Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus


  • This topic is locked This topic is locked
24 replies to this topic

#1 illidari

illidari

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 06 September 2012 - 11:00 AM

I am experiencing the google redirect virus. I am running windows 8 and the DDS report is not allowing me to run.

What should I do to get you guys the logs I need to get rid of this?

The redirect is in all browsers, including Chrome.

Edited by illidari, 06 September 2012 - 11:16 AM.


BC AdBot (Login to Remove)

 


#2 illidari

illidari
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 06 September 2012 - 11:15 AM

MalwareBytes, FSSlog, MiniToolbox, DxDiag logs attached.



If anything else I can do, please let me know. Again I am on Windows 8. Really want this thing gone.

Attached Files


Edited by illidari, 07 September 2012 - 08:34 AM.


#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,978 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:55 PM

Posted 09 September 2012 - 01:42 PM

Greetings illidari and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary. If you prefer I call you something other than your screen name I would be pleased to do so. :thumbup2:


===================================================


Ground Rules:

  • First, I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the Posted Image button but use the Posted Image button instead.
  • In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:

===================================================


Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided. In the meantime I would like you to do 2 things for me. First, try to run DDS in Safe Mode. Instructions for the second task are below.


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    Posted Image
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    Posted Image
  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • DDS.txt
  • Attach.txt
  • aswMBR

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 illidari

illidari
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 09 September 2012 - 07:32 PM

aswMBR crashes when it gets to windefend service.

I went in and disabled the real time protection of it and turned it off.

While coming here to write this message avast popped up with a message saying: (I disabled all the real time shields...how it find this?)

Rootkit Found detected SVC: WinDefend > C:\Program Files as a Rootkit: hidden service

It gives the option to delete it or ignore it. I left it up on the screen.

Also DDS doesn't run on Windows 8...any way to run it?

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,978 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:55 PM

Posted 09 September 2012 - 07:41 PM

Greetings illidari,

Let's do this first, see how it goes, then the results will determine our next steps.


===================================================


Run TDSSKiller by Kaspersky

--------------------

  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • If you desire you may print out and follow the instructions for performing a scan.
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.


    Posted Image

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found, will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.


    Posted Image

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!


    Posted Image

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

-- For any files detected as 'Suspicious' (except those identified as Forged to be cured after reboot) get a second opinion by submitting to Jotti's or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis. Please submit these results with your next reply


===================================================


Rerun aswBMR


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 illidari

illidari
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 09 September 2012 - 08:38 PM

