Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

big grin WE'RE SURE THAT YOU'LL LOVE US!

We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91600 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Virus or Computer issue? Not sure [Solved]

Started by mignats , Dec 15 2013 01:26 PM

  • This topic is locked This topic is locked
28 replies to this topic

#1 mignats

mignats

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 15 December 2013 - 01:26 PM

Hi there,

 

I am running Windows Vista SP2 on a box that is 3-4 years old.  Recently I find my Internet is like being on dial up in most cases with pages taking a long time to load.  I also find that after a while the computer itself will have a had time starting programs and will finally Pop up with a "Windows failed to create security options dialog" error that requires a reboot.

 

I've run a full scan with BitDefender 2014 and it did find a couple of cookies it labeled as virsus which it quarantined and deleted.

 

I am not sure if these issues are computer or virus related but thought I'd start with this forum.  I ran the OTL scan and the output is below.  Thanks for any help you can provide!

 

OTL logfile created on: 12/15/2013 12:02:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jim & Lisa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.25 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 43.10% Memory free
6.71 Gb Paging File | 4.06 Gb Available in Paging File | 60.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 166.56 Gb Free Space | 35.76% Space Free | Partition Type: NTFS
Drive D: | 149.05 Gb Total Space | 52.27 Gb Free Space | 35.07% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 1208.28 Gb Free Space | 64.86% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 1248.57 Gb Free Space | 67.02% Space Free | Partition Type: NTFS
Drive G: | 349.51 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 232.88 Gb Total Space | 142.95 Gb Free Space | 61.38% Space Free | Partition Type: NTFS
 
Computer Name: SARAL-03 | User Name: Jim & Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jim & Lisa\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Conceiva\Mezzmo\Mezzmo.exe (Conceiva Pty. Ltd.)
PRC - C:\Program Files\Conceiva\Mezzmo\MezzmoMediaServer.exe (Conceiva Pty. Ltd.)
PRC - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
PRC - C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (Bitdefender)
PRC - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (Bitdefender)
PRC - C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe (Bitdefender)
PRC - C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe (Bitdefender)
PRC - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Bitdefender)
PRC - C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
PRC - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (CyberLink)
PRC - C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)
PRC - C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
PRC - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
PRC - C:\Program Files\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)
PRC - C:\Program Files\Cobian Backup 10\Cobian.exe (Luis Cobian, CobianSoft)
PRC - C:\Program Files\Cobian Backup 10\cbVSCService.exe (CobianSoft, Luis Cobian)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll ()
MOD - C:\Program Files\Bitdefender\Bitdefender\bdmetrics.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\05034abc5246a6fef208f73cb912d971\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll ()
MOD - C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\extension-functions.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\avcodec-54.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\avformat-54.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\avfilter-3.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\swscale-2.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\avutil-52.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\avdevice-54.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\swresample-0.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3154.37010__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3154.37009__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3154.36827__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3127.31122__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3127.31117__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3127.31128__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3127.31111__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3127.31108__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3127.31110__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3127.31186__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3127.31134__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3127.31124__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3127.31130__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3127.31156__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3127.31135__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3127.31160__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3127.31160__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3127.31124__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3127.31121__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3127.31118__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3127.31123__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3154.36980__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3154.36979__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3154.37000__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3127.31119__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3127.31132__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3127.31114__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3127.31123__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3154.37011__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3154.36834__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3154.36847__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3154.36826__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3154.36827__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3127.31133__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3127.31115__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3127.31126__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3127.31132__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3127.31129__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3154.36826__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3154.36825__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3154.36980__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\tag.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\libeay32.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\ssleay32.dll ()
MOD - C:\Windows\System32\atitmpxx.dll ()
MOD - C:\Program Files\Conceiva\Mezzmo\hs_regex.dll ()
MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files\Unlocker\UnlockerCOM.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Mezzmo) -- C:\Program Files\Conceiva\Mezzmo\MezzmoMediaServer.exe (Conceiva Pty. Ltd.)
SRV - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (Bitdefender)
SRV - (BdDesktopParental) -- C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe (Bitdefender)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe (Bitdefender)
SRV - (Garmin Core Update Service) -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries)
SRV - (SafeBox) -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Bitdefender)
SRV - (BingDesktopUpdate) -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (CLHNServiceForPowerDVD) -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe ()
SRV - (CyberLink PowerDVD 11.0 Service) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe (CyberLink)
SRV - (CyberLink PowerDVD 11.0 Monitor Service) -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe (CyberLink)
SRV - (NeroMediaHomeService.4) -- C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
SRV - (cbVSCService) -- C:\Program Files\Cobian Backup 10\cbVSCService.exe (CobianSoft, Luis Cobian)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (NTACCESS) -- G:\NTACCESS.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (GMSIPCI) -- G:\INSTALL\GMSIPCI.SYS File not found
DRV - (BDSandBox) -- C:\Windows\System32\drivers\bdsandbox.sys (BitDefender SRL)
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (gzflt) -- C:\Windows\System32\drivers\gzflt.sys (BitDefender LLC)
DRV - (bdselfpr) -- C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys (BitDefender LLC)
DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender)
DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender)
DRV - (BdfNdisf) -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
DRV - (avchv) -- C:\Windows\System32\drivers\avchv.sys (BitDefender)
DRV - (BDVEDISK) -- C:\Windows\System32\drivers\bdvedisk.sys (BitDefender)
DRV - (bdftdif) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (ntk_PowerDVD) -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys (Cyberlink Corp.)
DRV - ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) -- C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl (CyberLink Corp.)
DRV - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()
DRV - (L1E) -- C:\Windows\System32\drivers\L1E60x86.sys (Atheros Communications, Inc.)
DRV - (mf) -- C:\Windows\System32\drivers\mf.sys (Microsoft Corporation)
DRV - (AsIO) -- C:\Windows\System32\drivers\AsIO.sys ()
DRV - (NmPar) -- C:\Windows\System32\drivers\NmPar.sys (Windows ® Codename Longhorn DDK provider)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"
FF - prefs.js..extensions.enabledAddons: ffpwdman%40bitdefender.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Bitdefender.com/PasswordManager;version=17.8: C:\Program Files\Bitdefender\Bitdefender\pmbxnp.dll (Bitdefender)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ffpwdman@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender\ffpwdman\ [2013/08/19 11:46:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/26 19:31:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/26 19:31:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013/08/19 11:46:52 | 000,000,000 | ---D | M]
 
[2013/02/20 17:18:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim & Lisa\AppData\Roaming\Mozilla\Extensions
[2013/09/27 08:48:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jim & Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\abg2lg1s.default\extensions
[2013/11/26 19:31:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/26 19:32:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/19 11:46:59 | 000,000,000 | ---D | M] (Bitdefender Wallet) -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\FFPWDMAN
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.ca/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Bitdefender Wallet = C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.23.0_0\
CHR - Extension: Google Search = C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/02/23 16:06:49 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Cobian Backup 10] C:\Program Files\Cobian Backup 10\Cobian.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Nero MediaHome 4] C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKCU..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKCU..\Run: [Bitdefender Wallet Application Agent] C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe (Bitdefender)
O4 - HKCU..\Run: [Mezzmo] C:\Program Files\Conceiva\Mezzmo\Mezzmo.exe (Conceiva Pty. Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{442E530D-6B98-4F0B-B142-C376340BBEFC}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/12/15 11:57:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jim & Lisa\Desktop\OTL.exe
[2013/12/11 17:08:09 | 000,000,000 | ---D | C] -- C:\Users\Jim & Lisa\AppData\Local\{31FB678C-8652-4290-8690-CFCF20EE2FBD}
[2013/12/07 12:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mezzmo
[2013/12/07 12:33:50 | 000,000,000 | ---D | C] -- C:\Users\Jim & Lisa\AppData\Local\{1BE68199-7C00-4213-8248-C347BD5251EC}
[2013/11/29 17:58:41 | 000,000,000 | ---D | C] -- C:\Users\Jim & Lisa\AppData\Local\{9BCA35F1-7BC7-4D24-9DBC-125D71F8C01F}
[2013/11/29 17:25:51 | 000,000,000 | ---D | C] -- C:\Users\Jim & Lisa\AppData\Local\{3105A3D0-1073-4AF4-996D-AA441D87BE76}
[2013/11/28 19:09:12 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/11/26 19:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/24 15:39:13 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/11/24 15:39:12 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/11/24 15:39:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/11/24 15:39:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/11/24 15:39:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/11/24 15:39:11 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/11/24 15:39:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/11/24 15:39:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/11/24 15:26:20 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/11/24 15:26:00 | 000,074,512 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\bdsandboxuiskin.dll
[2013/11/24 15:25:50 | 000,027,168 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\bdsandboxuh.dll
[2013/11/24 15:21:42 | 000,000,000 | ---D | C] -- C:\Users\Jim & Lisa\AppData\Local\{43A0CCAB-1688-4DB4-B987-6FE05FCCF992}
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/12/15 11:57:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jim & Lisa\Desktop\OTL.exe
[2013/12/15 11:24:43 | 000,076,800 | ---- | M] () -- C:\Users\Jim & Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/15 11:04:35 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/15 11:04:35 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/15 10:51:54 | 000,002,643 | ---- | M] () -- C:\Users\Jim & Lisa\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook 2010.lnk
[2013/12/15 10:37:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/15 10:16:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/14 18:16:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/14 08:34:18 | 000,000,082 | ---- | M] () -- C:\Users\Jim & Lisa\Desktop\What the Tech.url
[2013/12/11 18:37:12 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/12/11 18:37:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/12/11 17:12:27 | 000,644,884 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/12/11 17:12:27 | 000,120,016 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/12/11 17:04:52 | 000,000,043 | ---- | M] () -- C:\Windows\MezzmoMediaServer.INI
[2013/12/11 17:04:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/11 00:01:04 | 000,000,680 | ---- | M] () -- C:\Users\Jim & Lisa\AppData\Local\d3d9caps.dat
[2013/12/08 09:55:55 | 000,000,104 | ---- | M] () -- C:\Users\Jim & Lisa\Desktop\Maytag Puriclean II UKF8001 Filter, UKF8001AXX Only $29.95.url
[2013/12/07 12:41:06 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Mezzmo.lnk
[2013/11/24 15:26:00 | 000,074,512 | ---- | M] (BitDefender SRL) -- C:\Windows\System32\bdsandboxuiskin.dll
[2013/11/24 15:25:54 | 000,066,832 | ---- | M] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys
[2013/11/24 15:25:50 | 000,027,168 | ---- | M] (BitDefender SRL) -- C:\Windows\System32\bdsandboxuh.dll
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/12/14 08:34:18 | 000,000,082 | ---- | C] () -- C:\Users\Jim & Lisa\Desktop\What the Tech.url
[2013/12/08 09:55:55 | 000,000,104 | ---- | C] () -- C:\Users\Jim & Lisa\Desktop\Maytag Puriclean II UKF8001 Filter, UKF8001AXX Only $29.95.url
[2013/11/24 15:26:20 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2013/09/29 12:14:56 | 001,434,678 | ---- | C] () -- C:\ProgramData\1380481485.bdinstall.bin
[2013/09/29 11:57:48 | 000,222,882 | ---- | C] () -- C:\ProgramData\1380480882.bdinstall.bin
[2013/09/14 11:43:11 | 000,192,392 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2013/08/26 20:33:07 | 000,000,680 | ---- | C] () -- C:\Users\Jim & Lisa\AppData\Local\d3d9caps.dat
[2013/08/18 17:53:04 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2013/03/17 12:52:55 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2013/02/24 14:06:50 | 000,000,020 | ---- | C] () -- C:\Windows\Ulead32.ini
[2013/02/23 10:38:12 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2013/02/22 19:52:02 | 000,000,043 | ---- | C] () -- C:\Windows\MezzmoMediaServer.INI
[2013/02/22 19:39:33 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/02/21 20:53:59 | 000,000,165 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2013/02/19 16:55:38 | 000,612,557 | ---- | C] () -- C:\ProgramData\1361280823.bdinstall.bin
[2013/02/18 22:26:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2013/02/18 22:24:45 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/02/18 22:01:22 | 000,218,658 | ---- | C] () -- C:\ProgramData\1361249905.bdinstall.bin
[2013/02/18 20:13:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013/02/18 19:48:22 | 000,076,800 | ---- | C] () -- C:\Users\Jim & Lisa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/18 19:35:39 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2013/02/18 19:35:39 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2013/02/18 19:34:49 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2013/02/18 19:34:49 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2013/02/18 19:31:00 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2013/02/18 19:03:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/02/18 18:56:16 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/03/18 09:24:59 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\AC3Filter
[2013/09/29 12:16:28 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\Bitdefender
[2013/02/23 16:43:40 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\FileZilla
[2013/02/20 17:05:32 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\Forte
[2013/10/06 17:50:19 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\Garmin
[2013/02/20 17:46:28 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\HandBrake
[2013/08/31 15:32:43 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\ObviousIdea
[2013/02/18 21:59:36 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\QuickScan
[2013/03/24 13:46:35 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\Red Kawa
[2013/02/24 13:11:07 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\Simple Star
[2013/02/22 05:56:53 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\SystemRequirementsLab
[2013/03/13 18:04:45 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\ThumbsPlus
[2013/10/14 11:40:48 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\TuneUpMedia
[2013/12/11 19:47:02 | 000,000,000 | ---D | M] -- C:\Users\Jim & Lisa\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.EXE  >
[2008/10/28 23:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/28 23:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 20:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 19:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 19:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: EXPLORER.EXE.MUI  >
[2006/11/02 05:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\en-US\explorer.exe.mui
[2006/11/02 05:41:18 | 000,036,864 | ---- | M] (Microsoft Corporation) MD5=192DD053B43250E264383CDC3D564A18 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_03bbc52176b6ba20\explorer.exe.mui
 
