Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Explorer Redirecting toolbar_stub


  • This topic is locked This topic is locked
15 replies to this topic

#1 eaj115

eaj115

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 13 October 2012 - 11:53 AM

Hi, Need your assistance.

Each time I open a browser in explorer (either by clicking on the explorer icon or through a website link that opens another browser) I get pop up browser with the following in the web address area: "C:\Program Files\Minibar\kango-ui\toolbar_stub.html"


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6001.18000
Run by The Best Aunty at 5:43:39 on 2012-10-13
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3581.928 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Fingerprint Reader Suite\psqltray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Dell Remote Access\ezi_ra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wuauclt.exe
c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe
C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\12.2.6\ScriptHelper.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\sdclt.exe
C:\PROGRA~1\McAfee\MSC\mcsvrcnt.exe
c:\PROGRA~1\mcafee\msc\mcupdui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uWindow Title = Internet Explorer provided by Dell
mStart Page = hxxp://www.bigseekpro.com/howfytdl/{98A50DC2-0B5A-B91F-A335-938571873FCC}
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UsProvider Class: {539f76fd-084e-4858-86d5-62f02f54ae86} - c:\program files\minibar\Minibar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\progra~1\mcafee\msk\mcapbho.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.5.34\AVG Secure Search_toolbar.dll
BHO: MinibarBHO: {aa74d58f-acd0-450d-a85e-6c04b171c044} - c:\program files\minibar\Minibar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.5.34\AVG Secure Search_toolbar.dll
TB: Minibar: {60eacc1a-33fa-443d-9846-17b28e2c9bdb} - c:\program files\minibar\Minibar.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_4_402_278_ActiveX.exe -update activex
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [PSQLLauncher] "c:\program files\fingerprint reader suite\launcher.exe" /startup
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [ROC_ROC_NT] "c:\program files\avg secure search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\thebes~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dellre~1.lnk - c:\windows\installer\{f66a31d9-7831-4fba-ba02-c411c0047cc5}\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\the best aunty\appdata\roaming\dvdvideosoftiehelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\the best aunty\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
TCP: DhcpNameServer = 200.1.104.36 200.1.104.35
TCP: Interfaces\{0C2306B9-CA8B-4AED-92CF-D72932A46295} : DhcpNameServer = 200.1.104.36 200.1.104.35
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.2.6\ViProtocol.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
LSA: Notification Packages = scecli psqlpwd
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-9-17 51936]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 178656]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-8-10 35168]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-8-13 176096]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-8-10 19808]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-9-12 151648]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-9-14 89440]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-12 164704]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-23 27496]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-3-27 201320]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2009-3-26 73728]
R2 Apache2.2;Remote Access Media Server;c:\program files\common files\dell\apache\bin\httpd.exe [2007-9-21 15872]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-8-20 5751928]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-8-20 184304]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-23 155648]
R2 dsl-db;Remote Access DB;c:\program files\common files\dell\mysql\bin\mysqld.exe [2007-9-14 5730304]
R2 dsl-fs-sync;Remote Access File Sync Service;c:\program files\common files\dell\remote access file sync service\dsl_fs_sync.exe [2009-1-5 173296]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-23 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-23 676936]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2009-3-27 358224]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2009-3-27 144704]
R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\common files\avg secure search\vtoolbarupdater\12.2.6\ToolbarUpdater.exe [2012-9-23 722528]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2010-1-21 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-3-27 179712]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-23 22856]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2009-3-27 695624]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-3-27 79304]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-3-27 35240]
R3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-3-27 33832]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-3-27 40488]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-09-26 11:37:44 -------- d-----w- C:\INSANITY
2012-09-26 01:33:04 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-09-24 16:39:30 -------- d-----w- c:\users\the best aunty\appdata\roaming\DVDVideoSoftIEHelpers
2012-09-24 16:29:31 -------- d-----w- c:\program files\DVDVideoSoft
2012-09-24 16:29:31 -------- d-----w- c:\program files\common files\DVDVideoSoft
2012-09-24 16:21:16 -------- d-----w- c:\users\the best aunty\appdata\roaming\DVDVideoSoft
2012-09-24 16:13:47 -------- d-----w- c:\program files\Free YouTube Downloader
2012-09-24 11:55:21 -------- d-----w- c:\program files\Minibar
2012-09-24 11:55:18 -------- d-----w- c:\users\the best aunty\appdata\local\Minibar
2012-09-24 11:55:16 -------- d-----w- c:\program files\Free YouTube Downloader DB Toolbar
2012-09-24 10:28:25 -------- d-----w- c:\users\the best aunty\appdata\local\Apple Computer
2012-09-24 10:27:59 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-24 10:21:18 -------- d-----w- c:\program files\iPod
2012-09-24 10:20:33 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-09-24 10:20:33 -------- d-----w- c:\program files\iTunes
2012-09-24 10:18:42 -------- d-----w- c:\users\the best aunty\appdata\local\Apple
2012-09-24 10:12:30 -------- d-----w- c:\program files\Bonjour
2012-09-24 08:32:18 -------- d-----w- c:\programdata\WD_SmartWareCommon
2012-09-24 08:22:34 -------- d-----w- c:\users\the best aunty\appdata\local\Western_Digital
2012-09-24 08:19:20 -------- d-----w- c:\users\the best aunty\appdata\roaming\Western Digital
2012-09-24 08:19:12 -------- d-----w- c:\programdata\Western Digital
2012-09-24 08:13:30 -------- d-----w- c:\program files\Western Digital
2012-09-24 08:12:54 -------- d-----w- c:\users\the best aunty\appdata\local\Western Digital
2012-09-24 07:58:27 -------- d-----w- c:\program files\HitmanPro
2012-09-24 07:56:58 -------- d-----w- c:\programdata\HitmanPro
2012-09-24 02:08:49 -------- d-----w- c:\users\the best aunty\appdata\roaming\Malwarebytes
2012-09-24 02:08:33 -------- d-----w- c:\programdata\Malwarebytes
2012-09-24 02:08:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-24 02:08:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-23 18:33:11 -------- d-----w- c:\users\the best aunty\appdata\roaming\AVG2013
2012-09-23 18:32:23 -------- d-----w- c:\users\the best aunty\appdata\local\AVG Secure Search
2012-09-23 18:32:12 -------- d-----w- c:\users\the best aunty\appdata\roaming\TuneUp Software
2012-09-23 18:32:09 -------- d-----w- c:\programdata\AVG Secure Search
2012-09-23 18:31:55 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-09-23 18:31:51 -------- d-----w- c:\program files\common files\AVG Secure Search
2012-09-23 18:31:49 -------- d-----w- c:\program files\AVG Secure Search
2012-09-23 18:30:14 -------- d--h--w- C:\$AVG
2012-09-23 18:30:14 -------- d-----w- c:\programdata\AVG2013
2012-09-23 18:28:07 -------- d-----w- c:\program files\AVG
2012-09-23 18:25:16 -------- d--h--w- c:\programdata\Common Files
2012-09-23 18:25:15 -------- d-----w- c:\users\the best aunty\appdata\local\MFAData
2012-09-23 18:25:15 -------- d-----w- c:\users\the best aunty\appdata\local\Avg2013
2012-09-23 18:25:15 -------- d-----w- c:\programdata\MFAData
2012-09-23 09:55:03 -------- d-----w- c:\programdata\036DFF853AC2E0A8004E71226C44B161
2012-09-17 22:58:56 51936 ----a-w- c:\windows\system32\drivers\avgidshx.sys
.
==================== Find3M ====================
.
2012-09-24 16:52:35 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-24 16:52:35 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-12 15:47:22 164704 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-09-12 15:47:04 151648 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-08-21 17:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-13 20:40:54 176096 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-08-10 08:52:28 19808 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2012-08-10 08:52:18 35168 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2012-08-09 17:56:44 178656 ----a-w- c:\windows\system32\drivers\avglogx.sys
.
============= FINISH: 5:45:38.48 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:02 AM

Posted 13 October 2012 - 06:06 PM

Hello eaj115 :)

  • I will be helping with your computer problems.
  • From this point on, it is very important that you refrain from doing anything else to your computer other than what I have requested of you.
  • I do not mind if you browse the web, do basic tasks, or even test to see if the problem(s) you are experiencing are still occurring with the computer while we are working together, but do not run any tools/fixes unless I or another helper from this thread has asked you to do so.
  • Remember that you came here for help, so allow us to help you :)
  • If something does not run, make a detailed note of what problems you encountered along the way (exact error messages are preferred), but continue onto the next steps until you reach the end of my post.
  • Always do the steps they are listed in (left to right, top to bottom).
  • I prefer that you complete all the steps while you are in Normal Mode. However, I understand that sometimes this is not possible. If you are unsuccessful in getting a tool/fix to run from Normal Mode, but Safe Mode works, then use Safe Mode.
  • If you have a question about something, do not hesitate to ask.

Let's begin:

Posted Image From Programs and Features (via Control Panel), please uninstall the below:
  • Free YouTube Downloader 3.5.128
  • Free YouTube Downloader DB Toolbar
  • Java™ 6 Update 11

Choose one of the following to keep and uninstall the other:

  • AVG 2013
  • McAfee SecurityCenter

__

  • Please download and install CCleaner Slim
  • Open CCleaner and click the Options button
  • Now choose Advanced
  • Uncheck everything here except for Skip User Account Control warning
  • Now click the Cleaner button and press the Run Cleaner button at the bottom right of the program.
  • If this is your first time running this program, a prompt may appear asking for confirmation to delete temporary files. Go ahead and proceed.