21:34:39.0949 2328 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:34:40.0314 2328 ============================================================
21:34:40.0314 2328 Current date / time: 2012/09/09 21:34:40.0314
21:34:40.0314 2328 SystemInfo:
21:34:40.0314 2328
21:34:40.0314 2328 OS Version: 6.2.8400 ServicePack: 0.0
21:34:40.0314 2328 Product type: Workstation
21:34:40.0314 2328 ComputerName: HOLGERFINDLI-PC
21:34:40.0315 2328 UserName: Holger Findling
21:34:40.0315 2328 Windows directory: C:\WINDOWS
21:34:40.0315 2328 System windows directory: C:\WINDOWS
21:34:40.0315 2328 Running under WOW64
21:34:40.0315 2328 Processor architecture: Intel x64
21:34:40.0315 2328 Number of processors: 2
21:34:40.0315 2328 Page size: 0x1000
21:34:40.0315 2328 Boot type: Normal boot
21:34:40.0315 2328 ============================================================
21:34:40.0936 2328 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:34:40.0982 2328 ============================================================
21:34:40.0982 2328 \Device\Harddisk0\DR0:
21:34:40.0982 2328 MBR partitions:
21:34:40.0982 2328 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1E00000
21:34:40.0982 2328 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E14000, BlocksNum 0x55731800
21:34:40.0982 2328 ============================================================
21:34:41.0002 2328 C: <-> \Device\Harddisk0\DR0\Partition2
21:34:41.0031 2328 D: <-> \Device\Harddisk0\DR0\Partition1
21:34:41.0031 2328 ============================================================
21:34:41.0032 2328 Initialize success
21:34:41.0032 2328 ============================================================
21:34:45.0640 5816 ============================================================
21:34:45.0640 5816 Scan started
21:34:45.0640 5816 Mode: Manual;
21:34:45.0640 5816 ============================================================
21:34:47.0645 5816 ================ Scan system memory ========================
21:34:47.0646 5816 System memory - ok
21:34:47.0648 5816 ================ Scan services =============================
21:34:47.0836 5816 [ 424D2E3CDA29388246EA3810E1026FB0 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
21:34:47.0839 5816 1394ohci - ok
21:34:47.0852 5816 [ 7B79456B871FC7F28F9DA922CFAE98CB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
21:34:47.0854 5816 3ware - ok
21:34:47.0877 5816 [ D8F80A6E875DE8C41B74BEBED1399D5E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
21:34:47.0883 5816 ACPI - ok
21:34:47.0901 5816 [ 978B3F407F1C1424BC82B8AA0544E9E7 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
21:34:47.0903 5816 acpiex - ok
21:34:47.0917 5816 [ 01277516487C88A95A79002A50CA7E48 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
21:34:47.0918 5816 acpipagr - ok
21:34:47.0929 5816 [ 36329F44A31A37DE2449EDC710790DB3 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
21:34:47.0930 5816 AcpiPmi - ok
21:34:47.0941 5816 [ CFB99BC025810C7AFEE564F4C649B202 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
21:34:47.0942 5816 acpitime - ok
21:34:47.0976 5816 [ 0EC911D24F14C969E980E92E4371464D ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
21:34:47.0978 5816 acsock - ok
21:34:48.0039 5816 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
21:34:48.0041 5816 Adobe LM Service - ok
21:34:48.0116 5816 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:34:48.0151 5816 AdobeFlashPlayerUpdateSvc - ok
21:34:48.0171 5816 [ C6FBBBCCDE1F3C031AC52D1B97245C81 ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
21:34:48.0181 5816 adp94xx - ok
21:34:48.0212 5816 [ BD3F2A18BD08681DF31D94A57332347C ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
21:34:48.0216 5816 adpahci - ok
21:34:48.0238 5816 [ D398171FEDE1220F422D2E7F46E27C11 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
21:34:48.0240 5816 adpu320 - ok
21:34:48.0276 5816 [ 9BE954A4AB7D7C501E8D7BDE81840051 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
21:34:48.0278 5816 AeLookupSvc - ok
21:34:48.0312 5816 [ 0D7A11395C0A33D9E7587CDB9866EFAD ] AERTFilters C:\WINDOWS\system32\AERTSr64.exe
21:34:48.0314 5816 AERTFilters - ok
21:34:48.0333 5816 [ F4CA34A46AF9570A265FD37B5C944EFD ] AFD C:\WINDOWS\system32\drivers\afd.sys
21:34:48.0340 5816 AFD - ok
21:34:48.0361 5816 [ D509C96C9538D506D8787736A2DB873B ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
21:34:48.0363 5816 agp440 - ok
21:34:48.0372 5816 AirPrint - ok
21:34:48.0394 5816 [ 9EF416EC99E3389D1199D47DA23A6C93 ] ALG C:\WINDOWS\System32\alg.exe
21:34:48.0396 5816 ALG - ok
21:34:48.0442 5816 [ BF4AB6D7A41B1045CA94C3A2BF626272 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
21:34:48.0444 5816 AllUserInstallAgent - ok
21:34:48.0499 5816 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
21:34:48.0502 5816 AMD External Events Utility - ok
21:34:48.0514 5816 [ EDC45B6334593C480CA347F4A8E5E8AA ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
21:34:48.0516 5816 AmdK8 - ok
21:34:48.0616 5816 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
21:34:48.0714 5816 amdkmdag - ok
21:34:48.0735 5816 [ E72CD381DD8C597F27B7CE9833E377EE ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
21:34:48.0739 5816 amdkmdap - ok
21:34:48.0749 5816 [ 5F2F0512736B256115E1A40EF5ED4496 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
21:34:48.0751 5816 AmdPPM - ok
21:34:48.0758 5816 [ C49B013605D8590B998F2A878B4A125C ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
21:34:48.0760 5816 amdsata - ok
21:34:48.0776 5816 [ 38C327328C81B9D04966A2E494D2280F ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
21:34:48.0779 5816 amdsbs - ok
21:34:48.0798 5816 [ AADB4A4A3907D99B9AD74F428C678202 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
21:34:48.0799 5816 amdxata - ok
21:34:48.0856 5816 [ 55CCFDD4267E6BF498FE6352B9CA15A5 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
21:34:48.0858 5816 AppHostSvc - ok
21:34:48.0875 5816 [ 88F89541568AB7AD921ADB49C988CC49 ] AppID C:\WINDOWS\system32\drivers\appid.sys
21:34:48.0877 5816 AppID - ok
21:34:48.0921 5816 [ CB97FCA3E1BA7B0B73E5FAC04BAB1EED ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
21:34:48.0922 5816 AppIDSvc - ok
21:34:48.0934 5816 [ 7A0B515FB396B44AC67319C170E2C0A2 ] Appinfo C:\WINDOWS\System32\appinfo.dll
21:34:48.0936 5816 Appinfo - ok
21:34:49.0006 5816 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:34:49.0008 5816 Apple Mobile Device - ok
21:34:49.0021 5816 [ 225A2BB928A0665652235B78579F27C1 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:34:49.0024 5816 AppMgmt - ok
21:34:49.0036 5816 [ E429E5EDDEAEF9112EFEE409921C41C9 ] arc C:\WINDOWS\system32\drivers\arc.sys
21:34:49.0039 5816 arc - ok
21:34:49.0053 5816 [ CAAE1F05E3E806A0968D2EA0DFAC881C ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
21:34:49.0055 5816 arcsas - ok
21:34:49.0193 5816 [ B3FC1E4760175CC9D0DEFF38AEF96E99 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:34:49.0208 5816 aspnet_state - ok
21:34:49.0228 5816 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
21:34:49.0228 5816 aswFsBlk - ok
21:34:49.0286 5816 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:34:49.0287 5816 aswMonFlt - ok
21:34:49.0326 5816 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\WINDOWS\System32\Drivers\aswrdr2.sys
21:34:49.0327 5816 aswRdr - ok
21:34:49.0352 5816 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
21:34:49.0364 5816 aswSnx - ok
21:34:49.0379 5816 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
21:34:49.0384 5816 aswSP - ok
21:34:49.0400 5816 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
21:34:49.0403 5816 aswTdi - ok
21:34:49.0428 5816 [ 49A4A38F0EDF5DA56E6BC89A3FECFB94 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:34:49.0430 5816 AsyncMac - ok
21:34:49.0458 5816 [ B9DE09BE24B7FE5B111E93F7BBE40011 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
21:34:49.0458 5816 atapi - ok
21:34:49.0570 5816 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
21:34:49.0598 5816 atikmdag - ok
21:34:49.0627 5816 [ F479CA747B44D18D6C196DAA32A931BE ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:34:49.0629 5816 AudioEndpointBuilder - ok
21:34:49.0648 5816 [ EC02C140CDA35E3E168AAC675293FA91 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
21:34:49.0656 5816 Audiosrv - ok
21:34:49.0740 5816 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:34:49.0742 5816 avast! Antivirus - ok
21:34:49.0753 5816 [ 25FDDBDC2D196578B8DD444225D1DB25 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
21:34:49.0755 5816 AxInstSV - ok
21:34:49.0783 5816 [ 1A80F2A2D952A5D21CCFE918ADEE98CF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
21:34:49.0790 5816 b06bdrv - ok
21:34:49.0816 5816 [ FF228C3673F94BF49375AA9114BB1D9B ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:34:49.0817 5816 BasicDisplay - ok
21:34:49.0849 5816 [ F2F2DAB5DF2C69F80F10F33DA2AF7E7F ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
21:34:49.0851 5816 BasicRender - ok
21:34:49.0905 5816 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
21:34:49.0908 5816 BBSvc - ok
21:34:49.0955 5816 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
21:34:49.0959 5816 BBUpdate - ok
21:34:49.0975 5816 [ CF71FFA325205BA1A40D1A889492D1FB ] BDESVC C:\WINDOWS\System32\bdesvc.dll
21:34:49.0978 5816 BDESVC - ok
21:34:49.0987 5816 [ 82E8914EB47C8B292212558BF1D4B152 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:34:49.0989 5816 Beep - ok
21:34:50.0014 5816 [ E21539EDA45E10224908E99C5FA93040 ] BFE C:\WINDOWS\System32\bfe.dll
21:34:50.0023 5816 BFE - ok
21:34:50.0077 5816 [ 32D9CB7D343D4A3FA889E3C3B8451C19 ] BITS C:\WINDOWS\System32\qmgr.dll
21:34:50.0255 5816 BITS - ok
21:34:50.0306 5816 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:34:50.0312 5816 Bonjour Service - ok
21:34:50.0329 5816 [ E27035197D26256CD4ACFE0DD0C81710 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
21:34:50.0331 5816 bowser - ok
21:34:50.0358 5816 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\WINDOWS\System32\drivers\BrFiltLo.sys
21:34:50.0359 5816 BrFiltLo - ok
21:34:50.0378 5816 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\WINDOWS\System32\drivers\BrFiltUp.sys
21:34:50.0379 5816 BrFiltUp - ok
21:34:50.0396 5816 [ 3B63D4565C2AD843E7A429F8CD873FEE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:34:50.0398 5816 BrokerInfrastructure - ok
21:34:50.0406 5816 [ 0275E8283FDC4620417862CC24E86227 ] Browser C:\WINDOWS\System32\browser.dll
21:34:50.0408 5816 Browser - ok
21:34:50.0443 5816 [ 4882F0042EE18681D26294535DE4E1BD ] Brserid C:\WINDOWS\System32\Drivers\Brserid.sys
21:34:50.0446 5816 Brserid - ok
21:34:50.0481 5816 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\WINDOWS\System32\Drivers\BrSerWdm.sys
21:34:50.0482 5816 BrSerWdm - ok
21:34:50.0494 5816 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
21:34:50.0496 5816 BrUsbMdm - ok
21:34:50.0510 5816 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\WINDOWS\System32\Drivers\BrUsbSer.sys
21:34:50.0512 5816 BrUsbSer - ok
21:34:50.0533 5816 [ C4BD406449430268D01C050B0E67F8E2 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:34:50.0534 5816 BthAvrcpTg - ok
21:34:50.0556 5816 [ 44B4E5E55D3BDB5BA270CAB1476617EF ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
21:34:50.0557 5816 BthHFEnum - ok
21:34:50.0586 5816 [ 539666583307C360DEB4408B05404BF4 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
21:34:50.0587 5816 bthhfhid - ok
21:34:50.0607 5816 [ 8BB9203910F0392381C8D0D01CAD0614 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
21:34:50.0609 5816 BTHMODEM - ok
21:34:50.0645 5816 [ 67240832EC4020F2CFBD1D7DFF66219C ] bthserv C:\WINDOWS\system32\bthserv.dll
21:34:50.0647 5816 bthserv - ok
21:34:50.0708 5816 [ C73EB036BFC5A27B9CB87B29F7ED88C3 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:34:50.0718 5816 btwdins - ok
21:34:50.0746 5816 [ 116FA1F2CAC1770FB635AEECCC5CF6B0 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
21:34:50.0747 5816 BTWUSB - ok
21:34:50.0772 5816 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
21:34:50.0774 5816 BVRPMPR5a64 - ok
21:34:50.0804 5816 [ D1CDEE76BEFA08384F430FA8443D74A1 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:34:50.0806 5816 cdfs - ok
21:34:50.0818 5816 [ C00764D61B8F47DAF236AA7E82F40666 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
21:34:50.0821 5816 cdrom - ok
21:34:50.0836 5816 [ DB8B763E355B7DB58D1FB46D79651E9D ] CertPropSvc C:\WINDOWS\System32\certprop.dll
21:34:50.0839 5816 CertPropSvc - ok
21:34:50.0866 5816 [ F46B4C6124DCC59A31D84A986637D3C3 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
21:34:50.0893 5816 circlass - ok
21:34:50.0916 5816 [ 98081B1DD9F3E128D7FE0D1FA9EB65CF ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
21:34:50.0922 5816 CLFS - ok
21:34:50.0958 5816 [ FBC6D71EB64CEF8206F6CAF28D7AE51B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
21:34:50.0959 5816 CmBatt - ok
21:34:51.0000 5816 [ 8C7E72C99442912B0421BE6F4452C361 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
21:34:51.0008 5816 CNG - ok
21:34:51.0020 5816 [ 2A57EB9ECCF891216479696C0261732A ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
21:34:51.0022 5816 CompositeBus - ok
21:34:51.0029 5816 COMSysApp - ok
21:34:51.0042 5816 [ 33D30F282A361E24277A3F5814206B44 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
21:34:51.0043 5816 condrv - ok
21:34:51.0059 5816 [ DBF4E9F328B3C253B86B53462DB21190 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
21:34:51.0060 5816 CryptSvc - ok
21:34:51.0077 5816 [ 11C7397FFF45A10F4BCBA284486FB385 ] CSC C:\WINDOWS\system32\drivers\csc.sys
21:34:51.0083 5816 CSC - ok
21:34:51.0135 5816 [ 3510236ACD1A1AF57780D116B174AEE6 ] CscService C:\WINDOWS\System32\cscsvc.dll
21:34:51.0145 5816 CscService - ok
21:34:51.0162 5816 [ A279F1FA2A73E0842EB1D46FB8057925 ] dam C:\WINDOWS\system32\drivers\dam.sys
21:34:51.0164 5816 dam - ok
21:34:51.0215 5816 [ 958EF96991ABCCFDAC0953C4A24081DC ] DAZContentManagementService C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
21:34:51.0216 5816 DAZContentManagementService - ok
21:34:51.0269 5816 [ 6446876DDE28C69B344FCB0C15D8604E ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:34:51.0279 5816 DcomLaunch - ok
21:34:51.0307 5816 [ 599EF8503C20AD7BA2A0B800A6A53643 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
21:34:51.0312 5816 defragsvc - ok
21:34:51.0328 5816 [ 8DA891C72B190CCAFDD6586FC419DEF0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:34:51.0333 5816 DeviceAssociationService - ok
21:34:51.0371 5816 [ D5609A195EA599793228EACDDAB1574B ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
21:34:51.0375 5816 DeviceInstall - ok
21:34:51.0392 5816 [ C38276884CAAF8A28CFCD0385B4FE9AB ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
21:34:51.0394 5816 Dfsc - ok
21:34:51.0441 5816 [ 0E4E24976DD1E0F83C038EC2950711BD ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
21:34:51.0447 5816 Dhcp - ok
21:34:51.0459 5816 [ F269915E61BEC9FD87DE7AE9E388D53D ] discache C:\WINDOWS\system32\drivers\discache.sys
21:34:51.0461 5816 discache - ok
21:34:51.0476 5816 [ DB8278E7C60F459AAEF6F6BB8D4EC8C8 ] disk C:\WINDOWS\system32\drivers\disk.sys
21:34:51.0478 5816 disk - ok
21:34:51.0485 5816 [ F274A95E59CEA5111C31F3489BC0B996 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
21:34:51.0486 5816 dmvsc - ok
21:34:51.0506 5816 [ CE209F9BD5F406FA630A9882394A6D73 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:34:51.0509 5816 Dnscache - ok
21:34:51.0743 5816 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
21:34:51.0746 5816 DockLoginService - ok
21:34:51.0767 5816 [ 3EEAE9E753EBD26FFA8D39F286026FD6 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
21:34:51.0771 5816 dot3svc - ok
21:34:51.0784 5816 [ F461BF486F8940A5504ED2B2A1457691 ] DPS C:\WINDOWS\system32\dps.dll
21:34:51.0788 5816 DPS - ok
21:34:51.0825 5816 [ DFEEBB402C810C4E4029846E5FACE242 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:34:51.0826 5816 drmkaud - ok
21:34:51.0868 5816 [ A34A8EA4B9F1E7FACD140F77D6FCDBA0 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
21:34:51.0872 5816 DsmSvc - ok
21:34:51.0907 5816 [ 3C31CA9F07783D17805D9697ECF86EC6 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:34:51.0934 5816 DXGKrnl - ok
21:34:51.0954 5816 [ C2B2102094D349F6793DDBA0CC96A00E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
21:34:51.0957 5816 Eaphost - ok
21:34:52.0044 5816 [ 9BFEA2D54E9E05473B65F4A5D165BA94 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
21:34:52.0101 5816 ebdrv - ok
21:34:52.0116 5816 [ 6DBD56C7117F98D56C8880614FE765B7 ] EFS C:\WINDOWS\System32\lsass.exe
21:34:52.0119 5816 EFS - ok
21:34:52.0143 5816 [ ADB83713B9B2A87671AE85C4E04DD459 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
21:34:52.0145 5816 EhStorClass - ok
21:34:52.0166 5816 [ B87844ABF349EF991356E06F1404B6B3 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:34:52.0168 5816 EhStorTcgDrv - ok
21:34:52.0184 5816 [ B7BA03FE7576E3B6D6A88C1976BD32F5 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
21:34:52.0185 5816 ErrDev - ok
21:34:52.0221 5816 [ 3EB2D4B286B191C04D858999FC2D5E4B ] EventSystem C:\WINDOWS\system32\es.dll
21:34:52.0228 5816 EventSystem - ok
21:34:52.0248 5816 [ AD498A7AFDBA687139145DF54C354723 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
21:34:52.0251 5816 exfat - ok
21:34:52.0273 5816 [ B26C50A42BA5AA0B618228B01EA5C251 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
21:34:52.0276 5816 fastfat - ok
21:34:52.0326 5816 [ 042874B5EB6983E76BD2D5F5FEF63874 ] Fax C:\WINDOWS\system32\fxssvc.exe
21:34:52.0338 5816 Fax - ok
21:34:52.0376 5816 [ 6D1440F76976C41917E5778A0A1DBB1C ] fdc C:\WINDOWS\System32\drivers\fdc.sys
21:34:52.0377 5816 fdc - ok
21:34:52.0411 5816 [ 719E865C1C29B3C21C4A672A3CEC1024 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
21:34:52.0413 5816 fdPHost - ok
21:34:52.0427 5816 [ DA71950CAAF4C19CDC0B85E3BD350430 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
21:34:52.0430 5816 FDResPub - ok
21:34:52.0445 5816 [ 573B1E0C9DBBFA5017632EA3839356A3 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
21:34:52.0448 5816 fhsvc - ok
21:34:52.0465 5816 [ BEEA545AF75940119D2D75EB67BD5092 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
21:34:52.0467 5816 FileInfo - ok
21:34:52.0482 5816 [ 2B06050B6741F516718EA0999D65D19A ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
21:34:52.0484 5816 Filetrace - ok
21:34:52.0506 5816 [ 54EAD64A1701673858973D35F90C99E7 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
21:34:52.0508 5816 flpydisk - ok
21:34:52.0540 5816 [ 063C1D7FD55ADD7A2033898F2982C573 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:34:52.0546 5816 FltMgr - ok
21:34:52.0583 5816 [ 54740179CA5CD46B624F25067C2D779C ] FontCache C:\WINDOWS\system32\FntCache.dll
21:34:52.0607 5816 FontCache - ok
21:34:52.0662 5816 [ E45958C0F94B657FF28AE3948E112E86 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:34:52.0664 5816 FontCache3.0.0.0 - ok
21:34:52.0671 5816 [ 07EFF859A468CDA994386EF95E1FDD61 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
21:34:52.0672 5816 FsDepends - ok
21:34:52.0705 5816 [ E753BD52E3E36146B5FE402BFDF62302 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:34:52.0706 5816 Fs_Rec - ok
21:34:52.0798 5816 [ F5705A48AC81842BB6C1689E365C2AF4 ] fussvc C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
21:34:52.0802 5816 fussvc - ok
21:34:52.0822 5816 [ 2DBD4EA900E922613D685162EB0A7F9A ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:34:52.0827 5816 fvevol - ok
21:34:52.0847 5816 [ 50DAAB9AB31D770E010E62390B524169 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
21:34:52.0848 5816 FxPPM - ok
21:34:52.0861 5816 [ D0A13530B3168EB704D0717BC6D1F39B ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
21:34:52.0863 5816 gagp30kx - ok
21:34:52.0899 5816 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:34:52.0900 5816 GEARAspiWDM - ok
21:34:52.0924 5816 [ 5B73B002330F8EC7D154ECF49BEF9C2F ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
21:34:52.0951 5816 gencounter - ok
21:34:53.0011 5816 [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
21:34:53.0050 5816 GoToAssist - ok
21:34:53.0085 5816 [ DC25DE2BEF13842230A1FA36F3D25D40 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:34:53.0117 5816 GPIOClx0101 - ok
21:34:53.0174 5816 [ EC331AE332E88CBC2BCFAED5F1866FD5 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
21:34:53.0200 5816 gpsvc - ok
21:34:53.0268 5816 [ 721CE1551F8198714F3CABFE2147939B ] Gun C:\Game\SoftnyxGame\GunBoundIS\Gun64.sys
21:34:53.0271 5816 Gun - ok
21:34:53.0307 5816 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
21:34:53.0309 5816 hamachi - ok
21:34:53.0395 5816 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
21:34:53.0439 5816 Hamachi2Svc - ok
21:34:53.0480 5816 [ ED7EED62597BCD9F6B72740178382253 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
21:34:53.0485 5816 HdAudAddService - ok
21:34:53.0501 5816 [ 6EFA99D7979F19566A40D8846CF6AC8D ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
21:34:53.0503 5816 HDAudBus - ok
21:34:53.0519 5816 [ 2351C5B00B8418B469434E2895B96B0B ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
21:34:53.0520 5816 HidBatt - ok
21:34:53.0538 5816 [ 4EDD4B76C1EAD49C87B64EBE56FB2EBD ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
21:34:53.0540 5816 HidBth - ok
21:34:53.0565 5816 [ 9F9698B36E342B8BCF89175C42439A94 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
21:34:53.0567 5816 hidi2c - ok
21:34:53.0574 5816 [ 69C4FCA1ECCA441683A2CC12C40A5545 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
21:34:53.0575 5816 HidIr - ok
21:34:53.0595 5816 [ 288FB363911D46D8C4D63F60F91936F0 ] hidserv C:\WINDOWS\system32\hidserv.dll
21:34:53.0597 5816 hidserv - ok
21:34:53.0613 5816 [ DA2261E06585E5B486951C1534CFFCA7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
21:34:53.0614 5816 HidUsb - ok
21:34:53.0657 5816 [ 0926C3B5CBF64C88F432FF449B211807 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
21:34:53.0659 5816 HitmanProScheduler - ok
21:34:53.0694 5816 [ 53D9E66C713F50F52E40C2D3CD3C2303 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
21:34:53.0698 5816 hkmsvc - ok
21:34:53.0734 5816 [ 7E2C90480EF29DA772C8AF38AA7560A3 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:34:53.0738 5816 HomeGroupListener - ok
21:34:53.0784 5816 [ 774EABB98EF1244EFDE60330C40F06DD ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:34:53.0791 5816 HomeGroupProvider - ok
21:34:53.0814 5816 [ 9262834A216C8A7B6A36CC2B0E3F9F98 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
21:34:53.0816 5816 HpSAMD - ok
21:34:53.0847 5816 [ 52F7C34DA051FD8AF00E8949ED09BE8F ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
21:34:53.0858 5816 HTTP - ok
21:34:53.0892 5816 [ 0D9C2862E4F76A3C505767F0C4D51D18 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
21:34:53.0894 5816 hwpolicy - ok
21:34:53.0903 5816 [ 34F1F053C9CFDE33C802E30B9FFF2C6E ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
21:34:53.0904 5816 hyperkbd - ok
21:34:53.0921 5816 [ 3A3ADA2EE3FAC2A766B5B899B7DF25C9 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
21:34:53.0923 5816 HyperVideo - ok
21:34:53.0944 5816 [ 8BFDC55618DA43180234D4BFAACB9960 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
21:34:53.0946 5816 i8042prt - ok
21:34:53.0969 5816 [ 3F8EA41490B72D28EA3CAFE00C44E00E ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
