37680 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys <br/>15:28:03.0611 37680 mssmbios - ok <br/>15:28:03.0615 37680 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys <br/>15:28:03.0650 37680 MSTEE - ok <br/>15:28:03.0654 37680 msvad_simple (c83829c280f0207677b7aaa151ef9c4d) C:\Windows\system32\drivers\povrtdev.sys <br/>15:28:03.0665 37680 msvad_simple - ok <br/>15:28:03.0669 37680 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys <br/>15:28:03.0685 37680 MTConfig - ok <br/>15:28:03.0690 37680 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys <br/>15:28:03.0704 37680 Mup - ok <br/>15:28:03.0724 37680 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll <br/>15:28:03.0763 37680 napagent - ok <br/>15:28:03.0779 37680 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys <br/>15:28:03.0801 37680 NativeWifiP - ok <br/>15:28:03.0835 37680 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys <br/>15:28:03.0859 37680 NDIS - ok <br/>15:28:03.0865 37680 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys <br/>15:28:03.0900 37680 NdisCap - ok <br/>15:28:03.0904 37680 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys <br/>15:28:03.0939 37680 NdisTapi - ok <br/>15:28:03.0944 37680 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys <br/>15:28:03.0978 37680 Ndisuio - ok <br/>15:28:03.0988 37680 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys <br/>15:28:04.0024 37680 NdisWan - ok <br/>15:28:04.0030 37680 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys <br/>15:28:04.0064 37680 NDProxy - ok <br/>15:28:04.0069 37680 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys <br/>15:28:04.0104 37680 NetBIOS - ok <br/>15:28:04.0118 37680 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys <br/>15:28:04.0153 37680 NetBT - ok <br/>15:28:04.0158 37680 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:28:04.0174 37680 Netlogon - ok <br/>15:28:04.0189 37680 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll <br/>15:28:04.0229 37680 Netman - ok <br/>15:28:04.0254 37680 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll <br/>15:28:04.0295 37680 netprofm - ok <br/>15:28:04.0302 37680 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe <br/>15:28:04.0314 37680 NetTcpPortSharing - ok <br/>15:28:04.0487 37680 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys <br/>15:28:04.0550 37680 netw5v64 - ok <br/>15:28:04.0590 37680 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys <br/>15:28:04.0604 37680 nfrd960 - ok <br/>15:28:04.0611 37680 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys <br/>15:28:04.0624 37680 NisDrv - ok <br/>15:28:04.0638 37680 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe <br/>15:28:04.0655 37680 NisSrv - ok <br/>15:28:04.0669 37680 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll <br/>15:28:04.0707 37680 NlaSvc - ok <br/>15:28:04.0713 37680 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys <br/>15:28:04.0748 37680 Npfs - ok <br/>15:28:04.0753 37680 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll <br/>15:28:04.0789 37680 nsi - ok <br/>15:28:04.0793 37680 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys <br/>15:28:04.0829 37680 nsiproxy - ok <br/>15:28:04.0904 37680 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys <br/>15:28:04.0950 37680 Ntfs - ok <br/>15:28:04.0981 37680 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys <br/>15:28:05.0016 37680 Null - ok <br/>15:28:05.0024 37680 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys <br/>15:28:05.0039 37680 nvraid - ok <br/>15:28:05.0047 37680 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys <br/>15:28:05.0062 37680 nvstor - ok <br/>15:28:05.0069 37680 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys <br/>15:28:05.0084 37680 nv_agp - ok <br/>15:28:05.0090 37680 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys <br/>15:28:05.0106 37680 ohci1394 - ok <br/>15:28:05.0122 37680 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll <br/>15:28:05.0141 37680 p2pimsvc - ok <br/>15:28:05.0161 37680 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll <br/>15:28:05.0181 37680 p2psvc - ok <br/>15:28:05.0188 37680 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys <br/>15:28:05.0205 37680 Parport - ok <br/>15:28:05.0211 37680 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys <br/>15:28:05.0225 37680 partmgr - ok <br/>15:28:05.0236 