__

Posted Image Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

__

Posted Image Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any potential conflicts.
  • Do not double-click JRT.exe, instead, right-mouse click JRT.exe and select Run as administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt to your next message.

__

Posted Image Please download OTL.

  • Save it to your desktop.
  • Right mouse click on the OTL icon on your desktop and select Run as Administrator
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Change the setting of "Drivers" and "Services" to "All"
  • Now click the Posted Image button.
  • Two reports will be created:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Paste the contents of OTL.txt here for me to review but attach Extras.txt

Edited by thisisu, 13 October 2012 - 06:06 PM.


#3 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:02 AM

Posted 16 October 2012 - 02:48 PM

Due to the lack of feedback, this topic will closed.

If you need the topic re-opened, private message me or any moderator to re-open the thread.

#4 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:02 AM

Posted 16 October 2012 - 05:53 PM

Thread reopened per user's request.

#5 eaj115

eaj115
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 16 October 2012 - 06:56 PM

Tried all the options, but still getting the problem, explorer windows are still opening. I have been unable to run the JRT software as admin as I get the error it is not a Win32 application. Below is the OTL Text and the file attached

OTL logfile created on: 14/10/2012 02:10:21 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\The Best Aunty\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00002C09 | Country: Trinidad and Tobago | Language: ENT | Date Format: dd/MM/yyyy

3.50 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 49.46% Memory free
7.18 Gb Paging File | 4.96 Gb Available in Paging File | 68.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.17 Gb Total Space | 328.02 Gb Free Space | 73.19% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 4.97 Gb Free Space | 33.13% Space Free | Partition Type: NTFS
Drive F: | 442.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 930.86 Gb Total Space | 886.39 Gb Free Space | 95.22% Space Free | Partition Type: NTFS

Computer Name: NICOLE | User Name: The Best Aunty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/14 02:07:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\The Best Aunty\Desktop\OTL.exe
PRC - [2012/09/24 12:52:34 | 000,690,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe
PRC - [2012/09/18 16:17:18 | 002,421,896 | ---- | M] (DVDVideoSoft Ltd.) -- C:\Program Files\DVDVideoSoft\Free Studio\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/12/14 11:49:30 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
PRC - [2010/01/21 16:27:44 | 009,136,960 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2010/01/21 16:27:42 | 002,057,536 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2010/01/21 16:24:08 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009/03/27 04:09:57 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/05 18:19:08 | 000,173,296 | ---- | M] (SingleClick Systems) -- C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
PRC - [2008/11/03 10:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2008/10/04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/10/04 14:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/09/23 23:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/09/16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/02/22 18:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008/01/20 22:23:41 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
PRC - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2008/01/01 23:44:32 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2008/01/01 23:44:26 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/12/21 11:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/12/11 13:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/12/05 11:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007/12/03 01:58:54 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/11/26 11:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007/11/01 20:12:38 | 000,582,992 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007/11/01 20:12:38 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007/09/21 14:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
PRC - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
PRC - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007/04/17 00:05:52 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
PRC - [2007/04/16 23:55:00 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\psqltray.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/24 12:29:44 | 000,546,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack.Shell\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.Shell.dll
MOD - [2012/09/24 12:29:43 | 000,110,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.WindowsAPICodePack\1.1.0.0__31bf3856ad364e35\Microsoft.WindowsAPICodePack.dll
MOD - [2012/09/23 14:31:57 | 000,564,832 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012/09/23 14:31:54 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012/09/23 14:31:49 | 001,734,240 | ---- | M] () -- C:\Program Files\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll
MOD - [2012/09/03 17:33:16 | 010,319,872 | ---- | M] () -- C:\Program Files\DVDVideoSoft\Free Studio\Free YouTube to MP3 Converter\DVDVideoSoft.Resources.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/08/20 19:07:54 | 004,421,273 | ---- | M] () -- C:\Program Files\Common Files\DVDVideoSoft\lib\mfc100u.dll
MOD - [2011/06/24 03:39:28 | 001,712,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a3ba68e5c233fbd30a1e3458165d6a4f\Microsoft.VisualBasic.ni.dll
MOD - [2011/06/24 03:39:17 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\18f2261a32e4aa98d770c405554bd8d5\System.Management.ni.dll
MOD - [2011/06/24 03:39:13 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\834074ae55ca3450c11eebe9c274abd3\System.ServiceProcess.ni.dll
MOD - [2011/06/24 03:39:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll
MOD - [2011/06/24 03:39:05 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\f8694104e62a8182b9fbbae0e5173fcf\System.Web.ni.dll
MOD - [2011/06/24 03:38:58 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\51bdab63dd9dbcddbfef9c82bffdbd59\System.Web.Services.ni.dll
MOD - [2011/06/24 03:38:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f183e57f94e56ac92ee99eed8e63943d\System.Configuration.ni.dll
MOD - [2011/06/24 03:37:16 | 005,451,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\59f9dfe0ea64752c07f5a59c283c163b\System.Xml.ni.dll
MOD - [2011/06/24 03:36:59 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll
MOD - [2011/06/24 03:36:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll
MOD - [2011/06/24 03:36:38 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\44da3853aa13e56f38eac7480fffd48e\System.Data.ni.dll
MOD - [2011/06/24 03:35:51 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll
MOD - [2011/06/24 03:35:43 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll
MOD - [2009/08/19 15:49:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
MOD - [2009/07/29 15:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
MOD - [2009/02/27 13:56:34 | 000,016,768 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2008/12/18 05:55:28 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2008/11/03 10:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2008/11/03 10:54:00 | 000,262,384 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll
MOD - [2008/11/03 10:54:00 | 000,132,336 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2008/11/03 10:54:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll
MOD - [2008/11/03 10:54:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll
MOD - [2008/11/03 10:54:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll
MOD - [2008/07/27 14:03:15 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/05/19 17:47:00 | 000,450,560 | ---- | M] () -- C:\Program Files\Common Files\Dell\apache\ioncube_loader_win_5.2.dll
MOD - [2007/11/26 11:46:10 | 000,324,936 | ---- | M] () -- c:\Program Files\McAfee\MSK\mcapbho.dll
MOD - [2007/09/21 14:32:18 | 002,035,712 | ---- | M] () -- C:\Program Files\Common Files\Dell\apache\libmysql.dll


