Suspected spyware

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

Solved Suspected spyware

Post by siouxlini on Mon 27 Aug 2012, 7:25 am

On startup i get a error window that states
"Server Busy"
"Action cannot be completed because the program is busy. Choose switch to to activate the busy program"
when "Switch To" is clicked it brings up the Start Bar

When I ran OTL it did not give me the "Extras.txt" window.

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-26 15:53:14
-----------------------------
15:53:14.638 OS Version: Windows x64 6.1.7601 Service Pack 1
15:53:14.639 Number of processors: 8 586 0x1E05
15:53:14.640 ComputerName: MARK-PC UserName: Mark
15:53:17.305 Initialize success
15:53:25.406 AVAST engine defs: 12082600
15:53:30.525 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:53:30.530 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3
15:53:30.544 Disk 0 MBR read successfully
15:53:30.550 Disk 0 MBR scan
15:53:30.558 Disk 0 unknown MBR code
15:53:30.569 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
15:53:30.590 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463516 MB offset 409600
15:53:30.625 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13120 MB offset 949690368
15:53:30.659 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
15:53:30.725 Disk 0 scanning C:\Windows\system32\drivers
15:53:42.949 Service scanning
15:54:06.884 Modules scanning
15:54:06.904 Disk 0 trace - called modules:
15:54:06.929 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
15:54:06.942 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005910790]
15:54:06.954 3 CLASSPNP.SYS[fffff8800115543f] -> nt!IofCallDriver -> [0xfffffa800582e900]
15:54:06.966 5 hpdskflt.sys[fffff880023f7189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b43050]
15:54:09.964 AVAST engine scan C:\Windows
15:54:12.975 AVAST engine scan C:\Windows\system32
15:57:27.196 AVAST engine scan C:\Windows\system32\drivers
15:57:40.768 AVAST engine scan C:\Users\Mark
16:06:17.018 File: C:\Users\Mark\Downloads\bbtrainer.exe **INFECTED** Win32:MiniMal [Trj]
16:08:56.158 Disk 0 MBR has been saved successfully to "C:\Users\Mark\Desktop\MBR.dat"
16:08:56.170 The log file has been saved successfully to "C:\Users\Mark\Desktop\aswMBR.txt"



siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Mon 27 Aug 2012, 7:27 am

OTL logfile created on: 8/26/2012 2:52:15 PM - Run 6
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Mark\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.99 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 48.30% Memory free
7.98 Gb Paging File | 5.69 Gb Available in Paging File | 71.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.65 Gb Total Space | 150.00 Gb Free Space | 33.14% Space Free | Partition Type: NTFS
Drive D: | 12.81 Gb Total Space | 2.13 Gb Free Space | 16.65% Space Free | Partition Type: NTFS

Computer Name: MARK-PC | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/26 14:36:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Mark\Desktop\OTL.com
PRC - [2012/06/08 07:02:02 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/27 12:12:45 | 006,065,784 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/03/02 13:49:28 | 000,402,864 | ---- | M] (Array Networks, Inc.) -- C:\Program Files\Array Networks\Common\8,4,6,49\arr_isrv.exe
PRC - [2012/03/02 13:48:44 | 000,279,984 | ---- | M] (Array Networks, Inc.) -- C:\Program Files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/12/19 01:25:16 | 000,048,456 | ---- | M] (Mobile Stream) -- C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe
PRC - [2010/03/04 13:00:56 | 000,097,384 | R--- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe
PRC - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
PRC - [2010/02/04 02:28:02 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmsdmon.exe
PRC - [2010/02/04 02:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
PRC - [2010/01/19 11:50:24 | 005,932,888 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
PRC - [2009/09/17 19:40:44 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
PRC - [2009/07/24 22:24:02 | 000,427,304 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
PRC - [2009/07/24 00:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 15:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2006/09/28 05:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/14 12:37:09 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 12:37:03 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/15 06:53:52 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c764ad83cd3287fc59a3dc02e08ad1ea\System.Xml.ni.dll
MOD - [2012/05/15 06:53:48 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/15 06:53:47 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/15 06:53:42 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2010/02/04 02:28:02 | 000,025,256 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmsdmon.exe
MOD - [2010/02/04 02:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe
MOD - [2010/02/04 01:41:38 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcaps.dll
MOD - [2010/02/04 01:41:23 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxscw.dll
MOD - [2010/02/04 01:41:20 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdrs.dll
MOD - [2010/02/04 01:28:15 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcnv4.dll
MOD - [2010/02/02 04:30:16 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\app4r.monitor.core.dll
MOD - [2010/02/02 04:30:16 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\app4r.monitor.common.dll
MOD - [2010/02/02 04:29:04 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\app4r.devmons.mcmdevmon.dll
MOD - [2009/10/16 14:00:47 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxdatr.dll
MOD - [2009/10/16 14:00:40 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxcats.dll
MOD - [2009/07/24 22:24:16 | 000,275,848 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
MOD - [2009/07/24 22:24:16 | 000,124,288 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
MOD - [2009/07/24 22:24:14 | 000,349,480 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
MOD - [2009/07/23 15:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/07/16 16:36:20 | 000,138,000 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/16 16:36:16 | 000,035,088 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/07/16 16:36:16 | 000,028,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/07/16 16:35:30 | 000,027,408 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\SDL.dll
MOD - [2009/07/16 16:35:20 | 000,363,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/07/16 16:35:08 | 011,311,888 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/07/16 16:34:56 | 000,199,952 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/07/16 16:34:46 | 000,475,408 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/07/16 16:34:34 | 000,968,976 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/07/16 16:34:22 | 007,704,336 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/07/16 16:34:22 | 002,140,944 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/07/16 16:34:12 | 000,291,600 | ---- | M] () -- C:\Program Files (x86)\Logitech\Logitech Vid\phonon4.dll
MOD - [2007/11/22 12:55:48 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Lexmark 3600-4600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/02 13:49:28 | 000,402,864 | ---- | M] (Array Networks, Inc.) [Auto | Running] -- C:\Program Files\Array Networks\Common\8,4,6,49\arr_isrv.exe -- (Array_Utility_Service8.4.6.49)
SRV:64bit: - [2012/03/02 13:48:44 | 000,279,984 | ---- | M] (Array Networks, Inc.) [Auto | Running] -- C:\Program Files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe -- (ArraySSL_VPN_Service8.4.6.49)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/10/16 19:00:54 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
SRV:64bit: - [2009/10/16 14:10:44 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdxcoms.exe -- (lxdx_device)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 22:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2012/08/21 07:04:46 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/16 11:52:14 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 13:00:56 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2009/10/16 19:00:54 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
SRV - [2009/10/16 14:10:34 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdxcoms.exe -- (lxdx_device)
SRV - [2009/09/17 19:40:44 | 000,075,048 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe -- (CLDTVHNService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2007/05/31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/09/28 05:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/30 13:32:08 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.([You must be registered and logged in to see this link.] [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/07/30 13:32:08 | 000,102,240 | ---- | M] (DEVGURU Co., LTD.([You must be registered and logged in to see this link.] [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/26 19:42:14 | 000,138,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/24 14:07:39 | 007,821,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/12/19 21:56:40 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/12/16 18:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/26 19:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/29 18:11:08 | 000,021,072 | ---- | M] (Mobile Stream) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\easytthr.sys -- (easytether)
DRV:64bit: - [2010/05/27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (HTCAND64)
DRV:64bit: - [2010/04/16 13:59:40 | 001,816,968 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StkCMini.sys -- (StkCMini)
DRV:64bit: - [2010/04/14 01:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/02/06 16:20:36 | 000,291,328 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/01/13 16:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009/10/13 12:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/27 18:59:08 | 000,019,968 | ---- | M] (Array Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atpdrvr.sys -- (ATP)
DRV:64bit: - [2009/08/21 21:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/07/23 13:02:38 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/07/20 23:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009/07/17 16:58:30 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/07/17 16:58:24 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/07/17 16:58:22 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/17 16:58:18 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/29 14:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/29 11:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2008/01/24 18:08:34 | 000,057,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2008/01/24 18:08:24 | 000,015,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2008/01/24 18:08:04 | 000,032,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2008/01/24 18:07:54 | 000,022,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2012/03/26 19:42:14 | 000,138,360 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009/09/17 19:40:52 | 000,082,416 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys -- (ntk_dtv)
DRV - [2009/07/24 00:45:28 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/12/22 20:59:54] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {76F686A7-A793-44E0-B950-D8340ED85E32}
IE:64bit: - HKLM\..\SearchScopes\{5B1E0E2D-C70A-4A92-8C94-22E2070E2AB2}: "URL" = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\..\SearchScopes\{76F686A7-A793-44E0-B950-D8340ED85E32}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes,DefaultScope = {76F686A7-A793-44E0-B950-D8340ED85E32}
IE - HKLM\..\SearchScopes\{5B1E0E2D-C70A-4A92-8C94-22E2070E2AB2}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{76F686A7-A793-44E0-B950-D8340ED85E32}: "URL" = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {837EF1B9-AD7C-4F2A-9F5A-9EE59539EECD}
IE - HKCU\..\SearchScopes\{34485A94-EB5F-4A6C-B115-BF383CF0E15A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{76F686A7-A793-44E0-B950-D8340ED85E32}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{7E0EE7A3-4ABD-401A-AE6A-760DED7EFF5A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{803F0532-3713-4289-87E2-7CE71FBA9E27}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{837EF1B9-AD7C-4F2A-9F5A-9EE59539EECD}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{B6567A2E-5B4A-4E42-B253-EF8791341BF0}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{B6C2D5FB-C912-465E-A07D-C2CA4375ED73}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/05/08 22:20:27 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/05/08 22:20:27 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Mark\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Mark\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/23 17:21:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/05/23 16:30:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/23 16:30:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/21 07:04:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/30 20:25:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/23 17:21:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Mark\AppData\Roaming\Move Networks [2010/05/25 19:14:01 | 000,000,000 | ---D | M]

[2011/12/04 04:00:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\Mozilla\Extensions
[2012/08/25 07:11:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions
[2012/07/26 07:26:04 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/08/25 07:11:44 | 000,000,000 | ---D | M] ("Vid-Saver") -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com
[2011/03/07 08:36:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profileslwnlkoig.default\extensions
[2011/03/07 08:36:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profileslwnlkoig.default\extensions\plugin@gameplaylabs.com
[2012/06/26 15:15:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/26 15:15:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/08/21 07:04:46 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/27 19:05:50 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll
[2011/04/27 19:05:50 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll
[2011/03/17 19:29:27 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/17 19:29:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/08/21 07:04:44 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/08/21 07:04:44 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\plugins/avgnpss.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Mark\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: YouTube = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Google Search = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: AVG Safe Search = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: AVG Do Not Track = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Vid-Saver = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\
CHR - Extension: Gmail = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
CHR - Extension: Gmail = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Vid-Saver) - {11111111-1111-1111-1111-110011341191} - C:\Program Files (x86)\Vid-Saver\Vid-Saver.dll (215 Apps)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4:64bit: - HKLM..\Run: [lxdxamon] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe ()
O4:64bit: - HKLM..\Run: [lxdxmon.exe] C:\Program Files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [EasyTether] C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe (Mobile Stream)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: images.cdidocs.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: insidecdi.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mycdiexam.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: tcfef.com ([ra] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} [You must be registered and logged in to see this link.] (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} [You must be registered and logged in to see this link.] (Windows Live OneCare safety scanner control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} [You must be registered and logged in to see this link.] (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 10.5.1)
O16 - DPF: {B1647320-9EC8-4B0F-BF53-93D4A43FA614} [You must be registered and logged in to see this link.] (TerminalSvcsTCSX Control)
O16 - DPF: {B6648EB8-2460-484F-9255-9654454C4C70} [You must be registered and logged in to see this link.] (ArrVPNAX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.7.0_05)
O16 - DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} [You must be registered and logged in to see this link.] (DAX Control)
O16 - DPF: {FD3FF62E-61A7-48EE-A4A4-97CE7BD1F99D} [You must be registered and logged in to see this link.] (SodaAgt Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E8A3768-DDCF-4291-8DB7-43D3CD705A3D}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5590AF42-72AA-464B-8726-B3D482FE9BBC}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD50A2D5-2507-427E-AB14-3647F41CDB97}: DhcpNameServer = 202.88.64.61 202.88.64.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1D07D41-49F3-46E8-B9F1-9A380B19ECAD}: DhcpNameServer = 192.168.100.254
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

MsConfig:64bit - State: "services" - Reg Error: Key error.

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Mon 27 Aug 2012, 7:28 am


SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/26 14:36:11 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Mark\Desktop\OTL.com
[2012/08/23 11:57:16 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\ImageVisu
[2012/08/21 07:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/08/21 07:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/08/19 14:02:25 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Mark\Desktop\aswMBR.exe
[2012/08/18 11:24:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/18 11:24:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/18 11:24:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/18 11:24:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/18 11:24:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/18 11:24:35 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/18 11:24:35 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/18 11:24:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/18 11:24:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/18 11:24:34 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/18 11:24:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/18 11:24:33 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/18 11:24:32 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/16 11:01:32 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/16 11:01:25 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/16 11:01:25 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/16 11:01:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/16 11:01:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/16 11:01:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/16 11:01:22 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/16 11:01:20 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/07/30 13:32:08 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.([You must be registered and logged in to see this link.] -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2012/07/30 13:32:08 | 000,102,240 | ---- | C] (DEVGURU Co., LTD.([You must be registered and logged in to see this link.] -- C:\Windows\SysNative\drivers\ssudbus.sys
[61 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[61 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/26 14:52:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/26 14:36:28 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Mark\Desktop\OTL.com
[2012/08/26 14:11:04 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/26 13:57:15 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/26 13:57:15 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/26 13:49:40 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/26 13:49:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/26 13:49:20 | 3214,045,184 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/26 05:45:10 | 104,947,996 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/08/22 19:12:17 | 000,002,304 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/21 14:48:18 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMark.job
[2012/08/20 15:58:42 | 000,001,097 | ---- | M] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2012/08/19 14:09:49 | 810,707,918 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/19 14:03:04 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Mark\Desktop\aswMBR.exe
[2012/08/19 06:27:22 | 000,374,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/17 17:51:08 | 000,513,718 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/08/16 11:52:13 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/16 11:52:13 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/05 22:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2012/08/01 16:30:06 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/01 16:30:06 | 000,660,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/01 16:30:06 | 000,121,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/30 13:32:08 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.([You must be registered and logged in to see this link.] -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2012/07/30 13:32:08 | 000,102,240 | ---- | M] (DEVGURU Co., LTD.([You must be registered and logged in to see this link.] -- C:\Windows\SysNative\drivers\ssudbus.sys
[61 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[61 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/20 16:27:59 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2012/08/19 14:09:49 | 810,707,918 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/06/04 13:21:09 | 000,007,605 | ---- | C] () -- C:\Users\Mark\AppData\Local\Resmon.ResmonCfg
[2012/05/25 15:43:24 | 000,084,616 | ---- | C] () -- C:\Windows\StkUnist.exe
[2012/03/28 22:11:08 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/03/28 22:11:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/03/28 22:11:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/03/28 22:11:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/03/28 22:11:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/12/04 12:04:22 | 000,005,277 | ---- | C] () -- C:\Windows\wininit.ini
[2011/01/21 20:20:28 | 000,773,482 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/21 09:48:31 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\lxdxdrs.dll
[2011/01/21 09:48:31 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdxcaps.dll
[2011/01/21 09:27:47 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdxcnv4.dll
[2011/01/21 09:25:13 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxinpa.dll
[2011/01/21 09:25:13 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDXinst.dll
[2011/01/21 09:25:13 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxiesc.dll
[2011/01/21 09:25:13 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdxcomx.dll
[2011/01/21 09:25:12 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxpmui.dll
[2011/01/21 09:25:11 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxserv.dll
[2011/01/21 09:25:11 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxusb1.dll
[2011/01/21 09:25:11 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxprox.dll
[2011/01/21 09:25:10 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomc.dll
[2011/01/21 09:25:10 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxhbn3.dll
[2011/01/21 09:25:10 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcoms.exe
[2011/01/21 09:25:10 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxlmpm.dll
[2011/01/21 09:25:10 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcomm.dll
[2011/01/21 09:25:10 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxih.exe
[2011/01/21 09:25:09 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdxcfg.exe
[2011/01/03 15:42:11 | 000,001,854 | ---- | C] () -- C:\Users\Mark\AppData\Roaming\GhostObjGAFix.xml
[2010/11/20 21:44:49 | 003,948,123 | ---- | C] () -- C:\Users\Mark\AppData\Local\tmpDSC00224.JPG
[2010/02/22 18:33:36 | 000,010,240 | ---- | C] () -- C:\Users\Mark\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/25 22:20:29 | 000,000,256 | ---- | C] () -- C:\Users\Mark\AppData\Roaming\wklnhst.dat
[2009/12/24 19:36:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/23 19:46:18 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib

========== Custom Scans ==========

< %AppData%\Roaming\Mozilla\Firefox\Profiles\*.default\extensions\ /s /md5 >

< %AppData%\Local\ >

< %systemroot%\system32\sysprep >

< *.xpi /md5 >

< %systemroot%\Downloaded Program Files\ >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile >
"DisableNotifications" = 0
"EnableFirewall" = 1

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Mon 27 Aug 2012, 7:29 am

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/08/21 07:04:44 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/08/21 07:04:44 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/08/21 07:04:44 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/08/21 07:04:46 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/08/21 07:04:46 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/08/21 07:04:46 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2012/08/17 18:28:57 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2012/08/17 18:28:57 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/08/17 18:28:57 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2012/08/17 18:28:57 | 001,229,848 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/05/01 23:03:06 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/05/01 23:03:06 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/05/01 23:03:06 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/08/21 07:04:44 | 000,866,992 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/08/21 07:04:44 | 000,866,992 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/08/21 07:04:44 | 000,866,992 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/08/21 07:04:46 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/08/21 07:04:46 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/08/21 07:04:46 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2012/08/17 18:28:57 | 001,229,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2012/08/17 18:28:57 | 001,229,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2012/08/17 18:28:57 | 001,229,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2012/08/17 18:28:57 | 001,229,848 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/05/01 23:03:03 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/05/01 23:03:03 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/05/01 23:03:03 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2012/06/28 21:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation)

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >

< %systemroot%\System32\config\*.sav >

< %SYSTEMDRIVE%\*.exe /md5 >

< "%WinDir%\$NtUninstallKB*$." /30 >

< %systemdrive%\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >
[2012/07/10 11:20:20 | 000,212,684 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists
[2012/07/10 12:27:41 | 000,000,005 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
[2011/07/09 20:06:34 | 000,441,089 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\en-US-2-1.bdic
[2011/07/08 11:19:37 | 000,000,000 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\First Run
[2012/07/10 12:27:40 | 000,011,408 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Local State
[2012/07/10 12:17:22 | 007,836,632 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
[2012/07/10 12:17:23 | 001,155,868 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2
[2012/07/10 11:14:24 | 000,006,144 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies
[2012/07/10 11:14:24 | 000,001,544 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal
[2012/07/10 12:17:23 | 000,134,356 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist
[2012/07/10 12:17:21 | 003,993,628 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Safe Browsing Download
[2012/07/10 12:17:23 | 000,016,668 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist
[2011/12/21 03:00:44 | 000,000,055 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Service State
[2012/07/10 11:15:07 | 000,057,344 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Archived History
[2012/07/10 11:15:07 | 000,016,384 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal
[2011/07/08 11:19:39 | 000,000,505 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Bookmarks
[2011/07/08 11:19:39 | 000,000,505 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak
[2012/07/10 11:50:11 | 000,075,776 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cookies
[2012/07/10 12:27:40 | 000,140,803 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Current Session
[2012/07/10 12:27:40 | 000,019,994 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
[2012/04/03 10:04:59 | 000,007,168 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies
[2012/07/10 11:49:51 | 000,040,960 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Favicons
[2012/07/10 11:49:51 | 000,012,848 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
[2012/04/03 10:04:59 | 000,150,798 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico
[2012/07/10 12:27:40 | 000,090,112 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\History
[2012/07/10 11:15:08 | 000,036,864 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-03
[2012/07/10 11:15:08 | 000,016,384 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-03-journal
[2012/07/10 11:15:08 | 000,036,864 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-04
[2012/07/10 11:15:08 | 000,016,384 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-04-journal
[2012/05/13 21:46:11 | 000,077,824 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-05
[2012/07/10 11:50:03 | 000,139,264 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-07
[2012/07/10 11:50:03 | 000,016,384 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-07-journal
[2012/07/10 12:27:40 | 000,006,033 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
[2012/05/13 21:46:11 | 000,201,000 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Last Session
[2012/05/13 21:46:11 | 000,049,423 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Last Tabs
[2011/12/21 03:00:56 | 000,012,288 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Login Data
[2012/07/10 11:14:22 | 000,013,312 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
[2012/07/10 11:14:22 | 000,013,928 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
[2012/07/10 12:27:41 | 000,064,994 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Preferences
[2012/07/10 11:14:52 | 000,013,312 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
[2012/07/10 11:14:52 | 000,008,768 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
[2012/07/10 11:15:14 | 000,000,180 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\README
[2012/07/10 11:14:22 | 000,012,288 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Shortcuts
[2012/07/10 11:14:22 | 000,012,824 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal
[2012/07/10 11:14:30 | 000,053,248 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Top Sites
[2012/07/10 11:14:30 | 000,012,824 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal
[2012/07/10 12:27:41 | 000,131,072 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Visited Links
[2012/07/10 11:49:52 | 000,081,920 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Web Data
[2012/07/10 11:49:52 | 000,016,384 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
[2012/07/10 12:27:41 | 000,045,056 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
[2012/07/10 12:27:41 | 000,794,624 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
[2012/07/10 12:27:41 | 001,056,768 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
[2012/07/10 12:27:41 | 004,202,496 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
[2012/03/09 22:15:38 | 000,020,638 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001
[2012/03/09 22:15:39 | 000,020,648 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
[2012/03/09 22:15:42 | 000,124,148 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
[2012/03/09 22:15:43 | 000,029,754 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
[2012/03/09 22:15:43 | 000,024,547 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
[2012/03/09 22:15:45 | 000,030,348 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
[2012/03/09 22:15:45 | 000,036,879 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
[2012/03/09 22:15:45 | 000,017,413 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
[2012/03/09 22:15:45 | 000,026,340 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
[2012/03/09 22:15:45 | 000,072,515 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
[2012/03/09 22:15:52 | 000,019,988 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000b
[2012/03/09 22:15:52 | 000,044,798 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
[2012/03/09 22:15:52 | 000,075,664 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000d
[2012/03/09 22:15:52 | 000,038,418 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000e
[2012/03/09 22:15:52 | 000,032,502 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
[2012/03/09 22:15:52 | 000,017,065 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010
[2012/03/09 22:15:52 | 000,016,877 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
[2012/03/09 22:15:52 | 000,016,432 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
[2012/03/09 22:15:52 | 000,026,717 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
[2012/03/09 22:15:52 | 000,017,419 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
[2012/03/09 22:15:52 | 000,017,116 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
[2012/03/09 22:15:52 | 000,032,610 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
[2012/03/09 22:15:52 | 000,018,789 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
[2012/03/09 22:15:52 | 000,044,674 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
[2012/03/09 22:15:53 | 000,090,802 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
[2012/03/09 22:15:53 | 000,019,850 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
[2012/03/09 22:15:53 | 000,041,933 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
[2012/03/09 22:15:54 | 000,125,983 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
[2012/04/03 10:05:04 | 000,036,838 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
[2012/04/03 10:05:27 | 000,093,935 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
[2012/04/03 10:05:27 | 000,146,244 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
[2012/04/03 10:05:28 | 000,961,175 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021
[2012/04/03 10:05:48 | 000,056,628 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
[2012/04/03 10:08:42 | 000,022,756 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
[2012/04/03 10:08:43 | 000,126,438 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
[2012/04/03 10:08:44 | 000,028,693 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
[2012/04/06 19:15:38 | 000,020,893 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
[2012/04/06 19:15:38 | 000,025,340 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027
[2012/04/06 19:15:50 | 000,017,447 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028
[2012/04/06 19:15:50 | 000,017,841 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029
[2012/04/06 19:15:51 | 000,049,057 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a
[2012/05/13 21:39:35 | 000,043,195 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b
[2012/05/13 21:39:36 | 000,048,804 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c
[2012/05/13 21:39:36 | 000,018,864 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d
[2012/05/13 21:39:55 | 000,143,253 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e
[2012/05/13 21:39:55 | 000,030,086 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002f
[2012/05/13 21:39:57 | 000,018,358 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030
[2012/05/13 21:39:58 | 000,037,340 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031
[2012/05/13 21:39:59 | 000,064,546 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000032
[2012/05/13 21:39:59 | 000,081,464 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000033
[2012/05/13 21:40:05 | 000,057,254 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034
[2012/05/13 21:40:06 | 000,058,160 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000035
[2012/05/13 21:40:06 | 000,072,935 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036
[2012/05/13 21:40:07 | 000,070,228 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037
[2012/05/13 21:40:07 | 000,147,069 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038
[2012/05/13 21:40:09 | 000,017,654 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039
[2012/05/13 21:40:09 | 000,436,436 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003a
[2012/05/13 21:40:17 | 000,062,080 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b
[2012/05/13 21:42:48 | 000,083,492 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003d
[2012/05/13 21:42:58 | 000,022,206 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003e
[2012/05/13 21:44:25 | 000,056,162 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000040
[2012/05/13 21:44:25 | 000,053,564 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000041
[2012/05/13 21:44:26 | 000,061,610 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000042
[2012/05/13 21:44:26 | 000,054,726 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000043
[2012/05/13 21:44:26 | 000,056,257 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000044
[2012/05/13 21:44:29 | 000,072,945 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000045
[2012/07/10 11:14:17 | 000,025,026 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000046
[2012/07/10 11:14:20 | 000,033,758 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000047
[2012/07/10 11:14:23 | 000,026,370 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000048
[2012/07/10 11:14:24 | 000,024,209 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000049
[2012/07/10 11:14:24 | 000,024,093 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004a
[2012/07/10 11:14:24 | 000,028,313 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00004d
[2012/07/10 11:14:24 | 000,036,750 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000050
[2012/07/10 11:14:25 | 000,024,209 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000051
[2012/07/10 11:14:25 | 000,045,645 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000052
[2012/07/10 11:14:25 | 000,035,117 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000053
[2012/07/10 11:14:25 | 000,077,481 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000054
[2012/07/10 11:14:25 | 000,039,181 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000055
[2012/07/10 11:14:25 | 000,035,390 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000056
[2012/07/10 11:14:25 | 000,017,758 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000057
[2012/07/10 11:14:26 | 000,019,911 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000058
[2012/07/10 11:14:26 | 000,269,746 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000059
[2012/07/10 11:14:27 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005b
[2012/07/10 11:14:28 | 000,031,024 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005c
[2012/07/10 11:14:28 | 000,224,087 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005d
[2012/07/10 11:14:31 | 000,017,111 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005e
[2012/07/10 11:14:31 | 000,034,514 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00005f
[2012/07/10 11:14:31 | 000,037,817 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000060
[2012/07/10 11:14:31 | 000,193,523 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000061
[2012/07/10 11:14:32 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000062
[2012/07/10 11:14:58 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000063
[2012/07/10 11:15:11 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000064
[2012/07/10 11:15:16 | 000,017,440 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000065
[2012/07/10 11:15:16 | 000,017,831 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000066
[2012/07/10 11:15:16 | 000,052,462 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000067
[2012/07/10 11:15:17 | 000,035,767 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000068
[2012/07/10 11:15:17 | 000,040,654 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000069
[2012/07/10 11:15:17 | 000,148,944 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006a
[2012/07/10 11:15:18 | 000,244,845 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006b
[2012/07/10 11:15:18 | 000,124,803 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006c
[2012/07/10 11:15:18 | 000,330,443 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006d
[2012/07/10 11:15:19 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006e
[2012/07/10 11:15:25 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00006f
[2012/07/10 11:15:35 | 000,025,114 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000070
[2012/07/10 11:15:35 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000071
[2012/07/10 11:15:53 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000072
[2012/07/10 11:15:59 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000073
[2012/07/10 11:18:04 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000074
[2012/07/10 11:18:24 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000075
[2012/07/10 11:20:49 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000076