21:34:53.0975 5816 iaStorV - ok
21:34:53.0986 5816 [ 773E6FE440900C26BD4947CD6491A1C2 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
21:34:53.0987 5816 iirsp - ok
21:34:54.0030 5816 [ E1647CC48642739E86589313F4056AA1 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
21:34:54.0056 5816 IKEEXT - ok
21:34:54.0102 5816 [ 0DD17D4B59D0EC40E3C86A505BB0B6DD ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:34:54.0128 5816 IntcAzAudAddService - ok
21:34:54.0142 5816 [ 23E5AC193FC6079F148DB00FB9F1E856 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
21:34:54.0144 5816 intelide - ok
21:34:54.0174 5816 [ CF7F47434D80BC3C17BE002675904297 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
21:34:54.0176 5816 intelppm - ok
21:34:54.0201 5816 [ 184D23148A89148FED79D46647706147 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:34:54.0203 5816 IpFilterDriver - ok
21:34:54.0246 5816 [ C5F5BE9161BAA4C777630B1149715E95 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
21:34:54.0258 5816 iphlpsvc - ok
21:34:54.0284 5816 [ EACEFC102555501B37824FA430F45252 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:34:54.0286 5816 IPMIDRV - ok
21:34:54.0304 5816 [ E561C19F0F4A451EF40BFE1DED2EA4C0 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
21:34:54.0307 5816 IPNAT - ok
21:34:54.0387 5816 [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:34:54.0401 5816 iPod Service - ok
21:34:54.0414 5816 [ EEDADE0EA3D9636BE6676D8E6A90264C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
21:34:54.0416 5816 IRENUM - ok
21:34:54.0431 5816 [ 6098F936E315ACC053A18FE482EC0A60 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
21:34:54.0432 5816 isapnp - ok
21:34:54.0454 5816 [ 86D2EBA1501E7C8D2CF1250972A9132F ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
21:34:54.0457 5816 iScsiPrt - ok
21:34:54.0475 5816 [ E18D1A5E1514E699019747344C48B786 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
21:34:54.0477 5816 kbdclass - ok
21:34:54.0485 5816 [ D2D99CEC0B58405FD4F0E560D33CCD6E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
21:34:54.0486 5816 kbdhid - ok
21:34:54.0497 5816 [ 81D262CA5A8C8A3D529579CAB3E790BA ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
21:34:54.0498 5816 kdnic - ok
21:34:54.0520 5816 [ 6DBD56C7117F98D56C8880614FE765B7 ] KeyIso C:\WINDOWS\system32\lsass.exe
21:34:54.0521 5816 KeyIso - ok
21:34:54.0531 5816 [ BF07E34596039A56C4E382B16379C915 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
21:34:54.0533 5816 KSecDD - ok
21:34:54.0545 5816 [ EC7E8BA4047DEBE8BBB4F387DECDAF0E ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:34:54.0547 5816 KSecPkg - ok
21:34:54.0556 5816 [ 96C82EED9DFBAC84788C5A5BC1C8F97E ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
21:34:54.0557 5816 ksthunk - ok
21:34:54.0584 5816 [ 6B9B96D711FA8AD43C4B4D415F12A5D0 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
21:34:54.0589 5816 KtmRm - ok
21:34:54.0613 5816 [ 6E2A5F67366818C9A79DD010F9E7F22B ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
21:34:54.0618 5816 LanmanServer - ok
21:34:54.0661 5816 [ F110DBAFE7C233CAB620163C54FE2A32 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:34:54.0665 5816 LanmanWorkstation - ok
21:34:54.0765 5816 [ 20CDB07017497C94A0BAD253C4BAFCBC ] LkCitadelServer C:\Windows\SysWOW64\lkcitdl.exe
21:34:54.0785 5816 LkCitadelServer - ok
21:34:54.0800 5816 [ 99121FD465F7A65AC15EEC3B4034C1E4 ] lkClassAds C:\Windows\SysWOW64\lkads.exe
21:34:54.0802 5816 lkClassAds - ok
21:34:54.0817 5816 [ 19C8D1B03A5229CBBE1037425701F55F ] lkTimeSync C:\Windows\SysWOW64\lktsrv.exe
21:34:54.0819 5816 lkTimeSync - ok
21:34:54.0829 5816 [ 58068B1479D210029E6DE7BD6FCF24C8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
21:34:54.0831 5816 lltdio - ok
21:34:54.0855 5816 [ 32DE699E264D65209823C8A63C2F734B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
21:34:54.0860 5816 lltdsvc - ok
21:34:54.0894 5816 [ C22DD22905925903E3CFFD7B73D9193B ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
21:34:54.0896 5816 lmhosts - ok
21:34:54.0920 5816 [ 8C70AE72C3D419025F3B82FA32731497 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
21:34:54.0923 5816 LSI_SAS - ok
21:34:54.0943 5816 [ 7A34B808436CA8C8C81CE059489B63C1 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
21:34:54.0946 5816 LSI_SAS2 - ok
21:34:54.0959 5816 [ DFB2AC00B95C723F66D11C69EDF13E73 ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
21:34:54.0962 5816 LSI_SCSI - ok
21:34:54.0978 5816 [ F32AA985036F2894E6F1AF9FD18AEDE1 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
21:34:54.0980 5816 LSI_SSS - ok
21:34:55.0012 5816 [ AEC53F42776DB9AF2B8760BC34FDFAAC ] LSM C:\WINDOWS\System32\lsm.dll
21:34:55.0019 5816 LSM - ok
21:34:55.0038 5816 [ CD8D01B46E7274653B417D865859206E ] luafv C:\WINDOWS\system32\drivers\luafv.sys
21:34:55.0041 5816 luafv - ok
21:34:55.0079 5816 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:34:55.0080 5816 MBAMProtector - ok
21:34:55.0205 5816 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:34:55.0213 5816 MBAMService - ok
21:34:55.0265 5816 [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
21:34:55.0270 5816 McciCMService - ok
21:34:55.0326 5816 [ 859E5A32485178DAECA06B52E2BB44B2 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
21:34:55.0333 5816 McciCMService64 - ok
21:34:55.0351 5816 [ 79CC6BB5F540B94A4994AA0750D7286C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
21:34:55.0352 5816 megasas - ok
21:34:55.0377 5816 [ 19B4F7782878EBD8AA02332661ECDA84 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
21:34:55.0382 5816 MegaSR - ok
21:34:55.0404 5816 [ 4DF499436B5FE579E3507BB6C16F413E ] MMCSS C:\WINDOWS\system32\mmcss.dll
21:34:55.0404 5816 MMCSS - ok
21:34:55.0414 5816 [ E980B3F44A8A57DFFEBDC9308BD155C3 ] Modem C:\WINDOWS\system32\drivers\modem.sys
21:34:55.0414 5816 Modem - ok
21:34:55.0461 5816 [ CA03CDBA0C9C755EF4D87282E7679A1E ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
21:34:55.0463 5816 monitor - ok
21:34:55.0478 5816 [ A06F83CB39D8EA3540BE701341D1C258 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
21:34:55.0480 5816 mouclass - ok
21:34:55.0492 5816 [ EDD3970FD9AEE00BE7490EB94F385714 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
21:34:55.0493 5816 mouhid - ok
21:34:55.0508 5816 [ EED20950D8271F7D870F58662E153D2B ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
21:34:55.0510 5816 mountmgr - ok
21:34:55.0553 5816 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:34:55.0555 5816 MozillaMaintenance - ok
21:34:55.0573 5816 [ 6FBE62F717ACE72EE7E9DC13138945DF ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
21:34:55.0576 5816 mpsdrv - ok
21:34:55.0607 5816 [ 668172CFEBBAFF968A4307D583016642 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
21:34:55.0619 5816 MpsSvc - ok
21:34:55.0655 5816 [ 288C4FA2496553B8572514ABB33B9A82 ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
21:34:55.0658 5816 MQAC - ok
21:34:55.0672 5816 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\Program Files (x86)\Common Files\Motive\MREMP50.sys
21:34:55.0673 5816 MREMP50 - ok
21:34:55.0690 5816 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\Program Files (x86)\Common Files\Motive\MRESP50.sys
21:34:55.0691 5816 MRESP50 - ok
21:34:55.0717 5816 [ 222E5FA7FF8698A90C722AC7B1483B39 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
21:34:55.0719 5816 MRxDAV - ok
21:34:55.0748 5816 [ 6DEB26CFDE1A35D405224E8B04798685 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:34:55.0754 5816 mrxsmb - ok
21:34:55.0770 5816 [ 44DBF8BF060C3F58D81D6DFA39F2E2C0 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:34:55.0775 5816 mrxsmb10 - ok
21:34:55.0788 5816 [ 3579AAA98F19DC88723F599C9A0039AA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:34:55.0792 5816 mrxsmb20 - ok
21:34:55.0813 5816 [ B1D89CD1DB23E70E6065AB5D1003D45F ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
21:34:55.0815 5816 MsBridge - ok
21:34:55.0832 5816 [ 0D9E3451244062BA58AA628FEF9685DF ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:34:55.0834 5816 MSDTC - ok
21:34:55.0861 5816 [ 04B8038921D181C3626F142EAB6A04E6 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:34:55.0862 5816 Msfs - ok
21:34:55.0882 5816 [ CA8B8CD89DD200D192A41EA0F7DA87B8 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:34:55.0883 5816 msgpiowin32 - ok
21:34:55.0905 5816 [ 990FBAF13C0538392A6B78915F4DED08 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:34:55.0907 5816 mshidkmdf - ok
21:34:55.0910 5816 [ 0A7F3780826A75D2A9A5B482D807FB1D ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
21:34:55.0912 5816 mshidumdf - ok
21:34:55.0921 5816 [ E909B66D9C1C036796FD90E35EA18740 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
21:34:55.0922 5816 msisadrv - ok
21:34:55.0941 5816 [ 4226FA58BE5297F85F554CA3349D7264 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
21:34:55.0944 5816 MSiSCSI - ok
21:34:55.0949 5816 msiserver - ok
21:34:55.0966 5816 [ 41476311375E6690E9BE66515B975DD5 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:34:55.0967 5816 MSKSSRV - ok
21:34:55.0990 5816 [ 3D797F2899279DB1C583535D74C1B655 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
21:34:55.0991 5816 MsLldp - ok
21:34:55.0999 5816 [ 84C79EF8A30D888C02ED6F9BCB758C4A ] MSMQ C:\WINDOWS\system32\mqsvc.exe
21:34:56.0001 5816 MSMQ - ok
21:34:56.0014 5816 [ 3D0236355DAAA02CD9CC1A443CA14E50 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:34:56.0015 5816 MSPCLOCK - ok
21:34:56.0028 5816 [ 2A85AD83C31AC7C4A6C3C412D5B05D85 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:34:56.0029 5816 MSPQM - ok
21:34:56.0049 5816 [ 6A0C0EF2D2EA692B9EBD879D4265DABC ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
21:34:56.0053 5816 MsRPC - ok
21:34:56.0068 5816 [ 236F25EEB53E88F40DB6776AFCC67B3F ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
21:34:56.0069 5816 mssmbios - ok
21:34:56.0156 5816 MSSQL$SQLEXPRESS - ok
21:34:56.0217 5816 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
21:34:56.0219 5816 MSSQLServerADHelper100 - ok
21:34:56.0243 5816 [ 9FEED052AB6A8A7BB425DD5847A763B5 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:34:56.0244 5816 MSTEE - ok
21:34:56.0260 5816 [ DF99265770198FCC0F9868686358FCA1 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
21:34:56.0261 5816 MTConfig - ok
21:34:56.0278 5816 [ 1CF51C64B5F22F3BD07859343C33B441 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
21:34:56.0280 5816 Mup - ok
21:34:56.0305 5816 [ CBDCEC3B3694DF008423CC25AD8C71F5 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
21:34:56.0308 5816 mvumis - ok
21:34:56.0352 5816 [ A0A0074587BE5FF2978614AF2057EF8A ] napagent C:\WINDOWS\system32\qagentRT.dll
21:34:56.0360 5816 napagent - ok
21:34:56.0378 5816 [ C838B96D20F0599BC8AF45605B15A79E ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:34:56.0383 5816 NativeWifiP - ok
21:34:56.0399 5816 [ F7C7267F2EF74697E2B5308680CE946A ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
21:34:56.0403 5816 NcaSvc - ok
21:34:56.0416 5816 [ 7B0E67B2BF09A3D02B79B89B192ECB50 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
21:34:56.0420 5816 NcdAutoSetup - ok
21:34:56.0441 5816 [ 628ACE8D6E74FA1420DB0F7A5BA64FB4 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
21:34:56.0451 5816 NDIS - ok
21:34:56.0467 5816 [ D533C8F7013C8D030D53AE8BF59AFC62 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
21:34:56.0468 5816 NdisCap - ok
21:34:56.0475 5816 [ 359DA0D2AF05FF003AFA2722B120F903 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
21:34:56.0477 5816 NdisImPlatform - ok
21:34:56.0499 5816 [ B248A91702A24330D7802CE1D22CE32C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:34:56.0500 5816 NdisTapi - ok
21:34:56.0525 5816 [ D5DCAC4914AF3B05D0727AB649EA094E ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:34:56.0527 5816 Ndisuio - ok
21:34:56.0548 5816 [ 903634F18D8415EA07ACB09619C450B2 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:34:56.0551 5816 NdisWan - ok
21:34:56.0555 5816 [ 903634F18D8415EA07ACB09619C450B2 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:34:56.0556 5816 NDISWANLEGACY - ok
21:34:56.0565 5816 [ F3F55C796D3FAE87CCCBE89EBBCB7AC2 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:34:56.0566 5816 NDProxy - ok
21:34:56.0576 5816 [ 2556F028465F17BC03E087A34412D3D4 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
21:34:56.0578 5816 Ndu - ok
21:34:56.0598 5816 [ 3C4964ED7EA88800C4A3544D2421811F ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:34:56.0600 5816 NetBIOS - ok
21:34:56.0613 5816 [ E0333733CE1DD939E02B3FE555983DE2 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:34:56.0617 5816 NetBT - ok
21:34:56.0625 5816 [ 6DBD56C7117F98D56C8880614FE765B7 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:34:56.0627 5816 Netlogon - ok
21:34:56.0644 5816 [ ECD8CD4AE023EDBDFA5155EBCF3959FC ] Netman C:\WINDOWS\System32\netman.dll
21:34:56.0648 5816 Netman - ok
21:34:56.0774 5816 [ 1B71A950C3A5CD06F57C6D8DDCE29ACA ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:56.0793 5816 NetMsmqActivator - ok
21:34:56.0799 5816 [ 1B71A950C3A5CD06F57C6D8DDCE29ACA ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:56.0801 5816 NetPipeActivator - ok
21:34:56.0835 5816 [ 2FBC1158E3DC0DDD08150895B298EE6E ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
21:34:56.0842 5816 netprofm - ok
21:34:56.0848 5816 [ 1B71A950C3A5CD06F57C6D8DDCE29ACA ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:56.0850 5816 NetTcpActivator - ok
21:34:56.0856 5816 [ 1B71A950C3A5CD06F57C6D8DDCE29ACA ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:56.0858 5816 NetTcpPortSharing - ok
21:34:56.0886 5816 [ 414C57DF5354BB20C8CE86420A846811 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
21:34:56.0888 5816 nfrd960 - ok
21:34:56.0960 5816 [ CEEFDE8FACE887D6DDA664940404EA58 ] NIDomainService C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
21:34:56.0965 5816 NIDomainService - ok
21:34:57.0031 5816 [ B17093B9A2C5F874975C732C1A8BA771 ] NILM License Manager C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
21:34:57.0045 5816 NILM License Manager - ok
21:34:57.0096 5816 niSvcLoc - ok
21:34:57.0117 5816 [ E712C67432A64FF2A010B749DEDE5A3D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
21:34:57.0123 5816 NlaSvc - ok
21:34:57.0133 5816 [ 2D5CCAE877D271FF41BEB5FDF87041E8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:34:57.0135 5816 Npfs - ok
21:34:57.0152 5816 [ D031EE874A5CD2EBD425AC571D69E2AC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
21:34:57.0153 5816 npsvctrig - ok
21:34:57.0169 5816 [ D7F3927F69871DFF58E89B7454BBC5CA ] nsi C:\WINDOWS\system32\nsisvc.dll
21:34:57.0172 5816 nsi - ok
21:34:57.0185 5816 [ 869B2D260DAE2AD694283FACC0517871 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
21:34:57.0187 5816 nsiproxy - ok
21:34:57.0232 5816 [ 4CDD1FE700E82E98531A71109F7CFB68 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:34:57.0267 5816 Ntfs - ok
21:34:57.0281 5816 [ 8602CE381794E406E07A1850FBCB2477 ] Null C:\WINDOWS\system32\drivers\Null.sys
21:34:57.0282 5816 Null - ok
21:34:57.0308 5816 [ 7A32C0B720442DD614824A4B1B0B572C ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
21:34:57.0311 5816 nvraid - ok
21:34:57.0326 5816 [ 7621F2B512341EF6517D5850444F8BCB ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
21:34:57.0329 5816 nvstor - ok
21:34:57.0341 5816 [ 0DBC08125C9C1203C7C0DF119D7C2DF1 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
21:34:57.0344 5816 nv_agp - ok
21:34:57.0466 5816 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:34:57.0466 5816 odserv - ok
21:34:57.0514 5816 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:34:57.0517 5816 ose - ok
21:34:57.0539 5816 [ D5686620E7B08769D49400854A033E30 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
21:34:57.0546 5816 p2pimsvc - ok
21:34:57.0565 5816 [ 588F5BAD1A3A0FB392856E88EF85827B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
21:34:57.0573 5816 p2psvc - ok
21:34:57.0597 5816 [ 4E5CA0CD39EC76A51AF57D646549C056 ] Parport C:\WINDOWS\System32\drivers\parport.sys
21:34:57.0599 5816 Parport - ok
21:34:57.0627 5816 [ 498BFA8F1C6F026DD0A3909E716F8D91 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
21:34:57.0629 5816 partmgr - ok
21:34:57.0648 5816 [ 4F6E448906EA03543BEB86C97DEEE1B8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
21:34:57.0655 5816 PcaSvc - ok
21:34:57.0668 5816 [ DC2098D455B7E7E2FF7E37F9A66673D0 ] pci C:\WINDOWS\system32\drivers\pci.sys
21:34:57.0672 5816 pci - ok
21:34:57.0690 5816 [ C54CE89FD3ADA68995B320FA5C6893DC ] pciide C:\WINDOWS\system32\drivers\pciide.sys
21:34:57.0692 5816 pciide - ok
21:34:57.0719 5816 [ E3503C9CEF24250EE6C98EA58857340D ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
21:34:57.0723 5816 pcmcia - ok
21:34:57.0748 5816 [ 69002AC581B53925875401B42C6009C4 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
21:34:57.0750 5816 pcw - ok
21:34:57.0787 5816 [ 6CC01CC88AF349BCBAB3B602323FFC24 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
21:34:57.0788 5816 pdc - ok
21:34:57.0814 5816 [ 9162384A7DE807163CE26A9D95E182E1 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
21:34:57.0824 5816 PEAUTH - ok
21:34:57.0879 5816 [ 6E6C2D87F49A7BE63C109880C94704BB ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
21:34:57.0917 5816 PeerDistSvc - ok
21:34:57.0960 5816 [ 129609B0CABE5458DD94C2DA8B99F1DC ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
21:34:57.0962 5816 PerfHost - ok
21:34:58.0005 5816 [ 4254241F0D3445573CF840802BD786BA ] pla C:\WINDOWS\system32\pla.dll
21:34:58.0031 5816 pla - ok
21:34:58.0063 5816 [ D5609A195EA599793228EACDDAB1574B ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
21:34:58.0066 5816 PlugPlay - ok
21:34:58.0081 5816 [ 78897C1A515262F5156E2D4FD593EC61 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
21:34:58.0083 5816 PNRPAutoReg - ok
21:34:58.0091 5816 [ D5686620E7B08769D49400854A033E30 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
21:34:58.0094 5816 PNRPsvc - ok
21:34:58.0113 5816 [ 5EB494F254363BB1C0F24CE1CFEFB6B6 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
21:34:58.0118 5816 PolicyAgent - ok
21:34:58.0131 5816 [ CAF5DFF32A27A61D2C5C36F6166CC768 ] Power C:\WINDOWS\system32\umpo.dll
21:34:58.0133 5816 Power - ok
21:34:58.0147 5816 [ 2BFC9A3F12E74756754102CA2F06323D ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:34:58.0149 5816 PptpMiniport - ok
21:34:58.0266 5816 [ CD44D63FB0777CEB614111AA590A527C ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:34:58.0318 5816 PrintNotify - ok
21:34:58.0341 5816 [ 708BE76C2817050AE8B9FB4BD189BDD7 ] Processor C:\WINDOWS\System32\drivers\processr.sys
21:34:58.0343 5816 Processor - ok
21:34:58.0370 5816 [ 102A02EA61F9ADE5A3D8B4FFF0BC8C85 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
21:34:58.0375 5816 ProfSvc - ok
21:34:58.0389 5816 [ 61426ACCE9D207D08B215AF74555C180 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
21:34:58.0392 5816 Psched - ok
21:34:58.0418 5816 [ 46851BC18322DA70F3F2299A1007C479 ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
21:34:58.0420 5816 PxHlpa64 - ok
21:34:58.0433 5816 [ C3F9A6BDD87DD87441C588D7C8DB7209 ] QWAVE C:\WINDOWS\system32\qwave.dll
21:34:58.0439 5816 QWAVE - ok
21:34:58.0457 5816 [ 32517A92B4C11C4443771F5158570121 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
21:34:58.0458 5816 QWAVEdrv - ok
21:34:58.0479 5816 [ 4E1EDE1ED3CC8CF98268E1BB3F406900 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:34:58.0481 5816 RasAcd - ok
21:34:58.0494 5816 [ 59E12E4FD80733E79CA070ECF9818153 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
21:34:58.0494 5816 RasAgileVpn - ok
21:34:58.0504 5816 [ E3374F796A60628110A2BD93B3C3611C ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:34:58.0504 5816 RasAuto - ok
21:34:58.0514 5816 [ 7D5B09EBE82DA0A0CFECF1558125A651 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:34:58.0514 5816 Rasl2tp - ok
21:34:58.0539 5816 [ 064C8D7402F72488DA52E5F34FDA3578 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:34:58.0545 5816 RasMan - ok
21:34:58.0562 5816 [ F43F03F650B9FA7FEFAA1F42A08EF9B7 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:34:58.0563 5816 RasPppoe - ok
21:34:58.0579 5816 [ BB6A240BFBFA55363645BD6A03F3BAB4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
21:34:58.0581 5816 RasSstp - ok
21:34:58.0648 5816 [ B694467B0325267C8EABF04A71D53D99 ] rcp_service C:\Program Files (x86)\ReaConverter 5.5 Pro\rcp_scheduler.exe
21:34:58.0655 5816 rcp_service - ok
21:34:58.0686 5816 [ E7675DE055A9ED41913B81605C013E7E ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:34:58.0692 5816 rdbss - ok
21:34:58.0704 5816 [ 25E8FEC1BA1353FE026D56D798DF8566 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
21:34:58.0706 5816 rdpbus - ok
21:34:58.0725 5816 [ FB86C8FA57CFAE86C3D2E613C65EB119 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
21:34:58.0727 5816 RDPDR - ok
21:34:58.0740 5816 [ 4EA20F29BB9B0C05AC3782138EA528C3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:34:58.0741 5816 RdpVideoMiniport - ok
21:34:58.0765 5816 [ A1A6CB11676A82CE2E9BFD476DBA0A13 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:34:58.0768 5816 RDPWD - ok
21:34:58.0790 5816 [ 35AF307B098C8C650774B449B433105E ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
21:34:58.0794 5816 rdyboost - ok
21:34:58.0812 5816 [ E10C86E9F43D74752703CFE0D0F4549F ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:34:58.0815 5816 RemoteAccess - ok
21:34:58.0834 5816 [ 2BE6400C94D299136EF407734090365A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:34:58.0838 5816 RemoteRegistry - ok
21:34:58.0851 5816 [ CE832C6E7A22204DD7E50302290B1596 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
21:34:58.0855 5816 RpcEptMapper - ok
21:34:58.0869 5816 [ A56F388A7362212F608BD0F8A1AF9EBC ] RpcLocator C:\WINDOWS\system32\locator.exe
21:34:58.0871 5816 RpcLocator - ok
21:34:58.0895 5816 [ 6446876DDE28C69B344FCB0C15D8604E ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:34:58.0900 5816 RpcSs - ok
21:34:58.0941 5816 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\WINDOWS\system32\DRIVERS\RsFx0103.sys
21:34:58.0945 5816 RsFx0103 - ok
21:34:58.0961 5816 [ 4E891FCCBC73641708DEC461B1F7682F ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
21:34:58.0963 5816 rspndr - ok
21:34:59.0009 5816 [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
21:34:59.0015 5816 RTL8168 - ok
21:34:59.0050 5816 [ 5532C4BF15173270757A75B46BAEB960 ] RtNdPt60 C:\WINDOWS\system32\DRIVERS\RtNdPt60.sys
21:34:59.0052 5816 RtNdPt60 - ok
21:34:59.0070 5816 [ CAF70FFF85E2275E4A50557F265A07CC ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
21:34:59.0072 5816 s3cap - ok
21:34:59.0098 5816 [ 6DBD56C7117F98D56C8880614FE765B7 ] SamSs C:\WINDOWS\system32\lsass.exe
21:34:59.0101 5816 SamSs - ok
21:34:59.0131 5816 [ 8D0F734E545FAE1247B7B968CDBE3764 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
21:34:59.0133 5816 sbp2port - ok
21:34:59.0162 5816 [ F1FA68AD9F8E73775268840D6377E073 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
21:34:59.0167 5816 SCardSvr - ok
21:34:59.0175 5816 [ 3EFA959348022CBFDBD20A8F400FD343 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:34:59.0176 5816 scfilter - ok
21:34:59.0210 5816 [ 0010C7890300581C7075CDA8030FCB1B ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:34:59.0235 5816 Schedule - ok
