Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox running extrememly slow


  • This topic is locked This topic is locked
5 replies to this topic

#1 durangodoug

durangodoug

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 11 October 2012 - 01:19 PM

Hello and sorry about not replying on the last post. I ended up reformatting the PC. But on this 2nd pc I'm having a problem with firefox going very slow and locking up, sitting for 10-25 seconds and then working again.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Christine at 14:16:26 on 2012-10-11
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3838.1586 [GMT -4:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agr64svc.exe
C:\Windows\SysWOW64\atashost.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\bin32\nSvcAppFlt.exe
C:\Program Files\bin32\nSvcIp.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSLoader.exe
C:\Windows\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WkCalRem.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Christine\Downloads\Defogger.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://isearch.avg.com/?cid={60DA677F-6AA6-41E9-ABFB-38C68375F9FB}&mid=dc2d37d039f947d68025d15f953b52ec-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=st011&pr=sa&d=2012-06-21 20:09:12&v=11.1.0.7&sap=hp
mStart Page = hxxp://en.us.acer.yahoo.com
mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
BHO: WeCareReminder Class: {d824f0de-3d60-4f57-9eb1-66033ecd8abb} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [PCMMediaSharing] "C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe"
mRun: [BkupTray] "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
mRun: [Acer Product Registration] "C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe" /startup
mRun: [Acer Assist Launcher] "C:\Program Files (x86)\Acer\Acer Assist\launcher.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [BYR_AGENT] C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
mRun: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
StartupFolder: C:\Users\CHRIST~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WKCALREM.LNK - C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WkCalRem.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
TCP: Interfaces\{6BE617DC-40AB-4795-8D2F-9C11C3691535} : NameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
BHO-X64: uTorrentBar - No File
BHO-X64: WeCareReminder Class: {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll
BHO-X64: WeCareReminder - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTo0.dll
mRun-x64: [PCMMediaSharing] "C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe"
mRun-x64: [BkupTray] "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
mRun-x64: [Acer Product Registration] "C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe" /startup
mRun-x64: [Acer Assist Launcher] "C:\Program Files (x86)\Acer\Acer Assist\launcher.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [BYR_AGENT] C:\ProgramData\LGMOBILEAX\BYR_Client\VZWNotiAgent.exe
mRun-x64: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\gwvkn3ov.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Baaf04730-5f5a-4255-829f-b3bf0548b1bd%7D&mid=dc2d37d039f947d68025d15f953b52ec-06ce4fc639803a2e3563922518183d8e94088cb9&ds=st011&v=11.1.0.7&lang=en&pr=sa&d=2012-06-21%2020%3A09%3A12&sap=ku&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\gwvkn3ov.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
.
============= SERVICES / DRIVERS ===============
.
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-4-30 269448]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 atashost;WebEx Service Host for Support Center;C:\Windows\SysWOW64\atashost.exe [2010-2-8 20376]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-3-3 16384]
R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-4-30 24576]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-5 399432]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-26 676936]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-4-7 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-4-4 131072]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe [2009-5-8 24652]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 netr28ux;Linksys USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-14 250808]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-25 114144]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-11 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-10-10 23:03:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-10 23:03:38 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-10 23:03:34 218624 ----a-w- C:\Windows\System32\wintrust.dll
2012-10-10 23:03:34 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-10-10 23:03:33 985088 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-10 23:03:33 1268736 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-10 23:03:32 98304 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-10 23:03:32 174592 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-10 23:03:32 133120 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-10 23:03:32 132096 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-10 23:03:30 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-10-09 10:38:12 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5F2D8729-DD91-422D-B148-04813853249F}\mpengine.dll
2012-10-06 00:19:32 900608 ----a-w- C:\Windows\System32\drivers\netr28ux.sys
2012-10-05 02:09:09 -------- d-----w- C:\Windows\System32\RaLanguages
2012-10-05 01:30:27 9308616 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2012-10-05 00:51:44 -------- d-----w- C:\Users\Christine\AppData\Local\Seven Zip
2012-10-05 00:50:25 -------- d-----w- C:\ProgramData\GFI Software
2012-10-05 00:41:18 -------- d-----w- C:\Users\Christine\AppData\Local\temp
2012-10-05 00:35:58 -------- d-sh--w- C:\$RECYCLE.BIN
2012-10-05 00:08:41 518144 ----a-w- C:\Windows\SWREG.exe
2012-10-05 00:08:41 256000 ----a-w- C:\Windows\PEV.exe
2012-10-05 00:08:41 208896 ----a-w- C:\Windows\MBR.exe
2012-10-05 00:08:40 98816 ----a-w- C:\Windows\sed.exe
2012-09-14 22:43:01 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
.
==================== Find3M ====================
.
2012-10-08 20:43:09 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-08 20:43:09 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-07 21:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 14:17:07.89 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:36 AM

Posted 13 October 2012 - 10:57 AM

Hello durangodoug :)

  • I will be helping with your computer problems.
  • From this point on, it is very important that you refrain from doing anything else to your computer other than what I have requested of you.
  • I do not mind if you browse the web, do basic tasks, or even test to see if the problem(s) you are experiencing are still occurring with the computer while we are working together, but do not run any tools/fixes unless I or another helper from this thread has asked you to do so.
  • Remember that you came here for help, so allow us to help you :)
  • If something does not run, make a detailed note of what problems you encountered along the way (exact error messages are preferred), but continue onto the next steps until you reach the end of my post.
  • Always do the steps they are listed in (left to right, top to bottom).
  • I prefer that you complete all the steps while you are in Normal Mode. However, I understand that sometimes this is not possible. If you are unsuccessful in getting a tool/fix to run from Normal Mode, but Safe Mode works, then use Safe Mode.
  • If you have a question about something, do not hesitate to ask.