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Mon 27 Aug 2012, 7:31 am

[2012/07/10 11:21:10 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000077
[2012/07/10 11:21:24 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000078
[2012/07/10 11:21:37 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000079
[2012/07/10 11:21:45 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00007a
[2012/07/10 11:23:10 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000080
[2012/07/10 11:32:21 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000081
[2012/07/10 11:35:19 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000082
[2012/07/10 11:35:26 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000088
[2012/07/10 11:49:42 | 000,039,376 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000089
[2012/07/10 11:49:42 | 000,024,852 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008a
[2012/07/10 11:49:42 | 000,053,298 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008b
[2012/07/10 11:49:42 | 000,063,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008c
[2012/07/10 11:49:42 | 000,135,134 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008d
[2012/07/10 11:49:42 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008e
[2012/07/10 11:49:53 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00008f
[2012/07/10 11:49:58 | 000,025,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000090
[2012/03/09 22:15:38 | 000,524,656 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Cache\index
[2012/07/10 11:14:22 | 000,007,168 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db
[2012/07/10 11:14:22 | 000,005,672 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db-journal
[2012/07/10 11:49:57 | 000,009,216 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0\1
[2012/07/10 11:14:23 | 000,139,264 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0\2
[2011/12/27 22:42:16 | 000,006,442 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\128.png
[2011/12/27 22:42:16 | 000,000,702 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\manifest.json
[2011/12/27 22:42:16 | 000,000,401 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\ar\messages.json
[2011/12/27 22:42:16 | 000,000,427 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\bg\messages.json
[2011/12/27 22:42:16 | 000,000,250 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\ca\messages.json
[2011/12/27 22:42:16 | 000,000,255 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\cs\messages.json
[2011/12/27 22:42:16 | 000,000,242 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\da\messages.json
[2011/12/27 22:42:16 | 000,000,226 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\de\messages.json
[2011/12/27 22:42:16 | 000,000,475 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\el\messages.json
[2011/12/27 22:42:16 | 000,000,227 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\en\messages.json
[2011/12/27 22:42:16 | 000,000,240 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\es\messages.json
[2011/12/27 22:42:16 | 000,000,222 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\fi\messages.json
[2011/12/27 22:42:16 | 000,000,236 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\fil\messages.json
[2011/12/27 22:42:16 | 000,000,249 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\fr\messages.json
[2011/12/27 22:42:16 | 000,000,419 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\he\messages.json
[2011/12/27 22:42:16 | 000,000,408 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\hi\messages.json
[2011/12/27 22:42:16 | 000,000,220 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\hr\messages.json
[2011/12/27 22:42:16 | 000,000,253 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\hu\messages.json
[2011/12/27 22:42:16 | 000,000,231 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\id\messages.json
[2011/12/27 22:42:16 | 000,000,224 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\it\messages.json
[2011/12/27 22:42:16 | 000,000,349 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\ja\messages.json
[2011/12/27 22:42:16 | 000,000,323 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\ko\messages.json
[2011/12/27 22:42:16 | 000,000,266 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\lt\messages.json
[2011/12/27 22:42:16 | 000,000,245 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\lv\messages.json
[2011/12/27 22:42:16 | 000,000,225 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\nl\messages.json
[2011/12/27 22:42:16 | 000,000,216 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\no\messages.json
[2011/12/27 22:42:16 | 000,000,274 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\pl\messages.json
[2011/12/27 22:42:16 | 000,000,237 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\pt_BR\messages.json
[2011/12/27 22:42:16 | 000,000,236 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\pt_PT\messages.json
[2011/12/27 22:42:16 | 000,000,248 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\ro\messages.json
[2011/12/27 22:42:16 | 000,000,394 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\ru\messages.json
[2011/12/27 22:42:16 | 000,000,241 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\sk\messages.json
[2011/12/27 22:42:16 | 000,000,245 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\sl\messages.json
[2011/12/27 22:42:16 | 000,000,437 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\sr\messages.json
[2011/12/27 22:42:16 | 000,000,238 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\sv\messages.json
[2011/12/27 22:42:16 | 000,000,365 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\th\messages.json
[2011/12/27 22:42:16 | 000,000,255 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\tr\messages.json
[2011/12/27 22:42:16 | 000,000,442 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\uk\messages.json
[2011/12/27 22:42:16 | 000,000,310 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\vi\messages.json
[2011/12/27 22:42:16 | 000,000,257 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\zh_CN\messages.json
[2011/12/27 22:42:16 | 000,000,269 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\_locales\zh_TW\messages.json
[2012/07/10 11:14:17 | 000,003,524 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\128.png
[2012/07/10 11:14:17 | 000,000,745 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\manifest.json
[2012/07/10 11:14:17 | 000,000,401 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ar\messages.json
[2012/07/10 11:14:17 | 000,000,427 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\bg\messages.json
[2012/07/10 11:14:17 | 000,000,250 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ca\messages.json
[2012/07/10 11:14:17 | 000,000,255 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\cs\messages.json
[2012/07/10 11:14:17 | 000,000,242 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\da\messages.json
[2012/07/10 11:14:17 | 000,000,226 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\de\messages.json
[2012/07/10 11:14:17 | 000,000,475 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\el\messages.json
[2012/07/10 11:14:17 | 000,000,227 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\en\messages.json
[2012/07/10 11:14:17 | 000,000,240 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\es\messages.json
[2012/07/10 11:14:17 | 000,000,222 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fi\messages.json
[2012/07/10 11:14:17 | 000,000,236 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fil\messages.json
[2012/07/10 11:14:17 | 000,000,249 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\fr\messages.json
[2012/07/10 11:14:17 | 000,000,419 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\he\messages.json
[2012/07/10 11:14:17 | 000,000,408 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hi\messages.json
[2012/07/10 11:14:17 | 000,000,220 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hr\messages.json
[2012/07/10 11:14:17 | 000,000,253 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\hu\messages.json
[2012/07/10 11:14:17 | 000,000,231 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\id\messages.json
[2012/07/10 11:14:17 | 000,000,224 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\it\messages.json
[2012/07/10 11:14:17 | 000,000,349 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ja\messages.json
[2012/07/10 11:14:17 | 000,000,323 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ko\messages.json
[2012/07/10 11:14:17 | 000,000,266 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lt\messages.json
[2012/07/10 11:14:17 | 000,000,245 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\lv\messages.json
[2012/07/10 11:14:17 | 000,000,225 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\nl\messages.json
[2012/07/10 11:14:16 | 000,000,216 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\no\messages.json
[2012/07/10 11:14:17 | 000,000,274 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pl\messages.json
[2012/07/10 11:14:17 | 000,000,237 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_BR\messages.json
[2012/07/10 11:14:17 | 000,000,236 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\pt_PT\messages.json
[2012/07/10 11:14:17 | 000,000,248 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ro\messages.json
[2012/07/10 11:14:17 | 000,000,394 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\ru\messages.json
[2012/07/10 11:14:17 | 000,000,241 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sk\messages.json
[2012/07/10 11:14:17 | 000,000,245 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sl\messages.json
[2012/07/10 11:14:17 | 000,000,437 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sr\messages.json
[2012/07/10 11:14:17 | 000,000,238 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\sv\messages.json
[2012/07/10 11:14:17 | 000,000,365 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\th\messages.json
[2012/07/10 11:14:17 | 000,000,255 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\tr\messages.json
[2012/07/10 11:14:17 | 000,000,442 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\uk\messages.json
[2012/07/10 11:14:17 | 000,000,310 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\vi\messages.json
[2012/07/10 11:14:17 | 000,000,257 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_CN\messages.json
[2012/07/10 11:14:17 | 000,000,269 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\_locales\zh_TW\messages.json
[2011/12/27 22:42:17 | 000,006,856 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\128.png
[2011/12/27 22:42:17 | 000,000,749 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\16.png
[2011/12/27 22:42:17 | 000,001,946 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\32.png
[2011/12/27 22:42:17 | 000,002,184 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\48.png
[2011/12/27 22:42:17 | 000,000,767 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\manifest.json
[2011/12/27 22:42:17 | 000,000,423 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\ar\messages.json
[2011/12/27 22:42:17 | 000,000,515 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\bg\messages.json
[2011/12/27 22:42:17 | 000,000,330 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\ca\messages.json
[2011/12/27 22:42:17 | 000,000,355 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\cs\messages.json
[2011/12/27 22:42:17 | 000,000,328 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\da\messages.json
[2011/12/27 22:42:17 | 000,000,307 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\de\messages.json
[2011/12/27 22:42:17 | 000,000,569 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\el\messages.json
[2011/12/27 22:42:17 | 000,000,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\en\messages.json
[2011/12/27 22:42:17 | 000,000,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\en_GB\messages.json
[2011/12/27 22:42:17 | 000,000,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\en_US\messages.json
[2011/12/27 22:42:17 | 000,000,340 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\es\messages.json
[2011/12/27 22:42:17 | 000,000,341 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\es_419\messages.json
[2011/12/27 22:42:17 | 000,000,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\et\messages.json
[2011/12/27 22:42:17 | 000,000,305 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\fi\messages.json
[2011/12/27 22:42:17 | 000,000,337 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\fil\messages.json
[2011/12/27 22:42:17 | 000,000,329 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\fr\messages.json
[2011/12/27 22:42:17 | 000,000,471 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\he\messages.json
[2011/12/27 22:42:17 | 000,000,326 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\hi\messages.json
[2011/12/27 22:42:17 | 000,000,340 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\hr\messages.json
[2011/12/27 22:42:17 | 000,000,336 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\hu\messages.json
[2011/12/27 22:42:17 | 000,000,319 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\id\messages.json
[2011/12/27 22:42:17 | 000,000,324 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\it\messages.json
[2011/12/27 22:42:17 | 000,000,388 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\ja\messages.json
[2011/12/27 22:42:17 | 000,000,380 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\ko\messages.json
[2011/12/27 22:42:17 | 000,000,359 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\lt\messages.json
[2011/12/27 22:42:17 | 000,000,360 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\lv\messages.json
[2011/12/27 22:42:17 | 000,000,323 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\nl\messages.json
[2011/12/27 22:42:17 | 000,000,300 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\no\messages.json
[2011/12/27 22:42:17 | 000,000,336 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\pl\messages.json
[2011/12/27 22:42:17 | 000,000,332 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\pt_BR\messages.json
[2011/12/27 22:42:17 | 000,000,331 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\pt_PT\messages.json
[2011/12/27 22:42:17 | 000,000,332 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\ro\messages.json
[2011/12/27 22:42:17 | 000,000,471 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\ru\messages.json
[2011/12/27 22:42:17 | 000,000,338 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\sk\messages.json
[2011/12/27 22:42:17 | 000,000,329 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\sl\messages.json
[2011/12/27 22:42:17 | 000,000,483 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\sr\messages.json
[2011/12/27 22:42:17 | 000,000,333 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\sv\messages.json
[2011/12/27 22:42:17 | 000,000,472 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\th\messages.json
[2011/12/27 22:42:17 | 000,000,330 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\tr\messages.json
[2011/12/27 22:42:17 | 000,000,501 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\uk\messages.json
[2011/12/27 22:42:17 | 000,000,363 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\vi\messages.json
[2011/12/27 22:42:17 | 000,000,346 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\zh_CN\messages.json
[2011/12/27 22:42:17 | 000,000,346 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\_locales\zh_TW\messages.json
[2012/07/10 11:14:17 | 000,005,369 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\128.png
[2012/07/10 11:14:17 | 000,000,496 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\16.png
[2012/07/10 11:14:17 | 000,001,143 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\32.png
[2012/07/10 11:14:17 | 000,001,858 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\48.png
[2012/07/10 11:14:17 | 000,000,790 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\manifest.json
[2012/07/10 11:14:17 | 000,000,423 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ar\messages.json
[2012/07/10 11:14:17 | 000,000,515 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\bg\messages.json
[2012/07/10 11:14:17 | 000,000,330 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ca\messages.json
[2012/07/10 11:14:17 | 000,000,355 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\cs\messages.json
[2012/07/10 11:14:17 | 000,000,328 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\da\messages.json
[2012/07/10 11:14:17 | 000,000,307 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\de\messages.json
[2012/07/10 11:14:17 | 000,000,569 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\el\messages.json
[2012/07/10 11:14:17 | 000,000,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en\messages.json
[2012/07/10 11:14:17 | 000,000,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_GB\messages.json
[2012/07/10 11:14:17 | 000,000,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\en_US\messages.json
[2012/07/10 11:14:17 | 000,000,340 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es\messages.json
[2012/07/10 11:14:17 | 000,000,341 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\es_419\messages.json
[2012/07/10 11:14:17 | 000,000,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\et\messages.json
[2012/07/10 11:14:17 | 000,000,305 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fi\messages.json
[2012/07/10 11:14:17 | 000,000,337 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fil\messages.json
[2012/07/10 11:14:17 | 000,000,329 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\fr\messages.json
[2012/07/10 11:14:17 | 000,000,471 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\he\messages.json
[2012/07/10 11:14:17 | 000,000,326 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hi\messages.json
[2012/07/10 11:14:17 | 000,000,340 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hr\messages.json
[2012/07/10 11:14:17 | 000,000,336 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\hu\messages.json
[2012/07/10 11:14:17 | 000,000,319 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\id\messages.json
[2012/07/10 11:14:17 | 000,000,324 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\it\messages.json
[2012/07/10 11:14:17 | 000,000,388 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ja\messages.json
[2012/07/10 11:14:17 | 000,000,380 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ko\messages.json
[2012/07/10 11:14:17 | 000,000,359 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lt\messages.json
[2012/07/10 11:14:17 | 000,000,360 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\lv\messages.json
[2012/07/10 11:14:17 | 000,000,323 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\nl\messages.json
[2012/07/10 11:14:16 | 000,000,300 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\no\messages.json
[2012/07/10 11:14:17 | 000,000,336 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pl\messages.json
[2012/07/10 11:14:17 | 000,000,332 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_BR\messages.json
[2012/07/10 11:14:17 | 000,000,331 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\pt_PT\messages.json
[2012/07/10 11:14:17 | 000,000,332 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ro\messages.json
[2012/07/10 11:14:17 | 000,000,471 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\ru\messages.json
[2012/07/10 11:14:17 | 000,000,338 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sk\messages.json
[2012/07/10 11:14:17 | 000,000,329 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sl\messages.json
[2012/07/10 11:14:17 | 000,000,483 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sr\messages.json
[2012/07/10 11:14:17 | 000,000,333 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\sv\messages.json
[2012/07/10 11:14:17 | 000,000,472 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\th\messages.json
[2012/07/10 11:14:17 | 000,000,330 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\tr\messages.json
[2012/07/10 11:14:17 | 000,000,501 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\uk\messages.json
[2012/07/10 11:14:17 | 000,000,363 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\vi\messages.json
[2012/07/10 11:14:17 | 000,000,346 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_CN\messages.json

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Mon 27 Aug 2012, 7:32 am

[2012/07/10 11:14:17 | 000,000,346 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\_locales\zh_TW\messages.json
[2011/12/27 22:14:50 | 000,001,563 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\background.html
[2011/12/27 22:14:52 | 000,001,019 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\manifest.json
[2011/12/27 22:14:50 | 000,006,273 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\avgls-inline.js
[2011/12/27 22:14:50 | 000,013,724 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\flyover.js
[2011/12/27 22:14:50 | 000,001,302 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\interstitial-block.html
[2011/12/27 22:14:50 | 000,078,768 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\jquery-1.4.4.min.js
[2011/12/27 22:14:50 | 000,098,044 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\searchengine.js
[2011/12/27 22:14:50 | 000,013,749 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\searchshield.js
[2011/12/27 22:14:52 | 000,016,328 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\128x128.png
[2011/12/27 22:14:52 | 000,000,790 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\16x16.png
[2011/12/27 22:14:52 | 000,004,310 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\48x48.png
[2011/12/27 22:14:50 | 000,006,455 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\64x64.png
[2011/12/27 22:14:50 | 000,000,303 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_middle_gray.gif
[2011/12/27 22:14:50 | 000,000,610 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_middle_green.gif
[2011/12/27 22:14:50 | 000,000,773 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_middle_orange.gif
[2011/12/27 22:14:50 | 000,001,332 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_middle_red.gif
[2011/12/27 22:14:50 | 000,000,974 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_middle_yellow.gif
[2011/12/27 22:14:50 | 000,000,303 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_top_gray.gif
[2011/12/27 22:14:50 | 000,000,159 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_top_green.gif
[2011/12/27 22:14:50 | 000,000,204 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_top_orange.gif
[2011/12/27 22:14:50 | 000,000,959 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_top_red.gif
[2011/12/27 22:14:50 | 000,000,217 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\background_top_yellow.gif
[2011/12/27 22:14:50 | 000,001,932 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\block-doc.gif
[2011/12/27 22:14:50 | 000,000,394 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\blocked.gif
[2011/12/27 22:14:50 | 000,001,060 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\blocked12.png
[2011/12/27 22:14:50 | 000,000,333 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_bottom_gray.gif
[2011/12/27 22:14:50 | 000,000,454 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_bottom_green.gif
[2011/12/27 22:14:50 | 000,000,617 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_bottom_orange.gif
[2011/12/27 22:14:50 | 000,000,099 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_bottom_red.gif
[2011/12/27 22:14:50 | 000,000,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_bottom_yellow.gif
[2011/12/27 22:14:50 | 000,000,471 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_top_gray.gif
[2011/12/27 22:14:50 | 000,000,820 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_top_green.gif
[2011/12/27 22:14:50 | 000,000,446 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_top_orange.gif
[2011/12/27 22:14:50 | 000,000,484 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_top_red.gif
[2011/12/27 22:14:50 | 000,000,336 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\border_top_yellow.gif
[2011/12/27 22:14:50 | 000,000,339 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\box_bottom_red.gif
[2011/12/27 22:14:50 | 000,000,520 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\box_top_red.gif
[2011/12/27 22:14:50 | 000,000,364 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\caution.gif
[2011/12/27 22:14:50 | 000,000,523 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\caution12.png
[2011/12/27 22:14:50 | 000,000,586 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\click_here_gray.gif
[2011/12/27 22:14:50 | 000,001,418 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\click_here_green.gif
[2011/12/27 22:14:50 | 000,001,268 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\click_here_orange.gif
[2011/12/27 22:14:50 | 000,001,333 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\click_here_red.gif
[2011/12/27 22:14:50 | 000,001,368 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\click_here_yellow.gif
[2011/12/27 22:14:50 | 000,002,455 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\clock.gif
[2011/12/27 22:14:50 | 000,000,429 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\clock12.png
[2011/12/27 22:14:50 | 000,002,229 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\icons_blocked.gif
[2011/12/27 22:14:50 | 000,002,364 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\icons_caution.gif
[2011/12/27 22:14:50 | 000,000,613 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\icons_close.gif
[2011/12/27 22:14:50 | 000,002,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\icons_safe.gif
[2011/12/27 22:14:50 | 000,001,662 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\icons_unknown.gif
[2011/12/27 22:14:50 | 000,002,344 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\icons_warning.gif
[2011/12/27 22:14:50 | 000,001,683 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\LS_Logo_Results.gif
[2011/12/27 22:14:50 | 000,000,362 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\safe.gif
[2011/12/27 22:14:50 | 000,000,564 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\safe12.png
[2011/12/27 22:14:50 | 000,000,389 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\unknown.gif
[2011/12/27 22:14:50 | 000,004,322 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\vrsn-secured-lsfo.gif
[2011/12/27 22:14:50 | 000,000,374 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\warning.gif
[2011/12/27 22:14:50 | 000,000,555 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\content\Icons\warning12.png
[2011/12/27 22:14:50 | 000,872,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins\avgnpss.dll
[2011/12/27 22:14:50 | 000,915,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins\avgxpl.dll
[2012/07/10 11:14:15 | 000,001,563 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\background.html
[2012/07/10 11:14:17 | 000,001,019 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\manifest.json
[2012/07/10 11:14:15 | 000,006,273 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\avgls-inline.js
[2012/07/10 11:14:15 | 000,013,724 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\flyover.js
[2012/07/10 11:14:16 | 000,001,302 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\interstitial-block.html
[2012/07/10 11:14:16 | 000,078,768 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\jquery-1.4.4.min.js
[2012/07/10 11:14:16 | 000,092,436 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\searchengine.js
[2012/07/10 11:14:16 | 000,013,766 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\searchshield.js
[2012/07/10 11:14:17 | 000,016,328 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\128x128.png
[2012/07/10 11:14:17 | 000,000,790 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\16x16.png
[2012/07/10 11:14:17 | 000,004,310 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\48x48.png
[2012/07/10 11:14:16 | 000,006,455 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\64x64.png
[2012/07/10 11:14:16 | 000,000,303 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_middle_gray.gif
[2012/07/10 11:14:16 | 000,000,610 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_middle_green.gif
[2012/07/10 11:14:16 | 000,000,773 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_middle_orange.gif
[2012/07/10 11:14:16 | 000,001,332 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_middle_red.gif
[2012/07/10 11:14:16 | 000,000,974 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_middle_yellow.gif
[2012/07/10 11:14:16 | 000,000,303 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_top_gray.gif
[2012/07/10 11:14:16 | 000,000,159 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_top_green.gif
[2012/07/10 11:14:16 | 000,000,204 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_top_orange.gif
[2012/07/10 11:14:16 | 000,000,959 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_top_red.gif
[2012/07/10 11:14:16 | 000,000,217 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\background_top_yellow.gif
[2012/07/10 11:14:16 | 000,001,932 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\block-doc.gif
[2012/07/10 11:14:16 | 000,000,394 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\blocked.gif
[2012/07/10 11:14:16 | 000,001,060 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\blocked12.png
[2012/07/10 11:14:16 | 000,000,333 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_bottom_gray.gif
[2012/07/10 11:14:16 | 000,000,454 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_bottom_green.gif
[2012/07/10 11:14:16 | 000,000,617 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_bottom_orange.gif
[2012/07/10 11:14:16 | 000,000,099 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_bottom_red.gif
[2012/07/10 11:14:16 | 000,000,626 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_bottom_yellow.gif
[2012/07/10 11:14:16 | 000,000,471 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_top_gray.gif
[2012/07/10 11:14:16 | 000,000,820 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_top_green.gif
[2012/07/10 11:14:16 | 000,000,446 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_top_orange.gif
[2012/07/10 11:14:16 | 000,000,484 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_top_red.gif
[2012/07/10 11:14:16 | 000,000,336 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\border_top_yellow.gif
[2012/07/10 11:14:16 | 000,000,339 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\box_bottom_red.gif
[2012/07/10 11:14:16 | 000,000,520 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\box_top_red.gif
[2012/07/10 11:14:16 | 000,000,364 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\caution.gif
[2012/07/10 11:14:16 | 000,000,523 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\caution12.png
[2012/07/10 11:14:16 | 000,000,586 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\click_here_gray.gif
[2012/07/10 11:14:16 | 000,001,418 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\click_here_green.gif
[2012/07/10 11:14:16 | 000,001,268 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\click_here_orange.gif
[2012/07/10 11:14:16 | 000,001,333 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\click_here_red.gif
[2012/07/10 11:14:16 | 000,001,368 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\click_here_yellow.gif
[2012/07/10 11:14:16 | 000,002,455 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\clock.gif
[2012/07/10 11:14:16 | 000,000,429 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\clock12.png
[2012/07/10 11:14:16 | 000,002,229 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\icons_blocked.gif
[2012/07/10 11:14:16 | 000,002,364 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\icons_caution.gif
[2012/07/10 11:14:16 | 000,000,613 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\icons_close.gif
[2012/07/10 11:14:16 | 000,002,314 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\icons_safe.gif
[2012/07/10 11:14:16 | 000,001,662 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\icons_unknown.gif
[2012/07/10 11:14:16 | 000,002,344 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\icons_warning.gif
[2012/07/10 11:14:16 | 000,001,683 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\LS_Logo_Results.gif
[2012/07/10 11:14:16 | 000,000,362 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\safe.gif
[2012/07/10 11:14:16 | 000,000,564 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\safe12.png
[2012/07/10 11:14:16 | 000,000,389 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\unknown.gif
[2012/07/10 11:14:16 | 000,004,322 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\vrsn-secured-lsfo.gif
[2012/07/10 11:14:16 | 000,000,374 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\warning.gif
[2012/07/10 11:14:16 | 000,000,555 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\content\Icons\warning12.png
[2012/07/10 11:14:15 | 000,898,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins\avgnpss.dll
[2012/07/10 11:14:15 | 000,951,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins\avgxpl.dll
[2012/07/10 11:14:17 | 000,001,100 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\manifest.json
[2012/07/10 11:14:17 | 000,005,309 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\cs\messages.json
[2012/07/10 11:14:17 | 000,005,182 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\da\messages.json
[2012/07/10 11:14:17 | 000,005,160 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\de\messages.json
[2012/07/10 11:14:17 | 000,004,980 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\en\messages.json
[2012/07/10 11:14:17 | 000,005,234 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\es\messages.json
[2012/07/10 11:14:17 | 000,005,276 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\es_419\messages.json
[2012/07/10 11:14:17 | 000,005,366 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\fr\messages.json
[2012/07/10 11:14:17 | 000,005,542 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\hu\messages.json
[2012/07/10 11:14:17 | 000,005,037 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\id\messages.json
[2012/07/10 11:14:17 | 000,005,148 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\it\messages.json
[2012/07/10 11:14:17 | 000,005,927 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\ja\messages.json
[2012/07/10 11:14:17 | 000,005,588 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\ko\messages.json
[2012/07/10 11:14:17 | 000,005,185 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\nl\messages.json
[2012/07/10 11:14:17 | 000,005,254 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\pl\messages.json
[2012/07/10 11:14:17 | 000,005,252 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\pt_BR\messages.json
[2012/07/10 11:14:17 | 000,005,281 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\pt_PT\messages.json
[2012/07/10 11:14:17 | 000,008,394 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\ru\messages.json
[2012/07/10 11:14:17 | 000,005,400 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\sk\messages.json
[2012/07/10 11:14:17 | 000,005,216 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\sr\messages.json
[2012/07/10 11:14:17 | 000,005,256 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\tr\messages.json
[2012/07/10 11:14:17 | 000,005,479 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\zh_CN\messages.json
[2012/07/10 11:14:17 | 000,005,456 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\_locales\zh_TW\messages.json
[2012/07/10 11:14:16 | 000,011,454 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\background.html
[2012/07/10 11:14:16 | 000,034,810 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\dat.js
[2012/07/10 11:14:16 | 000,001,715 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\options.html
[2012/07/10 11:14:16 | 000,000,414 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\popup.html
[2012/07/10 11:14:16 | 000,001,503 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\css\options.css
[2012/07/10 11:14:16 | 000,006,788 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\css\popup.css
[2012/07/10 11:14:16 | 000,016,669 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\128x128.png
[2012/07/10 11:14:16 | 000,000,851 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\16x16.png
[2012/07/10 11:14:16 | 000,004,724 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\48x48.png
[2012/07/10 11:14:16 | 000,006,455 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\64x64.png
[2012/07/10 11:14:17 | 000,009,136 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\avg_icon_128.png
[2012/07/10 11:14:17 | 000,000,710 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\avg_icon_16.png
[2012/07/10 11:14:17 | 000,002,686 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\avg_icon_48.png
[2012/07/10 11:14:16 | 000,002,001 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_bottom_container.png
[2012/07/10 11:14:16 | 000,000,991 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_bottom_tracking.png
[2012/07/10 11:14:16 | 000,001,426 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_close.gif
[2012/07/10 11:14:16 | 000,001,301 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_expand.gif
[2012/07/10 11:14:16 | 000,000,996 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_mid_container.png
[2012/07/10 11:14:16 | 000,000,937 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_mid_tracking.png
[2012/07/10 11:14:16 | 000,001,357 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_tooltip.gif
[2012/07/10 11:14:16 | 000,001,997 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_top_container.png
[2012/07/10 11:14:16 | 000,001,065 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_top_tracking.png
[2012/07/10 11:14:16 | 000,005,819 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bg_tracking.gif
[2012/07/10 11:14:16 | 000,001,464 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\btn_block.png
[2012/07/10 11:14:16 | 000,000,795 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\btn_block_left.png
[2012/07/10 11:14:16 | 000,000,450 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\btn_block_right.png
[2012/07/10 11:14:16 | 000,001,725 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bubbleBtm.png
[2012/07/10 11:14:16 | 000,000,945 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bubbleMid.png
[2012/07/10 11:14:16 | 000,002,605 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bubbleTop.png
[2012/07/10 11:14:16 | 000,000,068 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\bull4x4.gif

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Mon 27 Aug 2012, 7:33 am

[2012/07/10 11:14:16 | 000,001,095 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\divider.gif
[2012/07/10 11:14:16 | 000,005,841 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\DNT-logo.png
[2012/07/10 11:14:16 | 000,002,223 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\innerBG_gradient.gif
[2012/07/10 11:14:16 | 000,001,324 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\tooltipIcon.png
[2012/07/10 11:14:16 | 000,002,232 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\tracking_off.png
[2012/07/10 11:14:16 | 000,002,537 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\tracking_on.png
[2012/07/10 11:14:16 | 000,001,276 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\icons\x_btn.png
[2012/07/10 11:14:16 | 000,002,666 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\js\content.js
[2012/07/10 11:14:16 | 000,006,948 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\js\options.js
[2012/07/10 11:14:16 | 000,011,276 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\js\popup.js
[2012/07/10 11:14:16 | 000,008,042 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\lib\common.js
[2012/07/10 11:14:16 | 000,093,871 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\content\lib\jquery.min.js
[2012/07/10 11:14:16 | 000,002,197 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\background.html
[2012/07/10 11:14:16 | 000,013,030 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\background.js
[2012/07/10 11:14:15 | 000,006,339 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\extension.js
[2012/07/10 11:14:16 | 000,001,422 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\manifest.json
[2012/07/10 11:14:16 | 000,000,000 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\popup.html
[2012/07/10 11:14:16 | 000,038,736 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\icons\icon128.png
[2012/07/10 11:14:16 | 000,000,866 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\icons\icon16.png
[2012/07/10 11:14:16 | 000,004,708 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\icons\icon48.png
[2012/07/10 11:14:15 | 000,001,223 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\icons\actions\icon1.png
[2012/07/10 11:14:16 | 000,003,861 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\icons\notifications\icon1.png
[2012/07/10 11:14:16 | 000,003,395 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\icons\notifications\icon48.png
[2012/07/10 11:14:16 | 000,031,196 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\background.js
[2012/07/10 11:14:16 | 000,002,886 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\api\chrome.js
[2012/07/10 11:14:16 | 000,003,931 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\api\cookie.js
[2012/07/10 11:14:16 | 000,001,047 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\api\message.js
[2012/07/10 11:14:16 | 000,001,073 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\api\push.js
[2012/07/10 11:14:16 | 000,004,199 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\lib\app_api.js
[2012/07/10 11:14:16 | 000,002,558 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\lib\async_api.js
[2012/07/10 11:14:16 | 000,001,853 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\lib\bg_app_api.js
[2012/07/10 11:14:16 | 000,003,718 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\lib\cookie_store.js
[2012/07/10 11:14:16 | 000,005,585 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\lib\data_store.js
[2012/07/10 11:14:16 | 000,023,402 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\lib\faye-browser-min.js
[2012/07/10 11:14:16 | 000,001,864 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\js\lib\util.js
[2011/12/27 22:42:18 | 000,005,283 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\128.png
[2011/12/27 22:42:18 | 000,000,990 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\24.png
[2011/12/27 22:42:18 | 000,002,487 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\48.png
[2011/12/27 22:42:18 | 000,000,805 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\manifest.json
[2011/12/27 22:42:18 | 000,000,556 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\ar\messages.json
[2011/12/27 22:42:18 | 000,000,492 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\bg\messages.json
[2011/12/27 22:42:18 | 000,000,262 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\ca\messages.json
[2011/12/27 22:42:18 | 000,000,289 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\cs\messages.json
[2011/12/27 22:42:18 | 000,000,240 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\da\messages.json
[2011/12/27 22:42:18 | 000,000,239 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\de\messages.json
[2011/12/27 22:42:18 | 000,000,624 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\el\messages.json
[2011/12/27 22:42:18 | 000,000,215 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\en\messages.json
[2011/12/27 22:42:18 | 000,000,281 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\es\messages.json
[2011/12/27 22:42:18 | 000,000,284 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\fi\messages.json
[2011/12/27 22:42:18 | 000,000,234 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\fil\messages.json
[2011/12/27 22:42:18 | 000,000,272 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\fr\messages.json
[2011/12/27 22:42:18 | 000,000,391 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\hi\messages.json
[2011/12/27 22:42:18 | 000,000,246 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\hr\messages.json
[2011/12/27 22:42:18 | 000,000,234 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\hu\messages.json
[2011/12/27 22:42:18 | 000,000,242 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\id\messages.json
[2011/12/27 22:42:18 | 000,000,260 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\it\messages.json
[2011/12/27 22:42:18 | 000,000,364 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\ja\messages.json
[2011/12/27 22:42:18 | 000,000,328 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\ko\messages.json
[2011/12/27 22:42:18 | 000,000,269 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\lt\messages.json
[2011/12/27 22:42:18 | 000,000,262 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\lv\messages.json
[2011/12/27 22:42:18 | 000,000,232 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\nl\messages.json
[2011/12/27 22:42:18 | 000,000,210 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\no\messages.json
[2011/12/27 22:42:18 | 000,000,292 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\pl\messages.json
[2011/12/27 22:42:18 | 000,000,230 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\pt_BR\messages.json
[2011/12/27 22:42:18 | 000,000,231 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\pt_PT\messages.json
[2011/12/27 22:42:18 | 000,000,281 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\ro\messages.json
[2011/12/27 22:42:18 | 000,000,482 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\ru\messages.json
[2011/12/27 22:42:18 | 000,000,210 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\se\messages.json
[2011/12/27 22:42:18 | 000,000,238 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\sk\messages.json
[2011/12/27 22:42:18 | 000,000,249 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\sl\messages.json
[2011/12/27 22:42:18 | 000,000,511 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\sr\messages.json
[2011/12/27 22:42:18 | 000,000,471 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\th\messages.json
[2011/12/27 22:42:18 | 000,000,250 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\tr\messages.json
[2011/12/27 22:42:18 | 000,000,536 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\uk\messages.json
[2011/12/27 22:42:18 | 000,000,257 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\vi\messages.json
[2011/12/27 22:42:18 | 000,000,339 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\zh_CN\messages.json
[2011/12/27 22:42:18 | 000,000,321 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\_locales\zh_TW\messages.json
[2012/07/10 11:14:17 | 000,005,920 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\128.png
[2012/07/10 11:14:17 | 000,000,755 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\manifest.json
[2012/07/10 11:14:17 | 000,000,556 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar\messages.json
[2012/07/10 11:14:17 | 000,000,492 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg\messages.json
[2012/07/10 11:14:17 | 000,000,262 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca\messages.json
[2012/07/10 11:14:17 | 000,000,289 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs\messages.json
[2012/07/10 11:14:17 | 000,000,240 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da\messages.json
[2012/07/10 11:14:17 | 000,000,239 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de\messages.json
[2012/07/10 11:14:17 | 000,000,624 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el\messages.json
[2012/07/10 11:14:17 | 000,000,215 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en\messages.json
[2012/07/10 11:14:17 | 000,000,281 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es\messages.json
[2012/07/10 11:14:17 | 000,000,284 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi\messages.json
[2012/07/10 11:14:17 | 000,000,234 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil\messages.json
[2012/07/10 11:14:17 | 000,000,272 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr\messages.json
[2012/07/10 11:14:17 | 000,000,391 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi\messages.json
[2012/07/10 11:14:17 | 000,000,246 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr\messages.json
[2012/07/10 11:14:17 | 000,000,234 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu\messages.json
[2012/07/10 11:14:17 | 000,000,242 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id\messages.json
[2012/07/10 11:14:17 | 000,000,260 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it\messages.json
[2012/07/10 11:14:17 | 000,000,364 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja\messages.json
[2012/07/10 11:14:17 | 000,000,328 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko\messages.json
[2012/07/10 11:14:17 | 000,000,269 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt\messages.json
[2012/07/10 11:14:17 | 000,000,262 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv\messages.json
[2012/07/10 11:14:17 | 000,000,232 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl\messages.json
[2012/07/10 11:14:16 | 000,000,210 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no\messages.json
[2012/07/10 11:14:17 | 000,000,292 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl\messages.json
[2012/07/10 11:14:17 | 000,000,230 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR\messages.json
[2012/07/10 11:14:17 | 000,000,231 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT\messages.json
[2012/07/10 11:14:17 | 000,000,281 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro\messages.json
[2012/07/10 11:14:17 | 000,000,482 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru\messages.json
[2012/07/10 11:14:16 | 000,000,210 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se\messages.json
[2012/07/10 11:14:17 | 000,000,238 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk\messages.json
[2012/07/10 11:14:17 | 000,000,249 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl\messages.json
[2012/07/10 11:14:17 | 000,000,511 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr\messages.json
[2012/07/10 11:14:17 | 000,000,471 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th\messages.json
[2012/07/10 11:14:17 | 000,000,250 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr\messages.json
[2012/07/10 11:14:17 | 000,000,536 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk\messages.json
[2012/07/10 11:14:17 | 000,000,257 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi\messages.json
[2012/07/10 11:14:17 | 000,000,339 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN\messages.json
[2012/07/10 11:14:17 | 000,000,321 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW\messages.json
[2 C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp files -> C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\*.tmp -> ]
[1 C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp files -> C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\*.tmp -> ]
[2012/07/10 11:14:20 | 000,070,656 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
[2012/07/10 11:14:20 | 000,003,608 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage-journal
[2012/07/10 11:15:25 | 000,003,072 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0.localstorage
[2012/07/10 11:15:25 | 000,003,608 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0.localstorage-journal
[2012/03/09 22:15:55 | 000,003,072 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_s-static.ak.fbcdn.net_0.localstorage
[2012/03/09 22:15:55 | 000,003,072 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_apps.conduit.com_0.localstorage
[2012/03/09 22:15:47 | 000,003,072 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage
[2012/03/09 22:15:47 | 000,003,072 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_downloadmytoolbar.com_0.localstorage
[2012/03/09 22:15:55 | 000,003,072 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.facebook.com_0.localstorage
[2012/03/09 22:15:47 | 000,003,072 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.socialgrowthtechnologies.com_0.localstorage
[2011/07/08 11:19:37 | 000,000,000 | ---- | M] () -- C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets\Custom.css


siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Mon 27 Aug 2012, 7:33 am

< %USERPROFILE%\AppData\Local\ /s >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\Application Data /s >