< MD5 for: EXPLORER.ZIP  >
[2009/06/03 21:15:06 | 000,020,394 | ---- | M] () MD5=B469409C2B2A33C542190B720E11BD79 -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\VisualBasic\1033\Explorer.zip
 
< MD5 for: IEXPLORE.EXE  >
[2013/10/13 03:49:16 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=06085B62BC7E0C8E2605CEA38774D956 -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/10/13 03:49:16 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=06085B62BC7E0C8E2605CEA38774D956 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16520_none_58a898e5ebaaf1b6\iexplore.exe
[2013/07/31 03:18:24 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=10C1F2EC48D524AE10229AACD37B172A -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20617_none_594407a304ba26f0\iexplore.exe
[2013/07/24 19:48:45 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=139C8953AC56A9E559C7DEF07BC45ED7 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20613_none_5940067b04bdc194\iexplore.exe
[2009/04/10 23:27:46 | 000,636,080 | ---- | M] (Microsoft Corporation) MD5=2C5168C856455CC43C4B4E1CC1920001 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe
[2013/10/13 02:43:05 | 000,757,488 | ---- | M] (Microsoft Corporation) MD5=2D64E29ADB5DEB40446796A9C42417E3 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20631_none_5928660f04cfc6c8\iexplore.exe
[2013/02/21 21:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16476_none_5878891febce184e\iexplore.exe
[2013/05/28 20:32:47 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=33E62E4EFC2ACA8EC63A8926F26D3889 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20606_none_594dd74504b2f1a8\iexplore.exe
[2013/04/04 15:47:49 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=3F00BE80B9CEA20B7FE7363D15EDDB94 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16483_none_586ab855ebd8e83a\iexplore.exe
[2013/02/21 21:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20586_none_58f755ff04f3d409\iexplore.exe
[2013/09/22 03:59:54 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=45BDA923BE52906D1460BCB13AC2AB7A -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16514_none_58b769f9eb9f3b21\iexplore.exe
[2013/07/24 19:42:37 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=57EC630DBD5F0713E77CB3540AB80A8E -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16502_none_58c03951eb98ec82\iexplore.exe
[2008/01/20 19:23:50 | 000,625,664 | ---- | M] (Microsoft Corporation) MD5=5B92133D3E7FB2644677686305E29E81 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe
[2013/05/16 16:34:33 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=67EE46FD4D3B56531C5DD1BDC149275A -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16490_none_585ce78bebe3b826\iexplore.exe
[2013/02/19 18:13:19 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16464_none_58815877ebc7c9af\iexplore.exe
[2011/04/21 07:34:57 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=6C93AC7C0A8718E2A1543DB1B1B3B19F -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22905_none_2ff0ad763317887e\iexplore.exe
[2011/04/21 08:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=77B9A891222FB46B13E414B99E1AF842 -- C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18639_none_2f4a9e431a0ea795\iexplore.exe
[2013/02/01 21:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20580_none_58f1544304f93bff\iexplore.exe
[2013/05/16 15:27:11 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=A8732CEDB2C0EE7AFC08F867A47BB3EC -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20600_none_5947d58904b8599e\iexplore.exe
[2013/07/31 03:39:59 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=AA9CBDCD4675A48755DDA3A73BE3E283 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16506_none_58c43a79eb9551de\iexplore.exe
[2013/04/04 14:55:02 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=C036AB1ED8BAC04FE4A349BA263077BB -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20593_none_58e9853504fea3f5\iexplore.exe
[2013/02/01 21:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16470_none_58728763ebd38044\iexplore.exe
[2013/05/28 19:24:32 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=EE12BA876C4190532A4085994BA9B616 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16496_none_5862e947ebde5030\iexplore.exe
[2013/09/22 05:14:29 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=F87E95A127E83277B9AE500D7A18C998 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20625_none_5937372304c41033\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2006/11/02 05:41:15 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=3CCDDDBC49DEACA370F39A9F0E146A1B -- C:\Windows\winsxs\x86_microsoft-windows-i..texplorer.resources_31bf3856ad364e35_6.0.6000.16386_en-us_3b55b11a57da5590\iexplore.exe.mui
[2013/02/19 18:13:20 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/02/19 18:13:20 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.1.8112.16421_en-us_52562cc123574ecd\iexplore.exe.mui
 
< MD5 for: SERVICES  >
[2006/09/18 14:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 14:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services
 
< MD5 for: SERVICES.CFG  >
[2013/09/03 06:53:56 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
 
< MD5 for: SERVICES.EXE  >
[2008/01/20 19:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/10 23:28:00 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/10 23:28:00 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2006/11/02 05:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 05:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
 
< MD5 for: SERVICES.JS  >
[2013/06/27 10:56:08 | 000,001,083 | ---- | M] () MD5=18272708A717583EBB2AE9712FDA65CD -- C:\Program Files\Microsoft\BingDesktop\Apps\runtime\mocks\services.js
 
< MD5 for: SERVICES.LNK  >
[2008/01/20 19:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 19:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof
 
< MD5 for: SERVICES.MSC  >
[2006/11/02 05:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 05:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc
 
< MD5 for: WINLOGON.EXE  >
[2009/04/10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 19:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WINLOGON.EXE.MUI  >
[2008/01/20 19:25:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\System32\en-US\winlogon.exe.mui
[2008/01/20 19:25:40 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=26AC28BF50DC112BAA794A83E08588F0 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6001.18000_en-us_caf8918b0416723a\winlogon.exe.mui
[2006/11/02 05:40:50 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=A1D2856F3EC3C86EBBF1442B0245A8B3 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.0.6000.16386_en-us_c8c1cf8f072b6166\winlogon.exe.mui
 
< MD5 for: WINLOGON.MOF  >
[2006/09/18 14:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\System32\wbem\winlogon.mof
[2006/09/18 14:41:56 | 000,002,794 | ---- | M] () MD5=545C578F290B9CDD280966939935B9EA -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.0.6000.16386_none_7e0207d478fccc94\winlogon.mof
 
< %SYSTEMDRIVE%\*.* >
[2006/09/18 14:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2013/12/11 17:01:39 | 000,205,233 | ---- | M] () -- C:\bdlog.txt
[2012/08/15 14:28:10 | 002,294,848 | -H-- | M] () -- C:\bdr-bz01
[2012/08/15 14:28:10 | 002,294,848 | -H-- | M] () -- C:\bdr-bz02
[2012/10/04 09:09:43 | 000,000,308 | -H-- | M] () -- C:\bdr-cf01
[2013/09/29 12:13:30 | 000,000,308 | -H-- | M] () -- C:\bdr-cf02
[2012/08/15 14:28:34 | 035,188,281 | -H-- | M] () -- C:\bdr-im01.gz
[2013/06/25 17:20:38 | 036,579,345 | -H-- | M] () -- C:\bdr-im02.gz
[2012/10/04 09:09:43 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2012/10/04 09:09:43 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013/09/29 12:13:30 | 000,253,404 | -H-- | M] () -- C:\bdr-ld02
[2013/09/29 12:13:30 | 000,009,216 | -H-- | M] () -- C:\bdr-ld02.mbr
[2009/04/10 23:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2013/02/18 18:32:32 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2013/02/18 17:02:19 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2013/09/11 17:29:59 | 000,000,000 | ---- | M] () -- C:\END
[2012/03/12 10:41:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/03/12 10:41:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/12/11 17:03:47 | 3802,263,552 | -HS- | M] () -- C:\pagefile.sys
[2011/07/13 10:30:16 | 000,000,057 | -H-- | M] () -- C:\splash.idx
[2009/09/01 15:52:24 | 000,009,392 | -H-- | M] () -- C:\version
 
< %systemroot%\Fonts\*.com >
[2006/11/02 05:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 05:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 05:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2013/02/18 22:40:29 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2006/09/18 14:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 05:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
[2007/04/05 12:53:13 | 000,335,872 | ---- | M] (Nero AG / Nero Inc.) -- C:\Windows\Nero PhotoShow.scr
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2008/01/20 19:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C is DRIVE_C
 Volume Serial Number is 22BF-425F
 Directory of C:\
11/02/2006  06:02 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
11/02/2006  06:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  06:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  06:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  06:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  06:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  06:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
11/02/2006  06:02 AM    <SYMLINKD>     All Users [C:\ProgramData]
11/02/2006  06:02 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
11/02/2006  06:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  06:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  06:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  06:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  06:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  06:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
11/02/2006  06:02 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
11/02/2006  06:02 AM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
11/02/2006  06:02 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
11/02/2006  06:02 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
11/02/2006  06:02 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/02/2006  06:02 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/02/2006  06:02 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
11/02/2006  06:02 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
11/02/2006  06:02 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
11/02/2006  06:02 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
11/02/2006  06:02 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
11/02/2006  06:02 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
11/02/2006  06:02 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
11/02/2006  06:02 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
11/02/2006  06:02 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
11/02/2006  06:02 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Jim & Lisa
02/18/2013  06:38 PM    <JUNCTION>     Application Data [C:\Users\Jim & Lisa\AppData\Roaming]
02/18/2013  06:38 PM    <JUNCTION>     Cookies [C:\Users\Jim & Lisa\AppData\Roaming\Microsoft\Windows\Cookies]
02/18/2013  06:38 PM    <JUNCTION>     Local Settings [C:\Users\Jim & Lisa\AppData\Local]
02/18/2013  06:38 PM    <JUNCTION>     My Documents [C:\Users\Jim & Lisa\Documents]
02/18/2013  06:38 PM    <JUNCTION>     NetHood [C:\Users\Jim & Lisa\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/18/2013  06:38 PM    <JUNCTION>     PrintHood [C:\Users\Jim & Lisa\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/18/2013  06:38 PM    <JUNCTION>     Recent [C:\Users\Jim & Lisa\AppData\Roaming\Microsoft\Windows\Recent]
02/18/2013  06:38 PM    <JUNCTION>     SendTo [C:\Users\Jim & Lisa\AppData\Roaming\Microsoft\Windows\SendTo]
02/18/2013  06:38 PM    <JUNCTION>     Start Menu [C:\Users\Jim & Lisa\AppData\Roaming\Microsoft\Windows\Start Menu]
02/18/2013  06:38 PM    <JUNCTION>     Templates [C:\Users\Jim & Lisa\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Jim & Lisa\AppData\Local
02/18/2013  06:38 PM    <JUNCTION>     Application Data [C:\Users\Jim & Lisa\AppData\Local]
02/18/2013  06:38 PM    <JUNCTION>     History [C:\Users\Jim & Lisa\AppData\Local\Microsoft\Windows\History]
02/18/2013  06:38 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Jim & Lisa\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Jim & Lisa\Documents
02/18/2013  06:38 PM    <JUNCTION>     My Music [C:\Users\Jim & Lisa\Music]
02/18/2013  06:38 PM    <JUNCTION>     My Pictures [C:\Users\Jim & Lisa\Pictures]
02/18/2013  06:38 PM    <JUNCTION>     My Videos [C:\Users\Jim & Lisa\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\NeroMediaHomeUser.4
03/18/2013  08:12 AM    <JUNCTION>     Application Data [C:\Users\NeroMediaHomeUser.4\AppData\Roaming]
03/18/2013  08:12 AM    <JUNCTION>     Cookies [C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Cookies]
03/18/2013  08:12 AM    <JUNCTION>     Local Settings [C:\Users\NeroMediaHomeUser.4\AppData\Local]
03/18/2013  08:12 AM    <JUNCTION>     My Documents [C:\Users\NeroMediaHomeUser.4\Documents]
03/18/2013  08:12 AM    <JUNCTION>     NetHood [C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/18/2013  08:12 AM    <JUNCTION>     PrintHood [C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/18/2013  08:12 AM    <JUNCTION>     Recent [C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Recent]
03/18/2013  08:12 AM    <JUNCTION>     SendTo [C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\SendTo]
03/18/2013  08:12 AM    <JUNCTION>     Start Menu [C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Start Menu]
03/18/2013  08:12 AM    <JUNCTION>     Templates [C:\Users\NeroMediaHomeUser.4\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\NeroMediaHomeUser.4\AppData\Local
03/18/2013  08:12 AM    <JUNCTION>     Application Data [C:\Users\NeroMediaHomeUser.4\AppData\Local]
03/18/2013  08:12 AM    <JUNCTION>     History [C:\Users\NeroMediaHomeUser.4\AppData\Local\Microsoft\Windows\History]
03/18/2013  08:12 AM    <JUNCTION>     Temporary Internet Files [C:\Users\NeroMediaHomeUser.4\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\NeroMediaHomeUser.4\Documents
03/18/2013  08:12 AM    <JUNCTION>     My Music [C:\Users\NeroMediaHomeUser.4\Music]
03/18/2013  08:12 AM    <JUNCTION>     My Pictures [C:\Users\NeroMediaHomeUser.4\Pictures]
03/18/2013  08:12 AM    <JUNCTION>     My Videos [C:\Users\NeroMediaHomeUser.4\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
11/02/2006  06:02 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
11/02/2006  06:02 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
11/02/2006  06:02 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile
02/24/2013  02:06 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
02/24/2013  02:06 PM    <JUNCTION>     Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
02/24/2013  02:06 PM    <JUNCTION>     Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
02/24/2013  02:06 PM    <JUNCTION>     My Documents [C:\Windows\system32\config\systemprofile\Documents]
02/24/2013  02:06 PM    <JUNCTION>     NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/24/2013  02:06 PM    <JUNCTION>     PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/24/2013  02:06 PM    <JUNCTION>     Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
02/24/2013  02:06 PM    <JUNCTION>     SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
02/24/2013  02:06 PM    <JUNCTION>     Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
02/24/2013  02:06 PM    <JUNCTION>     Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local
02/24/2013  02:06 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
02/24/2013  02:06 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
02/24/2013  02:06 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Documents
02/24/2013  02:06 PM    <JUNCTION>     My Music [C:\Windows\system32\config\systemprofile\Music]
02/24/2013  02:06 PM    <JUNCTION>     My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
02/24/2013  02:06 PM    <JUNCTION>     My Videos [C:\Windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              82 Dir(s)  178,003,664,896 bytes free
 