21:34:59.0269 5816 [ DB8B763E355B7DB58D1FB46D79651E9D ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
21:34:59.0270 5816 SCPolicySvc - ok
21:34:59.0290 5816 [ 0ECAF7FA2F75FFCDD06D5D0873827082 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
21:34:59.0293 5816 sdbus - ok
21:34:59.0321 5816 [ 862E879617ABDA0C6E18DD25EA2E0155 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
21:34:59.0325 5816 SDRSVC - ok
21:34:59.0346 5816 [ E809EEA9DAE44CA268E4BB681FF05496 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
21:34:59.0348 5816 sdstor - ok
21:34:59.0367 5816 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
21:34:59.0369 5816 secdrv - ok
21:34:59.0382 5816 [ 2C0971C8FCC21FCF936264EC9FABA0A1 ] seclogon C:\WINDOWS\system32\seclogon.dll
21:34:59.0385 5816 seclogon - ok
21:34:59.0396 5816 [ 0E3C6E1DB06BA31D3F222FDF593C0DB1 ] SENS C:\WINDOWS\System32\sens.dll
21:34:59.0399 5816 SENS - ok
21:34:59.0410 5816 [ F94A807B81554BB021C89E47BFAD6D9B ] SensorsSimulatorDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:34:59.0414 5816 SensorsSimulatorDriver - ok
21:34:59.0429 5816 [ 1CDCAAD324AEC5D242CE6BFB09F36CCF ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
21:34:59.0434 5816 SensrSvc - ok
21:34:59.0457 5816 [ 1F27D4B2623CB2A454A9499B697F0530 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
21:34:59.0459 5816 SerCx - ok
21:34:59.0472 5816 [ 87CF8C6B28E5E38D5A75D2565ABBC553 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
21:34:59.0473 5816 Serenum - ok
21:34:59.0485 5816 [ DC6C7A0C06E931ED2B6110CD68959E88 ] Serial C:\WINDOWS\System32\drivers\serial.sys
21:34:59.0487 5816 Serial - ok
21:34:59.0505 5816 [ 0F832063E0E9B0E9630898353B2EF493 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
21:34:59.0506 5816 sermouse - ok
21:34:59.0538 5816 [ CAC99A543AEEFC6812D2702E208BFD33 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
21:34:59.0548 5816 SessionEnv - ok
21:34:59.0573 5816 [ 72A51E9EC9268BFF0BA9DDB4B531ADD2 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
21:34:59.0575 5816 sfloppy - ok
21:34:59.0604 5816 [ DDFFC5428192CAA5ED213C16348D66E0 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:34:59.0610 5816 SharedAccess - ok
21:34:59.0631 5816 [ 0DD82221E2A0DF5C1D93A8F692982336 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:34:59.0640 5816 ShellHWDetection - ok
21:34:59.0647 5816 [ 5F13759AF83F8C2A023483B98BD149D2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:34:59.0649 5816 SiSRaid2 - ok
21:34:59.0668 5816 [ A84A68EE7ABEAA7EEC8DBCCAE83653F4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
21:34:59.0670 5816 SiSRaid4 - ok
21:34:59.0891 5816 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:34:59.0993 5816 Skype C2C Service - ok
21:35:00.0046 5816 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:35:00.0048 5816 SkypeUpdate - ok
21:35:00.0073 5816 [ 60D2545E33F997AA172BCA8AA7AADB66 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
21:35:00.0076 5816 SNMPTRAP - ok
21:35:00.0098 5816 [ A74023A2F13C7FFB06C0905C35C591FF ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
21:35:00.0102 5816 spaceport - ok
21:35:00.0130 5816 [ 753D7E3B5DF557CC28F668B599429EB4 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
21:35:00.0131 5816 SpbCx - ok
21:35:00.0166 5816 [ EDEA6AC00F36813E2E2D76C4D8483B59 ] Spooler C:\WINDOWS\System32\spoolsv.exe
21:35:00.0178 5816 Spooler - ok
21:35:00.0294 5816 [ 613EF10494F7BC394E0DB2D5CB3FEC74 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
21:35:00.0380 5816 sppsvc - ok
21:35:00.0522 5816 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
21:35:00.0527 5816 SQLAgent$SQLEXPRESS - ok
21:35:00.0599 5816 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
21:35:00.0603 5816 SQLBrowser - ok
21:35:00.0621 5816 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:35:00.0624 5816 SQLWriter - ok
21:35:00.0645 5816 [ 5F64CD5F5596533AB412374797D37CCE ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:35:00.0652 5816 srv - ok
21:35:00.0678 5816 [ 1812AAAD25E69DAB5D32D9F86451CED6 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
21:35:00.0685 5816 srv2 - ok
21:35:00.0699 5816 [ B8568C60F0D33DFF3F777ECF03AFFA34 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:35:00.0702 5816 srvnet - ok
21:35:00.0738 5816 [ 68C7AB6D3C8559F21CE5784BD506ED10 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:35:00.0743 5816 SSDPSRV - ok
21:35:00.0756 5816 [ 4ABEB207457928D38AA0CFCDD18D213D ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
21:35:00.0759 5816 SstpSvc - ok
21:35:00.0780 5816 Steam Client Service - ok
21:35:00.0795 5816 [ D0F597797C30A3F20ABFBF162E0D3DE5 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
21:35:00.0796 5816 stexstor - ok
21:35:00.0828 5816 [ B7A6523C9D7A3A2772CF7AA60D3713B0 ] stisvc C:\WINDOWS\System32\wiaservc.dll
21:35:00.0834 5816 stisvc - ok
21:35:00.0905 5816 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
21:35:00.0907 5816 stllssvr - ok
21:35:00.0928 5816 [ 5001ABA932F09DC5C0D81F9FE2BED46D ] storahci C:\WINDOWS\system32\drivers\storahci.sys
21:35:00.0930 5816 storahci - ok
21:35:00.0956 5816 [ 62CE69E46A9299E732029046418962AD ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
21:35:00.0958 5816 storflt - ok
21:35:00.0987 5816 [ 4FA5F3475E622EA066C3BE1AAEEEE80D ] StorSvc C:\WINDOWS\system32\storsvc.dll
21:35:00.0990 5816 StorSvc - ok
21:35:01.0013 5816 [ 20642E6F2A2C15A3574DA482A6E49A17 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
21:35:01.0014 5816 storvsc - ok
21:35:01.0028 5816 [ 0991345BE188885474235A2A46415D5A ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
21:35:01.0030 5816 storvsp - ok
21:35:01.0055 5816 [ 6F27DCCC39FD815799CD90DD1CF4DE2F ] svsvc C:\WINDOWS\system32\svsvc.dll
21:35:01.0059 5816 svsvc - ok
21:35:01.0072 5816 [ E124307E341A1A0CA658753FFF7FA210 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
21:35:01.0073 5816 swenum - ok
21:35:01.0095 5816 [ 721830CA750ECEBE0144C0D887528F6A ] swprv C:\WINDOWS\System32\swprv.dll
21:35:01.0104 5816 swprv - ok
21:35:01.0141 5816 [ 4251D18CCF5FC284CBAAE1F7534ED5FC ] SysMain C:\WINDOWS\system32\sysmain.dll
21:35:01.0167 5816 SysMain - ok
21:35:01.0187 5816 [ A931E972614B82ED8CCFA9AC71CDD843 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:35:01.0192 5816 SystemEventsBroker - ok
21:35:01.0206 5816 [ B466BD76D88F23906810BE50C7520A6B ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:35:01.0210 5816 TabletInputService - ok
21:35:01.0221 5816 [ 87FF3D4A92650D7FD55898BA436592AA ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:35:01.0228 5816 TapiSrv - ok
21:35:01.0270 5816 [ 8ABBE86638D9C36FB7565D09F0CC6210 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
21:35:01.0304 5816 Tcpip - ok
21:35:01.0345 5816 [ 8ABBE86638D9C36FB7565D09F0CC6210 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:35:01.0356 5816 TCPIP6 - ok
21:35:01.0370 5816 [ F3AD3ABAC540B2AE648DA19D56A5C909 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
21:35:01.0373 5816 tcpipreg - ok
21:35:01.0387 5816 [ 3921BBEC2E4345AE0AE93769B7514A43 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
21:35:01.0389 5816 tdx - ok
21:35:01.0466 5816 [ F7BE59881AEBE72722B0AB669EF23BB4 ] Te.Service C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
21:35:01.0468 5816 Te.Service - ok
21:35:01.0484 5816 [ D0D513580359A57846BE8C258FB80D17 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
21:35:01.0486 5816 terminpt - ok
21:35:01.0513 5816 [ 5267E446C26383C76975F5B8B51F385A ] TermService C:\WINDOWS\System32\termsrv.dll
21:35:01.0524 5816 TermService - ok
21:35:01.0541 5816 [ 7C7F7898FB7E68B0D58D481B3F9D069A ] Themes C:\WINDOWS\system32\themeservice.dll
21:35:01.0544 5816 Themes - ok
21:35:01.0582 5816 [ 4DF499436B5FE579E3507BB6C16F413E ] THREADORDER C:\WINDOWS\system32\mmcss.dll
21:35:01.0582 5816 THREADORDER - ok
21:35:01.0592 5816 [ 387D0271212C4387944349EE879D4434 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
21:35:01.0602 5816 TimeBroker - ok
21:35:01.0625 5816 [ 2082C0704124AC6E4AD8C66AA48EBD28 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
21:35:01.0629 5816 TPM - ok
21:35:01.0642 5816 [ 85AED67291600101C79DF4F12B770100 ] TrkWks C:\WINDOWS\System32\trkwks.dll
21:35:01.0647 5816 TrkWks - ok
21:35:01.0724 5816 [ 37DE81550EF915321D8284F2BB270401 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:35:01.0725 5816 TrustedInstaller - ok
21:35:01.0742 5816 [ 1F50DAEFD95376C42BA344AE833785E8 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
21:35:01.0744 5816 TsUsbFlt - ok
21:35:01.0767 5816 [ 9EB80A1002E83182EF1D18040CFC42EA ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:35:01.0768 5816 TsUsbGD - ok
21:35:01.0792 5816 [ 153B583683CA34CE2617CB5E9959E251 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
21:35:01.0795 5816 tunnel - ok
21:35:01.0822 5816 [ A6DDDF8E2FDA933B673C7E3A2A26E9CB ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
21:35:01.0824 5816 uagp35 - ok
21:35:01.0852 5816 [ FB77D346871D7169698B9986D7E77B45 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
21:35:01.0855 5816 UASPStor - ok
21:35:01.0868 5816 [ 4B55BF0C1CF814C8121A2FEFA98E9A68 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
21:35:01.0871 5816 UCX01000 - ok
21:35:01.0904 5816 [ EE3DDFE95156A156E63D1B038BB50EA0 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
21:35:01.0909 5816 udfs - ok
21:35:01.0926 5816 [ 92B6AB07DFE225D660E6E6FBA600C421 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
21:35:01.0929 5816 UI0Detect - ok
21:35:01.0967 5816 [ A1644BB66B95614CD6B62E49938FE60C ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
21:35:01.0970 5816 uliagpkx - ok
21:35:01.0993 5816 [ C1E848D4D3DCF65732E0520D452DEBD7 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
21:35:01.0995 5816 umbus - ok
21:35:02.0004 5816 [ 93D36B4342A21EB6F3652C73C4CD1B03 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
21:35:02.0006 5816 UmPass - ok
21:35:02.0020 5816 [ 1996F76A6D9836A95CF088F3FFE4811B ] UmRdpService C:\WINDOWS\System32\umrdp.dll
21:35:02.0026 5816 UmRdpService - ok
21:35:02.0052 5816 [ 644F026B0EA22033A094680D1B28A07B ] upnphost C:\WINDOWS\System32\upnphost.dll
21:35:02.0061 5816 upnphost - ok
21:35:02.0093 5816 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
21:35:02.0095 5816 USBAAPL64 - ok
21:35:02.0119 5816 [ 9A40F023B70A2FBDD2C199F2368074D4 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
21:35:02.0122 5816 usbccgp - ok
21:35:02.0130 5816 [ 71DC9F45C1654B86CA2042AF5BB5F7B8 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
21:35:02.0132 5816 usbcir - ok
21:35:02.0142 5816 [ 2D24FF183C1DFF4A26C6FDC24CAF7B1E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
21:35:02.0144 5816 usbehci - ok
21:35:02.0166 5816 [ F2FF1C1D1EAA1B41D9FA8417238CA1E7 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
21:35:02.0173 5816 usbhub - ok
21:35:02.0207 5816 [ C58259D5630F15ACD5E1E8E82D8CDA6D ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
21:35:02.0213 5816 USBHUB3 - ok
21:35:02.0229 5816 [ F0B350482E47DE67858DC1A91B018AB9 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
21:35:02.0231 5816 usbohci - ok
21:35:02.0257 5816 [ CEEDC863A497FB16B548E10D0DCA88C1 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
21:35:02.0258 5816 usbprint - ok
21:35:02.0303 5816 [ 20A93844F9235ACA6650C64F5E46D3BD ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:35:02.0305 5816 usbscan - ok
21:35:02.0315 5816 [ EF4D90C89404BEB9F808D950635B0501 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:35:02.0317 5816 USBSTOR - ok
21:35:02.0341 5816 [ 054D7ED11ADD925560FBEE4393A35D69 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
21:35:02.0342 5816 usbuhci - ok
21:35:02.0370 5816 [ DA62C7A6569B3E20828A9A67823D20DB ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:35:02.0375 5816 USBXHCI - ok
21:35:02.0395 5816 [ 6DBD56C7117F98D56C8880614FE765B7 ] VaultSvc C:\WINDOWS\system32\lsass.exe
21:35:02.0397 5816 VaultSvc - ok
21:35:02.0436 5816 [ B3FC2D5F35E05E12C28F786C140D1CBD ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
21:35:02.0438 5816 VBoxNetAdp - ok
21:35:02.0454 5816 [ 0A088BAECA2A818A621E37782B4EFC60 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
21:35:02.0455 5816 vdrvroot - ok
21:35:02.0480 5816 [ DF0FAB22FE38AFA6F6F7F34B090C4850 ] vds C:\WINDOWS\System32\vds.exe
21:35:02.0491 5816 vds - ok
21:35:02.0506 5816 [ CC11188DAA0B8E9E19282ADB89DE386A ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
21:35:02.0509 5816 VerifierExt - ok
21:35:02.0543 5816 [ 5807B5A111FCFC49C383D29A2D37B7B1 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
21:35:02.0550 5816 vhdmp - ok
21:35:02.0565 5816 [ CA5CD34A334A53D37E0A5FEC543E4C57 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
21:35:02.0566 5816 viaide - ok
21:35:02.0581 5816 [ CA8EC74B5E28D206D768B76B55C0A265 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
21:35:02.0584 5816 Vid - ok
21:35:02.0610 5816 [ F0823A29E8D16F1B82B2D7B5012F4757 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
21:35:02.0613 5816 vmbus - ok
21:35:02.0619 5816 [ E409AC6A96EFF97CD17F85AE6187C1EC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
21:35:02.0620 5816 VMBusHID - ok
21:35:02.0640 5816 [ EEF366C0B071CE5130B577C01B15B149 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
21:35:02.0640 5816 vmbusr - ok
21:35:02.0675 5816 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
21:35:02.0681 5816 vmicheartbeat - ok
21:35:02.0690 5816 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
21:35:02.0693 5816 vmickvpexchange - ok
21:35:02.0702 5816 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
21:35:02.0706 5816 vmicrdv - ok
21:35:02.0713 5816 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
21:35:02.0716 5816 vmicshutdown - ok
21:35:02.0722 5816 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
21:35:02.0725 5816 vmictimesync - ok
21:35:02.0731 5816 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
21:35:02.0733 5816 vmicvss - ok
21:35:02.0753 5816 [ 3170CD3F3F11E5E94F96CECDF60F5451 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
21:35:02.0754 5816 volmgr - ok
21:35:02.0820 5816 [ AC76F9623098F1796BDEAE77A636E7FA ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
21:35:02.0837 5816 volmgrx - ok
21:35:02.0860 5816 [ 90245509D137B8BC46CE50124FC5676E ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
21:35:02.0866 5816 volsnap - ok
21:35:02.0889 5816 [ D945112635500A7480D6E29D337FDB0A ] vpci C:\WINDOWS\System32\drivers\vpci.sys
21:35:02.0891 5816 vpci - ok
21:35:02.0898 5816 [ 67D60EB95576FCD6990E613E7D67976F ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
21:35:02.0899 5816 vpcivsp - ok
21:35:02.0940 5816 [ 8811748190D194EAE2E2155DA3E2B022 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
21:35:02.0946 5816 vpnagent - ok
21:35:02.0976 5816 [ D5FEAB0D1B669891C93B45EF2764B60A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
21:35:02.0979 5816 vsmraid - ok
21:35:03.0024 5816 [ A7A70547822B1E69B08B029D56C9CFA4 ] VSS C:\WINDOWS\system32\vssvc.exe
21:35:03.0059 5816 VSS - ok
21:35:03.0088 5816 [ 3AA3515C6AC9C30819EC7DD3C9C5127D ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
21:35:03.0093 5816 VSTXRAID - ok
21:35:03.0115 5816 [ 66381F29CBEC4DACBEB4044D522D2447 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
21:35:03.0116 5816 vwifibus - ok
21:35:03.0127 5816 [ 3EC6ADA626CE1BA312E0628AC802E4FA ] W32Time C:\WINDOWS\system32\w32time.dll
21:35:03.0133 5816 W32Time - ok
21:35:03.0213 5816 [ E39B91FCC8787403A2F087893F9C1E2F ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:35:03.0219 5816 W3SVC - ok
21:35:03.0226 5816 [ 7F7B5DA43E7C58F17422776ED23F79EC ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
21:35:03.0228 5816 WacomPen - ok
21:35:03.0242 5816 [ 462E6A2BFED7CEB5AF95AF58D7C378DB ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:35:03.0244 5816 Wanarp - ok
21:35:03.0249 5816 [ 462E6A2BFED7CEB5AF95AF58D7C378DB ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:35:03.0250 5816 Wanarpv6 - ok
21:35:03.0259 5816 [ E39B91FCC8787403A2F087893F9C1E2F ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
21:35:03.0262 5816 WAS - ok
21:35:03.0301 5816 [ 405A4A057C7DED7675285A8C64ED6836 ] wbengine C:\WINDOWS\system32\wbengine.exe
21:35:03.0335 5816 wbengine - ok
21:35:03.0361 5816 [ AC0E249EAD800A5B007F455C5C766DF5 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
21:35:03.0366 5816 WbioSrvc - ok
21:35:03.0378 5816 [ 2D20A3AC9CA046B466EFAF22936D40F4 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
21:35:03.0382 5816 Wcmsvc - ok
21:35:03.0404 5816 [ B6B0EA7123648BBD7BC67AF15D70A228 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
21:35:03.0410 5816 wcncsvc - ok
21:35:03.0420 5816 [ ADAD7BAC8DEB5FB7A038F2495711BE79 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:35:03.0422 5816 WcsPlugInService - ok
21:35:03.0440 5816 [ 38B6A9434DE44C9E452DB909C51951C5 ] Wd C:\WINDOWS\system32\drivers\wd.sys
21:35:03.0441 5816 Wd - ok
21:35:03.0464 5816 [ E55DA22C2E4DECF7D4C1C39B0CEEA008 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
21:35:03.0466 5816 WdBoot - ok
21:35:03.0493 5816 [ 1AE37B32FBDD81A912FA9D681DD9B697 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
21:35:03.0502 5816 Wdf01000 - ok
21:35:03.0516 5816 [ 6491AB5BB2B4F5C9D38E920AA515D8BB ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
21:35:03.0520 5816 WdFilter - ok
21:35:03.0539 5816 [ 8ECAA0B92F2E018222203A7A25DE99A3 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
21:35:03.0543 5816 WdiServiceHost - ok
21:35:03.0548 5816 [ 8ECAA0B92F2E018222203A7A25DE99A3 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
21:35:03.0552 5816 WdiSystemHost - ok
21:35:03.0561 5816 [ EADAC1AADFEAE3357D141D21FFA1F1F8 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:35:03.0567 5816 WebClient - ok
21:35:03.0587 5816 [ 294FB7E90F654CECCA3EEF48C702EE13 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
21:35:03.0591 5816 Wecsvc - ok
21:35:03.0601 5816 [ 5E9444F75F45EB5E851D9C0E84666DB3 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
21:35:03.0604 5816 wercplsupport - ok
21:35:03.0616 5816 [ 48265451D62C89A96947B9D3E86B4B8F ] WerSvc C:\WINDOWS\System32\WerSvc.dll
21:35:03.0619 5816 WerSvc - ok
21:35:03.0631 5816 [ 104BA78D0CFAF5F1919F60EB0A827A63 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
21:35:03.0632 5816 WFPLWFS - ok
21:35:03.0642 5816 [ CC20782B9CDC7FA3B31E5F4C0F79CE86 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
21:35:03.0642 5816 WiaRpc - ok
21:35:03.0662 5816 [ 23DD7346CAD4C3AE64B9AC503AC722CF ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
21:35:03.0662 5816 WIMMount - ok
21:35:03.0686 5816 WinDefend - ok
21:35:03.0724 5816 [ B753C0499E276DF0F247FE5BF8FCF8E8 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:35:03.0732 5816 WinHttpAutoProxySvc - ok
21:35:03.0802 5816 [ 8D3F3933A0DDB37B8FBFBD2257A8EB35 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:35:03.0806 5816 Winmgmt - ok
21:35:03.0861 5816 [ C878BC66BB2367E7AD3AEAA3F2B94E4F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:35:03.0906 5816 WinRM - ok
21:35:03.0956 5816 [ BC58C44F28218BF0621F92A758EF7683 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
21:35:03.0958 5816 WinUsb - ok
21:35:03.0993 5816 [ 7421E5B4F083862A94D094DAAEA9D346 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
21:35:04.0020 5816 WlanSvc - ok
21:35:04.0092 5816 [ 3270F71E98ADF92D4E200709BE6736BB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
21:35:04.0134 5816 wlidsvc - ok
21:35:04.0141 5816 [ 74708F57382BF8DD2862437CA00B8623 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
21:35:04.0142 5816 WmiAcpi - ok
21:35:04.0160 5816 [ 210874B65EB2D8643F46EBDF3146361A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:35:04.0164 5816 wmiApSrv - ok
21:35:04.0202 5816 WMPNetworkSvc - ok
21:35:04.0250 5816 [ BE19EFB0B261ADF873D335C2864FD819 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
21:35:04.0252 5816 wpcfltr - ok
21:35:04.0283 5816 [ C9ADB6396FA0FB320CE68AC480B3594C ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
21:35:04.0287 5816 WPCSvc - ok
21:35:04.0300 5816 [ B58FB1ECF243F3BB76A479B461710A1D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
21:35:04.0305 5816 WPDBusEnum - ok
21:35:04.0314 5816 [ 717FF17071FE7287E555F613C46409AF ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:35:04.0315 5816 WpdUpFltr - ok
21:35:04.0331 5816 [ B21B62F72BC166BC3E8A55194BE6F2CD ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:35:04.0332 5816 ws2ifsl - ok
21:35:04.0345 5816 [ 51CF231389EE86F8CC0EBF59C5F87EAB ] wscsvc C:\WINDOWS\System32\wscsvc.dll
21:35:04.0350 5816 wscsvc - ok
21:35:04.0368 5816 [ 974C41CFE03233C663E40A276514D262 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
21:35:04.0369 5816 WSDPrintDevice - ok
21:35:04.0399 5816 [ C37B7E139421D7CC1C9704DADB61CF2E ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
21:35:04.0400 5816 WSDScan - ok
21:35:04.0406 5816 WSearch - ok
21:35:04.0470 5816 [ 0532113434382CDEB671747248BEC456 ] WSService C:\WINDOWS\System32\WSService.dll
21:35:04.0508 5816 WSService - ok
21:35:04.0591 5816 [ 8DE43E215349F961DC97374CDBCED96B ] wuauserv C:\WINDOWS\system32\wuaueng.dll
21:35:04.0652 5816 wuauserv - ok
21:35:04.0687 5816 [ 6A36211499A473EE851838482E1EC7F3 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
21:35:04.0687 5816 WudfPf - ok
21:35:04.0697 5816 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
21:35:04.0707 5816 WUDFRd - ok
21:35:04.0716 5816 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:35:04.0718 5816 WUDFSensorLP - ok
21:35:04.0731 5816 [ FB5DA58536DC59CCCE4EB0C0F2F36793 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
21:35:04.0734 5816 wudfsvc - ok
21:35:04.0740 5816 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:35:04.0741 5816 WUDFWpdFs - ok
21:35:04.0746 5816 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:35:04.0748 5816 WUDFWpdMtp - ok
21:35:04.0766 5816 [ 640B1224C0138F8FBCE1902DF3D13FE6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
21:35:04.0778 5816 WwanSvc - ok
21:35:04.0784 5816 ================ Scan global ===============================
21:35:04.0834 5816 [ 7D5D03F3030F9A8E457D4E683ECA1497 ] C:\WINDOWS\system32\basesrv.dll
21:35:04.0849 5816 [ 78F34EA9D29A3FA9CD33EC3867971A84 ] C:\WINDOWS\system32\winsrv.dll
21:35:04.0893 5816 [ EFEC5911F3FB4F9660E05E8E45EA16D2 ] C:\WINDOWS\system32\sxssrv.dll
21:35:04.0932 5816 [ B5643CD44EF5F7514D1C6BA2FBBD5E7E ] C:\WINDOWS\system32\services.exe
21:35:04.0939 5816 [Global] - ok
21:35:04.0940 5816 ================ Scan MBR ==================================
21:35:04.0953 5816 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:35:05.0099 5816 \Device\Harddisk0\DR0 - ok
21:35:05.0099 5816 ================ Scan VBR ==================================
21:35:05.0116 5816 [ E638ECE7C9D10661FC3C442820F90956 ] \Device\Harddisk0\DR0\Partition1
21:35:05.0118 5816 \Device\Harddisk0\DR0\Partition1 - ok
21:35:05.0120 5816 [ E5F6924BE411D7A7E4C3EFDF7377AEE5 ] \Device\Harddisk0\DR0\Partition2
21:35:05.0122 5816 \Device\Harddisk0\DR0\Partition2 - ok
21:35:05.0122 5816 ============================================================
21:35:05.0122 5816 Scan finished
21:35:05.0122 5816 ============================================================
21:35:05.0132 5400 Detected object count: 0
21:35:05.0133 5400 Actual detected object count: 0