< %PROGRAMFILES%\*. >
[2012/08/20 07:00:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint
[2010/07/14 22:16:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2010/08/13 17:06:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Amazon
[2010/04/27 07:57:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/10/09 19:03:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
[2011/04/08 12:11:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Browser Plugin
[2011/08/31 19:08:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Callpod
[2012/02/07 11:43:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2012/06/23 07:18:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2012/02/26 19:40:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2011/11/20 16:46:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Coupons
[2009/12/23 01:12:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2009/12/23 19:52:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Digiarty
[2010/02/22 20:51:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DirecTV
[2010/08/21 17:47:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GeoVisu Suite
[2011/11/25 14:23:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2012/04/19 19:00:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Graboid
[2012/02/21 10:58:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2009/12/23 01:10:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2009/12/23 17:41:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP Games
[2012/05/29 21:21:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HTC
[2012/05/25 15:42:50 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/12/19 21:56:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2012/08/19 06:25:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/03/21 11:27:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IObit
[2012/06/23 07:16:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2009/12/23 00:38:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JMicron
[2009/08/18 18:22:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\JunoPreloader
[2011/01/21 21:33:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark 3600-4600 Series
[2011/01/21 09:27:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark Fax Solutions
[2011/01/21 09:25:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lexmark Toolbar
[2010/12/19 11:40:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Logitech
[2012/03/04 23:29:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Magical Jelly Bean SHN Shortener
[2012/03/30 12:58:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012/04/23 15:27:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/21 15:05:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MarkAny
[2011/09/08 04:23:30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2010/03/02 22:34:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Carioca Rummy
[2009/12/23 20:51:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games
[2011/07/10 07:07:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/05/19 22:57:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/10/23 17:43:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2009/12/23 18:45:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010/12/14 21:59:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2010/10/23 17:46:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2011/01/06 17:36:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mobile Stream
[2012/08/21 07:04:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2012/08/21 07:04:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/01/05 16:32:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2009/08/18 18:11:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN
[2009/12/23 17:08:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2012/06/19 12:40:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MyFree Codec
[2009/08/18 18:22:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NetZeroPreloader
[2012/08/19 14:16:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nitto 1320 Legends
[2012/03/02 16:50:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OBDwiz
[2010/02/06 16:27:40 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Online Services
[2012/06/23 07:17:44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Oracle
[2012/05/12 22:21:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pandora Recovery
[2010/02/18 17:34:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pazera
[2010/07/02 23:59:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Inspector File Recovery
[2010/10/06 20:22:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2010/02/06 16:21:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2012/04/21 15:07:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Samsung
[2009/12/24 19:31:34 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2009/12/23 19:44:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SlySoft
[2010/02/07 20:10:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SolSuite
[2010/06/11 16:41:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spirent Communications
[2010/04/17 08:09:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/05/23 06:56:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SpywareBlaster
[2012/04/07 10:30:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trader's Little Helper
[2012/05/24 18:44:15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ulead Systems
[2009/07/14 00:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2012/06/18 23:32:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vid-Saver
[2012/04/19 18:52:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2010/05/08 22:20:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Virtual Earth 3D
[2009/07/14 01:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/03/31 11:17:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/03/21 16:11:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live Safety Center
[2011/05/01 22:11:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2012/05/24 18:45:23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Components
[2011/05/01 22:11:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/05/01 22:11:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2011/05/01 22:11:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/05/01 22:11:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar

< %appdata%\*.* >
[2011/06/06 19:52:48 | 000,001,854 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\GhostObjGAFix.xml
[2009/12/25 22:20:29 | 000,000,256 | ---- | M] () -- C:\Users\Mark\AppData\Roaming\wklnhst.dat

< MD5 for: AFD.SYS >
[2011/12/27 23:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\SysNative\drivers\afd.sys
[2011/12/27 23:59:24 | 000,498,688 | ---- | M] (Microsoft Corporation) MD5=1C7857B62DE5994A75B054A9FD4C3825 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17752_none_35e10b89752ee0f5\afd.sys
[2011/12/28 00:01:36 | 000,498,176 | ---- | M] (Microsoft Corporation) MD5=36A14FD1A23F57046361733B792CA8DB -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21887_none_364f3a028e605345\afd.sys
[2011/04/24 22:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
[2009/07/13 19:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2011/12/28 00:01:12 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=CCA39961E76B491DDF44B1E90FC8971D -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.21115_none_34b263fe91032456\afd.sys
[2010/11/20 05:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys
[2011/04/24 22:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2011/12/27 23:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=DB9D6C6B2CD95A9CA414D045B627422E -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16937_none_34154fcd77f3bbda\afd.sys
[2011/04/24 23:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[2011/04/24 22:44:27 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=FBFF8B7C9D116229E9208A0D1CAEB49B -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\SysWOW64\cryptsvc.dll
[2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2010/11/20 09:25:59 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2012/04/24 00:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2012/04/24 01:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\SysNative\cryptsvc.dll
[2012/04/24 01:37:37 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=4F5414602E2544A4554D95517948B705 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_d41dd577b1743795\cryptsvc.dll
[2012/04/24 00:47:04 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=520A108A2657F4BCA7FCED9CA7D885DE -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_762f534bfbdf7203\cryptsvc.dll
[2009/07/13 21:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/13 21:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010/11/20 08:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2012/04/24 01:22:32 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=B7337E9C9E5936355BB700AA33E0936E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_d473633acab895c2\cryptsvc.dll
[2012/04/24 01:36:46 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=CE8BF1423AEE47DA5275FBC8AD3BD642 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_d2773c98cda297d3\cryptsvc.dll
[2012/04/24 01:59:45 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=F02786B66375292E58C8777082D4396D -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.17008_none_d24deecfb43ce339\cryptsvc.dll
[2012/04/24 00:33:53 | 000,141,312 | ---- | M] (Microsoft Corporation) MD5=F522279B4717E2BFF269C771FAC2B78E -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.21199_none_7658a1151545269d\cryptsvc.dll

< MD5 for: DNSRSLVR.DLL >
[2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\SysNative\dnsrslvr.dll
[2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsrslvr.dll
[2009/07/13 21:40:32 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=676108C4E3AA6F6B34633748BD0BEBD9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsrslvr.dll
[2011/03/03 02:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=85CF424C74A1D5EC33533E1DBFF9920A -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsrslvr.dll
[2011/03/03 02:12:55 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=B2205BAEAE4C178ABEB1B149751FC2B9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsrslvr.dll
[2010/11/20 09:26:07 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=CD55F5355D8F55D44C9F4ED875705BD6 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsrslvr.dll
[2011/03/03 02:23:37 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=D8065FA366D28746EE3D75F08ED6B2FE -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsrslvr.dll

< MD5 for: ES.DLL >
[2012/08/17 18:27:53 | 000,008,728 | ---- | M] () MD5=328868A14EB90E6A8EA9F3FC59FC49BB -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\Locales\es.dll
[2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\SysNative\es.dll
[2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[2012/08/14 00:29:58 | 000,008,728 | ---- | M] () MD5=7AD37261A349BE597C2E4C58B093B63D -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\Locales\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\SysWOW64\es.dll
[2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: IPNATHLP.DLL >
[2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\SysNative\ipnathlp.dll
[2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\ipnathlp.dll

< MD5 for: NETBT.SYS >
[2010/11/20 05:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\SysNative\drivers\netbt.sys
[2010/11/20 05:23:20 | 000,261,632 | ---- | M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068 -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys
[2009/07/13 19:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys

< MD5 for: NETMAN.DLL >
[2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\SysNative\netman.dll
[2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll

< MD5 for: QMGR.DLL >
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[2009/07/13 21:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

< MD5 for: RPCSS.DLL >
[2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
[2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[2009/07/13 21:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=7266972E86890E2B30C0C322E906B027 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 01:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011/09/29 13:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 09:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 02:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 02:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2012/03/30 06:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 01:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 07:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012/03/30 06:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/06/14 02:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/13 21:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 01:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 02:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 12:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012/03/30 07:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011/04/25 02:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 02:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 02:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 12:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011/09/29 12:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: TDX.SYS >
[2009/07/13 19:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys
[2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\SysNative\drivers\tdx.sys
[2010/11/20 05:21:56 | 000,119,296 | ---- | M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806 -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\drivers\volsnap.sys
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys
[2010/11/20 09:34:02 | 000,295,808 | ---- | M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639 -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys
[2009/07/13 21:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/13 21:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WMISVC.DLL >
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\SysNative\wbem\WMIsvc.dll
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7600.16385_none_fca7ad7710a22535\WMIsvc.dll
[2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7601.17514_none_fed8c13f0d90a8cf\WMIsvc.dll

< MD5 for: WSCSVC.DLL >
[2010/12/21 02:09:08 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=34D280957E8681E4BD9492B3F1FC27B9 -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.20862_none_76d192b6e4d9ed67\wscsvc.dll
[2010/12/21 02:16:27 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=8F9F3969933C02DA96EB0F84576DB43E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16723_none_767435e5cb9af730\wscsvc.dll
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\SysNative\wscsvc.dll
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16385_none_76354f59cbc9dce8\wscsvc.dll
[2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7601.17514_none_78666321c8b86082\wscsvc.dll

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\System32\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\System32\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\System32\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\Windows\System32\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\Windows\System32\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\System32\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\Windows\System32\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\Windows\System32\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\Windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\Windows\System32\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\Windows\System32\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\Windows\SysWOW64\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\Windows\SysWOW64\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\Windows\SysWOW64\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\Windows\SysWOW64\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\Windows\SysWOW64\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction

========== Alternate Data Streams ==========

@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:5C321E34


siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by DragonMaster Jay on Mon 27 Aug 2012, 7:55 am

Hi! Welcome to the malware forum.

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.




-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.



------------------------

Click the Start Scan button.



-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue




----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.





--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


Please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Mon 27 Aug 2012, 9:56 pm

# AdwCleaner v1.801 - Logfile created 08/27/2012 at 06:53:21
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Mark - MARK-PC
# Boot Mode : Normal
# Running from : C:\Users\Mark\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Mark\AppData\Local\Conduit
Folder Found : C:\Users\Mark\AppData\Local\Temp\CT2790392
Folder Found : C:\Users\Mark\AppData\LocalLow\Conduit
Folder Found : C:\Users\Mark\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Mark\AppData\LocalLow\MyWebSearch
Folder Found : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\ConduitCommon
Folder Found : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\CT2790392
Folder Found : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Found : C:\Program Files (x86)\Conduit
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.BHO
[*] Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.BHO.1
[*] Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi
[*] Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi.1
[*] Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox
[*] Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox.1
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\GamePlayLabs
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
[x64] Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
[x64] Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
[x64] Key Found : HKCU\Software\Cr_Installer
[x64] Key Found : HKCU\Software\GamePlayLabs
[x64] Key Found : HKCU\Software\InstalledBrowserExtensions
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\prefs.js

Found : user_pref("CT2790392..clientLogIsEnabled", false);
Found : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Found : user_pref("CT2790392.CTID", "CT2790392");
Found : user_pref("CT2790392.CurrentServerDate", "26-8-2012");
Found : user_pref("CT2790392.DSInstall", false);
Found : user_pref("CT2790392.DialogsAlignMode", "LTR");
Found : user_pref("CT2790392.DialogsGetterLastCheckTime", "Fri Aug 24 2012 10:12:25 GMT-0400 (Eastern Daylig[...]
Found : user_pref("CT2790392.DownloadReferralCookieData", "");
Found : user_pref("CT2790392.EMailNotifierPollDate", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern Standard Ti[...]
Found : user_pref("CT2790392.EnableClickToSearchBox", false);
Found : user_pref("CT2790392.EnableSearchHistory", false);
Found : user_pref("CT2790392.EnableSearchSuggest", false);
Found : user_pref("CT2790392.FeedLastCount129313977501788460", 158);
Found : user_pref("CT2790392.FeedPollDate129313974171006416", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313975698350231", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313976370850190", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313976648818968", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313977444757117", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313980389131455", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313980655381977", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313980886163259", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313981234756535", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313983226631720", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedPollDate129313983607725691", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Found : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Found : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Found : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Found : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Found : user_pref("CT2790392.FirstServerDate", "1-3-2012");
Found : user_pref("CT2790392.FirstTime", true);
Found : user_pref("CT2790392.FirstTimeFF3", true);
Found : user_pref("CT2790392.FixPageNotFoundErrors", true);
Found : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2790392.HPInstall", false);
Found : user_pref("CT2790392.HasUserGlobalKeys", true);
Found : user_pref("CT2790392.Initialize", true);
Found : user_pref("CT2790392.InitializeCommonPrefs", true);
Found : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2790392.InstallationId", "ConduitXPEIntegration");
Found : user_pref("CT2790392.InstallationType", "ConduitXPEIntegration");
Found : user_pref("CT2790392.InstalledDate", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern Standard Time)");
Found : user_pref("CT2790392.IsGrouping", false);
Found : user_pref("CT2790392.IsInitSetupIni", true);
Found : user_pref("CT2790392.IsMulticommunity", false);
Found : user_pref("CT2790392.IsOpenThankYouPage", true);
Found : user_pref("CT2790392.IsOpenUninstallPage", false);
Found : user_pref("CT2790392.LanguagePackLastCheckTime", "Sun Aug 26 2012 07:01:10 GMT-0400 (Eastern Dayligh[...]
Found : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2790392.LastLogin_3.12.0.7", "Tue May 08 2012 10:25:31 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2790392.LastLogin_3.12.2.3", "Sat Jun 02 2012 07:28:06 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2790392.LastLogin_3.13.0.6", "Wed Jul 25 2012 10:10:43 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2790392.LastLogin_3.14.1.0", "Sun Aug 26 2012 07:01:07 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2790392.LastLogin_3.9.0.3", "Thu Mar 01 2012 10:24:34 GMT-0500 (Eastern Standard Time)"[...]
Found : user_pref("CT2790392.LatestVersion", "3.14.1.0");
Found : user_pref("CT2790392.Locale", "en");
Found : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Found : user_pref("CT2790392.MCDetectTooltipShow", false);
Found : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Found : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2790392.OriginalFirstVersion", "3.9.0.3");
Found : user_pref("CT2790392.SearchBackToDefaultEngine", false);
Found : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Found : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Found : user_pref("CT2790392.SearchInNewTabEnabled", true);
Found : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sun Aug 26 2012 07:00:57 GMT-0400 (Eastern Dayli[...]
Found : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2790392.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Found : user_pref("CT2790392.ServiceMapLastCheckTime", "Sun Aug 26 2012 07:00:58 GMT-0400 (Eastern Daylight [...]
Found : user_pref("CT2790392.SettingsLastCheckTime", "Sun Aug 26 2012 07:00:57 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("CT2790392.SettingsLastUpdate", "1344943760");
Found : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Found : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern Sta[...]
Found : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Found : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2790392.UserID", "UN40244069695253737");
Found : user_pref("CT2790392.ValidationData_Toolbar", 0);
Found : user_pref("CT2790392.WeatherNetwork", "");
Found : user_pref("CT2790392.WeatherPollDate", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern Standard Time)");
Found : user_pref("CT2790392.WeatherUnit", "F");
Found : user_pref("CT2790392.alertChannelId", "1182482");
Found : user_pref("CT2790392.approveUntrustedApps", true);
Found : user_pref("CT2790392.autoDisableScopes", -1);
Found : user_pref("CT2790392.backendstorage.cbfirsttime", "546875204D617220303120323031322031303A32343A34332[...]
Found : user_pref("CT2790392.componentAlertEnabled", false);
Found : user_pref("CT2790392.components.1000034", false);
Found : user_pref("CT2790392.components.1000234", false);
Found : user_pref("CT2790392.components.129298377186544355", false);
Found : user_pref("CT2790392.components.129309565073350181", false);
Found : user_pref("CT2790392.components.129309577647413174", false);
Found : user_pref("CT2790392.components.129309578575850709", false);
Found : user_pref("CT2790392.components.129313977501788460", false);
Found : user_pref("CT2790392.components.129526968991422666", false);
Found : user_pref("CT2790392.components.129633547190125290", false);
Found : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern [...]
Found : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2790392.initDone", true);
Found : user_pref("CT2790392.isAppTrackingManagerOn", true);
Found : user_pref("CT2790392.isSearchProtectorNotifyChanges", false);
Found : user_pref("CT2790392.myStuffEnabled", true);
Found : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2790392.revertSettingsEnabled", false);
Found : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Found : user_pref("CT2790392.testingCtid", "");
Found : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sun Aug 26 2012 07:01:06 GMT-0400 (Eastern D[...]
Found : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Thu Mar 01 2012 10:24:34 GMT-0500 (Eastern S[...]
Found : user_pref("CT2790392.usageEnabled", false);
Found : user_pref("CT2790392.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"545[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Mark\\AppData\\Roaming\\Mozilla\\Fi[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Mar 01 2012 10:24:34 GMT-0500 (Eas[...]
Found : user_pref("CommunityToolbar.globalUserId", "a6ceba35-c626-46eb-b29a-df0684b99523");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.locale", "");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Mar 01 2012 10:24:33 GMT-0500 (E[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.userId", "7d435cec-1a9e-4313-af37-b30976d5f16a");
Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Found : user_pref("extensions.crossriderapp3491.3491.InstallationThankYouPage", true);
Found : user_pref("extensions.crossriderapp3491.3491.InstallationTime", 1340076738);
Found : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.searchUserConifrmation", false[...]
Found : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setHomepage", false);
Found : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setNewTab", false);
Found : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setSearch", false);
Found : user_pref("extensions.crossriderapp3491.3491.active", true);
Found : user_pref("extensions.crossriderapp3491.3491.addressbar", "");
Found : user_pref("extensions.crossriderapp3491.3491.affid", "0");
Found : user_pref("extensions.crossriderapp3491.3491.backgroundjs", "\nvar BG={vars:{},rules:{},started:!1,l[...]
Found : user_pref("extensions.crossriderapp3491.3491.backgroundver", 7);
Found : user_pref("extensions.crossriderapp3491.3491.can_run_bg_code", true);
Found : user_pref("extensions.crossriderapp3491.3491.certdomaininstaller", "");
Found : user_pref("extensions.crossriderapp3491.3491.changeprevious", false);
Found : user_pref("extensions.crossriderapp3491.3491.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie.InstallationTime.value", "1340076738");
Found : user_pref("extensions.crossriderapp3491.3491.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_aoi.value", "1340076738");
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_crr.value", "1345978915");
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_geo.expiration", "Fri Aug 31 2012 10:12:25 [...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_geo.value", "%7B%22geoplugin_request%22%3A%[...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_hotfix20111102645.value", "%221%22");
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_parent_zoneid.value", "%2224536%22");
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_product_id.value", "%221147%22");
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_zoneid.value", "%2246597%22");
Found : user_pref("extensions.crossriderapp3491.3491.description", "Vid-Saver allows you to download your fa[...]
Found : user_pref("extensions.crossriderapp3491.3491.domain", "");
Found : user_pref("extensions.crossriderapp3491.3491.emailsig", "");
Found : user_pref("extensions.crossriderapp3491.3491.enablesearch", false);
Found : user_pref("extensions.crossriderapp3491.3491.exposesites", "");
Found : user_pref("extensions.crossriderapp3491.3491.fbremoteurl", "");
Found : user_pref("extensions.crossriderapp3491.3491.group", 0);
Found : user_pref("extensions.crossriderapp3491.3491.homepage", "");
Found : user_pref("extensions.crossriderapp3491.3491.iframe", false);
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_appVer.value", "40");
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_lastVersion.value", "0");
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_meta.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_nextCheck.expiration", "Sun Aug 26[...]
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_nextCheck.value", "true");
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_queue.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp3491.3491.js", "\nvar _GPL_PID=1140,_GPL_baseCDN=\"vidsaver-a.aka[...]
Found : user_pref("extensions.crossriderapp3491.3491.manifesturl", "");
Found : user_pref("extensions.crossriderapp3491.3491.name", "Vid-Saver");
Found : user_pref("extensions.crossriderapp3491.3491.newtab", "");
Found : user_pref("extensions.crossriderapp3491.3491.opensearch", "");
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.name", "CrossriderAppUtils");
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.ver", 2);
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.name", "CrossriderUtils");
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.ver", 2);
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.name", "FacebookFFIE");
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.ver", 1);
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.code", "(function(b,a){function h(){v[...]
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.name", "FFAppAPIWrapper");
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.ver", 3);
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.code", "/*!\n * jQuery JavaScript Lib[...]
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.name", "jQuery");
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.ver", 1);
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.name", "resources_background");
Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.ver", 1);
Found : user_pref("extensions.crossriderapp3491.3491.plugins_lists.plugins_0", "17,14,16,47");
Found : user_pref("extensions.crossriderapp3491.3491.plugins_lists.plugins_1", "17,14,13,16,15");
Found : user_pref("extensions.crossriderapp3491.3491.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Found : user_pref("extensions.crossriderapp3491.3491.pluginsversion", 7);
Found : user_pref("extensions.crossriderapp3491.3491.premium", true);
Found : user_pref("extensions.crossriderapp3491.3491.publisher", "215 Apps");
Found : user_pref("extensions.crossriderapp3491.3491.searchstatus", 0);
Found : user_pref("extensions.crossriderapp3491.3491.setnewtab", false);
Found : user_pref("extensions.crossriderapp3491.3491.settingsurl", "");
Found : user_pref("extensions.crossriderapp3491.3491.thankyou", "hxxp://vid-saver.com/thankyou.html");
Found : user_pref("extensions.crossriderapp3491.3491.updateinterval", 360);
Found : user_pref("extensions.crossriderapp3491.3491.ver", 40);
Found : user_pref("extensions.crossriderapp3491.adsOldValue", -1);
Found : user_pref("extensions.crossriderapp3491.apps", "3491");
Found : user_pref("extensions.crossriderapp3491.bic", "1381484d6bc51124547407529c4a4adb");
Found : user_pref("extensions.crossriderapp3491.cid", 3491);
Found : user_pref("extensions.crossriderapp3491.firstrun", false);
Found : user_pref("extensions.crossriderapp3491.hadappinstalled", true);
Found : user_pref("extensions.crossriderapp3491.installationdate", 1340374046);
Found : user_pref("extensions.crossriderapp3491.lastcheck", 22432981);
Found : user_pref("extensions.crossriderapp3491.lastcheckitem", 22432989);
Found : user_pref("extensions.crossriderapp3491.misc.lastBgWorkerTimer", "1340797798130");
Found : user_pref("extensions.crossriderapp3491.misc.lastDomWorkerTimer", "1340797798128");
Found : user_pref("extensions.crossriderapp3491.modetype", "production");
Found : user_pref("extensions.enabledAddons", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.14.1.0,crossriderapp[...]

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "description": "The fastest way to search the web.",

*************************

AdwCleaner[R1].txt - [27406 octets] - [27/08/2012 06:53:21]

########## EOF - C:\AdwCleaner[R1].txt - [27535 octets] ##########

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by DragonMaster Jay on Thu 30 Aug 2012, 5:04 am

Remove the Adware.

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

Please post the log.


Also, were you able to run TDSSKiller?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Fri 31 Aug 2012, 1:51 am

I had to attach the TDSSkiller log file due to its size. Will try reposting

# AdwCleaner v1.801 - Logfile created 08/30/2012 at 10:38:37
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Mark - MARK-PC
# Boot Mode : Normal
# Running from : C:\Users\Mark\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Mark\AppData\Local\Conduit
Folder Deleted : C:\Users\Mark\AppData\Local\Temp\CT2790392
Folder Deleted : C:\Users\Mark\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mark\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Mark\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\ConduitCommon
Folder Deleted : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\CT2790392
Folder Deleted : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
Folder Deleted : C:\Program Files (x86)\Conduit
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.BHO
[*] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.BHO.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi
[*] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox
[*] Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox.1
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\GamePlayLabs
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\prefs.js

Deleted : user_pref("CT2790392..clientLogIsEnabled", false);
Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Deleted : user_pref("CT2790392.CTID", "CT2790392");
Deleted : user_pref("CT2790392.CurrentServerDate", "28-8-2012");
Deleted : user_pref("CT2790392.DSInstall", false);
Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Mon Aug 27 2012 16:50:12 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
Deleted : user_pref("CT2790392.EMailNotifierPollDate", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2790392.EnableClickToSearchBox", false);
Deleted : user_pref("CT2790392.EnableSearchHistory", false);
Deleted : user_pref("CT2790392.EnableSearchSuggest", false);
Deleted : user_pref("CT2790392.FeedLastCount129313977501788460", 158);
Deleted : user_pref("CT2790392.FeedPollDate129313974171006416", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313975698350231", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313976370850190", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313976648818968", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313977444757117", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313980389131455", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313980655381977", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313980886163259", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313981234756535", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313983226631720", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedPollDate129313983607725691", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern St[...]
Deleted : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Deleted : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Deleted : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Deleted : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Deleted : user_pref("CT2790392.FirstServerDate", "1-3-2012");
Deleted : user_pref("CT2790392.FirstTime", true);
Deleted : user_pref("CT2790392.FirstTimeFF3", true);
Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2790392.HPInstall", false);
Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
Deleted : user_pref("CT2790392.Initialize", true);
Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2790392.InstallationId", "ConduitXPEIntegration");
Deleted : user_pref("CT2790392.InstallationType", "ConduitXPEIntegration");
Deleted : user_pref("CT2790392.InstalledDate", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2790392.IsGrouping", false);
Deleted : user_pref("CT2790392.IsInitSetupIni", true);
Deleted : user_pref("CT2790392.IsMulticommunity", false);
Deleted : user_pref("CT2790392.IsOpenThankYouPage", true);
Deleted : user_pref("CT2790392.IsOpenUninstallPage", false);
Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Mon Aug 27 2012 07:01:10 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2790392.LastLogin_3.12.0.7", "Tue May 08 2012 10:25:31 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2790392.LastLogin_3.12.2.3", "Sat Jun 02 2012 07:28:06 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2790392.LastLogin_3.13.0.6", "Wed Jul 25 2012 10:10:43 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2790392.LastLogin_3.14.1.0", "Mon Aug 27 2012 23:03:35 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2790392.LastLogin_3.9.0.3", "Thu Mar 01 2012 10:24:34 GMT-0500 (Eastern Standard Time)"[...]
Deleted : user_pref("CT2790392.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2790392.Locale", "en");
Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2790392.MCDetectTooltipShow", false);
Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.9.0.3");
Deleted : user_pref("CT2790392.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Mon Aug 27 2012 07:00:57 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2790392.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Mon Aug 27 2012 07:00:59 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Mon Aug 27 2012 23:03:34 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2790392.SettingsLastUpdate", "1344943776");
Deleted : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Deleted : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Thu Mar 01 2012 10:24:32 GMT-0500 (Eastern Sta[...]
Deleted : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2790392.UserID", "UN40244069695253737");
Deleted : user_pref("CT2790392.ValidationData_Toolbar", 0);
Deleted : user_pref("CT2790392.WeatherNetwork", "");
Deleted : user_pref("CT2790392.WeatherPollDate", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2790392.WeatherUnit", "F");
Deleted : user_pref("CT2790392.alertChannelId", "1182482");
Deleted : user_pref("CT2790392.approveUntrustedApps", true);
Deleted : user_pref("CT2790392.autoDisableScopes", -1);
Deleted : user_pref("CT2790392.backendstorage.cbfirsttime", "546875204D617220303120323031322031303A32343A34332[...]
Deleted : user_pref("CT2790392.componentAlertEnabled", false);
Deleted : user_pref("CT2790392.components.1000034", false);
Deleted : user_pref("CT2790392.components.1000234", false);
Deleted : user_pref("CT2790392.components.129298377186544355", false);
Deleted : user_pref("CT2790392.components.129309565073350181", false);
Deleted : user_pref("CT2790392.components.129309577647413174", false);
Deleted : user_pref("CT2790392.components.129309578575850709", false);
Deleted : user_pref("CT2790392.components.129313977501788460", false);
Deleted : user_pref("CT2790392.components.129526968991422666", false);
Deleted : user_pref("CT2790392.components.129633547190125290", false);
Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Thu Mar 01 2012 10:24:33 GMT-0500 (Eastern [...]
Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2790392.initDone", true);
Deleted : user_pref("CT2790392.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2790392.isSearchProtectorNotifyChanges", false);
Deleted : user_pref("CT2790392.myStuffEnabled", true);
Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2790392.revertSettingsEnabled", false);
Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2790392.testingCtid", "");
Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Mon Aug 27 2012 07:01:06 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Thu Mar 01 2012 10:24:34 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2790392.usageEnabled", false);
Deleted : user_pref("CT2790392.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"545[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Mark\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Mar 01 2012 10:24:34 GMT-0500 (Eas[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "a6ceba35-c626-46eb-b29a-df0684b99523");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.locale", "");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 0);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Mar 01 2012 10:24:33 GMT-0500 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "");
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.userId", "7d435cec-1a9e-4313-af37-b30976d5f16a");
Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationTime", 1340076738);
Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp3491.3491.active", true);
Deleted : user_pref("extensions.crossriderapp3491.3491.addressbar", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.affid", "0");
Deleted : user_pref("extensions.crossriderapp3491.3491.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG&&appA[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.backgroundver", 10);
Deleted : user_pref("extensions.crossriderapp3491.3491.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp3491.3491.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.InstallationTime.value", "1340076738");
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_aoi.value", "1340076738");
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_blocklist.expiration", "Mon Aug 27 2012 23:[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_blocklist.value", "%5B%22nonexistantdomain.[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_country_code.expiration", "Mon Sep 03 2012 [...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_country_code.value", "%22US%22");
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_crr.value", "1346123312");
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_geo.expiration", "Fri Aug 31 2012 10:12:25 [...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_geo.value", "%7B%22geoplugin_request%22%3A%[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_parent_zoneid.value", "%2214019%22");
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_product_id.value", "%221147%22");
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_sr[adultfriendfinder.com].expiration", "Tue[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_sr[adultfriendfinder.com].value", "13461008[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_zoneid.value", "%2246588%22");
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.dbtest.value", "1346065091530");
Deleted : user_pref("extensions.crossriderapp3491.3491.description", "Vid-Saver allows you to download your fa[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.domain", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.emailsig", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp3491.3491.exposesites", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.group", 0);
Deleted : user_pref("extensions.crossriderapp3491.3491.homepage", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.iframe", false);
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_appVer.value", "42");
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_nextCheck.expiration", "Tue Aug 28[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp3491.3491.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.name", "Vid-Saver");
Deleted : user_pref("extensions.crossriderapp3491.3491.newtab", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.opensearch", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000014.ver", 2);
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000015.ver", 2);
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.code", "(function(b,a){function h(){v[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.ver", 3);
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins_lists.plugins_0", "17,14,16,47,1000015");
Deleted : user_pref("extensions.crossriderapp3491.3491.plugins_lists.plugins_1", "17,14,13,16,15,1000014");
Deleted : user_pref("extensions.crossriderapp3491.3491.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp3491.3491.pluginsversion", 9);
Deleted : user_pref("extensions.crossriderapp3491.3491.premium", true);
Deleted : user_pref("extensions.crossriderapp3491.3491.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp3491.3491.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp3491.3491.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp3491.3491.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp3491.3491.thankyou", "hxxp://vid-saver.com/thankyou.html");
Deleted : user_pref("extensions.crossriderapp3491.3491.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp3491.3491.ver", 42);
Deleted : user_pref("extensions.crossriderapp3491.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp3491.apps", "3491");
Deleted : user_pref("extensions.crossriderapp3491.bic", "1381484d6bc51124547407529c4a4adb");
Deleted : user_pref("extensions.crossriderapp3491.cid", 3491);
Deleted : user_pref("extensions.crossriderapp3491.firstrun", false);
Deleted : user_pref("extensions.crossriderapp3491.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp3491.installationdate", 1340374046);
Deleted : user_pref("extensions.crossriderapp3491.lastcheck", 22435384);
Deleted : user_pref("extensions.crossriderapp3491.lastcheckitem", 22435418);
Deleted : user_pref("extensions.crossriderapp3491.misc.lastBgWorkerTimer", "1340797798130");
Deleted : user_pref("extensions.crossriderapp3491.misc.lastDomWorkerTimer", "1340797798128");
Deleted : user_pref("extensions.crossriderapp3491.modetype", "production");
Deleted : user_pref("extensions.enabledAddons", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.14.1.0,crossriderapp[...]