37680 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll <br/>15:28:05.0260 37680 PcaSvc - ok <br/>15:28:05.0269 37680 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys <br/>15:28:05.0285 37680 pci - ok <br/>15:28:05.0289 37680 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys <br/>15:28:05.0303 37680 pciide - ok <br/>15:28:05.0312 37680 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys <br/>15:28:05.0328 37680 pcmcia - ok <br/>15:28:05.0334 37680 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys <br/>15:28:05.0348 37680 pcw - ok <br/>15:28:05.0429 37680 PDAgent (1963155b9d5c22e66f2f7729cd0a6238) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe <br/>15:28:05.0476 37680 PDAgent - ok <br/>15:28:05.0581 37680 PDEngine (a817f42ca419a7fffc813b393e45173c) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe <br/>15:28:05.0631 37680 PDEngine - ok <br/>15:28:05.0664 37680 PDFSFilter (751500cefa3d3b7a7fcb52c392f3be78) C:\Windows\system32\DRIVERS\PDFsFilter.sys <br/>15:28:05.0676 37680 PDFSFilter - ok <br/>15:28:05.0706 37680 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys <br/>15:28:05.0746 37680 PEAUTH - ok <br/>15:28:05.0770 37680 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe <br/>15:28:05.0788 37680 PerfHost - ok <br/>15:28:05.0856 37680 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll <br/>15:28:05.0913 37680 pla - ok <br/>15:28:05.0931 37680 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll <br/>15:28:05.0951 37680 PlugPlay - ok <br/>15:28:05.0956 37680 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll <br/>15:28:05.0973 37680 PNRPAutoReg - ok <br/>15:28:05.0989 37680 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll <br/>15:28:06.0008 37680 PNRPsvc - ok <br/>15:28:06.0018 37680 Polar Daemon (8a2b3e18d0a2d2536ba304bc465ebeb1) C:\Program Files (x86)\Polar\Daemon\polard.exe <br/>15:28:06.0024 37680 Polar Daemon ( UnsignedFile.Multi.Generic ) - warning <br/>15:28:06.0024 37680 Polar Daemon - detected UnsignedFile.Multi.Generic (1) <br/>15:28:06.0047 37680 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll <br/>15:28:06.0086 37680 PolicyAgent - ok <br/>15:28:06.0097 37680 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll <br/>15:28:06.0136 37680 Power - ok <br/>15:28:06.0147 37680 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys <br/>15:28:06.0181 37680 PptpMiniport - ok <br/>15:28:06.0187 37680 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys <br/>15:28:06.0202 37680 Processor - ok <br/>15:28:06.0214 37680 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll <br/>15:28:06.0251 37680 ProfSvc - ok <br/>15:28:06.0256 37680 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:28:06.0272 37680 ProtectedStorage - ok <br/>15:28:06.0280 37680 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys <br/>15:28:06.0314 37680 Psched - ok <br/>15:28:06.0325 37680 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe <br/>15:28:06.0338 37680 PSI_SVC_2 - ok <br/>15:28:06.0342 37680 pwdrvio (da3964d8fb8798dc741abaca9ed1b99d) C:\Windows\system32\pwdrvio.sys <br/>15:28:06.0359 37680 pwdrvio - ok <br/>15:28:06.0363 37680 pwdspio (a55ed5a63d0178a41ea05ac50a60f89a) C:\Windows\system32\pwdspio.sys <br/>15:28:06.0379 37680 pwdspio - ok <br/>15:28:06.0385 37680 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys <br/>15:28:06.0397 37680 PxHlpa64 - ok <br/>15:28:06.0443 37680 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys <br/>15:28:06.0476 37680 ql2300 - ok <br/>15:28:06.0512 37680 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys <br/>15:28:06.0527 37680 ql40xx - ok <br/>15:28:06.0540 37680 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll <br/>15:28:06.0563 37680 QWAVE - ok <br/>15:28:06.0568 37680 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys <br/>15:28:06.0588 37680 QWAVEdrv - ok <br/>15:28:06.0592 37680 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys <br/>15:28:06.0627 37680 RasAcd - ok <br/>15:28:06.0633 37680 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys <br/>15:28:06.0667 37680 RasAgileVpn - ok <br/>15:28:06.0675 37680 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll <br/>15:28:06.0712 37680 RasAuto - ok <br/>15:28:06.0721 37680 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys <br/>15:28:06.0755 37680 Rasl2tp - ok <br/>15:28:06.0770 37680 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll <br/>15:28:06.0809 37680 RasMan - ok <br/>15:28:06.0816 37680 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys <br/>15:28:06.0852 37680 RasPppoe - ok <br/>15:28:06.0858 37680 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys <br/>15:28:06.0893 37680 RasSstp - ok <br/>15:28:06.0907 37680 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys <br/>15:28:06.0943 37680 rdbss - ok <br/>15:28:06.0947 37680 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys <br/>15:28:06.0965 37680 rdpbus - ok <br/>15:28:06.0969 37680 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys <br/>15:28:07.0004 37680 RDPCDD - ok <br/>15:28:07.0010 37680 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys <br/>15:28:07.0046 37680 RDPENCDD - ok <br/>15:28:07.0052 37680 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys <br/>15:28:07.0087 37680 RDPREFMP - ok <br/>15:28:07.0097 37680 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys <br/>15:28:07.0113 37680 RDPWD - ok <br/>15:28:07.0125 37680 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys <br/>15:28:07.0141 37680 rdyboost - ok <br/>15:28:07.0145 37680 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys <br/>15:28:07.0158 37680 regi - ok <br/>15:28:07.0166 37680 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll <br/>15:28:07.0202 37680 RemoteAccess - ok <br/>15:28:07.0211 37680 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll <br/>15:28:07.0249 37680 RemoteRegistry - ok <br/>15:28:07.0258 37680 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys <br/>15:28:07.0277 37680 RFCOMM - ok <br/>15:28:07.0284 37680 rimsptsk (7eae3999b94a8ce60bfbaa83462b89a1) C:\Windows\system32\DRIVERS\rimssn64.sys <br/>15:28:07.0299 37680 rimsptsk - ok <br/>15:28:07.0306 37680 risdptsk (fa6d7cd63ad08a01d9259f58e0c5c09e) C:\Windows\system32\DRIVERS\risdsn64.sys <br/>15:28:07.0320 37680 risdptsk - ok <br/>15:28:07.0334 37680 Roxio UPnP Renderer 10 (d02e5a46f77c182ca1964080bcd586f7) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe <br/>15:28:07.0348 37680 Roxio UPnP Renderer 10 - ok <br/>15:28:07.0365 37680 Roxio Upnp Server 10 (e5809597278802d09273ee07b5fc56e1) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe <br/>15:28:07.0380 37680 Roxio Upnp Server 10 - ok <br/>15:28:07.0386 37680 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll <br/>15:28:07.0424 37680 RpcEptMapper - ok <br/>15:28:07.0428 37680 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe <br/>15:28:07.0445 37680 RpcLocator - ok <br/>15:28:07.0467 37680 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll <br/>15:28:07.0506 37680 RpcSs - ok <br/>15:28:07.0516 37680 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys <br/>15:28:07.0551 37680 rspndr - ok <br/>15:28:07.0563 37680 RTHDMIAzAudService (34f05c417f038ffa3bef69b798d7d7dd) C:\Windows\system32\drivers\RtHDMIVX.sys <br/>15:28:07.0577 37680 RTHDMIAzAudService - ok <br/>15:28:07.0589 37680 RtkAudioService (01e6a1e53e39a0b1e2b6ae62bf52e8ec) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe <br/>15:28:07.0602 37680 RtkAudioService - ok <br/>15:28:07.0607 37680 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:28:07.0623 37680 SamSs - ok <br/>15:28:07.0628 37680 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS <br/>15:28:07.0640 37680 SASDIFSV - ok <br/>15:28:07.0643 37680 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS <br/>15:28:07.0654 37680 SASENUM - ok <br/>15:28:07.0659 37680 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys <br/>15:28:07.0671 37680 SASKUTIL - ok <br/>15:28:07.0678 37680 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys <br/>15:28:07.0692 37680 sbp2port - ok <br/>15:28:07.0745 37680 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe <br/>15:28:07.0789 37680 SBSDWSCService - ok <br/>15:28:07.0800 37680 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll <br/>15:28:07.0838 37680 SCardSvr - ok <br/>15:28:07.0846 37680 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys <br/>15:28:07.0880 37680 scfilter - ok <br/>15:28:07.0919 37680 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll <br/>15:28:07.0964 37680 Schedule - ok <br/>15:28:07.0970 37680 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll <br/>15:28:08.0004 37680 SCPolicySvc - ok <br/>15:28:08.0017 37680 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll <br/>15:28:08.0035 37680 SDRSVC - ok <br/>15:28:08.0043 37680 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys <br/>15:28:08.0078 37680 secdrv - ok <br/>15:28:08.0083 37680 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll <br/>15:28:08.0119 37680 seclogon - ok <br/>15:28:08.0126 37680 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll <br/>15:28:08.0163 37680 SENS - ok <br/>15:28:08.0168 37680 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll <br/>15:28:08.0186 37680 SensrSvc - ok <br/>15:28:08.0190 37680 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys <br/>15:28:08.0206 37680 Serenum - ok <br/>15:28:08.0212 37680 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys <br/>15:28:08.0228 37680 Serial - ok <br/>15:28:08.0232 37680 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys <br/>15:28:08.0248 37680 sermouse - ok <br/>15:28:08.0262 37680 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll <br/>15:28:08.0299 37680 SessionEnv - ok <br/>15:28:08.0304 37680 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys <br/>15:28:08.0317 37680 SFEP - ok <br/>15:28:08.0321 37680 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys <br/>15:28:08.0339 37680 sffdisk - ok <br/>15:28:08.0343 37680 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys <br/>15:28:08.0361 37680 sffp_mmc - ok <br/>15:28:08.0366 37680 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys <br/>15:28:08.0383 37680 sffp_sd - ok <br/>15:28:08.0387 37680 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys <br/>15:28:08.0402 37680 sfloppy - ok <br/>15:28:08.0417 37680 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll <br/>15:28:08.0456 37680 SharedAccess - ok <br/>15:28:08.0471 37680 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll <br/>15:28:08.0510 37680 ShellHWDetection - ok <br/>15:28:08.0516 37680 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys <br/>15:28:08.0530 37680 SiSRaid2 - ok <br/>15:28:08.0536 37680 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys <br/>15:28:08.0550 37680 SiSRaid4 - ok <br/>15:28:08.0557 37680 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys <br/>15:28:08.0593 37680 Smb - ok <br/>15:28:08.0599 37680 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe <br/>15:28:08.0617 37680 SNMPTRAP - ok <br/>15:28:08.0626 37680 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe <br/>15:28:08.0637 37680 SOHCImp - ok <br/>15:28:08.0642 37680 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe <br/>15:28:08.0653 37680 SOHDBSvr - ok <br/>15:28:08.0667 37680 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe <br/>15:28:08.0682 37680 SOHDms - ok <br/>15:28:08.0687 37680 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe <br/>15:28:08.0699 37680 SOHDs - ok <br/>15:28:08.0709 37680 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe <br/>15:28:08.0720 37680 SOHPlMgr - ok <br/>15:28:08.0730 37680 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys <br/>15:28:08.0744 37680 spldr - ok <br/>15:28:08.0765 37680 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe <br/>15:28:08.0806 37680 Spooler - ok <br/>15:28:08.0920 37680 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe <br/>15:28:08.0987 37680 sppsvc - ok <br/>15:28:09.0020 37680 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll <br/>15:28:09.0059 37680 sppuinotify - ok <br/>15:28:09.0066 37680 Spyder3 (d8b882c520fc83547e22014ff5ec66d7) C:\Windows\system32\DRIVERS\Spyder3.sys <br/>15:28:09.0079 37680 Spyder3 - ok <br/>15:28:09.0099 37680 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys <br/>15:28:09.0118 37680 srv - ok <br/>15:28:09.0135 37680 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys <br/>15:28:09.0153 37680 srv2 - ok <br/>15:28:09.0162 37680 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys <br/>15:28:09.0179 37680 srvnet - ok <br/>15:28:09.0190 37680 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll <br/>15:28:09.0228 37680 SSDPSRV - ok <br/>15:28:09.0235 37680 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll <br/>15:28:09.0272 37680 SstpSvc - ok <br/>15:28:09.0277 37680 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys <br/>15:28:09.0291 37680 stexstor - ok <br/>15:28:09.0313 37680 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll <br/>15:28:09.0340 37680 stisvc - ok <br/>15:28:09.0344 37680 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys <br/>15:28:09.0358 