Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Google Redirects


  • This topic is locked This topic is locked
30 replies to this topic

#1 csixtyfour

csixtyfour

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 24 October 2012 - 09:10 PM

Ok, to start, last Thursday I decided I wanted to play Aliens vs Predator 2 again. I installed the app (store bought version) but didn't get around to playing it. I shut my computer down and didn't think much about it.

The next day I booted up and got 2 messages. One was a Windows popup related to wmscr.dll and the other was Avast saying something was detected and a boot time scan was needed.

I rebooted and let the scan run. Three files were found. The 1st was a trojan java:agent-bxy and the other 2 were PUP ELF: Androot-J and Looter-H. The last 2 were from either my attempts to root my Nook or my phone.

Afterwards I booted up and ran a full Avast scan plus a full rootkit scan, no issues were found.

I got online with Firefox and started getting random redirects. After some Google searches, I found the proxy settings in Firefox had changed. I switched it back to No Proxy. I then ran both Spybot and malware-bytes, no issues found. Everything seemed to be working fine.

Over the weekend I played some AvP 2. Afterwards, I started getting random redirects. I checked the proxy, still set to no proxy.

I booted into safemode and ran full Avast, Malwarebytes and Spybot but found no issues. Checked my router, seeing a bunch of port 13 outgoing in the log, not sure if its related.

I'm still experiencing some random redirects. I really don't know if the AvP 2 install has anything to do with it but it's really the only thing I have done in the last couple months.

I need some help figuring out what is going on. I am using windows 7.

See for previous t/s http://www.bleepingcomputer.com/forums/topic472740.html

****************************

DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 9.0.8112.16421
Run by Seth at 21:45:05 on 2012-10-24
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.2038.836 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: LastPass Browser Helper Object: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - c:\program files\lastpass\LPBar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - c:\program files\lastpass\LPBar.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\seth\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [EPSON Stylus CX7800 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiafa.exe /fu "c:\windows\temp\E_SF1D2.tmp" /EF "HKCU"
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [ISW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\seth\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: LastPass - c:\program files\lastpass\context.html?cmd=lastpass
IE: LastPass Fill Forms - c:\program files\lastpass\context.html?cmd=fillforms
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - c:\program files\lastpass\LPBar.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 68.94.156.1 68.94.157.1
TCP: Interfaces\{72C8A5C2-D80C-4FEB-9B10-EC0EA991B376} : DHCPNameServer = 68.94.156.1 68.94.157.1
TCP: Interfaces\{F8093BB8-17AB-4A29-825F-D5F75BBD88D3} : DHCPNameServer = 68.94.156.1 68.94.157.1
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\seth\appdata\roaming\mozilla\firefox\profiles\9gfgde3z.default\
FF - prefs.js: browser.startup.homepage - hxxp://zenhabits.net/
FF - component: c:\users\seth\appdata\local\mozilla\firefox\profiles\9gfgde3z.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\seth\appdata\local\mozilla\firefox\profiles\9gfgde3z.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: c:\users\seth\appdata\local\mozilla\firefox\profiles\9gfgde3z.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\users\seth\appdata\local\mozilla\firefox\profiles\9gfgde3z.default\extensions\support@lastpass.com\platform\winnt_x86-msvc\components\lpxpcom.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin1017300.dll
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll
FF - plugin: c:\users\seth\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\seth\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\seth\appdata\roaming\mozilla\firefox\profiles\9gfgde3z.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\users\seth\appdata\roaming\mozilla\firefox\profiles\9gfgde3z.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll
FF - ExtSQL: !HIDDEN! 1970-01-16 10:11; {FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}; c:\users\seth\appdata\local\{FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-2-3 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-2-3 314456]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-2-3 20568]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-2-3 55128]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-2-3 44768]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497280]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-4-28 116648]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-4-28 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-27 113120]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-2-3 1343400]
.
=============== Created Last 30 ================
.
2012-10-23 00:57:35 -------- d-----w- C:\JRT
2012-10-21 12:38:56 -------- d-----w- c:\windows\system32\appmgmt
2012-10-18 22:54:58 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{fd5aca62-1e45-4cd6-8aa1-dc2c05200f37}\mpengine.dll
2012-10-18 01:39:38 -------- d-----w- c:\program files\GameSpy Arcade
2012-10-18 01:39:20 -------- d-----w- c:\program files\directx
2012-10-18 01:25:08 -------- d-----w- c:\program files\Fox
2012-10-18 01:24:56 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2012-10-18 01:24:56 221184 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2012-10-18 01:24:56 221184 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2012-10-18 01:24:55 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2012-10-17 22:20:44 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2012-10-17 22:20:44 17212 ----a-w- c:\windows\system32\SIntf32.dll
2012-10-17 22:20:44 12067 ----a-w- c:\windows\system32\SIntf16.dll
2012-10-06 12:11:43 -------- d-----w- c:\users\seth\appdata\local\{FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}
2012-09-26 00:36:53 -------- d-----w- c:\program files\Amazon
.
==================== Find3M ====================
.
2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 21:45:45.30 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 PM

Posted 24 October 2012 - 10:46 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 csixtyfour

csixtyfour
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 25 October 2012 - 05:05 AM

Results of screen317's Security Check version 0.99.53
Windows 7 x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.65.1.1000
CCleaner
Adobe Flash Player 11.1.102.55
Mozilla Firefox 14.0.1 Firefox out of Date!
Mozilla Thunderbird 14.0. Thunderbird out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm zatray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

#4 csixtyfour

csixtyfour
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 25 October 2012 - 05:11 AM

# AdwCleaner v2.005 - Logfile created 10/25/2012 at 06:06:42
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Professional (32 bits)
# User : Seth - SETH-PC
# Boot Mode : Normal
# Running from : C:\Users\Seth\Downloads\adwcleaner(2).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\staged

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\iql3mo3f.default\prefs.js

[OK] File is clean.

Profile name : Default User
File : C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\en2ivr00.TES_APRIL2011\prefs.js

[OK] File is clean.

Profile name : SETH-MAIN [Profil par défaut]
File : C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Grace\AppData\Roaming\Mozilla\Firefox\Profiles\ys5qs6wt.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4127 octets] - [23/10/2012 06:05:01]
AdwCleaner[S2].txt - [1439 octets] - [25/10/2012 06:06:42]

########## EOF - C:\AdwCleaner[S2].txt - [1499 octets] ##########

#5 csixtyfour

csixtyfour
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 25 October 2012 - 05:37 AM

Cannot run RogueKiller. About halfway through the scan, window popup says it stopped responding then it says it stopped working. Tried rebooting, logging off and back on, downloading again, running under another profile. Just doesn't run. Stops at "searching for proxy".

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 PM

Posted 25 October 2012 - 06:24 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 csixtyfour

csixtyfour
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 25 October 2012 - 05:43 PM

No issues. Got a random redirect before running combofix. Got another afterwards, Clicked on a link to sevenforums.com post and got directed to a scanerrors.com site.

ComboFix 12-10-25.02 - Seth 10/25/2012 18:20:06.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.2038.1023 [GMT -4:00]
Running from: c:\users\Seth\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\reyalphsalf.pad
c:\users\Seth\AppData\Local\Temp\_MEI23882\_ctypes.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\_elementtree.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\_hashlib.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\_socket.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\_ssl.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\pyexpat.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\pysqlite2._sqlite.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\python26.dll
c:\users\Seth\AppData\Local\Temp\_MEI23882\pythoncom26.dll
c:\users\Seth\AppData\Local\Temp\_MEI23882\pywintypes26.dll
c:\users\Seth\AppData\Local\Temp\_MEI23882\select.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\unicodedata.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\win32api.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\win32com.shell.shell.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\win32crypt.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\win32event.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\win32file.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\win32inet.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\win32pdh.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\win32process.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\win32security.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\windows._cacheinvalidation.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\wx._controls_.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\wx._core_.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\wx._gdi_.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\wx._html2.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\wx._misc_.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\wx._windows_.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\wx._wizard.pyd
c:\users\Seth\AppData\Local\Temp\_MEI23882\wxbase293u_net_vc.dll
c:\users\Seth\AppData\Local\Temp\_MEI23882\wxbase293u_vc.dll
c:\users\Seth\AppData\Local\Temp\_MEI23882\wxmsw293u_adv_vc.dll
c:\users\Seth\AppData\Local\Temp\_MEI23882\wxmsw293u_core_vc.dll
c:\users\Seth\AppData\Local\Temp\_MEI23882\wxmsw293u_html_vc.dll
c:\users\Seth\AppData\Local\Temp\_MEI23882\wxmsw293u_webview_vc.dll
c:\users\Seth\Documents\bills.xls~RF1edc8f65.TMP
c:\users\Seth\Documents\bills.xls~RF32a9abe2.TMP
.
.
((((((((((((((((((((((((( Files Created from 2012-09-25 to 2012-10-25 )))))))))))))))))))))))))))))))
.
.
2012-10-25 10:19 . 2012-10-25 10:34 13952 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2012-10-23 00:57 . 2012-10-23 01:11 -------- d-----w- C:\JRT
2012-10-18 22:54 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD5ACA62-1E45-4CD6-8AA1-DC2C05200F37}\mpengine.dll
2012-10-18 01:39 . 2012-10-18 01:39 -------- d-----w- c:\program files\GameSpy Arcade
2012-10-18 01:39 . 2012-10-18 01:39 -------- d-----w- c:\program files\directx
2012-10-18 01:25 . 2012-10-18 01:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-10-18 01:25 . 2012-10-18 01:25 -------- d-----w- c:\program files\Fox
2012-10-18 01:24 . 2012-10-18 01:24 -------- d-----w- c:\program files\Common Files\InstallShield
2012-10-17 22:20 . 2012-10-17 22:20 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2012-10-17 22:20 . 2012-10-17 22:20 17212 ----a-w- c:\windows\system32\SIntf32.dll
2012-10-17 22:20 . 2012-10-17 22:20 12067 ----a-w- c:\windows\system32\SIntf16.dll
2012-10-06 12:11 . 2012-10-06 12:11 -------- d-----w- c:\users\Seth\AppData\Local\{FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}
2012-09-26 00:39 . 2012-09-26 00:39 -------- d-----w- c:\users\Seth\AppData\Roaming\Amazon
2012-09-26 00:36 . 2012-09-26 00:36 -------- d-----w- c:\program files\Amazon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-29 23:54 . 2012-02-04 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 21:36 . 2012-02-26 13:54 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-09-21 21:35 . 2012-02-26 13:44 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-08-30 22:18 . 2012-03-23 22:09 4278384 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-08-30 22:17 . 2012-03-23 22:09 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-07-21 21:54 . 2012-02-04 02:35 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Seth\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Seth\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Seth\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2011-12-19 73360]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
c:\users\Seth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-28 12:52]
.
2012-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-28 12:52]
.
2012-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208528018-1981667741-1512666818-1001Core.job
- c:\users\Seth\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-04 15:16]
.
2012-10-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208528018-1981667741-1512666818-1001UA.job
- c:\users\Seth\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-04 15:16]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: LastPass - file://c:\program files\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\program files\LastPass\context.html?cmd=fillforms
TCP: DhcpNameServer = 68.94.156.1 68.94.157.1
FF - ProfilePath - c:\users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\
FF - prefs.js: browser.startup.homepage - hxxp://zenhabits.net/
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-ISW - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(6712)
c:\users\Seth\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\WUDFHost.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-10-25 18:35:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-25 22:35
.
Pre-Run: 14,939,406,336 bytes free
Post-Run: 15,036,862,464 bytes free
.
- - End Of File - - 70FC3ACA8F32FA6E7A39E3253D7F0471

Edited by csixtyfour, 25 October 2012 - 05:48 PM.


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 PM

Posted 25 October 2012 - 06:10 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 csixtyfour

csixtyfour
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 25 October 2012 - 06:37 PM