< %systemroot%\System32\config\*.sav >
[2008/01/20 20:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 20:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 20:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 03:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 03:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
 
< %systemroot%\system32\*.db >
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2013/02/20 06:31:12 | 000,000,286 | -HS- | M] () -- C:\Users\Jim & Lisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
< %USERPROFILE%\Desktop\*.exe >
[2013/12/15 11:57:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jim & Lisa\Desktop\OTL.exe
 
< %PROGRAMFILES%\Common Files\*.* >
 
< %systemroot%\*.src >
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-11-29 02:19:02
 
< End of report >
 

OTL Extras logfile created on: 12/15/2013 12:02:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jim & Lisa\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.25 Gb Total Physical Memory | 1.40 Gb Available Physical Memory | 43.10% Memory free
6.71 Gb Paging File | 4.06 Gb Available in Paging File | 60.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 166.56 Gb Free Space | 35.76% Space Free | Partition Type: NTFS
Drive D: | 149.05 Gb Total Space | 52.27 Gb Free Space | 35.07% Space Free | Partition Type: NTFS
Drive E: | 1863.01 Gb Total Space | 1208.28 Gb Free Space | 64.86% Space Free | Partition Type: NTFS
Drive F: | 1863.01 Gb Total Space | 1248.57 Gb Free Space | 67.02% Space Free | Partition Type: NTFS
Drive G: | 349.51 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 232.88 Gb Total Space | 142.95 Gb Free Space | 61.38% Space Free | Partition Type: NTFS
 
Computer Name: SARAL-03 | User Name: Jim & Lisa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2540997612-1774058246-2404513865-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05781AEF-68F8-42B1-BE18-13B33000F075}" = lport=139 | protocol=6 | dir=in | app=system | 
"{086975BF-D984-4E21-A278-6072F2DF8E97}" = rport=139 | protocol=6 | dir=out | app=system | 
"{11197992-0411-4634-AB9A-B9074479781C}" = lport=2869 | protocol=6 | dir=in | name=mezzmo media server service | 
"{168D334C-0513-4314-BB46-65A408872E6A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{1E45A899-5523-47F0-A97D-945FD58B8314}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2797999F-BE6A-4A44-A6DA-DA2E10F6D6DD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{2C1FB8F7-F807-45A9-9540-B5B79B452A6D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{31B8C0F3-2268-4BB8-B122-6B1FE74ED892}" = lport=53168 | protocol=6 | dir=in | name=mezzmo media server service | 
"{3BC22EC0-DB2F-44C2-969A-6A3DA2B9BFF2}" = lport=445 | protocol=6 | dir=in | app=system | 
"{3D7DF507-043C-4063-9722-F48E25F88CC8}" = lport=138 | protocol=17 | dir=in | app=system | 
"{46A72D3F-9BF1-45DA-8010-46D91F7747EF}" = lport=137 | protocol=17 | dir=in | app=system | 
"{70E71018-AC2E-4825-A27A-31D65E609022}" = lport=53168 | protocol=6 | dir=in | name=mezzmo media server service | 
"{737B8E1E-B67A-4DFC-92D5-EFCB7636E003}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{7AC41C0B-574C-4A34-9FB5-891433187BD7}" = lport=1900 | protocol=17 | dir=in | name=mezzmo media server service | 
"{907DC35F-A1C6-4BE5-9A3E-10AA159133CB}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B875A2E4-9E43-444D-8014-283233D81FD2}" = lport=53168 | protocol=6 | dir=in | name=mezzmo media server service | 
"{D1ADCEA7-8EC6-4467-A514-12F422F4F88F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{D8735683-2955-471E-9277-3012D1762A5B}" = rport=138 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A4C067-56E7-4035-AEBC-23752FB22BA3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{1545F9EF-8101-46F5-85A3-6765B2070B80}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{20262AB4-A6DF-461C-A2BF-1AD221D75302}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{2F124232-1B8F-4207-8910-21DDEFF2083A}" = protocol=17 | dir=in | app=c:\users\jim & lisa\appdata\roaming\utorrent\utorrent.exe | 
"{301A62CD-569B-405E-9967-884025278D3B}" = protocol=17 | dir=in | app=c:\program files\nero\nero mediahome 4\nmmediaserverservice.exe | 
"{3402E6FB-A4FC-4C47-8462-BB87DEA3A4A9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{3AAAC79B-D01C-4A68-A2F9-1AE898EF11B0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{415C8EA0-05EA-4E0C-97E5-10FCB334D27A}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{4D4FD913-C2CF-47A2-AD2F-A7A6735A198B}" = dir=in | app=c:\program files\cyberlink\powerdvd11\powerdvd11.exe | 
"{50516886-23FF-4F58-AACC-B00A8E60640F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{595B1F67-1E4E-4924-9476-DF5E9DFEC919}" = dir=in | app=c:\program files\cyberlink\powerdvd11\common\mediaserver\clmsserver.exe | 
"{7830D2FD-C2B4-4FEB-97E1-EEC336FAD80C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{853FE3C9-4315-4162-885E-058EBC130941}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{890B9009-FD80-4555-A681-99B1D42D03B8}" = dir=in | app=c:\program files\cyberlink\powerdvd11\movie\powerdvd cinema\powerdvdcinema11.exe | 
"{951B8C37-DC4B-4659-B56A-D266E11E8014}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{9E0D5323-1679-4DF0-BC6C-A427BA516D26}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{A5D1EC7E-955A-4B44-AFDF-68B8CCD97169}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{A7610F90-F47D-4572-9791-E308EE45506C}" = dir=in | app=c:\program files\cyberlink\powerdvd11\movie\moviemodule.exe | 
"{B04611D1-7585-41D7-B180-DEB7AD46D1E9}" = protocol=6 | dir=in | app=c:\users\jim & lisa\appdata\roaming\utorrent\utorrent.exe | 
"{C6DBA525-AD78-4224-A600-FB9B6DBD5981}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{D0F4D1FF-FDDB-46D7-A137-5CDD0AC85451}" = protocol=6 | dir=in | app=c:\program files\nero\nero mediahome 4\nmmediaserverservice.exe | 
"{D50A95A6-AC02-4282-9299-7FA1C0845411}" = dir=in | app=c:\program files\cyberlink\powerdvd11\pdvd11serv.exe | 
"{EDA3A01B-9055-4B10-B168-B0C55B708E59}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{0876216B-8135-D74E-4B4F-8F4BCD4E7DE7}" = Catalyst Control Center HydraVision Full
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1E598659-6503-419E-8FB0-0C1EABF11033}" = Nero 8
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3341697B-3E28-4C96-4F98-F269E21EB7E5}" = Skins
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3615560A-3601-4727-B44D-853BEF395F5C}" = Elevated Installer
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B0F52AC-EF5C-4831-B221-06C782E41280}" = Quicken 2008
"{3E88B541-9079-2F30-AB1A-D89705305760}" = ccc-core-static
"{3FAB3594-0C12-2DB3-57E4-4AD2A13215CF}" = Catalyst Control Center Graphics Full Existing
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{60980D5C-0C56-7E59-746C-AA6CC50997E7}" = Catalyst Control Center Graphics Previews Common
"{647BB978-2876-487B-9B0E-FDB73F0EA4A2}" = Garmin Communicator Plugin
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1" = Auslogics Duplicate File Finder
"{69FC3B9A-4149-43DB-A557-6ED0C8D8BA44}" = Nero MediaHome 4 Help
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6C59EAF3-B76B-52B8-B517-E0E645B08DE5}" = Catalyst Control Center Graphics Light
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{712C9875-89BA-44E4-966A-106DF3141740}" = Garmin Express Tray
"{7603E267-9523-C5E5-8C14-B657B98EDF03}" = Catalyst Control Center Graphics Previews Vista
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
"{7D3A7C2E-DC30-4726-AF81-9DFCCF88DC1E}" = Garmin Express
"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7
"{81E04A8B-C804-4886-FA79-0AD2BE946A06}" = Catalyst Control Center InstallProxy
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C94D6F5-6F75-7921-E9EF-93D7486DBB0E}" = CCC Help English
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9471d6bd-67a9-40f6-a420-2ae4f08ef003}" = Garmin Express
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{99EF387E-633E-4CFB-BFA3-AB961B685DDF}" = Nero MediaHome 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1740D36-64B5-E7FF-D8F9-C0B827E42B67}" = Catalyst Control Center Graphics Full New
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A609DCAD-A00D-1820-E0BD-2A05D843B8A7}" = Catalyst Control Center Core Implementation
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB36AB42-2EC3-B02B-E9EC-294408E75819}" = ATI Catalyst Install Manager
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BFC2D769-8412-02A4-5B37-87880157C48B}" = ccc-utility
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DA0BF7AB-88EB-4675-8FA1-531EAD938821}" = SnagIt 8
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}" = iTunes
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E188D820-1218-4E28-8BCA-91134C3664C2}" = Ulead VideoStudio 10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EBE030DD-D404-4D92-85E9-8C3624820808}_is1" = Light Image Resizer 4.1.0.6
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"AC3Filter_is1" = AC3Filter 2.5b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"AviSynth" = AviSynth 2.5
"Bitdefender" = Bitdefender Total Security
"CobBackup10" = Cobian Backup 10
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2013-03-02
"DivX Setup" = DivX Setup
"EPSON Printer and Utilities" = EPSON Printer Software
"FileZilla Client" = FileZilla Client 3.6.0.2
"Forte Agent" = Forté Agent
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.7.3
"Google Chrome" = Google Chrome
"HandBrake" = HandBrake 0.9.8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"MosChip Technology" = MosChip Multi-IO Controller
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero PhotoShow Express 5" = Nero PhotoShow Express 5
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"QuickPar" = QuickPar 0.9
"Rename It 3.0" = Rename It 3.0
"ThumbsPlus7" = ThumbsPlus version 7 SP2
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"Videora iPod nano Converter" = Videora iPod nano Converter 6
"VLC media player" = VLC media player 2.0.3
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mezzmo" = Mezzmo
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12/12/2013 11:33:46 PM | Computer Name = saral-03 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 18
 
Error - 12/12/2013 11:33:46 PM | Computer Name = saral-03 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 19
 
Error - 12/12/2013 11:33:46 PM | Computer Name = saral-03 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 20
 
Error - 12/12/2013 11:33:46 PM | Computer Name = saral-03 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 21
 
Error - 12/12/2013 11:33:46 PM | Computer Name = saral-03 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 22
 
Error - 12/12/2013 11:33:46 PM | Computer Name = saral-03 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 23
 
Error - 12/12/2013 11:33:46 PM | Computer Name = saral-03 | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 24
 
Error - 12/13/2013 11:00:03 AM | Computer Name = saral-03 | Source = VSS | ID = 8194
Description = 
 
Error - 12/15/2013 1:59:15 PM | Computer Name = saral-03 | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 12/15/2013 2:16:18 PM | Computer Name = saral-03 | Source = Application Error | ID = 1000
Description = Faulting application DivX Player.exe, version 11.2.1.1, time stamp
 0x52675132, faulting module MSVCR80.dll, version 8.0.50727.6195, time stamp 0x4dcddbf3,
 exception code 0xc0000005, fault offset 0x0001500a,  process id 0xff0, application
 start time 0x01cef9c1acc4b6b9.
 
[ System Events ]
Error - 3/18/2013 9:18:35 PM | Computer Name = saral-03 | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 3/18/2013 9:18:35 PM | Computer Name = saral-03 | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 3/18/2013 9:19:06 PM | Computer Name = saral-03 | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 3/18/2013 9:19:06 PM | Computer Name = saral-03 | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 3/22/2013 5:58:12 PM | Computer Name = saral-03 | Source = BROWSER | ID = 8007
Description = 
 
Error - 3/22/2013 5:59:12 PM | Computer Name = saral-03 | Source = BROWSER | ID = 8007
Description = 
 
Error - 3/22/2013 7:07:15 PM | Computer Name = saral-03 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:03:45 PM on 3/22/2013 was unexpected.
 