37680 swenum - ok <br/>15:28:09.0379 37680 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll <br/>15:28:09.0421 37680 swprv - ok <br/>15:28:09.0482 37680 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll <br/>15:28:09.0521 37680 SysMain - ok <br/>15:28:09.0551 37680 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll <br/>15:28:09.0574 37680 TabletInputService - ok <br/>15:28:09.0587 37680 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll <br/>15:28:09.0625 37680 TapiSrv - ok <br/>15:28:09.0632 37680 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll <br/>15:28:09.0669 37680 TBS - ok <br/>15:28:09.0761 37680 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys <br/>15:28:09.0803 37680 Tcpip - ok <br/>15:28:09.0898 37680 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys <br/>15:28:09.0934 37680 TCPIP6 - ok <br/>15:28:09.0971 37680 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys <br/>15:28:10.0005 37680 tcpipreg - ok <br/>15:28:10.0011 37680 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys <br/>15:28:10.0026 37680 TDPIPE - ok <br/>15:28:10.0031 37680 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys <br/>15:28:10.0046 37680 TDTCP - ok <br/>15:28:10.0054 37680 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys <br/>15:28:10.0088 37680 tdx - ok <br/>15:28:10.0093 37680 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys <br/>15:28:10.0107 37680 TermDD - ok <br/>15:28:10.0135 37680 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll <br/>15:28:10.0177 37680 TermService - ok <br/>15:28:10.0182 37680 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll <br/>15:28:10.0206 37680 Themes - ok <br/>15:28:10.0212 37680 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll <br/>15:28:10.0248 37680 THREADORDER - ok <br/>15:28:10.0256 37680 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll <br/>15:28:10.0294 37680 TrkWks - ok <br/>15:28:10.0304 37680 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe <br/>15:28:10.0339 37680 TrustedInstaller - ok <br/>15:28:10.0346 37680 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys <br/>15:28:10.0381 37680 tssecsrv - ok <br/>15:28:10.0387 37680 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys <br/>15:28:10.0402 37680 TsUsbFlt - ok <br/>15:28:10.0410 37680 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys <br/>15:28:10.0445 37680 tunnel - ok <br/>15:28:10.0451 37680 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys <br/>15:28:10.0466 37680 uagp35 - ok <br/>15:28:10.0475 37680 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe <br/>15:28:10.0487 37680 uCamMonitor - ok <br/>15:28:10.0502 37680 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys <br/>15:28:10.0538 37680 udfs - ok <br/>15:28:10.0548 37680 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe <br/>15:28:10.0567 37680 UI0Detect - ok <br/>15:28:10.0573 37680 UimBus (49b13845f0dbe39b47fc91dc46b2170a) C:\Windows\system32\DRIVERS\uimx64.sys <br/>15:28:10.0585 37680 UimBus - ok <br/>15:28:10.0607 37680 Uim_IM (dd46bec773c011eaa5e502c43a73a1cc) C:\Windows\system32\Drivers\Uim_IMx64.sys <br/>15:28:10.0625 37680 Uim_IM - ok <br/>15:28:10.0631 37680 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys <br/>15:28:10.0645 37680 uliagpkx - ok <br/>15:28:10.0651 37680 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys <br/>15:28:10.0667 37680 umbus - ok <br/>15:28:10.0671 37680 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys <br/>15:28:10.0687 37680 UmPass - ok <br/>15:28:10.0705 37680 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll <br/>15:28:10.0746 37680 upnphost - ok <br/>15:28:10.0754 37680 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys <br/>15:28:10.0768 37680 USBAAPL64 - ok <br/>15:28:10.0776 37680 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys <br/>15:28:10.0794 37680 usbaudio - ok <br/>15:28:10.0801 37680 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys <br/>15:28:10.0817 37680 usbccgp - ok <br/>15:28:10.0824 37680 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys <br/>15:28:10.0842 37680 usbcir - ok <br/>15:28:10.0848 37680 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys <br/>15:28:10.0863 37680 usbehci - ok <br/>15:28:10.0877 37680 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys <br/>15:28:10.0896 37680 usbhub - ok <br/>15:28:10.0901 37680 