19:36:21.0511 1500 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
19:36:21.0822 1500 ============================================================
19:36:21.0822 1500 Current date / time: 2012/10/25 19:36:21.0822
19:36:21.0822 1500 SystemInfo:
19:36:21.0822 1500
19:36:21.0822 1500 OS Version: 6.1.7600 ServicePack: 0.0
19:36:21.0822 1500 Product type: Workstation
19:36:21.0822 1500 ComputerName: SETH-PC
19:36:21.0822 1500 UserName: Seth
19:36:21.0822 1500 Windows directory: C:\Windows
19:36:21.0822 1500 System windows directory: C:\Windows
19:36:21.0822 1500 Processor architecture: Intel x86
19:36:21.0822 1500 Number of processors: 2
19:36:21.0822 1500 Page size: 0x1000
19:36:21.0822 1500 Boot type: Normal boot
19:36:21.0822 1500 ============================================================
19:36:22.0731 1500 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:36:22.0754 1500 ============================================================
19:36:22.0754 1500 \Device\Harddisk0\DR0:
19:36:22.0754 1500 MBR partitions:
19:36:22.0754 1500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:36:22.0754 1500 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x7530000
19:36:22.0754 1500 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7562800, BlocksNum 0x15C62000
19:36:22.0754 1500 ============================================================
19:36:22.0778 1500 C: <-> \Device\Harddisk0\DR0\Partition2
19:36:22.0812 1500 E: <-> \Device\Harddisk0\DR0\Partition3
19:36:22.0812 1500 ============================================================
19:36:22.0813 1500 Initialize success
19:36:22.0813 1500 ============================================================
19:36:29.0997 6820 ============================================================
19:36:29.0997 6820 Scan started
19:36:29.0998 6820 Mode: Manual;
19:36:29.0998 6820 ============================================================
19:36:30.0654 6820 ================ Scan system memory ========================
19:36:30.0655 6820 System memory - ok
19:36:30.0656 6820 ================ Scan services =============================
19:36:30.0954 6820 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:36:30.0959 6820 1394ohci - ok
19:36:30.0985 6820 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
19:36:30.0992 6820 ACPI - ok
19:36:31.0013 6820 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
19:36:31.0015 6820 AcpiPmi - ok
19:36:31.0045 6820 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:36:31.0051 6820 adp94xx - ok
19:36:31.0067 6820 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:36:31.0073 6820 adpahci - ok
19:36:31.0090 6820 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:36:31.0093 6820 adpu320 - ok
19:36:31.0123 6820 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:36:31.0125 6820 AeLookupSvc - ok
19:36:31.0165 6820 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
19:36:31.0173 6820 AFD - ok
19:36:31.0198 6820 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
19:36:31.0200 6820 agp440 - ok
19:36:31.0219 6820 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:36:31.0221 6820 aic78xx - ok
19:36:31.0240 6820 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:36:31.0242 6820 ALG - ok
19:36:31.0262 6820 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
19:36:31.0264 6820 aliide - ok
19:36:31.0270 6820 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
19:36:31.0271 6820 amdagp - ok
19:36:31.0300 6820 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
19:36:31.0301 6820 amdide - ok
19:36:31.0315 6820 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:36:31.0317 6820 AmdK8 - ok
19:36:31.0323 6820 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:36:31.0325 6820 AmdPPM - ok
19:36:31.0354 6820 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:36:31.0356 6820 amdsata - ok
19:36:31.0379 6820 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:36:31.0382 6820 amdsbs - ok
19:36:31.0397 6820 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:36:31.0398 6820 amdxata - ok
19:36:31.0417 6820 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
19:36:31.0418 6820 AppID - ok
19:36:31.0445 6820 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:36:31.0447 6820 AppIDSvc - ok
19:36:31.0460 6820 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
19:36:31.0462 6820 Appinfo - ok
19:36:31.0552 6820 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:36:31.0555 6820 Apple Mobile Device - ok
19:36:31.0582 6820 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
19:36:31.0586 6820 AppMgmt - ok
19:36:31.0624 6820 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:36:31.0626 6820 arc - ok
19:36:31.0648 6820 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:36:31.0651 6820 arcsas - ok
19:36:31.0684 6820 [ 054DF24C92B55427E0757CFFF160E4F2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:36:31.0685 6820 aswFsBlk - ok
19:36:31.0714 6820 [ 258143605E77E4008F1758481D6A977D ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:36:31.0716 6820 aswMonFlt - ok
19:36:31.0733 6820 [ 352D5A48EBAB35A7693B048679304831 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
19:36:31.0734 6820 aswRdr - ok
19:36:31.0756 6820 [ 8D34D2B24297E27D93E847319ABFDEC4 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:36:31.0764 6820 aswSnx - ok
19:36:31.0785 6820 [ 010012597333DA1F46C3243F33F8409E ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:36:31.0790 6820 aswSP - ok
19:36:31.0821 6820 [ F9F84364416658E9786235904D448D37 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:36:31.0823 6820 aswTdi - ok
19:36:31.0838 6820 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:36:31.0840 6820 AsyncMac - ok
19:36:31.0855 6820 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
19:36:31.0856 6820 atapi - ok
19:36:31.0894 6820 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:36:31.0900 6820 AudioEndpointBuilder - ok
19:36:31.0918 6820 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:36:31.0922 6820 Audiosrv - ok
19:36:31.0956 6820 [ 996E6D052438E8D8DFD501F31560B2E0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:36:31.0957 6820 avast! Antivirus - ok
19:36:31.0979 6820 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:36:31.0981 6820 AxInstSV - ok
19:36:32.0011 6820 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:36:32.0017 6820 b06bdrv - ok
19:36:32.0041 6820 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:36:32.0044 6820 b57nd60x - ok
19:36:32.0134 6820 [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
19:36:32.0188 6820 BCM43XX - ok
19:36:32.0202 6820 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:36:32.0204 6820 BDESVC - ok
19:36:32.0218 6820 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:36:32.0220 6820 Beep - ok
19:36:32.0244 6820 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
19:36:32.0252 6820 BFE - ok
19:36:32.0292 6820 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\system32\qmgr.dll
19:36:32.0316 6820 BITS - ok
19:36:32.0330 6820 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:36:32.0331 6820 blbdrive - ok
19:36:32.0409 6820 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:36:32.0415 6820 Bonjour Service - ok
19:36:32.0441 6820 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:36:32.0443 6820 bowser - ok
19:36:32.0470 6820 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:36:32.0472 6820 BrFiltLo - ok
19:36:32.0482 6820 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:36:32.0484 6820 BrFiltUp - ok
19:36:32.0523 6820 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:36:32.0525 6820 BridgeMP - ok
19:36:32.0548 6820 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\Windows\System32\browser.dll
19:36:32.0550 6820 Browser - ok
19:36:32.0575 6820 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:36:32.0580 6820 Brserid - ok
19:36:32.0593 6820 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:36:32.0595 6820 BrSerWdm - ok
19:36:32.0601 6820 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:36:32.0603 6820 BrUsbMdm - ok
19:36:32.0608 6820 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:36:32.0610 6820 BrUsbSer - ok
19:36:32.0616 6820 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:36:32.0618 6820 BTHMODEM - ok
19:36:32.0641 6820 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:36:32.0643 6820 bthserv - ok
19:36:32.0707 6820 catchme - ok
19:36:32.0734 6820 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:36:32.0736 6820 cdfs - ok
19:36:32.0768 6820 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:36:32.0771 6820 cdrom - ok
19:36:32.0798 6820 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
19:36:32.0801 6820 CertPropSvc - ok
19:36:32.0817 6820 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:36:32.0818 6820 circlass - ok
19:36:32.0835 6820 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:36:32.0839 6820 CLFS - ok
19:36:32.0891 6820 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:36:32.0895 6820 clr_optimization_v2.0.50727_32 - ok
19:36:32.0956 6820 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:36:32.0959 6820 clr_optimization_v4.0.30319_32 - ok
19:36:32.0976 6820 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:36:32.0977 6820 CmBatt - ok
19:36:33.0002 6820 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
19:36:33.0004 6820 cmdide - ok
19:36:33.0040 6820 [ 36C252E474B2FFA0F0FBBFF20D92A640 ] CNG C:\Windows\system32\Drivers\cng.sys
19:36:33.0046 6820 CNG - ok
19:36:33.0066 6820 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:36:33.0067 6820 Compbatt - ok
19:36:33.0090 6820 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:36:33.0092 6820 CompositeBus - ok
19:36:33.0109 6820 COMSysApp - ok
19:36:33.0127 6820 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:36:33.0129 6820 crcdisk - ok
19:36:33.0164 6820 [ 9C231178CE4FB385F4B54B0A9080B8A4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:36:33.0167 6820 CryptSvc - ok
19:36:33.0203 6820 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
19:36:33.0208 6820 CSC - ok
19:36:33.0220 6820 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
19:36:33.0229 6820 CscService - ok
19:36:33.0273 6820 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
19:36:33.0280 6820 DcomLaunch - ok
19:36:33.0291 6820 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:36:33.0296 6820 defragsvc - ok
19:36:33.0325 6820 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:36:33.0326 6820 DfsC - ok
19:36:33.0353 6820 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:36:33.0358 6820 Dhcp - ok
19:36:33.0368 6820 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:36:33.0369 6820 discache - ok
19:36:33.0403 6820 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:36:33.0404 6820 Disk - ok
19:36:33.0431 6820 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:36:33.0435 6820 Dnscache - ok
19:36:33.0454 6820 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
19:36:33.0458 6820 dot3svc - ok
19:36:33.0470 6820 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
19:36:33.0475 6820 DPS - ok
19:36:33.0511 6820 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:36:33.0512 6820 drmkaud - ok
19:36:33.0549 6820 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:36:33.0559 6820 DXGKrnl - ok
19:36:33.0582 6820 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:36:33.0585 6820 EapHost - ok
19:36:33.0670 6820 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:36:33.0756 6820 ebdrv - ok
19:36:33.0779 6820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
19:36:33.0782 6820 EFS - ok
19:36:33.0835 6820 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:36:33.0849 6820 ehRecvr - ok
19:36:33.0874 6820 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
19:36:33.0876 6820 ehSched - ok
19:36:33.0929 6820 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:36:33.0946 6820 elxstor - ok
19:36:34.0018 6820 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
19:36:34.0022 6820 EPSON_PM_RPCV4_01 - ok
19:36:34.0038 6820 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
19:36:34.0041 6820 ErrDev - ok
19:36:34.0085 6820 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:36:34.0091 6820 EventSystem - ok
19:36:34.0113 6820 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:36:34.0116 6820 exfat - ok
19:36:34.0145 6820 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:36:34.0149 6820 fastfat - ok
19:36:34.0176 6820 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
19:36:34.0186 6820 Fax - ok
19:36:34.0192 6820 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:36:34.0194 6820 fdc - ok
19:36:34.0204 6820 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:36:34.0207 6820 fdPHost - ok
19:36:34.0215 6820 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:36:34.0217 6820 FDResPub - ok
19:36:34.0232 6820 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:36:34.0233 6820 FileInfo - ok
19:36:34.0243 6820 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:36:34.0245 6820 Filetrace - ok
19:36:34.0263 6820 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:36:34.0264 6820 flpydisk - ok
19:36:34.0281 6820 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:36:34.0284 6820 FltMgr - ok
19:36:34.0319 6820 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll
19:36:34.0346 6820 FontCache - ok
19:36:34.0382 6820 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:36:34.0383 6820 FontCache3.0.0.0 - ok
19:36:34.0400 6820 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:36:34.0402 6820 FsDepends - ok
19:36:34.0418 6820 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:36:34.0419 6820 Fs_Rec - ok
19:36:34.0460 6820 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:36:34.0464 6820 fvevol - ok
19:36:34.0498 6820 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:36:34.0500 6820 gagp30kx - ok
19:36:34.0530 6820 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:36:34.0532 6820 GEARAspiWDM - ok
19:36:34.0569 6820 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
19:36:34.0583 6820 gpsvc - ok
19:36:34.0622 6820 [ F058C5F64DFF28A2C8D7D1D04171E604 ] guardian2 C:\Windows\system32\Drivers\oz776.sys
19:36:34.0625 6820 guardian2 - ok
19:36:34.0693 6820 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:36:34.0695 6820 gupdate - ok
19:36:34.0708 6820 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:36:34.0709 6820 gupdatem - ok
19:36:34.0733 6820 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:36:34.0735 6820 hcw85cir - ok
19:36:34.0783 6820 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:36:34.0787 6820 HdAudAddService - ok
19:36:34.0815 6820 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:36:34.0817 6820 HDAudBus - ok
19:36:34.0834 6820 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:36:34.0836 6820 HidBatt - ok
19:36:34.0858 6820 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:36:34.0861 6820 HidBth - ok
19:36:34.0876 6820 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:36:34.0878 6820 HidIr - ok
19:36:34.0905 6820 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
19:36:34.0908 6820 hidserv - ok
19:36:34.0918 6820 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:36:34.0919 6820 HidUsb - ok
19:36:34.0928 6820 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:36:34.0932 6820 hkmsvc - ok
19:36:34.0952 6820 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:36:34.0958 6820 HomeGroupListener - ok
19:36:34.0978 6820 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:36:34.0985 6820 HomeGroupProvider - ok
19:36:35.0003 6820 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
19:36:35.0005 6820 HpSAMD - ok
19:36:35.0034 6820 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:36:35.0041 6820 HTTP - ok
19:36:35.0051 6820 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:36:35.0052 6820 hwpolicy - ok
19:36:35.0079 6820 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:36:35.0081 6820 i8042prt - ok
19:36:35.0120 6820 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:36:35.0125 6820 iaStorV - ok
19:36:35.0175 6820 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:36:35.0201 6820 idsvc - ok
19:36:35.0347 6820 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:36:35.0461 6820 igfx - ok
19:36:35.0485 6820 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:36:35.0486 6820 iirsp - ok
19:36:35.0530 6820 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
19:36:35.0546 6820 IKEEXT - ok
19:36:35.0558 6820 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:36:35.0559 6820 intelide - ok
19:36:35.0581 6820 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:36:35.0583 6820 intelppm - ok
19:36:35.0595 6820 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:36:35.0599 6820 IPBusEnum - ok
19:36:35.0610 6820 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:36:35.0612 6820 IpFilterDriver - ok
19:36:35.0639 6820 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:36:35.0647 6820 iphlpsvc - ok
19:36:35.0661 6820 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:36:35.0664 6820 IPMIDRV - ok
19:36:35.0670 6820 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:36:35.0673 6820 IPNAT - ok
19:36:35.0711 6820 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:36:35.0717 6820 iPod Service - ok
19:36:35.0741 6820 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:36:35.0742 6820 IRENUM - ok
19:36:35.0757 6820 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
19:36:35.0759 6820 isapnp - ok
19:36:35.0782 6820 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:36:35.0786 6820 iScsiPrt - ok
19:36:35.0834 6820 [ 08A811BFD207DFDEC588881C18BACBAA ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
19:36:35.0836 6820 ISWKL - ok
19:36:35.0854 6820 [ 5B2CCEF06F96DFB22893AB8F0B3F891D ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
19:36:35.0858 6820 IswSvc - ok
19:36:35.0946 6820 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:36:35.0949 6820 kbdclass - ok
19:36:35.0979 6820 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:36:35.0982 6820 kbdhid - ok
19:36:36.0012 6820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
19:36:36.0018 6820 KeyIso - ok
19:36:36.0048 6820 [ 0263364ACB9C834ACE52FB85C2C064EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:36:36.0050 6820 KSecDD - ok
19:36:36.0065 6820 [ 27391DB553BE2A4E2B0ADEEA2873B2AF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:36:36.0068 6820 KSecPkg - ok
19:36:36.0101 6820 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:36:36.0112 6820 KtmRm - ok
19:36:36.0145 6820 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\System32\srvsvc.dll
19:36:36.0157 6820 LanmanServer - ok
19:36:36.0179 6820 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:36:36.0190 6820 LanmanWorkstation - ok
19:36:36.0229 6820 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:36:36.0231 6820 lltdio - ok
19:36:36.0255 6820 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:36:36.0261 6820 lltdsvc - ok
19:36:36.0274 6820 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:36:36.0278 6820 lmhosts - ok
19:36:36.0309 6820 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:36:36.0311 6820 LSI_FC - ok
19:36:36.0325 6820 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:36:36.0327 6820 LSI_SAS - ok
19:36:36.0344 6820 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:36:36.0346 6820 LSI_SAS2 - ok
19:36:36.0359 6820 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:36:36.0361 6820 LSI_SCSI - ok
19:36:36.0379 6820 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:36:36.0380 6820 luafv - ok
19:36:36.0406 6820 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:36:36.0411 6820 Mcx2Svc - ok
19:36:36.0420 6820 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:36:36.0422 6820 megasas - ok
19:36:36.0439 6820 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:36:36.0443 6820 MegaSR - ok
19:36:36.0456 6820 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:36:36.0461 6820 MMCSS - ok
19:36:36.0477 6820 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:36:36.0479 6820 Modem - ok
19:36:36.0505 6820 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:36:36.0506 6820 monitor - ok
19:36:36.0534 6820 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:36:36.0535 6820 mouclass - ok
19:36:36.0564 6820 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:36:36.0566 6820 mouhid - ok
19:36:36.0593 6820 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:36:36.0595 6820 mountmgr - ok
19:36:36.0652 6820 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:36:36.0656 6820 MozillaMaintenance - ok
19:36:36.0680 6820 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
19:36:36.0684 6820 mpio - ok
19:36:36.0705 6820 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:36:36.0707 6820 mpsdrv - ok
19:36:36.0743 6820 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
19:36:36.0759 6820 MpsSvc - ok
19:36:36.0776 6820 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:36:36.0779 6820 MRxDAV - ok
19:36:36.0804 6820 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:36:36.0806 6820 mrxsmb - ok
19:36:36.0819 6820 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:36:36.0823 6820 mrxsmb10 - ok
19:36:36.0849 6820 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:36:36.0851 6820 mrxsmb20 - ok
19:36:36.0865 6820 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
19:36:36.0867 6820 msahci - ok
19:36:36.0882 6820 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
19:36:36.0885 6820 msdsm - ok
19:36:36.0899 6820 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:36:36.0905 6820 MSDTC - ok
19:36:36.0927 6820 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:36:36.0929 6820 Msfs - ok
19:36:36.0942 6820 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:36:36.0944 6820 mshidkmdf - ok
19:36:36.0955 6820 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
19:36:36.0956 6820 msisadrv - ok
19:36:36.0983 6820 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:36:36.0988 6820 MSiSCSI - ok
19:36:36.0992 6820 msiserver - ok
19:36:37.0015 6820 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:36:37.0017 6820 MSKSSRV - ok
19:36:37.0030 6820 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:36:37.0031 6820 MSPCLOCK - ok
19:36:37.0036 6820 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:36:37.0038 6820 MSPQM - ok
19:36:37.0056 6820 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:36:37.0058 6820 MsRPC - ok
19:36:37.0074 6820 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:36:37.0075 6820 mssmbios - ok
19:36:37.0080 6820 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:36:37.0082 6820 MSTEE - ok
19:36:37.0088 6820 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:36:37.0089 6820 MTConfig - ok
19:36:37.0100 6820 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:36:37.0101 6820 Mup - ok