========== Services (All) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2012/10/02 03:32:58 | 000,193,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/10/02 03:32:04 | 005,783,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/09/09 23:30:22 | 000,821,648 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/11 16:43:06 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/08/30 23:05:02 | 000,390,504 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2011/03/02 10:49:43 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2010/11/06 07:09:57 | 000,603,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/09/06 12:24:40 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/08/17 09:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2010/03/18 14:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/18 10:11:41 | 000,190,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - [2010/01/21 16:24:08 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/10/09 17:56:18 | 001,181,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WsmSvc.dll -- (WinRM)
SRV - [2009/10/09 17:55:52 | 000,146,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2009/08/24 08:16:12 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/08/06 22:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/07/11 15:32:52 | 000,513,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/06/10 08:12:29 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009/03/27 04:14:46 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/03/27 04:12:10 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2009/03/27 04:11:39 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2009/03/27 04:08:35 | 000,269,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009/03/27 04:04:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2009/03/27 03:50:18 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/03/27 02:13:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/27 02:04:19 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/03/03 00:39:32 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/03/03 00:39:32 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/01/05 18:19:10 | 000,824,560 | ---- | M] (Dell Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/01/05 18:19:08 | 000,173,296 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2008/12/18 05:58:20 | 000,026,112 | ---- | M] () [Auto | Running] -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2008/12/04 17:03:00 | 000,226,640 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/10/04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2008/09/26 07:38:22 | 000,196,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2008/09/23 23:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/09/18 00:56:07 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2008/09/16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/07/27 14:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/19 21:14:44 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/06/19 21:14:31 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/06/19 21:14:31 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/03/24 08:35:22 | 000,074,384 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/01/20 22:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008/01/20 22:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (PNRPsvc)
SRV - [2008/01/20 22:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (PNRPAutoReg)
SRV - [2008/01/20 22:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2psvc)
SRV - [2008/01/20 22:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2pimsvc)
SRV - [2008/01/20 22:25:26 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2008/01/20 22:25:16 | 000,070,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2008/01/20 22:25:11 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008/01/20 22:25:09 | 000,292,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008/01/20 22:25:05 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2008/01/20 22:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2008/01/20 22:25:00 | 002,623,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2008/01/20 22:25:00 | 000,758,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2008/01/20 22:25:00 | 000,382,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vds.exe -- (vds)
SRV - [2008/01/20 22:25:00 | 000,188,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2008/01/20 22:24:59 | 000,161,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2008/01/20 22:24:59 | 000,055,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2008/01/20 22:24:56 | 000,302,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2008/01/20 22:24:55 | 000,574,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2008/01/20 22:24:55 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2008/01/20 22:24:54 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2008/01/20 22:24:54 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 22:24:54 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2008/01/20 22:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2008/01/20 22:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 22:24:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2008/01/20 22:24:49 | 000,155,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/01/20 22:24:47 | 000,393,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2008/01/20 22:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2008/01/20 22:24:44 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\Sens.dll -- (SENS)
SRV - [2008/01/20 22:24:44 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2008/01/20 22:24:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SLUINotify.dll -- (SLUINotify)
SRV - [2008/01/20 22:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2008/01/20 22:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2008/01/20 22:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2008/01/20 22:24:35 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dps.dll -- (DPS)
SRV - [2008/01/20 22:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/01/20 22:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2008/01/20 22:24:30 | 000,068,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2008/01/20 22:24:30 | 000,056,320 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2008/01/20 22:24:27 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/01/20 22:24:27 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2008/01/20 22:24:23 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 22:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 22:24:22 | 000,175,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2008/01/20 22:24:21 | 000,282,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2008/01/20 22:24:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2008/01/20 22:24:20 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2008/01/20 22:24:20 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/20 22:24:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2008/01/20 22:24:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2008/01/20 22:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2008/01/20 22:24:18 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2008/01/20 22:24:18 | 000,105,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2008/01/20 22:24:18 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2008/01/20 22:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 22:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2008/01/20 22:24:12 | 000,448,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\termsrv.dll -- (TermService)
SRV - [2008/01/20 22:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/20 22:24:10 | 000,039,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2008/01/20 22:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/01/20 22:24:08 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2008/01/20 22:24:05 | 000,075,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2008/01/20 22:24:04 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2008/01/20 22:24:04 | 000,153,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2008/01/20 22:24:03 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pla.dll -- (pla)
SRV - [2008/01/20 22:24:02 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2008/01/20 22:24:02 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/01/20 22:23:55 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2008/01/20 22:23:54 | 000,328,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2008/01/20 22:23:53 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2008/01/20 22:23:52 | 000,137,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2008/01/20 22:23:51 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2008/01/20 22:23:51 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/01/20 22:23:50 | 001,054,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2008/01/20 22:23:49 | 001,013,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2008/01/20 22:23:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2008/01/20 22:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 22:23:41 | 002,091,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dfsr.exe -- (DFSR)
SRV - [2008/01/20 22:23:39 | 000,452,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2008/01/20 22:23:39 | 000,412,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2008/01/20 22:23:39 | 000,196,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WebClnt.dll -- (WebClient)
SRV - [2008/01/20 22:23:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 22:23:31 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2008/01/20 22:23:29 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\pcasvc.dll -- (PcaSvc)
SRV - [2008/01/20 22:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2008/01/01 23:44:32 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/01 23:44:26 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/12/11 13:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007/12/05 11:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007/11/26 11:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\msksrver.exe -- (MSK80Service)
SRV - [2007/11/07 10:35:40 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007/09/21 14:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe -- (dsl-db)
SRV - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService)
SRV - [2006/11/02 08:35:29 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006/11/02 08:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 08:35:24 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\TabSvc.dll -- (TabletInputService)
SRV - [2006/11/02 05:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006/11/02 05:46:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2006/11/02 05:46:04 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2006/11/02 05:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Locator.exe -- (RpcLocator)
SRV - [2006/11/02 05:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Unknown (-1) | Unknown (-1) | Unknown] -- -- (avgtp)
DRV - File not found [Kernel | Disabled | Running] -- system32\DRIVERS\avgtdix.sys -- (Avgtdix)
DRV - File not found [File_System | Disabled | Running] -- system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - File not found [Kernel | Disabled | Running] -- system32\DRIVERS\avglogx.sys -- (Avglogx)
DRV - File not found [Kernel | Disabled | Running] -- system32\DRIVERS\avgidsshimx.sys -- (AVGIDSShim)
DRV - File not found [Kernel | Disabled | Running] -- system32\DRIVERS\avgidshx.sys -- (AVGIDSHX)
DRV - File not found [Kernel | Disabled | Running] -- system32\DRIVERS\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/21 13:01:22 | 000,026,840 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012/07/09 13:42:56 | 000,044,032 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2011/07/06 10:56:47 | 000,213,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/04/29 08:49:57 | 000,146,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/04/29 08:49:55 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/04/29 08:49:44 | 000,079,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/04/29 08:49:35 | 000,105,984 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/04/21 09:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\afd.sys -- (AFD)
DRV - [2011/04/14 10:24:14 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2011/02/22 08:51:51 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/02/18 09:31:24 | 000,304,640 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011/02/16 18:56:00 | 000,064,000 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RimUsb.sys -- (RimUsb)
DRV - [2010/06/16 11:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010/06/16 11:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010/02/20 17:18:40 | 000,411,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2010/02/18 07:52:00 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009/07/14 13:45:07 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009/06/15 14:20:59 | 000,439,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/03/27 04:11:39 | 000,625,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2009/03/27 04:11:39 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/03/27 03:54:46 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (PSched)
DRV - [2009/03/27 03:50:13 | 000,196,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009/03/27 03:50:13 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2009/03/27 03:50:13 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009/03/27 03:50:13 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2009/03/27 03:50:06 | 000,246,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2009/03/27 03:50:03 | 000,266,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009/03/27 03:49:54 | 000,028,728 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2009/03/27 03:49:54 | 000,021,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/03/27 03:49:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/01/09 16:18:02 | 000,027,136 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2008/12/18 05:57:10 | 001,331,192 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008/12/18 05:55:10 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/09/26 07:38:12 | 007,583,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/09/25 09:21:12 | 000,324,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2008/06/17 12:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/02/08 00:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/01/20 22:25:05 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2008/01/20 22:25:02 | 000,136,192 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2008/01/20 22:25:00 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2008/01/20 22:24:59 | 000,184,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2008/01/20 22:24:59 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008/01/20 22:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008/01/20 22:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/20 22:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/20 22:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/20 22:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/20 22:24:53 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2008/01/20 22:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/01/20 22:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/20 22:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/20 22:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/20 22:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/01/20 22:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/20 22:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/01/20 22:24:49 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2008/01/20 22:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008/01/20 22:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/20 22:24:45 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008/01/20 22:24:44 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2008/01/20 22:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\luafv.sys -- (luafv)
DRV - [2008/01/20 22:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/20 22:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/20 22:24:35 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/01/20 22:24:27 | 000,294,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2008/01/20 22:24:26 | 000,163,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2008/01/20 22:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/01/20 22:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/01/20 22:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/01/20 22:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/20 22:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/20 22:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/01/20 22:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/20 22:24:18 | 000,224,768 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2008/01/20 22:24:14 | 000,049,720 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\mup.sys -- (Mup)
DRV - [2008/01/20 22:24:13 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008/01/20 22:24:13 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/01/20 22:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/20 22:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/20 22:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/20 22:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/01/20 22:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/20 22:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/20 22:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/20 22:24:01 | 000,192,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/01/20 22:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/20 22:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/01/20 22:23:51 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2008/01/20 22:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008/01/20 22:23:51 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/01/20 22:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/01/20 22:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008/01/20 22:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/20 22:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/01/20 22:23:43 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2008/01/20 22:23:39 | 000,143,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ecache.sys -- (Ecache)
DRV - [2008/01/20 22:23:39 | 000,110,080 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/01/20 22:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2008/01/20 22:23:26 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/01/20 22:23:26 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60)
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/01/20 22:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/20 22:23:23 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/01/20 22:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008/01/20 22:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008/01/20 22:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2008/01/20 22:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV - [2008/01/20 22:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35)
DRV - [2008/01/20 22:23:22 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/20 22:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/20 22:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/20 22:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2008/01/20 22:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2008/01/20 22:23:21 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV - [2008/01/20 22:23:21 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:21 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2008/01/20 22:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (disk)
DRV - [2008/01/20 22:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/20 22:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/20 22:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2008/01/20 22:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2008/01/20 22:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/20 22:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/20 22:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2008/01/20 22:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/01/20 22:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2008/01/20 22:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/01/20 22:23:01 | 000,181,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2008/01/20 22:23:01 | 000,151,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci)
DRV - [2008/01/20 22:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp)
DRV - [2008/01/20 22:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV - [2008/01/20 22:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp)
DRV - [2008/01/20 22:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIAAGP.SYS -- (viaagp)
DRV - [2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGP440.sys -- (agp440)
DRV - [2008/01/20 22:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp)
DRV - [2008/01/20 22:23:01 | 000,054,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2008/01/20 22:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2008/01/20 22:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/01/20 22:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2008/01/20 22:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/01/20 22:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008/01/20 22:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2008/01/20 22:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2008/01/20 22:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/20 22:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2008/01/20 22:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/01/20 22:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev)
DRV - [2008/01/01 23:44:40 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/03 01:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/03 01:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/12/02 13:51:42 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007/11/22 07:44:08 | 000,201,320 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007/11/22 07:44:08 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007/11/22 07:44:08 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007/11/22 07:44:04 | 000,033,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/11/14 04:00:00 | 000,043,840 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20)
DRV - [2007/07/13 07:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2007/05/24 08:35:02 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2007/05/10 03:00:06 | 000,182,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/04/16 23:44:34 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007/02/28 07:25:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/28 07:25:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/02/28 07:25:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 05:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 04:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 04:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 04:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir)
DRV - [2006/11/02 04:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2006/11/02 04:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 04:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 04:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2006/11/02 04:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 04:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)
DRV - [2006/11/02 04:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 02:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/howfytdl/{98A50DC2-0B5A-B91F-A335-938571873FCC}
IE - HKLM\..\SearchScopes,DefaultScope = {E627DC4B-8C04-4234-A2D4-1D634EE01C41}
IE - HKLM\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" = http://www.bigseekpro.com/search/toolbar/howfytdl/{98A50DC2-0B5A-B91F-A335-938571873FCC}?q={searchTerms}
IE - HKLM\..\SearchScopes\{E7FE5597-A262-4DCA-8872-8A1FF30B4C6B}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\URLSearchHook: {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" = http://www.bigseekpro.com/search/toolbar/howfytdl/{98A50DC2-0B5A-B91F-A335-938571873FCC}?q={searchTerms}
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\SearchScopes\{E7FE5597-A262-4DCA-8872-8A1FF30B4C6B}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()