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys <br/>15:28:10.0916 37680 usbohci - ok <br/>15:28:10.0921 37680 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys <br/>15:28:10.0939 37680 usbprint - ok <br/>15:28:10.0946 37680 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS <br/>15:28:10.0962 37680 USBSTOR - ok <br/>15:28:10.0967 37680 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys <br/>15:28:10.0983 37680 usbuhci - ok <br/>15:28:10.0992 37680 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys <br/>15:28:11.0010 37680 usbvideo - ok <br/>15:28:11.0016 37680 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll <br/>15:28:11.0054 37680 UxSms - ok <br/>15:28:11.0061 37680 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe <br/>15:28:11.0077 37680 VaultSvc - ok <br/>15:28:11.0082 37680 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys <br/>15:28:11.0099 37680 vdrvroot - ok <br/>15:28:11.0117 37680 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe <br/>15:28:11.0158 37680 vds - ok <br/>15:28:11.0163 37680 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys <br/>15:28:11.0180 37680 vga - ok <br/>15:28:11.0185 37680 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys <br/>15:28:11.0221 37680 VgaSave - ok <br/>15:28:11.0231 37680 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys <br/>15:28:11.0247 37680 vhdmp - ok <br/>15:28:11.0252 37680 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys <br/>15:28:11.0266 37680 viaide - ok <br/>15:28:11.0272 37680 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys <br/>15:28:11.0286 37680 volmgr - ok <br/>15:28:11.0302 37680 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys <br/>15:28:11.0320 37680 volmgrx - ok <br/>15:28:11.0333 37680 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys <br/>15:28:11.0350 37680 volsnap - ok <br/>15:28:11.0359 37680 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys <br/>15:28:11.0375 37680 vsmraid - ok <br/>15:28:11.0423 37680 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe <br/>15:28:11.0477 37680 VSS - ok <br/>15:28:11.0509 37680 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys <br/>15:28:11.0527 37680 vwifibus - ok <br/>15:28:11.0547 37680 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll <br/>15:28:11.0588 37680 W32Time - ok <br/>15:28:11.0595 37680 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys <br/>15:28:11.0610 37680 WacomPen - ok <br/>15:28:11.0617 37680 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys <br/>15:28:11.0652 37680 WANARP - ok <br/>15:28:11.0655 37680 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys <br/>15:28:11.0689 37680 Wanarpv6 - ok <br/>15:28:11.0736 37680 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe <br/>15:28:11.0765 37680 WatAdminSvc - ok <br/>15:28:11.0818 37680 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe <br/>15:28:11.0851 37680 wbengine - ok <br/>15:28:11.0887 37680 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll <br/>15:28:11.0910 37680 WbioSrvc - ok <br/>15:28:11.0928 37680 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll <br/>15:28:11.0953 37680 wcncsvc - ok <br/>15:28:11.0959 37680 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll <br/>15:28:11.0976 37680 WcsPlugInService - ok <br/>15:28:11.0984 37680 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys <br/>15:28:11.0998 37680 Wd - ok <br/>15:28:12.0025 37680 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys <br/>15:28:12.0046 37680 Wdf01000 - ok <br/>15:28:12.0054 37680 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll <br/>15:28:12.0077 37680 WdiServiceHost - ok <br/>15:28:12.0081 37680 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll <br/>15:28:12.0103 37680 WdiSystemHost - ok <br/>15:28:12.0116 37680 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll <br/>15:28:12.0140 37680 WebClient - ok <br/>15:28:12.0153 37680 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll <br/>15:28:12.0192 37680 Wecsvc - ok <br/>15:28:12.0199 37680 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll <br/>15:28:12.0238 37680 wercplsupport - ok <br/>15:28:12.0245 37680 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll <br/>15:28:12.0283 37680 WerSvc - ok <br/>15:28:12.0290 37680 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys <br/>15:28:12.0326 37680 WfpLwf - ok <br/>15:28:12.0334 37680 