19:36:37.0134 6820 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
19:36:37.0142 6820 napagent - ok
19:36:37.0181 6820 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:36:37.0186 6820 NativeWifiP - ok
19:36:37.0208 6820 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:36:37.0219 6820 NDIS - ok
19:36:37.0228 6820 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:36:37.0230 6820 NdisCap - ok
19:36:37.0253 6820 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:36:37.0254 6820 NdisTapi - ok
19:36:37.0266 6820 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:36:37.0268 6820 Ndisuio - ok
19:36:37.0279 6820 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:36:37.0281 6820 NdisWan - ok
19:36:37.0292 6820 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:36:37.0294 6820 NDProxy - ok
19:36:37.0299 6820 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:36:37.0301 6820 NetBIOS - ok
19:36:37.0319 6820 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:36:37.0322 6820 NetBT - ok
19:36:37.0337 6820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
19:36:37.0340 6820 Netlogon - ok
19:36:37.0386 6820 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:36:37.0393 6820 Netman - ok
19:36:37.0409 6820 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:36:37.0418 6820 netprofm - ok
19:36:37.0446 6820 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:36:37.0449 6820 NetTcpPortSharing - ok
19:36:37.0466 6820 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:36:37.0468 6820 nfrd960 - ok
19:36:37.0484 6820 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
19:36:37.0491 6820 NlaSvc - ok
19:36:37.0505 6820 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:36:37.0507 6820 Npfs - ok
19:36:37.0515 6820 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:36:37.0519 6820 nsi - ok
19:36:37.0528 6820 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:36:37.0530 6820 nsiproxy - ok
19:36:37.0581 6820 [ 187002CE05693C306F43C873F821381F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:36:37.0606 6820 Ntfs - ok
19:36:37.0617 6820 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:36:37.0619 6820 Null - ok
19:36:37.0672 6820 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:36:37.0675 6820 nvraid - ok
19:36:37.0699 6820 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:36:37.0705 6820 nvstor - ok
19:36:37.0723 6820 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
19:36:37.0726 6820 nv_agp - ok
19:36:37.0749 6820 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:36:37.0752 6820 ohci1394 - ok
19:36:37.0790 6820 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:36:37.0799 6820 p2pimsvc - ok
19:36:37.0814 6820 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:36:37.0824 6820 p2psvc - ok
19:36:37.0851 6820 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:36:37.0853 6820 Parport - ok
19:36:37.0870 6820 [ FF4218952B51DE44FE910953A3E686B9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:36:37.0871 6820 partmgr - ok
19:36:37.0886 6820 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:36:37.0888 6820 Parvdm - ok
19:36:37.0902 6820 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:36:37.0908 6820 PcaSvc - ok
19:36:37.0922 6820 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
19:36:37.0925 6820 pci - ok
19:36:37.0937 6820 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
19:36:37.0939 6820 pciide - ok
19:36:37.0957 6820 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:36:37.0960 6820 pcmcia - ok
19:36:37.0969 6820 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:36:37.0971 6820 pcw - ok
19:36:37.0983 6820 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:36:37.0991 6820 PEAUTH - ok
19:36:38.0032 6820 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:36:38.0058 6820 PeerDistSvc - ok
19:36:38.0102 6820 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
19:36:38.0137 6820 pla - ok
19:36:38.0189 6820 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:36:38.0199 6820 PlugPlay - ok
19:36:38.0228 6820 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
19:36:38.0233 6820 PnkBstrA - ok
19:36:38.0249 6820 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:36:38.0254 6820 PNRPAutoReg - ok
19:36:38.0273 6820 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:36:38.0279 6820 PNRPsvc - ok
19:36:38.0304 6820 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:36:38.0311 6820 PolicyAgent - ok
19:36:38.0344 6820 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
19:36:38.0351 6820 Power - ok
19:36:38.0378 6820 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:36:38.0380 6820 PptpMiniport - ok
19:36:38.0395 6820 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:36:38.0397 6820 Processor - ok
19:36:38.0417 6820 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
19:36:38.0424 6820 ProfSvc - ok
19:36:38.0436 6820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:36:38.0440 6820 ProtectedStorage - ok
19:36:38.0449 6820 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:36:38.0451 6820 Psched - ok
19:36:38.0490 6820 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:36:38.0524 6820 ql2300 - ok
19:36:38.0540 6820 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:36:38.0543 6820 ql40xx - ok
19:36:38.0563 6820 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:36:38.0570 6820 QWAVE - ok
19:36:38.0585 6820 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:36:38.0586 6820 QWAVEdrv - ok
19:36:38.0601 6820 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:36:38.0602 6820 RasAcd - ok
19:36:38.0631 6820 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:36:38.0632 6820 RasAgileVpn - ok
19:36:38.0645 6820 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:36:38.0651 6820 RasAuto - ok
19:36:38.0660 6820 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:36:38.0662 6820 Rasl2tp - ok
19:36:38.0679 6820 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
19:36:38.0687 6820 RasMan - ok
19:36:38.0701 6820 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:36:38.0703 6820 RasPppoe - ok
19:36:38.0718 6820 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:36:38.0720 6820 RasSstp - ok
19:36:38.0736 6820 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:36:38.0740 6820 rdbss - ok
19:36:38.0749 6820 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:36:38.0751 6820 rdpbus - ok
19:36:38.0766 6820 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:36:38.0767 6820 RDPCDD - ok
19:36:38.0789 6820 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:36:38.0792 6820 RDPDR - ok
19:36:38.0814 6820 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:36:38.0815 6820 RDPENCDD - ok
19:36:38.0828 6820 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:36:38.0829 6820 RDPREFMP - ok
19:36:38.0857 6820 [ 0399C725A9C95A6F1862B93F008DDF4A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:36:38.0861 6820 RDPWD - ok
19:36:38.0868 6820 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:36:38.0871 6820 rdyboost - ok
19:36:38.0897 6820 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:36:38.0902 6820 RemoteAccess - ok
19:36:38.0936 6820 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:36:38.0950 6820 RemoteRegistry - ok
19:36:38.0967 6820 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:36:38.0974 6820 RpcEptMapper - ok
19:36:38.0991 6820 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:36:38.0995 6820 RpcLocator - ok
19:36:39.0014 6820 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
19:36:39.0021 6820 RpcSs - ok
19:36:39.0034 6820 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:36:39.0037 6820 rspndr - ok
19:36:39.0062 6820 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
19:36:39.0064 6820 s3cap - ok
19:36:39.0078 6820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
19:36:39.0082 6820 SamSs - ok
19:36:39.0101 6820 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
19:36:39.0103 6820 sbp2port - ok
19:36:39.0122 6820 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:36:39.0129 6820 SCardSvr - ok
19:36:39.0144 6820 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:36:39.0145 6820 scfilter - ok
19:36:39.0180 6820 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
19:36:39.0206 6820 Schedule - ok
19:36:39.0239 6820 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:36:39.0240 6820 SCPolicySvc - ok
19:36:39.0264 6820 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:36:39.0271 6820 SDRSVC - ok
19:36:39.0296 6820 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:36:39.0297 6820 secdrv - ok
19:36:39.0312 6820 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:36:39.0318 6820 seclogon - ok
19:36:39.0333 6820 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
19:36:39.0339 6820 SENS - ok
19:36:39.0371 6820 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:36:39.0376 6820 SensrSvc - ok
19:36:39.0394 6820 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:36:39.0396 6820 Serenum - ok
19:36:39.0413 6820 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:36:39.0415 6820 Serial - ok
19:36:39.0428 6820 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:36:39.0430 6820 sermouse - ok
19:36:39.0456 6820 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
19:36:39.0462 6820 SessionEnv - ok
19:36:39.0482 6820 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:36:39.0484 6820 sffdisk - ok
19:36:39.0502 6820 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:36:39.0504 6820 sffp_mmc - ok
19:36:39.0519 6820 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:36:39.0521 6820 sffp_sd - ok
19:36:39.0538 6820 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:36:39.0539 6820 sfloppy - ok
19:36:39.0566 6820 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:36:39.0572 6820 SharedAccess - ok
19:36:39.0590 6820 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:36:39.0599 6820 ShellHWDetection - ok
19:36:39.0605 6820 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
19:36:39.0607 6820 sisagp - ok
19:36:39.0626 6820 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:36:39.0628 6820 SiSRaid2 - ok
19:36:39.0641 6820 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:36:39.0643 6820 SiSRaid4 - ok
19:36:39.0659 6820 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:36:39.0662 6820 Smb - ok
19:36:39.0688 6820 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:36:39.0694 6820 SNMPTRAP - ok
19:36:39.0701 6820 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:36:39.0702 6820 spldr - ok
19:36:39.0734 6820 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
19:36:39.0743 6820 Spooler - ok
19:36:39.0815 6820 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
19:36:39.0902 6820 sppsvc - ok
19:36:39.0909 6820 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:36:39.0916 6820 sppuinotify - ok
19:36:39.0945 6820 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:36:39.0948 6820 srv - ok
19:36:39.0958 6820 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:36:39.0968 6820 srv2 - ok
19:36:40.0002 6820 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:36:40.0005 6820 SrvHsfHDA - ok
19:36:40.0035 6820 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:36:40.0061 6820 SrvHsfV92 - ok
19:36:40.0081 6820 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:36:40.0090 6820 SrvHsfWinac - ok
19:36:40.0108 6820 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:36:40.0110 6820 srvnet - ok
19:36:40.0124 6820 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:36:40.0131 6820 SSDPSRV - ok
19:36:40.0138 6820 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:36:40.0144 6820 SstpSvc - ok
19:36:40.0169 6820 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:36:40.0171 6820 stexstor - ok
19:36:40.0206 6820 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
19:36:40.0221 6820 StiSvc - ok
19:36:40.0248 6820 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
19:36:40.0249 6820 storflt - ok
19:36:40.0276 6820 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
19:36:40.0282 6820 StorSvc - ok
19:36:40.0309 6820 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
19:36:40.0311 6820 storvsc - ok
19:36:40.0328 6820 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:36:40.0330 6820 swenum - ok
19:36:40.0350 6820 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:36:40.0359 6820 swprv - ok
19:36:40.0419 6820 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
19:36:40.0461 6820 SysMain - ok
19:36:40.0475 6820 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:36:40.0481 6820 TabletInputService - ok
19:36:40.0495 6820 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
19:36:40.0503 6820 TapiSrv - ok
19:36:40.0517 6820 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:36:40.0523 6820 TBS - ok
19:36:40.0565 6820 [ 56C198AC82EFA622DD93E9E43575F79C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:36:40.0591 6820 Tcpip - ok
19:36:40.0613 6820 [ 56C198AC82EFA622DD93E9E43575F79C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:36:40.0622 6820 TCPIP6 - ok
19:36:40.0649 6820 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:36:40.0650 6820 tcpipreg - ok
19:36:40.0666 6820 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:36:40.0668 6820 TDPIPE - ok
19:36:40.0681 6820 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:36:40.0683 6820 TDTCP - ok
19:36:40.0703 6820 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:36:40.0705 6820 tdx - ok
19:36:40.0720 6820 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:36:40.0722 6820 TermDD - ok
19:36:40.0742 6820 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
19:36:40.0759 6820 TermService - ok
19:36:40.0772 6820 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:36:40.0778 6820 Themes - ok
19:36:40.0789 6820 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:36:40.0793 6820 THREADORDER - ok
19:36:40.0808 6820 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:36:40.0814 6820 TrkWks - ok
19:36:40.0867 6820 [ 26C062A4480B9D7C26E1CE4BF50D10FC ] TrueSight C:\Windows\system32\drivers\TrueSight.sys
19:36:40.0871 6820 TrueSight - ok
19:36:40.0917 6820 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:36:40.0923 6820 TrustedInstaller - ok
19:36:40.0945 6820 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:36:40.0948 6820 tssecsrv - ok
19:36:40.0975 6820 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:36:40.0978 6820 tunnel - ok
19:36:41.0007 6820 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:36:41.0009 6820 uagp35 - ok
19:36:41.0029 6820 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:36:41.0034 6820 udfs - ok
19:36:41.0068 6820 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:36:41.0076 6820 UI0Detect - ok
19:36:41.0090 6820 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
19:36:41.0092 6820 uliagpkx - ok
19:36:41.0113 6820 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:36:41.0115 6820 umbus - ok
19:36:41.0134 6820 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:36:41.0136 6820 UmPass - ok
19:36:41.0169 6820 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
19:36:41.0179 6820 UmRdpService - ok
19:36:41.0206 6820 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:36:41.0217 6820 upnphost - ok
19:36:41.0247 6820 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:36:41.0250 6820 usbccgp - ok
19:36:41.0269 6820 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:36:41.0272 6820 usbcir - ok
19:36:41.0286 6820 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:36:41.0288 6820 usbehci - ok
19:36:41.0305 6820 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:36:41.0310 6820 usbhub - ok
19:36:41.0328 6820 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:36:41.0331 6820 usbohci - ok
19:36:41.0361 6820 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:36:41.0363 6820 usbprint - ok
19:36:41.0386 6820 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:36:41.0389 6820 usbscan - ok
19:36:41.0403 6820 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:36:41.0406 6820 USBSTOR - ok
19:36:41.0421 6820 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:36:41.0423 6820 usbuhci - ok
19:36:41.0453 6820 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:36:41.0461 6820 UxSms - ok
19:36:41.0469 6820 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
19:36:41.0474 6820 VaultSvc - ok
19:36:41.0500 6820 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
19:36:41.0502 6820 vdrvroot - ok
19:36:41.0525 6820 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
19:36:41.0540 6820 vds - ok
19:36:41.0551 6820 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:36:41.0554 6820 vga - ok
19:36:41.0559 6820 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:36:41.0561 6820 VgaSave - ok
19:36:41.0576 6820 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
19:36:41.0580 6820 vhdmp - ok
19:36:41.0604 6820 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
19:36:41.0606 6820 viaagp - ok
19:36:41.0616 6820 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:36:41.0618 6820 ViaC7 - ok
19:36:41.0630 6820 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
19:36:41.0632 6820 viaide - ok
19:36:41.0655 6820 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
19:36:41.0658 6820 vmbus - ok
19:36:41.0671 6820 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
19:36:41.0672 6820 VMBusHID - ok
19:36:41.0689 6820 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
19:36:41.0690 6820 volmgr - ok
19:36:41.0707 6820 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:36:41.0712 6820 volmgrx - ok
19:36:41.0720 6820 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
19:36:41.0724 6820 volsnap - ok
19:36:41.0773 6820 [ 6292C794BA68E0F46A6D45468461AFE1 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
19:36:41.0777 6820 Vsdatant - ok
19:36:41.0801 6820 vsmon - ok
19:36:41.0820 6820 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:36:41.0823 6820 vsmraid - ok
19:36:41.0861 6820 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
19:36:41.0888 6820 VSS - ok
19:36:41.0899 6820 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:36:41.0900 6820 vwifibus - ok
19:36:41.0922 6820 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:36:41.0924 6820 vwififlt - ok
19:36:41.0961 6820 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:36:41.0971 6820 W32Time - ok
19:36:41.0987 6820 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:36:41.0989 6820 WacomPen - ok
19:36:41.0999 6820 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:36:42.0001 6820 WANARP - ok
19:36:42.0006 6820 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:36:42.0007 6820 Wanarpv6 - ok
19:36:42.0058 6820 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:36:42.0084 6820 WatAdminSvc - ok
19:36:42.0115 6820 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
19:36:42.0149 6820 wbengine - ok
19:36:42.0162 6820 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:36:42.0170 6820 WbioSrvc - ok
19:36:42.0204 6820 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:36:42.0214 6820 wcncsvc - ok
19:36:42.0230 6820 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:36:42.0236 6820 WcsPlugInService - ok
19:36:42.0271 6820 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:36:42.0273 6820 Wd - ok
19:36:42.0298 6820 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:36:42.0305 6820 Wdf01000 - ok
19:36:42.0322 6820 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:36:42.0328 6820 WdiServiceHost - ok
19:36:42.0333 6820 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:36:42.0339 6820 WdiSystemHost - ok
19:36:42.0364 6820 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
19:36:42.0373 6820 WebClient - ok
19:36:42.0384 6820 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:36:42.0392 6820 Wecsvc - ok
19:36:42.0403 6820 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:36:42.0410 6820 wercplsupport - ok
19:36:42.0436 6820 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:36:42.0443 6820 WerSvc - ok
19:36:42.0467 6820 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:36:42.0469 6820 WfpLwf - ok
19:36:42.0502 6820 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:36:42.0505 6820 WIMMount - ok
19:36:42.0566 6820 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:36:42.0581 6820 WinDefend - ok
19:36:42.0590 6820 WinHttpAutoProxySvc - ok
19:36:42.0660 6820 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:36:42.0667 6820 Winmgmt - ok
19:36:42.0730 6820 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
19:36:42.0772 6820 WinRM - ok
19:36:42.0822 6820 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
19:36:42.0824 6820 WinUsb - ok
19:36:42.0861 6820 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:36:42.0887 6820 Wlansvc - ok
19:36:42.0896 6820 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:36:42.0897 6820 WmiAcpi - ok
19:36:42.0916 6820 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:36:42.0920 6820 wmiApSrv - ok
19:36:42.0998 6820 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:36:43.0017 6820 WMPNetworkSvc - ok
19:36:43.0040 6820 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:36:43.0048 6820 WPCSvc - ok
19:36:43.0061 6820 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:36:43.0068 6820 WPDBusEnum - ok
19:36:43.0109 6820 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:36:43.0111 6820 ws2ifsl - ok
19:36:43.0127 6820 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\system32\wscsvc.dll
19:36:43.0135 6820 wscsvc - ok
19:36:43.0140 6820 WSearch - ok
19:36:43.0207 6820 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:36:43.0284 6820 wuauserv - ok
19:36:43.0297 6820 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:36:43.0300 6820 WudfPf - ok
19:36:43.0319 6820 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:36:43.0322 6820 WUDFRd - ok
19:36:43.0344 6820 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:36:43.0351 6820 wudfsvc - ok
19:36:43.0368 6820 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:36:43.0377 6820 WwanSvc - ok
19:36:43.0396 6820 ================ Scan global ===============================
19:36:43.0424 6820 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
19:36:43.0446 6820 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
19:36:43.0477 6820 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
19:36:43.0503 6820 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:36:43.0536 6820 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:36:43.0544 6820 [Global] - ok
19:36:43.0545 6820 ================ Scan MBR ==================================
19:36:43.0555 6820 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:36:43.0916 6820 \Device\Harddisk0\DR0 - ok
19:36:43.0917 6820 ================ Scan VBR ==================================
19:36:43.0924 6820 [ 6B311931DCC9F83EA93C09EFB58190B6 ] \Device\Harddisk0\DR0\Partition1