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[R1].txt - [27515 octets] - [27/08/2012 06:53:21]
AdwCleaner[R2].txt - [29097 octets] - [30/08/2012 10:38:26]
AdwCleaner[S1].txt - [28971 octets] - [30/08/2012 10:38:37]

########## EOF - C:\AdwCleaner[S1].txt - [29100 octets] ##########

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Fri 31 Aug 2012, 2:01 am

06:32:56.0700 6996 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
06:32:57.0057 6996 ============================================================
06:32:57.0057 6996 Current date / time: 2012/08/27 06:32:57.0057
06:32:57.0057 6996 SystemInfo:
06:32:57.0057 6996
06:32:57.0057 6996 OS Version: 6.1.7601 ServicePack: 1.0
06:32:57.0057 6996 Product type: Workstation
06:32:57.0057 6996 ComputerName: MARK-PC
06:32:57.0058 6996 UserName: Mark
06:32:57.0058 6996 Windows directory: C:\Windows
06:32:57.0058 6996 System windows directory: C:\Windows
06:32:57.0058 6996 Running under WOW64
06:32:57.0058 6996 Processor architecture: Intel x64
06:32:57.0058 6996 Number of processors: 8
06:32:57.0058 6996 Page size: 0x1000
06:32:57.0058 6996 Boot type: Normal boot
06:32:57.0058 6996 ============================================================
06:32:57.0767 6996 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:32:57.0787 6996 ============================================================
06:32:57.0787 6996 \Device\Harddisk0\DR0:
06:32:57.0788 6996 MBR partitions:
06:32:57.0788 6996 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
06:32:57.0789 6996 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3894E000
06:32:57.0789 6996 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x389B2000, BlocksNum 0x19A0000
06:32:57.0789 6996 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
06:32:57.0789 6996 ============================================================
06:32:57.0826 6996 C: <-> \Device\Harddisk0\DR0\Partition2
06:32:57.0961 6996 D: <-> \Device\Harddisk0\DR0\Partition3
06:32:57.0961 6996 ============================================================
06:32:57.0962 6996 Initialize success
06:32:57.0962 6996 ============================================================
06:33:57.0350 4532 ============================================================
06:33:57.0350 4532 Scan started
06:33:57.0350 4532 Mode: Manual;
06:33:57.0350 4532 ============================================================
06:33:59.0329 4532 ================ Scan system memory ========================
06:33:59.0329 4532 Scan interrupted by user!
06:33:59.0330 4532 ================ Scan services =============================
06:33:59.0347 4532 Scan interrupted by user!
06:33:59.0347 4532 ================ Scan global ===============================
06:33:59.0347 4532 Scan interrupted by user!
06:33:59.0347 4532 ================ Scan MBR ==================================
06:33:59.0347 4532 Scan interrupted by user!
06:33:59.0347 4532 ================ Scan VBR ==================================
06:33:59.0347 4532 Scan interrupted by user!
06:33:59.0347 4532 ============================================================
06:33:59.0347 4532 Scan finished
06:33:59.0347 4532 ============================================================
06:33:59.0363 4880 Detected object count: 0
06:33:59.0363 4880 Actual detected object count: 0
06:36:52.0180 4012 ============================================================
06:36:52.0180 4012 Scan started
06:36:52.0180 4012 Mode: Manual; SigCheck; TDLFS;
06:36:52.0180 4012 ============================================================
06:36:52.0418 4012 ================ Scan services =============================
06:36:52.0601 4012 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
06:36:52.0775 4012 1394ohci - ok
06:36:52.0804 4012 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
06:36:52.0833 4012 Accelerometer - ok
06:36:52.0863 4012 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
06:36:52.0898 4012 ACPI - ok
06:36:52.0929 4012 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
06:36:53.0020 4012 AcpiPmi - ok
06:36:53.0136 4012 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:36:53.0167 4012 AdobeFlashPlayerUpdateSvc - ok
06:36:53.0213 4012 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
06:36:53.0264 4012 adp94xx - ok
06:36:53.0292 4012 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
06:36:53.0330 4012 adpahci - ok
06:36:53.0348 4012 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
06:36:53.0369 4012 adpu320 - ok
06:36:53.0497 4012 [ 985E43B02D2443F6C0F440771C77E5D1 ] ADVService C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
06:36:53.0525 4012 ADVService ( UnsignedFile.Multi.Generic ) - warning
06:36:53.0526 4012 ADVService - detected UnsignedFile.Multi.Generic (1)
06:36:53.0570 4012 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:36:53.0753 4012 AeLookupSvc - ok
06:36:53.0848 4012 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
06:36:53.0877 4012 AESTFilters - ok
06:36:53.0921 4012 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
06:36:54.0028 4012 AFD - ok
06:36:54.0055 4012 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
06:36:54.0082 4012 agp440 - ok
06:36:54.0094 4012 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
06:36:54.0144 4012 ALG - ok
06:36:54.0184 4012 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
06:36:54.0209 4012 aliide - ok
06:36:54.0223 4012 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
06:36:54.0237 4012 amdide - ok
06:36:54.0259 4012 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
06:36:54.0321 4012 AmdK8 - ok
06:36:54.0336 4012 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
06:36:54.0359 4012 AmdPPM - ok
06:36:54.0383 4012 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
06:36:54.0405 4012 amdsata - ok
06:36:54.0424 4012 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
06:36:54.0450 4012 amdsbs - ok
06:36:54.0462 4012 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
06:36:54.0481 4012 amdxata - ok
06:36:54.0521 4012 [ 30682A098E12E2C85FA65518E1618195 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
06:36:54.0541 4012 AnyDVD - ok
06:36:54.0564 4012 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
06:36:54.0641 4012 AppID - ok
06:36:54.0671 4012 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
06:36:54.0756 4012 AppIDSvc - ok
06:36:54.0788 4012 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
06:36:54.0864 4012 Appinfo - ok
06:36:54.0904 4012 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
06:36:54.0929 4012 arc - ok
06:36:54.0943 4012 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
06:36:54.0966 4012 arcsas - ok
06:36:55.0055 4012 [ B373BD1E3641C16BD0B7933BEE3FFF1B ] ArraySSL_VPN_Service8.4.6.49 C:\Program Files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe
06:36:55.0073 4012 ArraySSL_VPN_Service8.4.6.49 - ok
06:36:55.0130 4012 [ 3C5DAB3190640FEB3A476DBC815FCEBB ] Array_Utility_Service8.4.6.49 C:\Program Files\Array Networks\Common\8,4,6,49\arr_isrv.exe
06:36:55.0159 4012 Array_Utility_Service8.4.6.49 - ok
06:36:55.0240 4012 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:36:55.0264 4012 aspnet_state - ok
06:36:55.0283 4012 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:36:55.0366 4012 AsyncMac - ok
06:36:55.0403 4012 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
06:36:55.0429 4012 atapi - ok
06:36:55.0472 4012 [ 0ACFBED8867E6911D732E661FD391CB4 ] ATP C:\Windows\system32\DRIVERS\atpdrvr.sys
06:36:55.0518 4012 ATP - ok
06:36:55.0563 4012 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:36:55.0678 4012 AudioEndpointBuilder - ok
06:36:55.0709 4012 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
06:36:55.0761 4012 AudioSrv - ok
06:36:55.0938 4012 [ BA60FD7A64B9759A14C0FBA4A9ED4C7B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
06:36:56.0134 4012 AVGIDSAgent - ok
06:36:56.0155 4012 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
06:36:56.0165 4012 AVGIDSDriver - ok
06:36:56.0173 4012 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
06:36:56.0182 4012 AVGIDSFilter - ok
06:36:56.0204 4012 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
06:36:56.0214 4012 AVGIDSHA - ok
06:36:56.0261 4012 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
06:36:56.0282 4012 Avgldx64 - ok
06:36:56.0319 4012 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
06:36:56.0333 4012 Avgmfx64 - ok
06:36:56.0354 4012 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
06:36:56.0367 4012 Avgrkx64 - ok
06:36:56.0389 4012 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
06:36:56.0409 4012 Avgtdia - ok
06:36:56.0431 4012 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
06:36:56.0448 4012 avgwd - ok
06:36:56.0497 4012 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
06:36:56.0562 4012 AxInstSV - ok
06:36:56.0633 4012 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
06:36:56.0696 4012 b06bdrv - ok
06:36:56.0764 4012 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
06:36:56.0821 4012 b57nd60a - ok
06:36:56.0900 4012 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
06:36:56.0923 4012 BBSvc - ok
06:36:56.0961 4012 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
06:36:56.0997 4012 BBUpdate - ok
06:36:57.0024 4012 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
06:36:57.0075 4012 BDESVC - ok
06:36:57.0104 4012 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
06:36:57.0166 4012 Beep - ok
06:36:57.0218 4012 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
06:36:57.0331 4012 BFE - ok
06:36:57.0383 4012 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
06:36:57.0496 4012 BITS - ok
06:36:57.0525 4012 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
06:36:57.0553 4012 blbdrive - ok
06:36:57.0578 4012 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:36:57.0639 4012 bowser - ok
06:36:57.0652 4012 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:36:57.0745 4012 BrFiltLo - ok
06:36:57.0758 4012 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:36:57.0806 4012 BrFiltUp - ok
06:36:57.0845 4012 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
06:36:57.0878 4012 Browser - ok
06:36:57.0899 4012 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
06:36:57.0954 4012 Brserid - ok
06:36:57.0973 4012 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
06:36:58.0028 4012 BrSerWdm - ok
06:36:58.0042 4012 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
06:36:58.0076 4012 BrUsbMdm - ok
06:36:58.0088 4012 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
06:36:58.0118 4012 BrUsbSer - ok
06:36:58.0173 4012 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
06:36:58.0222 4012 BthEnum - ok
06:36:58.0230 4012 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
06:36:58.0269 4012 BTHMODEM - ok
06:36:58.0301 4012 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
06:36:58.0363 4012 BthPan - ok
06:36:58.0420 4012 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
06:36:58.0494 4012 BTHPORT - ok
06:36:58.0537 4012 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
06:36:58.0622 4012 bthserv - ok
06:36:58.0645 4012 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
06:36:58.0689 4012 BTHUSB - ok
06:36:58.0746 4012 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
06:36:58.0768 4012 btusbflt - ok
06:36:58.0796 4012 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
06:36:58.0817 4012 btwaudio - ok
06:36:58.0831 4012 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
06:36:58.0854 4012 btwavdt - ok
06:36:58.0909 4012 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
06:36:58.0947 4012 btwdins - ok
06:36:58.0971 4012 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
06:36:58.0983 4012 btwl2cap - ok
06:36:58.0997 4012 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
06:36:59.0010 4012 btwrchid - ok
06:36:59.0034 4012 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:36:59.0122 4012 cdfs - ok
06:36:59.0155 4012 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
06:36:59.0207 4012 cdrom - ok
06:36:59.0254 4012 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
06:36:59.0340 4012 CertPropSvc - ok
06:36:59.0381 4012 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
06:36:59.0430 4012 circlass - ok
06:36:59.0492 4012 [ 6C99DE57C87D6F3EE85998A7E49F7BF9 ] CLDTVHNService C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
06:36:59.0514 4012 CLDTVHNService - ok
06:36:59.0545 4012 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
06:36:59.0586 4012 CLFS - ok
06:36:59.0647 4012 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:36:59.0673 4012 clr_optimization_v2.0.50727_32 - ok
06:36:59.0709 4012 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:36:59.0733 4012 clr_optimization_v2.0.50727_64 - ok
06:36:59.0790 4012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:36:59.0814 4012 clr_optimization_v4.0.30319_32 - ok
06:36:59.0830 4012 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:36:59.0855 4012 clr_optimization_v4.0.30319_64 - ok
06:36:59.0877 4012 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
06:36:59.0921 4012 CmBatt - ok
06:36:59.0949 4012 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:36:59.0975 4012 cmdide - ok
06:37:00.0014 4012 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
06:37:00.0062 4012 CNG - ok
06:37:00.0143 4012 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
06:37:00.0167 4012 Com4QLBEx - ok
06:37:00.0186 4012 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
06:37:00.0210 4012 Compbatt - ok
06:37:00.0244 4012 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
06:37:00.0294 4012 CompositeBus - ok
06:37:00.0311 4012 COMSysApp - ok
06:37:00.0329 4012 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
06:37:00.0353 4012 crcdisk - ok
06:37:00.0385 4012 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:37:00.0445 4012 CryptSvc - ok
06:37:00.0478 4012 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:37:00.0578 4012 DcomLaunch - ok
06:37:00.0613 4012 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
06:37:00.0701 4012 defragsvc - ok
06:37:00.0729 4012 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:37:00.0803 4012 DfsC - ok
06:37:00.0864 4012 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
06:37:00.0889 4012 dg_ssudbus - ok
06:37:00.0915 4012 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
06:37:00.0984 4012 Dhcp - ok
06:37:01.0013 4012 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
06:37:01.0082 4012 discache - ok
06:37:01.0123 4012 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
06:37:01.0148 4012 Disk - ok
06:37:01.0181 4012 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:37:01.0226 4012 Dnscache - ok
06:37:01.0265 4012 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
06:37:01.0353 4012 dot3svc - ok
06:37:01.0381 4012 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
06:37:01.0430 4012 DPS - ok
06:37:01.0455 4012 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:37:01.0488 4012 drmkaud - ok
06:37:01.0522 4012 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:37:01.0579 4012 DXGKrnl - ok
06:37:01.0610 4012 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
06:37:01.0707 4012 EapHost - ok
06:37:01.0732 4012 [ 1D69A83033930C20583D608C622CA56B ] easytether C:\Windows\system32\DRIVERS\easytthr.sys
06:37:01.0750 4012 easytether - ok
06:37:01.0836 4012 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
06:37:01.0986 4012 ebdrv - ok
06:37:02.0022 4012 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
06:37:02.0047 4012 EFS - ok
06:37:02.0099 4012 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:37:02.0173 4012 ehRecvr - ok
06:37:02.0205 4012 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
06:37:02.0252 4012 ehSched - ok
06:37:02.0286 4012 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
06:37:02.0308 4012 ElbyCDIO - ok
06:37:02.0340 4012 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
06:37:02.0391 4012 elxstor - ok
06:37:02.0415 4012 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
06:37:02.0468 4012 enecir - ok
06:37:02.0484 4012 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:37:02.0533 4012 ErrDev - ok
06:37:02.0593 4012 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
06:37:02.0668 4012 EventSystem - ok
06:37:02.0697 4012 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
06:37:02.0734 4012 exfat - ok
06:37:02.0751 4012 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:37:02.0785 4012 fastfat - ok
06:37:02.0816 4012 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
06:37:02.0867 4012 Fax - ok
06:37:02.0891 4012 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
06:37:02.0933 4012 fdc - ok
06:37:02.0965 4012 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
06:37:03.0034 4012 fdPHost - ok
06:37:03.0046 4012 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
06:37:03.0127 4012 FDResPub - ok
06:37:03.0155 4012 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:37:03.0174 4012 FileInfo - ok
06:37:03.0178 4012 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:37:03.0226 4012 Filetrace - ok
06:37:03.0240 4012 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
06:37:03.0254 4012 flpydisk - ok
06:37:03.0267 4012 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:37:03.0289 4012 FltMgr - ok
06:37:03.0318 4012 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
06:37:03.0363 4012 FontCache - ok
06:37:03.0404 4012 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:37:03.0439 4012 FontCache3.0.0.0 - ok
06:37:03.0447 4012 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
06:37:03.0475 4012 FsDepends - ok
06:37:03.0509 4012 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
06:37:03.0544 4012 fssfltr - ok
06:37:03.0633 4012 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
06:37:03.0724 4012 fsssvc - ok
06:37:03.0751 4012 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
06:37:03.0775 4012 Fs_Rec - ok
06:37:03.0806 4012 [ FA169871D8FADCC6539C4E8726610286 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
06:37:03.0841 4012 FTDIBUS - ok
06:37:03.0870 4012 [ 24237091348D1EFB5635A1CF9649E311 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
06:37:03.0900 4012 FTSER2K - ok
06:37:03.0924 4012 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
06:37:03.0968 4012 fvevol - ok
06:37:03.0999 4012 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
06:37:04.0041 4012 gagp30kx - ok
06:37:04.0087 4012 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
06:37:04.0215 4012 gpsvc - ok
06:37:04.0300 4012 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:37:04.0336 4012 gupdate - ok
06:37:04.0382 4012 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:37:04.0419 4012 gupdatem - ok
06:37:04.0444 4012 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
06:37:04.0484 4012 hcw85cir - ok
06:37:04.0528 4012 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:37:04.0590 4012 HdAudAddService - ok
06:37:04.0620 4012 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
06:37:04.0689 4012 HDAudBus - ok
06:37:04.0719 4012 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
06:37:04.0763 4012 HidBatt - ok
06:37:04.0778 4012 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
06:37:04.0830 4012 HidBth - ok
06:37:04.0873 4012 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
06:37:04.0933 4012 HidIr - ok
06:37:04.0966 4012 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
06:37:05.0044 4012 hidserv - ok
06:37:05.0083 4012 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
06:37:05.0122 4012 HidUsb - ok
06:37:05.0156 4012 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
06:37:05.0275 4012 hkmsvc - ok
06:37:05.0308 4012 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:37:05.0370 4012 HomeGroupListener - ok
06:37:05.0402 4012 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:37:05.0471 4012 HomeGroupProvider - ok
06:37:05.0544 4012 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
06:37:05.0581 4012 HP Support Assistant Service - ok
06:37:05.0635 4012 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
06:37:05.0674 4012 HPDrvMntSvc.exe - ok
06:37:05.0704 4012 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
06:37:05.0741 4012 hpdskflt - ok
06:37:05.0772 4012 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
06:37:05.0842 4012 HpqKbFiltr - ok
06:37:05.0906 4012 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
06:37:05.0965 4012 hpqwmiex - ok
06:37:05.0993 4012 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
06:37:06.0039 4012 HpSAMD - ok
06:37:06.0050 4012 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
06:37:06.0085 4012 hpsrv - ok
06:37:06.0118 4012 [ 363571BC0C79E394E69300D1F2E3DDAE ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
06:37:06.0173 4012 HTCAND64 - ok
06:37:06.0216 4012 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
06:37:06.0342 4012 HTTP - ok
06:37:06.0382 4012 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
06:37:06.0421 4012 hwpolicy - ok
06:37:06.0448 4012 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
06:37:06.0486 4012 i8042prt - ok
06:37:06.0516 4012 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
06:37:06.0554 4012 iaStor - ok
06:37:06.0573 4012 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
06:37:06.0597 4012 iaStorV - ok
06:37:06.0657 4012 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
06:37:06.0685 4012 IDriverT ( UnsignedFile.Multi.Generic ) - warning
06:37:06.0685 4012 IDriverT - detected UnsignedFile.Multi.Generic (1)
06:37:06.0746 4012 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:37:06.0806 4012 idsvc - ok
06:37:06.0963 4012 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
06:37:07.0155 4012 igfx - ok
06:37:07.0168 4012 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
06:37:07.0186 4012 iirsp - ok
06:37:07.0228 4012 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
06:37:07.0305 4012 IKEEXT - ok
06:37:07.0328 4012 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
06:37:07.0390 4012 Impcd - ok
06:37:07.0412 4012 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
06:37:07.0444 4012 intelide - ok
06:37:07.0457 4012 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
06:37:07.0508 4012 intelppm - ok
06:37:07.0564 4012 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
06:37:07.0639 4012 IPBusEnum - ok
06:37:07.0668 4012 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:37:07.0736 4012 IpFilterDriver - ok
06:37:07.0775 4012 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
06:37:07.0819 4012 iphlpsvc - ok
06:37:07.0848 4012 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
06:37:07.0909 4012 IPMIDRV - ok
06:37:07.0934 4012 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
06:37:08.0047 4012 IPNAT - ok
06:37:08.0068 4012 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
06:37:08.0177 4012 IRENUM - ok
06:37:08.0199 4012 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
06:37:08.0225 4012 isapnp - ok
06:37:08.0253 4012 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
06:37:08.0284 4012 iScsiPrt - ok
06:37:08.0326 4012 [ F8844B00C10E386C704C610E95A9847D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
06:37:08.0400 4012 JMCR - ok
06:37:08.0431 4012 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
06:37:08.0478 4012 kbdclass - ok
06:37:08.0487 4012 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
06:37:08.0534 4012 kbdhid - ok
06:37:08.0557 4012 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
06:37:08.0601 4012 KeyIso - ok
06:37:08.0634 4012 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
06:37:08.0679 4012 KSecDD - ok
06:37:08.0702 4012 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
06:37:08.0747 4012 KSecPkg - ok
06:37:08.0775 4012 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
06:37:08.0879 4012 ksthunk - ok
06:37:08.0917 4012 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
06:37:08.0986 4012 KtmRm - ok
06:37:09.0017 4012 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
06:37:09.0115 4012 LanmanServer - ok
06:37:09.0147 4012 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:37:09.0249 4012 LanmanWorkstation - ok
06:37:09.0318 4012 [ 07B1888209C54B675FFCCBDE9F06D2C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
06:37:09.0344 4012 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
06:37:09.0344 4012 LightScribeService - detected UnsignedFile.Multi.Generic (1)
06:37:09.0361 4012 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
06:37:09.0450 4012 lltdio - ok
06:37:09.0475 4012 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
06:37:09.0535 4012 lltdsvc - ok
06:37:09.0549 4012 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
06:37:09.0586 4012 lmhosts - ok
06:37:09.0611 4012 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
06:37:09.0630 4012 LSI_FC - ok
06:37:09.0646 4012 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
06:37:09.0665 4012 LSI_SAS - ok
06:37:09.0673 4012 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:37:09.0691 4012 LSI_SAS2 - ok
06:37:09.0707 4012 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:37:09.0727 4012 LSI_SCSI - ok
06:37:09.0734 4012 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
06:37:09.0788 4012 luafv - ok
06:37:09.0857 4012 [ 4208B958E35F0E596AA241EFB664636B ] lxdxCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe
06:37:09.0920 4012 lxdxCATSCustConnectService - ok
06:37:09.0956 4012 lxdx_device - ok
06:37:09.0994 4012 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
06:37:10.0042 4012 Mcx2Svc - ok
06:37:10.0056 4012 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
06:37:10.0085 4012 megasas - ok
06:37:10.0100 4012 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
06:37:10.0136 4012 MegaSR - ok
06:37:10.0157 4012 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
06:37:10.0239 4012 MMCSS - ok
06:37:10.0258 4012 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
06:37:10.0335 4012 Modem - ok
06:37:10.0357 4012 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
06:37:10.0407 4012 monitor - ok
06:37:10.0433 4012 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
06:37:10.0460 4012 mouclass - ok
06:37:10.0483 4012 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
06:37:10.0542 4012 mouhid - ok
06:37:10.0576 4012 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
06:37:10.0624 4012 mountmgr - ok
06:37:10.0677 4012 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:37:10.0722 4012 MozillaMaintenance - ok
06:37:10.0750 4012 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
06:37:10.0800 4012 mpio - ok
06:37:10.0825 4012 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
06:37:10.0906 4012 mpsdrv - ok
06:37:10.0938 4012 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
06:37:11.0071 4012 MpsSvc - ok
06:37:11.0110 4012 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
06:37:11.0179 4012 MRxDAV - ok
06:37:11.0215 4012 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
06:37:11.0279 4012 mrxsmb - ok
06:37:11.0310 4012 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:37:11.0382 4012 mrxsmb10 - ok
06:37:11.0417 4012 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:37:11.0466 4012 mrxsmb20 - ok
06:37:11.0494 4012 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
06:37:11.0537 4012 msahci - ok
06:37:11.0568 4012 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
06:37:11.0599 4012 msdsm - ok
06:37:11.0622 4012 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
06:37:11.0657 4012 MSDTC - ok
06:37:11.0694 4012 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
06:37:11.0763 4012 Msfs - ok
06:37:11.0782 4012 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
06:37:11.0867 4012 mshidkmdf - ok
06:37:11.0887 4012 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
06:37:11.0908 4012 msisadrv - ok
06:37:11.0930 4012 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
06:37:12.0018 4012 MSiSCSI - ok
06:37:12.0024 4012 msiserver - ok
06:37:12.0046 4012 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
06:37:12.0118 4012 MSKSSRV - ok
06:37:12.0142 4012 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
06:37:12.0234 4012 MSPCLOCK - ok
06:37:12.0254 4012 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
06:37:12.0335 4012 MSPQM - ok
06:37:12.0367 4012 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
06:37:12.0392 4012 MsRPC - ok
06:37:12.0409 4012 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
06:37:12.0425 4012 mssmbios - ok
06:37:12.0442 4012 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
06:37:12.0503 4012 MSTEE - ok
06:37:12.0521 4012 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
06:37:12.0534 4012 MTConfig - ok
06:37:12.0544 4012 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
06:37:12.0556 4012 Mup - ok
06:37:12.0580 4012 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
06:37:12.0618 4012 napagent - ok
06:37:12.0655 4012 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
06:37:12.0699 4012 NativeWifiP - ok
06:37:12.0727 4012 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
06:37:12.0791 4012 NDIS - ok
06:37:12.0816 4012 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
06:37:12.0890 4012 NdisCap - ok
06:37:12.0917 4012 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
06:37:12.0978 4012 NdisTapi - ok
06:37:12.0997 4012 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
06:37:13.0029 4012 Ndisuio - ok
06:37:13.0057 4012 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
06:37:13.0132 4012 NdisWan - ok
06:37:13.0169 4012 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
06:37:13.0237 4012 NDProxy - ok
06:37:13.0250 4012 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
06:37:13.0330 4012 NetBIOS - ok
06:37:13.0373 4012 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
06:37:13.0469 4012 NetBT - ok
06:37:13.0499 4012 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
06:37:13.0526 4012 Netlogon - ok
06:37:13.0557 4012 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
06:37:13.0624 4012 Netman - ok
06:37:13.0642 4012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:37:13.0655 4012 NetMsmqActivator - ok
06:37:13.0658 4012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:37:13.0669 4012 NetPipeActivator - ok
06:37:13.0683 4012 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
06:37:13.0740 4012 netprofm - ok
06:37:13.0758 4012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:37:13.0769 4012 NetTcpActivator - ok
06:37:13.0773 4012 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:37:13.0783 4012 NetTcpPortSharing - ok
06:37:13.0979 4012 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
06:37:14.0209 4012 NETw5s64 - ok
06:37:14.0340 4012 [ D68DE412A3243F8D57DDB814AA509813 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
06:37:14.0572 4012 netw5v64 - ok
06:37:14.0763 4012 [ EB43840BABF5589E33186D094DE7381D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
06:37:15.0046 4012 NETwNs64 - ok
06:37:15.0066 4012 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
06:37:15.0092 4012 nfrd960 - ok
06:37:15.0124 4012 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
06:37:15.0206 4012 NlaSvc - ok
06:37:15.0225 4012 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
06:37:15.0256 4012 Npfs - ok
06:37:15.0275 4012 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
06:37:15.0306 4012 nsi - ok
06:37:15.0315 4012 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
06:37:15.0360 4012 nsiproxy - ok
06:37:15.0424 4012 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
06:37:15.0507 4012 Ntfs - ok
06:37:15.0529 4012 [ 10694A19236A6355741914C3737CF3A5 ] ntk_dtv C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys
06:37:15.0539 4012 ntk_dtv - ok
06:37:15.0546 4012 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
06:37:15.0578 4012 Null - ok
06:37:15.0608 4012 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
06:37:15.0619 4012 NVHDA - ok
06:37:15.0844 4012 [ BBE872A814B00798C2D568D46C42A71B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
06:37:16.0008 4012 nvlddmkm - ok
06:37:16.0042 4012 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
06:37:16.0056 4012 nvraid - ok
06:37:16.0067 4012 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
06:37:16.0082 4012 nvstor - ok
06:37:16.0112 4012 [ 8F9C2A5F96810467D50687AE00465424 ] nvsvc C:\Windows\system32\nvvsvc.exe
06:37:16.0125 4012 nvsvc - ok
06:37:16.0151 4012 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
06:37:16.0177 4012 nv_agp - ok
06:37:16.0250 4012 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
06:37:16.0303 4012 odserv - ok
06:37:16.0345 4012 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
06:37:16.0376 4012 ohci1394 - ok
06:37:16.0429 4012 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:37:16.0458 4012 ose - ok
06:37:16.0486 4012 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
06:37:16.0550 4012 p2pimsvc - ok
06:37:16.0590 4012 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
06:37:16.0636 4012 p2psvc - ok
06:37:16.0668 4012 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
06:37:16.0699 4012 Parport - ok
06:37:16.0731 4012 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
06:37:16.0761 4012 partmgr - ok
06:37:16.0774 4012 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
06:37:16.0840 4012 PcaSvc - ok
06:37:16.0872 4012 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
06:37:16.0904 4012 pci - ok
06:37:16.0919 4012 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
06:37:16.0945 4012 pciide - ok
06:37:16.0969 4012 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
06:37:17.0002 4012 pcmcia - ok
06:37:17.0016 4012 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
06:37:17.0034 4012 pcw - ok
06:37:17.0058 4012 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
06:37:17.0152 4012 PEAUTH - ok
06:37:17.0242 4012 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
06:37:17.0290 4012 PerfHost - ok
06:37:17.0369 4012 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
06:37:17.0480 4012 pla - ok
06:37:17.0521 4012 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
06:37:17.0572 4012 PlugPlay - ok
06:37:17.0600 4012 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
06:37:17.0630 4012 PNRPAutoReg - ok
06:37:17.0649 4012 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
06:37:17.0679 4012 PNRPsvc - ok
06:37:17.0700 4012 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
06:37:17.0801 4012 PolicyAgent - ok
06:37:17.0834 4012 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
06:37:17.0920 4012 Power - ok
06:37:17.0944 4012 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
06:37:18.0030 4012 PptpMiniport - ok
06:37:18.0052 4012 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
06:37:18.0099 4012 Processor - ok
06:37:18.0132 4012 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
06:37:18.0185 4012 ProfSvc - ok
06:37:18.0211 4012 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:37:18.0238 4012 ProtectedStorage - ok
06:37:18.0262 4012 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
06:37:18.0333 4012 Psched - ok
06:37:18.0384 4012 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
06:37:18.0462 4012 ql2300 - ok
06:37:18.0479 4012 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
06:37:18.0498 4012 ql40xx - ok
06:37:18.0526 4012 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
06:37:18.0572 4012 QWAVE - ok
06:37:18.0588 4012 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
06:37:18.0640 4012 QWAVEdrv - ok
06:37:18.0699 4012 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
06:37:18.0731 4012 RapiMgr - ok
06:37:18.0747 4012 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
06:37:18.0838 4012 RasAcd - ok
06:37:18.0881 4012 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
06:37:18.0937 4012 RasAgileVpn - ok
06:37:18.0949 4012 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
06:37:18.0998 4012 RasAuto - ok
06:37:19.0030 4012 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
06:37:19.0103 4012 Rasl2tp - ok
06:37:19.0146 4012 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
06:37:19.0229 4012 RasMan - ok
06:37:19.0246 4012 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
06:37:19.0305 4012 RasPppoe - ok
06:37:19.0315 4012 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
06:37:19.0367 4012 RasSstp - ok
06:37:19.0396 4012 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
06:37:19.0467 4012 rdbss - ok
06:37:19.0491 4012 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
06:37:19.0508 4012 rdpbus - ok
06:37:19.0535 4012 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
06:37:19.0620 4012 RDPCDD - ok
06:37:19.0647 4012 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
06:37:19.0730 4012 RDPENCDD - ok
06:37:19.0760 4012 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
06:37:19.0831 4012 RDPREFMP - ok
06:37:19.0856 4012 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
06:37:19.0903 4012 RDPWD - ok
06:37:19.0938 4012 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
06:37:19.0965 4012 rdyboost - ok
06:37:19.0984 4012 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
06:37:20.0061 4012 RemoteAccess - ok
06:37:20.0087 4012 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
06:37:20.0140 4012 RemoteRegistry - ok
06:37:20.0188 4012 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
06:37:20.0246 4012 RFCOMM - ok
06:37:20.0318 4012 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
06:37:20.0359 4012 RichVideo - ok
06:37:20.0377 4012 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
06:37:20.0466 4012 RpcEptMapper - ok
06:37:20.0493 4012 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
06:37:20.0535 4012 RpcLocator - ok
06:37:20.0578 4012 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
06:37:20.0640 4012 RpcSs - ok
06:37:20.0664 4012 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
06:37:20.0740 4012 rspndr - ok
06:37:20.0784 4012 [ FE61B0B4AA58C3BD3DFA6279131F7F53 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
06:37:20.0860 4012 RTL8167 - ok
06:37:20.0875 4012 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
06:37:20.0900 4012 SamSs - ok
06:37:20.0918 4012 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
06:37:20.0945 4012 sbp2port - ok
06:37:21.0020 4012 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
06:37:21.0058 4012 SBSDWSCService - ok
06:37:21.0079 4012 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
06:37:21.0114 4012 SCardSvr - ok
06:37:21.0133 4012 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
06:37:21.0179 4012 scfilter - ok
06:37:21.0223 4012 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
06:37:21.0323 4012 Schedule - ok
06:37:21.0359 4012 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
06:37:21.0413 4012 SCPolicySvc - ok
06:37:21.0456 4012 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
06:37:21.0504 4012 sdbus - ok
06:37:21.0534 4012 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
06:37:21.0577 4012 SDRSVC - ok
06:37:21.0615 4012 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
06:37:21.0688 4012 secdrv - ok
06:37:21.0695 4012 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
06:37:21.0743 4012 seclogon - ok
06:37:21.0776 4012 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
06:37:21.0870 4012 SENS - ok
06:37:21.0904 4012 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
06:37:21.0924 4012 SensrSvc - ok
06:37:21.0935 4012 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
06:37:21.0968 4012 Serenum - ok
06:37:21.0987 4012 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
06:37:22.0007 4012 Serial - ok
06:37:22.0023 4012 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
06:37:22.0062 4012 sermouse - ok
06:37:22.0112 4012 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
06:37:22.0194 4012 SessionEnv - ok
06:37:22.0226 4012 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
06:37:22.0265 4012 sffdisk - ok
06:37:22.0283 4012 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
06:37:22.0313 4012 sffp_mmc - ok
06:37:22.0321 4012 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
06:37:22.0372 4012 sffp_sd - ok
06:37:22.0398 4012 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
06:37:22.0427 4012 sfloppy - ok
06:37:22.0457 4012 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
06:37:22.0526 4012 SharedAccess - ok
06:37:22.0541 4012 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:37:22.0577 4012 ShellHWDetection - ok
06:37:22.0596 4012 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:37:22.0608 4012 SiSRaid2 - ok
06:37:22.0616 4012 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
06:37:22.0629 4012 SiSRaid4 - ok
06:37:22.0674 4012 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
06:37:22.0695 4012 SmartDefragDriver - ok
06:37:22.0729 4012 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
06:37:22.0808 4012 Smb - ok
06:37:22.0850 4012 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
06:37:22.0902 4012 SNMPTRAP - ok
06:37:22.0928 4012 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
06:37:22.0955 4012 spldr - ok
06:37:22.0993 4012 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
06:37:23.0032 4012 Spooler - ok
06:37:23.0130 4012 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
06:37:23.0211 4012 sppsvc - ok
06:37:23.0224 4012 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
06:37:23.0256 4012 sppuinotify - ok
06:37:23.0282 4012 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
06:37:23.0346 4012 srv - ok
06:37:23.0368 4012 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
06:37:23.0428 4012 srv2 - ok
06:37:23.0476 4012 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
06:37:23.0513 4012 SrvHsfHDA - ok
06:37:23.0556 4012 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
06:37:23.0658 4012 SrvHsfV92 - ok
06:37:23.0690 4012 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
06:37:23.0748 4012 SrvHsfWinac - ok
06:37:23.0780 4012 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
06:37:23.0827 4012 srvnet - ok
06:37:23.0876 4012 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
06:37:23.0970 4012 SSDPSRV - ok
06:37:23.0995 4012 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
06:37:24.0044 4012 SstpSvc - ok
06:37:24.0074 4012 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
06:37:24.0101 4012 ssudmdm - ok
06:37:24.0194 4012 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
06:37:24.0224 4012 STacSV - ok
06:37:24.0246 4012 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
06:37:24.0269 4012 stexstor - ok
06:37:24.0311 4012 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
06:37:24.0376 4012 STHDA - ok
06:37:24.0416 4012 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
06:37:24.0497 4012 stisvc - ok
06:37:24.0584 4012 [ DF3E643F066534BDE8E1A91E94AF3125 ] StkCMini C:\Windows\system32\Drivers\StkCMini.sys
06:37:24.0668 4012 StkCMini - ok
06:37:24.0691 4012 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
06:37:24.0708 4012 swenum - ok
06:37:24.0734 4012 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
06:37:24.0829 4012 swprv - ok
06:37:24.0867 4012 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
06:37:24.0895 4012 SynTP - ok
06:37:24.0957 4012 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
06:37:25.0080 4012 SysMain - ok
06:37:25.0116 4012 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:37:25.0161 4012 TabletInputService - ok
06:37:25.0174 4012 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
06:37:25.0253 4012 TapiSrv - ok
06:37:25.0278 4012 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
06:37:25.0310 4012 TBS - ok
06:37:25.0372 4012 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
06:37:25.0457 4012 Tcpip - ok
06:37:25.0521 4012 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
06:37:25.0566 4012 TCPIP6 - ok
06:37:25.0593 4012 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
06:37:25.0670 4012 tcpipreg - ok
06:37:25.0695 4012 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
06:37:25.0725 4012 TDPIPE - ok
06:37:25.0747 4012 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
06:37:25.0793 4012 TDTCP - ok
06:37:25.0823 4012 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
06:37:25.0883 4012 tdx - ok
06:37:25.0905 4012 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
06:37:25.0916 4012 TermDD - ok
06:37:25.0940 4012 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
06:37:26.0006 4012 TermService - ok
06:37:26.0030 4012 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
06:37:26.0065 4012 Themes - ok
06:37:26.0098 4012 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
06:37:26.0129 4012 THREADORDER - ok
06:37:26.0142 4012 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
06:37:26.0196 4012 TrkWks - ok
06:37:26.0254 4012 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:37:26.0309 4012 TrustedInstaller - ok
06:37:26.0335 4012 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
06:37:26.0366 4012 tssecsrv - ok
06:37:26.0403 4012 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
06:37:26.0452 4012 TsUsbFlt - ok
06:37:26.0497 4012 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
06:37:26.0560 4012 tunnel - ok
06:37:26.0580 4012 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
06:37:26.0598 4012 uagp35 - ok
06:37:26.0629 4012 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
06:37:26.0703 4012 udfs - ok
06:37:26.0734 4012 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
06:37:26.0756 4012 UI0Detect - ok
06:37:26.0816 4012 [ F13DA74969897359A88F2A739F54A250 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
06:37:26.0825 4012 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
06:37:26.0825 4012 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
06:37:26.0845 4012 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
06:37:26.0867 4012 uliagpkx - ok
06:37:26.0896 4012 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
06:37:26.0942 4012 umbus - ok
06:37:26.0976 4012 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
06:37:27.0016 4012 UmPass - ok
06:37:27.0058 4012 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
06:37:27.0151 4012 upnphost - ok
06:37:27.0197 4012 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
06:37:27.0250 4012 usbaudio - ok
06:37:27.0290 4012 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
06:37:27.0335 4012 usbccgp - ok
06:37:27.0381 4012 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
06:37:27.0417 4012 usbcir - ok
06:37:27.0447 4012 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
06:37:27.0477 4012 usbehci - ok
06:37:27.0511 4012 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
06:37:27.0547 4012 usbhub - ok