aswMBR still crashing when it tries to scan WinDefend.

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,978 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:55 PM

Posted 09 September 2012 - 08:55 PM

Greetings illidari,

Yes, DDS will not run on Windows 8 so let's try another program. We will try an alternative program and see how we do. Please do this.


===================================================


OTL

--------------------

Please download OTL here.

  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change Services and Drivers from Use Safelist to All
  • Push the Posted Image button.
  • Copy and paste the two reports in your next reply.

  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • OTL.txt
  • Extra.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 illidari

illidari
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 09 September 2012 - 09:10 PM

OTL logfile created on: 9/9/2012 9:57:24 PM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Holger Findling\Downloads
64bit- Professional (Version = 6.2.8400) - Type = NTWorkstation
Internet Explorer (Version = 9.10.8400.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 3.88 Gb Available Physical Memory | 64.60% Memory free
12.00 Gb Paging File | 9.45 Gb Available in Paging File | 78.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.60 Gb Total Space | 211.10 Gb Free Space | 30.88% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.84 Gb Free Space | 52.30% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: HOLGERFINDLI-PC | User Name: Holger Findling | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/09 21:56:46 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Holger Findling\Downloads\OTL.exe
PRC - [2012/08/29 12:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/08/21 05:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 05:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/02/26 16:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/05/23 14:54:50 | 000,522,192 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2011/05/23 14:54:07 | 000,465,872 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2010/10/07 13:39:52 | 000,234,784 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\AirPrint\airprint.exe
PRC - [2010/03/10 10:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
PRC - [2010/03/10 10:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lktsrv.exe
PRC - [2010/03/10 10:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\lkads.exe
PRC - [2009/10/20 10:00:22 | 000,013,896 | ---- | M] (National Instruments Corporation) -- C:\Windows\SysWOW64\nisvcloc.exe
PRC - [2009/09/29 12:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) -- C:\Windows\SysWOW64\lkcitdl.exe
PRC - [2009/08/19 10:23:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009/08/19 10:23:22 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009/07/07 11:23:00 | 001,779,952 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/07/01 09:23:36 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
PRC - [2009/07/01 09:20:48 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\STOSysService.exe
PRC - [2009/05/18 08:02:47 | 000,541,936 | ---- | M] () -- C:\Windows\Dell\PanelMgr\SSMMgr.exe
PRC - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/09/26 13:54:26 | 000,495,616 | R--- | M] () -- C:\Windows\twain_32\Dell\DELL1235\Scan2Pc.exe
PRC - [2008/05/23 15:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/29 22:58:45 | 000,442,392 | ---- | M] () -- C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll
MOD - [2012/08/29 22:58:44 | 012,237,336 | ---- | M] () -- C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
MOD - [2012/08/29 22:58:42 | 003,997,720 | ---- | M] () -- C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
MOD - [2012/08/29 22:57:27 | 000,526,872 | ---- | M] () -- C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll
MOD - [2012/08/29 22:57:26 | 000,104,984 | ---- | M] () -- C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll
MOD - [2012/08/29 22:57:15 | 000,144,424 | ---- | M] () -- C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll
MOD - [2012/08/29 22:57:13 | 000,266,792 | ---- | M] () -- C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll
MOD - [2012/08/29 22:57:12 | 002,480,680 | ---- | M] () -- C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll
MOD - [2012/01/08 09:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/08/18 15:54:22 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/07/07 11:24:00 | 000,268,528 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/07/07 11:24:00 | 000,140,528 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/07/07 11:24:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/07/07 11:23:00 | 001,779,952 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/07/07 11:23:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2009/07/07 11:23:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/07/01 09:23:36 | 000,184,320 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
MOD - [2009/07/01 09:22:00 | 000,471,040 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\STOExDesktop.dll
MOD - [2009/07/01 09:20:48 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\STOSysService.exe
MOD - [2009/07/01 09:19:38 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\CABFilesWrapper.dll
MOD - [2009/07/01 09:18:50 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\WindowsDesktopSearch.dll
MOD - [2009/07/01 09:16:50 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\STOCategoryHelper.dll
MOD - [2009/07/01 09:16:42 | 000,434,176 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\ConfigurationManager.dll
MOD - [2009/07/01 09:15:12 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\STOSearchHelper.dll
MOD - [2009/05/18 08:02:47 | 000,541,936 | ---- | M] () -- C:\Windows\Dell\PanelMgr\SSMMgr.exe
MOD - [2008/09/26 13:54:26 | 000,495,616 | R--- | M] () -- C:\Windows\twain_32\Dell\DELL1235\Scan2Pc.exe
MOD - [2008/06/23 19:04:10 | 001,384,520 | R--- | M] () -- C:\Windows\twain_32\Dell\DELL1235\SSOle.dll
MOD - [2008/06/23 19:03:42 | 000,367,104 | R--- | M] () -- C:\Windows\twain_32\Dell\DELL1235\NetModule.dll
MOD - [2008/06/23 19:03:34 | 000,155,648 | R--- | M] () -- C:\Windows\twain_32\Dell\DELL1235\IMFilter.dll


