Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Finally asking for help


  • Please log in to reply
30 replies to this topic

#1 LightningMan

LightningMan

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 05 February 2013 - 08:17 AM

I help out friends with virus problems and usually can get them back going clean, but this one is beating me. I've run Eset, Malwarebytes, House Call, and Dr. Web CureIt, all after running RKill. Right now it's showing clean (after having found a number of things) but it still won't run ComboFix (which I know I shouldn't run without guidance, my apologies) which tells me that something is still on here.

I ran RootRepeal (attached log) and GMER (attached log), but I don't know enough to know what I am looking at. Help.

Attached File  RootRepeal01.txt   46.12KB   2 downloads

Attached File  Gmer01.log   57.46KB   3 downloads

BC AdBot (Login to Remove)

 


#2 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:09:07 AM

Posted 07 February 2013 - 03:54 PM

Hello, LightningMan
Welcome to the Bleeping Computer Forums. My name is Thomas (Tom is fine), and I will be helping you fixing your problems.

If you do not make a reply in 4-5 days, we will have to close your topic.



Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Please reply using the t_reply.gif button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.
  • Please set your system to show all files.
    Click Start, open My Computer, select the Tools menu and click Folder Options.
    Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
    Uncheck: Hide file extensions for known file types
    Uncheck the Hide protected operating system files (recommended) option.
    Click Yes to confirm.
    • Please download OTL from one of the following mirrors:
    • Save it to your desktop.
    • Double click on the otlDesktopIcon.png icon on your desktop.
    • Push the Quick Scan button.
    • Two reports will open, copy and paste them in a reply here:
      • OTL.txt <-- Will be opened
      • Extra.txt <-- Will be minimized
  • Please download aswMBR ( 511KB ) to your desktop.
    • Double click the aswMBR.exe icon to run it
    • Click the Scan button to start the scan
    • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#3 LightningMan

LightningMan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 07 February 2013 - 07:50 PM

OTL logfile created on: 2/7/2013 6:13:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Computer_Ångels\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.94 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 36.50% Memory free
5.65 Gb Paging File | 3.82 Gb Available in Paging File | 67.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 64.46 Gb Total Space | 1.84 Gb Free Space | 2.85% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.58 Gb Free Space | 55.75% Space Free | Partition Type: NTFS
 
Computer Name: ROBERTMCKOY-PC | User Name: Computer_Ångels | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/02/07 18:09:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Computer_Ångels\Desktop\OTL.exe
PRC - [2013/02/05 22:11:11 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/21 23:38:15 | 000,107,520 | ---- | M] () -- C:\Users\Patricia\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2012/06/25 14:02:38 | 000,055,752 | ---- | M] (SOS Online Backup) -- C:\Program Files\SOS Online Backup\SMessaging.exe
PRC - [2012/06/11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2012/01/18 16:36:46 | 001,452,680 | ---- | M] (SPAMfighter ApS) -- C:\Program Files\Fighters\Tray\FightersTray.exe
PRC - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1174251251\ee\aolupdates.exe
PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1174251251\ee\aolsoftware.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/23 08:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2007/10/25 15:37:32 | 002,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2007/10/25 15:33:22 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/10/25 15:32:58 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007/10/19 12:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/10/19 12:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/09/18 13:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
PRC - [2007/09/18 13:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
PRC - [2007/06/26 01:56:08 | 000,098,952 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\dldfserv.exe
PRC - [2007/06/26 01:56:06 | 000,598,664 | ---- | M] ( ) -- C:\Windows\System32\dldfcoms.exe
PRC - [2007/01/12 09:51:28 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/11/12 02:19:46 | 000,446,976 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2006/11/02 07:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/02/05 22:11:09 | 003,022,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/01/11 09:21:52 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2cbdbc8bb7fcf0d7eb7a8d616e141d79\System.Core.ni.dll
MOD - [2013/01/11 09:16:48 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
MOD - [2013/01/11 09:16:40 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4324113139782a29f66e449cf2f8ac14\System.Xml.ni.dll
MOD - [2013/01/11 09:15:48 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll
MOD - [2013/01/11 09:15:20 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
MOD - [2013/01/11 09:14:51 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll
MOD - [2013/01/11 09:08:00 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
MOD - [2013/01/11 09:07:46 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/03/29 23:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2007/10/25 15:44:12 | 000,103,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.DLL
MOD - [2007/10/25 15:37:32 | 002,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
MOD - [2007/10/25 15:35:04 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
MOD - [2007/10/25 15:34:42 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
MOD - [2007/10/25 15:34:42 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll
MOD - [2007/10/25 15:33:44 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll
MOD - [2007/10/25 15:33:34 | 000,344,336 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll
MOD - [2007/10/25 15:33:22 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2007/10/19 12:17:40 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2007/09/18 13:45:44 | 000,455,336 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfmon.exe
MOD - [2007/09/18 13:45:39 | 000,410,280 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\memcard.exe
MOD - [2007/05/08 13:44:28 | 000,278,528 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfscw.dll
MOD - [2007/05/03 10:39:31 | 000,589,824 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfdatr.dll
MOD - [2007/04/16 08:47:47 | 000,077,906 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcfg.dll
MOD - [2007/04/09 08:16:00 | 000,147,456 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\DLDFptp.dll
MOD - [2006/12/28 10:47:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell AIO Printer 948\dldfcats.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - File not found [On_Demand | Stopped] -- C:\Users\COMPUT~1\AppData\Local\Temp\V.exe -- (V)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - File not found [Auto | Stopped] -- C:\program files\otshot\ZalmanUpdateService.exe -- (otshot)
SRV - [2013/02/05 22:11:09 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/09 09:41:49 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/21 23:38:15 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\Patricia\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2012/06/11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/06/01 14:15:40 | 000,217,200 | ---- | M] (SPAMfighter ApS) [On_Demand | Stopped] -- C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe -- (Common Toolkit Tools)
SRV - [2012/05/10 12:11:24 | 001,267,264 | ---- | M] (SPAMfighter ApS) [Auto | Stopped] -- C:\Program Files\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe -- (NIS)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/19 12:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 12:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/10/19 12:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/09/18 17:49:30 | 000,181,784 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/06/26 01:56:08 | 000,098,952 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe -- (dldfCATSCustConnectService)
SRV - [2007/06/26 01:56:06 | 000,598,664 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dldfcoms.exe -- (dldf_device)
SRV - [2006/11/07 13:27:02 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\COMPUT~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/01/30 17:18:55 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20130206.019\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/01/30 17:18:55 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20130206.019\NAVENG.SYS -- (NAVENG)
DRV - [2013/01/15 21:51:12 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20130116.013\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/11/18 20:45:43 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/09/06 03:54:30 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20130206.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/08/09 00:02:10 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/03/03 12:03:07 | 000,127,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/08/08 18:38:11 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1301010.003\ccSetx86.sys -- (ccSet_NIS)
DRV - [2011/08/02 21:22:10 | 000,566,904 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1301010.003\srtsp.sys -- (SRTSP)
DRV - [2011/08/02 21:22:10 | 000,031,864 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1301010.003\srtspx.sys -- (SRTSPX)
DRV - [2011/07/28 22:20:02 | 000,897,656 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1301010.003\SymEFA.sys -- (SymEFA)
DRV - [2011/07/25 21:18:39 | 000,344,184 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1301010.003\symtdiv.sys -- (SYMTDIv)
DRV - [2011/07/25 21:18:35 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1301010.003\SymDS.sys -- (SymDS)
DRV - [2011/07/25 21:15:51 | 000,149,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1301010.003\Ironx86.sys -- (SymIRON)
DRV - [2010/07/13 16:34:53 | 000,024,904 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atwpkt2.sys -- (ATWPKT2)
DRV - [2007/10/19 12:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/10/11 21:00:54 | 003,647,384 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2007/10/11 21:00:42 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/11 17:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 17:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/07/19 00:42:30 | 001,920,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/05/23 16:26:34 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/02/08 19:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 19:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/01/12 09:52:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/12/07 23:25:00 | 004,456,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 02:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/01 15:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw)
DRV - [2006/10/26 15:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/10/26 15:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/10/26 15:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/10/26 15:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/10/26 15:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/10/26 15:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/10/26 15:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/10/26 15:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/17 15:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/08/17 07:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutDtDtC0A0AtDtDzzzz0C0AyDyC0CtA0EtN0D0Tzu0CtBtDtBtN1L2XzutBtFtCtFtDtFtAtDtC&cr=1973962168
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=W3iAllBrowsersAU&dpid=W3iAllBrowsersAU&co=US&userid=5f2d4630-7de5-45b5-9fc9-48132a5abcf8&searchtype=ds&isid=9860&q={searchTerms}
IE - HKLM\..\SearchScopes\{046ACEB5-9CB7-D118-0AE8-455AB6A3EC23}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=1&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{165353FE-F5C6-395F-CC60-089B84A44924}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtC0A0AtDtDzzzz0C0AyDyC0CtA0EtN0D0Tzu0StCzytDtN1L2XzutBtFtCtFtDtFtAtDtC&cr=1546501109
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-webpickaol-chromesbox-en-us&tb_uuid=20121013002100703&tb_oid=13-10-2012&tb_mrud=13-10-2012
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutDtDtC0A0AtDtDzzzz0C0AyDyC0CtA0EtN0D0Tzu0CtCzytAtN1L2XzutBtFtCtFtDtFtAtDtC&cr=924649299
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=486&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=5536410217534149&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylon.com/?affID=109935&tt=010712_5&babsrc=HP_ss&mntrId=841f6c3e000000000000001aa0088ca5
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6070307
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://support.dell.com/support/in [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2612669
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {6f094b04-2c69-4ff3-ac74-d9716e97e296} - No CLSID value found
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKCU\..\SearchScopes\{046ACEB5-9CB7-D118-0AE8-455AB6A3EC23}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=109935&tt=010712_5&babsrc=SP_ss&mntrId=841f6c3e000000000000001aa0088ca5
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtC0A0AtDtDzzzz0C0AyDyC0CtA0EtN0D0Tzu0StCzytDtN1L2XzutBtFtCtFtDtFtAtDtC&cr=1546501109
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.iplay.com/searchresults.aspx?o=chrome&q={searchTerms}
IE - HKCU\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=bu10aiminstabie7
IE - HKCU\..\SearchScopes\{56CE51AC-F668-4288-92AD-6FE3E45009AF}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=freeze&type=20080835_IE7DefaultSearch
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBR_enUS262
IE - HKCU\..\SearchScopes\{8261AADA-4F7E-4663-A92F-806D2DD9AF37}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=20&systemid=1&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{B01AA892-6B9E-4499-A04D-26B85A08E996}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2612669
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://dl.ask.com/toolbarv/askRedirect.jsp?gct=&gc=1&q={searchTerms}&crm=1&toolbar=GV2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B0153E448-190B-4987-BDE1-F256CADA672F%7D:15.0.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2010.9.0.6
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2013/02/07 18:07:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2013/02/07 18:05:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\PremierOpinion
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/04 08:22:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/09/02 00:12:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/05 22:11:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/05 22:09:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/05 22:11:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/05 22:09:52 | 000,000,000 | ---D | M]
 