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Fri 31 Aug 2012, 2:02 am

06:37:27.0560 4012 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
06:37:27.0589 4012 usbohci - ok
06:37:27.0615 4012 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
06:37:27.0669 4012 usbprint - ok
06:37:27.0702 4012 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
06:37:27.0752 4012 usbscan - ok
06:37:27.0774 4012 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:37:27.0821 4012 USBSTOR - ok
06:37:27.0843 4012 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
06:37:27.0871 4012 usbuhci - ok
06:37:27.0907 4012 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
06:37:27.0946 4012 usbvideo - ok
06:37:27.0990 4012 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
06:37:28.0044 4012 usb_rndisx - ok
06:37:28.0070 4012 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
06:37:28.0152 4012 UxSms - ok
06:37:28.0170 4012 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
06:37:28.0187 4012 VaultSvc - ok
06:37:28.0214 4012 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
06:37:28.0239 4012 vdrvroot - ok
06:37:28.0268 4012 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
06:37:28.0381 4012 vds - ok
06:37:28.0420 4012 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
06:37:28.0443 4012 vga - ok
06:37:28.0456 4012 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
06:37:28.0537 4012 VgaSave - ok
06:37:28.0560 4012 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
06:37:28.0582 4012 vhdmp - ok
06:37:28.0607 4012 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
06:37:28.0632 4012 viaide - ok
06:37:28.0645 4012 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
06:37:28.0668 4012 volmgr - ok
06:37:28.0697 4012 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
06:37:28.0734 4012 volmgrx - ok
06:37:28.0753 4012 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
06:37:28.0779 4012 volsnap - ok
06:37:28.0811 4012 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
06:37:28.0833 4012 vsmraid - ok
06:37:28.0887 4012 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
06:37:29.0015 4012 VSS - ok
06:37:29.0039 4012 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
06:37:29.0090 4012 vwifibus - ok
06:37:29.0111 4012 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
06:37:29.0161 4012 vwififlt - ok
06:37:29.0205 4012 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
06:37:29.0242 4012 vwifimp - ok
06:37:29.0284 4012 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
06:37:29.0376 4012 W32Time - ok
06:37:29.0392 4012 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
06:37:29.0440 4012 WacomPen - ok
06:37:29.0487 4012 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
06:37:29.0572 4012 WANARP - ok
06:37:29.0596 4012 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
06:37:29.0654 4012 Wanarpv6 - ok
06:37:29.0729 4012 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
06:37:29.0800 4012 WatAdminSvc - ok
06:37:29.0851 4012 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
06:37:29.0952 4012 wbengine - ok
06:37:29.0980 4012 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
06:37:30.0023 4012 WbioSrvc - ok
06:37:30.0044 4012 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
06:37:30.0071 4012 WcesComm - ok
06:37:30.0085 4012 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
06:37:30.0140 4012 wcncsvc - ok
06:37:30.0163 4012 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:37:30.0209 4012 WcsPlugInService - ok
06:37:30.0244 4012 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
06:37:30.0271 4012 Wd - ok
06:37:30.0299 4012 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
06:37:30.0356 4012 Wdf01000 - ok
06:37:30.0369 4012 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
06:37:30.0502 4012 WdiServiceHost - ok
06:37:30.0508 4012 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
06:37:30.0547 4012 WdiSystemHost - ok
06:37:30.0569 4012 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
06:37:30.0627 4012 WebClient - ok
06:37:30.0653 4012 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
06:37:30.0749 4012 Wecsvc - ok
06:37:30.0776 4012 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
06:37:30.0853 4012 wercplsupport - ok
06:37:30.0886 4012 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
06:37:30.0936 4012 WerSvc - ok
06:37:30.0957 4012 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
06:37:30.0989 4012 WfpLwf - ok
06:37:30.0998 4012 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
06:37:31.0012 4012 WIMMount - ok
06:37:31.0026 4012 WinDefend - ok
06:37:31.0032 4012 WinHttpAutoProxySvc - ok
06:37:31.0077 4012 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
06:37:31.0149 4012 Winmgmt - ok
06:37:31.0213 4012 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
06:37:31.0361 4012 WinRM - ok
06:37:31.0407 4012 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
06:37:31.0463 4012 WinUsb - ok
06:37:31.0507 4012 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
06:37:31.0593 4012 Wlansvc - ok
06:37:31.0672 4012 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
06:37:31.0695 4012 wlcrasvc - ok
06:37:31.0781 4012 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:37:31.0840 4012 wlidsvc - ok
06:37:31.0869 4012 [ 7A58BA979F7ACB3FC5310C771A1CF155 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
06:37:31.0882 4012 WmBEnum - ok
06:37:31.0906 4012 [ 8693A75C3FFD4A0C9E32BE621FDA71FB ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
06:37:31.0926 4012 WmFilter - ok
06:37:31.0946 4012 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
06:37:31.0987 4012 WmiAcpi - ok
06:37:32.0030 4012 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
06:37:32.0065 4012 wmiApSrv - ok
06:37:32.0084 4012 WMPNetworkSvc - ok
06:37:32.0095 4012 [ 3D9266CCD0F1EDB020C7AA24D527942B ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
06:37:32.0113 4012 WmVirHid - ok
06:37:32.0125 4012 [ 3CFFDF56A00408913B1E51C67F999E2E ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
06:37:32.0143 4012 WmXlCore - ok
06:37:32.0167 4012 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
06:37:32.0193 4012 WPCSvc - ok
06:37:32.0213 4012 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
06:37:32.0245 4012 WPDBusEnum - ok
06:37:32.0270 4012 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
06:37:32.0341 4012 ws2ifsl - ok
06:37:32.0368 4012 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
06:37:32.0422 4012 wscsvc - ok
06:37:32.0462 4012 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
06:37:32.0498 4012 WSDPrintDevice - ok
06:37:32.0504 4012 WSearch - ok
06:37:32.0573 4012 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
06:37:32.0692 4012 wuauserv - ok
06:37:32.0715 4012 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
06:37:32.0747 4012 WudfPf - ok
06:37:32.0780 4012 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
06:37:32.0871 4012 WUDFRd - ok
06:37:32.0907 4012 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
06:37:32.0965 4012 wudfsvc - ok
06:37:32.0979 4012 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
06:37:33.0014 4012 WwanSvc - ok
06:37:33.0060 4012 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
06:37:33.0097 4012 yukonw7 - ok
06:37:33.0180 4012 [ 74983ADDCA2D9618512C088D856D6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
06:37:33.0202 4012 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
06:37:33.0237 4012 ================ Scan global ===============================
06:37:33.0256 4012 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
06:37:33.0285 4012 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
06:37:33.0300 4012 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
06:37:33.0326 4012 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
06:37:33.0352 4012 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
06:37:33.0358 4012 [Global] - ok
06:37:33.0358 4012 ================ Scan MBR ==================================
06:37:33.0367 4012 [ 4591A5981C69163A700C6B4BD3E9AF59 ] \Device\Harddisk0\DR0
06:37:33.0787 4012 \Device\Harddisk0\DR0 - ok
06:37:33.0788 4012 ================ Scan VBR ==================================
06:37:33.0792 4012 [ EB28A81CA3D6B6313D25AE71B76A7A3A ] \Device\Harddisk0\DR0\Partition1
06:37:33.0795 4012 \Device\Harddisk0\DR0\Partition1 - ok
06:37:33.0827 4012 [ 8D16765E3E7108D0C96E55CB7994BF63 ] \Device\Harddisk0\DR0\Partition2
06:37:33.0831 4012 \Device\Harddisk0\DR0\Partition2 - ok
06:37:33.0863 4012 [ A37A4A55EA15B4F49E53B2390418C201 ] \Device\Harddisk0\DR0\Partition3
06:37:33.0866 4012 \Device\Harddisk0\DR0\Partition3 - ok
06:37:33.0880 4012 [ F37CA7D5EE48E0C8A41D0E0AE1379ED8 ] \Device\Harddisk0\DR0\Partition4
06:37:33.0882 4012 \Device\Harddisk0\DR0\Partition4 - ok
06:37:33.0882 4012 ============================================================
06:37:33.0882 4012 Scan finished
06:37:33.0882 4012 ============================================================
06:37:33.0899 5960 Detected object count: 4
06:37:33.0899 5960 Actual detected object count: 4
06:38:10.0124 5960 ADVService ( UnsignedFile.Multi.Generic ) - skipped by user
06:38:10.0124 5960 ADVService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:38:10.0125 5960 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
06:38:10.0125 5960 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:38:10.0128 5960 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
06:38:10.0128 5960 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:38:10.0130 5960 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
06:38:10.0130 5960 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:38:25.0450 5628 ============================================================
06:38:25.0450 5628 Scan started
06:38:25.0450 5628 Mode: Manual; SigCheck; TDLFS;
06:38:25.0450 5628 ============================================================
06:38:25.0732 5628 ================ Scan services =============================
06:38:25.0919 5628 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
06:38:25.0969 5628 1394ohci - ok
06:38:25.0998 5628 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
06:38:26.0019 5628 Accelerometer - ok
06:38:26.0040 5628 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
06:38:26.0066 5628 ACPI - ok
06:38:26.0098 5628 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
06:38:26.0114 5628 AcpiPmi - ok
06:38:26.0221 5628 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:38:26.0236 5628 AdobeFlashPlayerUpdateSvc - ok
06:38:26.0263 5628 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
06:38:26.0283 5628 adp94xx - ok
06:38:26.0302 5628 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
06:38:26.0319 5628 adpahci - ok
06:38:26.0335 5628 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
06:38:26.0350 5628 adpu320 - ok
06:38:26.0427 5628 [ 985E43B02D2443F6C0F440771C77E5D1 ] ADVService C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
06:38:26.0439 5628 ADVService ( UnsignedFile.Multi.Generic ) - warning
06:38:26.0439 5628 ADVService - detected UnsignedFile.Multi.Generic (1)
06:38:26.0483 5628 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:38:26.0552 5628 AeLookupSvc - ok
06:38:26.0646 5628 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
06:38:26.0672 5628 AESTFilters - ok
06:38:26.0702 5628 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
06:38:26.0735 5628 AFD - ok
06:38:26.0754 5628 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
06:38:26.0779 5628 agp440 - ok
06:38:26.0793 5628 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
06:38:26.0820 5628 ALG - ok
06:38:26.0833 5628 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
06:38:26.0856 5628 aliide - ok
06:38:26.0872 5628 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
06:38:26.0895 5628 amdide - ok
06:38:26.0917 5628 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
06:38:26.0942 5628 AmdK8 - ok
06:38:26.0960 5628 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
06:38:26.0985 5628 AmdPPM - ok
06:38:27.0015 5628 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
06:38:27.0043 5628 amdsata - ok
06:38:27.0066 5628 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
06:38:27.0093 5628 amdsbs - ok
06:38:27.0100 5628 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
06:38:27.0123 5628 amdxata - ok
06:38:27.0154 5628 [ 30682A098E12E2C85FA65518E1618195 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
06:38:27.0179 5628 AnyDVD - ok
06:38:27.0205 5628 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
06:38:27.0264 5628 AppID - ok
06:38:27.0279 5628 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
06:38:27.0309 5628 AppIDSvc - ok
06:38:27.0330 5628 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
06:38:27.0360 5628 Appinfo - ok
06:38:27.0371 5628 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
06:38:27.0383 5628 arc - ok
06:38:27.0394 5628 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
06:38:27.0406 5628 arcsas - ok
06:38:27.0449 5628 [ B373BD1E3641C16BD0B7933BEE3FFF1B ] ArraySSL_VPN_Service8.4.6.49 C:\Program Files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe
06:38:27.0473 5628 ArraySSL_VPN_Service8.4.6.49 - ok
06:38:27.0515 5628 [ 3C5DAB3190640FEB3A476DBC815FCEBB ] Array_Utility_Service8.4.6.49 C:\Program Files\Array Networks\Common\8,4,6,49\arr_isrv.exe
06:38:27.0542 5628 Array_Utility_Service8.4.6.49 - ok
06:38:27.0633 5628 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:38:27.0656 5628 aspnet_state - ok
06:38:27.0669 5628 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:38:27.0744 5628 AsyncMac - ok
06:38:27.0763 5628 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
06:38:27.0779 5628 atapi - ok
06:38:27.0791 5628 [ 0ACFBED8867E6911D732E661FD391CB4 ] ATP C:\Windows\system32\DRIVERS\atpdrvr.sys
06:38:27.0804 5628 ATP - ok
06:38:27.0838 5628 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:38:27.0892 5628 AudioEndpointBuilder - ok
06:38:27.0911 5628 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
06:38:27.0947 5628 AudioSrv - ok
06:38:28.0104 5628 [ BA60FD7A64B9759A14C0FBA4A9ED4C7B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
06:38:28.0181 5628 AVGIDSAgent - ok
06:38:28.0244 5628 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
06:38:28.0267 5628 AVGIDSDriver - ok
06:38:28.0302 5628 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
06:38:28.0321 5628 AVGIDSFilter - ok
06:38:28.0375 5628 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
06:38:28.0396 5628 AVGIDSHA - ok
06:38:28.0415 5628 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
06:38:28.0442 5628 Avgldx64 - ok
06:38:28.0465 5628 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
06:38:28.0484 5628 Avgmfx64 - ok
06:38:28.0500 5628 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
06:38:28.0519 5628 Avgrkx64 - ok
06:38:28.0545 5628 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
06:38:28.0575 5628 Avgtdia - ok
06:38:28.0601 5628 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
06:38:28.0623 5628 avgwd - ok
06:38:28.0652 5628 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
06:38:28.0690 5628 AxInstSV - ok
06:38:28.0729 5628 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
06:38:28.0759 5628 b06bdrv - ok
06:38:28.0784 5628 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
06:38:28.0798 5628 b57nd60a - ok
06:38:28.0847 5628 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
06:38:28.0879 5628 BBSvc - ok
06:38:28.0908 5628 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
06:38:28.0940 5628 BBUpdate - ok
06:38:28.0963 5628 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
06:38:28.0983 5628 BDESVC - ok
06:38:28.0994 5628 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
06:38:29.0039 5628 Beep - ok
06:38:29.0071 5628 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
06:38:29.0105 5628 BFE - ok
06:38:29.0138 5628 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
06:38:29.0174 5628 BITS - ok
06:38:29.0185 5628 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
06:38:29.0197 5628 blbdrive - ok
06:38:29.0220 5628 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:38:29.0234 5628 bowser - ok
06:38:29.0245 5628 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:38:29.0259 5628 BrFiltLo - ok
06:38:29.0268 5628 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:38:29.0282 5628 BrFiltUp - ok
06:38:29.0305 5628 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
06:38:29.0318 5628 Browser - ok
06:38:29.0334 5628 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
06:38:29.0348 5628 Brserid - ok
06:38:29.0360 5628 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
06:38:29.0374 5628 BrSerWdm - ok
06:38:29.0388 5628 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
06:38:29.0401 5628 BrUsbMdm - ok
06:38:29.0409 5628 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
06:38:29.0421 5628 BrUsbSer - ok
06:38:29.0444 5628 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
06:38:29.0457 5628 BthEnum - ok
06:38:29.0461 5628 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
06:38:29.0476 5628 BTHMODEM - ok
06:38:29.0498 5628 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
06:38:29.0513 5628 BthPan - ok
06:38:29.0540 5628 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
06:38:29.0555 5628 BTHPORT - ok
06:38:29.0585 5628 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
06:38:29.0615 5628 bthserv - ok
06:38:29.0635 5628 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
06:38:29.0648 5628 BTHUSB - ok
06:38:29.0676 5628 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
06:38:29.0685 5628 btusbflt - ok
06:38:29.0712 5628 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
06:38:29.0722 5628 btwaudio - ok
06:38:29.0739 5628 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
06:38:29.0749 5628 btwavdt - ok
06:38:29.0801 5628 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
06:38:29.0837 5628 btwdins - ok
06:38:29.0854 5628 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
06:38:29.0869 5628 btwl2cap - ok
06:38:29.0881 5628 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
06:38:29.0896 5628 btwrchid - ok
06:38:29.0910 5628 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:38:29.0972 5628 cdfs - ok
06:38:29.0997 5628 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
06:38:30.0022 5628 cdrom - ok
06:38:30.0047 5628 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
06:38:30.0106 5628 CertPropSvc - ok
06:38:30.0125 5628 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
06:38:30.0139 5628 circlass - ok
06:38:30.0186 5628 [ 6C99DE57C87D6F3EE85998A7E49F7BF9 ] CLDTVHNService C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
06:38:30.0205 5628 CLDTVHNService - ok
06:38:30.0230 5628 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
06:38:30.0255 5628 CLFS - ok
06:38:30.0307 5628 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:38:30.0330 5628 clr_optimization_v2.0.50727_32 - ok
06:38:30.0362 5628 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:38:30.0381 5628 clr_optimization_v2.0.50727_64 - ok
06:38:30.0426 5628 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:38:30.0447 5628 clr_optimization_v4.0.30319_32 - ok
06:38:30.0466 5628 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:38:30.0487 5628 clr_optimization_v4.0.30319_64 - ok
06:38:30.0505 5628 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
06:38:30.0529 5628 CmBatt - ok
06:38:30.0555 5628 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:38:30.0580 5628 cmdide - ok
06:38:30.0617 5628 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
06:38:30.0661 5628 CNG - ok
06:38:30.0721 5628 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
06:38:30.0745 5628 Com4QLBEx - ok
06:38:30.0756 5628 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
06:38:30.0779 5628 Compbatt - ok
06:38:30.0806 5628 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
06:38:30.0835 5628 CompositeBus - ok
06:38:30.0841 5628 COMSysApp - ok
06:38:30.0857 5628 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
06:38:30.0881 5628 crcdisk - ok
06:38:30.0905 5628 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:38:30.0931 5628 CryptSvc - ok
06:38:30.0966 5628 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:38:31.0022 5628 DcomLaunch - ok
06:38:31.0041 5628 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
06:38:31.0073 5628 defragsvc - ok
06:38:31.0093 5628 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:38:31.0123 5628 DfsC - ok
06:38:31.0152 5628 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
06:38:31.0169 5628 dg_ssudbus - ok
06:38:31.0189 5628 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
06:38:31.0250 5628 Dhcp - ok
06:38:31.0261 5628 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
06:38:31.0292 5628 discache - ok
06:38:31.0313 5628 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
06:38:31.0325 5628 Disk - ok
06:38:31.0355 5628 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:38:31.0368 5628 Dnscache - ok
06:38:31.0388 5628 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
06:38:31.0419 5628 dot3svc - ok
06:38:31.0439 5628 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
06:38:31.0470 5628 DPS - ok
06:38:31.0481 5628 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:38:31.0494 5628 drmkaud - ok
06:38:31.0519 5628 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:38:31.0541 5628 DXGKrnl - ok
06:38:31.0561 5628 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
06:38:31.0592 5628 EapHost - ok
06:38:31.0609 5628 [ 1D69A83033930C20583D608C622CA56B ] easytether C:\Windows\system32\DRIVERS\easytthr.sys
06:38:31.0619 5628 easytether - ok
06:38:31.0693 5628 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
06:38:31.0752 5628 ebdrv - ok
06:38:31.0775 5628 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
06:38:31.0792 5628 EFS - ok
06:38:31.0835 5628 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:38:31.0874 5628 ehRecvr - ok
06:38:31.0900 5628 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
06:38:31.0927 5628 ehSched - ok
06:38:31.0940 5628 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
06:38:31.0960 5628 ElbyCDIO - ok
06:38:31.0994 5628 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
06:38:32.0031 5628 elxstor - ok
06:38:32.0053 5628 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
06:38:32.0072 5628 enecir - ok
06:38:32.0105 5628 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:38:32.0129 5628 ErrDev - ok
06:38:32.0173 5628 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
06:38:32.0240 5628 EventSystem - ok
06:38:32.0252 5628 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
06:38:32.0284 5628 exfat - ok
06:38:32.0298 5628 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:38:32.0329 5628 fastfat - ok
06:38:32.0347 5628 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
06:38:32.0364 5628 Fax - ok
06:38:32.0368 5628 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
06:38:32.0381 5628 fdc - ok
06:38:32.0405 5628 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
06:38:32.0435 5628 fdPHost - ok
06:38:32.0445 5628 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
06:38:32.0475 5628 FDResPub - ok
06:38:32.0487 5628 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:38:32.0500 5628 FileInfo - ok
06:38:32.0504 5628 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:38:32.0534 5628 Filetrace - ok
06:38:32.0538 5628 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
06:38:32.0551 5628 flpydisk - ok
06:38:32.0575 5628 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:38:32.0589 5628 FltMgr - ok
06:38:32.0626 5628 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
06:38:32.0647 5628 FontCache - ok
06:38:32.0687 5628 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:38:32.0706 5628 FontCache3.0.0.0 - ok
06:38:32.0722 5628 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
06:38:32.0742 5628 FsDepends - ok
06:38:32.0743 5628 Scan interrupted by user!
06:38:32.0743 5628 ================ Scan global ===============================
06:38:32.0743 5628 Scan interrupted by user!
06:38:32.0743 5628 ================ Scan MBR ==================================
06:38:32.0743 5628 Scan interrupted by user!
06:38:32.0744 5628 ================ Scan VBR ==================================
06:38:32.0744 5628 Scan interrupted by user!
06:38:32.0744 5628 ============================================================
06:38:32.0744 5628 Scan finished
06:38:32.0744 5628 ============================================================