========== Services (All) ==========

SRV:64bit: - [2012/08/21 05:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/08/10 21:05:42 | 000,108,392 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2012/05/24 00:10:45 | 001,944,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/05/19 02:44:05 | 000,076,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2012/05/19 02:44:05 | 000,036,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2012/05/19 02:44:05 | 000,026,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2012/05/19 02:02:00 | 002,246,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/05/19 02:00:53 | 000,014,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2012/05/19 00:36:17 | 002,648,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/05/19 00:17:51 | 001,298,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2012/05/19 00:17:51 | 000,199,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2012/05/19 00:17:49 | 001,617,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2012/05/19 00:17:49 | 001,483,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2012/05/19 00:17:48 | 000,683,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2012/05/19 00:17:48 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2012/05/19 00:17:46 | 000,782,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2012/05/19 00:17:45 | 000,014,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2012/05/19 00:17:43 | 000,817,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2012/05/19 00:17:40 | 004,894,720 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2012/05/19 00:17:35 | 000,145,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2012/05/19 00:17:35 | 000,124,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2012/05/19 00:17:35 | 000,025,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2012/05/19 00:17:33 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:64bit: - [2012/05/19 00:17:31 | 000,670,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2012/05/19 00:17:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\dllhost.exe -- (COMSysApp)
SRV:64bit: - [2012/05/19 00:17:19 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2012/05/19 00:17:17 | 000,442,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2012/05/19 00:17:16 | 003,201,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2012/05/19 00:17:16 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2012/05/19 00:17:15 | 002,832,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2012/05/19 00:17:14 | 000,100,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2012/05/19 00:17:13 | 000,100,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2012/05/19 00:17:12 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:64bit: - [2012/05/19 00:17:06 | 000,222,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/05/19 00:17:04 | 001,267,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:64bit: - [2012/05/19 00:17:03 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2012/05/19 00:17:00 | 000,714,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:64bit: - [2012/05/19 00:16:56 | 000,570,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2012/05/19 00:16:56 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/05/19 00:16:55 | 001,720,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:64bit: - [2012/05/19 00:16:55 | 000,219,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2012/05/19 00:16:55 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:64bit: - [2012/05/19 00:16:55 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2012/05/19 00:16:54 | 000,227,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:64bit: - [2012/05/19 00:16:53 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2012/05/19 00:16:53 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2012/05/19 00:16:52 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2012/05/19 00:16:51 | 000,466,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2012/05/19 00:16:51 | 000,337,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2012/05/19 00:16:51 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/05/19 00:16:50 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2012/05/19 00:16:49 | 000,284,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/05/19 00:16:47 | 000,521,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2012/05/19 00:16:47 | 000,251,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2012/05/19 00:16:47 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/05/19 00:16:47 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umpnpmgr.dll -- (DeviceInstall)
SRV:64bit: - [2012/05/19 00:16:47 | 000,089,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2012/05/19 00:16:43 | 000,121,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2012/05/19 00:16:41 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012/05/19 00:16:40 | 000,721,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2012/05/19 00:16:40 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/19 00:16:38 | 000,306,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2012/05/19 00:16:37 | 001,327,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2012/05/19 00:16:37 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/05/19 00:16:37 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2012/05/19 00:16:35 | 000,503,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2012/05/19 00:16:35 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/05/19 00:16:34 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2012/05/19 00:16:33 | 000,309,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2012/05/19 00:16:33 | 000,267,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2012/05/19 00:16:33 | 000,082,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2012/05/19 00:16:26 | 000,563,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2012/05/19 00:16:19 | 000,290,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:64bit: - [2012/05/19 00:16:17 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2012/05/19 00:16:17 | 000,062,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:64bit: - [2012/05/19 00:16:17 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2012/05/19 00:16:16 | 000,148,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2012/05/19 00:16:15 | 001,290,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2012/05/19 00:16:15 | 000,196,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2012/05/19 00:16:14 | 000,809,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2012/05/19 00:16:14 | 000,809,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2012/05/19 00:16:13 | 000,160,768 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2012/05/19 00:16:10 | 000,359,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2012/05/19 00:16:09 | 000,099,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2012/05/19 00:16:08 | 000,268,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2012/05/19 00:16:07 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2012/05/19 00:16:07 | 000,429,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:64bit: - [2012/05/19 00:16:06 | 000,394,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2012/05/19 00:16:05 | 000,206,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2012/05/19 00:16:03 | 000,330,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2012/05/19 00:16:03 | 000,330,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2012/05/19 00:16:03 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2012/05/19 00:16:02 | 001,380,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2012/05/19 00:16:01 | 002,451,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2012/05/19 00:16:00 | 000,437,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2012/05/19 00:16:00 | 000,379,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2012/05/19 00:15:41 | 000,357,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2012/05/19 00:15:39 | 000,464,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2012/05/19 00:15:38 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/05/19 00:15:38 | 000,256,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2012/05/19 00:15:37 | 000,162,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/05/19 00:15:37 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/05/19 00:15:23 | 000,359,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2012/05/19 00:15:15 | 000,906,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2012/05/19 00:15:15 | 000,107,520 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2012/05/19 00:15:13 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:64bit: - [2012/05/19 00:15:13 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2012/05/19 00:15:04 | 000,437,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/05/19 00:15:03 | 000,275,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2012/05/19 00:15:03 | 000,265,216 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2012/05/19 00:15:03 | 000,023,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2012/05/19 00:14:59 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
SRV:64bit: - [2012/05/19 00:14:59 | 000,060,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/05/19 00:14:57 | 000,152,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2012/05/19 00:14:56 | 000,885,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2012/05/19 00:14:56 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2012/05/19 00:14:56 | 000,439,296 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2012/05/19 00:14:54 | 001,096,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:64bit: - [2012/05/19 00:14:54 | 000,472,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (WAS)
SRV:64bit: - [2012/05/19 00:14:54 | 000,472,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\iisw3adm.dll -- (W3SVC)
SRV:64bit: - [2012/05/19 00:14:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2012/05/19 00:14:47 | 001,194,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2012/05/19 00:14:38 | 001,295,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2012/05/19 00:14:38 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/05/19 00:14:37 | 000,033,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:64bit: - [2012/05/19 00:14:37 | 000,022,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2012/05/19 00:14:35 | 000,523,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2012/05/19 00:14:33 | 000,105,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:64bit: - [2012/05/19 00:14:33 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/05/19 00:14:30 | 000,253,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2012/05/19 00:14:30 | 000,196,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2012/05/19 00:14:29 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2012/05/19 00:14:26 | 000,332,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2012/05/19 00:14:25 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/05/19 00:14:24 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2012/05/19 00:14:21 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/05/19 00:14:19 | 000,768,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2012/05/19 00:14:18 | 000,073,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2012/05/19 00:14:12 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2012/05/19 00:14:12 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2012/05/19 00:14:09 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/05/19 00:14:09 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2012/05/19 00:14:07 | 000,720,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2012/05/19 00:14:07 | 000,182,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2012/05/19 00:14:07 | 000,158,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/05/19 00:14:06 | 000,112,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2012/05/19 00:14:05 | 000,772,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:64bit: - [2012/05/19 00:14:05 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/05/19 00:14:05 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/05/19 00:14:03 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2012/05/19 00:14:03 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2012/05/19 00:14:03 | 000,065,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV:64bit: - [2012/05/19 00:14:03 | 000,037,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2012/05/19 00:14:02 | 000,190,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2012/05/18 21:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/05/18 21:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/05/18 21:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/05/18 21:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/05/18 21:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/05/18 21:39:56 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2011/10/09 18:06:44 | 000,934,760 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV:64bit: - [2011/08/30 23:05:32 | 000,462,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV:64bit: - [2011/05/05 16:36:05 | 000,022,528 | ---- | M] () [Auto | Running] -- C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe -- (DAZContentManagementService)
SRV:64bit: - [2009/08/18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/08/14 09:45:32 | 000,517,632 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService64)
SRV:64bit: - [2009/08/11 17:59:38 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/22 04:17:44 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV:64bit: - [2009/03/30 05:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS)
SRV:64bit: - [2009/03/30 05:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS)
SRV:64bit: - [2008/12/18 15:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/07/18 08:42:16 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/07/10 06:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2012/09/09 20:18:42 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/09 13:10:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/08/15 07:32:35 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/19 05:42:03 | 000,043,616 | R--- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2012/05/19 02:44:02 | 000,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2012/05/19 00:43:43 | 000,669,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2012/05/19 00:43:35 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2012/05/19 00:43:31 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (msiserver)
SRV - [2012/05/19 00:43:21 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2012/05/19 00:43:12 | 002,040,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2012/05/19 00:43:08 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2012/05/19 00:42:52 | 000,517,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2012/05/19 00:42:43 | 000,199,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2012/05/19 00:42:42 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2012/05/19 00:42:42 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2012/05/19 00:42:39 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2012/05/19 00:42:33 | 000,410,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2012/05/19 00:42:20 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2012/05/19 00:42:17 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/05/19 00:42:09 | 000,503,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2012/05/19 00:42:01 | 000,250,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2012/05/19 00:41:47 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2012/05/19 00:41:45 | 000,304,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2012/05/19 00:41:40 | 001,422,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2012/05/19 00:41:07 | 000,633,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netlogon.dll -- (Netlogon)
SRV - [2012/05/19 00:40:46 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2012/05/19 00:40:25 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV - [2012/05/19 00:40:18 | 000,408,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012/05/19 00:40:18 | 000,408,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2012/05/19 00:40:12 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2012/05/19 00:40:04 | 000,390,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2012/05/19 00:39:56 | 000,274,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2012/05/19 00:39:37 | 000,152,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/19 00:39:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2012/05/19 00:36:17 | 002,648,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/05/18 20:07:26 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2012/05/18 19:24:50 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2012/05/02 22:01:27 | 000,051,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/09 16:02:32 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/05/23 14:54:07 | 000,465,872 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2010/10/07 13:39:52 | 000,234,784 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\AirPrint\airprint.exe -- (AirPrint)
SRV - [2010/05/17 18:18:44 | 001,007,616 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe -- (NILM License Manager)
SRV - [2010/03/10 10:17:10 | 000,358,448 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe -- (NIDomainService)
SRV - [2010/03/10 10:17:04 | 000,053,808 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lktsrv.exe -- (lkTimeSync)
SRV - [2010/03/10 10:17:02 | 000,043,056 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\lkads.exe -- (lkClassAds)
SRV - [2009/10/28 20:12:57 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2009/10/20 10:00:22 | 000,013,896 | ---- | M] (National Instruments Corporation) [Auto | Running] -- C:\Windows\SysWOW64\nisvcloc.exe -- (niSvcLoc)
SRV - [2009/10/01 17:00:07 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/09/29 12:56:52 | 000,695,136 | ---- | M] (National Instruments, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\lkcitdl.exe -- (LkCitadelServer)
SRV - [2009/08/14 09:45:34 | 000,319,488 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Motive\McciCMService.exe -- (McciCMService)
SRV - [2009/03/30 04:23:32 | 000,254,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/03/24 08:35:22 | 000,074,384 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007/11/30 11:27:22 | 000,558,592 | ---- | M] (ReaSoft) [On_Demand | Stopped] -- C:\Program Files (x86)\ReaConverter 5.5 Pro\rcp_scheduler.exe -- (rcp_service)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (All) ==========

DRV:64bit: - [2012/08/21 05:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 05:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 05:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 05:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 05:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 05:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/05/19 05:32:26 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2012/05/19 02:44:05 | 000,100,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2012/05/19 02:44:05 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2012/05/19 02:44:04 | 002,216,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:64bit: - [2012/05/19 02:44:04 | 002,216,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2012/05/19 02:44:04 | 001,933,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2012/05/19 02:44:04 | 001,001,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2012/05/19 02:44:04 | 000,783,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2012/05/19 02:44:04 | 000,561,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2012/05/19 02:44:04 | 000,393,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2012/05/19 02:44:04 | 000,370,888 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2012/05/19 02:44:04 | 000,129,024 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2012/05/19 02:44:04 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2012/05/19 02:44:04 | 000,025,296 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/05/19 02:44:03 | 000,093,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:64bit: - [2012/05/19 02:44:03 | 000,092,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2012/05/19 02:44:03 | 000,049,152 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2012/05/19 02:44:03 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/05/19 02:44:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2012/05/19 02:17:59 | 000,093,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/05/19 02:17:13 | 000,492,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2012/05/19 02:17:13 | 000,067,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/05/19 02:17:13 | 000,036,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2012/05/19 02:16:42 | 000,077,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/05/19 02:16:27 | 000,237,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2012/05/19 02:16:27 | 000,217,296 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2012/05/19 02:16:27 | 000,184,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012/05/19 02:16:27 | 000,147,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012/05/19 02:16:27 | 000,083,664 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:64bit: - [2012/05/19 02:16:27 | 000,037,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2012/05/19 02:16:24 | 000,459,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2012/05/19 02:16:24 | 000,210,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2012/05/19 02:16:24 | 000,071,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2012/05/19 02:16:24 | 000,057,544 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2012/05/19 02:16:24 | 000,051,912 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2012/05/19 02:15:41 | 000,036,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/05/19 02:15:41 | 000,027,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/05/19 02:11:54 | 000,137,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2012/05/19 02:11:54 | 000,045,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2012/05/19 02:11:54 | 000,037,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2012/05/19 02:10:05 | 000,033,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2012/05/19 02:03:02 | 000,259,272 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2012/05/19 02:01:10 | 001,455,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2012/05/19 02:00:51 | 000,034,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2012/05/19 02:00:25 | 000,379,080 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2012/05/19 02:00:25 | 000,331,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2012/05/19 02:00:25 | 000,083,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2012/05/19 02:00:25 | 000,023,752 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2012/05/19 01:59:18 | 000,107,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2012/05/19 01:59:18 | 000,067,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2012/05/19 01:59:18 | 000,051,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2012/05/19 01:59:15 | 000,024,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2012/05/19 01:59:12 | 000,422,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2012/05/19 01:59:12 | 000,361,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/05/19 01:59:12 | 000,102,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (disk)
DRV:64bit: - [2012/05/19 01:43:53 | 000,172,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2012/05/19 00:32:23 | 003,291,336 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/05/19 00:32:23 | 000,411,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2012/05/19 00:32:23 | 000,352,968 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2012/05/19 00:32:23 | 000,113,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/05/19 00:32:23 | 000,108,744 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2012/05/19 00:32:23 | 000,048,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2012/05/19 00:32:23 | 000,045,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:64bit: - [2012/05/19 00:32:23 | 000,018,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2012/05/19 00:32:22 | 000,116,936 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2012/05/19 00:32:22 | 000,092,360 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/05/19 00:32:22 | 000,081,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/05/19 00:32:22 | 000,081,096 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/05/19 00:32:22 | 000,066,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:64bit: - [2012/05/19 00:32:22 | 000,065,224 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/05/19 00:32:22 | 000,051,912 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2012/05/19 00:32:22 | 000,045,256 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2012/05/19 00:32:22 | 000,022,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2012/05/19 00:32:21 | 000,322,760 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/05/19 00:32:21 | 000,164,040 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2012/05/19 00:32:21 | 000,105,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/05/19 00:32:21 | 000,019,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2012/05/19 00:32:20 | 000,539,336 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/05/19 00:32:20 | 000,516,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2012/05/19 00:32:20 | 000,492,232 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2012/05/19 00:32:20 | 000,438,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2012/05/19 00:32:20 | 000,331,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012/05/19 00:32:20 | 000,211,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/05/19 00:32:20 | 000,116,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2012/05/19 00:32:20 | 000,106,696 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/05/19 00:32:20 | 000,096,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/05/19 00:32:20 | 000,078,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:64bit: - [2012/05/19 00:32:20 | 000,066,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:64bit: - [2012/05/19 00:32:20 | 000,065,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:64bit: - [2012/05/19 00:32:20 | 000,013,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:64bit: - [2012/05/19 00:32:19 | 000,340,680 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2012/05/19 00:32:19 | 000,258,248 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/05/19 00:32:19 | 000,184,008 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2012/05/19 00:32:19 | 000,108,232 | ---- | M] (PMC-Sierra, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2012/05/19 00:32:19 | 000,104,648 | ---- | M] (PMC-Sierra, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2012/05/19 00:32:19 | 000,075,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/19 00:32:19 | 000,063,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:64bit: - [2012/05/19 00:32:19 | 000,026,312 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/05/19 00:32:19 | 000,025,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2012/05/19 00:32:17 | 000,283,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012/05/19 00:32:17 | 000,277,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2012/05/19 00:32:17 | 000,168,136 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2012/05/19 00:32:17 | 000,125,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:64bit: - [2012/05/19 00:32:17 | 000,086,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/05/19 00:32:17 | 000,081,608 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2012/05/19 00:32:17 | 000,064,200 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/05/19 00:32:16 | 000,233,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2012/05/19 00:32:16 | 000,150,216 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2012/05/19 00:32:16 | 000,077,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012/05/19 00:32:16 | 000,052,424 | ---- | M] (IBM Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2012/05/19 00:32:16 | 000,049,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/05/19 00:32:16 | 000,044,744 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2012/05/19 00:32:16 | 000,030,920 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/05/19 00:32:16 | 000,023,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/05/19 00:32:16 | 000,017,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2012/05/19 00:32:16 | 000,014,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2012/05/19 00:25:37 | 000,568,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2012/05/19 00:25:21 | 000,290,816 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid)
DRV:64bit: - [2012/05/18 23:37:49 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2012/05/18 23:37:42 | 000,194,048 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2012/05/18 23:37:39 | 000,321,024 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2012/05/18 23:37:39 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2012/05/18 23:37:36 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:64bit: - [2012/05/18 23:37:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2012/05/18 23:37:35 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2012/05/18 23:37:32 | 000,109,056 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2012/05/18 23:37:29 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2012/05/18 23:37:21 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2012/05/18 23:37:20 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbscan.sys -- (usbscan)
DRV:64bit: - [2012/05/18 23:37:14 | 000,105,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2012/05/18 23:37:14 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2012/05/18 23:37:12 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2012/05/18 23:37:11 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2012/05/18 23:37:09 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/05/18 23:37:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2012/05/18 23:36:54 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2012/05/18 23:36:52 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2012/05/18 23:36:47 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2012/05/18 23:36:46 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2012/05/18 23:36:40 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/05/18 23:36:39 | 000,134,656 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2012/05/18 23:36:36 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2012/05/18 23:36:35 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/05/18 23:36:35 | 000,027,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2012/05/18 23:36:33 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2012/05/18 23:36:29 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/05/18 23:36:26 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2012/05/18 23:36:26 | 000,021,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2012/05/18 23:36:25 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2012/05/18 23:36:25 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2012/05/18 23:36:23 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2012/05/18 23:36:23 | 000,006,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2012/05/18 23:36:21 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/05/18 23:36:21 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2012/05/18 23:36:20 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2012/05/18 23:36:19 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2012/05/18 23:36:18 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:64bit: - [2012/05/18 23:36:15 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2012/05/18 23:36:13 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2012/05/18 23:36:08 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2012/05/18 23:35:59 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2012/05/18 23:35:51 | 000,029,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2012/05/18 23:35:50 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:64bit: - [2012/05/18 23:35:49 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2012/05/18 23:35:45 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2012/05/18 23:35:44 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:64bit: - [2012/05/18 23:35:43 | 000,046,080 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2012/05/18 23:35:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2012/05/18 23:35:32 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2012/05/18 23:35:31 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2012/05/18 23:35:29 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2012/05/18 23:35:26 | 000,101,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2012/05/18 23:35:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/05/18 23:35:24 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/05/18 23:35:21 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2012/05/18 23:35:19 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2012/05/18 23:35:09 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:64bit: - [2012/05/18 23:35:09 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:64bit: - [2012/05/18 23:35:08 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/05/18 23:35:06 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2012/05/18 23:35:06 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2012/05/18 23:35:05 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/05/18 23:35:04 | 000,022,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2012/05/18 23:35:03 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/05/18 23:35:02 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2012/05/18 23:35:02 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2012/05/18 23:34:51 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/05/18 23:34:49 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/05/18 23:34:49 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2012/05/18 23:34:45 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/05/18 23:34:44 | 000,099,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:64bit: - [2012/05/18 23:34:42 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2012/05/18 23:34:41 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2012/05/18 23:34:37 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/05/18 23:34:34 | 000,207,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2012/05/18 23:34:30 | 000,571,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2012/05/18 23:34:27 | 000,340,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2012/05/18 23:34:25 | 000,118,272 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (Dfsc)
DRV:64bit: - [2012/05/18 23:34:20 | 000,089,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:64bit: - [2012/05/18 23:34:19 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/05/18 23:34:18 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2012/05/18 23:34:17 | 000,090,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2012/05/18 23:34:17 | 000,088,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2012/05/18 23:34:17 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2012/05/18 23:34:16 | 000,087,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2012/05/18 23:34:15 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/05/18 23:34:13 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2012/05/18 23:34:10 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2012/05/18 23:34:06 | 000,174,592 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2012/05/18 23:34:04 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/05/18 23:33:52 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2012/05/18 23:33:42 | 000,051,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/05/18 23:33:41 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2012/05/18 23:33:35 | 000,418,816 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2012/05/18 23:33:33 | 000,198,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFWpdMtp)
DRV:64bit: - [2012/05/18 23:33:33 | 000,198,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFWpdFs)
DRV:64bit: - [2012/05/18 23:33:33 | 000,198,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFSensorLP)
DRV:64bit: - [2012/05/18 23:33:33 | 000,198,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2012/05/18 23:33:33 | 000,198,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (SensorsSimulatorDriver)
DRV:64bit: - [2012/05/18 23:33:33 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/05/18 23:33:30 | 000,141,312 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2012/05/18 23:33:26 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/05/18 23:33:23 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/05/18 23:33:04 | 000,486,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:64bit: - [2012/05/18 23:33:03 | 000,615,424 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2012/05/18 23:33:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2012/05/18 23:33:02 | 000,178,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (RDPDR)
DRV:64bit: - [2012/05/18 23:32:59 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2012/05/18 23:32:56 | 000,116,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2012/05/18 23:32:53 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/05/18 23:32:50 | 000,872,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:64bit: - [2012/05/18 23:32:50 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2012/05/18 23:32:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2012/05/18 23:32:49 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2012/05/18 23:32:31 | 000,427,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2012/05/18 23:32:26 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:64bit: - [2012/05/18 23:32:22 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:64bit: - [2012/05/18 23:32:16 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2012/05/18 23:32:13 | 000,348,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:64bit: - [2012/05/18 23:32:00 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/05/18 23:31:58 | 000,790,528 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2012/05/18 23:31:48 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2012/05/18 23:31:46 | 000,092,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)
DRV:64bit: - [2012/05/18 23:31:45 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2012/05/18 23:31:42 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/05/18 23:31:26 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/05/18 23:31:21 | 000,208,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2012/05/18 23:31:20 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2012/05/18 23:31:16 | 000,368,640 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2012/05/18 23:31:07 | 000,248,320 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2012/05/18 23:31:03 | 000,128,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bridge.sys -- (MsBridge)
DRV:64bit: - [2012/05/18 23:31:00 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)
DRV:64bit: - [2012/05/18 23:30:57 | 000,173,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NDISWANLEGACY)
DRV:64bit: - [2012/05/18 23:30:57 | 000,173,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2012/05/18 23:30:57 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2012/05/18 23:30:56 | 000,351,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2012/05/18 23:30:55 | 000,113,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)
DRV:64bit: - [2012/05/18 23:30:55 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)
DRV:64bit: - [2012/05/18 23:30:54 | 000,151,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:64bit: - [2012/05/18 23:30:54 | 000,149,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2012/05/18 23:30:54 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2012/05/18 23:30:53 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2012/05/18 23:30:53 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarp)
DRV:64bit: - [2012/05/18 23:30:49 | 000,145,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2012/05/14 21:34:37 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/02/29 00:05:53 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2012/02/29 00:05:53 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2012/02/29 00:05:53 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2012/02/29 00:05:51 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2012/02/29 00:05:51 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2012/02/29 00:05:09 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2011/08/15 14:32:10 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/05/23 14:45:05 | 000,094,864 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2009/08/18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/08/18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2009/07/08 17:55:50 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/30 04:53:56 | 000,311,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0103.sys -- (RsFx0103)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/07/21 07:18:30 | 000,026,624 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2008/07/18 08:42:20 | 001,478,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTKVHD64.sys -- (IntcAzAudAddService)
DRV:64bit: - [2008/03/27 18:18:22 | 000,056,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwusb.sys -- (BTWUSB)
DRV:64bit: - [2007/11/14 04:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2011/10/28 23:42:06 | 000,045,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Game\SoftnyxGame\GunboundIS\Gun64.sys -- (Gun)
DRV - [2009/08/14 09:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 09:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.fotocommunity.com/
IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\SearchScopes,DefaultScope = {105E99FF-8B9A-4492-B155-06194B9056D2}
IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR&pc=MDDC
IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = http://www.bing.com/search?FORM=DLCDF7&PC=MDDC&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\SearchScopes\{46f7b6a1-df7b-4551-84fd-d66177c32992}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.kotaku.com"
FF - prefs.js..extensions.enabledAddons: btpersonas@brandthunder.com:1.6.2.5
FF - prefs.js..extensions.enabledAddons: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.88.2
FF - prefs.js..extensions.enabledAddons: {F6008AC6-79FF-11E1-826D-B8AC6F996F26}:2.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2609412\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Holger Findling\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Holger Findling\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Holger Findling\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/06 12:35:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/09 13:10:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/09 13:09:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.11\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/10/20 20:15:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F6008AC6-79FF-11E1-826D-B8AC6F996F26}: C:\Users\Holger Findling\AppData\Local\{F6008AC6-79FF-11E1-826D-B8AC6F996F26}\ [2012/03/29 20:33:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/09 13:10:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/09 13:09:51 | 000,000,000 | ---D | M]