[2010/08/22 07:58:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Computer_Ångels\AppData\Roaming\Mozilla\Extensions
[2013/02/04 15:48:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Computer_Ångels\AppData\Roaming\Mozilla\Firefox\Profiles\6vo0kmyb.default\extensions
[2013/01/31 07:27:42 | 000,000,000 | ---D | M] ("App Recommendations") -- C:\Users\Computer_Ångels\AppData\Roaming\Mozilla\Firefox\Profiles\6vo0kmyb.default\extensions\crossriderapp16160@crossrider.com
[2013/01/31 07:27:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Computer_Ångels\AppData\Roaming\Mozilla\Firefox\Profiles\6vo0kmyb.default\extensions\crossriderapp16160@crossrider.com\chrome\content\extensionCode
[2012/03/01 23:06:51 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Computer_Ångels\AppData\Roaming\Mozilla\Firefox\Profiles\6vo0kmyb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/02/05 22:09:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/08/04 08:22:48 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2013/02/05 22:11:12 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/06 20:18:35 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2010/10/06 20:18:37 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/08/04 08:22:13 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2011/03/01 19:10:27 | 000,002,242 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\AOL Search.xml
[2012/07/11 18:50:18 | 000,002,275 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ask.xml
[2012/12/02 21:30:35 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/10/08 15:06:03 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/29 13:57:53 | 000,002,513 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/10/25 02:43:14 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/07/09 16:43:15 | 000,001,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober448270339.xml
 
O1 HOSTS File: ([2010/08/22 09:51:40 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Morpheus Music\Plugins\RazaWebHook.dll (Shareaza Pty. Ltd.)
O2 - BHO: (App Recommendations) - {11111111-1111-1111-1111-110111611160} - Reg Error: Value error. File not found
O2 - BHO: (RivalGaming Games) - {26D675AC-D925-4bbf-A720-62C2AA4A81EB} - C:\Users\Patricia\AppData\Local\RivalGaming\RivalGaming.dll File not found
O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Patricia\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (Vaudix Class) - {A04847D3-DA99-2952-02B7-D3EB3A644C99} - Reg Error: Value error. File not found
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (DataMngr) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\BROWSE~1.DLL File not found
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Price Check by AOL) - {D25B97E9-62B2-40CE-BECF-E43A7B879072} - C:\Program Files\Price Check by AOL\aolpricecheck.dll (AOL Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {6F094B04-2C69-4FF3-AC74-D9716E97E296} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [Dell AIO Printer 948 Fax Server] C:\Program Files\Dell AIO Printer 948\fm3032.exe ()
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [dldfmon.exe] C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1174251251\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell AIO Printer 948\memcard.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Otshot] c:\program files\otshot\otshot.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SMessaging] C:\Program Files\SOS Online Backup\SMessaging.exe (SOS Online Backup)
O4 - HKLM..\Run: [SOSUAUI] C:\Program Files\SOS Online Backup\sosuploadagent.exe (SOS Online Backup)
O4 - HKLM..\Run: [SpeetItUpFree] "C:\Program Files\SpeedItup Free\speeditupfree.exe" File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US File not found
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKCU..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Shareaza] C:\Program Files\Morpheus Music\Morpheus Music.exe (DevHancer LLC)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found
O4 - HKCU..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 File not found
O4 - HKCU..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html File not found
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Download with &Shareaza - C:\Program Files\Morpheus Music\Plugins\RazaWebHook.dll (Shareaza Pty. Ltd.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.152.128.23 205.152.37.23 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C53049C-DCF6-4A4F-BDCD-E084915C7519}: DhcpNameServer = 205.152.128.23 205.152.37.23 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A741A22A-F940-46E9-96AB-8F8BD92F98AE}: NameServer = 205.188.146.145
O20 - AppInit_DLLs: (c:\progra~2\browse~1\25911~1.18\{c16c1~1\mngr.dll) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{61ff33be-ccdb-11dd-8faf-00038a000015}\Shell\AutoRun\command - "" = F:\rcaeasyrip_setup.exe
O33 - MountPoints2\{61ff33be-ccdb-11dd-8faf-00038a000015}\Shell\install\command - "" = F:\rcaeasyrip_setup.exe
O33 - MountPoints2\{61ff33be-ccdb-11dd-8faf-00038a000015}\Shell\usermanualEnglish\command - "" = F:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{61ff33be-ccdb-11dd-8faf-00038a000015}\Shell\usermanualFrench\command - "" = F:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{61ff33be-ccdb-11dd-8faf-00038a000015}\Shell\usermanualSpanish\command - "" = F:\rcaeasyrip_setup.exe /pdf_Spanish
O33 - MountPoints2\{9195a69e-8004-11dc-b216-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{9195a69e-8004-11dc-b216-00038a000015}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\{dbb1b4c3-d3a2-11dd-897e-00038a000015}\Shell\AutoRun\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{dbb1b4c3-d3a2-11dd-897e-00038a000015}\Shell\install\command - "" = G:\rcaeasyrip_setup.exe
O33 - MountPoints2\{dbb1b4c3-d3a2-11dd-897e-00038a000015}\Shell\usermanualEnglish\command - "" = G:\rcaeasyrip_setup.exe /pdf_English
O33 - MountPoints2\{dbb1b4c3-d3a2-11dd-897e-00038a000015}\Shell\usermanualFrench\command - "" = G:\rcaeasyrip_setup.exe /pdf_French
O33 - MountPoints2\{dbb1b4c3-d3a2-11dd-897e-00038a000015}\Shell\usermanualSpanish\command - "" = G:\rcaeasyrip_setup.exe /pdf_Spanish
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/02/07 18:13:00 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Computer_Ångels\Desktop\aswMBR.exe
[2013/02/07 18:09:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Computer_Ångels\Desktop\OTL.exe
[2013/02/05 22:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/05 07:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/02/05 07:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/02/05 07:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013/02/04 16:10:16 | 000,000,000 | ---D | C] -- C:\Windows\en
[2013/02/04 16:01:40 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\AppData\Local\Windows Live
[2013/02/04 15:36:26 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\AppData\Local\PackageAware
[2013/02/04 07:31:41 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013/02/04 07:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/02/04 07:21:48 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\AppData\Local\Adobe
[2013/02/02 06:50:17 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\Doctor Web
[2013/02/01 09:41:21 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\Desktop\RK_Quarantine
[2013/01/31 19:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/31 07:15:05 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\AppData\Local\Macromedia
[2013/01/31 07:10:32 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\AppData\Local\WeatherBug
[2013/01/31 07:09:36 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\AppData\Roaming\Fighters
[2013/01/31 07:09:25 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\AppData\Roaming\WeatherBug
[2013/01/31 07:08:22 | 000,000,000 | ---D | C] -- C:\Users\Computer_Ångels\AppData\Roaming\Real
[2013/01/12 01:46:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013/01/12 01:46:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/07 18:25:01 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{64A4DFA1-B6D0-4121-9026-314C3619049A}.job
[2013/02/07 18:25:00 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1365AA1C-2669-40E1-9EAC-09732999B3AE}.job
[2013/02/07 18:25:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{78609D89-641F-496D-ADE3-6D9E3C2BABE9}.job
[2013/02/07 18:25:00 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E3353FC1-5FEE-4F61-AEA7-DC7E05C4673E}.job
[2013/02/07 18:20:16 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/07 18:14:15 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Computer_Ångels\Desktop\aswMBR.exe
[2013/02/07 18:09:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Computer_Ångels\Desktop\OTL.exe
[2013/02/07 18:07:02 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771365451-3538896699-1918225999-1010UA.job
[2013/02/07 18:03:24 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/07 18:02:51 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2013/02/07 18:01:51 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/07 18:01:51 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/07 18:01:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/07 18:01:32 | 000,451,032 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/02/07 17:49:23 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/04 17:40:00 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2013/02/04 07:27:23 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2013/02/03 07:16:29 | 383,348,136 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/02/01 15:07:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-771365451-3538896699-1918225999-1010Core.job
[2013/02/01 09:46:16 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2013/02/01 09:39:03 | 000,511,745 | ---- | M] () -- C:\Users\Computer_Ångels\AppData\Local\census.cache
[2013/02/01 09:38:37 | 000,254,884 | ---- | M] () -- C:\Users\Computer_Ångels\AppData\Local\ars.cache
[2013/01/31 19:52:27 | 000,000,306 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{60E0CDCE-F9C1-4ED6-8017-A23D03F5FF46}.job
[2013/01/31 07:28:39 | 000,710,504 | ---- | M] () -- C:\Windows\is-K5OMV.exe
[2013/01/31 07:28:39 | 000,011,277 | ---- | M] () -- C:\Windows\is-K5OMV.msg
[2013/01/31 07:28:39 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/31 07:28:39 | 000,000,380 | ---- | M] () -- C:\Windows\is-K5OMV.lst
[2013/01/31 07:16:02 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Computer_Ångels\Desktop\rkill.exe
[2013/01/31 07:05:40 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\RPCReminder.job
[2013/01/30 03:15:30 | 000,665,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/01/30 03:15:30 | 000,129,798 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/01/11 22:43:56 | 000,000,189 | ---- | M] () -- C:\Program Files\12I7PNRJ.bat
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/04 16:09:15 | 000,001,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2013/02/04 16:08:35 | 000,001,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2013/02/04 16:07:04 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2013/02/04 16:06:06 | 000,001,987 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2013/02/04 07:23:24 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2013/02/04 07:23:24 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2013/02/03 07:16:29 | 383,348,136 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/02/01 09:39:03 | 000,511,745 | ---- | C] () -- C:\Users\Computer_Ångels\AppData\Local\census.cache
[2013/02/01 09:38:37 | 000,254,884 | ---- | C] () -- C:\Users\Computer_Ångels\AppData\Local\ars.cache
[2013/01/31 19:52:27 | 000,000,306 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{60E0CDCE-F9C1-4ED6-8017-A23D03F5FF46}.job
[2013/01/31 07:28:39 | 000,710,504 | ---- | C] () -- C:\Windows\is-K5OMV.exe
[2013/01/31 07:28:39 | 000,011,277 | ---- | C] () -- C:\Windows\is-K5OMV.msg
[2013/01/31 07:28:39 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/31 07:28:39 | 000,000,380 | ---- | C] () -- C:\Windows\is-K5OMV.lst
[2013/01/31 07:22:35 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2013/01/11 22:43:56 | 000,000,189 | ---- | C] () -- C:\Program Files\12I7PNRJ.bat
[2012/07/21 23:22:34 | 000,425,984 | ---- | C] () -- C:\Windows\System32\WinCMR.dll
[2012/07/09 16:41:28 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/03/03 14:57:24 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2012/03/03 02:18:45 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/03/03 02:18:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/03/02 04:10:10 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/08/22 11:05:52 | 000,000,036 | ---- | C] () -- C:\Users\Computer_Ångels\AppData\Local\housecall.guid.cache
[2010/08/22 08:29:36 | 000,000,760 | ---- | C] () -- C:\Users\Computer_Ångels\AppData\Roaming\setup_ldm.iss
[2010/08/22 07:24:22 | 000,000,632 | RHS- | C] () -- C:\Users\Computer_Ångels\ntuser.pol
[2008/04/05 19:29:40 | 000,000,053 | ---- | C] () -- C:\ProgramData\dldf
 