19:36:43.0927 6820 \Device\Harddisk0\DR0\Partition1 - ok
19:36:43.0944 6820 [ 657479A07D9759C61A8B24C753C8CE0A ] \Device\Harddisk0\DR0\Partition2
19:36:43.0946 6820 \Device\Harddisk0\DR0\Partition2 - ok
19:36:43.0967 6820 [ 325F40056B0EE3F3447FA501DC6EA54F ] \Device\Harddisk0\DR0\Partition3
19:36:43.0969 6820 \Device\Harddisk0\DR0\Partition3 - ok
19:36:43.0969 6820 ============================================================
19:36:43.0970 6820 Scan finished
19:36:43.0970 6820 ============================================================
19:36:43.0984 6844 Detected object count: 0
19:36:43.0984 6844 Actual detected object count: 0
19:37:02.0275 6552 ============================================================
19:37:02.0275 6552 Scan started
19:37:02.0275 6552 Mode: Manual;
19:37:02.0275 6552 ============================================================
19:37:02.0498 6552 ================ Scan system memory ========================
19:37:02.0498 6552 System memory - ok
19:37:02.0499 6552 ================ Scan services =============================
19:37:02.0644 6552 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:37:02.0646 6552 1394ohci - ok
19:37:02.0658 6552 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
19:37:02.0662 6552 ACPI - ok
19:37:02.0678 6552 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
19:37:02.0679 6552 AcpiPmi - ok
19:37:02.0701 6552 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:37:02.0704 6552 adp94xx - ok
19:37:02.0724 6552 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:37:02.0726 6552 adpahci - ok
19:37:02.0746 6552 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:37:02.0748 6552 adpu320 - ok
19:37:02.0771 6552 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:37:02.0772 6552 AeLookupSvc - ok
19:37:02.0804 6552 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
19:37:02.0806 6552 AFD - ok
19:37:02.0822 6552 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
19:37:02.0823 6552 agp440 - ok
19:37:02.0834 6552 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:37:02.0836 6552 aic78xx - ok
19:37:02.0855 6552 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:37:02.0856 6552 ALG - ok
19:37:02.0869 6552 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
19:37:02.0870 6552 aliide - ok
19:37:02.0876 6552 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
19:37:02.0877 6552 amdagp - ok
19:37:02.0890 6552 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
19:37:02.0891 6552 amdide - ok
19:37:02.0905 6552 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:37:02.0906 6552 AmdK8 - ok
19:37:02.0912 6552 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:37:02.0913 6552 AmdPPM - ok
19:37:02.0936 6552 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:37:02.0937 6552 amdsata - ok
19:37:02.0952 6552 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:37:02.0954 6552 amdsbs - ok
19:37:02.0960 6552 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:37:02.0961 6552 amdxata - ok
19:37:02.0982 6552 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
19:37:02.0983 6552 AppID - ok
19:37:02.0989 6552 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:37:02.0990 6552 AppIDSvc - ok
19:37:03.0009 6552 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
19:37:03.0010 6552 Appinfo - ok
19:37:03.0084 6552 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:37:03.0087 6552 Apple Mobile Device - ok
19:37:03.0114 6552 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
19:37:03.0116 6552 AppMgmt - ok
19:37:03.0130 6552 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:37:03.0132 6552 arc - ok
19:37:03.0146 6552 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:37:03.0148 6552 arcsas - ok
19:37:03.0174 6552 [ 054DF24C92B55427E0757CFFF160E4F2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
19:37:03.0175 6552 aswFsBlk - ok
19:37:03.0195 6552 [ 258143605E77E4008F1758481D6A977D ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:37:03.0196 6552 aswMonFlt - ok
19:37:03.0206 6552 [ 352D5A48EBAB35A7693B048679304831 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
19:37:03.0207 6552 aswRdr - ok
19:37:03.0227 6552 [ 8D34D2B24297E27D93E847319ABFDEC4 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:37:03.0231 6552 aswSnx - ok
19:37:03.0251 6552 [ 010012597333DA1F46C3243F33F8409E ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:37:03.0254 6552 aswSP - ok
19:37:03.0270 6552 [ F9F84364416658E9786235904D448D37 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:37:03.0271 6552 aswTdi - ok
19:37:03.0280 6552 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:37:03.0281 6552 AsyncMac - ok
19:37:03.0295 6552 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys
19:37:03.0296 6552 atapi - ok
19:37:03.0363 6552 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:37:03.0373 6552 AudioEndpointBuilder - ok
19:37:03.0397 6552 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:37:03.0401 6552 Audiosrv - ok
19:37:03.0471 6552 [ 996E6D052438E8D8DFD501F31560B2E0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:37:03.0474 6552 avast! Antivirus - ok
19:37:03.0486 6552 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:37:03.0488 6552 AxInstSV - ok
19:37:03.0509 6552 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:37:03.0513 6552 b06bdrv - ok
19:37:03.0531 6552 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:37:03.0533 6552 b57nd60x - ok
19:37:03.0603 6552 [ F9CE9B5E049EFC66B8E6C73C18EE8438 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
19:37:03.0620 6552 BCM43XX - ok
19:37:03.0642 6552 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:37:03.0643 6552 BDESVC - ok
19:37:03.0658 6552 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:37:03.0659 6552 Beep - ok
19:37:03.0676 6552 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
19:37:03.0680 6552 BFE - ok
19:37:03.0715 6552 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\system32\qmgr.dll
19:37:03.0724 6552 BITS - ok
19:37:03.0736 6552 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:37:03.0737 6552 blbdrive - ok
19:37:03.0788 6552 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:37:03.0790 6552 Bonjour Service - ok
19:37:03.0814 6552 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:37:03.0816 6552 bowser - ok
19:37:03.0827 6552 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:37:03.0828 6552 BrFiltLo - ok
19:37:03.0839 6552 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:37:03.0840 6552 BrFiltUp - ok
19:37:03.0862 6552 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:37:03.0864 6552 BridgeMP - ok
19:37:03.0879 6552 [ 598E1280E7FF3744F4B8329366CC5635 ] Browser C:\Windows\System32\browser.dll
19:37:03.0881 6552 Browser - ok
19:37:03.0897 6552 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:37:03.0899 6552 Brserid - ok
19:37:03.0916 6552 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:37:03.0917 6552 BrSerWdm - ok
19:37:03.0922 6552 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:37:03.0923 6552 BrUsbMdm - ok
19:37:03.0929 6552 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:37:03.0930 6552 BrUsbSer - ok
19:37:03.0935 6552 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:37:03.0937 6552 BTHMODEM - ok
19:37:03.0955 6552 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:37:03.0956 6552 bthserv - ok
19:37:04.0021 6552 catchme - ok
19:37:04.0040 6552 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:37:04.0043 6552 cdfs - ok
19:37:04.0057 6552 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:37:04.0059 6552 cdrom - ok
19:37:04.0070 6552 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
19:37:04.0072 6552 CertPropSvc - ok
19:37:04.0089 6552 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:37:04.0090 6552 circlass - ok
19:37:04.0108 6552 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:37:04.0111 6552 CLFS - ok
19:37:04.0172 6552 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:37:04.0177 6552 clr_optimization_v2.0.50727_32 - ok
19:37:04.0229 6552 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:37:04.0233 6552 clr_optimization_v4.0.30319_32 - ok
19:37:04.0256 6552 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:37:04.0258 6552 CmBatt - ok
19:37:04.0282 6552 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
19:37:04.0284 6552 cmdide - ok
19:37:04.0312 6552 [ 36C252E474B2FFA0F0FBBFF20D92A640 ] CNG C:\Windows\system32\Drivers\cng.sys
19:37:04.0316 6552 CNG - ok
19:37:04.0330 6552 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:37:04.0332 6552 Compbatt - ok
19:37:04.0345 6552 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:37:04.0346 6552 CompositeBus - ok
19:37:04.0352 6552 COMSysApp - ok
19:37:04.0366 6552 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:37:04.0367 6552 crcdisk - ok
19:37:04.0395 6552 [ 9C231178CE4FB385F4B54B0A9080B8A4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:37:04.0397 6552 CryptSvc - ok
19:37:04.0425 6552 [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC C:\Windows\system32\drivers\csc.sys
19:37:04.0429 6552 CSC - ok
19:37:04.0443 6552 [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService C:\Windows\System32\cscsvc.dll
19:37:04.0448 6552 CscService - ok
19:37:04.0487 6552 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
19:37:04.0494 6552 DcomLaunch - ok
19:37:04.0505 6552 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:37:04.0509 6552 defragsvc - ok
19:37:04.0539 6552 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:37:04.0541 6552 DfsC - ok
19:37:04.0559 6552 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:37:04.0562 6552 Dhcp - ok
19:37:04.0574 6552 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:37:04.0575 6552 discache - ok
19:37:04.0583 6552 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:37:04.0584 6552 Disk - ok
19:37:04.0612 6552 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:37:04.0615 6552 Dnscache - ok
19:37:04.0626 6552 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
19:37:04.0629 6552 dot3svc - ok
19:37:04.0643 6552 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
19:37:04.0646 6552 DPS - ok
19:37:04.0666 6552 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:37:04.0667 6552 drmkaud - ok
19:37:04.0705 6552 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:37:04.0710 6552 DXGKrnl - ok
19:37:04.0721 6552 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:37:04.0723 6552 EapHost - ok
19:37:04.0821 6552 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:37:04.0842 6552 ebdrv - ok
19:37:04.0868 6552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
19:37:04.0871 6552 EFS - ok
19:37:04.0928 6552 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:37:04.0938 6552 ehRecvr - ok
19:37:04.0963 6552 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
19:37:04.0964 6552 ehSched - ok
19:37:04.0999 6552 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:37:05.0002 6552 elxstor - ok
19:37:05.0056 6552 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
19:37:05.0058 6552 EPSON_PM_RPCV4_01 - ok
19:37:05.0069 6552 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
19:37:05.0070 6552 ErrDev - ok
19:37:05.0099 6552 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:37:05.0103 6552 EventSystem - ok
19:37:05.0119 6552 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:37:05.0121 6552 exfat - ok
19:37:05.0143 6552 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:37:05.0144 6552 fastfat - ok
19:37:05.0164 6552 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
19:37:05.0170 6552 Fax - ok
19:37:05.0180 6552 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:37:05.0181 6552 fdc - ok
19:37:05.0201 6552 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:37:05.0204 6552 fdPHost - ok
19:37:05.0212 6552 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:37:05.0214 6552 FDResPub - ok
19:37:05.0229 6552 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:37:05.0230 6552 FileInfo - ok
19:37:05.0241 6552 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:37:05.0242 6552 Filetrace - ok
19:37:05.0260 6552 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:37:05.0261 6552 flpydisk - ok
19:37:05.0278 6552 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:37:05.0280 6552 FltMgr - ok
19:37:05.0317 6552 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll
19:37:05.0324 6552 FontCache - ok
19:37:05.0371 6552 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:37:05.0372 6552 FontCache3.0.0.0 - ok
19:37:05.0389 6552 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:37:05.0391 6552 FsDepends - ok
19:37:05.0407 6552 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:37:05.0408 6552 Fs_Rec - ok
19:37:05.0433 6552 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:37:05.0435 6552 fvevol - ok
19:37:05.0454 6552 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:37:05.0455 6552 gagp30kx - ok
19:37:05.0486 6552 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:37:05.0487 6552 GEARAspiWDM - ok
19:37:05.0525 6552 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
19:37:05.0531 6552 gpsvc - ok
19:37:05.0562 6552 [ F058C5F64DFF28A2C8D7D1D04171E604 ] guardian2 C:\Windows\system32\Drivers\oz776.sys
19:37:05.0563 6552 guardian2 - ok
19:37:05.0623 6552 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:37:05.0626 6552 gupdate - ok
19:37:05.0639 6552 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:37:05.0641 6552 gupdatem - ok
19:37:05.0656 6552 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:37:05.0657 6552 hcw85cir - ok
19:37:05.0688 6552 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:37:05.0691 6552 HdAudAddService - ok
19:37:05.0704 6552 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:37:05.0706 6552 HDAudBus - ok
19:37:05.0723 6552 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:37:05.0724 6552 HidBatt - ok
19:37:05.0739 6552 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:37:05.0740 6552 HidBth - ok
19:37:05.0747 6552 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:37:05.0748 6552 HidIr - ok
19:37:05.0777 6552 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
19:37:05.0780 6552 hidserv - ok
19:37:05.0790 6552 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:37:05.0791 6552 HidUsb - ok
19:37:05.0801 6552 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:37:05.0804 6552 hkmsvc - ok
19:37:05.0816 6552 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:37:05.0821 6552 HomeGroupListener - ok
19:37:05.0842 6552 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:37:05.0848 6552 HomeGroupProvider - ok
19:37:05.0867 6552 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
19:37:05.0868 6552 HpSAMD - ok
19:37:05.0889 6552 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:37:05.0893 6552 HTTP - ok
19:37:05.0906 6552 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:37:05.0907 6552 hwpolicy - ok
19:37:05.0918 6552 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:37:05.0919 6552 i8042prt - ok
19:37:05.0942 6552 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:37:05.0945 6552 iaStorV - ok
19:37:06.0003 6552 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:37:06.0018 6552 idsvc - ok
19:37:06.0146 6552 [ 9467514EA189475A6E7FDC5D7BDE9D3F ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:37:06.0177 6552 igfx - ok
19:37:06.0199 6552 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:37:06.0200 6552 iirsp - ok
19:37:06.0240 6552 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
19:37:06.0256 6552 IKEEXT - ok
19:37:06.0272 6552 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:37:06.0273 6552 intelide - ok
19:37:06.0287 6552 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:37:06.0288 6552 intelppm - ok
19:37:06.0301 6552 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:37:06.0304 6552 IPBusEnum - ok
19:37:06.0315 6552 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:37:06.0317 6552 IpFilterDriver - ok
19:37:06.0336 6552 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:37:06.0341 6552 iphlpsvc - ok
19:37:06.0359 6552 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:37:06.0360 6552 IPMIDRV - ok
19:37:06.0367 6552 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:37:06.0369 6552 IPNAT - ok
19:37:06.0400 6552 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:37:06.0406 6552 iPod Service - ok
19:37:06.0421 6552 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:37:06.0422 6552 IRENUM - ok
19:37:06.0438 6552 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
19:37:06.0439 6552 isapnp - ok
19:37:06.0455 6552 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:37:06.0457 6552 iScsiPrt - ok
19:37:06.0499 6552 [ 08A811BFD207DFDEC588881C18BACBAA ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
19:37:06.0500 6552 ISWKL - ok
19:37:06.0518 6552 [ 5B2CCEF06F96DFB22893AB8F0B3F891D ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
19:37:06.0522 6552 IswSvc - ok
19:37:06.0535 6552 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:37:06.0536 6552 kbdclass - ok
19:37:06.0543 6552 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:37:06.0545 6552 kbdhid - ok
19:37:06.0559 6552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
19:37:06.0563 6552 KeyIso - ok
19:37:06.0586 6552 [ 0263364ACB9C834ACE52FB85C2C064EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:37:06.0588 6552 KSecDD - ok
19:37:06.0603 6552 [ 27391DB553BE2A4E2B0ADEEA2873B2AF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:37:06.0605 6552 KSecPkg - ok
19:37:06.0639 6552 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:37:06.0645 6552 KtmRm - ok
19:37:06.0666 6552 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\System32\srvsvc.dll
19:37:06.0673 6552 LanmanServer - ok
19:37:06.0718 6552 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:37:06.0734 6552 LanmanWorkstation - ok
19:37:06.0752 6552 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:37:06.0753 6552 lltdio - ok
19:37:06.0777 6552 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:37:06.0782 6552 lltdsvc - ok
19:37:06.0796 6552 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:37:06.0800 6552 lmhosts - ok
19:37:06.0815 6552 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:37:06.0816 6552 LSI_FC - ok
19:37:06.0831 6552 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:37:06.0832 6552 LSI_SAS - ok
19:37:06.0842 6552 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:37:06.0843 6552 LSI_SAS2 - ok
19:37:06.0856 6552 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:37:06.0857 6552 LSI_SCSI - ok
19:37:06.0876 6552 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:37:06.0878 6552 luafv - ok
19:37:06.0895 6552 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:37:06.0899 6552 Mcx2Svc - ok
19:37:06.0909 6552 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:37:06.0910 6552 megasas - ok
19:37:06.0928 6552 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:37:06.0930 6552 MegaSR - ok
19:37:06.0954 6552 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:37:06.0958 6552 MMCSS - ok
19:37:06.0967 6552 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:37:06.0968 6552 Modem - ok
19:37:06.0977 6552 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:37:06.0978 6552 monitor - ok
19:37:06.0989 6552 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:37:06.0990 6552 mouclass - ok
19:37:07.0003 6552 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:37:07.0004 6552 mouhid - ok
19:37:07.0016 6552 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:37:07.0017 6552 mountmgr - ok
19:37:07.0075 6552 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:37:07.0078 6552 MozillaMaintenance - ok
19:37:07.0103 6552 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
19:37:07.0105 6552 mpio - ok
19:37:07.0119 6552 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:37:07.0121 6552 mpsdrv - ok
19:37:07.0156 6552 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
19:37:07.0163 6552 MpsSvc - ok
19:37:07.0182 6552 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:37:07.0183 6552 MRxDAV - ok
19:37:07.0209 6552 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:37:07.0211 6552 mrxsmb - ok
19:37:07.0225 6552 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:37:07.0227 6552 mrxsmb10 - ok
19:37:07.0255 6552 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:37:07.0256 6552 mrxsmb20 - ok
19:37:07.0271 6552 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
19:37:07.0272 6552 msahci - ok
19:37:07.0288 6552 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
19:37:07.0289 6552 msdsm - ok
19:37:07.0305 6552 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:37:07.0310 6552 MSDTC - ok
19:37:07.0325 6552 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:37:07.0326 6552 Msfs - ok
19:37:07.0340 6552 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:37:07.0341 6552 mshidkmdf - ok
19:37:07.0352 6552 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
19:37:07.0353 6552 msisadrv - ok
19:37:07.0372 6552 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:37:07.0376 6552 MSiSCSI - ok
19:37:07.0381 6552 msiserver - ok
19:37:07.0413 6552 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:37:07.0414 6552 MSKSSRV - ok
19:37:07.0427 6552 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:37:07.0428 6552 MSPCLOCK - ok
19:37:07.0433 6552 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:37:07.0435 6552 MSPQM - ok
19:37:07.0453 6552 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:37:07.0455 6552 MsRPC - ok
19:37:07.0472 6552 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:37:07.0473 6552 mssmbios - ok
19:37:07.0480 6552 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:37:07.0481 6552 MSTEE - ok
19:37:07.0486 6552 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:37:07.0488 6552 MTConfig - ok
19:37:07.0497 6552 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:37:07.0498 6552 Mup - ok
19:37:07.0532 6552 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
19:37:07.0539 6552 napagent - ok
19:37:07.0555 6552 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:37:07.0558 6552 NativeWifiP - ok
19:37:07.0572 6552 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:37:07.0577 6552 NDIS - ok
19:37:07.0593 6552 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:37:07.0595 6552 NdisCap - ok
19:37:07.0609 6552 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:37:07.0611 6552 NdisTapi - ok
19:37:07.0623 6552 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:37:07.0624 6552 Ndisuio - ok
19:37:07.0636 6552 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:37:07.0637 6552 NdisWan - ok
19:37:07.0649 6552 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:37:07.0650 6552 NDProxy - ok
19:37:07.0656 6552 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:37:07.0657 6552 NetBIOS - ok
19:37:07.0676 6552 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:37:07.0678 6552 NetBT - ok
19:37:07.0693 6552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
19:37:07.0697 6552 Netlogon - ok
19:37:07.0735 6552 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:37:07.0749 6552 Netman - ok
19:37:07.0774 6552 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:37:07.0781 6552 netprofm - ok
19:37:07.0803 6552 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:37:07.0805 6552 NetTcpPortSharing - ok
19:37:07.0814 6552 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:37:07.0815 6552 nfrd960 - ok
19:37:07.0832 6552 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
19:37:07.0838 6552 NlaSvc - ok
19:37:07.0853 6552 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:37:07.0855 6552 Npfs - ok
19:37:07.0863 6552 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:37:07.0867 6552 nsi - ok
19:37:07.0877 6552 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:37:07.0878 6552 nsiproxy - ok
19:37:07.0921 6552 [ 187002CE05693C306F43C873F821381F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:37:07.0929 6552 Ntfs - ok
19:37:07.0941 6552 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:37:07.0942 6552 Null - ok
19:37:07.0970 6552 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:37:07.0972 6552 nvraid - ok
19:37:07.0988 6552 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:37:07.0990 6552 nvstor - ok
19:37:08.0005 6552 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
19:37:08.0006 6552 nv_agp - ok
19:37:08.0023 6552 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:37:08.0024 6552 ohci1394 - ok
19:37:08.0054 6552 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:37:08.0061 6552 p2pimsvc - ok
19:37:08.0087 6552 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:37:08.0093 6552 p2psvc - ok
19:37:08.0108 6552 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:37:08.0109 6552 Parport - ok
19:37:08.0126 6552 [ FF4218952B51DE44FE910953A3E686B9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:37:08.0128 6552 partmgr - ok
19:37:08.0143 6552 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:37:08.0144 6552 Parvdm - ok
19:37:08.0158 6552 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:37:08.0164 6552 PcaSvc - ok
19:37:08.0179 6552 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys
19:37:08.0181 6552 pci - ok
19:37:08.0194 6552 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys
19:37:08.0195 6552 pciide - ok
19:37:08.0213 6552 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:37:08.0215 6552 pcmcia - ok
19:37:08.0226 6552 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:37:08.0227 6552 pcw - ok
19:37:08.0239 6552 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:37:08.0244 6552 PEAUTH - ok
19:37:08.0279 6552 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:37:08.0290 6552 PeerDistSvc - ok
19:37:08.0342 6552 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
19:37:08.0355 6552 pla - ok
19:37:08.0388 6552 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:37:08.0395 6552 PlugPlay - ok
19:37:08.0426 6552 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
19:37:08.0431 6552 PnkBstrA - ok
19:37:08.0447 6552 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:37:08.0452 6552 PNRPAutoReg - ok
19:37:08.0512 6552 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:37:08.0526 6552 PNRPsvc - ok
19:37:08.0561 6552 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:37:08.0566 6552 PolicyAgent - ok
19:37:08.0619 6552 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
19:37:08.0634 6552 Power - ok
19:37:08.0652 6552 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:37:08.0654 6552 PptpMiniport - ok
19:37:08.0668 6552 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:37:08.0670 6552 Processor - ok
19:37:08.0699 6552 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
19:37:08.0704 6552 ProfSvc - ok
19:37:08.0718 6552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:37:08.0722 6552 ProtectedStorage - ok
19:37:08.0731 6552 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:37:08.0732 6552 Psched - ok
19:37:08.0772 6552 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:37:08.0781 6552 ql2300 - ok
19:37:08.0797 6552 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:37:08.0798 6552 ql40xx - ok
19:37:08.0820 6552 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:37:08.0826 6552 QWAVE - ok
19:37:08.0841 6552 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:37:08.0843 6552 QWAVEdrv - ok
19:37:08.0858 6552 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:37:08.0859 6552 RasAcd - ok
19:37:08.0871 6552 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:37:08.0872 6552 RasAgileVpn - ok
19:37:08.0885 6552 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:37:08.0891 6552 RasAuto - ok
19:37:08.0900 6552 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:37:08.0902 6552 Rasl2tp - ok
19:37:08.0919 6552 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
19:37:08.0925 6552 RasMan - ok
19:37:08.0941 6552 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:37:08.0943 6552 RasPppoe - ok
19:37:08.0958 6552 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:37:08.0959 6552 RasSstp - ok
19:37:08.0976 6552 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:37:08.0979 6552 rdbss - ok
19:37:08.0989 6552 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:37:08.0990 6552 rdpbus - ok
19:37:08.0998 6552 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:37:08.0999 6552 RDPCDD - ok
19:37:09.0029 6552 [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:37:09.0031 6552 RDPDR - ok
19:37:09.0037 6552 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:37:09.0038 6552 RDPENCDD - ok
19:37:09.0051 6552 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:37:09.0052 6552 RDPREFMP - ok
19:37:09.0081 6552 [ 0399C725A9C95A6F1862B93F008DDF4A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:37:09.0083 6552 RDPWD - ok
19:37:09.0090 6552 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:37:09.0092 6552 rdyboost - ok
19:37:09.0120 6552 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:37:09.0124 6552 RemoteAccess - ok
19:37:09.0150 6552 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:37:09.0156 6552 RemoteRegistry - ok
19:37:09.0166 6552 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:37:09.0171 6552 RpcEptMapper - ok
19:37:09.0198 6552 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:37:09.0202 6552 RpcLocator - ok
19:37:09.0221 6552 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
19:37:09.0228 6552 RpcSs - ok
19:37:09.0241 6552 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:37:09.0242 6552 rspndr - ok
19:37:09.0269 6552 [ 5423D8437051E89DD34749F242C98648 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
19:37:09.0270 6552 s3cap - ok
19:37:09.0285 6552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
19:37:09.0288 6552 SamSs - ok
19:37:09.0299 6552 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
19:37:09.0301 6552 sbp2port - ok
19:37:09.0311 6552 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:37:09.0316 6552 SCardSvr - ok
19:37:09.0342 6552 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:37:09.0343 6552 scfilter - ok
19:37:09.0377 6552 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
19:37:09.0387 6552 Schedule - ok
19:37:09.0404 6552 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:37:09.0405 6552 SCPolicySvc - ok
19:37:09.0429 6552 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:37:09.0435 6552 SDRSVC - ok
19:37:09.0483 6552 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:37:09.0486 6552 secdrv - ok
19:37:09.0502 6552 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:37:09.0509 6552 seclogon - ok
19:37:09.0523 6552 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
19:37:09.0530 6552 SENS - ok
19:37:09.0544 6552 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:37:09.0551 6552 SensrSvc - ok
19:37:09.0567 6552 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:37:09.0569 6552 Serenum - ok
19:37:09.0578 6552 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:37:09.0580 6552 Serial - ok
19:37:09.0593 6552 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:37:09.0595 6552 sermouse - ok
19:37:09.0621 6552 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
19:37:09.0627 6552 SessionEnv - ok
19:37:09.0647 6552 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:37:09.0648 6552 sffdisk - ok
19:37:09.0659 6552 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:37:09.0660 6552 sffp_mmc - ok
19:37:09.0676 6552 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:37:09.0677 6552 sffp_sd - ok
19:37:09.0695 6552 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:37:09.0696 6552 sfloppy - ok
19:37:09.0723 6552 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:37:09.0727 6552 SharedAccess - ok
19:37:09.0747 6552 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:37:09.0754 6552 ShellHWDetection - ok
19:37:09.0760 6552 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
19:37:09.0762 6552 sisagp - ok
19:37:09.0775 6552 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:37:09.0776 6552 SiSRaid2 - ok
19:37:09.0790 6552 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:37:09.0791 6552 SiSRaid4 - ok
19:37:09.0808 6552 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:37:09.0809 6552 Smb - ok
19:37:09.0828 6552 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:37:09.0834 6552 SNMPTRAP - ok
19:37:09.0841 6552 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:37:09.0842 6552 spldr - ok
19:37:09.0874 6552 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
19:37:09.0881 6552 Spooler - ok
19:37:09.0962 6552 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
19:37:09.0992 6552 sppsvc - ok
19:37:10.0000 6552 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:37:10.0006 6552 sppuinotify - ok
19:37:10.0035 6552 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:37:10.0038 6552 srv - ok
19:37:10.0048 6552 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:37:10.0050 6552 srv2 - ok
19:37:10.0075 6552 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:37:10.0078 6552 SrvHsfHDA - ok
19:37:10.0108 6552 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:37:10.0116 6552 SrvHsfV92 - ok
19:37:10.0138 6552 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:37:10.0143 6552 SrvHsfWinac - ok
19:37:10.0157 6552 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:37:10.0158 6552 srvnet - ok
19:37:10.0173 6552 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:37:10.0179 6552 SSDPSRV - ok
19:37:10.0185 6552 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:37:10.0191 6552 SstpSvc - ok
19:37:10.0234 6552 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:37:10.0235 6552 stexstor - ok
19:37:10.0279 6552 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
19:37:10.0288 6552 StiSvc - ok
19:37:10.0313 6552 [ 957E346CA948668F2496A6CCF6FF82CC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
19:37:10.0314 6552 storflt - ok
19:37:10.0341 6552 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
19:37:10.0347 6552 StorSvc - ok
19:37:10.0366 6552 [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
19:37:10.0367 6552 storvsc - ok
19:37:10.0385 6552 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:37:10.0386 6552 swenum - ok
19:37:10.0424 6552 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:37:10.0431 6552 swprv - ok
19:37:10.0467 6552 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
19:37:10.0479 6552 SysMain - ok
19:37:10.0490 6552 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:37:10.0496 6552 TabletInputService - ok
19:37:10.0510 6552 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
19:37:10.0516 6552 TapiSrv - ok
19:37:10.0532 6552 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:37:10.0538 6552 TBS - ok
19:37:10.0581 6552 [ 56C198AC82EFA622DD93E9E43575F79C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:37:10.0589 6552 Tcpip - ok
19:37:10.0622 6552 [ 56C198AC82EFA622DD93E9E43575F79C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:37:10.0631 6552 TCPIP6 - ok
19:37:10.0672 6552 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:37:10.0673 6552 tcpipreg - ok
19:37:10.0698 6552 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:37:10.0701 6552 TDPIPE - ok
19:37:10.0721 6552 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:37:10.0722 6552 TDTCP - ok
19:37:10.0743 6552 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:37:10.0744 6552 tdx - ok
19:37:10.0761 6552 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:37:10.0762 6552 TermDD - ok
19:37:10.0807 6552 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
19:37:10.0816 6552 TermService - ok
19:37:10.0829 6552 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:37:10.0834 6552 Themes - ok
19:37:10.0846 6552 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:37:10.0850 6552 THREADORDER - ok
19:37:10.0865 6552 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:37:10.0870 6552 TrkWks - ok
19:37:10.0890 6552 [ 26C062A4480B9D7C26E1CE4BF50D10FC ] TrueSight C:\Windows\system32\drivers\TrueSight.sys
19:37:10.0891 6552 TrueSight - ok
19:37:10.0939 6552 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:37:10.0941 6552 TrustedInstaller - ok
19:37:10.0952 6552 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:37:10.0954 6552 tssecsrv - ok
19:37:10.0965 6552 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:37:10.0967 6552 tunnel - ok
19:37:11.0014 6552 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:37:11.0017 6552 uagp35 - ok
19:37:11.0045 6552 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:37:11.0049 6552 udfs - ok
19:37:11.0100 6552 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:37:11.0106 6552 UI0Detect - ok
19:37:11.0112 6552 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
19:37:11.0113 6552 uliagpkx - ok
19:37:11.0128 6552 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:37:11.0129 6552 umbus - ok
19:37:11.0134 6552 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:37:11.0136 6552 UmPass - ok
19:37:11.0167 6552 [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService C:\Windows\System32\umrdp.dll
19:37:11.0177 6552 UmRdpService - ok
19:37:11.0188 6552 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:37:11.0195 6552 upnphost - ok
19:37:11.0221 6552 [ C31AE588E403042632DC796CF09E30B0 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:37:11.0222 6552 usbccgp - ok
19:37:11.0242 6552 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
19:37:11.0244 6552 usbcir - ok
19:37:11.0259 6552 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:37:11.0261 6552 usbehci - ok
19:37:11.0278 6552 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:37:11.0280 6552 usbhub - ok
19:37:11.0294 6552 [ EB2D819A639015253C871CDA09D91D58 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:37:11.0295 6552 usbohci - ok
19:37:11.0310 6552 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:37:11.0311 6552 usbprint - ok
19:37:11.0335 6552 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:37:11.0336 6552 usbscan - ok
19:37:11.0352 6552 [ 1C4287739A93594E57E2A9E6A3ED7353 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:37:11.0353 6552 USBSTOR - ok
19:37:11.0362 6552 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:37:11.0363 6552 usbuhci - ok
19:37:11.0402 6552 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:37:11.0408 6552 UxSms - ok
19:37:11.0418 6552 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
19:37:11.0421 6552 VaultSvc - ok
19:37:11.0432 6552 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
19:37:11.0434 6552 vdrvroot - ok
19:37:11.0465 6552 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
19:37:11.0473 6552 vds - ok
19:37:11.0492 6552 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:37:11.0493 6552 vga - ok
19:37:11.0499 6552 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:37:11.0500 6552 VgaSave - ok
19:37:11.0516 6552 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
19:37:11.0518 6552 vhdmp - ok
19:37:11.0536 6552 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
19:37:11.0537 6552 viaagp - ok
19:37:11.0548 6552 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:37:11.0550 6552 ViaC7 - ok
19:37:11.0562 6552 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys
19:37:11.0563 6552 viaide - ok
19:37:11.0586 6552 [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
19:37:11.0588 6552 vmbus - ok
19:37:11.0602 6552 [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
19:37:11.0604 6552 VMBusHID - ok
19:37:11.0621 6552 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
19:37:11.0622 6552 volmgr - ok
19:37:11.0639 6552 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:37:11.0642 6552 volmgrx - ok
19:37:11.0650 6552 [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
19:37:11.0653 6552 volsnap - ok
19:37:11.0680 6552 [ 6292C794BA68E0F46A6D45468461AFE1 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
19:37:11.0683 6552 Vsdatant - ok
19:37:11.0708 6552 vsmon - ok
19:37:11.0727 6552 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:37:11.0729 6552 vsmraid - ok
19:37:11.0776 6552 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
19:37:11.0788 6552 VSS - ok
19:37:11.0797 6552 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:37:11.0798 6552 vwifibus - ok
19:37:11.0812 6552 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:37:11.0813 6552 vwififlt - ok
19:37:11.0835 6552 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:37:11.0842 6552 W32Time - ok
19:37:11.0860 6552 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:37:11.0861 6552 WacomPen - ok
19:37:11.0867 6552 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:37:11.0869 6552 WANARP - ok
19:37:11.0873 6552 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:37:11.0874 6552 Wanarpv6 - ok
19:37:11.0914 6552 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:37:11.0924 6552 WatAdminSvc - ok
19:37:11.0955 6552 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
19:37:11.0969 6552 wbengine - ok
19:37:11.0985 6552 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:37:11.0992 6552 WbioSrvc - ok
19:37:12.0028 6552 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:37:12.0035 6552 wcncsvc - ok
19:37:12.0045 6552 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:37:12.0051 6552 WcsPlugInService - ok
19:37:12.0095 6552 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:37:12.0096 6552 Wd - ok
19:37:12.0121 6552 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:37:12.0124 6552 Wdf01000 - ok
19:37:12.0137 6552 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:37:12.0143 6552 WdiServiceHost - ok
19:37:12.0147 6552 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:37:12.0154 6552 WdiSystemHost - ok
19:37:12.0179 6552 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll
19:37:12.0186 6552 WebClient - ok
19:37:12.0199 6552 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:37:12.0205 6552 Wecsvc - ok
19:37:12.0218 6552 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:37:12.0224 6552 wercplsupport - ok
19:37:12.0234 6552 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:37:12.0240 6552 WerSvc - ok
19:37:12.0248 6552 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:37:12.0250 6552 WfpLwf - ok
19:37:12.0301 6552 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:37:12.0304 6552 WIMMount - ok
19:37:12.0367 6552 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:37:12.0379 6552 WinDefend - ok
19:37:12.0388 6552 WinHttpAutoProxySvc - ok
19:37:12.0441 6552 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:37:12.0443 6552 Winmgmt - ok
19:37:12.0494 6552 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
19:37:12.0508 6552 WinRM - ok
19:37:12.0537 6552 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
19:37:12.0538 6552 WinUsb - ok
19:37:12.0576 6552 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:37:12.0587 6552 Wlansvc - ok
19:37:12.0603 6552 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:37:12.0604 6552 WmiAcpi - ok
19:37:12.0623 6552 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:37:12.0625 6552 wmiApSrv - ok
19:37:12.0705 6552 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:37:12.0720 6552 WMPNetworkSvc - ok
19:37:12.0739 6552 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:37:12.0747 6552 WPCSvc - ok
19:37:12.0760 6552 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:37:12.0766 6552 WPDBusEnum - ok
19:37:12.0808 6552 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:37:12.0811 6552 ws2ifsl - ok
19:37:12.0826 6552 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\system32\wscsvc.dll
19:37:12.0838 6552 wscsvc - ok
19:37:12.0843 6552 WSearch - ok
19:37:12.0926 6552 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:37:12.0948 6552 wuauserv - ok
19:37:12.0963 6552 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:37:12.0964 6552 WudfPf - ok
19:37:12.0976 6552 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:37:12.0978 6552 WUDFRd - ok
19:37:13.0010 6552 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:37:13.0021 6552 wudfsvc - ok
19:37:13.0043 6552 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:37:13.0052 6552 WwanSvc - ok
19:37:13.0063 6552 ================ Scan global ===============================
19:37:13.0081 6552 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
19:37:13.0101 6552 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
19:37:13.0118 6552 [ 008F51AE989C3DF1CBAF8B39DC423CCC ] C:\Windows\system32\winsrv.dll
19:37:13.0151 6552 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:37:13.0184 6552 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:37:13.0191 6552 [Global] - ok
19:37:13.0191 6552 ================ Scan MBR ==================================
19:37:13.0204 6552 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:37:13.0442 6552 \Device\Harddisk0\DR0 - ok
19:37:13.0443 6552 ================ Scan VBR ==================================
19:37:13.0446 6552 [ 6B311931DCC9F83EA93C09EFB58190B6 ] \Device\Harddisk0\DR0\Partition1
19:37:13.0448 6552 \Device\Harddisk0\DR0\Partition1 - ok
19:37:13.0460 6552 [ 657479A07D9759C61A8B24C753C8CE0A ] \Device\Harddisk0\DR0\Partition2
19:37:13.0462 6552 \Device\Harddisk0\DR0\Partition2 - ok
19:37:13.0483 6552 [ 325F40056B0EE3F3447FA501DC6EA54F ] \Device\Harddisk0\DR0\Partition3
19:37:13.0484 6552 \Device\Harddisk0\DR0\Partition3 - ok
19:37:13.0485 6552 ============================================================
19:37:13.0485 6552 Scan finished
19:37:13.0485 6552 ============================================================
19:37:13.0495 5432 Detected object count: 0
19:37:13.0495 5432 Actual detected object count: 0

#10 csixtyfour

csixtyfour
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 25 October 2012 - 06:52 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-25 19:38:07
-----------------------------
19:38:07.814 OS Version: Windows 6.1.7600
19:38:07.814 Number of processors: 2 586 0xF0D
19:38:07.816 ComputerName: SETH-PC UserName: Seth
19:38:08.125 Initialize success
19:38:08.213 AVAST engine defs: 12102502
19:38:22.939 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
19:38:22.946 Disk 0 Vendor: WDC_WD2500BEKT-60PVMT0 01.01A01 Size: 238475MB BusType: 3
19:38:22.971 Disk 0 MBR read successfully
19:38:22.979 Disk 0 MBR scan
19:38:22.989 Disk 0 Windows 7 default MBR code
19:38:23.002 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:38:23.013 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 60000 MB offset 206848
19:38:23.037 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 178372 MB offset 123086848
19:38:23.054 Disk 0 scanning sectors +488392704
19:38:23.133 Disk 0 scanning C:\Windows\system32\drivers
19:38:31.649 Service scanning
19:38:43.975 Modules scanning
19:39:15.453 Disk 0 trace - called modules:
19:39:15.471 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys
19:39:15.477 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85636a78]
19:39:15.483 3 CLASSPNP.SYS[88ba059e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x85534908]
19:39:15.997 AVAST engine scan C:\Windows
19:39:17.288 AVAST engine scan C:\Windows\system32
19:40:43.083 AVAST engine scan C:\Windows\system32\drivers
19:40:49.715 AVAST engine scan C:\Users\Seth
19:44:42.527 AVAST engine scan C:\ProgramData
19:45:24.686 Scan finished successfully
19:51:29.457 Disk 0 MBR has been saved successfully to "C:\Users\Seth\Desktop\MBR.dat"
19:51:29.465 The log file has been saved successfully to "C:\Users\Seth\Desktop\aswMBR.txt"

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 PM

Posted 25 October 2012 - 08:39 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 csixtyfour

csixtyfour
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 25 October 2012 - 09:05 PM

ComboFix 12-10-25.02 - Seth 10/25/2012 21:54:13.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.2038.1125 [GMT -4:00]
Running from: c:\users\Seth\Downloads\ComboFix.exe
Command switches used :: c:\users\Seth\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Free Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Seth\AppData\Local\chromeupdate.crx
.
.
((((((((((((((((((((((((( Files Created from 2012-09-26 to 2012-10-26 )))))))))))))))))))))))))))))))
.
.
2012-10-26 02:01 . 2012-10-26 02:01 -------- d-----w- c:\users\Grace\AppData\Local\temp
2012-10-26 02:01 . 2012-10-26 02:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-25 22:24 . 2012-10-25 22:24 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD5ACA62-1E45-4CD6-8AA1-DC2C05200F37}\offreg.dll
2012-10-25 10:19 . 2012-10-25 10:34 13952 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2012-10-23 00:57 . 2012-10-23 01:11 -------- d-----w- C:\JRT
2012-10-18 22:54 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD5ACA62-1E45-4CD6-8AA1-DC2C05200F37}\mpengine.dll
2012-10-18 01:39 . 2012-10-18 01:39 -------- d-----w- c:\program files\GameSpy Arcade
2012-10-18 01:39 . 2012-10-18 01:39 -------- d-----w- c:\program files\directx
2012-10-18 01:25 . 2012-10-18 01:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-10-18 01:25 . 2012-10-18 01:25 -------- d-----w- c:\program files\Fox
2012-10-18 01:24 . 2012-10-18 01:24 -------- d-----w- c:\program files\Common Files\InstallShield
2012-10-17 22:20 . 2012-10-17 22:20 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2012-10-17 22:20 . 2012-10-17 22:20 17212 ----a-w- c:\windows\system32\SIntf32.dll
2012-10-17 22:20 . 2012-10-17 22:20 12067 ----a-w- c:\windows\system32\SIntf16.dll
2012-10-06 12:11 . 2012-10-06 12:11 -------- d-----w- c:\users\Seth\AppData\Local\{FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-29 23:54 . 2012-02-04 15:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 21:36 . 2012-02-26 13:54 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-09-21 21:35 . 2012-02-26 13:44 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-08-30 22:18 . 2012-03-23 22:09 4278384 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-08-30 22:17 . 2012-03-23 22:09 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-07-21 21:54 . 2012-02-04 02:35 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Seth\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Seth\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Seth\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2011-12-19 73360]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
c:\users\Seth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 01215552
*NewlyCreated* - ASWMBR
*NewlyCreated* - WS2IFSL
*Deregistered* - 01215552
*Deregistered* - aswMBR
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-28 12:52]
.
2012-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-28 12:52]
.
2012-10-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208528018-1981667741-1512666818-1001Core.job
- c:\users\Seth\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-04 15:16]
.
2012-10-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208528018-1981667741-1512666818-1001UA.job
- c:\users\Seth\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-04 15:16]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: LastPass - file://c:\program files\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\program files\LastPass\context.html?cmd=fillforms
TCP: DhcpNameServer = 68.94.156.1 68.94.157.1
FF - ProfilePath - c:\users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\
FF - prefs.js: browser.startup.homepage - hxxp://zenhabits.net/
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-25 22:04:10
ComboFix-quarantined-files.txt 2012-10-26 02:04
ComboFix2.txt 2012-10-25 22:35
.
Pre-Run: 14,954,397,696 bytes free
Post-Run: 14,761,820,160 bytes free
.
- - End Of File - - 8E6C921640E5264B06C392BC76605B46

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:19 PM

Posted 25 October 2012 - 09:30 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 csixtyfour

csixtyfour
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 26 October 2012 - 05:24 AM

OTL logfile created on: 10/26/2012 6:14:01 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Seth\Downloads
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 46.51% Memory free
3.98 Gb Paging File | 2.73 Gb Available in Paging File | 68.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 13.79 Gb Free Space | 23.53% Space Free | Partition Type: NTFS
Drive D: | 550.89 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 174.19 Gb Total Space | 20.73 Gb Free Space | 11.90% Space Free | Partition Type: NTFS

Computer Name: SETH-PC | User Name: Seth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Seth\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Seth\Downloads\aswMBR.exe (AVAST Software)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()


========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (vsmon) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (EPSON_PM_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)


========== Driver Services (SafeList) ==========

DRV - (mbr) -- C:\ComboFix\mbr.sys File not found
DRV - (catchme) -- C:\Users\Seth\AppData\Local\Temp\catchme.sys File not found
DRV - (aswMBR) -- C:\Users\Seth\AppData\Local\Temp\aswMBR.sys File not found
DRV - (TrueSight) -- C:\Windows\System32\drivers\TrueSight.sys ()
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (guardian2) -- C:\Windows\System32\drivers\oz776.sys (O2Micro)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,defaultscope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,defaultscope =

IE - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B 90 5A F5 A1 AF CD 01 [binary data]
IE - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "http://zenhabits.net/"
FF - prefs.js..extensions.enabledAddons: compatibility@addons.mozilla.org:1.1
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2
FF - prefs.js..extensions.enabledAddons: support@lastpass.com:2.0.0
FF - prefs.js..extensions.enabledAddons: {FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}:2.0.14
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.67.0
FF - prefs.js..extensions.enabledItems: {3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}:0.9.6
FF - prefs.js..extensions.enabledItems: {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.72.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Seth\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Seth\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Seth\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/02/03 22:41:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/03/09 19:57:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/21 17:54:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/06 20:02:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/06/30 09:44:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/02/06 20:02:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}: C:\Users\Seth\AppData\Local\{FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}\ [2012/10/06 08:11:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/21 17:54:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/06 20:02:32 | 000,000,000 | ---D | M]

[2012/02/03 22:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seth\AppData\Roaming\Mozilla\Extensions
[2012/10/25 06:06:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions
[2012/02/04 08:51:37 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/02/04 08:51:37 | 000,000,000 | ---D | M] (Forecastbar Enhanced) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
[2012/02/04 08:51:38 | 000,000,000 | ---D | M] (oldbar) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}
[2012/02/04 08:51:41 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2012/02/04 08:51:33 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\battlefieldheroespatcher@ea.com
[2012/02/04 08:51:34 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\personas@christopher.beard
[2012/06/19 18:30:01 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\support@lastpass.com
[2012/02/03 23:11:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\iql3mo3f.default\extensions
[2012/02/03 23:09:54 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\iql3mo3f.default\extensions\support@lastpass.com
[2012/06/16 09:19:05 | 000,003,679 | ---- | M] () (No name found) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\check-compatibility@dactyl.googlecode.com.xpi
[2012/02/27 19:22:04 | 000,164,722 | ---- | M] () (No name found) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\compatibility@addons.mozilla.org.xpi
[2012/09/04 18:06:15 | 001,268,546 | ---- | M] () (No name found) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2012/07/25 07:02:05 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Seth\AppData\Roaming\Mozilla\Firefox\Profiles\9gfgde3z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/02/12 08:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/06 08:11:43 | 000,000,000 | ---D | M] (Mozilla Safe Browsing) -- C:\USERS\SETH\APPDATA\LOCAL\{FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}
[2012/07/21 17:54:49 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/12 08:30:28 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/12 08:30:28 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Seth\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Seth\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Seth\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: NPLastPass (Enabled) = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.1_0\nplastpass.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: ChromeUpdateManager = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjbnddbclciabnckgeahmneohjlahdm\1.0_0\
CHR - Extension: Star Legends = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\chcaflnbhnoegjedbjaamecefhglfamc\1.1.1.2_0\
CHR - Extension: Google Search = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Pirates: Tides of Fortune = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\djlmofcgpnpnhlbkgbpenbecfboohcka\0.88_0\
CHR - Extension: Battlefield Heroes = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.127.0_0\
CHR - Extension: LastPass = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.11_0\
CHR - Extension: avast! WebRep = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: Moon Breakers = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccpdhkmgdfccbdmbggjafpokmgeimnm\4.0_0\
CHR - Extension: Gmail = C:\Users\Seth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/10/25 22:01:53 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-208528018-1981667741-1512666818-1001..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - Startup: C:\Users\Seth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files\LastPass\context.html?cmd=fillforms File not found
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72C8A5C2-D80C-4FEB-9B10-EC0EA991B376}: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8093BB8-17AB-4A29-825F-D5F75BBD88D3}: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001/10/09 13:20:00 | 000,007,358 | R--- | M] () - D:\AutoRun.ico -- [ CDFS ]
O32 - AutoRun File - [2001/10/09 13:20:00 | 000,000,048 | R--- | M] () - D:\AutoRun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/25 22:04:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/10/25 18:17:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/25 18:17:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/25 18:17:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/25 18:17:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/25 18:16:49 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/10/25 06:12:49 | 000,000,000 | ---D | C] -- C:\Users\Seth\Desktop\RK_Quarantine
[2012/10/22 20:57:35 | 000,000,000 | ---D | C] -- C:\JRT
[2012/10/21 08:38:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012/10/17 21:39:48 | 000,000,000 | ---D | C] -- C:\Users\Seth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[2012/10/17 21:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
[2012/10/17 21:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade
[2012/10/17 21:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2012/10/17 21:25:08 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/10/17 21:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fox Interactive
[2012/10/17 21:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\Fox
[2012/10/17 21:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/10/06 08:11:43 | 000,000,000 | ---D | C] -- C:\Users\Seth\AppData\Local\{FEC7DFF2-0FAE-11E2-8271-B8AC6F996F26}

========== Files - Modified Within 30 Days ==========

[2012/10/26 06:07:22 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-208528018-1981667741-1512666818-1001UA.job
[2012/10/26 06:07:20 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/26 06:07:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/25 22:01:53 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/10/25 19:51:29 | 000,000,512 | ---- | M] () -- C:\Users\Seth\Desktop\MBR.dat
[2012/10/25 19:07:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/25 18:37:31 | 000,015,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/25 18:37:31 | 000,015,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/25 18:29:14 | 1602,723,840 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/25 06:34:06 | 000,013,952 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/10/24 21:42:55 | 000,000,000 | ---- | M] () -- C:\Users\Seth\defogger_reenable
[2012/10/21 14:36:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-208528018-1981667741-1512666818-1001Core.job
[2012/10/20 14:52:05 | 000,624,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/20 14:52:05 | 000,106,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/17 18:20:44 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2012/10/17 18:20:44 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2012/10/17 18:20:44 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2012/10/15 19:13:20 | 005,917,423 | ---- | M] () -- C:\Users\Seth\Documents\img008.pdf
[2012/09/30 09:04:32 | 000,030,686 | ---- | M] () -- C:\Users\Seth\Desktop\message.odt
[2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/10/25 19:51:29 | 000,000,512 | ---- | C] () -- C:\Users\Seth\Desktop\MBR.dat
[2012/10/25 18:17:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/25 18:17:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/25 18:17:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/25 18:17:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/25 18:17:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/25 06:19:09 | 000,013,952 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/10/24 21:42:55 | 000,000,000 | ---- | C] () -- C:\Users\Seth\defogger_reenable
[2012/10/17 18:20:44 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2012/10/17 18:20:44 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2012/10/17 18:20:44 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2012/10/15 19:12:52 | 005,917,423 | ---- | C] () -- C:\Users\Seth\Documents\img008.pdf
[2012/09/29 15:49:25 | 000,030,686 | ---- | C] () -- C:\Users\Seth\Desktop\message.odt
[2012/07/27 14:56:59 | 000,000,869 | ---- | C] () -- C:\Users\Seth\AppData\Local\recently-used.xbel
[2012/06/04 06:17:53 | 000,000,632 | RHS- | C] () -- C:\Users\Seth\ntuser.pol
[2012/03/08 21:50:55 | 000,000,600 | ---- | C] () -- C:\Users\Seth\AppData\Local\PUTTY.RND
[2012/03/04 17:59:52 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2012/03/04 17:59:51 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2012/03/04 17:59:51 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012/03/04 17:59:51 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2012/03/04 17:59:51 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012/03/04 17:59:51 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012/03/04 17:59:51 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012/03/04 17:59:51 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012/03/04 17:59:51 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012/03/04 17:59:51 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012/03/04 17:59:51 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012/03/04 17:59:51 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012/03/04 17:59:51 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012/03/04 17:59:51 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012/03/04 17:59:51 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012/03/04 17:59:51 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012/02/04 16:33:04 | 000,139,080 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/02/04 16:33:04 | 000,138,056 | ---- | C] () -- C:\Users\Seth\AppData\Roaming\PnkBstrK.sys
[2012/02/04 16:32:21 | 000,270,240 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2012/02/04 16:32:11 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2012/02/03 21:47:17 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll

========== ZeroAccess Check ==========

[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 05:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

OTL Extras logfile created on: 10/26/2012 6:14:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Seth\Downloads
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 46.51% Memory free
3.98 Gb Paging File | 2.73 Gb Available in Paging File | 68.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 13.79 Gb Free Space | 23.53% Space Free | Partition Type: NTFS
Drive D: | 550.89 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 174.19 Gb Total Space | 20.73 Gb Free Space | 11.90% Space Free | Partition Type: NTFS

Computer Name: SETH-PC | User Name: Seth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0175F943-6092-415B-84E7-2B6A53412EDD}" = lport=137 | protocol=17 | dir=in | app=system |
"{08961F93-BBAA-49FD-8E70-F1221787F63F}" = rport=445 | protocol=6 | dir=out | app=system |
"{183CE6A6-5E40-4B6B-855C-38483D4E0FAF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{18C9BD26-5CC2-49BA-AF93-BDAACB2B3D70}" = lport=2869 | protocol=6 | dir=in | app=system |
"{35DE6C3D-97DA-4C18-8900-3D95E88FE423}" = rport=10243 | protocol=6 | dir=out | app=system |
"{44B3CD54-2F8E-4A56-BAD6-34EA823FCABB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E904CBB-E821-48BA-9914-0B5E7764A545}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62B8ECA8-4780-411B-BB66-68E73CA67FC7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FDC84D2-566D-48D3-A375-31A827A7E8E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{91EF84B6-9686-4DCE-840D-C4D6227F6DC7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99274D2E-BBAC-486D-883C-05A7BDFFD45A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9983D0DA-6D09-4E96-8C87-AE643CCEA3E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BFCC201-2CA3-46BB-B2AD-59A00C865A20}" = lport=139 | protocol=6 | dir=in | app=system |
"{C76867CD-BB84-4F25-BE19-657046CFD52D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C960687D-9E1D-42AE-87B2-C8C72FDE80E2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9BE88F9-496E-4EB7-83B5-C5524E553E70}" = lport=138 | protocol=17 | dir=in | app=system |
"{CCF2C736-6A3A-4651-9B58-8B3C8637E76C}" = lport=445 | protocol=6 | dir=in | app=system |
"{CDDC5701-EDD9-4299-8272-5FD284C58BDF}" = rport=138 | protocol=17 | dir=out | app=system |
"{CEA1C64E-674F-4A16-A097-5804011A870F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA390BEC-6672-4FC4-B8F6-7CFA10F5BFFD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4D856F7-6C2B-4811-A1A5-4DE2C8F2EB4D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9A81DF0-A1E3-4B54-82B8-293E6465A92E}" = rport=139 | protocol=6 | dir=out | app=system |
"{EA44562B-E2D5-45FE-B4C2-A98678EC61A6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0689D308-C8DA-4BC7-B619-F46925A53E30}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0BEF154A-CD59-4708-BAFF-E0E99DF39A66}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1C150145-64EA-428D-B588-EA41AB626185}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{22148064-45CB-4ECC-89AE-68282B0C8910}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{29845133-E2E1-4508-AA07-B2DD3EF791C3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3617CA2D-E40C-4CA8-B44E-FA63A661AE48}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{429A0FFE-9E2D-40B7-8A67-99C6B505CBF2}" = protocol=6 | dir=out | app=system |
"{457F671B-06C7-494F-881D-6BC32BE09CE9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5D0A0894-F61C-479C-860F-16D27D5DF24C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6905D036-B075-4A36-89B4-45DFACDEAD13}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{69AFB03D-1D19-48B6-9F3E-DFBF6658A6F8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{6F71C88A-0009-44CB-9AEE-77AAF842C3D0}" = protocol=6 | dir=in | app=c:\users\seth\appdata\roaming\dropbox\bin\dropbox.exe |
"{83B4F25D-169A-4231-9018-C19F883CB3B8}" = protocol=17 | dir=in | app=c:\users\seth\appdata\roaming\dropbox\bin\dropbox.exe |
"{8CDC430F-AD01-42FE-8048-09C8FEC3FDB2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A39729D4-5F14-4AB3-B92C-6A4BA4F2C262}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B28967A4-3219-484D-8555-65A6824E4C56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B38FBCA4-19E6-46E1-A7B7-160A551F7656}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BCF58FA7-3E37-48D3-9121-3FEA7DA2DF4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CDA3A062-87AE-4F48-BEF6-504D3FB49DC2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1AC8B74-8E51-4862-B4D3-B57C89BE98D2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D1BFEC00-8CF4-4701-8038-4A4E846F354D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB76546C-AE24-49CB-9165-0ED61A1BC813}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC42DE74-B8DE-4F33-8B74-F2E1BE8718CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8986575-662F-4D84-B14F-A8451D6364D3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{EB91E833-AB99-4FF1-ABE2-5DFA42276DC3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EDBF0A2D-3080-46A7-AC0C-43DD86289E6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}" = Aliens vs. Predator 2
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{5D6C26B9-D9E7-4E77-A4DE-0C2B242E85FA}" = ZoneAlarm Firewall
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C4BC01F3-B7E6-49FA-8FBE-6B62FDF9CED0}" = ZoneAlarm Security
"{EACCC042-848D-4166-9D97-B13D1D108722}" = Google Drive
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8 Qt_is1" = DVDFab 8.1.6.0 (01/02/2012) Qt
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.5.3
"Foxit Reader_is1" = Foxit Reader 5.1
"Freemake Video Converter_is1" = Freemake Video Converter version 3.0.1
"GameSpy Arcade" = GameSpy Arcade
"GIMP-2_is1" = GIMP 2.8.0
"HandBrake" = HandBrake 0.9.5
"HDMI" = Intel® Graphics Media Accelerator Driver
"LastPass" = LastPass (uninstall only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"Mozilla Thunderbird 14.0 (x86 en-US)" = Mozilla Thunderbird 14.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PunkBusterSvc" = PunkBuster Services
"Trillian" = Trillian
"TVWiz" = Intel® TV Wizard
"VLC media player" = VLC media player 1.1.11
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/25/2012 7:36:21 PM | Computer Name = Seth-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1061

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1061

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2059

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2059

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3151

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3151

[ Media Center Events ]
Error - 4/14/2012 4:31:27 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 4:31:22 PM - Error connecting to the internet. 4:31:22 PM - Unable
to contact server..

Error - 5/19/2012 7:45:54 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 7:45:42 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 8:46:32 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 8:46:27 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 9:58:50 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 9:58:48 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 10:59:28 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 10:59:22 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/20/2012 6:59:47 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:59:46 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/21/2012 6:04:35 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:04:35 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/22/2012 6:15:41 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:15:41 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 7/17/2012 6:41:04 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:41:00 AM - Error connecting to the internet. 6:41:00 AM - Unable
to contact server..

Error - 7/17/2012 7:42:07 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 7:42:01 AM - Error connecting to the internet. 7:42:01 AM - Unable
to contact server..

[ System Events ]
Error - 10/25/2012 6:16:53 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7034
Description = The EPSON V3 Service4(01) service terminated unexpectedly. It has
done this 1 time(s).

Error - 10/25/2012 6:19:50 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 6:23:57 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 6:29:18 PM | Computer Name = Seth-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:27:53 PM on ?10/?25/?2012 was unexpected.

Error - 10/25/2012 9:51:26 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7034
Description = The EPSON V3 Service4(01) service terminated unexpectedly. It has
done this 1 time(s).

Error - 10/25/2012 9:53:45 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 9:57:58 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 10:01:57 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/26/2012 5:02:35 AM | Computer Name = Seth-PC | Source = DCOM | ID = 10010
Description =

Error - 10/26/2012 6:07:09 AM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the lmhosts service.


< End of report >

OTL Extras logfile created on: 10/26/2012 6:14:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Seth\Downloads
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 46.51% Memory free
3.98 Gb Paging File | 2.73 Gb Available in Paging File | 68.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 13.79 Gb Free Space | 23.53% Space Free | Partition Type: NTFS
Drive D: | 550.89 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 174.19 Gb Total Space | 20.73 Gb Free Space | 11.90% Space Free | Partition Type: NTFS

Computer Name: SETH-PC | User Name: Seth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0175F943-6092-415B-84E7-2B6A53412EDD}" = lport=137 | protocol=17 | dir=in | app=system |
"{08961F93-BBAA-49FD-8E70-F1221787F63F}" = rport=445 | protocol=6 | dir=out | app=system |
"{183CE6A6-5E40-4B6B-855C-38483D4E0FAF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{18C9BD26-5CC2-49BA-AF93-BDAACB2B3D70}" = lport=2869 | protocol=6 | dir=in | app=system |
"{35DE6C3D-97DA-4C18-8900-3D95E88FE423}" = rport=10243 | protocol=6 | dir=out | app=system |
"{44B3CD54-2F8E-4A56-BAD6-34EA823FCABB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E904CBB-E821-48BA-9914-0B5E7764A545}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62B8ECA8-4780-411B-BB66-68E73CA67FC7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FDC84D2-566D-48D3-A375-31A827A7E8E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{91EF84B6-9686-4DCE-840D-C4D6227F6DC7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99274D2E-BBAC-486D-883C-05A7BDFFD45A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9983D0DA-6D09-4E96-8C87-AE643CCEA3E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BFCC201-2CA3-46BB-B2AD-59A00C865A20}" = lport=139 | protocol=6 | dir=in | app=system |
"{C76867CD-BB84-4F25-BE19-657046CFD52D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C960687D-9E1D-42AE-87B2-C8C72FDE80E2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9BE88F9-496E-4EB7-83B5-C5524E553E70}" = lport=138 | protocol=17 | dir=in | app=system |
"{CCF2C736-6A3A-4651-9B58-8B3C8637E76C}" = lport=445 | protocol=6 | dir=in | app=system |
"{CDDC5701-EDD9-4299-8272-5FD284C58BDF}" = rport=138 | protocol=17 | dir=out | app=system |
"{CEA1C64E-674F-4A16-A097-5804011A870F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA390BEC-6672-4FC4-B8F6-7CFA10F5BFFD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4D856F7-6C2B-4811-A1A5-4DE2C8F2EB4D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9A81DF0-A1E3-4B54-82B8-293E6465A92E}" = rport=139 | protocol=6 | dir=out | app=system |
"{EA44562B-E2D5-45FE-B4C2-A98678EC61A6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0689D308-C8DA-4BC7-B619-F46925A53E30}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0BEF154A-CD59-4708-BAFF-E0E99DF39A66}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1C150145-64EA-428D-B588-EA41AB626185}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{22148064-45CB-4ECC-89AE-68282B0C8910}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{29845133-E2E1-4508-AA07-B2DD3EF791C3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3617CA2D-E40C-4CA8-B44E-FA63A661AE48}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{429A0FFE-9E2D-40B7-8A67-99C6B505CBF2}" = protocol=6 | dir=out | app=system |
"{457F671B-06C7-494F-881D-6BC32BE09CE9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5D0A0894-F61C-479C-860F-16D27D5DF24C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6905D036-B075-4A36-89B4-45DFACDEAD13}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{69AFB03D-1D19-48B6-9F3E-DFBF6658A6F8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{6F71C88A-0009-44CB-9AEE-77AAF842C3D0}" = protocol=6 | dir=in | app=c:\users\seth\appdata\roaming\dropbox\bin\dropbox.exe |
"{83B4F25D-169A-4231-9018-C19F883CB3B8}" = protocol=17 | dir=in | app=c:\users\seth\appdata\roaming\dropbox\bin\dropbox.exe |
"{8CDC430F-AD01-42FE-8048-09C8FEC3FDB2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A39729D4-5F14-4AB3-B92C-6A4BA4F2C262}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B28967A4-3219-484D-8555-65A6824E4C56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B38FBCA4-19E6-46E1-A7B7-160A551F7656}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BCF58FA7-3E37-48D3-9121-3FEA7DA2DF4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CDA3A062-87AE-4F48-BEF6-504D3FB49DC2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1AC8B74-8E51-4862-B4D3-B57C89BE98D2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D1BFEC00-8CF4-4701-8038-4A4E846F354D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB76546C-AE24-49CB-9165-0ED61A1BC813}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC42DE74-B8DE-4F33-8B74-F2E1BE8718CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8986575-662F-4D84-B14F-A8451D6364D3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{EB91E833-AB99-4FF1-ABE2-5DFA42276DC3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EDBF0A2D-3080-46A7-AC0C-43DD86289E6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}" = Aliens vs. Predator 2
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{5D6C26B9-D9E7-4E77-A4DE-0C2B242E85FA}" = ZoneAlarm Firewall
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C4BC01F3-B7E6-49FA-8FBE-6B62FDF9CED0}" = ZoneAlarm Security
"{EACCC042-848D-4166-9D97-B13D1D108722}" = Google Drive
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8 Qt_is1" = DVDFab 8.1.6.0 (01/02/2012) Qt
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.5.3
"Foxit Reader_is1" = Foxit Reader 5.1
"Freemake Video Converter_is1" = Freemake Video Converter version 3.0.1
"GameSpy Arcade" = GameSpy Arcade
"GIMP-2_is1" = GIMP 2.8.0
"HandBrake" = HandBrake 0.9.5
"HDMI" = Intel® Graphics Media Accelerator Driver
"LastPass" = LastPass (uninstall only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"Mozilla Thunderbird 14.0 (x86 en-US)" = Mozilla Thunderbird 14.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PunkBusterSvc" = PunkBuster Services
"Trillian" = Trillian
"TVWiz" = Intel® TV Wizard
"VLC media player" = VLC media player 1.1.11
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/25/2012 7:36:21 PM | Computer Name = Seth-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1061

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1061

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2059

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2059

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3151

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3151

[ Media Center Events ]
Error - 4/14/2012 4:31:27 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 4:31:22 PM - Error connecting to the internet. 4:31:22 PM - Unable
to contact server..

Error - 5/19/2012 7:45:54 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 7:45:42 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 8:46:32 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 8:46:27 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 9:58:50 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 9:58:48 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 10:59:28 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 10:59:22 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/20/2012 6:59:47 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:59:46 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/21/2012 6:04:35 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:04:35 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/22/2012 6:15:41 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:15:41 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 7/17/2012 6:41:04 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:41:00 AM - Error connecting to the internet. 6:41:00 AM - Unable
to contact server..