Error - 3/22/2013 7:09:26 PM | Computer Name = saral-03 | Source = DCOM | ID = 10005
Description = 
 
Error - 3/22/2013 7:09:27 PM | Computer Name = saral-03 | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 3/22/2013 7:09:27 PM | Computer Name = saral-03 | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
 
 

    Advertisements

Register to Remove

#2 Conspire

Conspire

    SuperHelper

  • Classroom Teacher
  • 5,805 posts

Posted 17 December 2013 - 08:18 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)


Hello there, mignats

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.
IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

---------------------------------------------------------------------------------------------------

gmer_zip.gif
  • Please download GMER from one of the following locations, and save it to your desktop:
    • Main Mirror
      This version will download a randomly named file (Recommended)
    • Zip Mirror
      This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Extract the contents of the zipped file to desktop (applicable only to Zip mirror) .
  • Double click gmerRandomIcon.png or gmerDesktopIcon.png on your desktop.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
    gmerNoDialog.png

    GMER_thumb.jpg
    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop, and attach it in your reply.
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

---------------------------------------------------------------------------------------------------
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#3 mignats

mignats

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 17 December 2013 - 09:18 PM

Hi Conspire and thanks for any help you are able to provide.

 

I've tried to run GMER three times now with no success.  The first time the program crashed.  The second time my computer crashed and gave me a bunch of messages - the only one I caught was collecting data for crash dump - before rebooting.  The third time part way through I got an error that said there was no disk in the drive.  I tried Try Again, Continue and Cancel and nothing worked, finally after hitting cancel a few times the program continued to run but it did eventually crash again.

 

I wasn't sure if this would get the same results or information you're looking for if I ran this in safe mode so I wanted to check first to see if that should be my next step.

 

Thanks again!


#4 Conspire

Conspire

    SuperHelper

  • Classroom Teacher
  • 5,805 posts

Posted 17 December 2013 - 10:42 PM

Most likely you won't run into any issues in safe mode because I suspect BitDefender is preventing GMER from running properly.

 

Could you please try to disable BitDefender before running it again?


Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#5 mignats

mignats

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 19 December 2013 - 07:41 AM

I had some success with GMER sort of.

 

It ran all day yesterday.  Part of the way through I got the error I saw previously that said there was no disk in the drive.  I clicked Cancel 6-8 time and got the program to run but.  While it was running, Windows Explorer crashed and when GEMR finished I was unable to save the file because I kept getting told there was no storage space available (due to the explorer crash I am assuming).

 

I will try to run GMER again today and see what happens.

 

Thanks Conspire,


#6 Conspire

Conspire

    SuperHelper

  • Classroom Teacher
  • 5,805 posts

Posted 19 December 2013 - 11:00 AM

Hello,

Try these instead.

Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan
    • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
    • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
aswMBR log
MBR.dat (attached)
TDSS Killer log


Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Good Day!
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#7 mignats

mignats

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 19 December 2013 - 04:00 PM

Hi Conspire,

 

Thanks for this I will give it a shot as soon as I can.  I may not reply for a day or so though just so you aren't wonder if I have left.

 

Cheers,


Edited by mignats, 19 December 2013 - 04:00 PM.

#8 Conspire

Conspire

    SuperHelper

  • Classroom Teacher
  • 5,805 posts

Posted 19 December 2013 - 09:14 PM

Sure :)
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#9 mignats

mignats

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 20 December 2013 - 07:23 AM

Good Morning,

 

The information you wanted is below.  Hopefully I have done this right ;)  There were no issues running either of these scans.

 

Thanks!

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-12-19 20:38:06
-----------------------------
20:38:06.926    OS Version: Windows 6.0.6002 Service Pack 2
20:38:06.927    Number of processors: 2 586 0x170A
20:38:06.927    ComputerName: SARAL-03  UserName: 
20:38:08.921    Initialize success
20:38:32.950    AVAST engine defs: 13121900
20:41:19.120    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-4
20:41:19.122    Disk 0 Vendor: ST3500320AS SD15 Size: 476940MB BusType: 3
20:41:19.124    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-6
20:41:19.126    Disk 1 Vendor: Maxtor_6V160E0 VA111630 Size: 152627MB BusType: 3
20:41:19.129    Disk 2  \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP5T0L0-7
20:41:19.131    Disk 2 Vendor: WDC_WD20EARX-00PASB0 51.0AB51 Size: 1907729MB BusType: 3
20:41:19.134    Disk 3  \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP1T0L0-1
20:41:19.137    Disk 3 Vendor: ST2000DM001-1CH164 CC43 Size: 1907729MB BusType: 3
20:41:19.616    Disk 0 MBR read successfully
20:41:19.619    Disk 0 MBR scan
20:41:19.624    Disk 0 Windows VISTA default MBR code
20:41:19.640    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       476938 MB offset 2048
20:41:19.783    Disk 0 scanning sectors +976771072
20:41:20.151    Disk 0 scanning C:\Windows\system32\drivers
20:41:44.372    Service scanning
20:41:47.722    Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
20:41:47.761    Service bdftdif C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys **LOCKED** 5
20:41:47.828    Service bdselfpr C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys **LOCKED** 5
20:41:52.094    Service GMSIPCI G:\INSTALL\GMSIPCI.SYS **LOCKED** 21
20:41:59.464    Service NTACCESS G:\NTACCESS.sys **LOCKED** 21
20:42:00.807    Service pci C:\Windows\system32\drivers\pci.sys **LOCKED** 32
20:42:09.762    Modules scanning
20:42:23.743    Disk 0 trace - called modules:
20:42:23.755    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 
20:42:23.760    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86189ac8]
20:42:23.764    3 CLASSPNP.SYS[8b1a98b3] -> nt!IofCallDriver -> [0x85761918]
20:42:23.769    5 acpi.sys[8069e6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-4[0x856ecb98]
20:42:26.610    AVAST engine scan C:\Windows
20:43:02.251    AVAST engine scan C:\Windows\system32
20:48:37.170    AVAST engine scan C:\Windows\system32\drivers
20:50:53.172    AVAST engine scan C:\Users\Jim & Lisa
23:12:10.660    AVAST engine scan C:\ProgramData
23:24:55.992    Scan finished successfully
06:14:07.393    Disk 0 MBR has been saved successfully to "C:\Users\Jim & Lisa\Desktop\MBR.dat"
06:14:07.432    The log file has been saved successfully to "C:\Users\Jim & Lisa\Desktop\aswMBR.txt"
06:15:40.194    Disk 0 MBR has been saved successfully to "C:\Users\Jim & Lisa\Desktop\MBR.dat"
06:15:40.200    The log file has been saved successfully to "C:\Users\Jim & Lisa\Desktop\aswMBR.txt"
 
 
 