O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Minibar) - {60EACC1A-33FA-443D-9846-17B28E2C9BDB} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O3 - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\Toolbar\WebBrowser: (Minibar) - {60EACC1A-33FA-443D-9846-17B28E2C9BDB} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\The Best Aunty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: Free YouTube Download - C:\Users\The Best Aunty\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\The Best Aunty\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.1.104.36 200.1.104.35
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C2306B9-CA8B-4AED-92CF-D72932A46295}: DhcpNameServer = 200.1.104.36 200.1.104.35
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Tree.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Tree.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/01/28 16:00:27 | 000,000,088 | ---- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{41231f9a-0566-11e2-af9d-00219bef4f84}\Shell - "" = AutoRun
O33 - MountPoints2\{41231f9a-0566-11e2-af9d-00219bef4f84}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- [2010/01/21 20:13:40 | 003,330,848 | ---- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/14 02:07:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\The Best Aunty\Desktop\OTL.exe
[2012/10/14 00:54:05 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/10/14 00:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/10/14 00:50:36 | 003,007,280 | ---- | C] (Piriform Ltd) -- C:\Users\The Best Aunty\Desktop\ccsetup323_slim.exe
[2012/10/14 00:42:38 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Avg2013
[2012/10/13 06:14:53 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Stardock_Corporation
[2012/10/13 05:58:37 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/10/13 05:51:36 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\Desktop\gmer
[2012/10/13 05:41:56 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\The Best Aunty\Desktop\dds.com
[2012/09/26 07:37:44 | 000,000,000 | ---D | C] -- C:\INSANITY
[2012/09/25 21:33:04 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2012/09/24 12:39:30 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/09/24 12:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/09/24 12:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2012/09/24 12:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2012/09/24 12:21:16 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\DVDVideoSoft
[2012/09/24 07:55:21 | 000,000,000 | ---D | C] -- C:\Program Files\Minibar
[2012/09/24 07:55:18 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Minibar
[2012/09/24 07:55:16 | 000,000,000 | ---D | C] -- C:\Program Files\Free YouTube Downloader DB Toolbar
[2012/09/24 06:28:25 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\Apple Computer
[2012/09/24 06:28:25 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Apple Computer
[2012/09/24 06:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/24 06:27:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/09/24 06:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/09/24 06:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/09/24 06:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/09/24 06:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/09/24 06:18:42 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Apple
[2012/09/24 06:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012/09/24 06:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/09/24 06:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/09/24 06:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/09/24 04:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\WD_SmartWareCommon
[2012/09/24 04:22:34 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Western_Digital
[2012/09/24 04:19:20 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\Western Digital
[2012/09/24 04:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2012/09/24 04:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/09/24 04:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2012/09/24 04:12:54 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Western Digital
[2012/09/24 03:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2012/09/24 03:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012/09/24 03:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/09/23 22:08:49 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\Malwarebytes
[2012/09/23 22:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/23 22:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/23 22:08:32 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/23 22:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/23 22:07:36 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\The Best Aunty\Desktop\mbam-setup-1.65.0.1400.exe
[2012/09/23 22:05:09 | 001,678,240 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\The Best Aunty\Desktop\iExplore.exe
[2012/09/23 14:32:12 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\TuneUp Software
[2012/09/23 14:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/09/23 14:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/09/23 14:31:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/09/23 14:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/09/23 14:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/09/23 14:25:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/09/23 14:25:15 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\MFAData
[2012/09/23 14:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/09/23 14:24:52 | 004,411,736 | ---- | C] (AVG Technologies) -- C:\Users\The Best Aunty\Desktop\avg_free_stb_all_2013_2677_cnet.exe
[2012/09/23 05:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\036DFF853AC2E0A8004E71226C44B161

========== Files - Modified Within 30 Days ==========

[2012/10/14 02:14:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/14 02:14:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/14 02:07:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\The Best Aunty\Desktop\OTL.exe
[2012/10/14 01:13:12 | 000,297,543 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\JRT.exe
[2012/10/14 00:51:40 | 003,007,280 | ---- | M] (Piriform Ltd) -- C:\Users\The Best Aunty\Desktop\ccsetup323_slim.exe
[2012/10/14 00:15:41 | 000,018,959 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2012/10/14 00:14:55 | 000,028,694 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/10/14 00:14:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/13 09:23:00 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/10/13 07:14:21 | 3756,044,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/13 06:11:16 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/13 06:11:16 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/13 05:51:20 | 000,294,216 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\gmer.zip
[2012/10/13 05:43:34 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\The Best Aunty\Desktop\dds.com
[2012/10/13 05:38:42 | 000,000,000 | ---- | M] () -- C:\Users\The Best Aunty\defogger_reenable
[2012/10/13 05:38:18 | 000,050,477 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\Defogger.exe
[2012/09/27 21:55:34 | 000,034,684 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\Elson_James_CV.pdf
[2012/09/25 21:33:04 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2012/09/24 12:52:35 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/09/24 12:52:35 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/09/24 12:38:58 | 000,001,034 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\DVDVideoSoft Free Studio.lnk
[2012/09/24 06:28:10 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/24 04:19:01 | 000,001,284 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
[2012/09/24 04:19:01 | 000,001,223 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/09/24 03:58:29 | 000,001,734 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2012/09/23 22:08:33 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/23 22:08:11 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\The Best Aunty\Desktop\mbam-setup-1.65.0.1400.exe
[2012/09/23 22:05:36 | 001,678,240 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\The Best Aunty\Desktop\iExplore.exe
[2012/09/23 22:03:52 | 000,001,205 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\registryfix.reg
[2012/09/23 14:25:06 | 004,411,736 | ---- | M] (AVG Technologies) -- C:\Users\The Best Aunty\Desktop\avg_free_stb_all_2013_2677_cnet.exe
[2012/09/22 21:29:50 | 000,028,694 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/09/22 17:11:01 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/09/15 15:23:48 | 000,009,216 | ---- | M] () -- C:\Users\The Best Aunty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/15 15:23:46 | 733,689,856 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\yes man.avi
[2012/09/15 15:23:40 | 366,872,576 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\Hulk.vs.Wolverine.2008.DVDRiP.XviD-WaLMaRT.avi

========== Files Created - No Company Name ==========

[2012/10/14 01:13:10 | 000,297,543 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\JRT.exe
[2012/10/13 05:51:10 | 000,294,216 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\gmer.zip
[2012/10/13 05:38:42 | 000,000,000 | ---- | C] () -- C:\Users\The Best Aunty\defogger_reenable
[2012/10/13 05:38:10 | 000,050,477 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\Defogger.exe
[2012/09/27 21:55:33 | 000,034,684 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\Elson_James_CV.pdf
[2012/09/24 12:38:58 | 000,001,034 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\DVDVideoSoft Free Studio.lnk
[2012/09/24 06:28:10 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/24 06:18:37 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/09/24 04:19:01 | 000,001,284 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
[2012/09/24 04:19:01 | 000,001,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/09/24 03:58:29 | 000,001,734 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2012/09/24 03:29:26 | 3756,044,288 | -HS- | C] () -- C:\hiberfil.sys
[2012/09/23 22:08:33 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/23 22:03:49 | 000,001,205 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\registryfix.reg
[2012/09/23 14:32:12 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/09/22 17:11:01 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/09/22 17:11:00 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/07/22 05:42:39 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2070N.DAT
[2012/07/22 05:42:09 | 000,000,146 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2012/07/22 05:41:59 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2012/07/22 05:41:56 | 000,008,975 | ---- | C] () -- C:\Windows\HL-2070N.INI
[2012/07/22 05:37:08 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini
[2012/07/22 05:37:08 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2012/07/21 20:23:41 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/05/09 22:57:20 | 000,000,552 | ---- | C] () -- C:\Users\The Best Aunty\AppData\Local\d3d8caps.dat
[2010/04/20 06:13:59 | 000,009,216 | ---- | C] () -- C:\Users\The Best Aunty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/20 20:10:54 | 000,000,680 | ---- | C] () -- C:\Users\The Best Aunty\AppData\Local\d3d9caps.dat
[2010/01/14 22:45:01 | 000,028,694 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/01/14 19:37:24 | 000,028,694 | ---- | C] () -- C:\ProgramData\nvModes.dat

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 00:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/20 22:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\The Best Aunty\Desktop\yes man.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\The Best Aunty\Desktop\Hulk.vs.Wolverine.2008.DVDRiP.XviD-WaLMaRT.avi:TOC.WMV
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:5D432CE3

< End of report >

Attached Files



#6 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:02 AM

Posted 16 October 2012 - 09:08 PM

You are skipping steps and not doing the steps in the order requested.
I need you to retry ALL the steps again in the order they are posted in.

#7 eaj115

eaj115
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 17 October 2012 - 11:21 PM

Hi I have pasted all the logs as requested. I was unable to attach the Extras.txt from the OTL scan as that file never came up after the scan.