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Fri 31 Aug 2012, 2:03 am

06:38:32.0753 7156 Detected object count: 1
06:38:32.0753 7156 Actual detected object count: 1
06:38:35.0162 7156 ADVService ( UnsignedFile.Multi.Generic ) - skipped by user
06:38:35.0162 7156 ADVService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:38:49.0107 0448 ============================================================
06:38:49.0107 0448 Scan started
06:38:49.0107 0448 Mode: Manual; SigCheck; TDLFS;
06:38:49.0107 0448 ============================================================
06:38:49.0387 0448 ================ Scan system memory ========================
06:38:49.0388 0448 System memory - ok
06:38:49.0388 0448 ================ Scan services =============================
06:38:49.0583 0448 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
06:38:49.0616 0448 1394ohci - ok
06:38:49.0653 0448 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
06:38:49.0673 0448 Accelerometer - ok
06:38:49.0704 0448 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
06:38:49.0741 0448 ACPI - ok
06:38:49.0770 0448 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
06:38:49.0805 0448 AcpiPmi - ok
06:38:49.0927 0448 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:38:49.0951 0448 AdobeFlashPlayerUpdateSvc - ok
06:38:49.0996 0448 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
06:38:50.0036 0448 adp94xx - ok
06:38:50.0059 0448 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
06:38:50.0093 0448 adpahci - ok
06:38:50.0139 0448 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
06:38:50.0166 0448 adpu320 - ok
06:38:50.0255 0448 [ 985E43B02D2443F6C0F440771C77E5D1 ] ADVService C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
06:38:50.0265 0448 ADVService ( UnsignedFile.Multi.Generic ) - warning
06:38:50.0265 0448 ADVService - detected UnsignedFile.Multi.Generic (1)
06:38:50.0304 0448 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:38:50.0375 0448 AeLookupSvc - ok
06:38:50.0466 0448 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
06:38:50.0493 0448 AESTFilters - ok
06:38:50.0531 0448 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
06:38:50.0566 0448 AFD - ok
06:38:50.0590 0448 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
06:38:50.0616 0448 agp440 - ok
06:38:50.0630 0448 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
06:38:50.0657 0448 ALG - ok
06:38:50.0670 0448 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
06:38:50.0693 0448 aliide - ok
06:38:50.0709 0448 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
06:38:50.0733 0448 amdide - ok
06:38:50.0754 0448 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
06:38:50.0780 0448 AmdK8 - ok
06:38:50.0797 0448 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
06:38:50.0822 0448 AmdPPM - ok
06:38:50.0852 0448 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
06:38:50.0879 0448 amdsata - ok
06:38:50.0894 0448 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
06:38:50.0924 0448 amdsbs - ok
06:38:50.0931 0448 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
06:38:50.0955 0448 amdxata - ok
06:38:50.0983 0448 [ 30682A098E12E2C85FA65518E1618195 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
06:38:51.0007 0448 AnyDVD - ok
06:38:51.0034 0448 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
06:38:51.0087 0448 AppID - ok
06:38:51.0100 0448 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
06:38:51.0131 0448 AppIDSvc - ok
06:38:51.0151 0448 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
06:38:51.0180 0448 Appinfo - ok
06:38:51.0192 0448 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
06:38:51.0204 0448 arc - ok
06:38:51.0215 0448 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
06:38:51.0227 0448 arcsas - ok
06:38:51.0277 0448 [ B373BD1E3641C16BD0B7933BEE3FFF1B ] ArraySSL_VPN_Service8.4.6.49 C:\Program Files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe
06:38:51.0300 0448 ArraySSL_VPN_Service8.4.6.49 - ok
06:38:51.0343 0448 [ 3C5DAB3190640FEB3A476DBC815FCEBB ] Array_Utility_Service8.4.6.49 C:\Program Files\Array Networks\Common\8,4,6,49\arr_isrv.exe
06:38:51.0365 0448 Array_Utility_Service8.4.6.49 - ok
06:38:51.0445 0448 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:38:51.0467 0448 aspnet_state - ok
06:38:51.0481 0448 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:38:51.0546 0448 AsyncMac - ok
06:38:51.0567 0448 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
06:38:51.0584 0448 atapi - ok
06:38:51.0595 0448 [ 0ACFBED8867E6911D732E661FD391CB4 ] ATP C:\Windows\system32\DRIVERS\atpdrvr.sys
06:38:51.0609 0448 ATP - ok
06:38:51.0642 0448 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:38:51.0690 0448 AudioEndpointBuilder - ok
06:38:51.0710 0448 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
06:38:51.0745 0448 AudioSrv - ok
06:38:51.0870 0448 [ BA60FD7A64B9759A14C0FBA4A9ED4C7B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
06:38:51.0936 0448 AVGIDSAgent - ok
06:38:51.0956 0448 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
06:38:51.0966 0448 AVGIDSDriver - ok
06:38:51.0991 0448 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
06:38:52.0000 0448 AVGIDSFilter - ok
06:38:52.0022 0448 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
06:38:52.0032 0448 AVGIDSHA - ok
06:38:52.0044 0448 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
06:38:52.0056 0448 Avgldx64 - ok
06:38:52.0079 0448 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
06:38:52.0089 0448 Avgmfx64 - ok
06:38:52.0097 0448 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
06:38:52.0107 0448 Avgrkx64 - ok
06:38:52.0123 0448 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
06:38:52.0137 0448 Avgtdia - ok
06:38:52.0157 0448 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
06:38:52.0168 0448 avgwd - ok
06:38:52.0191 0448 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
06:38:52.0208 0448 AxInstSV - ok
06:38:52.0243 0448 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
06:38:52.0258 0448 b06bdrv - ok
06:38:52.0274 0448 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
06:38:52.0290 0448 b57nd60a - ok
06:38:52.0337 0448 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
06:38:52.0369 0448 BBSvc - ok
06:38:52.0399 0448 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
06:38:52.0431 0448 BBUpdate - ok
06:38:52.0454 0448 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
06:38:52.0472 0448 BDESVC - ok
06:38:52.0484 0448 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
06:38:52.0526 0448 Beep - ok
06:38:52.0561 0448 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
06:38:52.0595 0448 BFE - ok
06:38:52.0628 0448 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
06:38:52.0664 0448 BITS - ok
06:38:52.0675 0448 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
06:38:52.0687 0448 blbdrive - ok
06:38:52.0710 0448 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:38:52.0723 0448 bowser - ok
06:38:52.0736 0448 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:38:52.0750 0448 BrFiltLo - ok
06:38:52.0759 0448 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:38:52.0774 0448 BrFiltUp - ok
06:38:52.0796 0448 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
06:38:52.0809 0448 Browser - ok
06:38:52.0824 0448 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
06:38:52.0839 0448 Brserid - ok
06:38:52.0850 0448 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
06:38:52.0866 0448 BrSerWdm - ok
06:38:52.0878 0448 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
06:38:52.0893 0448 BrUsbMdm - ok
06:38:52.0899 0448 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
06:38:52.0913 0448 BrUsbSer - ok
06:38:52.0934 0448 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
06:38:52.0947 0448 BthEnum - ok
06:38:52.0951 0448 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
06:38:52.0966 0448 BTHMODEM - ok
06:38:52.0988 0448 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
06:38:53.0004 0448 BthPan - ok
06:38:53.0033 0448 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
06:38:53.0063 0448 BTHPORT - ok
06:38:53.0092 0448 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
06:38:53.0155 0448 bthserv - ok
06:38:53.0168 0448 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
06:38:53.0181 0448 BTHUSB - ok
06:38:53.0204 0448 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
06:38:53.0213 0448 btusbflt - ok
06:38:53.0236 0448 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
06:38:53.0247 0448 btwaudio - ok
06:38:53.0263 0448 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
06:38:53.0274 0448 btwavdt - ok
06:38:53.0321 0448 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
06:38:53.0339 0448 btwdins - ok
06:38:53.0345 0448 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
06:38:53.0355 0448 btwl2cap - ok
06:38:53.0364 0448 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
06:38:53.0373 0448 btwrchid - ok
06:38:53.0384 0448 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:38:53.0415 0448 cdfs - ok
06:38:53.0439 0448 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
06:38:53.0452 0448 cdrom - ok
06:38:53.0472 0448 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
06:38:53.0502 0448 CertPropSvc - ok
06:38:53.0525 0448 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
06:38:53.0540 0448 circlass - ok
06:38:53.0587 0448 [ 6C99DE57C87D6F3EE85998A7E49F7BF9 ] CLDTVHNService C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
06:38:53.0604 0448 CLDTVHNService - ok
06:38:53.0630 0448 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
06:38:53.0655 0448 CLFS - ok
06:38:53.0708 0448 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:38:53.0729 0448 clr_optimization_v2.0.50727_32 - ok
06:38:53.0762 0448 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:38:53.0783 0448 clr_optimization_v2.0.50727_64 - ok
06:38:53.0826 0448 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:38:53.0849 0448 clr_optimization_v4.0.30319_32 - ok
06:38:53.0867 0448 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:38:53.0889 0448 clr_optimization_v4.0.30319_64 - ok
06:38:53.0914 0448 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
06:38:53.0940 0448 CmBatt - ok
06:38:53.0952 0448 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:38:53.0975 0448 cmdide - ok
06:38:54.0001 0448 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
06:38:54.0048 0448 CNG - ok
06:38:54.0113 0448 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
06:38:54.0140 0448 Com4QLBEx - ok
06:38:54.0157 0448 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
06:38:54.0184 0448 Compbatt - ok
06:38:54.0206 0448 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
06:38:54.0241 0448 CompositeBus - ok
06:38:54.0247 0448 COMSysApp - ok
06:38:54.0266 0448 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
06:38:54.0294 0448 crcdisk - ok
06:38:54.0322 0448 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:38:54.0352 0448 CryptSvc - ok
06:38:54.0392 0448 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:38:54.0467 0448 DcomLaunch - ok
06:38:54.0491 0448 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
06:38:54.0525 0448 defragsvc - ok
06:38:54.0535 0448 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:38:54.0566 0448 DfsC - ok
06:38:54.0586 0448 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
06:38:54.0598 0448 dg_ssudbus - ok
06:38:54.0612 0448 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
06:38:54.0645 0448 Dhcp - ok
06:38:54.0653 0448 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
06:38:54.0685 0448 discache - ok
06:38:54.0706 0448 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
06:38:54.0719 0448 Disk - ok
06:38:54.0747 0448 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:38:54.0760 0448 Dnscache - ok
06:38:54.0781 0448 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
06:38:54.0811 0448 dot3svc - ok
06:38:54.0848 0448 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
06:38:54.0878 0448 DPS - ok
06:38:54.0906 0448 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:38:54.0921 0448 drmkaud - ok
06:38:54.0958 0448 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:38:54.0999 0448 DXGKrnl - ok
06:38:55.0020 0448 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
06:38:55.0070 0448 EapHost - ok
06:38:55.0092 0448 [ 1D69A83033930C20583D608C622CA56B ] easytether C:\Windows\system32\DRIVERS\easytthr.sys
06:38:55.0101 0448 easytether - ok
06:38:55.0182 0448 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
06:38:55.0235 0448 ebdrv - ok
06:38:55.0250 0448 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
06:38:55.0264 0448 EFS - ok
06:38:55.0306 0448 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:38:55.0324 0448 ehRecvr - ok
06:38:55.0350 0448 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
06:38:55.0364 0448 ehSched - ok
06:38:55.0373 0448 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
06:38:55.0384 0448 ElbyCDIO - ok
06:38:55.0400 0448 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
06:38:55.0418 0448 elxstor - ok
06:38:55.0437 0448 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
06:38:55.0448 0448 enecir - ok
06:38:55.0456 0448 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:38:55.0470 0448 ErrDev - ok
06:38:55.0506 0448 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
06:38:55.0541 0448 EventSystem - ok
06:38:55.0548 0448 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
06:38:55.0580 0448 exfat - ok
06:38:55.0591 0448 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:38:55.0624 0448 fastfat - ok
06:38:55.0649 0448 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
06:38:55.0667 0448 Fax - ok
06:38:55.0672 0448 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
06:38:55.0685 0448 fdc - ok
06:38:55.0699 0448 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
06:38:55.0729 0448 fdPHost - ok
06:38:55.0738 0448 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
06:38:55.0769 0448 FDResPub - ok
06:38:55.0781 0448 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:38:55.0794 0448 FileInfo - ok
06:38:55.0798 0448 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:38:55.0827 0448 Filetrace - ok
06:38:55.0831 0448 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
06:38:55.0843 0448 flpydisk - ok
06:38:55.0860 0448 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:38:55.0875 0448 FltMgr - ok
06:38:55.0915 0448 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
06:38:55.0958 0448 FontCache - ok
06:38:56.0005 0448 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:38:56.0027 0448 FontCache3.0.0.0 - ok
06:38:56.0057 0448 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
06:38:56.0086 0448 FsDepends - ok
06:38:56.0110 0448 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
06:38:56.0125 0448 fssfltr - ok
06:38:56.0202 0448 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
06:38:56.0258 0448 fsssvc - ok
06:38:56.0278 0448 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
06:38:56.0295 0448 Fs_Rec - ok
06:38:56.0316 0448 [ FA169871D8FADCC6539C4E8726610286 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
06:38:56.0329 0448 FTDIBUS - ok
06:38:56.0355 0448 [ 24237091348D1EFB5635A1CF9649E311 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
06:38:56.0374 0448 FTSER2K - ok
06:38:56.0394 0448 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
06:38:56.0435 0448 fvevol - ok
06:38:56.0452 0448 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
06:38:56.0480 0448 gagp30kx - ok
06:38:56.0515 0448 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
06:38:56.0576 0448 gpsvc - ok
06:38:56.0620 0448 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:38:56.0630 0448 gupdate - ok
06:38:56.0644 0448 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:38:56.0655 0448 gupdatem - ok
06:38:56.0666 0448 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
06:38:56.0679 0448 hcw85cir - ok
06:38:56.0709 0448 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:38:56.0726 0448 HdAudAddService - ok
06:38:56.0742 0448 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
06:38:56.0758 0448 HDAudBus - ok
06:38:56.0767 0448 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
06:38:56.0780 0448 HidBatt - ok
06:38:56.0793 0448 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
06:38:56.0808 0448 HidBth - ok
06:38:56.0822 0448 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
06:38:56.0836 0448 HidIr - ok
06:38:56.0857 0448 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
06:38:56.0889 0448 hidserv - ok
06:38:56.0909 0448 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
06:38:56.0922 0448 HidUsb - ok
06:38:56.0948 0448 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
06:38:56.0983 0448 hkmsvc - ok
06:38:57.0008 0448 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:38:57.0022 0448 HomeGroupListener - ok
06:38:57.0045 0448 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:38:57.0060 0448 HomeGroupProvider - ok
06:38:57.0097 0448 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
06:38:57.0106 0448 HP Support Assistant Service - ok
06:38:57.0139 0448 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
06:38:57.0160 0448 HPDrvMntSvc.exe - ok
06:38:57.0183 0448 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
06:38:57.0199 0448 hpdskflt - ok
06:38:57.0226 0448 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
06:38:57.0244 0448 HpqKbFiltr - ok
06:38:57.0284 0448 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
06:38:57.0319 0448 hpqwmiex - ok
06:38:57.0340 0448 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
06:38:57.0354 0448 HpSAMD - ok
06:38:57.0364 0448 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
06:38:57.0375 0448 hpsrv - ok
06:38:57.0399 0448 [ 363571BC0C79E394E69300D1F2E3DDAE ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
06:38:57.0410 0448 HTCAND64 - ok
06:38:57.0449 0448 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
06:38:57.0509 0448 HTTP - ok
06:38:57.0531 0448 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
06:38:57.0543 0448 hwpolicy - ok
06:38:57.0563 0448 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
06:38:57.0578 0448 i8042prt - ok
06:38:57.0606 0448 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
06:38:57.0620 0448 iaStor - ok
06:38:57.0639 0448 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
06:38:57.0656 0448 iaStorV - ok
06:38:57.0707 0448 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
06:38:57.0715 0448 IDriverT ( UnsignedFile.Multi.Generic ) - warning
06:38:57.0716 0448 IDriverT - detected UnsignedFile.Multi.Generic (1)
06:38:57.0771 0448 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:38:57.0819 0448 idsvc - ok
06:38:57.0984 0448 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
06:38:58.0057 0448 igfx - ok
06:38:58.0070 0448 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
06:38:58.0082 0448 iirsp - ok
06:38:58.0116 0448 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
06:38:58.0152 0448 IKEEXT - ok
06:38:58.0180 0448 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
06:38:58.0191 0448 Impcd - ok
06:38:58.0206 0448 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
06:38:58.0218 0448 intelide - ok
06:38:58.0226 0448 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
06:38:58.0239 0448 intelppm - ok
06:38:58.0259 0448 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
06:38:58.0291 0448 IPBusEnum - ok
06:38:58.0313 0448 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:38:58.0343 0448 IpFilterDriver - ok
06:38:58.0383 0448 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
06:38:58.0439 0448 iphlpsvc - ok
06:38:58.0477 0448 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
06:38:58.0491 0448 IPMIDRV - ok
06:38:58.0513 0448 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
06:38:58.0546 0448 IPNAT - ok
06:38:58.0557 0448 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
06:38:58.0574 0448 IRENUM - ok
06:38:58.0597 0448 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
06:38:58.0610 0448 isapnp - ok
06:38:58.0633 0448 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
06:38:58.0648 0448 iScsiPrt - ok
06:38:58.0673 0448 [ F8844B00C10E386C704C610E95A9847D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
06:38:58.0690 0448 JMCR - ok
06:38:58.0704 0448 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
06:38:58.0716 0448 kbdclass - ok
06:38:58.0727 0448 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
06:38:58.0742 0448 kbdhid - ok
06:38:58.0748 0448 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
06:38:58.0761 0448 KeyIso - ok
06:38:58.0792 0448 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
06:38:58.0822 0448 KSecDD - ok
06:38:58.0843 0448 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
06:38:58.0866 0448 KSecPkg - ok
06:38:58.0883 0448 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
06:38:58.0941 0448 ksthunk - ok
06:38:58.0966 0448 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
06:38:59.0000 0448 KtmRm - ok
06:38:59.0026 0448 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
06:38:59.0058 0448 LanmanServer - ok
06:38:59.0082 0448 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:38:59.0113 0448 LanmanWorkstation - ok
06:38:59.0154 0448 [ 07B1888209C54B675FFCCBDE9F06D2C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
06:38:59.0162 0448 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
06:38:59.0162 0448 LightScribeService - detected UnsignedFile.Multi.Generic (1)
06:38:59.0181 0448 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
06:38:59.0244 0448 lltdio - ok
06:38:59.0269 0448 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
06:38:59.0302 0448 lltdsvc - ok
06:38:59.0311 0448 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
06:38:59.0343 0448 lmhosts - ok
06:38:59.0356 0448 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
06:38:59.0370 0448 LSI_FC - ok
06:38:59.0383 0448 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
06:38:59.0396 0448 LSI_SAS - ok
06:38:59.0410 0448 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:38:59.0423 0448 LSI_SAS2 - ok
06:38:59.0436 0448 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:38:59.0449 0448 LSI_SCSI - ok
06:38:59.0455 0448 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
06:38:59.0487 0448 luafv - ok
06:38:59.0536 0448 [ 4208B958E35F0E596AA241EFB664636B ] lxdxCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe
06:38:59.0558 0448 lxdxCATSCustConnectService - ok
06:38:59.0563 0448 lxdx_device - ok
06:38:59.0591 0448 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
06:38:59.0623 0448 Mcx2Svc - ok
06:38:59.0645 0448 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
06:38:59.0672 0448 megasas - ok
06:38:59.0690 0448 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
06:38:59.0723 0448 MegaSR - ok
06:38:59.0746 0448 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
06:38:59.0791 0448 MMCSS - ok
06:38:59.0805 0448 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
06:38:59.0837 0448 Modem - ok
06:38:59.0846 0448 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
06:38:59.0863 0448 monitor - ok
06:38:59.0881 0448 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
06:38:59.0894 0448 mouclass - ok
06:38:59.0915 0448 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
06:38:59.0929 0448 mouhid - ok
06:38:59.0950 0448 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
06:38:59.0963 0448 mountmgr - ok
06:38:59.0994 0448 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:39:00.0021 0448 MozillaMaintenance - ok
06:39:00.0050 0448 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
06:39:00.0078 0448 mpio - ok
06:39:00.0092 0448 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
06:39:00.0123 0448 mpsdrv - ok
06:39:00.0154 0448 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
06:39:00.0189 0448 MpsSvc - ok
06:39:00.0220 0448 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
06:39:00.0237 0448 MRxDAV - ok
06:39:00.0266 0448 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
06:39:00.0280 0448 mrxsmb - ok
06:39:00.0302 0448 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:39:00.0317 0448 mrxsmb10 - ok
06:39:00.0337 0448 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:39:00.0350 0448 mrxsmb20 - ok
06:39:00.0373 0448 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
06:39:00.0386 0448 msahci - ok
06:39:00.0397 0448 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
06:39:00.0410 0448 msdsm - ok
06:39:00.0435 0448 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
06:39:00.0450 0448 MSDTC - ok
06:39:00.0474 0448 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
06:39:00.0505 0448 Msfs - ok
06:39:00.0512 0448 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
06:39:00.0545 0448 mshidkmdf - ok
06:39:00.0551 0448 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
06:39:00.0563 0448 msisadrv - ok
06:39:00.0585 0448 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
06:39:00.0618 0448 MSiSCSI - ok
06:39:00.0621 0448 msiserver - ok
06:39:00.0636 0448 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
06:39:00.0669 0448 MSKSSRV - ok
06:39:00.0683 0448 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
06:39:00.0713 0448 MSPCLOCK - ok
06:39:00.0728 0448 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
06:39:00.0759 0448 MSPQM - ok
06:39:00.0783 0448 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
06:39:00.0799 0448 MsRPC - ok
06:39:00.0809 0448 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
06:39:00.0822 0448 mssmbios - ok
06:39:00.0834 0448 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
06:39:00.0865 0448 MSTEE - ok
06:39:00.0880 0448 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
06:39:00.0893 0448 MTConfig - ok
06:39:00.0903 0448 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
06:39:00.0916 0448 Mup - ok
06:39:00.0940 0448 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
06:39:00.0974 0448 napagent - ok
06:39:00.0988 0448 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
06:39:01.0009 0448 NativeWifiP - ok
06:39:01.0032 0448 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
06:39:01.0054 0448 NDIS - ok
06:39:01.0068 0448 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
06:39:01.0098 0448 NdisCap - ok
06:39:01.0111 0448 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
06:39:01.0143 0448 NdisTapi - ok
06:39:01.0159 0448 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
06:39:01.0189 0448 Ndisuio - ok
06:39:01.0210 0448 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
06:39:01.0241 0448 NdisWan - ok
06:39:01.0264 0448 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
06:39:01.0294 0448 NDProxy - ok
06:39:01.0304 0448 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
06:39:01.0336 0448 NetBIOS - ok
06:39:01.0360 0448 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
06:39:01.0392 0448 NetBT - ok
06:39:01.0405 0448 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
06:39:01.0417 0448 Netlogon - ok
06:39:01.0444 0448 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
06:39:01.0478 0448 Netman - ok
06:39:01.0498 0448 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:39:01.0510 0448 NetMsmqActivator - ok
06:39:01.0523 0448 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:39:01.0535 0448 NetPipeActivator - ok
06:39:01.0556 0448 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
06:39:01.0590 0448 netprofm - ok
06:39:01.0606 0448 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:39:01.0618 0448 NetTcpActivator - ok
06:39:01.0630 0448 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:39:01.0642 0448 NetTcpPortSharing - ok
06:39:01.0813 0448 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
06:39:01.0888 0448 NETw5s64 - ok
06:39:02.0014 0448 [ D68DE412A3243F8D57DDB814AA509813 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
06:39:02.0073 0448 netw5v64 - ok
06:39:02.0225 0448 [ EB43840BABF5589E33186D094DE7381D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
06:39:02.0297 0448 NETwNs64 - ok
06:39:02.0304 0448 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
06:39:02.0316 0448 nfrd960 - ok
06:39:02.0335 0448 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
06:39:02.0367 0448 NlaSvc - ok
06:39:02.0380 0448 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
06:39:02.0411 0448 Npfs - ok
06:39:02.0422 0448 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
06:39:02.0452 0448 nsi - ok
06:39:02.0462 0448 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
06:39:02.0495 0448 nsiproxy - ok
06:39:02.0555 0448 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
06:39:02.0604 0448 Ntfs - ok
06:39:02.0626 0448 [ 10694A19236A6355741914C3737CF3A5 ] ntk_dtv C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys
06:39:02.0636 0448 ntk_dtv - ok
06:39:02.0643 0448 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
06:39:02.0678 0448 Null - ok
06:39:02.0697 0448 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
06:39:02.0708 0448 NVHDA - ok
06:39:02.0939 0448 [ BBE872A814B00798C2D568D46C42A71B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
06:39:03.0090 0448 nvlddmkm - ok
06:39:03.0114 0448 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
06:39:03.0128 0448 nvraid - ok
06:39:03.0139 0448 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
06:39:03.0154 0448 nvstor - ok
06:39:03.0176 0448 [ 8F9C2A5F96810467D50687AE00465424 ] nvsvc C:\Windows\system32\nvvsvc.exe
06:39:03.0191 0448 nvsvc - ok
06:39:03.0215 0448 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
06:39:03.0229 0448 nv_agp - ok
06:39:03.0282 0448 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
06:39:03.0318 0448 odserv - ok
06:39:03.0359 0448 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
06:39:03.0378 0448 ohci1394 - ok
06:39:03.0410 0448 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:39:03.0438 0448 ose - ok
06:39:03.0467 0448 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
06:39:03.0501 0448 p2pimsvc - ok
06:39:03.0520 0448 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
06:39:03.0546 0448 p2psvc - ok
06:39:03.0575 0448 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
06:39:03.0597 0448 Parport - ok
06:39:03.0622 0448 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
06:39:03.0642 0448 partmgr - ok
06:39:03.0656 0448 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
06:39:03.0688 0448 PcaSvc - ok
06:39:03.0704 0448 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
06:39:03.0727 0448 pci - ok
06:39:03.0743 0448 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
06:39:03.0763 0448 pciide - ok
06:39:03.0785 0448 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
06:39:03.0810 0448 pcmcia - ok
06:39:03.0824 0448 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
06:39:03.0845 0448 pcw - ok
06:39:03.0875 0448 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
06:39:03.0930 0448 PEAUTH - ok
06:39:04.0017 0448 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
06:39:04.0052 0448 PerfHost - ok
06:39:04.0112 0448 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
06:39:04.0173 0448 pla - ok
06:39:04.0195 0448 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
06:39:04.0211 0448 PlugPlay - ok
06:39:04.0227 0448 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
06:39:04.0240 0448 PNRPAutoReg - ok
06:39:04.0258 0448 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
06:39:04.0273 0448 PNRPsvc - ok
06:39:04.0300 0448 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
06:39:04.0333 0448 PolicyAgent - ok
06:39:04.0353 0448 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
06:39:04.0386 0448 Power - ok
06:39:04.0405 0448 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
06:39:04.0435 0448 PptpMiniport - ok
06:39:04.0456 0448 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
06:39:04.0470 0448 Processor - ok
06:39:04.0494 0448 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
06:39:04.0509 0448 ProfSvc - ok
06:39:04.0524 0448 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:39:04.0537 0448 ProtectedStorage - ok
06:39:04.0558 0448 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
06:39:04.0588 0448 Psched - ok
06:39:04.0617 0448 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
06:39:04.0646 0448 ql2300 - ok
06:39:04.0660 0448 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
06:39:04.0673 0448 ql40xx - ok
06:39:04.0699 0448 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
06:39:04.0722 0448 QWAVE - ok
06:39:04.0736 0448 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
06:39:04.0753 0448 QWAVEdrv - ok
06:39:04.0780 0448 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
06:39:04.0793 0448 RapiMgr - ok
06:39:04.0804 0448 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
06:39:04.0835 0448 RasAcd - ok
06:39:04.0856 0448 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
06:39:04.0887 0448 RasAgileVpn - ok
06:39:04.0899 0448 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
06:39:04.0931 0448 RasAuto - ok
06:39:04.0955 0448 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
06:39:04.0985 0448 Rasl2tp - ok
06:39:05.0003 0448 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
06:39:05.0036 0448 RasMan - ok
06:39:05.0047 0448 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
06:39:05.0080 0448 RasPppoe - ok
06:39:05.0092 0448 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
06:39:05.0125 0448 RasSstp - ok
06:39:05.0140 0448 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
06:39:05.0172 0448 rdbss - ok
06:39:05.0185 0448 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
06:39:05.0200 0448 rdpbus - ok
06:39:05.0213 0448 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
06:39:05.0244 0448 RDPCDD - ok
06:39:05.0251 0448 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
06:39:05.0282 0448 RDPENCDD - ok
06:39:05.0289 0448 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
06:39:05.0321 0448 RDPREFMP - ok
06:39:05.0344 0448 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
06:39:05.0358 0448 RDPWD - ok
06:39:05.0384 0448 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
06:39:05.0399 0448 rdyboost - ok
06:39:05.0422 0448 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
06:39:05.0454 0448 RemoteAccess - ok
06:39:05.0476 0448 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
06:39:05.0509 0448 RemoteRegistry - ok
06:39:05.0527 0448 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
06:39:05.0544 0448 RFCOMM - ok
06:39:05.0608 0448 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
06:39:05.0634 0448 RichVideo - ok
06:39:05.0651 0448 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
06:39:05.0703 0448 RpcEptMapper - ok
06:39:05.0725 0448 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
06:39:05.0739 0448 RpcLocator - ok
06:39:05.0766 0448 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
06:39:05.0801 0448 RpcSs - ok
06:39:05.0822 0448 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
06:39:05.0853 0448 rspndr - ok
06:39:05.0875 0448 [ FE61B0B4AA58C3BD3DFA6279131F7F53 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
06:39:05.0891 0448 RTL8167 - ok
06:39:05.0901 0448 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
06:39:05.0915 0448 SamSs - ok
06:39:05.0936 0448 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
06:39:05.0951 0448 sbp2port - ok
06:39:05.0999 0448 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
06:39:06.0040 0448 SBSDWSCService - ok
06:39:06.0065 0448 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
06:39:06.0114 0448 SCardSvr - ok
06:39:06.0151 0448 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
06:39:06.0181 0448 scfilter - ok
06:39:06.0224 0448 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
06:39:06.0262 0448 Schedule - ok
06:39:06.0285 0448 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
06:39:06.0316 0448 SCPolicySvc - ok
06:39:06.0333 0448 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
06:39:06.0350 0448 sdbus - ok
06:39:06.0369 0448 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
06:39:06.0384 0448 SDRSVC - ok
06:39:06.0402 0448 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
06:39:06.0433 0448 secdrv - ok
06:39:06.0441 0448 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
06:39:06.0472 0448 seclogon - ok
06:39:06.0480 0448 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
06:39:06.0513 0448 SENS - ok
06:39:06.0526 0448 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
06:39:06.0540 0448 SensrSvc - ok
06:39:06.0549 0448 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
06:39:06.0562 0448 Serenum - ok
06:39:06.0576 0448 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
06:39:06.0590 0448 Serial - ok
06:39:06.0612 0448 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
06:39:06.0625 0448 sermouse - ok
06:39:06.0658 0448 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
06:39:06.0690 0448 SessionEnv - ok
06:39:06.0716 0448 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
06:39:06.0728 0448 sffdisk - ok
06:39:06.0740 0448 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
06:39:06.0753 0448 sffp_mmc - ok
06:39:06.0765 0448 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
06:39:06.0780 0448 sffp_sd - ok
06:39:06.0797 0448 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
06:39:06.0811 0448 sfloppy - ok
06:39:06.0838 0448 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
06:39:06.0872 0448 SharedAccess - ok
06:39:06.0890 0448 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:39:06.0923 0448 ShellHWDetection - ok
06:39:06.0937 0448 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:39:06.0951 0448 SiSRaid2 - ok
06:39:06.0957 0448 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
06:39:06.0970 0448 SiSRaid4 - ok
06:39:06.0999 0448 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
06:39:07.0008 0448 SmartDefragDriver - ok
06:39:07.0028 0448 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
06:39:07.0059 0448 Smb - ok
06:39:07.0084 0448 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
06:39:07.0099 0448 SNMPTRAP - ok
06:39:07.0113 0448 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
06:39:07.0126 0448 spldr - ok
06:39:07.0158 0448 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
06:39:07.0196 0448 Spooler - ok
06:39:07.0293 0448 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
06:39:07.0373 0448 sppsvc - ok
06:39:07.0384 0448 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
06:39:07.0416 0448 sppuinotify - ok
06:39:07.0441 0448 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
06:39:07.0458 0448 srv - ok
06:39:07.0475 0448 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
06:39:07.0492 0448 srv2 - ok
06:39:07.0510 0448 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
06:39:07.0525 0448 SrvHsfHDA - ok
06:39:07.0558 0448 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
06:39:07.0583 0448 SrvHsfV92 - ok
06:39:07.0614 0448 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
06:39:07.0633 0448 SrvHsfWinac - ok
06:39:07.0657 0448 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
06:39:07.0671 0448 srvnet - ok
06:39:07.0688 0448 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
06:39:07.0721 0448 SSDPSRV - ok
06:39:07.0733 0448 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
06:39:07.0770 0448 SstpSvc - ok
06:39:07.0796 0448 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
06:39:07.0808 0448 ssudmdm - ok
06:39:07.0892 0448 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
06:39:07.0922 0448 STacSV - ok
06:39:07.0935 0448 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
06:39:07.0962 0448 stexstor - ok
06:39:07.0991 0448 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
06:39:08.0015 0448 STHDA - ok
06:39:08.0047 0448 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
06:39:08.0081 0448 stisvc - ok
06:39:08.0133 0448 [ DF3E643F066534BDE8E1A91E94AF3125 ] StkCMini C:\Windows\system32\Drivers\StkCMini.sys
06:39:08.0183 0448 StkCMini - ok
06:39:08.0199 0448 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
06:39:08.0213 0448 swenum - ok
06:39:08.0241 0448 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
06:39:08.0276 0448 swprv - ok
06:39:08.0299 0448 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
06:39:08.0312 0448 SynTP - ok
06:39:08.0358 0448 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
06:39:08.0390 0448 SysMain - ok
06:39:08.0400 0448 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:39:08.0419 0448 TabletInputService - ok
06:39:08.0434 0448 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
06:39:08.0466 0448 TapiSrv - ok
06:39:08.0480 0448 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
06:39:08.0513 0448 TBS - ok
06:39:08.0564 0448 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
06:39:08.0597 0448 Tcpip - ok
06:39:08.0631 0448 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
06:39:08.0664 0448 TCPIP6 - ok
06:39:08.0689 0448 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
06:39:08.0718 0448 tcpipreg - ok
06:39:08.0749 0448 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
06:39:08.0762 0448 TDPIPE - ok
06:39:08.0783 0448 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
06:39:08.0796 0448 TDTCP - ok
06:39:08.0818 0448 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
06:39:08.0849 0448 tdx - ok
06:39:08.0867 0448 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
06:39:08.0880 0448 TermDD - ok
06:39:08.0902 0448 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
06:39:08.0938 0448 TermService - ok
06:39:08.0952 0448 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
06:39:08.0969 0448 Themes - ok
06:39:08.0987 0448 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
06:39:09.0018 0448 THREADORDER - ok
06:39:09.0031 0448 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
06:39:09.0063 0448 TrkWks - ok
06:39:09.0107 0448 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:39:09.0172 0448 TrustedInstaller - ok
06:39:09.0191 0448 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
06:39:09.0222 0448 tssecsrv - ok
06:39:09.0242 0448 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
06:39:09.0254 0448 TsUsbFlt - ok
06:39:09.0277 0448 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
06:39:09.0308 0448 tunnel - ok
06:39:09.0328 0448 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
06:39:09.0341 0448 uagp35 - ok
06:39:09.0367 0448 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
06:39:09.0400 0448 udfs - ok
06:39:09.0416 0448 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
06:39:09.0430 0448 UI0Detect - ok
06:39:09.0490 0448 [ F13DA74969897359A88F2A739F54A250 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
06:39:09.0498 0448 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
06:39:09.0498 0448 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
06:39:09.0519 0448 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
06:39:09.0548 0448 uliagpkx - ok
06:39:09.0603 0448 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
06:39:09.0633 0448 umbus - ok
06:39:09.0640 0448 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
06:39:09.0669 0448 UmPass - ok
06:39:09.0691 0448 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
06:39:09.0761 0448 upnphost - ok
06:39:09.0780 0448 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
06:39:09.0802 0448 usbaudio - ok
06:39:09.0823 0448 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
06:39:09.0841 0448 usbccgp - ok
06:39:09.0865 0448 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
06:39:09.0886 0448 usbcir - ok
06:39:09.0914 0448 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
06:39:09.0941 0448 usbehci - ok
06:39:09.0961 0448 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
06:39:09.0982 0448 usbhub - ok
06:39:09.0994 0448 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
06:39:10.0012 0448 usbohci - ok
06:39:10.0025 0448 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
06:39:10.0047 0448 usbprint - ok
06:39:10.0079 0448 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
06:39:10.0100 0448 usbscan - ok
06:39:10.0118 0448 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:39:10.0136 0448 USBSTOR - ok
06:39:10.0154 0448 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
06:39:10.0171 0448 usbuhci - ok
06:39:10.0184 0448 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
06:39:10.0208 0448 usbvideo - ok
06:39:10.0226 0448 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
06:39:10.0248 0448 usb_rndisx - ok
06:39:10.0265 0448 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
06:39:10.0313 0448 UxSms - ok
06:39:10.0324 0448 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
06:39:10.0338 0448 VaultSvc - ok
06:39:10.0364 0448 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
06:39:10.0377 0448 vdrvroot - ok
06:39:10.0402 0448 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
06:39:10.0438 0448 vds - ok
06:39:10.0458 0448 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
06:39:10.0474 0448 vga - ok