[2011/01/03 14:31:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Extensions
[2010/02/17 16:20:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/08/28 15:47:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\extensions
[2012/04/07 12:53:19 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2012/08/28 15:47:42 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\extensions\btpersonas@brandthunder.com
[2012/02/02 20:27:59 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012/07/25 09:48:38 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/04/20 21:46:59 | 000,172,310 | ---- | M] () (No name found) -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012/04/20 21:46:59 | 000,003,915 | ---- | M] () -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\searchplugins\sweetim.xml
[2012/09/09 13:09:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/09 13:09:48 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/09 13:09:47 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de
[2012/03/29 20:33:21 | 000,000,000 | ---D | M] (Translate This!) -- C:\USERS\HOLGER FINDLING\APPDATA\LOCAL\{F6008AC6-79FF-11E1-826D-B8AC6F996F26}
[2012/09/09 13:10:26 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2008/12/10 14:49:34 | 000,023,040 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll
[2010/05/25 12:43:16 | 000,025,088 | ---- | M] (National Instruments) -- C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll
[2012/09/07 08:54:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/07 08:54:13 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.fotocommunity.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.fotocommunity.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Holger Findling\AppData\Local\Google\Chrome\Application\21.0.1180.89\gears.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Holger Findling\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: SweetIM for Facebook = C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: avast! WebRep = C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: SweetIM for Facebook = C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\

O1 HOSTS File: ([2012/03/13 18:22:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\WINDOWS\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [1235cn Scan2PC] C:\Windows\twain_32\Dell\DELL1235\Scan2Pc.exe ()
O4 - HKLM..\Run: [AMD AVT] C:\WINDOWS\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell PanelMgr] C:\Windows\Dell\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NI Background Service] C:\Program Files (x86)\National Instruments\Shared\Update Service\niupdate.exe (National Instruments)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STO Backup Service] C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe ()
O4 - HKLM..\Run: [STO Launcher Service] C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe ()
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000..\Run: [scheduler_monitor] C:\Program Files (x86)\ReaConverter 5.5 Pro\init_scheduler.exe ()
O4 - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Capture Selection - C:\Program Files (x86)\SmarThru Office\WEBCapture.dll2.htm ()
O8:64bit: - Extra context menu item: Save as HTML - C:\Program Files (x86)\SmarThru Office\WEBCapture.dll1.htm ()
O8:64bit: - Extra context menu item: Save Selected Text - C:\Program Files (x86)\SmarThru Office\WEBCapture.dll.htm ()
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: Web Capture - C:\Program Files (x86)\SmarThru Office\WebCapture.dll ()
O8 - Extra context menu item: Capture Selection - C:\Program Files (x86)\SmarThru Office\WEBCapture.dll2.htm ()
O8 - Extra context menu item: Save as HTML - C:\Program Files (x86)\SmarThru Office\WEBCapture.dll1.htm ()
O8 - Extra context menu item: Save Selected Text - C:\Program Files (x86)\SmarThru Office\WEBCapture.dll.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Web Capture - C:\Program Files (x86)\SmarThru Office\WebCapture.dll ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab (DLM Control)
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/bingame/zpagames/GAME_UNO1.cab60096.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38EB6792-84F1-4DBD-BF5A-59F0A8F453A6}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\1600x1200_black.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\1600x1200_black.jpg
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/09 20:03:06 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Holger Findling\Desktop\aswMBR.exe
[2012/09/09 13:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/09/07 23:18:28 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\AppData\Roaming\codeblocks
[2012/09/07 23:18:22 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
[2012/09/07 23:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
[2012/09/07 23:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CodeBlocks
[2012/09/07 23:07:28 | 000,000,000 | ---D | C] -- C:\LammpsProject
[2012/09/07 17:52:51 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\Documents\Games for Windows - LIVE Demos
[2012/09/06 11:58:21 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Holger Findling\Desktop\dds.com
[2012/09/04 21:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012/09/04 21:08:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/08/28 17:03:19 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\Documents\Readiris
[2012/08/28 17:02:35 | 001,354,240 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNC8100C.dll
[2012/08/28 16:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2012/08/28 16:50:12 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\SysNative\hamachi.sys
[2012/08/28 16:40:33 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012/08/28 16:40:26 | 000,340,992 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNMNPPM.DLL
[2012/08/28 16:40:26 | 000,327,680 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNMN6PPM.DLL
[2012/08/28 16:40:26 | 000,037,376 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNMN6UI.DLL
[2012/08/28 16:40:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\STRING
[2012/08/28 16:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2012/08/28 16:23:32 | 000,348,672 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNC8100L.dll
[2012/08/28 16:23:32 | 000,307,200 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNC8100L.dll
[2012/08/28 16:23:32 | 000,112,128 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNC8100I.dll
[2012/08/28 16:23:32 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNC8100U.dll
[2012/08/28 16:23:32 | 000,017,920 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysNative\CNHMCA6.dll
[2012/08/28 16:23:32 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNHMCA.dll
[2012/08/28 16:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG8100 series
[2012/08/28 16:12:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\SysNative\CanonIJ Uninstaller Information
[2012/08/28 09:46:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012/08/23 10:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012/08/23 10:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2
[2012/08/22 00:11:50 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\Desktop\bios
[2012/08/22 00:11:15 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\Documents\PCSX2
[2012/08/22 00:08:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 1.0.0
[2012/08/20 00:17:00 | 000,394,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2012/08/20 00:16:58 | 001,009,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perftrack.dll
[2012/08/20 00:16:51 | 001,944,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2012/08/19 21:08:57 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\Desktop\briandek-WowDotNetAPI-8acf8be
[2012/08/19 11:12:34 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\AppData\Local\PerfWatson
[2012/08/19 11:07:03 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\Documents\Visual Studio 2012
[2012/08/19 10:40:13 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2012/08/19 10:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Verifier
[2012/08/19 10:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows App Certification Kit
[2012/08/19 10:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[2012/08/19 10:36:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft
[2012/08/19 10:36:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Kits
[2012/08/19 10:30:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
[2012/08/19 10:30:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Help Viewer
[2012/08/19 10:18:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0
[2012/08/19 10:17:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2012/08/19 03:42:23 | 000,000,000 | ---D | C] -- C:\Windows.old
[2012/08/19 00:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2012/08/19 00:17:09 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\AppData\Local\Packages
[2012/08/19 00:15:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2012/08/19 00:13:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012/08/18 23:48:29 | 000,000,000 | --SD | C] -- C:\Users\Holger Findling\AppData\Roaming\Microsoft
[2012/08/18 23:48:29 | 000,000,000 | R--D | C] -- C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2012/08/18 23:48:29 | 000,000,000 | R--D | C] -- C:\Users\Holger Findling\Favorites
[2012/08/18 23:48:29 | 000,000,000 | R--D | C] -- C:\Users\Holger Findling\Desktop
[2012/08/18 23:48:29 | 000,000,000 | R--D | C] -- C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/08/18 23:48:29 | 000,000,000 | R--D | C] -- C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\AppData\Local\Temporary Internet Files
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\Templates
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\Start Menu
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\SendTo
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\Recent
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\PrintHood
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\NetHood
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\Documents\My Videos
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\Documents\My Pictures
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\Documents\My Music
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\My Documents
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\Local Settings
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\AppData\Local\History
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\Cookies
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\Application Data
[2012/08/18 23:48:29 | 000,000,000 | -HSD | C] -- C:\Users\Holger Findling\AppData\Local\Application Data
[2012/08/18 23:48:29 | 000,000,000 | -H-D | C] -- C:\Users\Holger Findling\AppData
[2012/08/18 23:48:29 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\AppData\Local\Temp
[2012/08/18 23:48:29 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\AppData\Local\Microsoft
[2012/08/18 23:48:29 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/08/18 23:45:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2012/08/18 23:44:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/08/18 23:39:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2012/08/18 23:39:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2012/08/18 23:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012/08/18 23:39:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\msmq
[2012/08/18 23:39:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012/08/18 23:39:56 | 000,000,000 | ---D | C] -- C:\inetpub
[2012/08/18 23:39:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\BestPractices
[2012/08/18 23:39:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\BestPractices
[2012/08/18 23:36:06 | 001,166,440 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2012/08/18 23:35:58 | 000,035,400 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2012/08/18 23:35:54 | 000,124,032 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2012/08/18 23:35:47 | 000,035,400 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2012/08/18 23:35:43 | 000,102,528 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2012/08/18 23:35:36 | 000,778,856 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2012/08/18 20:14:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2012/08/16 10:31:22 | 000,000,000 | ---D | C] -- C:\Users\Holger Findling\Documents\FlashCard
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\Public\Documents\*.tmp files -> C:\Users\Public\Documents\*.tmp -> ]
[1 C:\Users\Holger Findling\Documents\*.tmp files -> C:\Users\Holger Findling\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/09 22:04:00 | 000,000,948 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2279865801-3783407886-4163468502-1000UA.job
[2012/09/09 21:32:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/09/09 20:19:18 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/09 20:17:34 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RtlNICDiagVistaStart.job
[2012/09/09 20:17:33 | 000,000,506 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2012/09/09 20:17:10 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2012/09/09 20:17:05 | 536,219,647 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/09 20:03:44 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Holger Findling\Desktop\aswMBR.exe
[2012/09/09 19:09:15 | 000,002,050 | ---- | M] () -- C:\Users\Holger Findling\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/09 14:05:58 | 000,001,076 | ---- | M] () -- C:\Users\Holger Findling\Desktop\log.lammps
[2012/09/09 13:47:06 | 012,612,068 | ---- | M] () -- C:\Users\Holger Findling\Desktop\lmp_win_no-mpi.exe
[2012/09/09 13:46:46 | 000,001,471 | ---- | M] () -- C:\Users\Holger Findling\Desktop\example.input
[2012/09/09 02:04:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2279865801-3783407886-4163468502-1000Core.job
[2012/09/08 17:46:49 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2012/09/07 22:14:33 | 000,001,643 | ---- | M] () -- C:\Users\Holger Findling\Desktop\MELISSAFINDLING - Shortcut.lnk
[2012/09/07 21:52:08 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2012/09/06 12:35:45 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt
[2012/09/06 12:15:55 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/06 11:58:28 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Holger Findling\Desktop\dds.com
[2012/09/03 16:46:17 | 001,071,194 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2012/09/03 16:46:17 | 000,877,410 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2012/09/03 16:46:17 | 000,190,754 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2012/09/03 08:06:45 | 000,002,514 | ---- | M] () -- C:\Users\Holger Findling\Desktop\Google Chrome.lnk
[2012/09/02 14:20:21 | 000,000,118 | ---- | M] () -- C:\Users\Holger Findling\webct_upload_applet.properties
[2012/08/28 16:48:11 | 000,428,928 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2012/08/28 10:09:18 | 000,001,445 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012/08/27 19:29:28 | 000,004,896 | ---- | M] () -- C:\Users\Holger Findling\Desktop\fccfull.c
[2012/08/23 23:17:12 | 000,000,365 | ---- | M] () -- C:\Users\Holger Findling\Desktop\inclass.js
[2012/08/23 23:11:28 | 000,000,248 | ---- | M] () -- C:\Users\Holger Findling\Desktop\test.html
[2012/08/23 10:51:16 | 000,000,938 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012/08/22 00:08:27 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
[2012/08/21 05:13:13 | 000,969,200 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2012/08/21 05:13:13 | 000,359,464 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2012/08/21 05:13:13 | 000,059,728 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys
[2012/08/21 05:13:12 | 000,071,600 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2012/08/21 05:13:12 | 000,054,072 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2012/08/21 05:13:11 | 000,025,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys
[2012/08/21 05:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/08/21 05:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysWow64\aswBoot.exe
[2012/08/21 05:12:02 | 000,285,328 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2012/08/19 13:38:24 | 000,800,478 | ---- | M] () -- C:\Users\Holger Findling\Documents\contract.pdf
[2012/08/19 10:41:13 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
[2012/08/19 10:24:18 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/08/19 10:10:44 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2012/08/19 00:16:51 | 000,000,418 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/08/19 00:14:52 | 000,024,768 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2012/08/19 00:14:52 | 000,024,768 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2012/08/19 00:14:23 | 000,022,840 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2012/08/18 23:47:03 | 000,951,150 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/08/18 23:46:12 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2012/08/18 23:44:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2012/08/18 23:40:35 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/08/18 20:22:08 | 000,009,728 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/18 20:22:08 | 000,009,728 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/18 15:48:12 | 000,000,218 | ---- | M] () -- C:\Users\Holger Findling\.recently-used.xbel
[2012/08/18 14:26:46 | 000,000,362 | ---- | M] () -- C:\Users\Holger Findling\.gtk-bookmarks
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\Public\Documents\*.tmp files -> C:\Users\Public\Documents\*.tmp -> ]
[1 C:\Users\Holger Findling\Documents\*.tmp files -> C:\Users\Holger Findling\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/09 13:47:56 | 000,001,076 | ---- | C] () -- C:\Users\Holger Findling\Desktop\log.lammps
[2012/09/09 13:46:46 | 000,001,471 | ---- | C] () -- C:\Users\Holger Findling\Desktop\example.input
[2012/09/09 13:46:19 | 012,612,068 | ---- | C] () -- C:\Users\Holger Findling\Desktop\lmp_win_no-mpi.exe
[2012/09/08 17:46:49 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2012/09/07 23:04:34 | 000,004,896 | ---- | C] () -- C:\Users\Holger Findling\Desktop\fccfull.c
[2012/09/07 23:03:44 | 000,008,936 | ---- | C] () -- C:\Users\Holger Findling\Desktop\gold.c
[2012/09/07 23:03:43 | 000,004,166 | ---- | C] () -- C:\Users\Holger Findling\Desktop\fcc.c
[2012/09/07 22:14:33 | 000,001,643 | ---- | C] () -- C:\Users\Holger Findling\Desktop\MELISSAFINDLING - Shortcut.lnk
[2012/09/06 12:15:55 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/28 16:23:32 | 000,059,232 | ---- | C] () -- C:\WINDOWS\SysWow64\CNC8100W.DAT
[2012/08/28 16:23:32 | 000,016,128 | ---- | C] () -- C:\WINDOWS\SysWow64\CNC174BD.TBL
[2012/08/23 10:51:16 | 000,000,938 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012/08/22 00:08:27 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
[2012/08/21 23:34:58 | 000,000,365 | ---- | C] () -- C:\Users\Holger Findling\Desktop\inclass.js
[2012/08/21 23:22:27 | 000,000,248 | ---- | C] () -- C:\Users\Holger Findling\Desktop\test.html
[2012/08/19 10:41:13 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
[2012/08/19 10:10:44 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2012/08/19 00:18:02 | 000,001,436 | ---- | C] () -- C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/08/18 23:48:35 | 000,024,768 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2012/08/18 23:48:35 | 000,024,768 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2012/08/18 23:48:29 | 000,000,352 | ---- | C] () -- C:\Users\Holger Findling\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/08/18 23:48:29 | 000,000,334 | ---- | C] () -- C:\Users\Holger Findling\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/08/18 23:47:03 | 000,951,150 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/08/18 23:46:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/08/18 23:44:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2012/08/18 23:43:50 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2012/08/18 23:40:13 | 000,000,001 | -HS- | C] () -- C:\BOOTNXT
[2012/08/18 15:48:12 | 000,000,218 | ---- | C] () -- C:\Users\Holger Findling\.recently-used.xbel
[2012/08/18 14:26:46 | 000,000,362 | ---- | C] () -- C:\Users\Holger Findling\.gtk-bookmarks
[2012/08/18 13:04:59 | 000,004,700 | ---- | C] () -- C:\giantlincoln.png
[2012/08/15 12:09:26 | 000,800,478 | ---- | C] () -- C:\Users\Holger Findling\Documents\contract.pdf
[2012/08/03 23:19:51 | 000,107,832 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2012/08/03 23:19:08 | 000,066,872 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2012/08/03 23:19:07 | 002,250,024 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe
[2012/06/03 19:50:33 | 000,000,449 | ---- | C] () -- C:\Users\Holger Findling\.go.cfg
[2012/05/19 05:33:53 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012/05/19 05:33:51 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012/05/19 04:42:15 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/05/18 22:55:09 | 000,093,696 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012/05/18 22:34:38 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012/05/18 18:07:47 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012/05/18 17:59:01 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012/03/13 18:06:13 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/03/13 18:06:12 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/03/13 18:06:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/03/13 18:06:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/03/13 18:06:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/03/09 01:26:20 | 000,054,784 | ---- | C] () -- C:\WINDOWS\SysWow64\OVDecode.dll
[2012/02/29 22:20:38 | 000,000,600 | ---- | C] () -- C:\Users\Holger Findling\AppData\Local\PUTTY.RND
[2012/02/28 23:56:32 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/01/31 07:00:24 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2012/01/29 21:28:17 | 000,000,784 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2012/01/08 11:25:45 | 000,012,576 | -HS- | C] () -- C:\Users\Holger Findling\AppData\Local\21rlns32o731vf3pt2pps63l6o7y62235qcw5347r0od86
[2012/01/08 11:25:45 | 000,012,576 | -HS- | C] () -- C:\ProgramData\21rlns32o731vf3pt2pps63l6o7y62235qcw5347r0od86
[2011/12/22 23:51:38 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/12/18 20:25:19 | 000,010,922 | -HS- | C] () -- C:\Users\Holger Findling\AppData\Local\lhjohf7i0pnb3slf3dkr6l000l3k
[2011/12/18 20:25:19 | 000,010,922 | -HS- | C] () -- C:\ProgramData\lhjohf7i0pnb3slf3dkr6l000l3k
[2011/12/13 22:38:21 | 000,012,636 | -HS- | C] () -- C:\Users\Holger Findling\AppData\Local\757503b3h227k826x088b6lbp6d3
[2011/12/13 22:38:21 | 000,012,636 | -HS- | C] () -- C:\ProgramData\757503b3h227k826x088b6lbp6d3
[2011/12/12 23:32:31 | 000,009,914 | -HS- | C] () -- C:\Users\Holger Findling\AppData\Local\d4qv67k1wy4qcw
[2011/12/12 23:32:31 | 000,009,914 | -HS- | C] () -- C:\ProgramData\d4qv67k1wy4qcw
[2011/10/20 20:00:24 | 000,000,199 | ---- | C] () -- C:\WINDOWS\ris2std.ini
[2011/10/20 19:46:48 | 000,000,606 | ---- | C] () -- C:\WINDOWS\probe.ini
[2011/08/30 23:40:09 | 000,003,828 | ---- | C] () -- C:\WINDOWS\scad3.INI
[2011/06/05 13:37:19 | 000,000,118 | ---- | C] () -- C:\Users\Holger Findling\webct_upload_applet.properties
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\SysWow64\xlive.dll.cat
[2009/11/02 19:02:59 | 000,046,592 | ---- | C] () -- C:\Users\Holger Findling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/25 17:56:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/25 17:55:20 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\system64] -> \systemroot\system32 -> Mount Point