========== ZeroAccess Check ==========
 
[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010/08/22 07:39:04 | 000,000,000 | ---D | M] -- C:\Users\Computer_Ångels\AppData\Roaming\948 Series
[2013/01/31 07:09:37 | 000,000,000 | ---D | M] -- C:\Users\Computer_Ångels\AppData\Roaming\Fighters
[2012/03/02 20:20:10 | 000,000,000 | ---D | M] -- C:\Users\Computer_Ångels\AppData\Roaming\PCDr
[2013/01/31 07:09:25 | 000,000,000 | ---D | M] -- C:\Users\Computer_Ångels\AppData\Roaming\WeatherBug
 
========== Purity Check ==========
 
 

< End of report >
 

OTL Extras logfile created on: 2/7/2013 6:13:24 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Computer_Ångels\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.94 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 36.50% Memory free
5.65 Gb Paging File | 3.82 Gb Available in Paging File | 67.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 64.46 Gb Total Space | 1.84 Gb Free Space | 2.85% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.58 Gb Free Space | 55.75% Space Free | Partition Type: NTFS
 
Computer Name: ROBERTMCKOY-PC | User Name: Computer_Ångels | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BC9B9CE-D0EE-4C7D-8452-E1EDE77527F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{707FD027-4150-4624-A207-E9748ACF7A20}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{78C7A732-CE7F-4D64-AB00-AAE8683B6504}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C2DFA863-1B8D-41AC-96C9-156A5AAA8D9A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CC7A811D-38D2-4346-B218-8EB43390E8D1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D3CA1E-8677-4DE6-9166-16547B4E640E}" = protocol=6 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"{0687E646-BED5-4BF7-942A-B5919DD72480}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{0C162B3B-4303-4FC4-9D78-B68B80914A24}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{13CEEF78-4BCE-4BB4-A90E-C504047ECA92}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{16E7AD29-1A45-471D-BAA4-B86537282257}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1940CFAC-7679-4EBE-B750-13F3CEA5C30F}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{1E5D3CAC-308D-41F8-9AAB-3492D19CEBB2}" = protocol=17 | dir=in | app=c:\windows\system32\dldfcoms.exe |
"{202CF445-CA15-4C1B-9B46-1F4A6D0BE897}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{23075AC3-2693-4A2E-89BC-A166F8FABC26}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{2DE3958F-7E7C-4052-B48A-194B68C9EF3B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{38A85D18-760D-451E-AE83-4645677A597E}" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\memcard.exe |
"{38B71393-6D89-48B4-8C74-29FE40F99B2D}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{3ACBA6E8-02BC-4F63-927D-16397AD986F4}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfpswx.exe |
"{3ADE5614-86B3-4DCE-9866-09A9CBADFBFF}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{3C10AB46-9C02-473D-B1DF-79D52679D52C}" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\dldfmon.exe |
"{4294D490-426D-4784-B295-CB2F8C0544C0}" = dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"{46F79A64-6760-4A4E-B41E-A42AE1221788}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4AFA9F66-C6EE-4927-BBCC-196A45E23BAC}" = protocol=6 | dir=in | app=c:\users\patricia\appdata\local\temp\~os7a00.tmp\pmropn.exe |
"{4C420813-7FC6-40F5-87B1-976449942397}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4EBDE9BF-C80C-4AC1-8832-9B24A27F81A7}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{4FA5FFEC-DE3C-4A5B-AF45-AE24C28B53C6}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{518339C1-0497-49C3-AF80-0F6F03B0B14D}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{54DAB3F3-4059-4959-8AF9-C04C1A1CAC33}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{5A4FE2B4-20D7-4C01-A0A5-C9E7F703D0FD}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{5EA2E4A7-C532-40AC-A292-D91EBEFBA76B}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{64B81F9D-74A2-451D-B4F3-657A78523508}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.6\aolbrowser\aolbrowser.exe |
"{69D4DACE-6BE2-471E-B47B-B0D04EB75FC3}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{726A6449-E604-418F-8512-5FBB872636EF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfjswx.exe |
"{74FD048D-E2FA-4541-8C34-1D9A8915AA10}" = protocol=6 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{7BD43273-2387-4604-888D-B3EF5356EA05}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{7C887892-5E9B-4692-BDFA-738EFA21F992}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{7E828B68-8B73-4EEA-AAA4-6A67645416F7}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{7FF65D44-398B-4831-BB09-0D3C6A1B2B46}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{823D5B89-985E-4610-9A03-344F5E6D9CB4}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{840A82F5-1A49-463E-A1C5-52F6C67F45B4}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{8552B3CE-E7FB-4ECB-AD64-563D9AB252FD}" = protocol=6 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"{8E5ADCA0-8EEC-4246-BF63-21D14618B0C5}" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\dldfafcn.exe |
"{91C1A18D-AD71-40D6-8C7F-7AAE423A6096}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{95254096-7925-413F-AAD5-9B28EF122493}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{969B0CF2-C4F5-4995-ADA1-6BE07A3726EA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A9E4CC39-7481-459E-B43C-B6D1E4609D30}" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\dldfaiox.exe |
"{AA7600E3-66EF-487B-A9EA-3D6FDBE09DC9}" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\dldfaiox.exe |
"{ADA96945-A8B7-4A49-8117-9EC1DC7299B1}" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\memcard.exe |
"{B2AE58EA-F9C0-463A-A2AC-21ABDAB19DB0}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldftime.exe |
"{B9BE4DBD-E3C0-4BA7-BE1F-D091EDF546C8}" = protocol=6 | dir=in | app=c:\windows\system32\dldfcoms.exe |
"{BDC088E8-E408-467F-9E8B-3BF2AB1BC108}" = protocol=17 | dir=in | app=c:\program files\dell aio printer 948\dldfmon.exe |
"{BF36325B-258B-499D-88A1-7A8EC24B7FE9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C0961177-473E-434F-8ED9-990EEBD2FB6E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{C188CF48-0C7C-4C40-A3D2-E0CC66524B40}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1174251251\ee\aolsoftware.exe |
"{C61B5E3E-2BDF-40E7-8854-1519E12B8D4D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{C678B39D-6B09-444B-9EE8-66DE1D69D8A2}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CB1C973E-C299-4B70-9E05-421D21402FC5}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{CD31F550-D5D7-47FA-B386-ACEF5A9811D0}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.6\aolbrowser\aolbrowser.exe |
"{D67E4A55-5F86-48FE-956A-6320265AE45E}" = protocol=17 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{D8654A71-A1C2-4863-8EAB-7F359241B1D7}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldftime.exe |
"{E4F426A2-2E37-4CE6-A96C-211EAC338B0E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfjswx.exe |
"{E60BF48C-3043-4708-B009-BA1E103259DF}" = protocol=17 | dir=in | app=c:\program files\premieropinion\pmropn.exe |
"{E70FA8C5-58B2-4EE9-AFE2-D242E71FBB54}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{ECE317E9-9D1D-4520-9868-1D2976F71504}" = protocol=17 | dir=in | app=c:\program files\aol desktop 9.6\waol.exe |
"{EFC062AF-43B7-4DCD-B87A-90768F7E9F14}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{F187D93C-D7D6-4DF9-BE47-154AAE4348A2}" = protocol=6 | dir=in | app=c:\program files\dell aio printer 948\dldfafcn.exe |
"{F38A0E49-D318-490E-8FC7-521D093EAC7E}" = protocol=17 | dir=in | app=c:\program files\aol 9.0a\waol.exe |
"{F6871233-9CB9-4EBD-9142-70BBAE926C7A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1174251251\ee\aolsoftware.exe |
"{F7D21167-BBD8-49AE-AF02-2BBF190768B6}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{F9034F6A-CD0C-48AB-89B6-0C65B40B8CA2}" = protocol=6 | dir=in | app=c:\program files\aol desktop 9.6\waol.exe |
"{FA5053F0-08F3-4111-AAA2-2297399367ED}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldfpswx.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Mansion and Garden Stuff
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20207CCE-A8FA-44A7-AA3D-1E43EB307B27}" = Sony Sound Forge Audio Studio 9.0
"{2243C6DC-39EA-4D5E-B743-3AE510A91B3A}" = WeatherBug
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29498512-A137-4478-8691-922829F108DC}" = HP Deskjet 2050 J510 series Product Improvement Study
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.464
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3E99B1F8-61B7-4317-AB38-855810CCE5C3}" = Imikimi Plugin 0.3.0
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Family Fun Stuff
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{70C8CA1F-6E6B-4CCD-B56D-14FE6B309688}" = SOS Online Backup
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Help
"{7ADE3A47-B425-45E9-8FF6-11BE2B775645}" = Corel Snapfire Plus
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{863448D4-F184-4B21-A46B-323C97A2D038}_is1" = 7-Zip File Manager version 9.20
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Documentation & Support Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C244239-ED8E-40f1-937F-51C706CD2160}" = The Sims™ 2 Deluxe
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A08BAD08-9AA3-410F-98F3-C92C8EE37218}" = Safari
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BC4CA8FA-41D2-4B81-8680-E9B7573D6500}" = PlayStation®Network Downloader
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E654D1E3-B18B-4953-BFBC-F16227323E05}" = HP Deskjet 2050 J510 series Basic Device Software
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Celebration! Stuff
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox
"{ED3866E9-4F50-4A47-9945-58D5C97AB56F}" = Media Go
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0B0C7EC-A61C-4180-8FAD-32624F67952D}" = FULL-DISKfighter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"App Recommendations" = App Recommendations
"Chica Password Manager_is1" = Chica Password Manager 1.10.0.11
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Dell AIO Printer 948" = Dell AIO Printer 948
"ESET Online Scanner" = ESET Online Scanner v3
"Fashion Craze" = Fashion Craze
"FULL-DISKfighter" = FULL-DISKfighter
"Homepage Protection" = Homepage Protection
"HP Photo Creations" = HP Photo Creations
"legacyqcam_11.00" = Logitech Legacy USB Camera Driver Package
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Morpheus Music" = Morpheus Music
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mplayer" = Mplayer 0.6.9
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"otshot" = Otshot
"Price Check by AOL" = Price Check by AOL
"RealPlayer 15.0" = RealPlayer
"RegPowerClean_is1" = Winferno Registry Power Cleaner
"Smart PC Cleaner_is1" = Smart PC Cleaner v3.0
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"Supermarket Mania" = Supermarket Mania
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent dell Master Uninstall" = Dell Games
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"YInstHelper" = Yahoo! Install Manager
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Toolbar" = AOL Toolbar
"Google Chrome" = Google Chrome
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 2/4/2013 8:10:29 AM | Computer Name = RobertMcKoy-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1033
Description =
 
Error - 2/4/2013 8:19:15 AM | Computer Name = RobertMcKoy-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 2/4/2013 8:19:15 AM | Computer Name = RobertMcKoy-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 2/4/2013 8:19:19 AM | Computer Name = RobertMcKoy-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 2/4/2013 8:19:19 AM | Computer Name = RobertMcKoy-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 2/4/2013 4:32:51 PM | Computer Name = RobertMcKoy-PC | Source = Perflib | ID = 1010
Description =
 
Error - 2/4/2013 5:03:26 PM | Computer Name = RobertMcKoy-PC | Source = System Restore | ID = 8193
Description =
 
Error - 2/4/2013 5:04:18 PM | Computer Name = RobertMcKoy-PC | Source = System Restore | ID = 8193
Description =
 
Error - 2/5/2013 8:26:17 AM | Computer Name = RobertMcKoy-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16457 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Problem Reports and Solutions control panel.  Process
 ID: 1db0  Start Time: 01ce039bd4ed0380  Termination Time: 47
 
Error - 2/7/2013 7:02:51 PM | Computer Name = RobertMcKoy-PC | Source = Microsoft-Windows-SpoolerSpoolss | ID = 1033
Description =
 
[ Media Center Events ]
Error - 4/1/2008 11:39:13 PM | Computer Name = RobertMcKoy-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 4/16/2008 5:14:20 PM | Computer Name = RobertMcKoy-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 4/18/2008 7:06:16 PM | Computer Name = RobertMcKoy-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 5/25/2008 4:23:43 AM | Computer Name = RobertMcKoy-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 5/29/2008 11:11:13 PM | Computer Name = RobertMcKoy-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 5/31/2008 11:06:21 PM | Computer Name = RobertMcKoy-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 9/25/2008 7:43:35 PM | Computer Name = RobertMcKoy-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
[ System Events ]
Error - 2/6/2013 10:58:58 PM | Computer Name = RobertMcKoy-PC | Source = Service Control Manager | ID = 7011
Description =
 
Error - 2/6/2013 10:59:28 PM | Computer Name = RobertMcKoy-PC | Source = Service Control Manager | ID = 7011
Description =
 
Error - 2/6/2013 11:20:06 PM | Computer Name = RobertMcKoy-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.118 for the Network Card with network
 address 001AA0088CA5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
 sent a DHCPNACK message).
 
Error - 2/7/2013 6:49:05 PM | Computer Name = RobertMcKoy-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.106 for the Network Card with network
 address 001AA0088CA5 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
 sent a DHCPNACK message).
 
Error - 2/7/2013 6:59:33 PM | Computer Name = RobertMcKoy-PC | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
 a page  file on the boot partition and that is large enough to contain all physical
memory.
 
Error - 2/7/2013 7:00:03 PM | Computer Name = RobertMcKoy-PC | Source = volmgr | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
 a page  file on the boot partition and that is large enough to contain all physical
memory.
 
Error - 2/7/2013 7:02:29 PM | Computer Name = RobertMcKoy-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 2/7/2013 7:02:29 PM | Computer Name = RobertMcKoy-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 2/7/2013 7:02:29 PM | Computer Name = RobertMcKoy-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 2/7/2013 7:02:29 PM | Computer Name = RobertMcKoy-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >
 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-07 19:18:33
-----------------------------
19:18:33.372    OS Version: Windows 6.0.6002 Service Pack 2
19:18:33.372    Number of processors: 1 586 0x5F02
19:18:33.372    ComputerName: ROBERTMCKOY-PC  UserName:
19:18:39.253    Initialize success
19:21:47.366    AVAST engine defs: 13020701
19:24:19.226    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000004b
19:24:19.226    Disk 0 Vendor: WDC_WD80 10.0 Size: 76293MB BusType: 6
19:24:19.273    Disk 0 MBR read successfully
19:24:19.289    Disk 0 MBR scan
19:24:19.304    Disk 0 Windows VISTA default MBR code
19:24:19.320    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       39 MB offset 63
19:24:19.382    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        10240 MB offset 81920
19:24:19.429    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS        66012 MB offset 21053440
19:24:19.476    Disk 0 scanning sectors +156246016
19:24:19.710    Disk 0 scanning C:\Windows\system32\drivers
19:25:00.364    Service scanning
19:25:51.532    Modules scanning
19:26:31.094    Disk 0 trace - called modules:
19:26:31.640    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
19:26:31.656    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x869d65f8]
19:26:31.671    3 CLASSPNP.SYS[8aba48b3] -> nt!IofCallDriver -> [0x86481a60]
19:26:31.687    5 acpi.sys[82a0d6bc] -> nt!IofCallDriver -> \Device\0000004b[0x85312c90]
19:26:32.483    AVAST engine scan C:\Windows
19:26:42.389    AVAST engine scan C:\Windows\system32
19:32:02.200    AVAST engine scan C:\Windows\system32\drivers
19:32:29.126    AVAST engine scan C:\Users\Computer_Ångels
19:34:48.503    AVAST engine scan C:\ProgramData
19:44:43.610    Scan finished successfully
19:49:35.877    Disk 0 MBR has been saved successfully to "C:\Users\Computer_Ångels\Desktop\MBR.dat"
19:49:35.893    The log file has been saved successfully to "C:\Users\Computer_Ångels\Desktop\aswMBR.txt"

 



#4 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:09:07 AM

Posted 08 February 2013 - 02:20 AM

Hi,

 

Please uninstall Viewpoint through Add/Remove Programs.

 

 

Next, download ComboFix Save to the Desktop

  • Now, close all open windows
  • Double-click combofix.exe to run the program
  • Follow the prompts.
  • If the option is offered, it is in your best interest to allow the download and install of the Recovery Console when prompted.
  • When told that the RC is installed correctly, press YES to continue scanning for malware.
  • ComboFix will run. Please don't click on the window while the program is running, it may cause your system to stall.
  • CF may reboot the computer and resume running when it restarts.
  • When finished, a log, ComboFix.txt, is produced.
Please provide the contents of the ComboFix report in your reply.


regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#5 LightningMan

LightningMan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 08 February 2013 - 07:53 AM

ComboFix won't run.  I get a window that says "Not Admin!!  You need Administrative privileges to run this tool."



#6 LightningMan

LightningMan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 08 February 2013 - 08:14 AM

By the way, every time I try to run ComboFix, it's as administrator.

 

Okay, this is in the "You're not following instructions" category, but I think this information might be useful to you.  Because I had tried to run ComboFix before I came here for help, I thought there might be something from the previous try interfering with the new try.  So I renamed the folder so I could see what was in it (because the ComboFix folder appeared as a redirect icon to the root of C:\).  I tried running it again, but the fresh folder still didn't run.  So I renamed and deleted the fresh ComboFix folder and tried to delete the first ComboFix folder but the folder wouldn't delete.  So I went inside the folder trying to delete its contents one by one and there was a file named pev.3xe that would not delete.  I have restored the contents of that folder and renamed it back to the name it had and I await your instructions.



#7 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:09:07 AM

Posted 08 February 2013 - 10:30 AM

Please try to run with with right-click "run as administrator".


regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#8 LightningMan

LightningMan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 08 February 2013 - 12:07 PM

I guess I didn't make myself clear.  Right click | run as administrator is how I have tried to run it every time.



#9 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:09:07 AM

Posted 08 February 2013 - 01:02 PM

sorry, I missunderstood you smile.png

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt
  • Please post the contents of that log in your next reply.

regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#10 LightningMan

LightningMan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 08 February 2013 - 01:09 PM

sorry, I missunderstood you smile.png

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt
  • Please post the contents of that log in your next reply.

It's okay.  I didn't make myself clear.  I will do this when I get back home to the infected machine.



#11 LightningMan

LightningMan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 08 February 2013 - 08:38 PM

20:35:58.0420 8764  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:36:00.0449 8764  ============================================================
20:36:00.0449 8764  Current date / time: 2013/02/08 20:36:00.0449
20:36:00.0449 8764  SystemInfo:
20:36:00.0449 8764  
20:36:00.0449 8764  OS Version: 6.0.6002 ServicePack: 2.0
20:36:00.0449 8764  Product type: Workstation
20:36:00.0449 8764  ComputerName: ROBERTMCKOY-PC
20:36:00.0449 8764  UserName: Computer_Ångels
20:36:00.0449 8764  Windows directory: C:\Windows
20:36:00.0449 8764  System windows directory: C:\Windows
20:36:00.0449 8764  Processor architecture: Intel x86
20:36:00.0449 8764  Number of processors: 1
20:36:00.0449 8764  Page size: 0x1000
20:36:00.0449 8764  Boot type: Normal boot
20:36:00.0449 8764  ============================================================
20:36:01.0198 8764  Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:36:01.0214 8764  ============================================================
20:36:01.0214 8764  \Device\Harddisk0\DR0:
20:36:01.0214 8764  MBR partitions:
20:36:01.0214 8764  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1400000
20:36:01.0214 8764  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1414000, BlocksNum 0x80EE000
20:36:01.0214 8764  ============================================================
20:36:01.0229 8764  C: <-> \Device\Harddisk0\DR0\Partition2
20:36:01.0276 8764  D: <-> \Device\Harddisk0\DR0\Partition1
20:36:01.0276 8764  ============================================================
20:36:01.0276 8764  Initialize success
20:36:01.0276 8764  ============================================================
20:36:18.0786 8880  ============================================================
20:36:18.0786 8880  Scan started
20:36:18.0786 8880  Mode: Manual;
20:36:18.0786 8880  ============================================================
20:36:19.0162 8880  ================ Scan system memory ========================
20:36:19.0162 8880  System memory - ok
20:36:19.0177 8880  ================ Scan services =============================
20:36:19.0552 8880  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:36:19.0567 8880  ACPI - ok
20:36:19.0739 8880  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:36:19.0739 8880  AdobeFlashPlayerUpdateSvc - ok
20:36:19.0817 8880  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:36:19.0832 8880  adp94xx - ok
20:36:19.0879 8880  [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:36:19.0879 8880  adpahci - ok
20:36:19.0936 8880  [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:36:19.0936 8880  adpu160m - ok
20:36:19.0967 8880  [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:36:19.0983 8880  adpu320 - ok
20:36:20.0030 8880  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:36:20.0030 8880  AeLookupSvc - ok
20:36:20.0108 8880  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
20:36:20.0123 8880  AFD - ok
20:36:20.0170 8880  [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:36:20.0170 8880  agp440 - ok
20:36:20.0217 8880  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:36:20.0217 8880  aic78xx - ok
20:36:20.0295 8880  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
20:36:20.0295 8880  ALG - ok
20:36:20.0310 8880  [ 3A99CB23A2D326FD532618705D6E3048 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:36:20.0310 8880  aliide - ok
20:36:20.0388 8880  [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:36:20.0388 8880  amdagp - ok
20:36:20.0420 8880  [ 4333C133DBD71C7D7FE4FB1B83F9EE3E ] amdide          C:\Windows\system32\drivers\amdide.sys
20:36:20.0420 8880  amdide - ok
20:36:20.0466 8880  [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:36:20.0466 8880  AmdK7 - ok
20:36:20.0544 8880  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:36:20.0544 8880  AmdK8 - ok
20:36:20.0856 8880  [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS         C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
20:36:20.0856 8880  AOL ACS - ok
20:36:20.0998 8880  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
20:36:20.0998 8880  Appinfo - ok
20:36:21.0185 8880  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:36:21.0201 8880  Apple Mobile Device - ok
20:36:21.0279 8880  [ 5F673180268BB1FDB69C99B6619FE379 ] arc             C:\Windows\system32\drivers\arc.sys
20:36:21.0279 8880  arc - ok
20:36:21.0403 8880  [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:36:21.0403 8880  arcsas - ok
20:36:21.0762 8880  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:36:21.0762 8880  aspnet_state - ok
20:36:21.0840 8880  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:36:21.0840 8880  AsyncMac - ok
20:36:21.0871 8880  [ A779CA2C76DA4FCB595E692C05E8E4EB ] atapi           C:\Windows\system32\drivers\atapi.sys
20:36:21.0887 8880  atapi - ok
20:36:21.0934 8880  [ F1BABE0B950BC4E8D8178046C4ACA0FE ] ATWPKT2         C:\Windows\system32\drivers\ATWPKT2.SYS
20:36:21.0935 8880  ATWPKT2 - ok
20:36:22.0060 8880  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:36:22.0060 8880  AudioEndpointBuilder - ok
20:36:22.0091 8880  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:36:22.0091 8880  Audiosrv - ok
20:36:22.0325 8880  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
20:36:22.0325 8880  BBSvc - ok
20:36:22.0403 8880  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
20:36:22.0418 8880  BBUpdate - ok
20:36:22.0528 8880  [ 08015D34F6FDD0B355805BAD978497C3 ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
20:36:22.0528 8880  bcm4sbxp - ok
20:36:22.0621 8880  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:36:22.0621 8880  Beep - ok
20:36:22.0746 8880  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
20:36:22.0746 8880  BFE - ok
20:36:23.0043 8880  [ D2A55F5FE6B716913FB573872F2E5944 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20130116.013\BHDrvx86.sys
20:36:23.0059 8880  BHDrvx86 - ok
20:36:23.0199 8880  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
20:36:23.0215 8880  BITS - ok
20:36:23.0231 8880  blbdrive - ok
20:36:23.0402 8880  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:36:23.0402 8880  Bonjour Service - ok
20:36:23.0480 8880  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:36:23.0496 8880  bowser - ok
20:36:23.0558 8880  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:36:23.0558 8880  BrFiltLo - ok
20:36:23.0605 8880  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:36:23.0605 8880  BrFiltUp - ok
20:36:23.0683 8880  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
20:36:23.0699 8880  Browser - ok
20:36:23.0745 8880  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:36:23.0745 8880  Brserid - ok
20:36:23.0777 8880  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:36:23.0777 8880  BrSerWdm - ok
20:36:23.0823 8880  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:36:23.0823 8880  BrUsbMdm - ok
20:36:23.0870 8880  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:36:23.0870 8880  BrUsbSer - ok
20:36:23.0917 8880  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:36:23.0917 8880  BTHMODEM - ok
20:36:24.0011 8880  [ 51B327292408B5F3A42E295BCE055859 ] BVRPMPR5        C:\Windows\system32\drivers\BVRPMPR5.SYS
20:36:24.0011 8880  BVRPMPR5 - ok
20:36:24.0182 8880  catchme - ok
20:36:24.0291 8880  [ 2B2F9B4A08190334A9C36446B208BAE9 ] ccSet_NIS       C:\Windows\system32\drivers\NIS\1301010.003\ccSetx86.sys
20:36:24.0291 8880  ccSet_NIS - ok
20:36:24.0338 8880  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:36:24.0338 8880  cdfs - ok
20:36:24.0447 8880  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:36:24.0447 8880  cdrom - ok
20:36:24.0588 8880  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:36:24.0603 8880  CertPropSvc - ok
20:36:24.0635 8880  [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:36:24.0635 8880  circlass - ok
20:36:24.0744 8880  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
20:36:24.0759 8880  CLFS - ok
20:36:24.0853 8880  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:36:24.0869 8880  clr_optimization_v2.0.50727_32 - ok
20:36:24.0947 8880  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:36:24.0962 8880  clr_optimization_v4.0.30319_32 - ok
20:36:25.0009 8880  [ DFB94A6FC3A26972B0461AB5F1D8272B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:36:25.0009 8880  cmdide - ok
20:36:25.0212 8880  [ 046FB09CF6C065D02CDAA791787B9E67 ] Common Toolkit Tools C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe
20:36:25.0212 8880  Common Toolkit Tools - ok
20:36:25.0290 8880  [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:36:25.0290 8880  Compbatt - ok
20:36:25.0321 8880  COMSysApp - ok
20:36:25.0368 8880  [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:36:25.0383 8880  crcdisk - ok
20:36:25.0415 8880  [ 22A7F883508176489F559EE745B5BF5D ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:36:25.0415 8880  Crusoe - ok
20:36:25.0508 8880  [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:36:25.0508 8880  CryptSvc - ok
20:36:25.0633 8880  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:36:25.0649 8880  DcomLaunch - ok
20:36:25.0929 8880  [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\Patricia\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
20:36:25.0929 8880  DefaultTabUpdate - ok
20:36:26.0023 8880  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:36:26.0023 8880  DfsC - ok
20:36:26.0179 8880  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
20:36:26.0257 8880  DFSR - ok
20:36:26.0382 8880  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:36:26.0397 8880  Dhcp - ok
20:36:26.0491 8880  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
20:36:26.0491 8880  disk - ok
20:36:26.0647 8880  [ A53723176D0002FEB486EFF8E17812F2 ] DLABMFSM        C:\Windows\system32\DLA\DLABMFSM.SYS
20:36:26.0647 8880  DLABMFSM - ok
20:36:26.0772 8880  [ D4587063ACEA776699251E177D719586 ] DLABOIOM        C:\Windows\system32\DLA\DLABOIOM.SYS
20:36:26.0772 8880  DLABOIOM - ok
20:36:26.0850 8880  [ 5230CDB7E715F3A3B4A882E254CDD35D ] DLACDBHM        C:\Windows\system32\Drivers\DLACDBHM.SYS
20:36:26.0865 8880  DLACDBHM - ok
20:36:26.0928 8880  [ C950C2E7B9ED1A4FC4A2AC7EC044F1D6 ] DLADResM        C:\Windows\system32\DLA\DLADResM.SYS
20:36:26.0928 8880  DLADResM - ok
20:36:27.0006 8880  [ 24400137E387A24410C52A591F3CFB4D ] DLAIFS_M        C:\Windows\system32\DLA\DLAIFS_M.SYS
20:36:27.0021 8880  DLAIFS_M - ok
20:36:27.0084 8880  [ 29A303FECEB28641ECEBDAE89EB71C63 ] DLAOPIOM        C:\Windows\system32\DLA\DLAOPIOM.SYS
20:36:27.0084 8880  DLAOPIOM - ok
20:36:27.0162 8880  [ C93E33A22A1AE0C5508F3FB1F6D0A50C ] DLAPoolM        C:\Windows\system32\DLA\DLAPoolM.SYS
20:36:27.0162 8880  DLAPoolM - ok
20:36:27.0255 8880  [ 77FE51F0F8D86804CB81F6EF6BFB86DD ] DLARTL_M        C:\Windows\system32\Drivers\DLARTL_M.SYS
20:36:27.0271 8880  DLARTL_M - ok
20:36:27.0349 8880  [ B953498C35A31E5AC98F49ADBCF3E627 ] DLAUDFAM        C:\Windows\system32\DLA\DLAUDFAM.SYS
20:36:27.0349 8880  DLAUDFAM - ok
20:36:27.0396 8880  [ 4897704C093C1F59CE58FC65E1E1EF1E ] DLAUDF_M        C:\Windows\system32\DLA\DLAUDF_M.SYS
20:36:27.0411 8880  DLAUDF_M - ok
20:36:27.0552 8880  [ 37B339FBAC80633CEA47D58A643A7C67 ] dldfCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldfserv.exe
20:36:27.0552 8880  dldfCATSCustConnectService - ok
20:36:27.0614 8880  dldf_device - ok
20:36:27.0723 8880  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:36:27.0723 8880  Dnscache - ok
20:36:27.0801 8880  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:36:27.0801 8880  dot3svc - ok
20:36:27.0879 8880  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
20:36:27.0879 8880  DPS - ok
20:36:27.0957 8880  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:36:27.0957 8880  drmkaud - ok
20:36:28.0035 8880  [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB         C:\Windows\system32\Drivers\DRVMCDB.SYS
20:36:28.0035 8880  DRVMCDB - ok
20:36:28.0113 8880  [ FFC371525AA55D1BAE18715EBCB8797C ] DRVNDDM         C:\Windows\system32\Drivers\DRVNDDM.SYS
20:36:28.0113 8880  DRVNDDM - ok
20:36:28.0223 8880  [ 01D5B95D0A12A916BBDC258629113258 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
20:36:28.0223 8880  DSBrokerService - ok
20:36:28.0332 8880  [ 413F2D5F9D802688242C23B38F767ECB ] DSproct         C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
20:36:28.0332 8880  DSproct - ok
20:36:28.0363 8880  [ 64FA28C15DD71A80BEF3527E1EF07DF6 ] dsunidrv        C:\Program Files\DellSupport\Drivers\dsunidrv.sys
20:36:28.0363 8880  dsunidrv - ok
20:36:28.0472 8880  [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:36:28.0503 8880  DXGKrnl - ok
20:36:28.0550 8880  [ 7505290504C8E2D172FA378CC0497BCC ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
20:36:28.0566 8880  e1express - ok
20:36:28.0613 8880  [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:36:28.0628 8880  E1G60 - ok
20:36:28.0722 8880  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
20:36:28.0722 8880  EapHost - ok
20:36:28.0831 8880  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:36:28.0831 8880  Ecache - ok
20:36:28.0956 8880  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:36:28.0956 8880  eeCtrl - ok
20:36:29.0065 8880  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:36:29.0081 8880  ehRecvr - ok
20:36:29.0143 8880  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
20:36:29.0143 8880  ehSched - ok
20:36:29.0174 8880  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
20:36:29.0174 8880  ehstart - ok
20:36:29.0237 8880  [ E8F3F21A71720C84BCF423B80028359F ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:36:29.0252 8880  elxstor - ok
20:36:29.0377 8880  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:36:29.0393 8880  EMDMgmt - ok
20:36:29.0486 8880  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:36:29.0486 8880  EraserUtilRebootDrv - ok
20:36:29.0611 8880  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
20:36:29.0611 8880  EventSystem - ok
20:36:29.0736 8880  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
20:36:29.0736 8880  exfat - ok
20:36:29.0829 8880  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:36:29.0861 8880  fastfat - ok
20:36:29.0923 8880  [ 63BDADA84951B9C03E641800E176898A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:36:29.0923 8880  fdc - ok
20:36:29.0970 8880  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:36:29.0970 8880  fdPHost - ok
20:36:30.0048 8880  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:36:30.0048 8880  FDResPub - ok
20:36:30.0126 8880  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:36:30.0126 8880  FileInfo - ok
20:36:30.0204 8880  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:36:30.0204 8880  Filetrace - ok
20:36:30.0251 8880  [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:36:30.0251 8880  flpydisk - ok
20:36:30.0344 8880  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:36:30.0344 8880  FltMgr - ok
20:36:30.0469 8880  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
20:36:30.0485 8880  FontCache - ok
20:36:30.0594 8880  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:36:30.0594 8880  FontCache3.0.0.0 - ok
20:36:30.0687 8880  [ D909075FA72C090F27AA926C32CB4612 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
20:36:30.0687 8880  fssfltr - ok
20:36:30.0859 8880  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:36:30.0937 8880  fsssvc - ok
20:36:30.0984 8880  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:36:30.0984 8880  Fs_Rec - ok
20:36:31.0031 8880  [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:36:31.0046 8880  gagp30kx - ok
20:36:31.0187 8880  [ CA60BB05073A106A8EDE8B93C3F69D84 ] GameConsoleService C:\Program Files\Dell Games\Dell Game Console\GameConsoleService.exe
20:36:31.0187 8880  GameConsoleService - ok
20:36:31.0265 8880  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:36:31.0265 8880  GEARAspiWDM - ok
20:36:31.0389 8880  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:36:31.0389 8880  gpsvc - ok
20:36:31.0577 8880  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:36:31.0577 8880  gupdate - ok
20:36:31.0623 8880  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:36:31.0623 8880  gupdatem - ok
20:36:31.0686 8880  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:36:31.0701 8880  HdAudAddService - ok
20:36:31.0795 8880  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:36:31.0842 8880  HDAudBus - ok
20:36:31.0904 8880  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:36:31.0904 8880  HidBth - ok
20:36:31.0951 8880  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:36:31.0951 8880  HidIr - ok
20:36:32.0029 8880  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\System32\hidserv.dll
20:36:32.0029 8880  hidserv - ok
20:36:32.0107 8880  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:36:32.0107 8880  HidUsb - ok
20:36:32.0185 8880  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:36:32.0185 8880  hkmsvc - ok
20:36:32.0232 8880  [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:36:32.0232 8880  HpCISSs - ok
20:36:32.0341 8880  [ 53229DCF431D76434816CD29251168A0 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:36:32.0372 8880  HSF_DPV - ok
20:36:32.0419 8880  [ ED98350ECD4A5A9C9F1E641C09872BB2 ] HSXHWBS2        C:\Windows\system32\DRIVERS\HSXHWBS2.sys
20:36:32.0450 8880  HSXHWBS2 - ok
20:36:32.0528 8880  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:36:32.0544 8880  HTTP - ok
20:36:32.0575 8880  [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:36:32.0591 8880  i2omp - ok
20:36:32.0684 8880  [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:36:32.0684 8880  i8042prt - ok
20:36:32.0715 8880  [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:36:32.0715 8880  iaStorV - ok
20:36:32.0856 8880  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:36:32.0856 8880  IDriverT - ok
20:36:32.0981 8880  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:36:33.0027 8880  idsvc - ok
20:36:33.0215 8880  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20130207.002\IDSvix86.sys
20:36:33.0215 8880  IDSVix86 - ok
20:36:33.0261 8880  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:36:33.0261 8880  iirsp - ok
20:36:33.0371 8880  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:36:33.0386 8880  IKEEXT - ok
20:36:33.0464 8880  [ 1C60617D54BC9F035671A44B75D9F7CC ] intelide        C:\Windows\system32\drivers\intelide.sys
20:36:33.0464 8880  intelide - ok
20:36:33.0511 8880  [ CE44CC04262F28216DD4341E9E36A16F ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:36:33.0511 8880  intelppm - ok
20:36:33.0589 8880  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:36:33.0589 8880  IPBusEnum - ok
20:36:33.0698 8880  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:36:33.0698 8880  IpFilterDriver - ok
20:36:33.0792 8880  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:36:33.0792 8880  iphlpsvc - ok
20:36:33.0823 8880  IpInIp - ok
20:36:33.0854 8880  [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:36:33.0854 8880  IPMIDRV - ok
20:36:33.0948 8880  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:36:33.0948 8880  IPNAT - ok
20:36:34.0041 8880  [ CE004777B92DEA56FE14EC900D20BAA4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:36:34.0041 8880  iPod Service - ok
20:36:34.0119 8880  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:36:34.0119 8880  IRENUM - ok
20:36:34.0135 8880  [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:36:34.0135 8880  isapnp - ok
20:36:34.0182 8880  [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:36:34.0182 8880  iScsiPrt - ok
20:36:34.0197 8880  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:36:34.0197 8880  iteatapi - ok
20:36:34.0213 8880  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:36:34.0229 8880  iteraid - ok
20:36:34.0291 8880  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:36:34.0291 8880  kbdclass - ok
20:36:34.0353 8880  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:36:34.0353 8880  kbdhid - ok
20:36:34.0416 8880  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
20:36:34.0431 8880  KeyIso - ok
20:36:34.0509 8880  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:36:34.0525 8880  KSecDD - ok
20:36:34.0587 8880  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:36:34.0603 8880  KtmRm - ok
20:36:34.0681 8880  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:36:34.0697 8880  LanmanServer - ok
20:36:34.0806 8880  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:36:34.0806 8880  LanmanWorkstation - ok
20:36:34.0899 8880  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:36:34.0899 8880  lltdio - ok
20:36:34.0977 8880  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:36:34.0993 8880  lltdsvc - ok
20:36:35.0055 8880  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:36:35.0055 8880  lmhosts - ok
20:36:35.0133 8880  [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:36:35.0133 8880  LSI_FC - ok
20:36:35.0165 8880  [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:36:35.0165 8880  LSI_SAS - ok
20:36:35.0211 8880  [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:36:35.0211 8880  LSI_SCSI - ok
20:36:35.0305 8880  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
20:36:35.0305 8880  luafv - ok
20:36:35.0477 8880  [ 8113133EC42DD6C566908008CE913EDD ] LVcKap          C:\Windows\system32\DRIVERS\LVcKap.sys
20:36:35.0539 8880  LVcKap - ok
20:36:35.0695 8880  [ 9E41266C68C11D7101A2D18CD1F7553E ] LVCOMSer        C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
20:36:35.0695 8880  LVCOMSer - ok
20:36:35.0851 8880  [ 0DD5B8AF4917A2821047450195C511B3 ] LVMVDrv         C:\Windows\system32\DRIVERS\LVMVDrv.sys
20:36:35.0945 8880  LVMVDrv - ok
20:36:36.0069 8880  [ 92990B040B68632CC3F80A742D163937 ] lvpopflt        C:\Windows\system32\DRIVERS\lvpopflt.sys
20:36:36.0147 8880  lvpopflt - ok
20:36:36.0210 8880  [ 406B1D186F75B4B4832D6237859E1B00 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2Mon.sys
20:36:36.0210 8880  LVPr2Mon - ok
20:36:36.0272 8880  [ 85C2E84BC1224C75A20B5560D5A15DB9 ] LVPrcSrv        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
20:36:36.0272 8880  LVPrcSrv - ok
20:36:36.0366 8880  [ 656180E9C0C5199520972426C44BC2F0 ] LVSrvLauncher   C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
20:36:36.0366 8880  LVSrvLauncher - ok
20:36:36.0444 8880  [ BE5E104BE263921D6842C555DB6A5C23 ] LVUSBSta        C:\Windows\system32\drivers\LVUSBSta.sys
20:36:36.0459 8880  LVUSBSta - ok
20:36:36.0678 8880  [ EACD1EB2D82ED2ADC753AFEEE1D4D660 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
20:36:36.0818 8880  LVUVC - ok
20:36:36.0912 8880  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:36:36.0912 8880  Mcx2Svc - ok
20:36:37.0037 8880  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
20:36:37.0037 8880  MDM - ok
20:36:37.0099 8880  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:36:37.0099 8880  mdmxsdk - ok
20:36:37.0177 8880  [ D153B14FC6598EAE8422A2037553ADCE ] megasas         C:\Windows\system32\drivers\megasas.sys
20:36:37.0177 8880  megasas - ok
20:36:37.0271 8880  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
20:36:37.0271 8880  MMCSS - ok
20:36:37.0364 8880  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
20:36:37.0380 8880  Modem - ok
20:36:37.0473 8880  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:36:37.0473 8880  monitor - ok
20:36:37.0567 8880  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:36:37.0567 8880  mouclass - ok
20:36:37.0629 8880  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:36:37.0629 8880  mouhid - ok
20:36:37.0723 8880  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:36:37.0723 8880  MountMgr - ok
20:36:37.0832 8880  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:36:37.0848 8880  MozillaMaintenance - ok
20:36:37.0895 8880  [ 583A41F26278D9E0EA548163D6139397 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:36:37.0910 8880  mpio - ok
20:36:37.0988 8880  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:36:37.0988 8880  mpsdrv - ok
20:36:38.0066 8880  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:36:38.0082 8880  MpsSvc - ok
20:36:38.0097 8880  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:36:38.0097 8880  Mraid35x - ok
20:36:38.0175 8880  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:36:38.0175 8880  MRxDAV - ok
20:36:38.0253 8880  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:36:38.0253 8880  mrxsmb - ok
20:36:38.0269 8880  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:36:38.0269 8880  mrxsmb10 - ok
20:36:38.0300 8880  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:36:38.0300 8880  mrxsmb20 - ok
20:36:38.0331 8880  [ F0EC3A4E0693A34B148723B4DA31668C ] msahci          C:\Windows\system32\drivers\msahci.sys
20:36:38.0331 8880  msahci - ok
20:36:38.0363 8880  [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:36:38.0378 8880  msdsm - ok
20:36:38.0441 8880  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
20:36:38.0441 8880  MSDTC - ok
20:36:38.0503 8880  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:36:38.0503 8880  Msfs - ok
20:36:38.0597 8880  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:36:38.0597 8880  msisadrv - ok
20:36:38.0675 8880  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:36:38.0675 8880  MSiSCSI - ok
20:36:38.0737 8880  msiserver - ok
20:36:38.0846 8880  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:36:38.0846 8880  MSKSSRV - ok
20:36:38.0924 8880  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:36:38.0924 8880  MSPCLOCK - ok
20:36:39.0002 8880  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:36:39.0002 8880  MSPQM - ok
20:36:39.0096 8880  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:36:39.0111 8880  MsRPC - ok
20:36:39.0189 8880  [ 7DBAA028F625AA46B95DDA4FBE4B602B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:36:39.0189 8880  mssmbios - ok
20:36:39.0252 8880  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:36:39.0267 8880  MSTEE - ok
20:36:39.0345 8880  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
20:36:39.0345 8880  Mup - ok
20:36:39.0439 8880  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
20:36:39.0455 8880  napagent - ok
20:36:39.0564 8880  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:36:39.0579 8880  NativeWifiP - ok
20:36:39.0704 8880  [ 7D7A3BC6640C1A0D1442816B30856928 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20130208.003\NAVENG.SYS
20:36:39.0704 8880  NAVENG - ok
20:36:39.0798 8880  [ 28494C43D62AA7584BDCA2FADFBC4D11 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20130208.003\NAVEX15.SYS
20:36:39.0813 8880  NAVEX15 - ok
20:36:39.0938 8880  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:36:39.0969 8880  NDIS - ok
20:36:40.0047 8880  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:36:40.0047 8880  NdisTapi - ok
20:36:40.0110 8880  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:36:40.0110 8880  Ndisuio - ok
20:36:40.0188 8880  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:36:40.0203 8880  NdisWan - ok
20:36:40.0281 8880  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:36:40.0281 8880  NDProxy - ok
20:36:40.0359 8880  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:36:40.0359 8880  NetBIOS - ok
20:36:40.0453 8880  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:36:40.0453 8880  netbt - ok
20:36:40.0500 8880  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
20:36:40.0500 8880  Netlogon - ok
20:36:40.0593 8880  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
20:36:40.0593 8880  Netman - ok
20:36:40.0718 8880  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:36:40.0718 8880  NetMsmqActivator - ok
20:36:40.0749 8880  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:36:40.0749 8880  NetPipeActivator - ok
20:36:40.0843 8880  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
20:36:40.0843 8880  netprofm - ok
20:36:40.0874 8880  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:36:40.0874 8880  NetTcpActivator - ok
20:36:40.0905 8880  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:36:40.0921 8880  NetTcpPortSharing - ok
20:36:41.0030 8880  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:36:41.0030 8880  nfrd960 - ok
20:36:41.0124 8880  [ E127420B7FEB65C7F279EAAC183BBC0E ] NIS             C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
20:36:41.0124 8880  NIS - ok
20:36:41.0202 8880  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:36:41.0202 8880  NlaSvc - ok
20:36:41.0264 8880  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:36:41.0264 8880  Npfs - ok
20:36:41.0342 8880  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
20:36:41.0342 8880  nsi - ok
20:36:41.0405 8880  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:36:41.0405 8880  nsiproxy - ok
20:36:41.0514 8880  [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:36:41.0545 8880  Ntfs - ok
20:36:41.0576 8880  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:36:41.0576 8880  ntrigdigi - ok
20:36:41.0654 8880  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
20:36:41.0654 8880  Null - ok
20:36:41.0857 8880  [ B02587FA997723297384C95F424E78FA ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:36:41.0982 8880  nvlddmkm - ok
20:36:42.0013 8880  [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:36:42.0013 8880  nvraid - ok
20:36:42.0044 8880  [ 4A5FCAB82D9BF6AF8A023A66802FE9E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:36:42.0044 8880  nvstor - ok
20:36:42.0122 8880  [ DC5F166422BEEBF195E3E4BB8AB4EE22 ] nvstor32        C:\Windows\system32\DRIVERS\nvstor32.sys
20:36:42.0122 8880  nvstor32 - ok
20:36:42.0153 8880  [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:36:42.0153 8880  nv_agp - ok
20:36:42.0169 8880  NwlnkFlt - ok
20:36:42.0185 8880  NwlnkFwd - ok
20:36:42.0200 8880  [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:36:42.0200 8880  ohci1394 - ok
20:36:42.0278 8880  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:36:42.0278 8880  ose - ok
20:36:42.0372 8880  otshot - ok
20:36:42.0465 8880  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:36:42.0481 8880  p2pimsvc - ok
20:36:42.0528 8880  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:36:42.0543 8880  p2psvc - ok
20:36:42.0606 8880  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
20:36:42.0621 8880  Parport - ok
20:36:42.0684 8880  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:36:42.0684 8880  partmgr - ok
20:36:42.0731 8880  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:36:42.0731 8880  Parvdm - ok
20:36:42.0824 8880  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:36:42.0824 8880  PcaSvc - ok
20:36:42.0902 8880  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
20:36:42.0918 8880  pci - ok
20:36:42.0949 8880  [ 20B869152448F80AC49CF10264E91F5E ] pciide          C:\Windows\system32\drivers\pciide.sys
20:36:42.0949 8880  pciide - ok
20:36:42.0980 8880  [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:36:42.0980 8880  pcmcia - ok
20:36:43.0058 8880  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:36:43.0089 8880  PEAUTH - ok
20:36:43.0214 8880  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
20:36:43.0230 8880  pla - ok
20:36:43.0308 8880  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:36:43.0323 8880  PlugPlay - ok
20:36:43.0386 8880  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:36:43.0401 8880  PNRPAutoReg - ok
20:36:43.0448 8880  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:36:43.0464 8880  PNRPsvc - ok
20:36:43.0542 8880  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:36:43.0542 8880  PolicyAgent - ok
20:36:43.0604 8880  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:36:43.0604 8880  PptpMiniport - ok
20:36:43.0635 8880  [ 0E3CEF5D28B40CF273281D620C50700A ] Processor       C:\Windows\system32\drivers\processr.sys
20:36:43.0651 8880  Processor - ok
20:36:43.0713 8880  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:36:43.0729 8880  ProfSvc - ok
20:36:43.0745 8880  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
20:36:43.0745 8880  ProtectedStorage - ok
20:36:43.0807 8880  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:36:43.0807 8880  PSched - ok
20:36:43.0901 8880  [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
20:36:43.0901 8880  PxHelp20 - ok
20:36:43.0947 8880  [ CCDAC889326317792480C0A67156A1EC ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:36:43.0979 8880  ql2300 - ok
20:36:44.0025 8880  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:36:44.0025 8880  ql40xx - ok
20:36:44.0103 8880  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
20:36:44.0119 8880  QWAVE - ok
20:36:44.0181 8880  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:36:44.0181 8880  QWAVEdrv - ok
20:36:44.0337 8880  [ E642B131FB74CAF4BB8A014F31113142 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
20:36:44.0431 8880  R300 - ok
20:36:44.0509 8880  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:36:44.0509 8880  RasAcd - ok
20:36:44.0587 8880  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
20:36:44.0587 8880  RasAuto - ok
20:36:44.0665 8880  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:36:44.0681 8880  Rasl2tp - ok
20:36:44.0774 8880  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
20:36:44.0790 8880  RasMan - ok
20:36:44.0883 8880  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:36:44.0883 8880  RasPppoe - ok
20:36:44.0977 8880  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:36:44.0993 8880  RasSstp - ok
20:36:45.0071 8880  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:36:45.0086 8880  rdbss - ok
20:36:45.0180 8880  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:36:45.0180 8880  RDPCDD - ok
20:36:45.0258 8880  [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:36:45.0273 8880  rdpdr - ok
20:36:45.0320 8880  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:36:45.0320 8880  RDPENCDD - ok
20:36:45.0414 8880  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:36:45.0429 8880  RDPWD - ok
20:36:45.0523 8880  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:36:45.0523 8880  RemoteAccess - ok
20:36:45.0617 8880  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:36:45.0617 8880  RemoteRegistry - ok
20:36:45.0773 8880  [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
20:36:45.0804 8880  RoxMediaDB9 - ok
20:36:45.0913 8880  [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
20:36:45.0913 8880  RoxWatch9 - ok
20:36:45.0975 8880  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
20:36:45.0975 8880  RpcLocator - ok
20:36:46.0069 8880  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
20:36:46.0085 8880  RpcSs - ok
20:36:46.0178 8880  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:36:46.0178 8880  rspndr - ok
20:36:46.0225 8880  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
20:36:46.0225 8880  SamSs - ok
20:36:46.0272 8880  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:36:46.0272 8880  sbp2port - ok
20:36:46.0365 8880  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:36:46.0381 8880  SCardSvr - ok
20:36:46.0475 8880  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
20:36:46.0490 8880  Schedule - ok
20:36:46.0584 8880  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:36:46.0584 8880  SCPolicySvc - ok
20:36:46.0662 8880  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:36:46.0677 8880  SDRSVC - ok
20:36:46.0709 8880  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:36:46.0709 8880  secdrv - ok
20:36:46.0787 8880  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
20:36:46.0802 8880  seclogon - ok
20:36:46.0880 8880  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\system32\sens.dll
20:36:46.0880 8880  SENS - ok
20:36:46.0943 8880  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:36:46.0958 8880  Serenum - ok
20:36:47.0005 8880  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
20:36:47.0005 8880  Serial - ok
20:36:47.0036 8880  [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:36:47.0036 8880  sermouse - ok
20:36:47.0130 8880  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:36:47.0130 8880  SessionEnv - ok
20:36:47.0161 8880  [ 103B79418DA647736EE95645F305F68A ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:36:47.0161 8880  sffdisk - ok
20:36:47.0208 8880  [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:36:47.0208 8880  sffp_mmc - ok
20:36:47.0239 8880  [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:36:47.0239 8880  sffp_sd - ok
20:36:47.0255 8880  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:36:47.0255 8880  sfloppy - ok
20:36:47.0348 8880  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:36:47.0348 8880  SharedAccess - ok
20:36:47.0426 8880  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:36:47.0426 8880  ShellHWDetection - ok
20:36:47.0473 8880  [ 08072B2FB92477FC813271A84B3A8698 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:36:47.0473 8880  sisagp - ok
20:36:47.0504 8880  [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:36:47.0520 8880  SiSRaid2 - ok
20:36:47.0551 8880  [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:36:47.0551 8880  SiSRaid4 - ok
20:36:47.0738 8880  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
20:36:47.0816 8880  slsvc - ok
20:36:47.0894 8880  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:36:47.0894 8880  SLUINotify - ok
20:36:47.0988 8880  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:36:47.0988 8880  Smb - ok
20:36:48.0066 8880  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:36:48.0081 8880  SNMPTRAP - ok
20:36:48.0159 8880  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
20:36:48.0159 8880  spldr - ok
20:36:48.0222 8880  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
20:36:48.0222 8880  Spooler - ok
20:36:48.0378 8880  sprtsvc_dellsupportcenter - ok
20:36:48.0487 8880  [ 2C5FBF6A00A4A3DCF643E46E8ACB20C2 ] SRTSP           C:\Windows\system32\drivers\NIS\1301010.003\SRTSP.SYS
20:36:48.0487 8880  SRTSP - ok
20:36:48.0534 8880  [ 9034EA58552B55F370E5293A7175C5AC ] SRTSPX          C:\Windows\system32\drivers\NIS\1301010.003\SRTSPX.SYS
20:36:48.0534 8880  SRTSPX - ok
20:36:48.0612 8880  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:36:48.0627 8880  srv - ok
20:36:48.0705 8880  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:36:48.0721 8880  srv2 - ok
20:36:48.0799 8880  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:36:48.0799 8880  srvnet - ok
20:36:48.0893 8880  [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
20:36:48.0893 8880  sscdbus - ok
20:36:48.0986 8880  [ 751E66EB32EFA80633B80F5D7FF0A1D8 ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
20:36:48.0986 8880  sscdserd - ok
20:36:49.0080 8880  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:36:49.0095 8880  SSDPSRV - ok
20:36:49.0189 8880  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:36:49.0189 8880  SstpSvc - ok
20:36:49.0298 8880  [ 9CEA131B5EB0EA653F6B3EA80B54956D ] STHDA           C:\Windows\system32\drivers\stwrt.sys
20:36:49.0329 8880  STHDA - ok
20:36:49.0454 8880  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
20:36:49.0470 8880  stisvc - ok
20:36:49.0563 8880  [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:36:49.0563 8880  stllssvr - ok
20:36:49.0735 8880  [ 8D244018E1268C6E0345DF087BFAE422 ] Suite Service   C:\Program Files\Fighters\FighterSuiteService.exe
20:36:49.0782 8880  Suite Service - ok
20:36:49.0907 8880  [ 3B80B4383C9BCE13279C8482734B32B2 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:36:49.0907 8880  swenum - ok
20:36:49.0985 8880  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
20:36:50.0000 8880  swprv - ok
20:36:50.0016 8880  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:36:50.0031 8880  Symc8xx - ok
20:36:50.0094 8880  [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS           C:\Windows\system32\drivers\NIS\1301010.003\SYMDS.SYS
20:36:50.0109 8880  SymDS - ok
20:36:50.0187 8880  [ A0C7005387BB6F055BB50BD8E779368B ] SymEFA          C:\Windows\system32\drivers\NIS\1301010.003\SYMEFA.SYS
20:36:50.0219 8880  SymEFA - ok
20:36:50.0297 8880  [ 98D28D08E68145FB550EE7670B43BAF2 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
20:36:50.0297 8880  SymEvent - ok
20:36:50.0390 8880  [ 39C35DDBB570E9F334F239248E4DE34D ] SymIRON         C:\Windows\system32\drivers\NIS\1301010.003\Ironx86.SYS
20:36:50.0406 8880  SymIRON - ok
20:36:50.0453 8880  [ 671753E39B8F12CF9B6BCEFCB19F89B0 ] SYMTDIv         C:\Windows\system32\drivers\NIS\1301010.003\SYMTDIV.SYS
20:36:50.0468 8880  SYMTDIv - ok
20:36:50.0531 8880  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:36:50.0531 8880  Sym_hi - ok
20:36:50.0593 8880  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:36:50.0593 8880  Sym_u3 - ok
20:36:50.0702 8880  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
20:36:50.0718 8880  SysMain - ok
20:36:50.0765 8880  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:36:50.0780 8880  TabletInputService - ok
20:36:50.0858 8880  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:36:50.0874 8880  TapiSrv - ok
20:36:50.0952 8880  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
20:36:50.0952 8880  TBS - ok
20:36:51.0061 8880  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:36:51.0108 8880  Tcpip - ok
20:36:51.0170 8880  [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:36:51.0170 8880  Tcpip6 - ok
20:36:51.0264 8880  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:36:51.0264 8880  tcpipreg - ok
20:36:51.0342 8880  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:36:51.0343 8880  TDPIPE - ok
20:36:51.0421 8880  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:36:51.0421 8880  TDTCP - ok
20:36:51.0499 8880  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:36:51.0499 8880  tdx - ok
20:36:51.0561 8880  [ 849ED71967D45F15C3E0ABFC633FDF2A ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:36:51.0561 8880  TermDD - ok
20:36:51.0655 8880  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
20:36:51.0670 8880  TermService - ok
20:36:51.0717 8880  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
20:36:51.0717 8880  Themes - ok
20:36:51.0811 8880  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:36:51.0811 8880  THREADORDER - ok
20:36:51.0904 8880  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
20:36:51.0904 8880  TrkWks - ok
20:36:51.0998 8880  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:36:51.0998 8880  TrustedInstaller - ok
20:36:52.0060 8880  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:36:52.0060 8880  tssecsrv - ok
20:36:52.0170 8880  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:36:52.0170 8880  tunmp - ok
20:36:52.0216 8880  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:36:52.0216 8880  tunnel - ok
20:36:52.0263 8880  [ C3ADE15414120033A36C0F293D4A4121 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:36:52.0263 8880  uagp35 - ok
20:36:52.0341 8880  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:36:52.0341 8880  udfs - ok
20:36:52.0419 8880  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:36:52.0419 8880  UI0Detect - ok
20:36:52.0466 8880  [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:36:52.0466 8880  uliagpkx - ok
20:36:52.0497 8880  [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:36:52.0513 8880  uliahci - ok
20:36:52.0528 8880  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:36:52.0528 8880  UlSata - ok
20:36:52.0560 8880  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:36:52.0560 8880  ulsata2 - ok
20:36:52.0622 8880  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:36:52.0622 8880  umbus - ok
20:36:52.0700 8880  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
20:36:52.0716 8880  upnphost - ok
20:36:52.0809 8880  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:36:52.0809 8880  USBAAPL - ok
20:36:52.0887 8880  [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
20:36:52.0887 8880  usbaudio - ok
20:36:52.0981 8880  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:36:52.0981 8880  usbccgp - ok
20:36:53.0028 8880  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:36:53.0043 8880  usbcir - ok
20:36:53.0106 8880  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:36:53.0106 8880  usbehci - ok
20:36:53.0199 8880  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:36:53.0215 8880  usbhub - ok
20:36:53.0246 8880  [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
20:36:53.0262 8880  usbohci - ok
20:36:53.0340 8880  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:36:53.0340 8880  usbprint - ok
20:36:53.0449 8880  [ A508C9BD8724980512136B039BBA65E9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:36:53.0449 8880  usbscan - ok
20:36:53.0527 8880  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:36:53.0542 8880  USBSTOR - ok
20:36:53.0605 8880  [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:36:53.0605 8880  usbuhci - ok
20:36:53.0683 8880  [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:36:53.0683 8880  usbvideo - ok
20:36:53.0761 8880  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
20:36:53.0776 8880  UxSms - ok
20:36:53.0964 8880  V - ok
20:36:54.0057 8880  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
20:36:54.0073 8880  vds - ok
20:36:54.0120 8880  [ 7D92BE0028ECDEDEC74617009084B5EF ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:36:54.0120 8880  vga - ok
20:36:54.0182 8880  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:36:54.0182 8880  VgaSave - ok
20:36:54.0229 8880  [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:36:54.0229 8880  viaagp - ok
20:36:54.0276 8880  [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:36:54.0276 8880  ViaC7 - ok
20:36:54.0322 8880  [ 58C8D5AC5C3EEF40E7E704A5CED7987D ] viaide          C:\Windows\system32\drivers\viaide.sys
20:36:54.0338 8880  viaide - ok
20:36:54.0416 8880  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:36:54.0416 8880  volmgr - ok
20:36:54.0525 8880  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:36:54.0541 8880  volmgrx - ok
20:36:54.0634 8880  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:36:54.0650 8880  volsnap - ok
20:36:54.0697 8880  [ D984439746D42B30FC65A4C3546C6829 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:36:54.0712 8880  vsmraid - ok
20:36:54.0837 8880  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
20:36:54.0853 8880  VSS - ok
20:36:54.0946 8880  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
20:36:54.0962 8880  W32Time - ok
20:36:55.0024 8880  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:36:55.0024 8880  WacomPen - ok
20:36:55.0087 8880  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:36:55.0102 8880  Wanarp - ok
20:36:55.0118 8880  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:36:55.0118 8880  Wanarpv6 - ok
20:36:55.0212 8880  [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw          C:\Windows\system32\DRIVERS\wanatw4.sys
20:36:55.0212 8880  wanatw - ok
20:36:55.0274 8880  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:36:55.0290 8880  wcncsvc - ok
20:36:55.0336 8880  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:36:55.0352 8880  WcsPlugInService - ok
20:36:55.0414 8880  [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd              C:\Windows\system32\drivers\wd.sys
20:36:55.0430 8880  Wd - ok
20:36:55.0508 8880  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:36:55.0524 8880  Wdf01000 - ok
20:36:55.0602 8880  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:36:55.0617 8880  WdiServiceHost - ok
20:36:55.0633 8880  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:36:55.0648 8880  WdiSystemHost - ok
20:36:55.0742 8880  Web Assistant Updater - ok
20:36:55.0836 8880  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
20:36:55.0836 8880  WebClient - ok
20:36:55.0929 8880  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:36:55.0945 8880  Wecsvc - ok
20:36:56.0023 8880  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:36:56.0023 8880  wercplsupport - ok
20:36:56.0116 8880  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:36:56.0116 8880  WerSvc - ok
20:36:56.0210 8880  [ 6D2350BB6E77E800FC4BE4E5B7A2E89A ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:36:56.0226 8880  winachsf - ok
20:36:56.0335 8880  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:36:56.0350 8880  WinDefend - ok
20:36:56.0397 8880  WinHttpAutoProxySvc - ok
20:36:56.0506 8880  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:36:56.0522 8880  Winmgmt - ok
20:36:56.0616 8880  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:36:56.0662 8880  WinRM - ok
20:36:56.0787 8880  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:36:56.0818 8880  Wlansvc - ok
20:36:56.0990 8880  [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:36:57.0052 8880  wlidsvc - ok
20:36:57.0099 8880  [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:36:57.0099 8880  WmiAcpi - ok
20:36:57.0193 8880  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:36:57.0208 8880  wmiApSrv - ok
20:36:57.0333 8880  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:36:57.0364 8880  WMPNetworkSvc - ok
20:36:57.0442 8880  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:36:57.0458 8880  WPCSvc - ok
20:36:57.0536 8880  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:36:57.0552 8880  WPDBusEnum - ok
20:36:57.0676 8880  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:36:57.0676 8880  WpdUsb - ok
20:36:57.0895 8880  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:36:57.0926 8880  WPFFontCache_v0400 - ok
20:36:58.0004 8880  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:36:58.0004 8880  ws2ifsl - ok
20:36:58.0098 8880  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\system32\wscsvc.dll
20:36:58.0098 8880  wscsvc - ok
20:36:58.0129 8880  WSearch - ok
20:36:58.0285 8880  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:36:58.0316 8880  wuauserv - ok
20:36:58.0394 8880  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:36:58.0394 8880  WudfPf - ok
20:36:58.0472 8880  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:36:58.0488 8880  WUDFRd - ok
20:36:58.0566 8880  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:36:58.0581 8880  wudfsvc - ok
20:36:58.0644 8880  [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
20:36:58.0644 8880  XAudio - ok
20:36:58.0706 8880  [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
20:36:58.0706 8880  XAudioService - ok
20:36:58.0753 8880  ================ Scan global ===============================
20:36:58.0831 8880  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
20:36:58.0909 8880  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:36:58.0940 8880  [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
20:36:59.0034 8880  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
20:36:59.0049 8880  [Global] - ok
20:36:59.0049 8880  ================ Scan MBR ==================================
20:36:59.0080 8880  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:36:59.0704 8880  \Device\Harddisk0\DR0 - ok
20:36:59.0704 8880  ================ Scan VBR ==================================
20:36:59.0736 8880  [ CD234CAA17A84924734F3BD69F483520 ] \Device\Harddisk0\DR0\Partition1
20:36:59.0736 8880  \Device\Harddisk0\DR0\Partition1 - ok
20:36:59.0736 8880  [ ACD99EBB437E838AFD98C549F39463E9 ] \Device\Harddisk0\DR0\Partition2
20:36:59.0736 8880  \Device\Harddisk0\DR0\Partition2 - ok
20:36:59.0751 8880  ============================================================
20:36:59.0751 8880  Scan finished
20:36:59.0751 8880  ============================================================
20:36:59.0767 3700  Detected object count: 0
20:36:59.0767 3700  Actual detected object count: 0
 



#12 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:09:07 AM

Posted 09 February 2013 - 07:04 AM

Looks good. Any problems with the system beside Cf will not run?


Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#13 LightningMan

LightningMan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 09 February 2013 - 08:18 AM

Not that I can detect, no.  As I said, I cleaned a whole bunch of stuff off using other tools.

 

Farbar Service Scanner Version: 30-01-2013
Ran by Computer_Ångels (administrator) on 09-02-2013 at 08:20:11
Running from "C:\Users\Computer_Ångels\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


Edited by LightningMan, 09 February 2013 - 08:21 AM.


#14 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:09:07 AM

Posted 09 February 2013 - 12:20 PM

Hi,

Looks good. Only Windows Defender is disabled. Do you have disabled it?


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png
  • A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#15 LightningMan

LightningMan
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 10 February 2013 - 01:27 PM

I'm pretty sure that Norton Anti-Virus disabled it on purpose.  No threats were found so I cannot generate a report.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users