Let's begin:

  • Please download and install CCleaner Slim
  • Open CCleaner and click the Options button
  • Now choose Advanced
  • Uncheck everything here except for Skip User Account Control warning
  • Now click the Cleaner button and press the Run Cleaner button at the bottom right of the program.
  • If this is your first time running this program, a prompt may appear asking for confirmation to delete temporary files. Go ahead and proceed.

__

Posted Image From Programs and Features (via Control Panel), please uninstall the below:
  • Ad-Aware Browsing Protection
  • Coupon Printer for Windows
  • Java™ 6 Update 31
  • Viewpoint Media Player

__

Posted Image Please download RogueKiller to your desktop.
  • Now rename RogueKiller.exe to winlogon.exe
  • Double-click winlogon.exe to run. Right-click winlogon.exe and select "Run as administrator"
  • When it opens, press the Scan button
  • When the scan is finished, press the Delete button.
  • Post the contents of the latest numbered RKReport in your next message.

__

Posted Image Please download and run TDSSKiller
  • VERY IMPORTANT: In the event that threats are detected, allow TDSSKiller to perform the default action by simply pressing the Continue button.
  • Do NOT change the default action on your own unless instructed by a malware helper! Doing so may render your computer unbootable.
  • If threats were detected, TDSSKiller will require a reboot in order to attempt to clean the system.
  • After the scan is complete, you can find the TDSSKiller log at the root of your C: drive.
    • Example: C:\TDSSKiller.2.8.10.0_29.09.2012_00.22.50_log.txt
  • Post the contents of this log in your next message.

__


Posted Image Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

__

Posted Image Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Very important that you run the tool in this manner:
    Right-mouse click JRT.exe and select Run as administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt in your next message.

__

Posted Image Please download OTL.

  • Save it to your desktop.
  • Right mouse click on the OTL icon on your desktop and select Run as Administrator
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Change the setting of "Drivers" and "Services" to "All"
  • Copy the text in the code box below and paste it into the Posted Image text-field.
    activex
    netsvcs
    %windir%\system32\drivers\*.sys /lockedfiles
    
  • Now click the Posted Image button.
  • Two reports will be created:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Paste the contents of OTL.txt here for me to review but attach Extras.txt


#3 durangodoug

durangodoug
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:36 AM

Posted 13 October 2012 - 06:37 PM

Got all the logs and everything ran, pasted and attached and whatnot. Thanks!

OTL logfile created on: 10/13/2012 6:47:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christine\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 54.96% Memory free
7.70 Gb Paging File | 5.72 Gb Available in Paging File | 74.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 139.79 Gb Total Space | 6.57 Gb Free Space | 4.70% Space Free | Partition Type: NTFS
Drive D: | 139.80 Gb Total Space | 135.66 Gb Free Space | 97.04% Space Free | Partition Type: NTFS
Drive E: | 117.94 Mb Total Space | 90.95 Mb Free Space | 77.11% Space Free | Partition Type: UDF

Computer Name: CHRISTINE-PC | User Name: Christine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/13 18:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christine\Downloads\OTL.exe
PRC - [2012/09/14 18:43:00 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/03/05 11:32:28 | 001,135,912 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/01/15 08:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2008/03/05 02:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/03/05 02:38:30 | 000,454,704 | ---- | M] (Egis inc.) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
PRC - [2008/01/25 21:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/08 16:43:09 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012/09/14 18:42:59 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010/03/05 11:32:36 | 000,095,528 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010/03/05 11:32:28 | 001,135,912 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2008/04/04 06:00:54 | 000,002,560 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll


========== Services (All) ==========

SRV:64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2012/06/01 20:20:42 | 000,174,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2011/11/16 12:43:13 | 000,442,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:64bit: - [2011/11/16 10:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2011/11/16 10:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2011/11/16 10:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:64bit: - [2011/11/16 10:34:41 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2011/03/02 12:12:21 | 000,117,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2011/02/22 09:53:27 | 001,149,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2010/11/06 07:18:13 | 000,855,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/09/06 14:28:38 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/08/17 10:54:20 | 000,273,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2010/02/18 09:49:59 | 000,225,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2009/10/09 17:36:09 | 002,050,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2009/10/09 17:34:39 | 000,232,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2009/09/30 20:51:40 | 000,107,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2009/07/11 15:11:20 | 000,615,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/07/10 07:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (Themes)
SRV:64bit: - [2009/07/10 07:51:23 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2009/06/10 07:53:17 | 000,203,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2009/04/11 03:11:31 | 000,074,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2009/04/11 03:11:29 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2009/04/11 03:11:28 | 001,491,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (Eventlog)
SRV:64bit: - [2009/04/11 03:11:28 | 000,581,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2009/04/11 03:11:28 | 000,572,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2009/04/11 03:11:28 | 000,218,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\webclnt.dll -- (WebClient)
SRV:64bit: - [2009/04/11 03:11:27 | 000,372,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2009/04/11 03:11:27 | 000,313,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2009/04/11 03:11:27 | 000,032,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:64bit: - [2009/04/11 03:11:26 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2009/04/11 03:11:26 | 000,547,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2009/04/11 03:11:26 | 000,480,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/04/11 03:11:26 | 000,318,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/04/11 03:11:24 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SLUINotify.dll -- (SLUINotify)
SRV:64bit: - [2009/04/11 03:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2009/04/11 03:11:23 | 000,719,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2009/04/11 03:11:23 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009/04/11 03:11:23 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2009/04/11 03:11:22 | 001,081,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2009/04/11 03:11:22 | 000,409,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qagentRT.dll -- (napagent)
SRV:64bit: - [2009/04/11 03:11:22 | 000,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2009/04/11 03:11:22 | 000,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2009/04/11 03:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/04/11 03:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/04/11 03:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2009/04/11 03:11:20 | 000,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/04/11 03:11:15 | 000,719,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2009/04/11 03:11:15 | 000,603,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mpssvc.dll -- (MpsSvc)
SRV:64bit: - [2009/04/11 03:11:15 | 000,533,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipsecsvc.dll -- (PolicyAgent)
SRV:64bit: - [2009/04/11 03:11:15 | 000,454,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ikeext.dll -- (IKEEXT)
SRV:64bit: - [2009/04/11 03:11:15 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/04/11 03:11:14 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\emdmgmt.dll -- (EMDMgmt)
SRV:64bit: - [2009/04/11 03:11:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2009/04/11 03:11:14 | 000,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcsvc.dll -- (Dhcp)
SRV:64bit: - [2009/04/11 03:11:14 | 000,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/04/11 03:11:13 | 000,458,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bfe.dll -- (BFE)
SRV:64bit: - [2009/04/11 03:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2009/04/11 03:11:13 | 000,446,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2009/04/11 03:11:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2009/04/11 03:11:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2009/04/11 03:11:10 | 000,209,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2009/04/11 03:11:03 | 001,433,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vssvc.exe -- (VSS)
SRV:64bit: - [2009/04/11 03:11:00 | 000,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2009/04/11 03:10:50 | 000,597,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2009/04/11 03:10:35 | 002,582,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SLsvc.exe -- (slsvc)
SRV:64bit: - [2009/04/11 03:10:29 | 000,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/04/11 03:10:08 | 003,433,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DFSR.exe -- (DFSR)
SRV:64bit: - [2008/07/18 14:15:18 | 000,089,600 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\HPZipm12.dll -- (Pml Driver HPZ12)
SRV:64bit: - [2008/07/18 14:15:16 | 000,071,680 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\HPZinw12.dll -- (Net Driver HPZ12)
SRV:64bit: - [2008/04/25 16:30:26 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/04/21 20:49:00 | 000,161,792 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\SysNative\nvvsvc.exe -- (nvsvc)
SRV:64bit: - [2008/01/29 15:25:30 | 000,920,064 | ---- | M] () [Auto | Running] -- C:\Program Files\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV:64bit: - [2008/01/29 15:24:52 | 000,193,024 | ---- | M] () [Auto | Running] -- C:\Program Files\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2008/01/20 22:52:15 | 001,216,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2008/01/20 22:52:00 | 000,173,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:64bit: - [2008/01/20 22:51:33 | 000,067,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2008/01/20 22:51:19 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2008/01/20 22:51:16 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2008/01/20 22:51:03 | 000,117,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2008/01/20 22:51:01 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2008/01/20 22:50:59 | 001,373,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2008/01/20 22:50:34 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2008/01/20 22:50:27 | 000,206,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2008/01/20 22:50:17 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2008/01/20 22:50:14 | 000,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2008/01/20 22:50:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2008/01/20 22:50:06 | 000,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2008/01/20 22:49:59 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sessenv.dll -- (SessionEnv)
SRV:64bit: - [2008/01/20 22:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:64bit: - [2008/01/20 22:49:56 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2008/01/20 22:49:46 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2008/01/20 22:49:42 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2008/01/20 22:49:33 | 000,061,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sens.dll -- (SENS)
SRV:64bit: - [2008/01/20 22:49:15 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2008/01/20 22:49:15 | 000,081,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2008/01/20 22:49:11 | 000,103,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2008/01/20 22:49:09 | 000,139,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2008/01/20 22:49:09 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2008/01/20 22:49:04 | 000,086,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\kmsvc.dll -- (hkmsvc)
SRV:64bit: - [2008/01/20 22:49:02 | 000,120,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WerSvc.dll -- (WerSvc)
SRV:64bit: - [2008/01/20 22:49:02 | 000,065,536 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:64bit: - [2008/01/20 22:48:40 | 000,304,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:64bit: - [2008/01/20 22:48:29 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2008/01/20 22:48:26 | 000,088,064 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2008/01/20 22:48:24 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2008/01/20 22:48:21 | 000,093,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipbusenum.dll -- (IPBusEnum)
SRV:64bit: - [2008/01/20 22:48:19 | 000,395,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2008/01/20 22:48:19 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2008/01/20 22:48:17 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2008/01/20 22:48:16 | 000,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2008/01/20 22:48:10 | 000,348,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2008/01/20 22:48:03 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2008/01/20 22:47:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/01/20 22:47:30 | 000,284,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2008/01/20 22:47:28 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SDRSVC.dll -- (SDRSVC)
SRV:64bit: - [2007/12/10 23:11:00 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2006/11/02 11:03:19 | 000,084,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2006/11/02 07:19:10 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2006/11/02 07:19:10 | 000,039,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2006/11/02 07:17:22 | 000,033,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\fdrespub.dll -- (FDResPub)
SRV:64bit: - [2006/11/02 07:16:28 | 000,026,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2006/11/02 07:16:12 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2006/11/02 07:15:56 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\locator.exe -- (RpcLocator)
SRV:64bit: - [2006/11/02 07:15:49 | 000,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV - [2012/10/08 16:43:09 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/14 18:43:00 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/01 20:02:32 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2011/11/16 12:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/03/18 14:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/09 17:56:18 | 001,181,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2009/07/10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (Themes)
SRV - [2009/07/10 07:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/05/21 20:21:18 | 000,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/05/10 16:21:19 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/04/11 03:10:58 | 000,042,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009/04/11 02:28:25 | 000,413,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2009/04/11 02:28:25 | 000,199,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2009/04/11 02:28:25 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009/04/11 02:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2009/04/11 02:28:24 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SCardSvr.dll -- (SCardSvr)
SRV - [2009/04/11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPsvc)
SRV - [2009/04/11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPAutoReg)
SRV - [2009/04/11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2psvc)
SRV - [2009/04/11 02:28:23 | 000,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2pimsvc)
SRV - [2009/04/11 02:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009/04/11 02:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009/04/11 02:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/11 02:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2009/04/11 02:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/30 00:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2009/02/18 14:40:04 | 000,042,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 14:39:11 | 000,857,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/10/16 20:31:12 | 000,906,752 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2008/10/16 20:24:24 | 000,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/04/07 01:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/04 06:03:14 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/05 02:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/03/03 16:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008/01/25 21:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008/01/20 22:51:36 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008/01/20 22:51:36 | 000,153,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2008/01/20 22:51:00 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2008/01/20 22:50:38 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2008/01/20 22:50:07 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2008/01/20 22:50:01 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2008/01/20 22:50:01 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2008/01/20 22:49:21 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2008/01/20 22:49:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/20 22:48:26 | 000,259,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2008/01/20 22:48:23 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2008/01/20 22:47:35 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/01/17 14:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/11/02 11:03:48 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 05:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006/11/02 05:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2006/10/27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/07/19 14:36:58 | 000,262,247 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe -- (RichVideo)