Malware Logs

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.18.01

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
The Best Aunty :: NICOLE [administrator]

17/10/2012 11:28:36 PM
mbam-log-2012-10-17 (23-28-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218505
Time elapsed: 5 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



JRT Logs

Junkware Removal Tool (JRT) by Thisisu
Version: 1.7.3 (10.17.2012)
OS: Windows Vista ™ Home Premium x86
Ran by The Best Aunty on 17/10/2012 at 23:39:47.84
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values:

Successfully deleted: [VALUE] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{60eacc1a-33fa-443d-9846-17b28e2c9bdb}



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{60eacc1a-33fa-443d-9846-17b28e2c9bdb}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{60eacc1a-33fa-443d-9846-17b28e2c9bdb}
Successfully deleted: [KEY] hkey_classes_root\clsid\{aa74d58f-acd0-450d-a85e-6c04b171c044}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{aa74d58f-acd0-450d-a85e-6c04b171c044}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{aa74d58f-acd0-450d-a85e-6c04b171c044}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{e627dc4b-8c04-4234-a2d4-1d634ee01c41}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{e627dc4b-8c04-4234-a2d4-1d634ee01c41}



*** Files:

Successfully deleted: [FILE] C:\Users\The Best Aunty\AppData\Roaming\dvdvideosoft\dvsYoutubeDownload.crx
Successfully deleted: [FILE] C:\Users\The Best Aunty\AppData\Roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
Successfully deleted: [FILE] C:\Users\The Best Aunty\AppData\Roaming\dvdvideosoftiehelpers\freeytvdownloader.htm
Successfully deleted: [FILE] C:\Program Files\Common Files\dvdvideosoft\chimes.wav
Successfully deleted: [FILE] C:\Program Files\Common Files\dvdvideosoft\FreeStudioManager.exe
Successfully deleted: [FILE] C:\Program Files\Common Files\dvdvideosoft\Uninstall.exe
Successfully deleted: [FILE] C:\Users\The Best Aunty\appdata\local\minibar\chrome_installer.js
Successfully deleted: [FILE] C:\Users\The Best Aunty\appdata\local\minibar\common.js
Successfully deleted: [FILE] C:\Users\The Best Aunty\appdata\local\minibar\firefox_installer.js
Successfully deleted: [FILE] C:\Users\The Best Aunty\appdata\local\minibar\ie_installer.js
Successfully deleted: [FILE] C:\Users\The Best Aunty\appdata\local\minibar\install.json
Successfully deleted: [FILE] C:\Users\The Best Aunty\appdata\local\minibar\minibar.crx
Successfully deleted: [FILE] C:\Users\The Best Aunty\appdata\local\minibar\minibar.xpi
Successfully deleted: [FILE] C:\Users\The Best Aunty\appdata\local\minibar\SettingsHelper.exe
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\unins000.dat
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\unins000.exe
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.AVConverter.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.DVSiTunes.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.DVSVideoDownloader.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.MediaTagsEditor.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.PresetEditor.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.Presets.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.Resources.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.RockIdHelper.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.TaskbarManager.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\DVDVideoSoft.VideoFileToIPOD.dll
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\FreeYouTubeToMP3Converter.exe
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\FreeYouTubeToMP3Converter.xml
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\FreeYouTubeToMP3ConverterProfile.xml
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\FreeYouTubeToMP3ConverterProfileD.xml
Successfully deleted: [FILE] C:\Program Files\dvdvideosoft\free studio\free youtube to mp3 converter\taglib-sharp.dll
Successfully deleted: [FILE] C:\Program Files\minibar\config.xml
Successfully deleted: [FILE] C:\Program Files\minibar\extension_info.json
Successfully deleted: [FILE] C:\Program Files\minibar\initial_config.json
Successfully deleted: [FILE] C:\Program Files\minibar\main.js
Successfully deleted: [FILE] C:\Program Files\minibar\Minibar.dll
Successfully deleted: [FILE] C:\Program Files\minibar\kango-ui\commandbar_button.js
Successfully deleted: [FILE] C:\Program Files\minibar\kango-ui\toolbar.js
Successfully deleted: [FILE] C:\Program Files\minibar\kango-ui\toolbar_stub.html
Successfully deleted: [FILE] C:\Program Files\minibar\kango-ui\ui.js
Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders:

Successfully deleted: [FOLDER] "C:\Users\The Best Aunty\AppData\Roaming\dvdvideosoft"
Successfully deleted: [FOLDER] "C:\Users\The Best Aunty\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [FOLDER] "C:\Program Files\Common Files\dvdvideosoft"
Successfully deleted: [FOLDER] "C:\Users\The Best Aunty\appdata\local\minibar"
Successfully deleted: [FOLDER] "C:\Program Files\dvdvideosoft"
Successfully deleted: [FOLDER] "C:\Program Files\minibar"



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on 17/10/2012 at 23:46:27.99
End of Report



OTL Text

OTL logfile created on: 17/10/2012 11:50:47 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\The Best Aunty\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00002C09 | Country: Trinidad and Tobago | Language: ENT | Date Format: dd/MM/yyyy

3.50 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 52.46% Memory free
7.19 Gb Paging File | 5.27 Gb Available in Paging File | 73.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.17 Gb Total Space | 329.61 Gb Free Space | 73.55% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 5.20 Gb Free Space | 34.67% Space Free | Partition Type: NTFS
Drive F: | 442.98 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 930.86 Gb Total Space | 855.58 Gb Free Space | 91.91% Space Free | Partition Type: NTFS

Computer Name: NICOLE | User Name: The Best Aunty | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/17 23:49:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\The Best Aunty\Downloads\OTL.exe
PRC - [2012/10/17 23:38:51 | 000,554,958 | ---- | M] () -- C:\Users\The Best Aunty\Downloads\JRT.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/24 12:52:34 | 000,690,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_278_ActiveX.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/01/21 16:27:44 | 009,136,960 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2010/01/21 16:27:42 | 002,057,536 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2010/01/21 16:24:08 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009/03/27 04:09:57 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/05 18:19:08 | 000,173,296 | ---- | M] (SingleClick Systems) -- C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
PRC - [2008/11/03 10:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2008/10/04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/10/04 14:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/09/23 23:09:52 | 001,295,656 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2008/09/23 23:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/09/16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/02/22 18:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/01/20 22:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2008/01/20 22:23:41 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DFDWiz.exe
PRC - [2008/01/20 22:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/01 23:44:32 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2008/01/01 23:44:26 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/12/21 11:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/12/03 01:58:54 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/09/21 14:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
PRC - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
PRC - [2007/04/17 00:05:52 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
PRC - [2007/04/16 23:55:00 | 000,053,776 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\psqltray.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/17 23:38:51 | 000,554,958 | ---- | M] () -- C:\Users\The Best Aunty\Downloads\JRT.exe
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/24 03:39:37 | 015,880,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\e9894665ca88b954a7960ecbd9b7136b\MenuSkinning.ni.dll
MOD - [2011/06/24 03:39:28 | 001,712,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a3ba68e5c233fbd30a1e3458165d6a4f\Microsoft.VisualBasic.ni.dll
MOD - [2011/06/24 03:39:20 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\37fcf6436994c36769a13e2f60f5fe6f\VistaBridgeLibrary.ni.dll
MOD - [2011/06/24 03:39:17 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\18f2261a32e4aa98d770c405554bd8d5\System.Management.ni.dll
MOD - [2011/06/24 03:39:16 | 002,500,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\91435a256ee9ef041000e6837b66c49d\DellDock.ni.exe
MOD - [2011/06/24 03:39:14 | 000,274,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\f3ddaf6d419e4cd57ad9da11aa5dceb9\MyDock.Util.ni.dll
MOD - [2011/06/24 03:39:13 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\834074ae55ca3450c11eebe9c274abd3\System.ServiceProcess.ni.dll
MOD - [2011/06/24 03:39:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll
MOD - [2011/06/24 03:39:05 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\f8694104e62a8182b9fbbae0e5173fcf\System.Web.ni.dll
MOD - [2011/06/24 03:38:58 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\51bdab63dd9dbcddbfef9c82bffdbd59\System.Web.Services.ni.dll
MOD - [2011/06/24 03:38:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f183e57f94e56ac92ee99eed8e63943d\System.Configuration.ni.dll
MOD - [2011/06/24 03:38:49 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bc78764e2649bd53edc5c9884efba391\Accessibility.ni.dll
MOD - [2011/06/24 03:37:16 | 005,451,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\59f9dfe0ea64752c07f5a59c283c163b\System.Xml.ni.dll
MOD - [2011/06/24 03:36:59 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll
MOD - [2011/06/24 03:36:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll
MOD - [2011/06/24 03:36:38 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\44da3853aa13e56f38eac7480fffd48e\System.Data.ni.dll
MOD - [2011/06/24 03:35:51 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll
MOD - [2011/06/24 03:35:43 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll
MOD - [2009/08/19 15:49:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
MOD - [2009/07/29 15:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
MOD - [2008/12/18 05:55:28 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2008/11/03 10:54:00 | 001,745,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2008/11/03 10:54:00 | 000,262,384 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.dll
MOD - [2008/11/03 10:54:00 | 000,132,336 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2008/11/03 10:54:00 | 000,095,472 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\SdbUI.dll
MOD - [2008/11/03 10:54:00 | 000,058,608 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\BalloonWindow.dll
MOD - [2008/11/03 10:54:00 | 000,017,648 | ---- | M] () -- C:\Program Files\Dell DataSafe Online\CppUtils.dll
MOD - [2008/07/27 14:03:15 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/05/19 17:47:00 | 000,450,560 | ---- | M] () -- C:\Program Files\Common Files\Dell\apache\ioncube_loader_win_5.2.dll
MOD - [2007/09/21 14:32:18 | 002,035,712 | ---- | M] () -- C:\Program Files\Common Files\Dell\apache\libmysql.dll