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys <br/>15:28:12.0350 37680 WimFltr - ok <br/>15:28:12.0355 37680 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys <br/>15:28:12.0369 37680 WIMMount - ok <br/>15:28:12.0394 37680 winachsf (057b062cf9a11e04db45b8c3afc28b11) C:\Windows\system32\DRIVERS\CAX_CNXT.sys <br/>15:28:12.0412 37680 winachsf - ok <br/>15:28:12.0417 37680 WinDefend - ok <br/>15:28:12.0424 37680 WinHttpAutoProxySvc - ok <br/>15:28:12.0441 37680 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll <br/>15:28:12.0478 37680 Winmgmt - ok <br/>15:28:12.0545 37680 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll <br/>15:28:12.0600 37680 WinRM - ok <br/>15:28:12.0634 37680 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys <br/>15:28:12.0651 37680 WinUsb - ok <br/>15:28:12.0689 37680 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll <br/>15:28:12.0718 37680 Wlansvc - ok <br/>15:28:12.0724 37680 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys <br/>15:28:12.0739 37680 WmiAcpi - ok <br/>15:28:12.0754 37680 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe <br/>15:28:12.0771 37680 wmiApSrv - ok <br/>15:28:12.0776 37680 WMPNetworkSvc - ok <br/>15:28:12.0782 37680 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll <br/>15:28:12.0799 37680 WPCSvc - ok <br/>15:28:12.0807 37680 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll <br/>15:28:12.0827 37680 WPDBusEnum - ok <br/>15:28:12.0832 37680 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys <br/>15:28:12.0867 37680 ws2ifsl - ok <br/>15:28:12.0875 37680 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll <br/>15:28:12.0897 37680 wscsvc - ok <br/>15:28:12.0901 37680 WSearch - ok <br/>15:28:12.0986 37680 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll <br/>15:28:13.0031 37680 wuauserv - ok <br/>15:28:13.0066 37680 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys <br/>15:28:13.0101 37680 WudfPf - ok <br/>15:28:13.0111 37680 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys <br/>15:28:13.0146 37680 WUDFRd - ok <br/>15:28:13.0153 37680 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll <br/>15:28:13.0190 37680 wudfsvc - ok <br/>15:28:13.0202 37680 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll <br/>15:28:13.0226 37680 WwanSvc - ok <br/>15:28:13.0233 37680 XAudio (638c99d993afab0e1fab226e2bbe6d79) C:\Windows\system32\DRIVERS\xaudio64.sys <br/>15:28:13.0246 37680 XAudio - ok <br/>15:28:13.0266 37680 XAudioService (3e775f0bd28ddeff53d78578b97a3cff) C:\Windows\system32\DRIVERS\xaudio64.exe <br/>15:28:13.0281 37680 XAudioService - ok <br/>15:28:13.0302 37680 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys <br/>15:28:13.0320 37680 yukonw7 - ok <br/>15:28:13.0338 37680 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 <br/>15:28:13.0478 37680 \Device\Harddisk0\DR0 - ok <br/>15:28:13.0507 37680 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1 <br/>15:28:13.0639 37680 \Device\Harddisk1\DR1 - ok <br/>15:28:13.0643 37680 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3 <br/>15:28:13.0757 37680 \Device\Harddisk3\DR3 - ok <br/>15:28:13.0760 37680 Boot (0x1200) (97d1d3eb07c285d3f8307df654960579) \Device\Harddisk0\DR0\Partition0 <br/>15:28:13.0763 37680 \Device\Harddisk0\DR0\Partition0 - ok <br/>15:28:13.0774 37680 Boot (0x1200) (7e6f9bda52a58a0f7568a81de5eb53e3) \Device\Harddisk1\DR1\Partition0 <br/>15:28:13.0776 37680 \Device\Harddisk1\DR1\Partition0 - ok <br/>15:28:13.0784 37680 Boot (0x1200) (f274501b2d81ac1a57a590676bc2e8ea) \Device\Harddisk3\DR3\Partition0 <br/>15:28:13.0789 37680 \Device\Harddisk3\DR3\Partition0 - ok <br/>15:28:13.0789 37680 ============================================================ <br/>15:28:13.0789 37680 Scan finished <br/>15:28:13.0789 37680 ============================================================ <br/>15:28:13.0796 32152 Detected object count: 1 <br/>15:28:13.0796 32152 Actual detected object count: 1 <br/>15:29:16.0052 32152 Polar Daemon ( UnsignedFile.Multi.Generic ) - skipped by user <br/>15:29:16.0052 32152 Polar Daemon ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, December 3, 2016, 4:44 PM (GMT +1)
There are a total of 61,158 posts in 13,448 threads.
In the last 3 days there were 2 new threads and 2 reply posts.

Who's online

This forum has 37,968 registered members. Please welcome our newest member, Old shape.
There are currently no users on-line.