20:35:52.0502 0x03a4  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
20:36:01.0497 0x03a4  ============================================================
20:36:01.0497 0x03a4  Current date / time: 2013/12/19 20:36:01.0497
20:36:01.0497 0x03a4  SystemInfo:
20:36:01.0497 0x03a4  
20:36:01.0497 0x03a4  OS Version: 6.0.6002 ServicePack: 2.0
20:36:01.0497 0x03a4  Product type: Workstation
20:36:01.0498 0x03a4  ComputerName: SARAL-03
20:36:01.0498 0x03a4  UserName: Jim & Lisa
20:36:01.0498 0x03a4  Windows directory: C:\Windows
20:36:01.0498 0x03a4  System windows directory: C:\Windows
20:36:01.0498 0x03a4  Processor architecture: Intel x86
20:36:01.0498 0x03a4  Number of processors: 2
20:36:01.0498 0x03a4  Page size: 0x1000
20:36:01.0498 0x03a4  Boot type: Normal boot
20:36:01.0498 0x03a4  ============================================================
20:36:04.0122 0x03a4  KLMD registered as C:\Windows\system32\drivers\25095666.sys
20:36:04.0188 0x03a4  System UUID: {AC5E698D-C504-72F7-A589-62717DA6984E}
20:36:04.0748 0x03a4  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:36:04.0776 0x03a4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:36:04.0791 0x03a4  Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:36:04.0791 0x03a4  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:36:04.0872 0x03a4  Drive \Device\Harddisk5\DR5 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:36:04.0875 0x03a4  Drive \Device\Harddisk6\DR6 - Size: 0xEF800000 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:36:04.0876 0x03a4  ============================================================
20:36:04.0876 0x03a4  \Device\Harddisk3\DR3:
20:36:04.0876 0x03a4  MBR partitions:
20:36:04.0876 0x03a4  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
20:36:04.0876 0x03a4  \Device\Harddisk0\DR0:
20:36:04.0877 0x03a4  MBR partitions:
20:36:04.0877 0x03a4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
20:36:04.0877 0x03a4  \Device\Harddisk1\DR1:
20:36:04.0877 0x03a4  MBR partitions:
20:36:04.0877 0x03a4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A18A82
20:36:04.0877 0x03a4  \Device\Harddisk2\DR2:
20:36:04.0877 0x03a4  MBR partitions:
20:36:04.0877 0x03a4  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
20:36:04.0877 0x03a4  \Device\Harddisk5\DR5:
20:36:04.0877 0x03a4  MBR partitions:
20:36:04.0877 0x03a4  \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
20:36:04.0877 0x03a4  \Device\Harddisk6\DR6:
20:36:04.0878 0x03a4  MBR partitions:
20:36:04.0878 0x03a4  \Device\Harddisk6\DR6\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x77A000
20:36:04.0878 0x03a4  ============================================================
20:36:04.0908 0x03a4  C: <-> \Device\Harddisk0\DR0\Partition1
20:36:04.0926 0x03a4  D: <-> \Device\Harddisk1\DR1\Partition1
20:36:04.0927 0x03a4  E: <-> \Device\Harddisk2\DR2\Partition1
20:36:04.0938 0x03a4  F: <-> \Device\Harddisk3\DR3\Partition1
20:36:04.0992 0x03a4  I: <-> \Device\Harddisk5\DR5\Partition1
20:36:04.0992 0x03a4  ============================================================
20:36:04.0992 0x03a4  Initialize success
20:36:04.0992 0x03a4  ============================================================
20:36:07.0650 0x0ff0  ============================================================
20:36:07.0650 0x0ff0  Scan started
20:36:07.0650 0x0ff0  Mode: Manual; 
20:36:07.0650 0x0ff0  ============================================================
20:36:07.0650 0x0ff0  KSN ping started
20:36:10.0340 0x0ff0  KSN ping finished: true
20:36:13.0475 0x0ff0  ================ Scan system memory ========================
20:36:13.0475 0x0ff0  System memory - ok
20:36:13.0476 0x0ff0  ================ Scan services =============================
20:36:13.0618 0x0ff0  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:36:13.0636 0x0ff0  ACPI - ok
20:36:13.0773 0x0ff0  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:36:13.0776 0x0ff0  AdobeARMservice - ok
20:36:13.0836 0x0ff0  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:36:13.0845 0x0ff0  AdobeFlashPlayerUpdateSvc - ok
20:36:13.0907 0x0ff0  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:36:13.0924 0x0ff0  adp94xx - ok
20:36:13.0948 0x0ff0  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:36:13.0965 0x0ff0  adpahci - ok
20:36:13.0986 0x0ff0  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:36:13.0992 0x0ff0  adpu160m - ok
20:36:14.0007 0x0ff0  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:36:14.0014 0x0ff0  adpu320 - ok
20:36:14.0054 0x0ff0  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:36:14.0056 0x0ff0  AeLookupSvc - ok
20:36:14.0109 0x0ff0  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
20:36:14.0126 0x0ff0  AFD - ok
20:36:14.0153 0x0ff0  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:36:14.0156 0x0ff0  agp440 - ok
20:36:14.0170 0x0ff0  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:36:14.0174 0x0ff0  aic78xx - ok
20:36:14.0188 0x0ff0  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
20:36:14.0191 0x0ff0  ALG - ok
20:36:14.0203 0x0ff0  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
20:36:14.0206 0x0ff0  aliide - ok
20:36:14.0256 0x0ff0  [ EBCCBCBF1DF132E4775E5D6E6DEA3ED0, 142A8C4D21BC4772C4B9E16A1EC8C82EB08CD3E8199D167D4F5F42A2BC415DE2 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:36:14.0263 0x0ff0  AMD External Events Utility - ok
20:36:14.0276 0x0ff0  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:36:14.0279 0x0ff0  amdagp - ok
20:36:14.0300 0x0ff0  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
20:36:14.0303 0x0ff0  amdide - ok
20:36:14.0315 0x0ff0  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:36:14.0331 0x0ff0  AmdK7 - ok
20:36:14.0346 0x0ff0  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:36:14.0349 0x0ff0  AmdK8 - ok
20:36:14.0609 0x0ff0  [ F89643A2CA001B1162061E306F8BF267, 6D74863007609F8A5396BACA285205B3A224CF8C94C2D8D11BF0AABA9300DC69 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:36:14.0856 0x0ff0  amdkmdag - ok
20:36:14.0914 0x0ff0  [ FB68E1B9CEC598F0F69503F3AEBB45DD, BCA3A89A7A570DAABB279ABF67E9DE889457BB2BFF586DB638AD419FF4DD14B2 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:36:14.0923 0x0ff0  amdkmdap - ok
20:36:14.0940 0x0ff0  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
20:36:14.0942 0x0ff0  Appinfo - ok
20:36:15.0008 0x0ff0  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:36:15.0011 0x0ff0  Apple Mobile Device - ok
20:36:15.0030 0x0ff0  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
20:36:15.0034 0x0ff0  arc - ok
20:36:15.0047 0x0ff0  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:36:15.0051 0x0ff0  arcsas - ok
20:36:15.0097 0x0ff0  [ 2B4E66FAC6503494A2C6F32BB6AB3826, 923EBBE8111E73D5B8ECC2DB10F8EA2629A3264C3A535D01C3C118A3B4C91782 ] AsIO            C:\Windows\system32\drivers\AsIO.sys
20:36:15.0099 0x0ff0  AsIO - ok
20:36:15.0185 0x0ff0  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:36:15.0197 0x0ff0  aspnet_state - ok
20:36:15.0220 0x0ff0  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:36:15.0222 0x0ff0  AsyncMac - ok
20:36:15.0238 0x0ff0  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
20:36:15.0238 0x0ff0  atapi - ok
20:36:15.0525 0x0ff0  [ F89643A2CA001B1162061E306F8BF267, 6D74863007609F8A5396BACA285205B3A224CF8C94C2D8D11BF0AABA9300DC69 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:36:15.0665 0x0ff0  atikmdag - ok
20:36:15.0720 0x0ff0  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:36:15.0737 0x0ff0  AudioEndpointBuilder - ok
20:36:15.0754 0x0ff0  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:36:15.0759 0x0ff0  Audiosrv - ok
20:36:15.0809 0x0ff0  [ DBCB72388C719C9EAFCE91AB40EAA05E, F4326FD5FD9284D64733DA5EDDAF241DF22F1E358D313695641F32AC246679F0 ] avc3            C:\Windows\system32\DRIVERS\avc3.sys
20:36:15.0820 0x0ff0  avc3 - ok
20:36:15.0841 0x0ff0  [ 7F9B99B564E7C9FBB6729ED95B5BBB24, 9231A8298C9FA74B725CA0FEDAB3611AADE90773C597D7834563C79617456E93 ] avchv           C:\Windows\system32\DRIVERS\avchv.sys
20:36:15.0849 0x0ff0  avchv - ok
20:36:15.0872 0x0ff0  [ 5C83DF7DB66EEFCD82152E85EC9E9F06, 9C9573AE47499ECD602EA0154CA47B6C4CF746BD2C35D89D0F3A0BB1BCD30533 ] avckf           C:\Windows\system32\DRIVERS\avckf.sys
20:36:15.0880 0x0ff0  avckf - ok
20:36:15.0951 0x0ff0  [ ED8A0A470B9F0691599978530B2D69A1, A0B2C1BC0489291A8D923CDBC042B3BD9BFD47BB3BF68C1A741B3DB9B36F0F1D ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe
20:36:15.0954 0x0ff0  BdDesktopParental - ok
20:36:15.0995 0x0ff0  [ 6743A3C33E8B3BFC2D9B55E15500BB13, E5AB98447448BA4B09E1511058FDAC687D9CEC2A4476AE16EAC59D164CC0E99A ] BdfNdisf        c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
20:36:15.0999 0x0ff0  BdfNdisf - ok
20:36:16.0008 0x0ff0  [ F7D825F7E47D8A7865F5D2156B1B7A24, CD9A22226CA6D3F95F2643233BDCD0FA93D0A3DA6BE4B944E1CDC2B93B002C74 ] bdftdif         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys
20:36:16.0013 0x0ff0  bdftdif - ok
20:36:16.0039 0x0ff0  [ A1777C97C2FEA21D7166752AA2CCCBE8, 8A3D336066A1C5A14933C8DA5E953E65C208FFB057B21C2A134048DD259780E4 ] BDSandBox       C:\Windows\system32\drivers\bdsandbox.sys
20:36:16.0043 0x0ff0  BDSandBox - ok
20:36:16.0066 0x0ff0  [ 32A85CDD3D6A8381523CFA171BB6E44F, 2804FC82DDE31E3279FC3B69EF9F0854EBF349A46264CF8A7C7163CD58104020 ] bdselfpr        C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys
20:36:16.0072 0x0ff0  bdselfpr - ok
20:36:16.0078 0x0ff0  [ B82A4AE7C1259411421D2389BD1AB058, 200049B96D327DF3A8A8BAF238C52B3711B79929A20DAB57B7B7B9FEF5BEBB73 ] BDVEDISK        C:\Windows\system32\DRIVERS\bdvedisk.sys
20:36:16.0081 0x0ff0  BDVEDISK - ok
20:36:16.0091 0x0ff0  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:36:16.0093 0x0ff0  Beep - ok
20:36:16.0125 0x0ff0  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
20:36:16.0135 0x0ff0  BFE - ok
20:36:16.0211 0x0ff0  [ 4AF6B0CCD9974A69DF2C91301370B381, C33D7F12C9E81C4D7A5FDD642D975448DF78EC708115951078E4FDB80B13235A ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
20:36:16.0219 0x0ff0  BingDesktopUpdate - ok
20:36:16.0285 0x0ff0  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
20:36:16.0311 0x0ff0  BITS - ok
20:36:16.0325 0x0ff0  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:36:16.0328 0x0ff0  blbdrive - ok
20:36:16.0397 0x0ff0  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:36:16.0414 0x0ff0  Bonjour Service - ok
20:36:16.0438 0x0ff0  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:36:16.0441 0x0ff0  bowser - ok
20:36:16.0476 0x0ff0  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:36:16.0478 0x0ff0  BrFiltLo - ok
20:36:16.0494 0x0ff0  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:36:16.0495 0x0ff0  BrFiltUp - ok
20:36:16.0539 0x0ff0  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
20:36:16.0543 0x0ff0  Browser - ok
20:36:16.0565 0x0ff0  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:36:16.0569 0x0ff0  Brserid - ok
20:36:16.0579 0x0ff0  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:36:16.0583 0x0ff0  BrSerWdm - ok
20:36:16.0595 0x0ff0  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:36:16.0597 0x0ff0  BrUsbMdm - ok
20:36:16.0609 0x0ff0  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:36:16.0611 0x0ff0  BrUsbSer - ok
20:36:16.0629 0x0ff0  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:36:16.0632 0x0ff0  BTHMODEM - ok
20:36:16.0676 0x0ff0  [ ED5411A69C5BAC78D245C893AF64352A, B7AA6DAE8AE4A6C541C36AD2B90DF3F6AC8F0160E9EE5BA8AD0D776BD5962680 ] cbVSCService    C:\Program Files\Cobian Backup 10\cbVSCService.exe
20:36:16.0679 0x0ff0  cbVSCService - ok
20:36:16.0691 0x0ff0  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:36:16.0695 0x0ff0  cdfs - ok
20:36:16.0732 0x0ff0  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:36:16.0736 0x0ff0  cdrom - ok
20:36:16.0770 0x0ff0  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
20:36:16.0772 0x0ff0  CertPropSvc - ok
20:36:16.0793 0x0ff0  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:36:16.0796 0x0ff0  circlass - ok
20:36:16.0822 0x0ff0  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
20:36:16.0833 0x0ff0  CLFS - ok
20:36:16.0912 0x0ff0  [ 4AA6694FB767BBFF6A8EF080806447BD, 4920B3683FDE19A86453C76E08C23132B037D254AFB7147E84130C06AA90B0F8 ] CLHNServiceForPowerDVD C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
20:36:16.0917 0x0ff0  CLHNServiceForPowerDVD - ok
20:36:16.0957 0x0ff0  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:36:16.0965 0x0ff0  clr_optimization_v2.0.50727_32 - ok
20:36:16.0991 0x0ff0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:36:17.0051 0x0ff0  clr_optimization_v4.0.30319_32 - ok
20:36:17.0071 0x0ff0  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:36:17.0073 0x0ff0  cmdide - ok
20:36:17.0086 0x0ff0  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:36:17.0088 0x0ff0  Compbatt - ok
20:36:17.0092 0x0ff0  COMSysApp - ok
20:36:17.0140 0x0ff0  [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv          C:\Program Files\SystemRequirementsLab\cpudrv.sys
20:36:17.0142 0x0ff0  cpudrv - ok
20:36:17.0146 0x0ff0  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:36:17.0148 0x0ff0  crcdisk - ok
20:36:17.0163 0x0ff0  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:36:17.0165 0x0ff0  Crusoe - ok
20:36:17.0209 0x0ff0  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:36:17.0215 0x0ff0  CryptSvc - ok
20:36:17.0264 0x0ff0  [ D3484412EAE43685E3AD304C9979F30E, 0F45C056C3E2FE541FF2BD3914CDC823CF4048A57B967E07B95DFF673E968F35 ] CyberLink PowerDVD 11.0 Monitor Service C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
20:36:17.0268 0x0ff0  CyberLink PowerDVD 11.0 Monitor Service - ok
20:36:17.0289 0x0ff0  [ 4B0F03AF88FF89441EF57175849C3961, E758730704E52C7D2F8D061B6D40788D3F92F490A5A2F9F01E71C3CD959CA6E7 ] CyberLink PowerDVD 11.0 Service C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
20:36:17.0306 0x0ff0  CyberLink PowerDVD 11.0 Service - ok
20:36:17.0360 0x0ff0  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:36:17.0386 0x0ff0  DcomLaunch - ok
20:36:17.0397 0x0ff0  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:36:17.0401 0x0ff0  DfsC - ok
20:36:17.0493 0x0ff0  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
20:36:17.0567 0x0ff0  DFSR - ok
20:36:17.0597 0x0ff0  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:36:17.0606 0x0ff0  Dhcp - ok
20:36:17.0649 0x0ff0  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
20:36:17.0653 0x0ff0  disk - ok
20:36:17.0676 0x0ff0  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:36:17.0680 0x0ff0  Dnscache - ok
20:36:17.0699 0x0ff0  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
20:36:17.0706 0x0ff0  dot3svc - ok
20:36:17.0757 0x0ff0  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
20:36:17.0763 0x0ff0  DPS - ok
20:36:17.0810 0x0ff0  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:36:17.0812 0x0ff0  drmkaud - ok
20:36:17.0847 0x0ff0  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:36:17.0872 0x0ff0  DXGKrnl - ok
20:36:17.0895 0x0ff0  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:36:17.0901 0x0ff0  E1G60 - ok
20:36:17.0919 0x0ff0  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
20:36:17.0922 0x0ff0  EapHost - ok
20:36:17.0942 0x0ff0  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:36:17.0960 0x0ff0  Ecache - ok
20:36:18.0043 0x0ff0  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:36:18.0060 0x0ff0  ehRecvr - ok
20:36:18.0074 0x0ff0  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
20:36:18.0079 0x0ff0  ehSched - ok
20:36:18.0084 0x0ff0  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
20:36:18.0086 0x0ff0  ehstart - ok
20:36:18.0116 0x0ff0  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:36:18.0133 0x0ff0  elxstor - ok
20:36:18.0167 0x0ff0  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:36:18.0192 0x0ff0  EMDMgmt - ok
20:36:18.0203 0x0ff0  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:36:18.0206 0x0ff0  ErrDev - ok
20:36:18.0241 0x0ff0  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
20:36:18.0251 0x0ff0  EventSystem - ok
20:36:18.0270 0x0ff0  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:36:18.0276 0x0ff0  exfat - ok
20:36:18.0296 0x0ff0  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:36:18.0302 0x0ff0  fastfat - ok
20:36:18.0307 0x0ff0  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:36:18.0309 0x0ff0  fdc - ok
20:36:18.0320 0x0ff0  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
20:36:18.0321 0x0ff0  fdPHost - ok
20:36:18.0332 0x0ff0  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:36:18.0334 0x0ff0  FDResPub - ok
20:36:18.0345 0x0ff0  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:36:18.0349 0x0ff0  FileInfo - ok
20:36:18.0362 0x0ff0  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:36:18.0364 0x0ff0  Filetrace - ok
20:36:18.0447 0x0ff0  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:36:18.0472 0x0ff0  FLEXnet Licensing Service - ok
20:36:18.0479 0x0ff0  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:36:18.0481 0x0ff0  flpydisk - ok
20:36:18.0498 0x0ff0  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:36:18.0505 0x0ff0  FltMgr - ok
20:36:18.0542 0x0ff0  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
20:36:18.0576 0x0ff0  FontCache - ok
20:36:18.0642 0x0ff0  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:36:18.0646 0x0ff0  FontCache3.0.0.0 - ok
20:36:18.0691 0x0ff0  [ B0082808A6856A252F7CDD939892CE50, 3A069239629C4F54049A2CFC6642AC5102ECEAA74470BAA9DDB1AB108D1060EE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
20:36:18.0694 0x0ff0  fssfltr - ok
20:36:18.0795 0x0ff0  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:36:18.0846 0x0ff0  fsssvc - ok
20:36:18.0893 0x0ff0  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:36:18.0895 0x0ff0  Fs_Rec - ok
20:36:18.0906 0x0ff0  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:36:18.0909 0x0ff0  gagp30kx - ok
20:36:18.0944 0x0ff0  [ E99CF7AD8704278B7C8A8FB84BE4B3B6, F269C385513903385FDADC0E57325234062CF790484ADEFF206B20DEAFC69952 ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
20:36:18.0954 0x0ff0  Garmin Core Update Service - ok
20:36:18.0983 0x0ff0  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:36:18.0986 0x0ff0  GEARAspiWDM - ok
20:36:18.0989 0x0ff0  GMSIPCI - ok