Error - 7/17/2012 7:42:07 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 7:42:01 AM - Error connecting to the internet. 7:42:01 AM - Unable
to contact server..

[ System Events ]
Error - 10/25/2012 6:16:53 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7034
Description = The EPSON V3 Service4(01) service terminated unexpectedly. It has
done this 1 time(s).

Error - 10/25/2012 6:19:50 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 6:23:57 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 6:29:18 PM | Computer Name = Seth-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:27:53 PM on ?10/?25/?2012 was unexpected.

Error - 10/25/2012 9:51:26 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7034
Description = The EPSON V3 Service4(01) service terminated unexpectedly. It has
done this 1 time(s).

Error - 10/25/2012 9:53:45 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 9:57:58 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 10:01:57 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/26/2012 5:02:35 AM | Computer Name = Seth-PC | Source = DCOM | ID = 10010
Description =

Error - 10/26/2012 6:07:09 AM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the lmhosts service.


< End of report >

OTL Extras logfile created on: 10/26/2012 6:14:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Seth\Downloads
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 46.51% Memory free
3.98 Gb Paging File | 2.73 Gb Available in Paging File | 68.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 13.79 Gb Free Space | 23.53% Space Free | Partition Type: NTFS
Drive D: | 550.89 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 174.19 Gb Total Space | 20.73 Gb Free Space | 11.90% Space Free | Partition Type: NTFS

Computer Name: SETH-PC | User Name: Seth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0175F943-6092-415B-84E7-2B6A53412EDD}" = lport=137 | protocol=17 | dir=in | app=system |
"{08961F93-BBAA-49FD-8E70-F1221787F63F}" = rport=445 | protocol=6 | dir=out | app=system |
"{183CE6A6-5E40-4B6B-855C-38483D4E0FAF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{18C9BD26-5CC2-49BA-AF93-BDAACB2B3D70}" = lport=2869 | protocol=6 | dir=in | app=system |
"{35DE6C3D-97DA-4C18-8900-3D95E88FE423}" = rport=10243 | protocol=6 | dir=out | app=system |
"{44B3CD54-2F8E-4A56-BAD6-34EA823FCABB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E904CBB-E821-48BA-9914-0B5E7764A545}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62B8ECA8-4780-411B-BB66-68E73CA67FC7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FDC84D2-566D-48D3-A375-31A827A7E8E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{91EF84B6-9686-4DCE-840D-C4D6227F6DC7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99274D2E-BBAC-486D-883C-05A7BDFFD45A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9983D0DA-6D09-4E96-8C87-AE643CCEA3E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BFCC201-2CA3-46BB-B2AD-59A00C865A20}" = lport=139 | protocol=6 | dir=in | app=system |
"{C76867CD-BB84-4F25-BE19-657046CFD52D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C960687D-9E1D-42AE-87B2-C8C72FDE80E2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9BE88F9-496E-4EB7-83B5-C5524E553E70}" = lport=138 | protocol=17 | dir=in | app=system |
"{CCF2C736-6A3A-4651-9B58-8B3C8637E76C}" = lport=445 | protocol=6 | dir=in | app=system |
"{CDDC5701-EDD9-4299-8272-5FD284C58BDF}" = rport=138 | protocol=17 | dir=out | app=system |
"{CEA1C64E-674F-4A16-A097-5804011A870F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA390BEC-6672-4FC4-B8F6-7CFA10F5BFFD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4D856F7-6C2B-4811-A1A5-4DE2C8F2EB4D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9A81DF0-A1E3-4B54-82B8-293E6465A92E}" = rport=139 | protocol=6 | dir=out | app=system |
"{EA44562B-E2D5-45FE-B4C2-A98678EC61A6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0689D308-C8DA-4BC7-B619-F46925A53E30}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0BEF154A-CD59-4708-BAFF-E0E99DF39A66}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1C150145-64EA-428D-B588-EA41AB626185}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{22148064-45CB-4ECC-89AE-68282B0C8910}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{29845133-E2E1-4508-AA07-B2DD3EF791C3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3617CA2D-E40C-4CA8-B44E-FA63A661AE48}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{429A0FFE-9E2D-40B7-8A67-99C6B505CBF2}" = protocol=6 | dir=out | app=system |
"{457F671B-06C7-494F-881D-6BC32BE09CE9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5D0A0894-F61C-479C-860F-16D27D5DF24C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6905D036-B075-4A36-89B4-45DFACDEAD13}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{69AFB03D-1D19-48B6-9F3E-DFBF6658A6F8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{6F71C88A-0009-44CB-9AEE-77AAF842C3D0}" = protocol=6 | dir=in | app=c:\users\seth\appdata\roaming\dropbox\bin\dropbox.exe |
"{83B4F25D-169A-4231-9018-C19F883CB3B8}" = protocol=17 | dir=in | app=c:\users\seth\appdata\roaming\dropbox\bin\dropbox.exe |
"{8CDC430F-AD01-42FE-8048-09C8FEC3FDB2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A39729D4-5F14-4AB3-B92C-6A4BA4F2C262}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B28967A4-3219-484D-8555-65A6824E4C56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B38FBCA4-19E6-46E1-A7B7-160A551F7656}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BCF58FA7-3E37-48D3-9121-3FEA7DA2DF4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CDA3A062-87AE-4F48-BEF6-504D3FB49DC2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1AC8B74-8E51-4862-B4D3-B57C89BE98D2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D1BFEC00-8CF4-4701-8038-4A4E846F354D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB76546C-AE24-49CB-9165-0ED61A1BC813}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC42DE74-B8DE-4F33-8B74-F2E1BE8718CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8986575-662F-4D84-B14F-A8451D6364D3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{EB91E833-AB99-4FF1-ABE2-5DFA42276DC3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EDBF0A2D-3080-46A7-AC0C-43DD86289E6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}" = Aliens vs. Predator 2
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{5D6C26B9-D9E7-4E77-A4DE-0C2B242E85FA}" = ZoneAlarm Firewall
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C4BC01F3-B7E6-49FA-8FBE-6B62FDF9CED0}" = ZoneAlarm Security
"{EACCC042-848D-4166-9D97-B13D1D108722}" = Google Drive
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8 Qt_is1" = DVDFab 8.1.6.0 (01/02/2012) Qt
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.5.3
"Foxit Reader_is1" = Foxit Reader 5.1
"Freemake Video Converter_is1" = Freemake Video Converter version 3.0.1
"GameSpy Arcade" = GameSpy Arcade
"GIMP-2_is1" = GIMP 2.8.0
"HandBrake" = HandBrake 0.9.5
"HDMI" = Intel® Graphics Media Accelerator Driver
"LastPass" = LastPass (uninstall only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"Mozilla Thunderbird 14.0 (x86 en-US)" = Mozilla Thunderbird 14.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PunkBusterSvc" = PunkBuster Services
"Trillian" = Trillian
"TVWiz" = Intel® TV Wizard
"VLC media player" = VLC media player 1.1.11
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/25/2012 7:36:21 PM | Computer Name = Seth-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1061

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1061

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2059

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2059

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3151

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3151

[ Media Center Events ]
Error - 4/14/2012 4:31:27 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 4:31:22 PM - Error connecting to the internet. 4:31:22 PM - Unable
to contact server..

Error - 5/19/2012 7:45:54 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 7:45:42 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 8:46:32 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 8:46:27 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 9:58:50 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 9:58:48 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 10:59:28 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 10:59:22 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/20/2012 6:59:47 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:59:46 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/21/2012 6:04:35 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:04:35 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/22/2012 6:15:41 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:15:41 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 7/17/2012 6:41:04 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:41:00 AM - Error connecting to the internet. 6:41:00 AM - Unable
to contact server..

Error - 7/17/2012 7:42:07 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 7:42:01 AM - Error connecting to the internet. 7:42:01 AM - Unable
to contact server..

[ System Events ]
Error - 10/25/2012 6:16:53 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7034
Description = The EPSON V3 Service4(01) service terminated unexpectedly. It has
done this 1 time(s).

Error - 10/25/2012 6:19:50 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 6:23:57 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 6:29:18 PM | Computer Name = Seth-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:27:53 PM on ?10/?25/?2012 was unexpected.

Error - 10/25/2012 9:51:26 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7034
Description = The EPSON V3 Service4(01) service terminated unexpectedly. It has
done this 1 time(s).

Error - 10/25/2012 9:53:45 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 9:57:58 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 10:01:57 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/26/2012 5:02:35 AM | Computer Name = Seth-PC | Source = DCOM | ID = 10010
Description =

Error - 10/26/2012 6:07:09 AM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the lmhosts service.


< End of report >

#15 csixtyfour

csixtyfour
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:19 PM

Posted 26 October 2012 - 05:27 AM

OTL Extras logfile created on: 10/26/2012 6:14:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Seth\Downloads
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 46.51% Memory free
3.98 Gb Paging File | 2.73 Gb Available in Paging File | 68.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 13.79 Gb Free Space | 23.53% Space Free | Partition Type: NTFS
Drive D: | 550.89 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 174.19 Gb Total Space | 20.73 Gb Free Space | 11.90% Space Free | Partition Type: NTFS

Computer Name: SETH-PC | User Name: Seth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0175F943-6092-415B-84E7-2B6A53412EDD}" = lport=137 | protocol=17 | dir=in | app=system |
"{08961F93-BBAA-49FD-8E70-F1221787F63F}" = rport=445 | protocol=6 | dir=out | app=system |
"{183CE6A6-5E40-4B6B-855C-38483D4E0FAF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{18C9BD26-5CC2-49BA-AF93-BDAACB2B3D70}" = lport=2869 | protocol=6 | dir=in | app=system |
"{35DE6C3D-97DA-4C18-8900-3D95E88FE423}" = rport=10243 | protocol=6 | dir=out | app=system |
"{44B3CD54-2F8E-4A56-BAD6-34EA823FCABB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E904CBB-E821-48BA-9914-0B5E7764A545}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62B8ECA8-4780-411B-BB66-68E73CA67FC7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FDC84D2-566D-48D3-A375-31A827A7E8E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{91EF84B6-9686-4DCE-840D-C4D6227F6DC7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99274D2E-BBAC-486D-883C-05A7BDFFD45A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9983D0DA-6D09-4E96-8C87-AE643CCEA3E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BFCC201-2CA3-46BB-B2AD-59A00C865A20}" = lport=139 | protocol=6 | dir=in | app=system |
"{C76867CD-BB84-4F25-BE19-657046CFD52D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C960687D-9E1D-42AE-87B2-C8C72FDE80E2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C9BE88F9-496E-4EB7-83B5-C5524E553E70}" = lport=138 | protocol=17 | dir=in | app=system |
"{CCF2C736-6A3A-4651-9B58-8B3C8637E76C}" = lport=445 | protocol=6 | dir=in | app=system |
"{CDDC5701-EDD9-4299-8272-5FD284C58BDF}" = rport=138 | protocol=17 | dir=out | app=system |
"{CEA1C64E-674F-4A16-A097-5804011A870F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA390BEC-6672-4FC4-B8F6-7CFA10F5BFFD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4D856F7-6C2B-4811-A1A5-4DE2C8F2EB4D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E9A81DF0-A1E3-4B54-82B8-293E6465A92E}" = rport=139 | protocol=6 | dir=out | app=system |
"{EA44562B-E2D5-45FE-B4C2-A98678EC61A6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0689D308-C8DA-4BC7-B619-F46925A53E30}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0BEF154A-CD59-4708-BAFF-E0E99DF39A66}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{1C150145-64EA-428D-B588-EA41AB626185}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{22148064-45CB-4ECC-89AE-68282B0C8910}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{29845133-E2E1-4508-AA07-B2DD3EF791C3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3617CA2D-E40C-4CA8-B44E-FA63A661AE48}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{429A0FFE-9E2D-40B7-8A67-99C6B505CBF2}" = protocol=6 | dir=out | app=system |
"{457F671B-06C7-494F-881D-6BC32BE09CE9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5D0A0894-F61C-479C-860F-16D27D5DF24C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6905D036-B075-4A36-89B4-45DFACDEAD13}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{69AFB03D-1D19-48B6-9F3E-DFBF6658A6F8}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{6F71C88A-0009-44CB-9AEE-77AAF842C3D0}" = protocol=6 | dir=in | app=c:\users\seth\appdata\roaming\dropbox\bin\dropbox.exe |
"{83B4F25D-169A-4231-9018-C19F883CB3B8}" = protocol=17 | dir=in | app=c:\users\seth\appdata\roaming\dropbox\bin\dropbox.exe |
"{8CDC430F-AD01-42FE-8048-09C8FEC3FDB2}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A39729D4-5F14-4AB3-B92C-6A4BA4F2C262}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B28967A4-3219-484D-8555-65A6824E4C56}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B38FBCA4-19E6-46E1-A7B7-160A551F7656}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BCF58FA7-3E37-48D3-9121-3FEA7DA2DF4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CDA3A062-87AE-4F48-BEF6-504D3FB49DC2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1AC8B74-8E51-4862-B4D3-B57C89BE98D2}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D1BFEC00-8CF4-4701-8038-4A4E846F354D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DB76546C-AE24-49CB-9165-0ED61A1BC813}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC42DE74-B8DE-4F33-8B74-F2E1BE8718CD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8986575-662F-4D84-B14F-A8451D6364D3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{EB91E833-AB99-4FF1-ABE2-5DFA42276DC3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EDBF0A2D-3080-46A7-AC0C-43DD86289E6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}" = Netflix in Windows Media Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}" = Aliens vs. Predator 2
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{5D6C26B9-D9E7-4E77-A4DE-0C2B242E85FA}" = ZoneAlarm Firewall
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C4BC01F3-B7E6-49FA-8FBE-6B62FDF9CED0}" = ZoneAlarm Security
"{EACCC042-848D-4166-9D97-B13D1D108722}" = Google Drive
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8 Qt_is1" = DVDFab 8.1.6.0 (01/02/2012) Qt
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"FileZilla Client" = FileZilla Client 3.5.3
"Foxit Reader_is1" = Foxit Reader 5.1
"Freemake Video Converter_is1" = Freemake Video Converter version 3.0.1
"GameSpy Arcade" = GameSpy Arcade
"GIMP-2_is1" = GIMP 2.8.0
"HandBrake" = HandBrake 0.9.5
"HDMI" = Intel® Graphics Media Accelerator Driver
"LastPass" = LastPass (uninstall only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"Mozilla Thunderbird 14.0 (x86 en-US)" = Mozilla Thunderbird 14.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PunkBusterSvc" = PunkBuster Services
"Trillian" = Trillian
"TVWiz" = Intel® TV Wizard
"VLC media player" = VLC media player 1.1.11
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-208528018-1981667741-1512666818-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/25/2012 7:36:21 PM | Computer Name = Seth-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1061

Error - 10/25/2012 11:02:29 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1061

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2059

Error - 10/25/2012 11:02:30 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2059

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3151

Error - 10/25/2012 11:02:31 PM | Computer Name = Seth-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3151

[ Media Center Events ]
Error - 4/14/2012 4:31:27 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 4:31:22 PM - Error connecting to the internet. 4:31:22 PM - Unable
to contact server..

Error - 5/19/2012 7:45:54 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 7:45:42 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 8:46:32 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 8:46:27 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 9:58:50 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 9:58:48 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/19/2012 10:59:28 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 10:59:22 AM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/20/2012 6:59:47 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:59:46 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/21/2012 6:04:35 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:04:35 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 5/22/2012 6:15:41 PM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:15:41 PM - Failed to retrieve SportsSchedule-2.enc (Error: HTTP
status 404: The requested URL does not exist on the server. )

Error - 7/17/2012 6:41:04 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 6:41:00 AM - Error connecting to the internet. 6:41:00 AM - Unable
to contact server..

Error - 7/17/2012 7:42:07 AM | Computer Name = Seth-PC | Source = MCUpdate | ID = 0
Description = 7:42:01 AM - Error connecting to the internet. 7:42:01 AM - Unable
to contact server..

[ System Events ]
Error - 10/25/2012 6:16:53 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7034
Description = The EPSON V3 Service4(01) service terminated unexpectedly. It has
done this 1 time(s).

Error - 10/25/2012 6:19:50 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 6:23:57 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 6:29:18 PM | Computer Name = Seth-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:27:53 PM on ?10/?25/?2012 was unexpected.

Error - 10/25/2012 9:51:26 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7034
Description = The EPSON V3 Service4(01) service terminated unexpectedly. It has
done this 1 time(s).

Error - 10/25/2012 9:53:45 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 9:57:58 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/25/2012 10:01:57 PM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/26/2012 5:02:35 AM | Computer Name = Seth-PC | Source = DCOM | ID = 10010
Description =

Error - 10/26/2012 6:07:09 AM | Computer Name = Seth-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the lmhosts service.


< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users