========== Driver Services (All) ==========

DRV:64bit: - [2012/06/04 11:29:59 | 000,516,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2012/05/31 00:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/05/01 10:29:44 | 000,209,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2012/03/30 08:45:03 | 001,423,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tcpip.sys -- (Tcpip6)
DRV:64bit: - [2012/03/30 08:45:03 | 001,423,744 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2012/03/20 19:34:30 | 000,072,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/03 10:25:21 | 000,404,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2011/07/06 11:49:23 | 000,275,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2011/04/29 09:41:02 | 000,176,128 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv2.sys -- (srv2)
DRV:64bit: - [2011/04/29 09:40:56 | 000,145,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srvnet.sys -- (srvnet)
DRV:64bit: - [2011/04/29 09:39:34 | 000,135,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2011/04/29 09:39:31 | 000,107,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2011/04/14 11:14:19 | 000,097,792 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2011/02/18 10:18:15 | 000,450,560 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\srv.sys -- (srv)
DRV:64bit: - [2011/02/18 10:16:16 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bowser.sys -- (bowser)
DRV:64bit: - [2011/02/14 02:42:00 | 000,034,816 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2011/02/14 02:42:00 | 000,028,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2011/02/14 02:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2011/01/20 12:46:10 | 000,900,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2010/02/20 17:30:08 | 000,620,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HTTP.sys -- (HTTP)
DRV:64bit: - [2010/02/18 07:59:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunnel.sys -- (tunnel)
DRV:64bit: - [2009/12/08 13:55:32 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/02 19:56:28 | 000,900,608 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/15 15:05:18 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009/04/11 03:15:53 | 000,067,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2009/04/11 03:15:53 | 000,062,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\termdd.sys -- (TermDD)
DRV:64bit: - [2009/04/11 03:15:52 | 000,408,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2009/04/11 03:15:45 | 000,269,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2009/04/11 03:15:36 | 000,019,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009/04/11 03:15:34 | 001,515,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2009/04/11 03:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2009/04/11 03:15:33 | 000,361,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\CLFS.sys -- (CLFS)
DRV:64bit: - [2009/04/11 03:15:32 | 000,325,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2009/04/11 03:15:32 | 000,310,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2009/04/11 03:15:32 | 000,275,432 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltmgr.sys -- (FltMgr)
DRV:64bit: - [2009/04/11 03:15:31 | 000,215,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2009/04/11 03:15:31 | 000,178,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2009/04/11 03:15:30 | 000,155,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ecache.sys -- (Ecache)
DRV:64bit: - [2009/04/11 03:15:25 | 000,067,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (disk)
DRV:64bit: - [2009/04/11 03:15:24 | 000,059,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/04/11 03:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009/04/11 03:14:59 | 000,014,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009/04/11 01:43:46 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rassstp.sys -- (RasSstp)
DRV:64bit: - [2009/04/11 01:43:40 | 000,169,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2009/04/11 01:43:39 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspptp.sys -- (PptpMiniport)
DRV:64bit: - [2009/04/11 01:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2009/04/11 01:43:39 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarp)
DRV:64bit: - [2009/04/11 01:43:38 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rasl2tp.sys -- (Rasl2tp)
DRV:64bit: - [2009/04/11 01:43:33 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/04/11 01:43:27 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2009/04/11 01:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/04/11 01:43:00 | 000,094,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tdx.sys -- (tdx)
DRV:64bit: - [2009/04/11 01:42:56 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\pacer.sys -- (PSched)
DRV:64bit: - [2009/04/11 01:42:33 | 000,248,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\netbt.sys -- (netbt)
DRV:64bit: - [2009/04/11 01:42:19 | 000,088,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\smb.sys -- (Smb)
DRV:64bit: - [2009/04/11 01:40:20 | 000,187,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/04/11 01:39:52 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbhub.sys -- (usbhub)
DRV:64bit: - [2009/04/11 01:39:49 | 000,072,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ohci1394.sys -- (ohci1394)
DRV:64bit: - [2009/04/11 01:39:41 | 000,948,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HDAudBus.sys -- (HDAudBus)
DRV:64bit: - [2009/04/11 01:39:38 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2009/04/11 01:39:36 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbehci.sys -- (usbehci)
DRV:64bit: - [2009/04/11 01:39:36 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbohci.sys -- (usbohci)
DRV:64bit: - [2009/04/11 01:39:34 | 000,098,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio)
DRV:64bit: - [2009/04/11 01:39:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hidusb.sys -- (HidUsb)
DRV:64bit: - [2009/04/11 01:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\cdrom.sys -- (cdrom)
DRV:64bit: - [2009/04/11 01:33:40 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\DRIVERS\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2009/04/11 00:55:42 | 000,139,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2009/04/11 00:55:24 | 000,287,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\rdbss.sys -- (rdbss)
DRV:64bit: - [2009/04/11 00:54:22 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009/04/11 00:54:21 | 000,299,008 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\DRIVERS\udfs.sys -- (udfs)
DRV:64bit: - [2009/04/11 00:54:11 | 000,187,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009/04/11 00:54:10 | 000,198,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xusb21.sys -- (xusb21)
DRV:64bit: - [2008/04/21 20:49:00 | 009,556,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nvlddmkm.sys -- (nvlddmkm)
DRV:64bit: - [2008/04/21 20:49:00 | 000,054,816 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/03/26 06:36:28 | 001,417,240 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTKVHD64.sys -- (IntcAzAudAddService)