========== Services (All) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2012/10/02 03:32:58 | 000,193,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/10/02 03:32:04 | 005,783,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/09 23:30:22 | 000,821,648 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2012/08/11 16:43:06 | 000,055,184 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/08/30 23:05:02 | 000,390,504 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2011/03/02 10:49:43 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2010/11/06 07:09:57 | 000,603,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/09/06 12:24:40 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/08/17 09:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2010/03/18 14:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/18 10:11:41 | 000,190,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - [2010/01/21 16:24:08 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/10/09 17:56:18 | 001,181,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WsmSvc.dll -- (WinRM)
SRV - [2009/10/09 17:55:52 | 000,146,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wecsvc.dll -- (Wecsvc)
SRV - [2009/08/24 08:16:12 | 000,378,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/08/06 22:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/07/11 15:32:52 | 000,513,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (Netlogon)
SRV - [2009/06/15 08:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/06/10 08:12:29 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009/03/27 04:14:46 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/03/27 04:12:10 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)
SRV - [2009/03/27 04:11:39 | 000,565,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2009/03/27 04:08:35 | 000,269,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2009/03/27 04:04:14 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2009/03/27 03:50:18 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/03/27 02:13:49 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/27 02:04:19 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/03/03 00:39:32 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/03/03 00:39:32 | 000,551,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/01/05 18:19:10 | 000,824,560 | ---- | M] (Dell Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/01/05 18:19:08 | 000,173,296 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2008/12/18 05:58:20 | 000,026,112 | ---- | M] () [Auto | Running] -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2008/12/04 17:03:00 | 000,226,640 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/10/04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2008/09/26 07:38:22 | 000,196,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2008/09/23 23:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/09/18 00:56:07 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wersvc.dll -- (WerSvc)
SRV - [2008/09/16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/07/27 14:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/19 21:14:44 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/06/19 21:14:31 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/06/19 21:14:31 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/03/24 08:35:22 | 000,074,384 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2008/01/20 22:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008/01/20 22:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (PNRPsvc)
SRV - [2008/01/20 22:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (PNRPAutoReg)
SRV - [2008/01/20 22:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2psvc)
SRV - [2008/01/20 22:25:26 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2pimsvc)
SRV - [2008/01/20 22:25:26 | 000,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc)
SRV - [2008/01/20 22:25:16 | 000,070,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)
SRV - [2008/01/20 22:25:11 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)
SRV - [2008/01/20 22:25:09 | 000,292,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008/01/20 22:25:05 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc)
SRV - [2008/01/20 22:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2008/01/20 22:25:00 | 002,623,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2008/01/20 22:25:00 | 000,758,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2008/01/20 22:25:00 | 000,382,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vds.exe -- (vds)
SRV - [2008/01/20 22:25:00 | 000,188,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc)
SRV - [2008/01/20 22:24:59 | 000,161,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2008/01/20 22:24:59 | 000,055,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc)
SRV - [2008/01/20 22:24:56 | 000,302,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\QAGENTRT.DLL -- (napagent)
SRV - [2008/01/20 22:24:55 | 000,574,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\gpsvc.dll -- (gpsvc)
SRV - [2008/01/20 22:24:55 | 000,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SessEnv.dll -- (SessionEnv)
SRV - [2008/01/20 22:24:54 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2008/01/20 22:24:54 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 22:24:54 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2008/01/20 22:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\mmcss.dll -- (THREADORDER)
SRV - [2008/01/20 22:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 22:24:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sysmain.dll -- (SysMain)
SRV - [2008/01/20 22:24:49 | 000,155,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/01/20 22:24:47 | 000,393,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2008/01/20 22:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2008/01/20 22:24:44 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\Sens.dll -- (SENS)
SRV - [2008/01/20 22:24:44 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\uxsms.dll -- (UxSms)
SRV - [2008/01/20 22:24:43 | 000,057,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SLUINotify.dll -- (SLUINotify)
SRV - [2008/01/20 22:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wdi.dll -- (WdiSystemHost)
SRV - [2008/01/20 22:24:37 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiServiceHost)
SRV - [2008/01/20 22:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2008/01/20 22:24:35 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dps.dll -- (DPS)
SRV - [2008/01/20 22:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/01/20 22:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2008/01/20 22:24:30 | 000,068,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc)
SRV - [2008/01/20 22:24:30 | 000,056,320 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\tbssvc.dll -- (TBS)
SRV - [2008/01/20 22:24:27 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/01/20 22:24:27 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2008/01/20 22:24:23 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 22:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 22:24:22 | 000,175,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2008/01/20 22:24:21 | 000,282,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\w32time.dll -- (W32Time)
SRV - [2008/01/20 22:24:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fdPHost.dll -- (fdPHost)
SRV - [2008/01/20 22:24:20 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr)
SRV - [2008/01/20 22:24:20 | 000,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/20 22:24:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (SCPolicySvc)
SRV - [2008/01/20 22:24:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\certprop.dll -- (CertPropSvc)
SRV - [2008/01/20 22:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2008/01/20 22:24:18 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\msdtckrm.dll -- (KtmRm)
SRV - [2008/01/20 22:24:18 | 000,105,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtc.exe -- (MSDTC)
SRV - [2008/01/20 22:24:18 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)
SRV - [2008/01/20 22:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 22:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2008/01/20 22:24:12 | 000,448,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\termsrv.dll -- (TermService)
SRV - [2008/01/20 22:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/20 22:24:10 | 000,039,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2008/01/20 22:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/01/20 22:24:08 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect)
SRV - [2008/01/20 22:24:05 | 000,075,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\trkwks.dll -- (TrkWks)
SRV - [2008/01/20 22:24:04 | 000,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\upnphost.dll -- (upnphost)
SRV - [2008/01/20 22:24:04 | 000,153,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2008/01/20 22:24:03 | 001,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pla.dll -- (pla)
SRV - [2008/01/20 22:24:02 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2008/01/20 22:24:02 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/01/20 22:23:55 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT)
SRV - [2008/01/20 22:23:54 | 000,328,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2008/01/20 22:23:53 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport)
SRV - [2008/01/20 22:23:52 | 000,137,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV - [2008/01/20 22:23:51 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2008/01/20 22:23:51 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/01/20 22:23:50 | 001,054,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2008/01/20 22:23:49 | 001,013,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2008/01/20 22:23:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI)
SRV - [2008/01/20 22:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 22:23:41 | 002,091,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dfsr.exe -- (DFSR)
SRV - [2008/01/20 22:23:39 | 000,452,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2008/01/20 22:23:39 | 000,412,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc)
SRV - [2008/01/20 22:23:39 | 000,196,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WebClnt.dll -- (WebClient)
SRV - [2008/01/20 22:23:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 22:23:31 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qwave.dll -- (QWAVE)
SRV - [2008/01/20 22:23:29 | 000,037,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\pcasvc.dll -- (PcaSvc)
SRV - [2008/01/20 22:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/01 23:44:32 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/01 23:44:26 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/21 14:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2007/09/14 14:35:04 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe -- (dsl-db)
SRV - [2006/11/02 08:35:29 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006/11/02 08:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 08:35:24 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\TabSvc.dll -- (TabletInputService)
SRV - [2006/11/02 05:46:13 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006/11/02 05:46:05 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lmhsvc.dll -- (lmhosts)
SRV - [2006/11/02 05:46:04 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FDResPub.dll -- (FDResPub)
SRV - [2006/11/02 05:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2006/11/02 05:45:46 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP)
SRV - [2006/11/02 05:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Locator.exe -- (RpcLocator)
SRV - [2006/11/02 05:45:02 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp)
SRV - [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/21 13:01:22 | 000,026,840 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012/07/09 13:42:56 | 000,044,032 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2011/07/06 10:56:47 | 000,213,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV - [2011/04/29 08:49:57 | 000,146,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)
DRV - [2011/04/29 08:49:55 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)
DRV - [2011/04/29 08:49:44 | 000,079,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV - [2011/04/29 08:49:35 | 000,105,984 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)
DRV - [2011/04/21 09:16:42 | 000,273,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\afd.sys -- (AFD)
DRV - [2011/04/14 10:24:14 | 000,075,264 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2011/02/22 08:51:51 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)
DRV - [2011/02/18 09:31:24 | 000,304,640 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srv.sys -- (srv)
DRV - [2011/02/16 18:56:00 | 000,064,000 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RimUsb.sys -- (RimUsb)
DRV - [2010/06/16 11:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip6)
DRV - [2010/06/16 11:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)
DRV - [2010/02/20 17:18:40 | 000,411,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\http.sys -- (HTTP)
DRV - [2010/02/18 07:52:00 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)
DRV - [2009/07/14 13:45:07 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000)
DRV - [2009/06/15 14:20:59 | 000,439,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/03/27 04:11:39 | 000,625,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV - [2009/03/27 04:11:39 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)
DRV - [2009/03/27 03:54:46 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (PSched)
DRV - [2009/03/27 03:50:13 | 000,196,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)
DRV - [2009/03/27 03:50:13 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2009/03/27 03:50:13 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)
DRV - [2009/03/27 03:50:13 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2009/03/27 03:50:06 | 000,246,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\clfs.sys -- (CLFS)
DRV - [2009/03/27 03:50:03 | 000,266,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\acpi.sys -- (ACPI)
DRV - [2009/03/27 03:49:54 | 000,028,728 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msahci.sys -- (msahci)
DRV - [2009/03/27 03:49:54 | 000,021,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\atapi.sys -- (atapi)
DRV - [2009/03/27 03:49:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/01/09 16:18:02 | 000,027,136 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RimSerial.sys -- (RimVSerPort)
DRV - [2008/12/18 05:57:10 | 001,331,192 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008/12/18 05:55:10 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/09/26 07:38:12 | 007,583,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/09/25 09:21:12 | 000,324,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iaStor.sys -- (iaStor)
DRV - [2008/06/17 12:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/02/08 00:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/01/20 22:25:05 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp)
DRV - [2008/01/20 22:25:02 | 000,136,192 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)
DRV - [2008/01/20 22:25:00 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\smb.sys -- (Smb)
DRV - [2008/01/20 22:24:59 | 000,184,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2008/01/20 22:24:59 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)
DRV - [2008/01/20 22:24:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)
DRV - [2008/01/20 22:24:57 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\modem.sys -- (Modem)
DRV - [2008/01/20 22:24:55 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/01/20 22:24:55 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/01/20 22:24:55 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/01/20 22:24:53 | 000,071,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)
DRV - [2008/01/20 22:24:51 | 000,006,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)
DRV - [2008/01/20 22:24:51 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/01/20 22:24:51 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/01/20 22:24:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/01/20 22:24:50 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/01/20 22:24:50 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV - [2008/01/20 22:24:49 | 000,181,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2008/01/20 22:24:49 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2008/01/20 22:24:47 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)
DRV - [2008/01/20 22:24:47 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)
DRV - [2008/01/20 22:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV - [2008/01/20 22:24:45 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2008/01/20 22:24:44 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)
DRV - [2008/01/20 22:24:37 | 000,084,480 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\System32\drivers\luafv.sys -- (luafv)
DRV - [2008/01/20 22:24:37 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)
DRV - [2008/01/20 22:24:37 | 000,047,104 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)
DRV - [2008/01/20 22:24:35 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/01/20 22:24:27 | 000,294,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)
DRV - [2008/01/20 22:24:26 | 000,163,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)
DRV - [2008/01/20 22:24:25 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)
DRV - [2008/01/20 22:24:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/01/20 22:24:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2008/01/20 22:24:25 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2008/01/20 22:24:25 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp)
DRV - [2008/01/20 22:24:21 | 000,027,648 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)
DRV - [2008/01/20 22:24:20 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/01/20 22:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)
DRV - [2008/01/20 22:24:18 | 000,224,768 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)
DRV - [2008/01/20 22:24:14 | 000,049,720 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\mup.sys -- (Mup)
DRV - [2008/01/20 22:24:13 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)
DRV - [2008/01/20 22:24:13 | 000,121,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/01/20 22:24:11 | 000,021,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)
DRV - [2008/01/20 22:24:08 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/01/20 22:24:08 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/01/20 22:24:06 | 000,012,800 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2008/01/20 22:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)
DRV - [2008/01/20 22:24:04 | 000,058,936 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo)
DRV - [2008/01/20 22:24:04 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/01/20 22:24:01 | 000,192,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/01/20 22:23:54 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/01/20 22:23:51 | 001,081,912 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/01/20 22:23:51 | 000,226,816 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)
DRV - [2008/01/20 22:23:51 | 000,070,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)
DRV - [2008/01/20 22:23:51 | 000,034,816 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/01/20 22:23:51 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/01/20 22:23:50 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)
DRV - [2008/01/20 22:23:44 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)
DRV - [2008/01/20 22:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/01/20 22:23:43 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)
DRV - [2008/01/20 22:23:39 | 000,143,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ecache.sys -- (Ecache)
DRV - [2008/01/20 22:23:39 | 000,110,080 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/01/20 22:23:31 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,041,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:26 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\circlass.sys -- (circlass)
DRV - [2008/01/20 22:23:26 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CmBatt.sys -- (CmBatt)
DRV - [2008/01/20 22:23:26 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60)
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/01/20 22:23:24 | 000,022,072 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wd.sys -- (Wd)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:23 | 000,035,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)
DRV - [2008/01/20 22:23:23 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/01/20 22:23:23 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk)
DRV - [2008/01/20 22:23:23 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV - [2008/01/20 22:23:23 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV - [2008/01/20 22:23:22 | 000,061,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV - [2008/01/20 22:23:22 | 000,059,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35)
DRV - [2008/01/20 22:23:22 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/01/20 22:23:22 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)
DRV - [2008/01/20 22:23:22 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)
DRV - [2008/01/20 22:23:22 | 000,024,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk)
DRV - [2008/01/20 22:23:22 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,227,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volsnap.sys -- (volsnap)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,094,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm)
DRV - [2008/01/20 22:23:21 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV - [2008/01/20 22:23:21 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:21 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:20 | 000,105,016 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\mpio.sys -- (mpio)
DRV - [2008/01/20 22:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\disk.sys -- (disk)
DRV - [2008/01/20 22:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/01/20 22:23:20 | 000,034,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)
DRV - [2008/01/20 22:23:20 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\fdc.sys -- (fdc)
DRV - [2008/01/20 22:23:20 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\flpydisk.sys -- (flpydisk)
DRV - [2008/01/20 22:23:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse)
DRV - [2008/01/20 22:23:20 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)
DRV - [2008/01/20 22:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2008/01/20 22:23:02 | 000,030,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\i2omp.sys -- (i2omp)
DRV - [2008/01/20 22:23:02 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)
DRV - [2008/01/20 22:23:01 | 000,248,832 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/01/20 22:23:01 | 000,181,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\msiscsi.sys -- (iScsiPrt)
DRV - [2008/01/20 22:23:01 | 000,151,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pci.sys -- (pci)
DRV - [2008/01/20 22:23:01 | 000,109,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp)
DRV - [2008/01/20 22:23:01 | 000,060,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV - [2008/01/20 22:23:01 | 000,057,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp)
DRV - [2008/01/20 22:23:01 | 000,056,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIAAGP.SYS -- (viaagp)
DRV - [2008/01/20 22:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGP440.sys -- (agp440)
DRV - [2008/01/20 22:23:01 | 000,055,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp)
DRV - [2008/01/20 22:23:01 | 000,054,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)
DRV - [2008/01/20 22:23:01 | 000,052,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr)
DRV - [2008/01/20 22:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/01/20 22:23:01 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2008/01/20 22:23:01 | 000,031,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/01/20 22:23:01 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv)
DRV - [2008/01/20 22:23:01 | 000,015,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)
DRV - [2008/01/20 22:23:00 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/01/20 22:23:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\processr.sys -- (Processor)
DRV - [2008/01/20 22:23:00 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe)
DRV - [2008/01/20 22:23:00 | 000,020,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\compbatt.sys -- (Compbatt)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\intelide.sys -- (intelide)
DRV - [2008/01/20 22:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\amdide.sys -- (amdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/20 22:23:00 | 000,016,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pciide.sys -- (pciide)
DRV - [2008/01/20 22:23:00 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/01/20 22:23:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev)
DRV - [2008/01/01 23:44:40 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/03 01:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/03 01:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/11/14 04:00:00 | 000,043,840 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pxhelp20.sys -- (PxHelp20)
DRV - [2007/05/24 08:35:02 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2007/05/10 03:00:06 | 000,182,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/04/16 23:44:34 | 000,046,992 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007/02/28 07:25:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/28 07:25:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/02/28 07:25:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/02 05:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\pcmcia.sys -- (pcmcia)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 05:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)
DRV - [2006/11/02 04:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM)
DRV - [2006/11/02 04:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth)
DRV - [2006/11/02 04:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbcir.sys -- (usbcir)
DRV - [2006/11/02 04:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\usbohci.sys -- (usbohci)
DRV - [2006/11/02 04:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\hidir.sys -- (HidIr)
DRV - [2006/11/02 04:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen)
DRV - [2006/11/02 04:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sfloppy.sys -- (sfloppy)
DRV - [2006/11/02 04:51:30 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2006/11/02 04:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)
DRV - [2006/11/02 04:51:25 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)
DRV - [2006/11/02 04:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\System32\WINSOCK.DLL -- (Winsock)
DRV - [2006/11/02 02:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {E627DC4B-8C04-4234-A2D4-1D634EE01C41}
IE - HKLM\..\SearchScopes\{E7FE5597-A262-4DCA-8872-8A1FF30B4C6B}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,defaultscope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}

IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\URLSearchHook: {539F76FD-084E-4858-86D5-62F02F54AE86} - SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}\InprocServer32 File not found
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\SearchScopes,DefaultScope = {0633ee93-d776-472f-a0ff-e1416b8b2e3a}
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\SearchScopes\{E7FE5597-A262-4DCA-8872-8A1FF30B4C6B}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-2056698984-1572301993-2071573121-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()



O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\Toolbar\WebBrowser: (no name) - {60EACC1A-33FA-443D-9846-17B28E2C9BDB} - No CLSID value found.
O3 - HKU\S-1-5-21-2056698984-1572301993-2071573121-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Fingerprint Reader Suite\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\The Best Aunty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8 - Extra context menu item: Free YouTube Download - C:\Users\The Best Aunty\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\The Best Aunty\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.1.104.36 200.1.104.35
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C2306B9-CA8B-4AED-92CF-D72932A46295}: DhcpNameServer = 200.1.104.36 200.1.104.35
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Tree.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Tree.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/01/28 16:00:27 | 000,000,088 | ---- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{41231f9a-0566-11e2-af9d-00219bef4f84}\Shell - "" = AutoRun
O33 - MountPoints2\{41231f9a-0566-11e2-af9d-00219bef4f84}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- [2010/01/21 20:13:40 | 003,330,848 | ---- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/17 23:39:47 | 000,000,000 | ---D | C] -- C:\JRT
[2012/10/14 02:07:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\The Best Aunty\Desktop\OTL.exe
[2012/10/14 00:54:05 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/10/14 00:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/10/14 00:50:36 | 003,007,280 | ---- | C] (Piriform Ltd) -- C:\Users\The Best Aunty\Desktop\ccsetup323_slim.exe
[2012/10/14 00:42:38 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Avg2013
[2012/10/13 06:14:53 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Stardock_Corporation
[2012/10/13 05:58:37 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/10/13 05:51:36 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\Desktop\gmer
[2012/10/13 05:41:56 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\The Best Aunty\Desktop\dds.com
[2012/09/26 07:37:44 | 000,000,000 | ---D | C] -- C:\INSANITY
[2012/09/25 21:33:04 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2012/09/24 12:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/09/24 06:28:25 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\Apple Computer
[2012/09/24 06:28:25 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Apple Computer
[2012/09/24 06:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/09/24 06:27:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/09/24 06:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/09/24 06:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/09/24 06:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/09/24 06:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/09/24 06:18:42 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Apple
[2012/09/24 06:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012/09/24 06:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/09/24 06:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/09/24 06:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/09/24 04:32:18 | 000,000,000 | ---D | C] -- C:\ProgramData\WD_SmartWareCommon
[2012/09/24 04:22:34 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Western_Digital
[2012/09/24 04:19:20 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\Western Digital
[2012/09/24 04:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2012/09/24 04:13:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2012/09/24 04:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2012/09/24 04:12:54 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\Western Digital
[2012/09/24 03:58:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2012/09/24 03:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012/09/24 03:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/09/23 22:08:49 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\Malwarebytes
[2012/09/23 22:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/23 22:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/23 22:08:32 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/23 22:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/23 22:07:36 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\The Best Aunty\Desktop\mbam-setup-1.65.0.1400.exe
[2012/09/23 22:05:09 | 001,678,240 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\The Best Aunty\Desktop\iExplore.exe
[2012/09/23 14:32:12 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Roaming\TuneUp Software
[2012/09/23 14:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/09/23 14:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/09/23 14:31:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/09/23 14:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/09/23 14:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/09/23 14:25:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/09/23 14:25:15 | 000,000,000 | ---D | C] -- C:\Users\The Best Aunty\AppData\Local\MFAData
[2012/09/23 14:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/09/23 14:24:52 | 004,411,736 | ---- | C] (AVG Technologies) -- C:\Users\The Best Aunty\Desktop\avg_free_stb_all_2013_2677_cnet.exe
[2012/09/23 05:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\036DFF853AC2E0A8004E71226C44B161

========== Files - Modified Within 30 Days ==========

[2012/10/17 23:27:15 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/17 23:19:18 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/17 23:17:23 | 003,007,280 | ---- | M] (Piriform Ltd) -- C:\Users\The Best Aunty\Desktop\ccsetup323_slim.exe
[2012/10/17 22:31:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/17 22:31:23 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/17 20:35:00 | 000,028,694 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/10/17 20:31:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/17 20:31:05 | 3756,044,288 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/14 02:07:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\The Best Aunty\Desktop\OTL.exe
[2012/10/14 01:13:12 | 000,297,543 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\JRT.exe
[2012/10/13 09:23:00 | 000,000,844 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/10/13 06:11:16 | 000,609,196 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/13 06:11:16 | 000,108,672 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/13 05:51:20 | 000,294,216 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\gmer.zip
[2012/10/13 05:43:34 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\The Best Aunty\Desktop\dds.com
[2012/10/13 05:38:42 | 000,000,000 | ---- | M] () -- C:\Users\The Best Aunty\defogger_reenable
[2012/10/13 05:38:18 | 000,050,477 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\Defogger.exe
[2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/27 21:55:34 | 000,034,684 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\Elson_James_CV.pdf
[2012/09/25 21:33:04 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2012/09/24 12:52:35 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/09/24 12:52:35 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/09/24 12:38:58 | 000,001,034 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\DVDVideoSoft Free Studio.lnk
[2012/09/24 06:28:10 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/24 04:19:01 | 000,001,284 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
[2012/09/24 04:19:01 | 000,001,223 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/09/24 03:58:29 | 000,001,734 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2012/09/23 22:08:11 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\The Best Aunty\Desktop\mbam-setup-1.65.0.1400.exe
[2012/09/23 22:05:36 | 001,678,240 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\The Best Aunty\Desktop\iExplore.exe
[2012/09/23 22:03:52 | 000,001,205 | ---- | M] () -- C:\Users\The Best Aunty\Desktop\registryfix.reg
[2012/09/23 14:25:06 | 004,411,736 | ---- | M] (AVG Technologies) -- C:\Users\The Best Aunty\Desktop\avg_free_stb_all_2013_2677_cnet.exe
[2012/09/22 21:29:50 | 000,028,694 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/09/22 17:11:01 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

========== Files Created - No Company Name ==========

[2012/10/17 23:19:18 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/10/14 01:13:10 | 000,297,543 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\JRT.exe
[2012/10/13 05:51:10 | 000,294,216 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\gmer.zip
[2012/10/13 05:38:42 | 000,000,000 | ---- | C] () -- C:\Users\The Best Aunty\defogger_reenable
[2012/10/13 05:38:10 | 000,050,477 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\Defogger.exe
[2012/09/27 21:55:33 | 000,034,684 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\Elson_James_CV.pdf
[2012/09/24 12:38:58 | 000,001,034 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\DVDVideoSoft Free Studio.lnk
[2012/09/24 06:28:10 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/09/24 06:18:37 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/09/24 04:19:01 | 000,001,284 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
[2012/09/24 04:19:01 | 000,001,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2012/09/24 03:58:29 | 000,001,734 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2012/09/24 03:29:26 | 3756,044,288 | -HS- | C] () -- C:\hiberfil.sys
[2012/09/23 22:08:33 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/23 22:03:49 | 000,001,205 | ---- | C] () -- C:\Users\The Best Aunty\Desktop\registryfix.reg
[2012/09/23 14:32:12 | 000,000,844 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/09/22 17:11:01 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/09/22 17:11:00 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/07/22 05:42:39 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2070N.DAT
[2012/07/22 05:42:09 | 000,000,146 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2012/07/22 05:41:59 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2012/07/22 05:41:56 | 000,008,975 | ---- | C] () -- C:\Windows\HL-2070N.INI
[2012/07/22 05:37:08 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini
[2012/07/22 05:37:08 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2012/07/21 20:23:41 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/05/09 22:57:20 | 000,000,552 | ---- | C] () -- C:\Users\The Best Aunty\AppData\Local\d3d8caps.dat
[2010/04/20 06:13:59 | 000,009,216 | ---- | C] () -- C:\Users\The Best Aunty\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/20 20:10:54 | 000,000,680 | ---- | C] () -- C:\Users\The Best Aunty\AppData\Local\d3d9caps.dat
[2010/01/14 22:45:01 | 000,028,694 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/01/14 19:37:24 | 000,028,694 | ---- | C] () -- C:\ProgramData\nvModes.dat

========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 00:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/20 22:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\The Best Aunty\Desktop\yes man.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\The Best Aunty\Desktop\Hulk.vs.Wolverine.2008.DVDRiP.XviD-WaLMaRT.avi:TOC.WMV
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:5D432CE3

< End of report >

#8 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:02 AM

Posted 18 October 2012 - 10:34 AM

Hi, much better! :thumbsup:

Posted Image Fix items using OTL

  • Double-click OTL.exe to run. (Vista/7 right-click and select Run as Administrator)
  • Shut down your protection software now (antivirus, antispyware...etc) to avoid possible conflicts.
  • Download the following file to your desktop:
  • Then drag OTLfix.txt into the Posted Image text-field.
  • You should see a bunch of text transferred over into the text-field.
  • Now click the Posted Image button.
  • The fix may require a reboot.
  • When OTL is finished, Notepad will open with some information regarding the OTL fix.
  • Paste the contents of this notepad window into your next message and let me how the computer is running.


#9 eaj115

eaj115
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 19 October 2012 - 06:18 AM

Dragging and dropping isnt working. Can I just open the txt file and copy and paste the contents in the area you indicated?

#10 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:02 AM

Posted 19 October 2012 - 12:16 PM

Can I just open the txt file and copy and paste the contents in the area you indicated?

Yes you can.

#11 eaj115

eaj115
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 21 October 2012 - 06:05 AM

I copied ans pasted the txt file and hit the "Run Fix" button and a few seconds later OTL stop responding. I have to force close the application.

#12 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:02 AM

Posted 21 October 2012 - 11:22 AM

I copied ans pasted the txt file and hit the "Run Fix" button and a few seconds later OTL stop responding. I have to force close the application.

Remember that you can try these steps in Safe Mode as well :thumbup2:

#13 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:02 AM

Posted 24 October 2012 - 02:09 AM

Are you still with me, eaj115?

#14 eaj115

eaj115
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:02 AM

Posted 24 October 2012 - 06:22 AM

I am. Ive tried running the txt script in both normal mode and safe mode and the OTL stops responding.

#15 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:02 AM

Posted 24 October 2012 - 01:21 PM

Retry 3 times while in Safe Mode.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users