20:36:19.0017 0x0ff0  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
20:36:19.0042 0x0ff0  gpsvc - ok
20:36:19.0119 0x0ff0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:36:19.0124 0x0ff0  gupdate - ok
20:36:19.0130 0x0ff0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:36:19.0133 0x0ff0  gupdatem - ok
20:36:19.0158 0x0ff0  [ 3B5CA8EB6748D234F117AB203491F6F9, C554FC454214599831FB73448A0044ED145CB19B8F3008A78448B25145AEDA6E ] gzflt           C:\Windows\system32\DRIVERS\gzflt.sys
20:36:19.0166 0x0ff0  gzflt - ok
20:36:19.0205 0x0ff0  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:36:19.0214 0x0ff0  HdAudAddService - ok
20:36:19.0269 0x0ff0  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:36:19.0295 0x0ff0  HDAudBus - ok
20:36:19.0309 0x0ff0  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:36:19.0312 0x0ff0  HidBth - ok
20:36:19.0328 0x0ff0  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:36:19.0370 0x0ff0  HidIr - ok
20:36:19.0376 0x0ff0  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
20:36:19.0378 0x0ff0  hidserv - ok
20:36:19.0392 0x0ff0  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:36:19.0395 0x0ff0  HidUsb - ok
20:36:19.0462 0x0ff0  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:36:19.0467 0x0ff0  hkmsvc - ok
20:36:19.0492 0x0ff0  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:36:19.0495 0x0ff0  HpCISSs - ok
20:36:19.0542 0x0ff0  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:36:19.0559 0x0ff0  HTTP - ok
20:36:19.0582 0x0ff0  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:36:19.0584 0x0ff0  i2omp - ok
20:36:19.0601 0x0ff0  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:36:19.0604 0x0ff0  i8042prt - ok
20:36:19.0625 0x0ff0  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:36:19.0635 0x0ff0  iaStorV - ok
20:36:19.0690 0x0ff0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:36:19.0695 0x0ff0  IDriverT - ok
20:36:19.0762 0x0ff0  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:36:19.0797 0x0ff0  idsvc - ok
20:36:19.0816 0x0ff0  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:36:19.0819 0x0ff0  iirsp - ok
20:36:19.0860 0x0ff0  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:36:19.0878 0x0ff0  IKEEXT - ok
20:36:19.0969 0x0ff0  [ 8B27C21412AE4404EB0ACFE1D98579EC, 64D7001C533D8210BB5A80B06581F0585F3B049AC9B07087130BCB6DC89AB5E2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:36:20.0046 0x0ff0  IntcAzAudAddService - ok
20:36:20.0063 0x0ff0  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
20:36:20.0066 0x0ff0  intelide - ok
20:36:20.0080 0x0ff0  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:36:20.0083 0x0ff0  intelppm - ok
20:36:20.0102 0x0ff0  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:36:20.0106 0x0ff0  IPBusEnum - ok
20:36:20.0128 0x0ff0  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:36:20.0131 0x0ff0  IpFilterDriver - ok
20:36:20.0163 0x0ff0  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:36:20.0172 0x0ff0  iphlpsvc - ok
20:36:20.0176 0x0ff0  IpInIp - ok
20:36:20.0189 0x0ff0  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:36:20.0193 0x0ff0  IPMIDRV - ok
20:36:20.0212 0x0ff0  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:36:20.0217 0x0ff0  IPNAT - ok
20:36:20.0273 0x0ff0  [ C00149A7027081539A66DC5A46695EAD, 51F01CD6B37BA52B3D4DC9CAE3A9FBDDB2FA6FB6A9E779C9157BB056CEC3BEC9 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:36:20.0298 0x0ff0  iPod Service - ok
20:36:20.0310 0x0ff0  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:36:20.0312 0x0ff0  IRENUM - ok
20:36:20.0327 0x0ff0  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:36:20.0330 0x0ff0  isapnp - ok
20:36:20.0353 0x0ff0  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:36:20.0410 0x0ff0  iScsiPrt - ok
20:36:20.0425 0x0ff0  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:36:20.0428 0x0ff0  iteatapi - ok
20:36:20.0442 0x0ff0  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:36:20.0445 0x0ff0  iteraid - ok
20:36:20.0450 0x0ff0  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:36:20.0452 0x0ff0  kbdclass - ok
20:36:20.0468 0x0ff0  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:36:20.0470 0x0ff0  kbdhid - ok
20:36:20.0504 0x0ff0  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
20:36:20.0507 0x0ff0  KeyIso - ok
20:36:20.0531 0x0ff0  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:36:20.0557 0x0ff0  KSecDD - ok
20:36:20.0610 0x0ff0  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:36:20.0627 0x0ff0  KtmRm - ok
20:36:20.0646 0x0ff0  [ 24ABDDEB766C8459F9D562EB083B6CB8, A27768F801425ECD405A2E8A77FC2C686405ED832FB6EE52251CCD9437FCA3AB ] L1E             C:\Windows\system32\DRIVERS\L1E60x86.sys
20:36:20.0649 0x0ff0  L1E - ok
20:36:20.0688 0x0ff0  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:36:20.0696 0x0ff0  LanmanServer - ok
20:36:20.0739 0x0ff0  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:36:20.0747 0x0ff0  LanmanWorkstation - ok
20:36:20.0761 0x0ff0  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:36:20.0764 0x0ff0  lltdio - ok
20:36:20.0811 0x0ff0  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:36:20.0820 0x0ff0  lltdsvc - ok
20:36:20.0834 0x0ff0  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:36:20.0837 0x0ff0  lmhosts - ok
20:36:20.0856 0x0ff0  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:36:20.0876 0x0ff0  LSI_FC - ok
20:36:20.0897 0x0ff0  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:36:20.0902 0x0ff0  LSI_SAS - ok
20:36:20.0930 0x0ff0  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:36:20.0935 0x0ff0  LSI_SCSI - ok
20:36:20.0953 0x0ff0  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:36:20.0957 0x0ff0  luafv - ok
20:36:21.0003 0x0ff0  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:36:21.0007 0x0ff0  Mcx2Svc - ok
20:36:21.0022 0x0ff0  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
20:36:21.0025 0x0ff0  megasas - ok
20:36:21.0055 0x0ff0  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:36:21.0072 0x0ff0  MegaSR - ok
20:36:21.0302 0x0ff0  [ E05695621CC466224A178A1498C83414, 8D5F266703766F4557BFC867AC7A2F07B58C68198C2E9A602EDC16A1A1C6B509 ] Mezzmo          C:\Program Files\Conceiva\Mezzmo\MezzmoMediaServer.exe
20:36:21.0447 0x0ff0  Mezzmo - ok
20:36:21.0507 0x0ff0  [ C1D0809A396E12157007FFD58D651EF0, DFE7DF2129FA1F8BB4B1A263474E8B6BB02F36069485AFA6188293454A4DD569 ] mf              C:\Windows\system32\DRIVERS\mf.sys
20:36:21.0512 0x0ff0  mf - ok
20:36:21.0568 0x0ff0  Microsoft SharePoint Workspace Audit Service - ok
20:36:21.0576 0x0ff0  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
20:36:21.0580 0x0ff0  MMCSS - ok
20:36:21.0587 0x0ff0  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
20:36:21.0590 0x0ff0  Modem - ok
20:36:21.0601 0x0ff0  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:36:21.0604 0x0ff0  monitor - ok
20:36:21.0615 0x0ff0  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:36:21.0618 0x0ff0  mouclass - ok
20:36:21.0624 0x0ff0  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:36:21.0626 0x0ff0  mouhid - ok
20:36:21.0636 0x0ff0  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:36:21.0639 0x0ff0  MountMgr - ok
20:36:21.0695 0x0ff0  [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:36:21.0701 0x0ff0  MozillaMaintenance - ok
20:36:21.0728 0x0ff0  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:36:21.0734 0x0ff0  mpio - ok
20:36:21.0752 0x0ff0  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:36:21.0756 0x0ff0  mpsdrv - ok
20:36:21.0811 0x0ff0  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:36:21.0829 0x0ff0  MpsSvc - ok
20:36:21.0837 0x0ff0  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:36:21.0840 0x0ff0  Mraid35x - ok
20:36:21.0878 0x0ff0  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:36:21.0884 0x0ff0  MRxDAV - ok
20:36:21.0891 0x0ff0  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:36:21.0895 0x0ff0  mrxsmb - ok
20:36:21.0916 0x0ff0  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:36:21.0924 0x0ff0  mrxsmb10 - ok
20:36:21.0938 0x0ff0  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:36:21.0942 0x0ff0  mrxsmb20 - ok
20:36:21.0956 0x0ff0  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:36:21.0959 0x0ff0  msahci - ok
20:36:21.0981 0x0ff0  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:36:21.0986 0x0ff0  msdsm - ok
20:36:22.0006 0x0ff0  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
20:36:22.0012 0x0ff0  MSDTC - ok
20:36:22.0028 0x0ff0  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:36:22.0030 0x0ff0  Msfs - ok
20:36:22.0036 0x0ff0  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:36:22.0038 0x0ff0  msisadrv - ok
20:36:22.0077 0x0ff0  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:36:22.0084 0x0ff0  MSiSCSI - ok
20:36:22.0088 0x0ff0  msiserver - ok
20:36:22.0098 0x0ff0  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:36:22.0100 0x0ff0  MSKSSRV - ok
20:36:22.0109 0x0ff0  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:36:22.0111 0x0ff0  MSPCLOCK - ok
20:36:22.0124 0x0ff0  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:36:22.0126 0x0ff0  MSPQM - ok
20:36:22.0167 0x0ff0  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:36:22.0174 0x0ff0  MsRPC - ok
20:36:22.0185 0x0ff0  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:36:22.0187 0x0ff0  mssmbios - ok
20:36:22.0191 0x0ff0  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:36:22.0193 0x0ff0  MSTEE - ok
20:36:22.0210 0x0ff0  [ DCDAAB8697A47894A554050CE18D0B56, 32F08D9B2890DD01B56043CAB74B4D948E09E5A92B15C4F99160416B1CBEC3A0 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
20:36:22.0212 0x0ff0  MTsensor - ok
20:36:22.0218 0x0ff0  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:36:22.0220 0x0ff0  Mup - ok
20:36:22.0259 0x0ff0  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
20:36:22.0276 0x0ff0  napagent - ok
20:36:22.0333 0x0ff0  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:36:22.0339 0x0ff0  NativeWifiP - ok
20:36:22.0377 0x0ff0  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:36:22.0402 0x0ff0  NDIS - ok
20:36:22.0414 0x0ff0  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:36:22.0417 0x0ff0  NdisTapi - ok
20:36:22.0423 0x0ff0  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:36:22.0425 0x0ff0  Ndisuio - ok
20:36:22.0440 0x0ff0  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:36:22.0446 0x0ff0  NdisWan - ok
20:36:22.0454 0x0ff0  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:36:22.0457 0x0ff0  NDProxy - ok
20:36:22.0583 0x0ff0  [ 6D4028D458EAAA1782099750790DC8C9, 0D863A61D049235D5BBEC998185814B798674AD861DEBF0C903D28E310CE2768 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
20:36:22.0617 0x0ff0  Nero BackItUp Scheduler 3 - ok
20:36:22.0685 0x0ff0  [ 181F23B0B9E5A003E3E4538EE252F870, 3738F8C881FA7F0A588630B2A5DBA42247290AE665168C865E17E441F0F0BC13 ] NeroMediaHomeService.4 C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
20:36:22.0719 0x0ff0  NeroMediaHomeService.4 - ok
20:36:22.0732 0x0ff0  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:36:22.0735 0x0ff0  NetBIOS - ok
20:36:22.0751 0x0ff0  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:36:22.0758 0x0ff0  netbt - ok
20:36:22.0770 0x0ff0  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
20:36:22.0773 0x0ff0  Netlogon - ok
20:36:22.0814 0x0ff0  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
20:36:22.0831 0x0ff0  Netman - ok
20:36:22.0860 0x0ff0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:36:22.0886 0x0ff0  NetMsmqActivator - ok
20:36:22.0893 0x0ff0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:36:22.0897 0x0ff0  NetPipeActivator - ok
20:36:22.0912 0x0ff0  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
20:36:22.0922 0x0ff0  netprofm - ok
20:36:22.0929 0x0ff0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:36:22.0933 0x0ff0  NetTcpActivator - ok
20:36:22.0941 0x0ff0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:36:22.0944 0x0ff0  NetTcpPortSharing - ok
20:36:22.0960 0x0ff0  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:36:22.0963 0x0ff0  nfrd960 - ok
20:36:22.0979 0x0ff0  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:36:22.0987 0x0ff0  NlaSvc - ok
20:36:23.0045 0x0ff0  [ FF4D73B16EA3A32D34CEB3A7BC3C3773, 373A17D3885AE6F4405940EA0FA1200A4536F2B38D4421D1162D54981213237B ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
20:36:23.0063 0x0ff0  NMIndexingService - ok
20:36:23.0081 0x0ff0  [ B7FCD3C47CE49AC279F6B5D1874D7432, F0209EA4E7B093FEC9550AFCD0D9D68E9D537EC1FFBC4974F210E6376EB1FFEA ] NmPar           C:\Windows\system32\DRIVERS\NmPar.sys
20:36:23.0085 0x0ff0  NmPar - ok
20:36:23.0106 0x0ff0  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:36:23.0109 0x0ff0  Npfs - ok
20:36:23.0119 0x0ff0  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
20:36:23.0122 0x0ff0  nsi - ok
20:36:23.0132 0x0ff0  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:36:23.0135 0x0ff0  nsiproxy - ok
20:36:23.0138 0x0ff0  NTACCESS - ok
20:36:23.0180 0x0ff0  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:36:23.0222 0x0ff0  Ntfs - ok
20:36:23.0264 0x0ff0  [ 170EE229D4DEF31DBE95348C9A88FE74, EB416066543CBEE991698E18E1EE058696B1D650837279F1BF33C29C19A6CE6B ] ntk_PowerDVD    C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys
20:36:23.0268 0x0ff0  ntk_PowerDVD - ok
20:36:23.0277 0x0ff0  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:36:23.0280 0x0ff0  ntrigdigi - ok
20:36:23.0320 0x0ff0  [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
20:36:23.0322 0x0ff0  NuidFltr - ok
20:36:23.0336 0x0ff0  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
20:36:23.0338 0x0ff0  Null - ok
20:36:23.0360 0x0ff0  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:36:23.0365 0x0ff0  nvraid - ok
20:36:23.0386 0x0ff0  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:36:23.0389 0x0ff0  nvstor - ok
20:36:23.0404 0x0ff0  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:36:23.0409 0x0ff0  nv_agp - ok
20:36:23.0413 0x0ff0  NwlnkFlt - ok
20:36:23.0416 0x0ff0  NwlnkFwd - ok
20:36:23.0468 0x0ff0  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:36:23.0472 0x0ff0  ohci1394 - ok
20:36:23.0561 0x0ff0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:36:23.0568 0x0ff0  ose - ok
20:36:23.0790 0x0ff0  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:36:23.0933 0x0ff0  osppsvc - ok
20:36:24.0000 0x0ff0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:36:24.0026 0x0ff0  p2pimsvc - ok
20:36:24.0050 0x0ff0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:36:24.0063 0x0ff0  p2psvc - ok
20:36:24.0071 0x0ff0  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
20:36:24.0074 0x0ff0  Parport - ok
20:36:24.0097 0x0ff0  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:36:24.0100 0x0ff0  partmgr - ok
20:36:24.0117 0x0ff0  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:36:24.0118 0x0ff0  Parvdm - ok
20:36:24.0155 0x0ff0  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:36:24.0159 0x0ff0  PcaSvc - ok
20:36:24.0201 0x0ff0  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
20:36:24.0207 0x0ff0  pci - ok
20:36:24.0216 0x0ff0  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
20:36:24.0218 0x0ff0  pciide - ok
20:36:24.0232 0x0ff0  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:36:24.0239 0x0ff0  pcmcia - ok
20:36:24.0277 0x0ff0  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:36:24.0311 0x0ff0  PEAUTH - ok
20:36:24.0371 0x0ff0  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
20:36:24.0456 0x0ff0  pla - ok
20:36:24.0484 0x0ff0  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:36:24.0493 0x0ff0  PlugPlay - ok
20:36:24.0526 0x0ff0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:36:24.0552 0x0ff0  PNRPAutoReg - ok
20:36:24.0585 0x0ff0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:36:24.0600 0x0ff0  PNRPsvc - ok
20:36:24.0646 0x0ff0  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:36:24.0663 0x0ff0  PolicyAgent - ok
20:36:24.0676 0x0ff0  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:36:24.0680 0x0ff0  PptpMiniport - ok
20:36:24.0692 0x0ff0  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
20:36:24.0695 0x0ff0  Processor - ok
20:36:24.0737 0x0ff0  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
20:36:24.0744 0x0ff0  ProfSvc - ok
20:36:24.0752 0x0ff0  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
20:36:24.0754 0x0ff0  ProtectedStorage - ok
20:36:24.0764 0x0ff0  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:36:24.0767 0x0ff0  PSched - ok
20:36:24.0821 0x0ff0  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:36:24.0863 0x0ff0  ql2300 - ok
20:36:24.0886 0x0ff0  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:36:24.0891 0x0ff0  ql40xx - ok
20:36:24.0914 0x0ff0  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
20:36:24.0925 0x0ff0  QWAVE - ok
20:36:24.0933 0x0ff0  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:36:24.0936 0x0ff0  QWAVEdrv - ok
20:36:24.0940 0x0ff0  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:36:24.0942 0x0ff0  RasAcd - ok
20:36:24.0957 0x0ff0  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
20:36:24.0963 0x0ff0  RasAuto - ok
20:36:24.0969 0x0ff0  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:36:24.0973 0x0ff0  Rasl2tp - ok
20:36:24.0989 0x0ff0  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
20:36:25.0006 0x0ff0  RasMan - ok
20:36:25.0017 0x0ff0  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:36:25.0020 0x0ff0  RasPppoe - ok
20:36:25.0028 0x0ff0  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:36:25.0032 0x0ff0  RasSstp - ok
20:36:25.0051 0x0ff0  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:36:25.0068 0x0ff0  rdbss - ok
20:36:25.0074 0x0ff0  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:36:25.0077 0x0ff0  RDPCDD - ok
20:36:25.0101 0x0ff0  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:36:25.0111 0x0ff0  rdpdr - ok
20:36:25.0116 0x0ff0  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:36:25.0117 0x0ff0  RDPENCDD - ok
20:36:25.0142 0x0ff0  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:36:25.0150 0x0ff0  RDPWD - ok
20:36:25.0202 0x0ff0  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:36:25.0208 0x0ff0  RemoteAccess - ok