< End of report >


I got an index out of bounds error but I still received this OTL.txt

I don't see an extra.txt

#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,978 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:55 PM

Posted 09 September 2012 - 09:53 PM

Greetings illidari,

I am in the process of reviewing the information you posted but it would assist me if you could tell me what malicious sites you are redirected to and what legitimate start pages you set up yourself.

If you look at the OTL logs under Internet Explorer, Firefox, and Chrome that will give you an idea of what is being reported.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 illidari

illidari
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 09 September 2012 - 10:03 PM

Internet explorer:
fotocommunity.com

Mozilla:
kotaku.com

Chrome:
Just opens to a new tab. No homepage.

I get redirected on the first attempt I click a url on google almost always. I googled bunnies, and clicked a random one and it took me to:

click.gethotresults.com/ads-clicktrack/click/jump2.do?affiliate=46938&sid=zFj1KvYEcnybUDjC2A224tqcKSCMXAOPq1dxkosnnpc%3D&subid=10090&terms=bunnies&rc=0&tr=luJlTe5nj9FGVxaTe2OqWZU2SXe4w62kVEzltfZy8B%252BV6DjhwQDydA%253D%253D&stm=2012-09-09-19-59-
08&isRTVEnabled=false

Which immediately redirected to:
http://63.209.69.107/search/web/bunnies/6678_a10/46938-10090/v5

Now if I backspace and click the link again, I'm fine. It works.

It sometimes goes to a search engine with a butterfly image.

Edited by illidari, 09 September 2012 - 10:06 PM.


#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,978 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:55 PM

Posted 09 September 2012 - 10:06 PM

Greetings illidari,

Perfect, exactly what I needed. I will be calling it a night now but will continue reviewing your information first thing in the morning.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,978 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:55 PM

Posted 10 September 2012 - 12:42 PM

Greetings illidari,

I would like you to perform the following for me please.


===================================================


Run Combofix

--------------------

Combofix is a very powerful tool and special attention must be taken to allow it to work properly. Please pay careful attention to the following instructions.

  • Please download ComboFix from one of these locations:

    BleepingComputer

    ForoSpyware

  • Save Combofix.exe to your Desktop <-- Important!!!
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts. It is important you do not mouseclick while the program is running or it may stall.

    Note #1: Often times it may appear as if ComboFix has stopped working. To verify it is still running please do one of the following below. If, based on the below, you have concluded ComboFix has stopped running please stop and advise me.

    • Check your computer clock. If it is still running then so is ComboFix
    • Open Task Manager and select the Applications Tab. If the status of AutoScan is Running, then ComboFix is running
    • Open Task Manager and select the Processes Tab. Under Image Name look for files ending in .3xe. If there are fluctuating numbers under CPU and Mem Usage then ComboFix is running
    Note #2: If you receive the following error "Illegal operation attempted on a registery key that has been marked for deletion" please just restart your computer to resolve this issue
  • When finished, it will produce a log. Please copy and paste the C:\Combofix.txt log information in your next reply.

===================================================


adwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Search
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Combofix.txt
  • AdwCleaner.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 illidari

illidari
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 10 September 2012 - 04:16 PM

# AdwCleaner v2.001 - Logfile created 09/10/2012 at 17:15:21
# Updated 09/09/2012 by Xplode
# Operating system : Windows 8 Release Preview (64 bits)
# User : Holger Findling - HOLGERFINDLI-PC
# Boot Mode : Normal
# Running from : C:\Users\Holger Findling\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Holger Findling\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Found : C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
File Found : C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\searchplugins\SweetIm.xml
Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Found : C:\Program Files (x86)\splashtop
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\ProgramData\splashtop
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Users\Holger Findling\AppData\Roaming\QuickStoresToolbar
Folder Found : C:\WINDOWS\assembly\GAC_MSIL\QuickStoresToolbar
Folder Found : C:\WINDOWS\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIm
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\Software\SweetIm
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.10.8400.0

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4654 octets] - [10/09/2012 17:15:21]

########## EOF - C:\AdwCleaner[R1].txt - [4714 octets] ##########



combofix doesn't run on windows 8

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,978 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:55 PM

Posted 10 September 2012 - 08:51 PM

Greetings illidari,

Since Windows 8 is so new and it hasn't been officially released we are still doing battle with what works and what doesn't. I guess the good news is you have Windows 8 and the bad news is you have Windows 8 :).

Please perform the following for me.


===================================================


Run OTL Fix

--------------------

  • Double click on the Posted Image icon on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
    IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
    IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll (AOL LLC.)
    IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\SearchScopes,DefaultScope = {105E99FF-8B9A-4492-B155-06194B9056D2}
    IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR&pc=MDDC
    IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = http://www.bing.com/search?FORM=DLCDF7&PC=MDDC&q={searchTerms}&src={referrer:source?}
    IE - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\SearchScopes\{46f7b6a1-df7b-4551-84fd-d66177c32992}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    [2012/04/20 21:46:59 | 000,003,915 | ---- | M] () -- C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\searchplugins\sweetim.xm
    [2012/09/07 08:54:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O3 - HKU\S-1-5-21-2279865801-3783407886-4163468502-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" File not found
    O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O30 - LSA: Security Packages - (livessp) - File not found
    [2012/01/08 11:25:45 | 000,012,576 | -HS- | C] () -- C:\Users\Holger Findling\AppData\Local\21rlns32o731vf3pt2pps63l6o7y62235qcw5347r0od86
    [2012/01/08 11:25:45 | 000,012,576 | -HS- | C] () -- C:\ProgramData\21rlns32o731vf3pt2pps63l6o7y62235qcw5347r0od86
    [2011/12/18 20:25:19 | 000,010,922 | -HS- | C] () -- C:\Users\Holger Findling\AppData\Local\lhjohf7i0pnb3slf3dkr6l000l3k
    [2011/12/18 20:25:19 | 000,010,922 | -HS- | C] () -- C:\ProgramData\lhjohf7i0pnb3slf3dkr6l000l3k
    [2011/12/13 22:38:21 | 000,012,636 | -HS- | C] () -- C:\Users\Holger Findling\AppData\Local\757503b3h227k826x088b6lbp6d3
    [2011/12/13 22:38:21 | 000,012,636 | -HS- | C] () -- C:\ProgramData\757503b3h227k826x088b6lbp6d3
    [2011/12/12 23:32:31 | 000,009,914 | -HS- | C] () -- C:\Users\Holger Findling\AppData\Local\d4qv67k1wy4qcw
    [2011/12/12 23:32:31 | 000,009,914 | -HS- | C] () -- C:\ProgramData\d4qv67k1wy4qcw
    [C:\WINDOWS\system64] -> \systemroot\system32 -> Mount Point
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.

===================================================


adwCleaner by Xplode - Delete Adware

-------------------

  • Close all open programs and internet browser
  • Double click on adwcleaner.exe
  • Click on Delete
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[S1].txt
  • Check to see if you are still receiving redirects

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • OTL log
  • AdwCleaner log
  • How is your computer running?

Edited by Oh My, 10 September 2012 - 08:51 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 illidari

illidari
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 10 September 2012 - 09:48 PM

========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{03402f96-3dc7-4285-bc50-9e81fefafe43} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03402f96-3dc7-4285-bc50-9e81fefafe43}\ deleted successfully.
C:\Program Files (x86)\AIM Toolbar\aimtb.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}\ not found.
Registry value HKEY_USERS\S-1-5-21-2279865801-3783407886-4163468502-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{03402f96-3dc7-4285-bc50-9e81fefafe43} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03402f96-3dc7-4285-bc50-9e81fefafe43}\ not found.
File C:\Program Files (x86)\AIM Toolbar\aimtb.dll not found.
HKEY_USERS\S-1-5-21-2279865801-3783407886-4163468502-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2279865801-3783407886-4163468502-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2279865801-3783407886-4163468502-1000\Software\Microsoft\Internet Explorer\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{105E99FF-8B9A-4492-B155-06194B9056D2}\ not found.
Registry key HKEY_USERS\S-1-5-21-2279865801-3783407886-4163468502-1000\Software\Microsoft\Internet Explorer\SearchScopes\{46f7b6a1-df7b-4551-84fd-d66177c32992}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46f7b6a1-df7b-4551-84fd-d66177c32992}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
File C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\searchplugins\sweetim.xm not found.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-2279865801-3783407886-4163468502-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UnlockerAssistant deleted successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk moved successfully.
File move failed. C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk scheduled to be moved on reboot.
C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk moved successfully.
C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk moved successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\CONFLICT.2\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages:livessp deleted successfully.
C:\Users\Holger Findling\AppData\Local\21rlns32o731vf3pt2pps63l6o7y62235qcw5347r0od86 moved successfully.
C:\ProgramData\21rlns32o731vf3pt2pps63l6o7y62235qcw5347r0od86 moved successfully.
C:\Users\Holger Findling\AppData\Local\lhjohf7i0pnb3slf3dkr6l000l3k moved successfully.
C:\ProgramData\lhjohf7i0pnb3slf3dkr6l000l3k moved successfully.
C:\Users\Holger Findling\AppData\Local\757503b3h227k826x088b6lbp6d3 moved successfully.
C:\ProgramData\757503b3h227k826x088b6lbp6d3 moved successfully.
C:\Users\Holger Findling\AppData\Local\d4qv67k1wy4qcw moved successfully.
C:\ProgramData\d4qv67k1wy4qcw moved successfully.
Mount Point C:\Windows\system64 removed successfully!

OTL by OldTimer - Version 3.2.61.3 log created on 09102012_224058

Files\Folders moved on Reboot...
File\Folder C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...







# AdwCleaner v2.001 - Logfile created 09/10/2012 at 22:49:10
# Updated 09/09/2012 by Xplode
# Operating system : Windows 8 Release Preview (64 bits)
# User : Holger Findling - HOLGERFINDLI-PC
# Boot Mode : Normal
# Running from : C:\Users\Holger Findling\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Holger Findling\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
File Deleted : C:\Users\Holger Findling\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
File Deleted : C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\searchplugins\SweetIm.xml
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Deleted : C:\Program Files (x86)\splashtop
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\ProgramData\splashtop
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Holger Findling\AppData\Roaming\QuickStoresToolbar
Folder Deleted : C:\WINDOWS\assembly\GAC_MSIL\QuickStoresToolbar
Folder Deleted : C:\WINDOWS\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.10.8400.0

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Holger Findling\AppData\Roaming\Mozilla\Firefox\Profiles\pqjqw6by.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Holger Findling\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4773 octets] - [10/09/2012 17:15:21]
AdwCleaner[S1].txt - [5419 octets] - [10/09/2012 22:49:10]

########## EOF - C:\AdwCleaner[S1].txt - [5479 octets] ##########


Still redirecting.

Edited by illidari, 10 September 2012 - 09:53 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users