DRV:64bit: - [2008/03/05 02:39:22 | 000,060,976 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys -- (psdvdisk)
DRV:64bit: - [2008/03/05 02:39:22 | 000,021,040 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys -- (PSDNServ)
DRV:64bit: - [2008/03/05 02:39:20 | 000,022,064 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV:64bit: - [2008/03/05 02:22:00 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/30 20:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/01/30 20:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/01/29 01:54:58 | 001,486,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nvmfdx64.sys -- (NVENETFD)
DRV:64bit: - [2008/01/25 08:02:10 | 000,163,872 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\nvstor64.sys -- (nvstor64)
DRV:64bit: - [2008/01/20 22:51:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2008/01/20 22:51:14 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2008/01/20 22:51:07 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2008/01/20 22:51:01 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2008/01/20 22:50:59 | 000,070,200 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2008/01/20 22:50:45 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2008/01/20 22:50:39 | 000,881,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2008/01/20 22:50:39 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\DRIVERS\cdfs.sys -- (cdfs)
DRV:64bit: - [2008/01/20 22:50:39 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2008/01/20 22:50:35 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\umpass.sys -- (UMPass)
DRV:64bit: - [2008/01/20 22:50:25 | 000,070,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (MountMgr)
DRV:64bit: - [2008/01/20 22:50:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2008/01/20 22:50:09 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2008/01/20 22:50:04 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2008/01/20 22:49:58 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2008/01/20 22:49:52 | 000,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV:64bit: - [2008/01/20 22:49:52 | 000,007,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSTEE.sys -- (MSTEE)
DRV:64bit: - [2008/01/20 22:49:51 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2008/01/20 22:49:48 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rdpencdd.sys -- (RDPENCDD)
DRV:64bit: - [2008/01/20 22:49:42 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2008/01/20 22:49:42 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2008/01/20 22:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2008/01/20 22:49:16 | 000,109,568 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2008/01/20 22:49:15 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rspndr.sys -- (rspndr)
DRV:64bit: - [2008/01/20 22:49:15 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lltdio.sys -- (lltdio)
DRV:64bit: - [2008/01/20 22:49:00 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2008/01/20 22:48:45 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipnat.sys -- (IPNAT)
DRV:64bit: - [2008/01/20 22:48:45 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2008/01/20 22:48:45 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2008/01/20 22:48:45 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunmp.sys -- (tunmp)
DRV:64bit: - [2008/01/20 22:48:28 | 000,033,280 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2008/01/20 22:48:27 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\netbios.sys -- (NetBIOS)
DRV:64bit: - [2008/01/20 22:48:24 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rasacd.sys -- (RasAcd)
DRV:64bit: - [2008/01/20 22:47:30 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2008/01/20 22:47:28 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ipmidrv.sys -- (IPMIDRV)
DRV:64bit: - [2008/01/20 22:47:28 | 000,035,896 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\i2omp.sys -- (i2omp)
DRV:64bit: - [2008/01/20 22:47:27 | 000,903,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xnacc.sys -- (xnacc)
DRV:64bit: - [2008/01/20 22:47:27 | 000,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2008/01/20 22:47:27 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2008/01/20 22:47:27 | 000,042,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2008/01/20 22:47:27 | 000,024,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2008/01/20 22:47:26 | 000,128,056 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2008/01/20 22:47:26 | 000,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2008/01/20 22:47:25 | 000,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2008/01/20 22:47:25 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbscan.sys -- (usbscan)
DRV:64bit: - [2008/01/20 22:47:25 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\fdc.sys -- (fdc)
DRV:64bit: - [2008/01/20 22:47:25 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2008/01/20 22:47:04 | 000,113,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2008/01/20 22:47:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2008/01/20 22:47:03 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2008/01/20 22:47:01 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2008/01/20 22:47:01 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2008/01/20 22:47:01 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Dot4Prt.sys -- (Dot4Print)
DRV:64bit: - [2008/01/20 22:47:00 | 000,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2008/01/20 22:47:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\monitor.sys -- (monitor)
DRV:64bit: - [2008/01/20 22:47:00 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vgapnp.sys -- (vga)
DRV:64bit: - [2008/01/20 22:47:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2008/01/20 22:47:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2008/01/20 22:47:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2008/01/20 22:46:59 | 000,397,368 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2008/01/20 22:46:59 | 000,290,872 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastorv.sys -- (iaStorV)
DRV:64bit: - [2008/01/20 22:46:59 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gagp30kx.sys -- (gagp30kx)
DRV:64bit: - [2008/01/20 22:46:59 | 000,067,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uagp35.sys -- (uagp35)
DRV:64bit: - [2008/01/20 22:46:59 | 000,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hpcisss.sys -- (HpCISSs)
DRV:64bit: - [2008/01/20 22:46:59 | 000,039,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mouclass.sys -- (mouclass)
DRV:64bit: - [2008/01/20 22:46:59 | 000,035,896 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2008/01/20 22:46:59 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2008/01/20 22:46:59 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbprint.sys -- (usbprint)
DRV:64bit: - [2008/01/20 22:46:59 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\mouhid.sys -- (mouhid)
DRV:64bit: - [2008/01/20 22:46:56 | 000,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\megasr.sys -- (MegaSR)
DRV:64bit: - [2008/01/20 22:46:56 | 000,284,728 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\uliahci.sys -- (uliahci)
DRV:64bit: - [2008/01/20 22:46:56 | 000,146,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\E1G6032E.sys -- (E1G60)
DRV:64bit: - [2008/01/20 22:46:56 | 000,105,016 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2008/01/20 22:46:56 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2008/01/20 22:46:55 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2008/01/20 22:46:54 | 000,342,584 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2008/01/20 22:46:54 | 000,128,056 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2008/01/20 22:46:54 | 000,126,520 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpu160m.sys -- (adpu160m)
DRV:64bit: - [2008/01/20 22:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2008/01/20 22:46:54 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\umbus.sys -- (umbus)
DRV:64bit: - [2008/01/20 22:46:53 | 000,486,456 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2008/01/20 22:46:52 | 001,221,176 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2008/01/20 22:46:52 | 000,174,696 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ulsata2.sys -- (ulsata2)
DRV:64bit: - [2008/01/20 22:46:52 | 000,145,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Dot4.sys -- (Dot4)
DRV:64bit: - [2008/01/20 22:46:52 | 000,090,680 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2008/01/20 22:46:52 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\dot4usb.sys -- (dot4usb)
DRV:64bit: - [2008/01/20 22:46:52 | 000,027,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2008/01/20 22:46:51 | 000,314,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (rdpdr)
DRV:64bit: - [2008/01/20 22:46:51 | 000,126,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nv_agp.sys -- (nv_agp)
DRV:64bit: - [2008/01/20 22:46:51 | 000,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2008/01/20 22:46:51 | 000,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uliagpkx.sys -- (uliagpkx)
DRV:64bit: - [2008/01/20 22:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agp440.sys -- (agp440)
DRV:64bit: - [2008/01/20 22:46:51 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\amdk8.sys -- (AmdK8)
DRV:64bit: - [2008/01/20 22:46:51 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\intelppm.sys -- (intelppm)
DRV:64bit: - [2008/01/20 22:46:51 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2008/01/20 22:46:51 | 000,034,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2008/01/20 22:46:51 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2008/01/20 22:46:51 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2008/01/20 22:46:51 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2008/01/20 22:46:50 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2008/01/20 22:46:50 | 000,023,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:64bit: - [2008/01/20 22:46:50 | 000,019,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2008/01/20 22:46:50 | 000,018,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2008/01/20 22:46:50 | 000,018,024 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2008/01/20 22:46:50 | 000,015,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2008/01/20 22:46:50 | 000,015,976 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2008/01/20 22:46:50 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2008/01/20 22:46:50 | 000,013,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\swenum.sys -- (swenum)
DRV:64bit: - [2008/01/20 22:46:50 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2007/10/12 04:53:56 | 000,024,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nvsmu.sys -- (nvsmu)
DRV:64bit: - [2006/11/02 08:03:03 | 000,051,816 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2006/11/02 08:02:52 | 000,049,256 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\symc8xx.sys -- (Symc8xx)
DRV:64bit: - [2006/11/02 08:02:47 | 000,048,232 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sym_u3.sys -- (Sym_u3)
DRV:64bit: - [2006/11/02 08:02:39 | 000,044,648 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2006/11/02 08:02:37 | 000,044,648 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sym_hi.sys -- (Sym_hi)
DRV:64bit: - [2006/11/02 08:02:24 | 000,039,016 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\mraid35x.sys -- (Mraid35x)
DRV:64bit: - [2006/11/02 08:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iteraid.sys -- (iteraid)
DRV:64bit: - [2006/11/02 08:02:09 | 000,037,480 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iteatapi.sys -- (iteatapi)
DRV:64bit: - [2006/11/02 07:51:30 | 000,203,368 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2006/11/02 07:50:54 | 000,148,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ulsata.sys -- (UlSata)
DRV:64bit: - [2006/11/02 07:50:27 | 000,124,008 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2006/11/02 07:50:06 | 000,090,216 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2006/11/02 07:50:06 | 000,088,168 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\djsvs.sys -- (aic78xx)
DRV:64bit: - [2006/11/02 05:44:02 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2006/11/02 05:44:01 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2006/11/02 05:43:46 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:64bit: - [2006/11/02 05:43:36 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2006/11/02 05:40:24 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2006/11/02 05:38:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2006/11/02 05:38:02 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2006/11/02 05:37:58 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2006/11/02 05:37:57 | 000,096,768 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2006/11/02 05:37:30 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV:64bit: - [2006/11/02 05:37:30 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSPQM.sys -- (MSPQM)
DRV:64bit: - [2006/11/02 05:37:16 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2006/11/02 04:43:25 | 000,086,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\brserid.sys -- (Brserid)
DRV:64bit: - [2006/11/02 01:28:10 | 000,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/10/23 22:08:37 | 000,712,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\peauth.sys -- (PEAUTH)
DRV:64bit: - [2006/09/29 19:51:44 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2006/09/19 07:42:33 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brusbser.sys -- (BrUsbSer)
DRV:64bit: - [2006/09/18 17:30:18 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\brserwdm.sys -- (BrSerWdm)
DRV:64bit: - [2006/09/18 17:30:18 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV:64bit: - [2006/09/18 17:30:15 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltlo.sys -- (BrFiltLo)
DRV:64bit: - [2006/09/18 17:30:15 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\brfiltup.sys -- (BrFiltUp)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}