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Fri 31 Aug 2012, 2:09 am

06:39:10.0486 0448 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
06:39:10.0517 0448 VgaSave - ok
06:39:10.0550 0448 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
06:39:10.0582 0448 vhdmp - ok
06:39:10.0604 0448 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
06:39:10.0622 0448 viaide - ok
06:39:10.0643 0448 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
06:39:10.0661 0448 volmgr - ok
06:39:10.0686 0448 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
06:39:10.0709 0448 volmgrx - ok
06:39:10.0726 0448 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
06:39:10.0748 0448 volsnap - ok
06:39:10.0760 0448 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
06:39:10.0779 0448 vsmraid - ok
06:39:10.0824 0448 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
06:39:10.0877 0448 VSS - ok
06:39:10.0889 0448 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
06:39:10.0904 0448 vwifibus - ok
06:39:10.0911 0448 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
06:39:10.0928 0448 vwififlt - ok
06:39:10.0940 0448 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
06:39:10.0956 0448 vwifimp - ok
06:39:10.0983 0448 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
06:39:11.0017 0448 W32Time - ok
06:39:11.0035 0448 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
06:39:11.0049 0448 WacomPen - ok
06:39:11.0064 0448 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
06:39:11.0093 0448 WANARP - ok
06:39:11.0105 0448 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
06:39:11.0136 0448 Wanarpv6 - ok
06:39:11.0174 0448 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
06:39:11.0200 0448 WatAdminSvc - ok
06:39:11.0230 0448 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
06:39:11.0255 0448 wbengine - ok
06:39:11.0268 0448 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
06:39:11.0286 0448 WbioSrvc - ok
06:39:11.0306 0448 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
06:39:11.0322 0448 WcesComm - ok
06:39:11.0348 0448 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
06:39:11.0370 0448 wcncsvc - ok
06:39:11.0377 0448 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:39:11.0390 0448 WcsPlugInService - ok
06:39:11.0409 0448 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
06:39:11.0422 0448 Wd - ok
06:39:11.0444 0448 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
06:39:11.0463 0448 Wdf01000 - ok
06:39:11.0476 0448 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
06:39:11.0495 0448 WdiServiceHost - ok
06:39:11.0507 0448 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
06:39:11.0528 0448 WdiSystemHost - ok
06:39:11.0543 0448 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
06:39:11.0562 0448 WebClient - ok
06:39:11.0577 0448 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
06:39:11.0612 0448 Wecsvc - ok
06:39:11.0628 0448 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
06:39:11.0661 0448 wercplsupport - ok
06:39:11.0671 0448 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
06:39:11.0703 0448 WerSvc - ok
06:39:11.0717 0448 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
06:39:11.0748 0448 WfpLwf - ok
06:39:11.0758 0448 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
06:39:11.0770 0448 WIMMount - ok
06:39:11.0787 0448 WinDefend - ok
06:39:11.0793 0448 WinHttpAutoProxySvc - ok
06:39:11.0836 0448 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
06:39:11.0869 0448 Winmgmt - ok
06:39:11.0914 0448 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
06:39:11.0994 0448 WinRM - ok
06:39:12.0019 0448 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
06:39:12.0040 0448 WinUsb - ok
06:39:12.0067 0448 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
06:39:12.0104 0448 Wlansvc - ok
06:39:12.0168 0448 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
06:39:12.0191 0448 wlcrasvc - ok
06:39:12.0262 0448 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:39:12.0325 0448 wlidsvc - ok
06:39:12.0349 0448 [ 7A58BA979F7ACB3FC5310C771A1CF155 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
06:39:12.0359 0448 WmBEnum - ok
06:39:12.0369 0448 [ 8693A75C3FFD4A0C9E32BE621FDA71FB ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
06:39:12.0379 0448 WmFilter - ok
06:39:12.0393 0448 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
06:39:12.0406 0448 WmiAcpi - ok
06:39:12.0435 0448 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
06:39:12.0450 0448 wmiApSrv - ok
06:39:12.0473 0448 WMPNetworkSvc - ok
06:39:12.0484 0448 [ 3D9266CCD0F1EDB020C7AA24D527942B ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
06:39:12.0493 0448 WmVirHid - ok
06:39:12.0506 0448 [ 3CFFDF56A00408913B1E51C67F999E2E ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
06:39:12.0515 0448 WmXlCore - ok
06:39:12.0539 0448 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
06:39:12.0553 0448 WPCSvc - ok
06:39:12.0577 0448 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
06:39:12.0593 0448 WPDBusEnum - ok
06:39:12.0618 0448 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
06:39:12.0649 0448 ws2ifsl - ok
06:39:12.0658 0448 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
06:39:12.0676 0448 wscsvc - ok
06:39:12.0695 0448 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
06:39:12.0710 0448 WSDPrintDevice - ok
06:39:12.0713 0448 WSearch - ok
06:39:12.0769 0448 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
06:39:12.0810 0448 wuauserv - ok
06:39:12.0832 0448 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
06:39:12.0865 0448 WudfPf - ok
06:39:12.0880 0448 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
06:39:12.0911 0448 WUDFRd - ok
06:39:12.0925 0448 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
06:39:12.0958 0448 wudfsvc - ok
06:39:12.0972 0448 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
06:39:12.0991 0448 WwanSvc - ok
06:39:13.0009 0448 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
06:39:13.0026 0448 yukonw7 - ok
06:39:13.0091 0448 [ 74983ADDCA2D9618512C088D856D6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
06:39:13.0114 0448 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
06:39:13.0135 0448 ================ Scan global ===============================
06:39:13.0158 0448 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
06:39:13.0188 0448 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
06:39:13.0210 0448 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
06:39:13.0237 0448 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
06:39:13.0263 0448 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
06:39:13.0270 0448 [Global] - ok
06:39:13.0271 0448 ================ Scan MBR ==================================
06:39:13.0286 0448 [ 4591A5981C69163A700C6B4BD3E9AF59 ] \Device\Harddisk0\DR0
06:39:13.0677 0448 \Device\Harddisk0\DR0 - ok
06:39:13.0678 0448 ================ Scan VBR ==================================
06:39:13.0682 0448 [ EB28A81CA3D6B6313D25AE71B76A7A3A ] \Device\Harddisk0\DR0\Partition1
06:39:13.0686 0448 \Device\Harddisk0\DR0\Partition1 - ok
06:39:13.0721 0448 [ 8D16765E3E7108D0C96E55CB7994BF63 ] \Device\Harddisk0\DR0\Partition2
06:39:13.0725 0448 \Device\Harddisk0\DR0\Partition2 - ok
06:39:13.0757 0448 [ A37A4A55EA15B4F49E53B2390418C201 ] \Device\Harddisk0\DR0\Partition3
06:39:13.0761 0448 \Device\Harddisk0\DR0\Partition3 - ok
06:39:13.0774 0448 [ F37CA7D5EE48E0C8A41D0E0AE1379ED8 ] \Device\Harddisk0\DR0\Partition4
06:39:13.0776 0448 \Device\Harddisk0\DR0\Partition4 - ok
06:39:13.0777 0448 ============================================================
06:39:13.0777 0448 Scan finished
06:39:13.0777 0448 ============================================================
06:39:13.0791 6264 Detected object count: 4
06:39:13.0791 6264 Actual detected object count: 4
06:39:18.0025 6264 ADVService ( UnsignedFile.Multi.Generic ) - skipped by user
06:39:18.0025 6264 ADVService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:39:18.0026 6264 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
06:39:18.0026 6264 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:39:18.0028 6264 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
06:39:18.0029 6264 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:39:18.0031 6264 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
06:39:18.0031 6264 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:40:29.0578 5452 ============================================================
06:40:29.0578 5452 Scan started
06:40:29.0578 5452 Mode: Manual; SigCheck; TDLFS;
06:40:29.0578 5452 ============================================================
06:40:30.0102 5452 ================ Scan system memory ========================
06:40:30.0102 5452 System memory - ok
06:40:30.0103 5452 ================ Scan services =============================
06:40:30.0269 5452 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
06:40:30.0304 5452 1394ohci - ok
06:40:30.0331 5452 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
06:40:30.0351 5452 Accelerometer - ok
06:40:30.0391 5452 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
06:40:30.0427 5452 ACPI - ok
06:40:30.0465 5452 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
06:40:30.0498 5452 AcpiPmi - ok
06:40:30.0597 5452 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:40:30.0621 5452 AdobeFlashPlayerUpdateSvc - ok
06:40:30.0666 5452 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
06:40:30.0705 5452 adp94xx - ok
06:40:30.0735 5452 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
06:40:30.0769 5452 adpahci - ok
06:40:30.0802 5452 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
06:40:30.0832 5452 adpu320 - ok
06:40:30.0917 5452 [ 985E43B02D2443F6C0F440771C77E5D1 ] ADVService C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
06:40:30.0928 5452 ADVService ( UnsignedFile.Multi.Generic ) - warning
06:40:30.0928 5452 ADVService - detected UnsignedFile.Multi.Generic (1)
06:40:30.0957 5452 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:40:31.0014 5452 AeLookupSvc - ok
06:40:31.0119 5452 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
06:40:31.0145 5452 AESTFilters - ok
06:40:31.0193 5452 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
06:40:31.0226 5452 AFD - ok
06:40:31.0244 5452 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
06:40:31.0263 5452 agp440 - ok
06:40:31.0316 5452 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
06:40:31.0346 5452 ALG - ok
06:40:31.0397 5452 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
06:40:31.0423 5452 aliide - ok
06:40:31.0453 5452 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
06:40:31.0479 5452 amdide - ok
06:40:31.0539 5452 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
06:40:31.0569 5452 AmdK8 - ok
06:40:31.0582 5452 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
06:40:31.0601 5452 AmdPPM - ok
06:40:31.0629 5452 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
06:40:31.0648 5452 amdsata - ok
06:40:31.0671 5452 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
06:40:31.0692 5452 amdsbs - ok
06:40:31.0709 5452 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
06:40:31.0726 5452 amdxata - ok
06:40:31.0767 5452 [ 30682A098E12E2C85FA65518E1618195 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
06:40:31.0792 5452 AnyDVD - ok
06:40:31.0836 5452 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
06:40:31.0901 5452 AppID - ok
06:40:31.0918 5452 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
06:40:31.0975 5452 AppIDSvc - ok
06:40:32.0002 5452 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
06:40:32.0034 5452 Appinfo - ok
06:40:32.0051 5452 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
06:40:32.0064 5452 arc - ok
06:40:32.0074 5452 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
06:40:32.0089 5452 arcsas - ok
06:40:32.0225 5452 [ B373BD1E3641C16BD0B7933BEE3FFF1B ] ArraySSL_VPN_Service8.4.6.49 C:\Program Files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe
06:40:32.0251 5452 ArraySSL_VPN_Service8.4.6.49 - ok
06:40:32.0307 5452 [ 3C5DAB3190640FEB3A476DBC815FCEBB ] Array_Utility_Service8.4.6.49 C:\Program Files\Array Networks\Common\8,4,6,49\arr_isrv.exe
06:40:32.0335 5452 Array_Utility_Service8.4.6.49 - ok
06:40:32.0437 5452 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:40:32.0457 5452 aspnet_state - ok
06:40:32.0481 5452 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:40:32.0543 5452 AsyncMac - ok
06:40:32.0583 5452 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
06:40:32.0598 5452 atapi - ok
06:40:32.0620 5452 [ 0ACFBED8867E6911D732E661FD391CB4 ] ATP C:\Windows\system32\DRIVERS\atpdrvr.sys
06:40:32.0631 5452 ATP - ok
06:40:32.0657 5452 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:40:32.0697 5452 AudioEndpointBuilder - ok
06:40:32.0740 5452 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
06:40:32.0780 5452 AudioSrv - ok
06:40:32.0910 5452 [ BA60FD7A64B9759A14C0FBA4A9ED4C7B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
06:40:32.0990 5452 AVGIDSAgent - ok
06:40:33.0014 5452 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
06:40:33.0026 5452 AVGIDSDriver - ok
06:40:33.0040 5452 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
06:40:33.0050 5452 AVGIDSFilter - ok
06:40:33.0071 5452 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
06:40:33.0083 5452 AVGIDSHA - ok
06:40:33.0093 5452 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
06:40:33.0108 5452 Avgldx64 - ok
06:40:33.0136 5452 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
06:40:33.0147 5452 Avgmfx64 - ok
06:40:33.0155 5452 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
06:40:33.0164 5452 Avgrkx64 - ok
06:40:33.0194 5452 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
06:40:33.0221 5452 Avgtdia - ok
06:40:33.0248 5452 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
06:40:33.0264 5452 avgwd - ok
06:40:33.0290 5452 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
06:40:33.0315 5452 AxInstSV - ok
06:40:33.0350 5452 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
06:40:33.0373 5452 b06bdrv - ok
06:40:33.0390 5452 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
06:40:33.0411 5452 b57nd60a - ok
06:40:33.0462 5452 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
06:40:33.0486 5452 BBSvc - ok
06:40:33.0514 5452 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
06:40:33.0540 5452 BBUpdate - ok
06:40:33.0561 5452 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
06:40:33.0582 5452 BDESVC - ok
06:40:33.0591 5452 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
06:40:33.0645 5452 Beep - ok
06:40:33.0677 5452 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
06:40:33.0732 5452 BFE - ok
06:40:33.0770 5452 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
06:40:33.0833 5452 BITS - ok
06:40:33.0848 5452 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
06:40:33.0863 5452 blbdrive - ok
06:40:33.0883 5452 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:40:33.0899 5452 bowser - ok
06:40:33.0925 5452 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:40:33.0949 5452 BrFiltLo - ok
06:40:33.0965 5452 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:40:33.0985 5452 BrFiltUp - ok
06:40:34.0010 5452 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
06:40:34.0027 5452 Browser - ok
06:40:34.0047 5452 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
06:40:34.0067 5452 Brserid - ok
06:40:34.0081 5452 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
06:40:34.0101 5452 BrSerWdm - ok
06:40:34.0117 5452 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
06:40:34.0136 5452 BrUsbMdm - ok
06:40:34.0147 5452 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
06:40:34.0162 5452 BrUsbSer - ok
06:40:34.0182 5452 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
06:40:34.0199 5452 BthEnum - ok
06:40:34.0204 5452 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
06:40:34.0225 5452 BTHMODEM - ok
06:40:34.0253 5452 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
06:40:34.0286 5452 BthPan - ok
06:40:34.0321 5452 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
06:40:34.0356 5452 BTHPORT - ok
06:40:34.0389 5452 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
06:40:34.0451 5452 bthserv - ok
06:40:34.0464 5452 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
06:40:34.0479 5452 BTHUSB - ok
06:40:34.0500 5452 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
06:40:34.0512 5452 btusbflt - ok
06:40:34.0541 5452 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
06:40:34.0554 5452 btwaudio - ok
06:40:34.0567 5452 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
06:40:34.0581 5452 btwavdt - ok
06:40:34.0638 5452 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
06:40:34.0676 5452 btwdins - ok
06:40:34.0691 5452 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
06:40:34.0702 5452 btwl2cap - ok
06:40:34.0709 5452 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
06:40:34.0721 5452 btwrchid - ok
06:40:34.0730 5452 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:40:34.0779 5452 cdfs - ok
06:40:34.0801 5452 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
06:40:34.0819 5452 cdrom - ok
06:40:34.0843 5452 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
06:40:34.0900 5452 CertPropSvc - ok
06:40:34.0920 5452 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
06:40:34.0941 5452 circlass - ok
06:40:34.0990 5452 [ 6C99DE57C87D6F3EE85998A7E49F7BF9 ] CLDTVHNService C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe
06:40:35.0007 5452 CLDTVHNService - ok
06:40:35.0034 5452 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
06:40:35.0063 5452 CLFS - ok
06:40:35.0120 5452 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:40:35.0141 5452 clr_optimization_v2.0.50727_32 - ok
06:40:35.0174 5452 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:40:35.0194 5452 clr_optimization_v2.0.50727_64 - ok
06:40:35.0238 5452 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:40:35.0261 5452 clr_optimization_v4.0.30319_32 - ok
06:40:35.0402 5452 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:40:35.0428 5452 clr_optimization_v4.0.30319_64 - ok
06:40:35.0449 5452 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
06:40:35.0476 5452 CmBatt - ok
06:40:35.0532 5452 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:40:35.0558 5452 cmdide - ok
06:40:35.0602 5452 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
06:40:35.0644 5452 CNG - ok
06:40:35.0706 5452 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
06:40:35.0729 5452 Com4QLBEx - ok
06:40:35.0741 5452 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
06:40:35.0762 5452 Compbatt - ok
06:40:35.0783 5452 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
06:40:35.0809 5452 CompositeBus - ok
06:40:35.0814 5452 COMSysApp - ok
06:40:35.0826 5452 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
06:40:35.0847 5452 crcdisk - ok
06:40:35.0874 5452 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:40:35.0898 5452 CryptSvc - ok
06:40:35.0934 5452 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:40:35.0997 5452 DcomLaunch - ok
06:40:36.0027 5452 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
06:40:36.0060 5452 defragsvc - ok
06:40:36.0086 5452 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:40:36.0118 5452 DfsC - ok
06:40:36.0155 5452 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
06:40:36.0165 5452 dg_ssudbus - ok
06:40:36.0189 5452 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
06:40:36.0220 5452 Dhcp - ok
06:40:36.0238 5452 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
06:40:36.0270 5452 discache - ok
06:40:36.0290 5452 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
06:40:36.0303 5452 Disk - ok
06:40:36.0332 5452 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:40:36.0346 5452 Dnscache - ok
06:40:36.0374 5452 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
06:40:36.0405 5452 dot3svc - ok
06:40:36.0424 5452 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
06:40:36.0455 5452 DPS - ok
06:40:36.0474 5452 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:40:36.0490 5452 drmkaud - ok
06:40:36.0520 5452 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:40:36.0543 5452 DXGKrnl - ok
06:40:36.0563 5452 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
06:40:36.0596 5452 EapHost - ok
06:40:36.0628 5452 [ 1D69A83033930C20583D608C622CA56B ] easytether C:\Windows\system32\DRIVERS\easytthr.sys
06:40:36.0636 5452 easytether - ok
06:40:36.0714 5452 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
06:40:36.0766 5452 ebdrv - ok
06:40:36.0785 5452 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
06:40:36.0798 5452 EFS - ok
06:40:36.0845 5452 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:40:36.0888 5452 ehRecvr - ok
06:40:36.0910 5452 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
06:40:36.0940 5452 ehSched - ok
06:40:36.0958 5452 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
06:40:36.0980 5452 ElbyCDIO - ok
06:40:37.0005 5452 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
06:40:37.0043 5452 elxstor - ok
06:40:37.0063 5452 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
06:40:37.0077 5452 enecir - ok
06:40:37.0090 5452 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:40:37.0107 5452 ErrDev - ok
06:40:37.0141 5452 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
06:40:37.0192 5452 EventSystem - ok
06:40:37.0197 5452 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
06:40:37.0229 5452 exfat - ok
06:40:37.0242 5452 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:40:37.0274 5452 fastfat - ok
06:40:37.0299 5452 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
06:40:37.0317 5452 Fax - ok
06:40:37.0321 5452 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
06:40:37.0335 5452 fdc - ok
06:40:37.0349 5452 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
06:40:37.0379 5452 fdPHost - ok
06:40:37.0389 5452 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
06:40:37.0420 5452 FDResPub - ok
06:40:37.0431 5452 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:40:37.0444 5452 FileInfo - ok
06:40:37.0447 5452 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:40:37.0478 5452 Filetrace - ok
06:40:37.0482 5452 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
06:40:37.0494 5452 flpydisk - ok
06:40:37.0519 5452 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:40:37.0534 5452 FltMgr - ok
06:40:37.0570 5452 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
06:40:37.0592 5452 FontCache - ok
06:40:37.0631 5452 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:40:37.0640 5452 FontCache3.0.0.0 - ok
06:40:37.0650 5452 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
06:40:37.0662 5452 FsDepends - ok
06:40:37.0678 5452 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
06:40:37.0687 5452 fssfltr - ok
06:40:37.0761 5452 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
06:40:37.0810 5452 fsssvc - ok
06:40:37.0829 5452 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
06:40:37.0845 5452 Fs_Rec - ok
06:40:37.0867 5452 [ FA169871D8FADCC6539C4E8726610286 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
06:40:37.0879 5452 FTDIBUS - ok
06:40:37.0899 5452 [ 24237091348D1EFB5635A1CF9649E311 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
06:40:37.0911 5452 FTSER2K - ok
06:40:37.0928 5452 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
06:40:37.0951 5452 fvevol - ok
06:40:37.0970 5452 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
06:40:37.0987 5452 gagp30kx - ok
06:40:38.0022 5452 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
06:40:38.0070 5452 gpsvc - ok
06:40:38.0124 5452 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:40:38.0145 5452 gupdate - ok
06:40:38.0173 5452 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:40:38.0192 5452 gupdatem - ok
06:40:38.0210 5452 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
06:40:38.0234 5452 hcw85cir - ok
06:40:38.0261 5452 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:40:38.0296 5452 HdAudAddService - ok
06:40:38.0312 5452 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
06:40:38.0344 5452 HDAudBus - ok
06:40:38.0361 5452 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
06:40:38.0385 5452 HidBatt - ok
06:40:38.0404 5452 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
06:40:38.0434 5452 HidBth - ok
06:40:38.0449 5452 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
06:40:38.0479 5452 HidIr - ok
06:40:38.0501 5452 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
06:40:38.0562 5452 hidserv - ok
06:40:38.0585 5452 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
06:40:38.0602 5452 HidUsb - ok
06:40:38.0625 5452 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
06:40:38.0666 5452 hkmsvc - ok
06:40:38.0693 5452 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:40:38.0707 5452 HomeGroupListener - ok
06:40:38.0722 5452 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:40:38.0736 5452 HomeGroupProvider - ok
06:40:38.0773 5452 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
06:40:38.0788 5452 HP Support Assistant Service - ok
06:40:38.0824 5452 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
06:40:38.0845 5452 HPDrvMntSvc.exe - ok
06:40:38.0868 5452 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
06:40:38.0888 5452 hpdskflt - ok
06:40:38.0911 5452 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
06:40:38.0928 5452 HpqKbFiltr - ok
06:40:38.0962 5452 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
06:40:38.0998 5452 hpqwmiex - ok
06:40:39.0016 5452 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
06:40:39.0033 5452 HpSAMD - ok
06:40:39.0049 5452 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
06:40:39.0062 5452 hpsrv - ok
06:40:39.0084 5452 [ 363571BC0C79E394E69300D1F2E3DDAE ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
06:40:39.0097 5452 HTCAND64 - ok
06:40:39.0131 5452 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
06:40:39.0208 5452 HTTP - ok
06:40:39.0232 5452 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
06:40:39.0247 5452 hwpolicy - ok
06:40:39.0265 5452 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
06:40:39.0283 5452 i8042prt - ok
06:40:39.0308 5452 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
06:40:39.0326 5452 iaStor - ok
06:40:39.0349 5452 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
06:40:39.0373 5452 iaStorV - ok
06:40:39.0425 5452 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
06:40:39.0433 5452 IDriverT ( UnsignedFile.Multi.Generic ) - warning
06:40:39.0433 5452 IDriverT - detected UnsignedFile.Multi.Generic (1)
06:40:39.0489 5452 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:40:39.0534 5452 idsvc - ok
06:40:39.0685 5452 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
06:40:39.0776 5452 igfx - ok
06:40:39.0796 5452 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
06:40:39.0808 5452 iirsp - ok
06:40:39.0842 5452 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
06:40:39.0878 5452 IKEEXT - ok
06:40:39.0906 5452 [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
06:40:39.0917 5452 Impcd - ok
06:40:39.0932 5452 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
06:40:39.0945 5452 intelide - ok
06:40:39.0952 5452 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
06:40:39.0966 5452 intelppm - ok
06:40:39.0985 5452 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
06:40:40.0016 5452 IPBusEnum - ok
06:40:40.0039 5452 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:40:40.0070 5452 IpFilterDriver - ok
06:40:40.0109 5452 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
06:40:40.0177 5452 iphlpsvc - ok
06:40:40.0203 5452 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
06:40:40.0225 5452 IPMIDRV - ok
06:40:40.0248 5452 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
06:40:40.0293 5452 IPNAT - ok
06:40:40.0308 5452 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
06:40:40.0325 5452 IRENUM - ok
06:40:40.0348 5452 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
06:40:40.0359 5452 isapnp - ok
06:40:40.0384 5452 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
06:40:40.0399 5452 iScsiPrt - ok
06:40:40.0424 5452 [ F8844B00C10E386C704C610E95A9847D ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
06:40:40.0441 5452 JMCR - ok
06:40:40.0455 5452 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
06:40:40.0466 5452 kbdclass - ok
06:40:40.0478 5452 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
06:40:40.0491 5452 kbdhid - ok
06:40:40.0515 5452 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
06:40:40.0528 5452 KeyIso - ok
06:40:40.0559 5452 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
06:40:40.0572 5452 KSecDD - ok
06:40:40.0611 5452 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
06:40:40.0640 5452 KSecPkg - ok
06:40:40.0659 5452 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
06:40:40.0703 5452 ksthunk - ok