20:36:25.0217 0x0ff0  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:36:25.0223 0x0ff0  RemoteRegistry - ok
20:36:25.0267 0x0ff0  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
20:36:25.0270 0x0ff0  RpcLocator - ok
20:36:25.0298 0x0ff0  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
20:36:25.0311 0x0ff0  RpcSs - ok
20:36:25.0322 0x0ff0  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:36:25.0326 0x0ff0  rspndr - ok
20:36:25.0427 0x0ff0  [ 49AC49B19EA403FC5FBB2EFFC7AB09C1, B533CE1556287340EE619A8573D381ADC05B3E7A7205D4977AF5FE7F77209C75 ] SafeBox         C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
20:36:25.0431 0x0ff0  SafeBox - ok
20:36:25.0435 0x0ff0  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
20:36:25.0437 0x0ff0  SamSs - ok
20:36:25.0454 0x0ff0  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:36:25.0458 0x0ff0  sbp2port - ok
20:36:25.0476 0x0ff0  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:36:25.0482 0x0ff0  SCardSvr - ok
20:36:25.0539 0x0ff0  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
20:36:25.0565 0x0ff0  Schedule - ok
20:36:25.0606 0x0ff0  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:36:25.0608 0x0ff0  SCPolicySvc - ok
20:36:25.0664 0x0ff0  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:36:25.0670 0x0ff0  SDRSVC - ok
20:36:25.0680 0x0ff0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:36:25.0683 0x0ff0  secdrv - ok
20:36:25.0695 0x0ff0  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
20:36:25.0700 0x0ff0  seclogon - ok
20:36:25.0709 0x0ff0  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
20:36:25.0713 0x0ff0  SENS - ok
20:36:25.0750 0x0ff0  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:36:25.0753 0x0ff0  Serenum - ok
20:36:25.0771 0x0ff0  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:36:25.0775 0x0ff0  Serial - ok
20:36:25.0819 0x0ff0  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:36:25.0822 0x0ff0  sermouse - ok
20:36:25.0840 0x0ff0  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:36:25.0846 0x0ff0  SessionEnv - ok
20:36:25.0856 0x0ff0  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:36:25.0859 0x0ff0  sffdisk - ok
20:36:25.0866 0x0ff0  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:36:25.0869 0x0ff0  sffp_mmc - ok
20:36:25.0878 0x0ff0  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:36:25.0880 0x0ff0  sffp_sd - ok
20:36:25.0888 0x0ff0  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:36:25.0890 0x0ff0  sfloppy - ok
20:36:25.0936 0x0ff0  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:36:25.0953 0x0ff0  SharedAccess - ok
20:36:25.0998 0x0ff0  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:36:26.0009 0x0ff0  ShellHWDetection - ok
20:36:26.0028 0x0ff0  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:36:26.0032 0x0ff0  sisagp - ok
20:36:26.0044 0x0ff0  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:36:26.0047 0x0ff0  SiSRaid2 - ok
20:36:26.0059 0x0ff0  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:36:26.0063 0x0ff0  SiSRaid4 - ok
20:36:26.0198 0x0ff0  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
20:36:26.0307 0x0ff0  slsvc - ok
20:36:26.0333 0x0ff0  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:36:26.0338 0x0ff0  SLUINotify - ok
20:36:26.0343 0x0ff0  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:36:26.0346 0x0ff0  Smb - ok
20:36:26.0385 0x0ff0  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:36:26.0387 0x0ff0  SNMPTRAP - ok
20:36:26.0421 0x0ff0  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:36:26.0423 0x0ff0  spldr - ok
20:36:26.0453 0x0ff0  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
20:36:26.0459 0x0ff0  Spooler - ok
20:36:26.0501 0x0ff0  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:36:26.0518 0x0ff0  srv - ok
20:36:26.0565 0x0ff0  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:36:26.0572 0x0ff0  srv2 - ok
20:36:26.0610 0x0ff0  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:36:26.0616 0x0ff0  srvnet - ok
20:36:26.0632 0x0ff0  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:36:26.0639 0x0ff0  SSDPSRV - ok
20:36:26.0663 0x0ff0  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:36:26.0670 0x0ff0  SstpSvc - ok
20:36:26.0695 0x0ff0  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
20:36:26.0721 0x0ff0  stisvc - ok
20:36:26.0730 0x0ff0  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:36:26.0732 0x0ff0  swenum - ok
20:36:26.0754 0x0ff0  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
20:36:26.0771 0x0ff0  swprv - ok
20:36:26.0781 0x0ff0  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:36:26.0784 0x0ff0  Symc8xx - ok
20:36:26.0795 0x0ff0  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:36:26.0797 0x0ff0  Sym_hi - ok
20:36:26.0814 0x0ff0  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:36:26.0817 0x0ff0  Sym_u3 - ok
20:36:26.0845 0x0ff0  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
20:36:26.0871 0x0ff0  SysMain - ok
20:36:26.0885 0x0ff0  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:36:26.0891 0x0ff0  TabletInputService - ok
20:36:26.0915 0x0ff0  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:36:26.0924 0x0ff0  TapiSrv - ok
20:36:26.0945 0x0ff0  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
20:36:26.0949 0x0ff0  TBS - ok
20:36:26.0986 0x0ff0  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:36:27.0020 0x0ff0  Tcpip - ok
20:36:27.0053 0x0ff0  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:36:27.0070 0x0ff0  Tcpip6 - ok
20:36:27.0107 0x0ff0  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:36:27.0110 0x0ff0  tcpipreg - ok
20:36:27.0121 0x0ff0  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:36:27.0123 0x0ff0  TDPIPE - ok
20:36:27.0132 0x0ff0  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:36:27.0134 0x0ff0  TDTCP - ok
20:36:27.0169 0x0ff0  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:36:27.0174 0x0ff0  tdx - ok
20:36:27.0187 0x0ff0  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:36:27.0190 0x0ff0  TermDD - ok
20:36:27.0209 0x0ff0  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
20:36:27.0226 0x0ff0  TermService - ok
20:36:27.0236 0x0ff0  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
20:36:27.0246 0x0ff0  Themes - ok
20:36:27.0256 0x0ff0  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
20:36:27.0260 0x0ff0  THREADORDER - ok
20:36:27.0276 0x0ff0  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
20:36:27.0281 0x0ff0  TrkWks - ok
20:36:27.0309 0x0ff0  [ 130AFD0E373F22A6320B60FEBB7E8D56, 58818F2F6674180E9A6A29BF17255678B5F3E76E9787A62CAEEFEA5D90F508C8 ] trufos          C:\Windows\system32\DRIVERS\trufos.sys
20:36:27.0326 0x0ff0  trufos - ok
20:36:27.0399 0x0ff0  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:36:27.0402 0x0ff0  TrustedInstaller - ok
20:36:27.0426 0x0ff0  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:36:27.0429 0x0ff0  tssecsrv - ok
20:36:27.0437 0x0ff0  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:36:27.0439 0x0ff0  tunmp - ok
20:36:27.0470 0x0ff0  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:36:27.0473 0x0ff0  tunnel - ok
20:36:27.0491 0x0ff0  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:36:27.0495 0x0ff0  uagp35 - ok
20:36:27.0521 0x0ff0  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:36:27.0530 0x0ff0  udfs - ok
20:36:27.0569 0x0ff0  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:36:27.0573 0x0ff0  UI0Detect - ok
20:36:27.0627 0x0ff0  [ F13DA74969897359A88F2A739F54A250, 647CDD8D5150A92EB2F250C1A1C5ED75C3B097369D879477FAD54DBA20A8843E ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
20:36:27.0630 0x0ff0  UleadBurningHelper - ok
20:36:27.0669 0x0ff0  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:36:27.0673 0x0ff0  uliagpkx - ok
20:36:27.0692 0x0ff0  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:36:27.0702 0x0ff0  uliahci - ok
20:36:27.0719 0x0ff0  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:36:27.0724 0x0ff0  UlSata - ok
20:36:27.0738 0x0ff0  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:36:27.0744 0x0ff0  ulsata2 - ok
20:36:27.0756 0x0ff0  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:36:27.0759 0x0ff0  umbus - ok
20:36:27.0789 0x0ff0  [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
20:36:27.0791 0x0ff0  UnlockerDriver5 - ok
20:36:27.0838 0x0ff0  [ 693284363914C14E4C91A7660894B3D5, A7D402C767E535EDE2FF9A95A0069F2FF1D1A07FF5A703A796FFDF97F0A3A26C ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
20:36:27.0841 0x0ff0  UPDATESRV - ok
20:36:27.0872 0x0ff0  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
20:36:27.0883 0x0ff0  upnphost - ok
20:36:27.0921 0x0ff0  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:36:27.0924 0x0ff0  USBAAPL - ok
20:36:27.0957 0x0ff0  [ 8BD3AE150D97BA4E633C6C5C51B41AE1, 6B529901B0311197CB67B9D9A2DED7D79B820F66E75BEF0FA912EFE50F941217 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
20:36:27.0962 0x0ff0  usbccgp - ok
20:36:27.0976 0x0ff0  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:36:27.0980 0x0ff0  usbcir - ok
20:36:28.0003 0x0ff0  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:36:28.0006 0x0ff0  usbehci - ok
20:36:28.0018 0x0ff0  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:36:28.0027 0x0ff0  usbhub - ok
20:36:28.0037 0x0ff0  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:36:28.0040 0x0ff0  usbohci - ok
20:36:28.0054 0x0ff0  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:36:28.0056 0x0ff0  usbprint - ok
20:36:28.0093 0x0ff0  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:36:28.0097 0x0ff0  USBSTOR - ok
20:36:28.0119 0x0ff0  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:36:28.0121 0x0ff0  usbuhci - ok
20:36:28.0132 0x0ff0  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
20:36:28.0135 0x0ff0  UxSms - ok
20:36:28.0161 0x0ff0  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
20:36:28.0178 0x0ff0  vds - ok
20:36:28.0199 0x0ff0  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:36:28.0201 0x0ff0  vga - ok
20:36:28.0221 0x0ff0  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:36:28.0223 0x0ff0  VgaSave - ok
20:36:28.0236 0x0ff0  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:36:28.0240 0x0ff0  viaagp - ok
20:36:28.0251 0x0ff0  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:36:28.0254 0x0ff0  ViaC7 - ok
20:36:28.0263 0x0ff0  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
20:36:28.0266 0x0ff0  viaide - ok
20:36:28.0283 0x0ff0  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:36:28.0286 0x0ff0  volmgr - ok
20:36:28.0304 0x0ff0  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:36:28.0321 0x0ff0  volmgrx - ok
20:36:28.0367 0x0ff0  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:36:28.0400 0x0ff0  volsnap - ok
20:36:28.0423 0x0ff0  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:36:28.0430 0x0ff0  vsmraid - ok
20:36:28.0476 0x0ff0  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
20:36:28.0518 0x0ff0  VSS - ok
20:36:28.0569 0x0ff0  [ 7F2027D66BED06573D00E32CB54CCAD0, CAA5EB4D697C54035952E47DC30FB6A83B05F4CED6D901DEEDDDC5328924B760 ] VSSERV          C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
20:36:28.0612 0x0ff0  VSSERV - ok
20:36:28.0628 0x0ff0  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
20:36:28.0639 0x0ff0  W32Time - ok
20:36:28.0658 0x0ff0  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:36:28.0661 0x0ff0  WacomPen - ok
20:36:28.0673 0x0ff0  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:36:28.0676 0x0ff0  Wanarp - ok
20:36:28.0681 0x0ff0  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:36:28.0683 0x0ff0  Wanarpv6 - ok
20:36:28.0702 0x0ff0  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:36:28.0720 0x0ff0  wcncsvc - ok
20:36:28.0734 0x0ff0  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:36:28.0739 0x0ff0  WcsPlugInService - ok
20:36:28.0755 0x0ff0  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
20:36:28.0758 0x0ff0  Wd - ok
20:36:28.0784 0x0ff0  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:36:28.0835 0x0ff0  Wdf01000 - ok
20:36:28.0855 0x0ff0  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:36:28.0861 0x0ff0  WdiServiceHost - ok
20:36:28.0865 0x0ff0  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:36:28.0869 0x0ff0  WdiSystemHost - ok
20:36:28.0889 0x0ff0  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
20:36:28.0898 0x0ff0  WebClient - ok
20:36:28.0945 0x0ff0  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:36:28.0953 0x0ff0  Wecsvc - ok
20:36:28.0966 0x0ff0  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:36:28.0971 0x0ff0  wercplsupport - ok
20:36:28.0986 0x0ff0  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:36:28.0993 0x0ff0  WerSvc - ok
20:36:29.0078 0x0ff0  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:36:29.0089 0x0ff0  WinDefend - ok
20:36:29.0095 0x0ff0  WinHttpAutoProxySvc - ok
20:36:29.0146 0x0ff0  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:36:29.0153 0x0ff0  Winmgmt - ok
20:36:29.0229 0x0ff0  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:36:29.0271 0x0ff0  WinRM - ok
20:36:29.0314 0x0ff0  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:36:29.0333 0x0ff0  Wlansvc - ok
20:36:29.0470 0x0ff0  [ FB01D4AE207B9EFDBABFC55DC95C7E31, E0EFDBBE0BAC275230C8C1A053948C21BCF20B99B92E50939E95FFB9DC87F6BA ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:36:29.0545 0x0ff0  wlidsvc - ok
20:36:29.0561 0x0ff0  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:36:29.0563 0x0ff0  WmiAcpi - ok
20:36:29.0582 0x0ff0  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:36:29.0588 0x0ff0  wmiApSrv - ok
20:36:29.0628 0x0ff0  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:36:29.0662 0x0ff0  WMPNetworkSvc - ok
20:36:29.0681 0x0ff0  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:36:29.0689 0x0ff0  WPCSvc - ok
20:36:29.0733 0x0ff0  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:36:29.0739 0x0ff0  WPDBusEnum - ok
20:36:29.0758 0x0ff0  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:36:29.0761 0x0ff0  WpdUsb - ok
20:36:29.0831 0x0ff0  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:36:29.0865 0x0ff0  WPFFontCache_v0400 - ok
20:36:29.0879 0x0ff0  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:36:29.0881 0x0ff0  ws2ifsl - ok
20:36:29.0892 0x0ff0  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:36:29.0897 0x0ff0  wscsvc - ok
20:36:29.0900 0x0ff0  WSearch - ok
20:36:29.0991 0x0ff0  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:36:30.0058 0x0ff0  wuauserv - ok
20:36:30.0101 0x0ff0  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:36:30.0103 0x0ff0  WudfPf - ok
20:36:30.0116 0x0ff0  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:36:30.0138 0x0ff0  WUDFRd - ok
20:36:30.0169 0x0ff0  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:36:30.0175 0x0ff0  wudfsvc - ok
20:36:30.0262 0x0ff0  [ 3CB263CF60B253BEAD6E0205E1FA5669, 2BE90700FBB6DACBAE600065F1F364828DC91036F9A7EAB5156B9BDC6DF398A9 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
20:36:30.0267 0x0ff0  {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
20:36:30.0270 0x0ff0  ================ Scan global ===============================
20:36:30.0315 0x0ff0  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
20:36:30.0364 0x0ff0  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:36:30.0421 0x0ff0  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:36:30.0475 0x0ff0  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
20:36:30.0492 0x0ff0  [ Global ] - ok
20:36:30.0492 0x0ff0  ================ Scan MBR ==================================
20:36:30.0495 0x0ff0  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk3\DR3
20:36:30.0521 0x0ff0  \Device\Harddisk3\DR3 - ok
20:36:30.0529 0x0ff0  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:36:30.0908 0x0ff0  \Device\Harddisk0\DR0 - ok
20:36:30.0921 0x0ff0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:36:30.0927 0x0ff0  \Device\Harddisk1\DR1 - ok
20:36:30.0929 0x0ff0  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
20:36:30.0935 0x0ff0  \Device\Harddisk2\DR2 - ok
20:36:30.0966 0x0ff0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
20:36:30.0973 0x0ff0  \Device\Harddisk5\DR5 - ok
20:36:30.0977 0x0ff0  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk6\DR6
20:36:30.0982 0x0ff0  \Device\Harddisk6\DR6 - ok
20:36:30.0982 0x0ff0  ================ Scan VBR ==================================
20:36:30.0984 0x0ff0  [ 4C199B7BE70D26B2C9F0FA9E28E37FF6 ] \Device\Harddisk3\DR3\Partition1
20:36:30.0985 0x0ff0  \Device\Harddisk3\DR3\Partition1 - ok
20:36:30.0987 0x0ff0  [ 5114FEE379CCB95058C7415248938541 ] \Device\Harddisk0\DR0\Partition1
20:36:30.0989 0x0ff0  \Device\Harddisk0\DR0\Partition1 - ok
20:36:30.0991 0x0ff0  [ 9BF79F9FAC92BD07FF02349CA34B1744 ] \Device\Harddisk1\DR1\Partition1
20:36:30.0992 0x0ff0  \Device\Harddisk1\DR1\Partition1 - ok
20:36:30.0994 0x0ff0  [ 4159940CB13A7B58F8466A1B5F6893BA ] \Device\Harddisk2\DR2\Partition1
20:36:30.0995 0x0ff0  \Device\Harddisk2\DR2\Partition1 - ok
20:36:30.0998 0x0ff0  [ 9D84E9DBC50031DD0C35EC481A20D183 ] \Device\Harddisk5\DR5\Partition1
20:36:31.0000 0x0ff0  \Device\Harddisk5\DR5\Partition1 - ok
20:36:31.0003 0x0ff0  [ 2BE1E72C5D054C92DEA064EC3565AD0B ] \Device\Harddisk6\DR6\Partition1
20:36:31.0004 0x0ff0  \Device\Harddisk6\DR6\Partition1 - ok
20:36:31.0004 0x0ff0  Waiting for KSN requests completion. In queue: 340
20:36:32.0004 0x0ff0  Waiting for KSN requests completion. In queue: 26
20:36:33.0004 0x0ff0  Waiting for KSN requests completion. In queue: 26
20:36:34.0116 0x0ff0  AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender\wscfix.exe ( 17.20.0.873 ), 0x40000 ( disabled : updated )
20:36:34.0136 0x0ff0  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender\wscfix.exe ( 17.20.0.873 ), 0x41010 ( enabled )
20:36:36.0636 0x0ff0  ============================================================
20:36:36.0636 0x0ff0  Scan finished
20:36:36.0636 0x0ff0  ============================================================
20:36:36.0642 0x11b4  Detected object count: 0
20:36:36.0642 0x11b4  Actual detected object count: 0
20:37:49.0571 0x126c  Deinitialize success
 

 

Attached Files


#10 Conspire

Conspire

    SuperHelper

  • Classroom Teacher
  • 5,805 posts

Posted 20 December 2013 - 09:29 AM

Hello,

Yes, you did a great job. :thumbup:

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

===================================================

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • ===================================================

    On your next reply please post :
    AdwCleaner log
    JRT log


    Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

    Advertisements

Register to Remove

#11 mignats

mignats

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 20 December 2013 - 07:32 PM

Hi Conspire,

 

I ran both of the tools you suggested.  The AdwCleaner log is below.  I didn't have any success with the JRT.  I turned off my bitdefender virus scanner but there is no way I can see to totally disable Bitdefender Total Security.  Either way the JRT would crash my Windows Explorer which would restart but then JRT would crash so I was not able to get a log from that one.

 

# AdwCleaner v3.015 - Report created 20/12/2013 at 18:06:50
# Updated 10/12/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Jim & Lisa - SARAL-03
# Running from : C:\Users\Jim & Lisa\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
Folder Found C:\Users\Jim & Lisa\AppData\Local\PackageAware
Folder Found C:\Users\Jim & Lisa\AppData\LocalLow\boost_interprocess
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\powerpack
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16520
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ File : C:\Users\Jim & Lisa\AppData\Roaming\Mozilla\Firefox\Profiles\abg2lg1s.default\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Jim & Lisa\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1840 octets] - [20/12/2013 18:06:50]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1900 octets] ##########

#12 Conspire

Conspire

    SuperHelper

  • Classroom Teacher
  • 5,805 posts

Posted 20 December 2013 - 08:56 PM

Hello,

 

Let's try this

 

http://forum.bitdefe...showtopic=45227

 

In order to disable the antivirus protection,please open Bitdefender and click the "Settings" button in the upper side part of the interface"; In the new window go to "Antivirus" > "Shield"tab and switch to OFF On-access scanning. Select the time interval that suites your troubleshooting needs and click "OK" . The On-access scanning should be enabled back after finishing the troubleshooting procedure.

 

 

 

If that fails, try going to Safe Mode and run JRT again.


Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#13 mignats

mignats

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 21 December 2013 - 11:16 AM

Hi Conspire,

 

I have tried both methods above and the JRT keeps crashing, so I haven't been able to get it to do its thing.  I'm not sure what to try next.  I even re-downloaded the JRT in case the first download was corrupt somehow.


Edited by mignats, 21 December 2013 - 11:17 AM.

#14 Conspire

Conspire

    SuperHelper

  • Classroom Teacher
  • 5,805 posts

Posted 21 December 2013 - 11:20 AM

Ok, before moving on, I'd like to know how is your computer behaving? Any improvements?
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may Posted Image
Posted Image

#15 mignats

mignats

    New Member

  • Authentic Member
  • Pip
  • 14 posts

Posted 21 December 2013 - 12:51 PM

No real improvements. Some web pages very slow to open while others seem fine. After a time performance will degrade and I will get the "windows failed to create security options dialog" or something to that effect. Is this looking like a virus to you? I'd like to avoid reformatting and reinstalling everything if I can.

Thanks for all your assistance.

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·