IE - HKU\S-1-5-21-652890078-3363367145-379035379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-652890078-3363367145-379035379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-652890078-3363367145-379035379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-652890078-3363367145-379035379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 10 0F FE C0 27 CD 01 [binary data]
IE - HKU\S-1-5-21-652890078-3363367145-379035379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-652890078-3363367145-379035379-1000\..\SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-21-652890078-3363367145-379035379-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-652890078-3363367145-379035379-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={60DA677F-6AA6-41E9-ABFB-38C68375F9FB}&mid=dc2d37d039f947d68025d15f953b52ec-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=st011&pr=sa&d=2012-06-21 20:09:12&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-652890078-3363367145-379035379-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.15.1.0
FF - prefs.js..extensions.enabledAddons: wecarereminder@bryan:4.1.13.21
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=2&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/13 18:17:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/13 18:18:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/13 18:17:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/13 18:18:32 | 000,000,000 | ---D | M]

[2009/03/31 15:22:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christine\AppData\Roaming\Mozilla\Extensions
[2012/08/26 18:04:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\gwvkn3ov.default\extensions
[2010/10/30 07:41:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\gwvkn3ov.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/08/26 14:32:48 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\gwvkn3ov.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/08/26 18:04:20 | 000,000,000 | ---D | M] (ASPCA App By We-Care.com) -- C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\gwvkn3ov.default\extensions\wecarereminder@bryan
[2012/08/26 16:01:12 | 000,000,925 | ---- | M] () -- C:\Users\Christine\AppData\Roaming\Mozilla\Firefox\Profiles\gwvkn3ov.default\searchplugins\conduit.xml
[2012/04/25 06:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/14 18:43:01 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/22 15:43:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/21 20:08:55 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/09/14 18:42:58 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/14 18:42:58 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

Hosts file not found
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-652890078-3363367145-379035379-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKU\S-1-5-21-652890078-3363367145-379035379-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files (x86)\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-652890078-3363367145-379035379-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-652890078-3363367145-379035379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-652890078-3363367145-379035379-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-652890078-3363367145-379035379-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-652890078-3363367145-379035379-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-652890078-3363367145-379035379-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (DLM Control)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BE617DC-40AB-4795-8D2F-9C11C3691535}: NameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Christine\Pictures\2010-09-30 sept2010 upload\sept2010 upload 047.JPG
O24 - Desktop BackupWallPaper: C:\Users\Christine\Pictures\2010-09-30 sept2010 upload\sept2010 upload 047.JPG
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP


========== Files/Folders - Created Within 30 Days ==========

[2012/10/13 18:32:38 | 000,000,000 | ---D | C] -- C:\JRT
[2012/10/13 18:27:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/13 18:27:49 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/13 18:27:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/13 18:13:18 | 000,000,000 | ---D | C] -- C:\Users\Christine\Desktop\RK_Quarantine
[2012/10/13 18:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/10/13 18:12:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/10/10 19:03:34 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/10/10 19:03:33 | 001,268,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/10/10 19:03:32 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/10/10 19:03:30 | 004,699,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/10/05 20:19:32 | 000,900,608 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\netr28ux.sys
[2012/10/05 15:33:55 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Users\Christine\Desktop\winsockxpfix.exe
[2012/10/04 22:09:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RaLanguages
[2012/10/04 20:51:44 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\Seven Zip
[2012/10/04 20:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012/10/04 20:41:18 | 000,000,000 | ---D | C] -- C:\Users\Christine\AppData\Local\temp
[2012/10/04 20:35:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/10/04 20:08:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/04 20:08:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/04 20:08:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/04 20:07:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/04 20:06:54 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/23 03:00:45 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/23 03:00:44 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/23 03:00:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/23 03:00:42 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/23 03:00:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/23 03:00:41 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/23 03:00:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/23 03:00:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/23 03:00:37 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/23 03:00:37 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/23 03:00:37 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/23 03:00:36 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/23 03:00:32 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/23 03:00:32 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/09/23 03:00:31 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2009/07/15 15:05:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Christine\AppData\Roaming\pcouffin.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/13 18:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/13 18:32:10 | 000,707,604 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/13 18:32:10 | 000,607,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/13 18:32:10 | 000,105,084 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/13 18:27:50 | 000,000,952 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/13 18:26:04 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/13 18:26:04 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/13 18:26:00 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012/10/13 18:25:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/13 18:12:37 | 000,000,774 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/13 18:12:18 | 001,422,336 | ---- | M] () -- C:\Users\Christine\Desktop\winlogon.exe.exe
[2012/10/11 14:16:13 | 000,000,350 | ---- | M] () -- C:\Users\Christine\defogger_reenable
[2012/10/10 20:44:23 | 009,437,184 | ---- | M] () -- C:\Users\Christine\Documents\My Money.mny
[2012/10/08 16:43:09 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/08 16:43:09 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/04 22:13:21 | 000,000,440 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2012/10/04 21:54:00 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Users\Christine\Desktop\winsockxpfix.exe
[2012/10/04 21:07:41 | 000,721,800 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/04 20:35:52 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/13 18:27:50 | 000,000,952 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/13 18:12:37 | 000,000,774 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/13 18:12:17 | 001,422,336 | ---- | C] () -- C:\Users\Christine\Desktop\winlogon.exe.exe
[2012/10/11 14:16:13 | 000,000,350 | ---- | C] () -- C:\Users\Christine\defogger_reenable
[2012/10/04 21:07:41 | 000,721,800 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/04 20:08:41 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/04 20:08:41 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/04 20:08:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/04 20:08:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/04 20:08:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/12 20:28:16 | 000,031,049 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\UserTile.png
[2012/06/21 20:15:27 | 000,017,408 | ---- | C] () -- C:\Users\Christine\AppData\Local\WebpageIcons.db
[2012/05/02 19:48:01 | 000,002,427 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/04/24 20:13:29 | 000,000,782 | ---- | C] () -- C:\Windows\eReg.dat
[2012/01/10 15:49:25 | 000,000,175 | ---- | C] () -- C:\Windows\wininit.ini
[2011/11/07 15:03:10 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/15 21:16:32 | 000,077,409 | ---- | C] () -- C:\Windows\hpqins05.dat
[2011/02/16 19:46:24 | 000,186,775 | ---- | C] () -- C:\Windows\hpwins23.dat
[2010/03/17 20:13:28 | 000,066,112 | ---- | C] () -- C:\Users\Christine\0317101458.jpeg
[2010/02/08 21:37:57 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/07/15 15:05:18 | 000,007,859 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\pcouffin.cat
[2009/07/15 15:05:18 | 000,001,167 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\pcouffin.inf
[2009/04/30 06:53:05 | 000,022,528 | ---- | C] () -- C:\Users\Christine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/30 18:33:32 | 000,001,434 | ---- | C] () -- C:\Users\Christine\AppData\Roaming\wklnhst.dat

========== ZeroAccess Check ==========

[2006/11/02 11:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 13:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 03:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 22:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll

========== Custom Scans ==========

< %windir%\system32\drivers\*.sys /lockedfiles >

< End of report >

Attached Files



#4 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:36 AM

Posted 13 October 2012 - 07:31 PM

Did you have any issues running Junkware Removal Tool, or just forgot to post the log?

#5 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:36 AM

Posted 15 October 2012 - 04:09 PM

Are you still with me, durangodoug?

#6 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:36 AM

Posted 16 October 2012 - 02:46 PM

Due to the lack of feedback, this topic will closed.

If you need the topic re-opened, private message me or any moderator to re-open the thread.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users