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Fri 31 Aug 2012, 2:10 am

06:40:40.0725 5452 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
06:40:40.0760 5452 KtmRm - ok
06:40:40.0785 5452 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
06:40:40.0817 5452 LanmanServer - ok
06:40:40.0841 5452 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:40:40.0872 5452 LanmanWorkstation - ok
06:40:40.0913 5452 [ 07B1888209C54B675FFCCBDE9F06D2C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
06:40:40.0921 5452 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
06:40:40.0921 5452 LightScribeService - detected UnsignedFile.Multi.Generic (1)
06:40:40.0932 5452 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
06:40:40.0978 5452 lltdio - ok
06:40:41.0004 5452 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
06:40:41.0036 5452 lltdsvc - ok
06:40:41.0045 5452 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
06:40:41.0077 5452 lmhosts - ok
06:40:41.0090 5452 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
06:40:41.0103 5452 LSI_FC - ok
06:40:41.0117 5452 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
06:40:41.0130 5452 LSI_SAS - ok
06:40:41.0144 5452 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:40:41.0157 5452 LSI_SAS2 - ok
06:40:41.0170 5452 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:40:41.0183 5452 LSI_SCSI - ok
06:40:41.0189 5452 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
06:40:41.0221 5452 luafv - ok
06:40:41.0270 5452 [ 4208B958E35F0E596AA241EFB664636B ] lxdxCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe
06:40:41.0282 5452 lxdxCATSCustConnectService - ok
06:40:41.0285 5452 lxdx_device - ok
06:40:41.0308 5452 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
06:40:41.0321 5452 Mcx2Svc - ok
06:40:41.0337 5452 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
06:40:41.0349 5452 megasas - ok
06:40:41.0364 5452 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
06:40:41.0379 5452 MegaSR - ok
06:40:41.0398 5452 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
06:40:41.0429 5452 MMCSS - ok
06:40:41.0441 5452 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
06:40:41.0471 5452 Modem - ok
06:40:41.0482 5452 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
06:40:41.0497 5452 monitor - ok
06:40:41.0516 5452 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
06:40:41.0529 5452 mouclass - ok
06:40:41.0550 5452 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
06:40:41.0563 5452 mouhid - ok
06:40:41.0585 5452 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
06:40:41.0598 5452 mountmgr - ok
06:40:41.0628 5452 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:40:41.0651 5452 MozillaMaintenance - ok
06:40:41.0694 5452 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
06:40:41.0723 5452 mpio - ok
06:40:41.0736 5452 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
06:40:41.0812 5452 mpsdrv - ok
06:40:41.0852 5452 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
06:40:41.0915 5452 MpsSvc - ok
06:40:41.0946 5452 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
06:40:41.0965 5452 MRxDAV - ok
06:40:42.0001 5452 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
06:40:42.0014 5452 mrxsmb - ok
06:40:42.0037 5452 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:40:42.0051 5452 mrxsmb10 - ok
06:40:42.0071 5452 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:40:42.0085 5452 mrxsmb20 - ok
06:40:42.0107 5452 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
06:40:42.0119 5452 msahci - ok
06:40:42.0147 5452 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
06:40:42.0161 5452 msdsm - ok
06:40:42.0186 5452 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
06:40:42.0201 5452 MSDTC - ok
06:40:42.0225 5452 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
06:40:42.0256 5452 Msfs - ok
06:40:42.0280 5452 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
06:40:42.0310 5452 mshidkmdf - ok
06:40:42.0360 5452 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
06:40:42.0385 5452 msisadrv - ok
06:40:42.0436 5452 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
06:40:42.0501 5452 MSiSCSI - ok
06:40:42.0504 5452 msiserver - ok
06:40:42.0519 5452 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
06:40:42.0550 5452 MSKSSRV - ok
06:40:42.0590 5452 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
06:40:42.0653 5452 MSPCLOCK - ok
06:40:42.0669 5452 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
06:40:42.0700 5452 MSPQM - ok
06:40:42.0724 5452 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
06:40:42.0740 5452 MsRPC - ok
06:40:42.0750 5452 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
06:40:42.0762 5452 mssmbios - ok
06:40:42.0775 5452 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
06:40:42.0806 5452 MSTEE - ok
06:40:42.0821 5452 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
06:40:42.0834 5452 MTConfig - ok
06:40:42.0844 5452 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
06:40:42.0857 5452 Mup - ok
06:40:42.0888 5452 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
06:40:42.0966 5452 napagent - ok
06:40:42.0988 5452 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
06:40:43.0024 5452 NativeWifiP - ok
06:40:43.0051 5452 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
06:40:43.0099 5452 NDIS - ok
06:40:43.0116 5452 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
06:40:43.0183 5452 NdisCap - ok
06:40:43.0200 5452 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
06:40:43.0257 5452 NdisTapi - ok
06:40:43.0272 5452 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
06:40:43.0304 5452 Ndisuio - ok
06:40:43.0324 5452 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
06:40:43.0356 5452 NdisWan - ok
06:40:43.0369 5452 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
06:40:43.0399 5452 NDProxy - ok
06:40:43.0409 5452 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
06:40:43.0441 5452 NetBIOS - ok
06:40:43.0465 5452 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
06:40:43.0502 5452 NetBT - ok
06:40:43.0510 5452 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
06:40:43.0523 5452 Netlogon - ok
06:40:43.0561 5452 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
06:40:43.0623 5452 Netman - ok
06:40:43.0646 5452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:40:43.0661 5452 NetMsmqActivator - ok
06:40:43.0676 5452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:40:43.0692 5452 NetPipeActivator - ok
06:40:43.0712 5452 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
06:40:43.0765 5452 netprofm - ok
06:40:43.0786 5452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:40:43.0796 5452 NetTcpActivator - ok
06:40:43.0810 5452 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:40:43.0821 5452 NetTcpPortSharing - ok
06:40:43.0981 5452 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
06:40:44.0052 5452 NETw5s64 - ok
06:40:44.0177 5452 [ D68DE412A3243F8D57DDB814AA509813 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
06:40:44.0232 5452 netw5v64 - ok
06:40:44.0385 5452 [ EB43840BABF5589E33186D094DE7381D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
06:40:44.0470 5452 NETwNs64 - ok
06:40:44.0491 5452 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
06:40:44.0503 5452 nfrd960 - ok
06:40:44.0523 5452 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
06:40:44.0557 5452 NlaSvc - ok
06:40:44.0584 5452 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
06:40:44.0615 5452 Npfs - ok
06:40:44.0634 5452 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
06:40:44.0666 5452 nsi - ok
06:40:44.0674 5452 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
06:40:44.0705 5452 nsiproxy - ok
06:40:44.0749 5452 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
06:40:44.0779 5452 Ntfs - ok
06:40:44.0798 5452 [ 10694A19236A6355741914C3737CF3A5 ] ntk_dtv C:\Program Files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys
06:40:44.0809 5452 ntk_dtv - ok
06:40:44.0823 5452 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
06:40:44.0855 5452 Null - ok
06:40:44.0877 5452 [ AD37248BD442D41C9A896E53EB8A85EE ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
06:40:44.0886 5452 NVHDA - ok
06:40:45.0101 5452 [ BBE872A814B00798C2D568D46C42A71B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
06:40:45.0252 5452 nvlddmkm - ok
06:40:45.0269 5452 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
06:40:45.0283 5452 nvraid - ok
06:40:45.0303 5452 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
06:40:45.0317 5452 nvstor - ok
06:40:45.0348 5452 [ 8F9C2A5F96810467D50687AE00465424 ] nvsvc C:\Windows\system32\nvvsvc.exe
06:40:45.0366 5452 nvsvc - ok
06:40:45.0395 5452 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
06:40:45.0413 5452 nv_agp - ok
06:40:45.0478 5452 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
06:40:45.0511 5452 odserv - ok
06:40:45.0531 5452 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
06:40:45.0557 5452 ohci1394 - ok
06:40:45.0598 5452 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:40:45.0619 5452 ose - ok
06:40:45.0647 5452 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
06:40:45.0678 5452 p2pimsvc - ok
06:40:45.0707 5452 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
06:40:45.0744 5452 p2psvc - ok
06:40:45.0772 5452 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
06:40:45.0802 5452 Parport - ok
06:40:45.0826 5452 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
06:40:45.0851 5452 partmgr - ok
06:40:45.0869 5452 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
06:40:45.0907 5452 PcaSvc - ok
06:40:45.0934 5452 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
06:40:45.0962 5452 pci - ok
06:40:45.0981 5452 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
06:40:46.0004 5452 pciide - ok
06:40:46.0023 5452 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
06:40:46.0052 5452 pcmcia - ok
06:40:46.0070 5452 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
06:40:46.0093 5452 pcw - ok
06:40:46.0121 5452 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
06:40:46.0194 5452 PEAUTH - ok
06:40:46.0263 5452 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
06:40:46.0291 5452 PerfHost - ok
06:40:46.0348 5452 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
06:40:46.0415 5452 pla - ok
06:40:46.0441 5452 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
06:40:46.0457 5452 PlugPlay - ok
06:40:46.0472 5452 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
06:40:46.0486 5452 PNRPAutoReg - ok
06:40:46.0504 5452 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
06:40:46.0519 5452 PNRPsvc - ok
06:40:46.0545 5452 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
06:40:46.0579 5452 PolicyAgent - ok
06:40:46.0598 5452 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
06:40:46.0631 5452 Power - ok
06:40:46.0651 5452 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
06:40:46.0681 5452 PptpMiniport - ok
06:40:46.0702 5452 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
06:40:46.0715 5452 Processor - ok
06:40:46.0740 5452 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
06:40:46.0754 5452 ProfSvc - ok
06:40:46.0769 5452 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:40:46.0782 5452 ProtectedStorage - ok
06:40:46.0804 5452 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
06:40:46.0834 5452 Psched - ok
06:40:46.0863 5452 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
06:40:46.0892 5452 ql2300 - ok
06:40:46.0905 5452 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
06:40:46.0919 5452 ql40xx - ok
06:40:46.0944 5452 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
06:40:46.0964 5452 QWAVE - ok
06:40:46.0973 5452 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
06:40:46.0990 5452 QWAVEdrv - ok
06:40:47.0017 5452 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
06:40:47.0030 5452 RapiMgr - ok
06:40:47.0042 5452 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
06:40:47.0072 5452 RasAcd - ok
06:40:47.0093 5452 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
06:40:47.0124 5452 RasAgileVpn - ok
06:40:47.0136 5452 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
06:40:47.0169 5452 RasAuto - ok
06:40:47.0193 5452 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
06:40:47.0224 5452 Rasl2tp - ok
06:40:47.0241 5452 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
06:40:47.0273 5452 RasMan - ok
06:40:47.0285 5452 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
06:40:47.0317 5452 RasPppoe - ok
06:40:47.0330 5452 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
06:40:47.0363 5452 RasSstp - ok
06:40:47.0385 5452 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
06:40:47.0417 5452 rdbss - ok
06:40:47.0431 5452 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
06:40:47.0446 5452 rdpbus - ok
06:40:47.0469 5452 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
06:40:47.0500 5452 RDPCDD - ok
06:40:47.0513 5452 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
06:40:47.0545 5452 RDPENCDD - ok
06:40:47.0552 5452 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
06:40:47.0583 5452 RDPREFMP - ok
06:40:47.0606 5452 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
06:40:47.0620 5452 RDPWD - ok
06:40:47.0638 5452 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
06:40:47.0652 5452 rdyboost - ok
06:40:47.0676 5452 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
06:40:47.0708 5452 RemoteAccess - ok
06:40:47.0730 5452 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
06:40:47.0762 5452 RemoteRegistry - ok
06:40:47.0781 5452 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
06:40:47.0798 5452 RFCOMM - ok
06:40:47.0862 5452 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
06:40:47.0887 5452 RichVideo - ok
06:40:47.0905 5452 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
06:40:47.0955 5452 RpcEptMapper - ok
06:40:47.0979 5452 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
06:40:47.0997 5452 RpcLocator - ok
06:40:48.0029 5452 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
06:40:48.0080 5452 RpcSs - ok
06:40:48.0101 5452 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
06:40:48.0132 5452 rspndr - ok
06:40:48.0154 5452 [ FE61B0B4AA58C3BD3DFA6279131F7F53 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
06:40:48.0169 5452 RTL8167 - ok
06:40:48.0180 5452 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
06:40:48.0193 5452 SamSs - ok
06:40:48.0215 5452 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
06:40:48.0227 5452 sbp2port - ok
06:40:48.0286 5452 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
06:40:48.0333 5452 SBSDWSCService - ok
06:40:48.0360 5452 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
06:40:48.0419 5452 SCardSvr - ok
06:40:48.0438 5452 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
06:40:48.0468 5452 scfilter - ok
06:40:48.0494 5452 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
06:40:48.0533 5452 Schedule - ok
06:40:48.0556 5452 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
06:40:48.0586 5452 SCPolicySvc - ok
06:40:48.0604 5452 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
06:40:48.0620 5452 sdbus - ok
06:40:48.0640 5452 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
06:40:48.0654 5452 SDRSVC - ok
06:40:48.0673 5452 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
06:40:48.0704 5452 secdrv - ok
06:40:48.0711 5452 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
06:40:48.0742 5452 seclogon - ok
06:40:48.0751 5452 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
06:40:48.0783 5452 SENS - ok
06:40:48.0805 5452 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
06:40:48.0819 5452 SensrSvc - ok
06:40:48.0828 5452 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
06:40:48.0841 5452 Serenum - ok
06:40:48.0855 5452 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
06:40:48.0868 5452 Serial - ok
06:40:48.0882 5452 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
06:40:48.0895 5452 sermouse - ok
06:40:48.0929 5452 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
06:40:48.0960 5452 SessionEnv - ok
06:40:48.0986 5452 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
06:40:48.0999 5452 sffdisk - ok
06:40:49.0011 5452 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
06:40:49.0023 5452 sffp_mmc - ok
06:40:49.0035 5452 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
06:40:49.0051 5452 sffp_sd - ok
06:40:49.0068 5452 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
06:40:49.0080 5452 sfloppy - ok
06:40:49.0108 5452 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
06:40:49.0142 5452 SharedAccess - ok
06:40:49.0161 5452 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:40:49.0195 5452 ShellHWDetection - ok
06:40:49.0208 5452 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:40:49.0220 5452 SiSRaid2 - ok
06:40:49.0228 5452 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
06:40:49.0240 5452 SiSRaid4 - ok
06:40:49.0261 5452 [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
06:40:49.0270 5452 SmartDefragDriver - ok
06:40:49.0290 5452 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
06:40:49.0321 5452 Smb - ok
06:40:49.0346 5452 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
06:40:49.0361 5452 SNMPTRAP - ok
06:40:49.0367 5452 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
06:40:49.0379 5452 spldr - ok
06:40:49.0412 5452 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
06:40:49.0430 5452 Spooler - ok
06:40:49.0520 5452 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
06:40:49.0606 5452 sppsvc - ok
06:40:49.0621 5452 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
06:40:49.0653 5452 sppuinotify - ok
06:40:49.0679 5452 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
06:40:49.0695 5452 srv - ok
06:40:49.0713 5452 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
06:40:49.0728 5452 srv2 - ok
06:40:49.0748 5452 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
06:40:49.0763 5452 SrvHsfHDA - ok
06:40:49.0796 5452 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
06:40:49.0820 5452 SrvHsfV92 - ok
06:40:49.0856 5452 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
06:40:49.0891 5452 SrvHsfWinac - ok
06:40:49.0912 5452 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
06:40:49.0932 5452 srvnet - ok
06:40:49.0951 5452 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
06:40:50.0004 5452 SSDPSRV - ok
06:40:50.0020 5452 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
06:40:50.0052 5452 SstpSvc - ok
06:40:50.0083 5452 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
06:40:50.0103 5452 ssudmdm - ok
06:40:50.0211 5452 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
06:40:50.0241 5452 STacSV - ok
06:40:50.0255 5452 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
06:40:50.0283 5452 stexstor - ok
06:40:50.0313 5452 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
06:40:50.0348 5452 STHDA - ok
06:40:50.0385 5452 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
06:40:50.0430 5452 stisvc - ok
06:40:50.0484 5452 [ DF3E643F066534BDE8E1A91E94AF3125 ] StkCMini C:\Windows\system32\Drivers\StkCMini.sys
06:40:50.0528 5452 StkCMini - ok
06:40:50.0544 5452 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
06:40:50.0556 5452 swenum - ok
06:40:50.0585 5452 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
06:40:50.0621 5452 swprv - ok
06:40:50.0644 5452 [ 3A706A967295E16511E40842B1A2761D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
06:40:50.0656 5452 SynTP - ok
06:40:50.0704 5452 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
06:40:50.0782 5452 SysMain - ok
06:40:50.0795 5452 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:40:50.0836 5452 TabletInputService - ok
06:40:50.0854 5452 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
06:40:50.0907 5452 TapiSrv - ok
06:40:50.0916 5452 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
06:40:50.0968 5452 TBS - ok
06:40:51.0028 5452 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
06:40:51.0083 5452 Tcpip - ok
06:40:51.0135 5452 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
06:40:51.0196 5452 TCPIP6 - ok
06:40:51.0223 5452 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
06:40:51.0271 5452 tcpipreg - ok
06:40:51.0292 5452 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
06:40:51.0308 5452 TDPIPE - ok
06:40:51.0334 5452 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
06:40:51.0353 5452 TDTCP - ok
06:40:51.0370 5452 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
06:40:51.0414 5452 tdx - ok
06:40:51.0434 5452 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
06:40:51.0447 5452 TermDD - ok
06:40:51.0469 5452 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
06:40:51.0505 5452 TermService - ok
06:40:51.0519 5452 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
06:40:51.0537 5452 Themes - ok
06:40:51.0554 5452 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
06:40:51.0587 5452 THREADORDER - ok
06:40:51.0598 5452 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
06:40:51.0630 5452 TrkWks - ok
06:40:51.0675 5452 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:40:51.0734 5452 TrustedInstaller - ok
06:40:51.0758 5452 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
06:40:51.0802 5452 tssecsrv - ok
06:40:51.0826 5452 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
06:40:51.0850 5452 TsUsbFlt - ok
06:40:51.0878 5452 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
06:40:51.0922 5452 tunnel - ok
06:40:51.0937 5452 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
06:40:51.0950 5452 uagp35 - ok
06:40:51.0976 5452 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
06:40:52.0025 5452 udfs - ok
06:40:52.0066 5452 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
06:40:52.0093 5452 UI0Detect - ok
06:40:52.0173 5452 [ F13DA74969897359A88F2A739F54A250 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
06:40:52.0181 5452 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
06:40:52.0181 5452 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
06:40:52.0202 5452 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
06:40:52.0229 5452 uliagpkx - ok
06:40:52.0253 5452 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
06:40:52.0281 5452 umbus - ok
06:40:52.0288 5452 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
06:40:52.0314 5452 UmPass - ok
06:40:52.0333 5452 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
06:40:52.0411 5452 upnphost - ok
06:40:52.0430 5452 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
06:40:52.0451 5452 usbaudio - ok
06:40:52.0473 5452 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
06:40:52.0490 5452 usbccgp - ok
06:40:52.0532 5452 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
06:40:52.0563 5452 usbcir - ok
06:40:52.0590 5452 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
06:40:52.0611 5452 usbehci - ok
06:40:52.0628 5452 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
06:40:52.0651 5452 usbhub - ok
06:40:52.0661 5452 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
06:40:52.0680 5452 usbohci - ok
06:40:52.0691 5452 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
06:40:52.0714 5452 usbprint - ok
06:40:52.0737 5452 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
06:40:52.0761 5452 usbscan - ok
06:40:52.0776 5452 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:40:52.0797 5452 USBSTOR - ok
06:40:52.0812 5452 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
06:40:52.0832 5452 usbuhci - ok
06:40:52.0851 5452 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
06:40:52.0877 5452 usbvideo - ok
06:40:52.0901 5452 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
06:40:52.0932 5452 usb_rndisx - ok
06:40:52.0957 5452 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
06:40:53.0004 5452 UxSms - ok
06:40:53.0015 5452 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
06:40:53.0028 5452 VaultSvc - ok
06:40:53.0043 5452 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
06:40:53.0055 5452 vdrvroot - ok
06:40:53.0077 5452 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
06:40:53.0113 5452 vds - ok
06:40:53.0133 5452 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
06:40:53.0148 5452 vga - ok
06:40:53.0161 5452 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
06:40:53.0192 5452 VgaSave - ok
06:40:53.0224 5452 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
06:40:53.0238 5452 vhdmp - ok
06:40:53.0262 5452 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
06:40:53.0274 5452 viaide - ok
06:40:53.0292 5452 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
06:40:53.0305 5452 volmgr - ok
06:40:53.0326 5452 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
06:40:53.0344 5452 volmgrx - ok
06:40:53.0358 5452 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
06:40:53.0373 5452 volsnap - ok
06:40:53.0383 5452 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
06:40:53.0397 5452 vsmraid - ok
06:40:53.0437 5452 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
06:40:53.0480 5452 VSS - ok
06:40:53.0488 5452 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
06:40:53.0504 5452 vwifibus - ok
06:40:53.0519 5452 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
06:40:53.0536 5452 vwififlt - ok
06:40:53.0547 5452 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
06:40:53.0564 5452 vwifimp - ok
06:40:53.0591 5452 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
06:40:53.0625 5452 W32Time - ok
06:40:53.0643 5452 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
06:40:53.0656 5452 WacomPen - ok
06:40:53.0671 5452 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
06:40:53.0702 5452 WANARP - ok
06:40:53.0713 5452 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
06:40:53.0743 5452 Wanarpv6 - ok
06:40:53.0790 5452 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
06:40:53.0834 5452 WatAdminSvc - ok
06:40:53.0878 5452 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
06:40:53.0922 5452 wbengine - ok
06:40:53.0943 5452 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
06:40:53.0969 5452 WbioSrvc - ok
06:40:53.0989 5452 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
06:40:54.0010 5452 WcesComm - ok
06:40:54.0031 5452 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
06:40:54.0060 5452 wcncsvc - ok
06:40:54.0076 5452 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:40:54.0094 5452 WcsPlugInService - ok
06:40:54.0116 5452 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
06:40:54.0131 5452 Wd - ok
06:40:54.0152 5452 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
06:40:54.0179 5452 Wdf01000 - ok
06:40:54.0191 5452 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
06:40:54.0217 5452 WdiServiceHost - ok
06:40:54.0230 5452 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
06:40:54.0256 5452 WdiSystemHost - ok
06:40:54.0275 5452 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
06:40:54.0303 5452 WebClient - ok
06:40:54.0317 5452 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
06:40:54.0367 5452 Wecsvc - ok
06:40:54.0384 5452 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
06:40:54.0431 5452 wercplsupport - ok
06:40:54.0444 5452 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
06:40:54.0491 5452 WerSvc - ok
06:40:54.0498 5452 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
06:40:54.0544 5452 WfpLwf - ok
06:40:54.0556 5452 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
06:40:54.0572 5452 WIMMount - ok
06:40:54.0593 5452 WinDefend - ok
06:40:54.0600 5452 WinHttpAutoProxySvc - ok
06:40:54.0652 5452 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
06:40:54.0716 5452 Winmgmt - ok
06:40:54.0780 5452 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
06:40:54.0847 5452 WinRM - ok
06:40:54.0874 5452 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
06:40:54.0890 5452 WinUsb - ok
06:40:54.0913 5452 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
06:40:54.0937 5452 Wlansvc - ok
06:40:54.0999 5452 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
06:40:55.0020 5452 wlcrasvc - ok
06:40:55.0092 5452 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:40:55.0142 5452 wlidsvc - ok
06:40:55.0163 5452 [ 7A58BA979F7ACB3FC5310C771A1CF155 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys
06:40:55.0173 5452 WmBEnum - ok
06:40:55.0184 5452 [ 8693A75C3FFD4A0C9E32BE621FDA71FB ] WmFilter C:\Windows\system32\drivers\WmFilter.sys
06:40:55.0193 5452 WmFilter - ok
06:40:55.0207 5452 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
06:40:55.0221 5452 WmiAcpi - ok
06:40:55.0248 5452 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
06:40:55.0264 5452 wmiApSrv - ok
06:40:55.0287 5452 WMPNetworkSvc - ok
06:40:55.0298 5452 [ 3D9266CCD0F1EDB020C7AA24D527942B ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys
06:40:55.0308 5452 WmVirHid - ok
06:40:55.0320 5452 [ 3CFFDF56A00408913B1E51C67F999E2E ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys
06:40:55.0329 5452 WmXlCore - ok
06:40:55.0354 5452 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
06:40:55.0367 5452 WPCSvc - ok
06:40:55.0391 5452 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
06:40:55.0406 5452 WPDBusEnum - ok
06:40:55.0432 5452 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
06:40:55.0462 5452 ws2ifsl - ok
06:40:55.0472 5452 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
06:40:55.0490 5452 wscsvc - ok
06:40:55.0509 5452 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
06:40:55.0528 5452 WSDPrintDevice - ok
06:40:55.0531 5452 WSearch - ok
06:40:55.0607 5452 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
06:40:55.0663 5452 wuauserv - ok
06:40:55.0689 5452 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
06:40:55.0718 5452 WudfPf - ok
06:40:55.0736 5452 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
06:40:55.0767 5452 WUDFRd - ok
06:40:55.0781 5452 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
06:40:55.0814 5452 wudfsvc - ok
06:40:55.0828 5452 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
06:40:55.0848 5452 WwanSvc - ok
06:40:55.0865 5452 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
06:40:55.0882 5452 yukonw7 - ok
06:40:55.0964 5452 [ 74983ADDCA2D9618512C088D856D6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
06:40:55.0980 5452 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
06:40:55.0993 5452 ================ Scan global ===============================
06:40:56.0014 5452 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
06:40:56.0044 5452 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
06:40:56.0066 5452 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
06:40:56.0093 5452 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
06:40:56.0119 5452 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
06:40:56.0126 5452 [Global] - ok
06:40:56.0126 5452 ================ Scan MBR ==================================
06:40:56.0143 5452 [ 4591A5981C69163A700C6B4BD3E9AF59 ] \Device\Harddisk0\DR0
06:40:56.0565 5452 \Device\Harddisk0\DR0 - ok
06:40:56.0565 5452 ================ Scan VBR ==================================
06:40:56.0570 5452 [ EB28A81CA3D6B6313D25AE71B76A7A3A ] \Device\Harddisk0\DR0\Partition1
06:40:56.0573 5452 \Device\Harddisk0\DR0\Partition1 - ok
06:40:56.0602 5452 [ 8D16765E3E7108D0C96E55CB7994BF63 ] \Device\Harddisk0\DR0\Partition2
06:40:56.0606 5452 \Device\Harddisk0\DR0\Partition2 - ok
06:40:56.0638 5452 [ A37A4A55EA15B4F49E53B2390418C201 ] \Device\Harddisk0\DR0\Partition3
06:40:56.0642 5452 \Device\Harddisk0\DR0\Partition3 - ok
06:40:56.0655 5452 [ F37CA7D5EE48E0C8A41D0E0AE1379ED8 ] \Device\Harddisk0\DR0\Partition4
06:40:56.0657 5452 \Device\Harddisk0\DR0\Partition4 - ok
06:40:56.0658 5452 ============================================================
06:40:56.0658 5452 Scan finished
06:40:56.0658 5452 ============================================================
06:40:56.0670 1672 Detected object count: 4
06:40:56.0670 1672 Actual detected object count: 4
06:47:41.0464 1672 ADVService ( UnsignedFile.Multi.Generic ) - skipped by user
06:47:41.0464 1672 ADVService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:47:41.0465 1672 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
06:47:41.0465 1672 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:47:41.0467 1672 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
06:47:41.0467 1672 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:47:41.0470 1672 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
06:47:41.0470 1672 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
06:57:37.0752 7052 Deinitialize success

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Fri 31 Aug 2012, 2:12 am

TDSSKiller.2.8.8.0_30.08.2012_10.46.18_log.zip

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by DragonMaster Jay on Fri 31 Aug 2012, 2:30 am

ComboFix

Please download ComboFix by sUBs
From BleepingComputer.com

Please save the file to your Desktop, but rename it first to svchost.exe

Important information about ComboFix

Before the download:

  • Please copy and paste these instructions to Notepad and save to your Desktop, or print them - for easier access.
  • It is important to rename ComboFix before the download.
  • Please do not rename ComboFix to other names, but only the one indicated.

After the download:

  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

  • Double click on svchost.exe & follow the prompts.
  • It will attempt to install the Recovery Console:


  • When ComboFix finishes, it will produce a report for you.
  • Please post the "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.


NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Fri 31 Aug 2012, 4:49 am

ComboFix 12-08-29.03 - Mark 08/30/2012 13:01:05.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4087.1995 [GMT -4:00]
Running from: c:\users\Mark\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Vid-Saver
c:\program files (x86)\Vid-Saver\Uninstall.exe
c:\program files (x86)\Vid-Saver\Vid-Saver.dll
c:\program files (x86)\Vid-Saver\Vid-Saver.exe
c:\program files (x86)\Vid-Saver\Vid-Saver.ico
c:\program files (x86)\Vid-Saver\Vid-Saver.ini
c:\program files (x86)\Vid-Saver\Vid-SaverGui.exe
c:\program files (x86)\Vid-Saver\Vid-SaverInstaller.log
c:\programdata\SPL1093.tmp
c:\programdata\SPL114E.tmp
c:\programdata\SPL1785.tmp
c:\programdata\SPL202C.tmp
c:\programdata\SPL21F1.tmp
c:\programdata\SPL5752.tmp
c:\programdata\SPL6E5B.tmp
c:\programdata\SPL8545.tmp
c:\programdata\SPL8C09.tmp
c:\programdata\SPL8DFC.tmp
c:\programdata\SPL9175.tmp
c:\programdata\SPL9368.tmp
c:\programdata\SPL95B9.tmp
c:\programdata\SPL95D8.tmp
c:\programdata\SPL975E.tmp
c:\programdata\SPL980A.tmp
c:\programdata\SPL9858.tmp
c:\programdata\SPL9CF9.tmp
c:\programdata\SPLA302.tmp
c:\programdata\SPLA707.tmp
c:\programdata\SPLA736.tmp
c:\programdata\SPLA8FB.tmp
c:\programdata\SPLA958.tmp
c:\programdata\SPLA9A.tmp
c:\programdata\SPLA9F4.tmp
c:\programdata\SPLAB2C.tmp
c:\programdata\SPLAB4B.tmp
c:\programdata\SPLAC26.tmp
c:\programdata\SPLACF1.tmp
c:\programdata\SPLAD8D.tmp
c:\programdata\SPLAE57.tmp
c:\programdata\SPLAF51.tmp
c:\programdata\SPLB3E3.tmp
c:\programdata\SPLB3F3.tmp
c:\programdata\SPLB624.tmp
c:\programdata\SPLB653.tmp
c:\programdata\SPLBB52.tmp
c:\programdata\SPLBC1D.tmp
c:\programdata\SPLBC7B.tmp
c:\programdata\SPLBD65.tmp
c:\programdata\SPLBDE1.tmp
c:\programdata\SPLC0BF.tmp
c:\programdata\SPLC0DE.tmp
c:\programdata\SPLC38C.tmp
c:\programdata\SPLC3BB.tmp
c:\programdata\SPLC3DA.tmp
c:\programdata\SPLC4F3.tmp
c:\programdata\SPLC80F.tmp
c:\programdata\SPLC8AB.tmp
c:\programdata\SPLC9A4.tmp
c:\programdata\SPLCF30.tmp
c:\programdata\SPLD087.tmp
c:\programdata\SPLD4CB.tmp
c:\programdata\SPLD5E4.tmp
c:\programdata\SPLD5E5.tmp
c:\programdata\SPLD806.tmp
c:\programdata\SPLD92E.tmp
c:\programdata\SPLE149.tmp
c:\programdata\SPLEAAB.tmp
c:\programdata\SPLF527.tmp
c:\programdata\SPLF881.tmp
c:\users\Mark\AppData\Local\assembly\tmp
c:\users\Mark\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\users\Mark\AppData\Local\Vid-Saver
c:\users\Mark\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
c:\users\Mark\AppData\Roaming\.#
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome.manifest
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome\content\background.html
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome\content\browser.xul
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome\content\crossrider.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome\content\crossriderapi.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome\content\dialog.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome\content\options.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome\content\options.xul
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome\content\search_dialog.xul
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\chrome\content\update.html
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\defaults\preferences\prefs.js
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\install.rdf
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\locale\en-US\translations.dtd
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\button1.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\button2.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\button3.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\button4.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\button5.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\crossrider_statusbar.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\icon128.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\icon16.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\icon24.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\icon48.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\panelarrow-up.png
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\popup.css
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\popup.html
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\popup_binding.xml
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\skin.css
c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\extensions\crossriderapp3491@crossrider.com\skin\update.css
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-30 )))))))))))))))))))))))))))))))
.
.
2012-08-30 17:33 . 2012-08-30 17:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-23 15:57 . 2012-08-23 15:57 -------- d-----w- c:\users\Mark\AppData\Local\ImageVisu
2012-08-21 11:04 . 2012-08-21 11:04 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-08-21 11:04 . 2012-08-21 11:04 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-08-21 11:04 . 2012-08-21 11:04 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-08-21 11:04 . 2012-08-21 11:04 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-08-21 11:04 . 2012-08-21 11:04 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-08-18 15:26 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-16 15:01 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-16 15:01 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-16 15:01 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-16 15:01 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-16 15:01 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-16 15:01 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-16 15:01 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-16 15:01 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-16 15:01 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-16 15:01 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-16 15:01 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 15:01 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-18 15:20 . 2009-12-23 21:06 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-16 15:52 . 2012-07-08 11:06 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-16 15:52 . 2011-06-19 10:47 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-30 17:32 . 2012-07-30 17:32 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-30 17:32 . 2012-07-30 17:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-06-09 05:43 . 2012-07-11 15:18 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-07 00:59 . 2012-06-07 00:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-11 15:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 15:18 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 15:18 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 15:18 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 15:18 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 15:18 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-24 10:44 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-24 10:45 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-24 10:45 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-24 10:45 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-24 10:44 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-24 10:45 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-24 10:44 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-24 10:44 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-24 10:44 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:50 . 2012-07-11 15:18 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 15:18 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 15:18 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 15:18 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 15:18 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 15:18 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 15:18 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 15:18 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 15:18 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe" [2012-04-27 6065784]
"Skype"="c:\program files (x86)\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
"Logitech Vid"="c:\program files (x86)\Logitech\Logitech Vid\Vid.exe" [2010-01-19 5932888]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2010-12-19 48456]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"FaxCenterServer"="c:\program files (x86)\Lexmark Fax Solutions\fm3032.exe" [2008-06-13 320168]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"UVS10 Preload"="c:\program files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe" [2006-08-09 36864]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Amazon Unbox.lnk - c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2010-3-4 97384]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"My Web Search Bar Search Scope Monitor"="c:\progra~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
"MyWebSearch Email Plugin"=c:\progra~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 136176]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe [2009-10-16 29184]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 250056]
R3 ATP;Array Networks SSL VPN Driver;c:\windows\system32\DRIVERS\atpdrvr.sys [2009-09-27 19968]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-17 35104]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 136176]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2010-04-29 32768]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-12-20 151040]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-21 129976]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-07-23 5435904]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
R3 StkCMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkCMini.sys [2010-04-16 1816968]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-26 1255736]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/12/22 20:59];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-07-24 04:45 146928]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 Array_Utility_Service8.4.6.49;Array Utility Service 8,4,6,49;c:\program files\Array Networks\Common\8,4,6,49\arr_isrv.exe [2012-03-02 402864]
S2 ArraySSL_VPN_Service8.4.6.49;Array SSL VPN Service 8,4,6,49;c:\program files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe [2012-03-02 279984]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 CLDTVHNService;CLDTVHNService;c:\program files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe [2009-09-17 75048]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe [2009-10-16 1039872]
S2 ntk_dtv;ntk_dtv;c:\program files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys [2009-09-17 82416]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [2010-08-29 21072]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-01-24 7821312]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-08-22 84512]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-02-06 291328]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 17:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 15:52]
.
2012-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 02:24]
.
2012-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 02:24]
.
2012-08-28 c:\windows\Tasks\HPCeeScheduleForMark.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15]
.
2011-12-22 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SDUpdate.exe [2010-04-17 19:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 120328]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-09 172032]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"lxdxmon.exe"="c:\program files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe" [2010-02-04 672424]
"lxdxamon"="c:\program files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe" [2010-02-04 16040]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uLocal Page = c:\windows\system32\blank.htm
mStart Page = [You must be registered and logged in to see this link.]
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: images.cdidocs.com\www
Trusted Zone: insidecdi.com\www
Trusted Zone: mycdiexam.com\www
Trusted Zone: tcfef.com\ra
TCP: DhcpNameServer = 192.168.0.1
DPF: {B6648EB8-2460-484F-9255-9654454C4C70} - [You must be registered and logged in to see this link.]
DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKCU-Run-KiesHelper - c:\program files (x86)\Samsung\Kies\KiesHelper.exe
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Array SSL VPN8,4,6,49 - c:\program files\Array Networks\Common\8
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Completion time: 2012-08-30 13:43:20 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-30 17:43
.
Pre-Run: 161,397,379,072 bytes free
Post-Run: 161,776,271,360 bytes free
.
- - End Of File - - 0CEBB918612D9C2C06F2AAD0D972988D

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by DragonMaster Jay on Fri 31 Aug 2012, 7:39 pm

Please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Sat 01 Sep 2012, 4:53 am

# AdwCleaner v2.000 - Logfile created 08/31/2012 at 13:53:01
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Mark - MARK-PC
# Boot Mode : Normal
# Running from : C:\Users\Mark\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [27515 octets] - [27/08/2012 06:53:21]
AdwCleaner[R2].txt - [29097 octets] - [30/08/2012 10:38:26]
AdwCleaner[S1].txt - [29100 octets] - [30/08/2012 10:38:37]
AdwCleaner[R3].txt - [1265 octets] - [31/08/2012 13:53:01]

########## EOF - C:\AdwCleaner[R3].txt - [1325 octets] ##########

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by DragonMaster Jay on Sun 02 Sep 2012, 5:12 am

Remove the Adware.

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

Please post the log.


ComboFix Script


  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the codebox below into it:
    ClearJavaCache::
  • Save this as CFScript.txt, in the same location as ComboFix.exe


  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Solved Re: Suspected spyware

Post by siouxlini on Mon 03 Sep 2012, 2:22 am

# AdwCleaner v2.000 - Logfile created 09/02/2012 at 10:21:43
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Mark - MARK-PC
# Boot Mode : Normal
# Running from : C:\Users\Mark\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [27515 octets] - [27/08/2012 06:53:21]
AdwCleaner[R2].txt - [29097 octets] - [30/08/2012 10:38:26]
AdwCleaner[S1].txt - [29100 octets] - [30/08/2012 10:38:37]
AdwCleaner[R3].txt - [1392 octets] - [31/08/2012 13:53:01]
AdwCleaner[S2].txt - [1946 octets] - [02/09/2012 10:21:43]

########## EOF - C:\AdwCleaner[S2].txt - [2006 octets] ##########


ComboFix 12-08-31.08 - Mark 09/02/2012 10:32:42.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4087.2169 [GMT -4:00]
Running from: c:\users\Mark\Desktop\ComboFix.exe
Command switches used :: c:\users\Mark\Desktop\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mark\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-08-02 to 2012-09-02 )))))))))))))))))))))))))))))))
.
.
2012-09-02 14:45 . 2012-09-02 14:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-23 15:57 . 2012-08-23 15:57 -------- d-----w- c:\users\Mark\AppData\Local\ImageVisu
2012-08-21 11:04 . 2012-08-21 11:04 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-08-21 11:04 . 2012-08-21 11:04 588728 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-08-21 11:04 . 2012-08-21 11:04 43960 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-08-21 11:04 . 2012-08-21 11:04 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-08-21 11:04 . 2012-08-21 11:04 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-08-18 15:26 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-16 15:01 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-16 15:01 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-16 15:01 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-16 15:01 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-16 15:01 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-16 15:01 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-16 15:01 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-16 15:01 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-16 15:01 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-16 15:01 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-16 15:01 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 15:01 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-18 15:20 . 2009-12-23 21:06 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-16 15:52 . 2012-07-08 11:06 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-16 15:52 . 2011-06-19 10:47 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-30 17:32 . 2012-07-30 17:32 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-30 17:32 . 2012-07-30 17:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-06-09 05:43 . 2012-07-11 15:18 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-07 00:59 . 2012-06-07 00:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-11 15:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 15:18 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 15:18 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 15:18 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 15:18 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 15:18 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
.
.
((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-18 19:55 . 2012-08-30 17:47 81464 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-08-18 19:55 . 2012-08-30 17:38 81464 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-02 14:26 56666 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-23 02:37 . 2012-09-02 14:26 29246 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2850355330-1140420294-2067073417-1000_UserData.bin
- 2009-12-23 04:41 . 2012-08-25 19:57 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-23 04:41 . 2012-08-30 23:10 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-23 04:41 . 2012-08-25 19:57 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-23 04:41 . 2012-08-30 23:10 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-30 23:10 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-25 19:57 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-08-30 17:35 . 2012-08-30 17:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-02 14:47 . 2012-09-02 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-09-02 14:47 . 2012-09-02 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-08-30 17:35 . 2012-08-30 17:35 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-23 22:38 . 2012-08-31 17:45 385972 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-12-24 19:58 . 2012-09-02 14:19 457392 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:01 . 2012-08-30 17:35 337644 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-09-02 14:46 337644 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-12-23 02:45 . 2012-09-02 14:46 7201047 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2850355330-1140420294-2067073417-1000-8192.dat
- 2009-12-23 02:45 . 2012-08-30 17:35 7201047 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2850355330-1140420294-2067073417-1000-8192.dat
+ 2010-10-28 16:03 . 2012-09-02 14:46 49387544 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2850355330-1140420294-2067073417-1000-4096.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe" [2012-04-27 6065784]
"Skype"="c:\program files (x86)\Skype\\Phone\Skype.exe" [2010-05-13 26192168]
"Logitech Vid"="c:\program files (x86)\Logitech\Logitech Vid\Vid.exe" [2010-01-19 5932888]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2010-12-19 48456]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"FaxCenterServer"="c:\program files (x86)\Lexmark Fax Solutions\fm3032.exe" [2008-06-13 320168]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"UVS10 Preload"="c:\program files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe" [2006-08-09 36864]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Amazon Unbox.lnk - c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2010-3-4 97384]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"My Web Search Bar Search Scope Monitor"="c:\progra~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
"MyWebSearch Email Plugin"=c:\progra~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 136176]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdxserv.exe [2009-10-16 29184]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 250056]
R3 ATP;Array Networks SSL VPN Driver;c:\windows\system32\DRIVERS\atpdrvr.sys [2009-09-27 19968]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-17 35104]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 136176]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2010-04-29 32768]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-12-20 151040]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-21 129976]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-07-23 5435904]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
R3 StkCMini;Syntek AVStream USB2.0 ATV;c:\windows\system32\Drivers\StkCMini.sys [2010-04-16 1816968]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-26 1255736]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/12/22 20:59];c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2009-07-24 04:45 146928]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 Array_Utility_Service8.4.6.49;Array Utility Service 8,4,6,49;c:\program files\Array Networks\Common\8,4,6,49\arr_isrv.exe [2012-03-02 402864]
S2 ArraySSL_VPN_Service8.4.6.49;Array SSL VPN Service 8,4,6,49;c:\program files\Array Networks\Array SSL VPN\8,4,6,49\arr_srvs.exe [2012-03-02 279984]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 CLDTVHNService;CLDTVHNService;c:\program files (x86)\DirecTV\DirecTV\Kernel\DMP\CLDTVHNService.exe [2009-09-17 75048]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe [2009-10-16 1039872]
S2 ntk_dtv;ntk_dtv;c:\program files (x86)\DirecTV\DirecTV\Kernel\DMP\ntk_dtv_64.sys [2009-09-17 82416]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [2010-08-29 21072]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2011-01-24 7821312]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-08-22 84512]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-02-06 291328]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 17:38 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-08 15:52]
.
2012-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 02:24]
.
2012-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-07 02:24]
.
2012-08-28 c:\windows\Tasks\HPCeeScheduleForMark.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15]
.
2011-12-22 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SDUpdate.exe [2010-04-17 19:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 120328]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-09 172032]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"lxdxmon.exe"="c:\program files (x86)\Lexmark 3600-4600 Series\lxdxmon.exe" [2010-02-04 672424]
"lxdxamon"="c:\program files (x86)\Lexmark 3600-4600 Series\lxdxamon.exe" [2010-02-04 16040]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uLocal Page = c:\windows\system32\blank.htm
mStart Page = [You must be registered and logged in to see this link.]
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: images.cdidocs.com\www
Trusted Zone: insidecdi.com\www
Trusted Zone: mycdiexam.com\www
Trusted Zone: tcfef.com\ra
TCP: DhcpNameServer = 192.168.0.1
DPF: {B6648EB8-2460-484F-9255-9654454C4C70} - [You must be registered and logged in to see this link.]
DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\9lxnzqbl.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Completion time: 2012-09-02 11:03:56 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-02 15:03
ComboFix2.txt 2012-08-30 17:43
.
Pre-Run: 161,230,995,456 bytes free
Post-Run: 160,613,765,120 bytes free
.
- - End Of File - - 141749C13EF9EAF31B0C99B5A6E2C062

siouxlini

Newbie Surfer
Newbie Surfer

Posts : 48
Joined : 2010-03-10
Operating System : windows xp

View user profile

Back to top Go down

Solved Re: Suspected spyware

Post by DragonMaster Jay on Mon 03 Sep 2012, 9:32 am

ESET Online Scan

Please run a free online scan with the ESET Online Scanner

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Solved Re: Suspected spyware

Post by Sponsored content Today at 2:52 pm


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum