Jump to content

Malwarebytes

seachbrowsing.com

- - - - -
Started by peppercat, Jun 08 2012 03:18 PM


35 replies to this topic

#1
peppercat
Posted 08 June 2012 - 03:18 PM

    New Member

  • Members
  • Pip
  • 28 posts
Hi can anyone please help me my pc search browser has been taken over by this browser I dont know where it came from I assume it is some sort of virus it just pops up whenever I search for anything and i am worried that its doing damage to my computer.thanks

#2
gringo_pr
Posted 08 June 2012 - 11:52 PM

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 6,706 posts
Hello and Welcome !!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

    Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
    • The application window will appear
    • Click the Disable button to disable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger may ask you to reboot the machine, if it does - click OK
    Do not re-enable these drivers until otherwise instructed.


Security Check

    Download Security Check by screen317 from here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

    Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
      • DDS.txt
      • Attach.txt
    • A window will open instructing you save & post the logs
    • Save the logs to a convenient place such as your desktop
    • Copy the contents of both logs & post in your next reply

information and logs:

    In your next post I need the following

    • .logs from DDS
    • let me know of any problems you may have had

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know
If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic
Please Only Copy And Paste Reports Into Topic - Do Not Attach
My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

#3
peppercat
Posted 10 June 2012 - 05:25 AM

    New Member

  • Members
  • Pip
  • 28 posts
Thanks for your help Gringo, hope this is what I need to know, not done anything like this before, I couldn't find the disabled button for CD drivers but hope this is ok.

Results of screen317's Security Check version 0.99.41
Windows 7 x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Lavasoft Ad-Aware
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Spybot - Search & Destroy
AVG PC Tuneup
Java™ 6 Update 20
Java version out of date!
Adobe Flash Player 10 Flash Player out of date!
Adobe Flash Player 10.1.53.64 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (12.0)
Google Chrome 19.0.1084.46
Google Chrome 19.0.1084.52
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Ad-Aware Antivirus AdAwareService.exe
Ad-Aware Antivirus SBAMSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

#4
peppercat
Posted 10 June 2012 - 05:27 AM

    New Member

  • Members
  • Pip
  • 28 posts
Hello Gringo again, hope the scripts where not locked before I run DDs. Thanks again.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by User at 10:23:32 on 2012-06-11
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2814.1541 [GMT 1:00]
.
AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Search Core Systems\Windows Core Toolbar\wcupdt.exe
C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\vVX6000.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Windows\system32\taskhost.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\Desktop\SecurityCheck.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\11.1.0\ScriptHelper.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.aldi.com
mStart Page = hxxp://www.searchbrowsing.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - c:\program files\pricegong\2.6.4\PriceGongIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
BHO: Funmoods Helper Object: {75ebb0aa-4214-4cb4-90ec-e3e07ecd04f7} - c:\program files\funmoods\funmoods\1.5.11.16\bh\funmoods.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll
BHO: &Windows Core Toolbar BHO: {acc01a56-70e3-472e-9c4f-83b1da817dd8} - c:\program files\search core systems\windows core toolbar\browserhelper.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll
TB: Funmoods Toolbar: {a4c272ec-ed9e-4ace-a6f2-9558c7f29ef3} - c:\program files\funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll
TB: &Windows Core Toolbar: {3a6be320-dc9b-4d24-a6e8-621b81544f4b} - c:\program files\search core systems\windows core toolbar\wcoretb.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [Creative WebCam Tray] "c:\program files\creative\shared files\CamTray.exe"
uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil32_11_2_202_235_ActiveX.exe -update activex
mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [VX6000] c:\windows\vVX6000.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [V0330Cfg.exe] V0330Cfg.exe /d:3
mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
mRun: [SBRegRebootCleaner] "c:\program files\ad-aware antivirus\SBRC.exe"
mRun: [Memeo Instant Backup] c:\program files\memeo\autobackup\MemeoLauncher2.exe --silent --no_ui
mRun: [Memeo AutoSync] c:\program files\memeo\autosync\MemeoLauncher2.exe --silent
mRun: [Memeo Send] c:\program files\memeo\memeo send\MemeoLauncher.exe --silent
mRun: [Seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_ui
dRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\FINDFAST.EXE
StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72741-17534-1/4
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E33968CE-FF77-4DC3-A052-2921C0D60177} - hxxps://www.remotecontrol26.co.uk/DMS%20Website/Kiosk/Bootstrap270/2.7.1.151/Bootstrap.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{73D3E512-476D-499C-80B6-1626897005EB} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{82C7CACF-D632-4978-B367-95D2ECD4FA53} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.1.0\ViProtocol.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\3un8z7x5.default\
FF - prefs.js: browser.search.selectedEngine - SearchBrowsing
FF - prefs.js: browser.startup.homepage - hxxp://www.searchbrowsing.com
FF - prefs.js: keyword.URL - hxxp://www.searchbrowsing.com/web.php?src=hmp&hl=en&camefrom=defaultsearch&q=
FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.1.0\npsitesafety.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.50524.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\user\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMHELPR.SYS [2012-4-29 4064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-5-22 223864]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-5-3 1226096]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-6-15 172032]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackup\MemeoBackgroundService.exe [2010-4-23 25824]
R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2011-12-19 3289032]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2011-11-29 77816]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-5-22 1153368]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-5-30 3048136]
R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\common files\avg secure search\vtoolbarupdater\11.1.0\ToolbarUpdater.exe [2012-6-9 935480]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-6-15 5550592]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-6-15 176128]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-2-16 230912]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2010-2-16 579072]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-5-22 94584]
R3 sbwtis;sbwtis;c:\windows\system32\drivers\sbwtis.sys [2011-12-19 72312]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-5-31 30392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-5-3 158856]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-1-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-22 129976]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-5-22 94584]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-5-22 93816]
S3 V0330VID;WebCam Vista;c:\windows\system32\drivers\V0330Vid.sys [2012-3-15 173632]
S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2010-5-20 2074480]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-17 1343400]
.
=============== Created Last 30 ================
.
2012-06-10 15:31:44 -------- d-----w- c:\programdata\MemeoCommon
2012-06-10 15:31:11 -------- d-----w- c:\users\user\appdata\roaming\Memeo
2012-06-10 15:30:41 -------- d-----w- c:\users\user\appdata\roaming\Seagate
2012-06-10 15:29:09 -------- d-----w- c:\program files\common files\Memeo
2012-06-10 15:29:00 -------- d-----w- c:\program files\Memeo
2012-06-10 15:28:32 -------- d-----w- c:\program files\Seagate
2012-06-09 19:31:32 -------- d-----w- c:\program files\AVG Secure Search
2012-05-29 10:37:34 -------- d-----w- c:\users\user\appdata\roaming\Malwarebytes
2012-05-29 10:37:23 -------- d-----w- c:\programdata\Malwarebytes
2012-05-29 10:37:21 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-29 10:37:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-28 16:55:49 -------- d--h--w- C:\$AVG
2012-05-22 19:31:31 -------- d-----w- c:\users\user\appdata\local\adaware
2012-05-22 19:31:13 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-05-22 19:30:58 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-05-22 19:30:56 223864 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-05-22 19:30:56 -------- d-----w- c:\windows\system32\drivers\VDD
2012-05-22 19:30:55 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-05-22 19:30:39 -------- d-----w- c:\users\user\appdata\local\adawarebp
2012-05-22 19:30:37 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-05-22 19:30:35 -------- d-----w- c:\program files\Toolbar Cleaner
2012-05-22 19:30:29 -------- d-----w- c:\users\user\appdata\roaming\Blekko
2012-05-22 19:30:19 -------- d-----w- c:\program files\adawaretb
2012-05-22 19:28:49 -------- d-----w- c:\users\user\appdata\roaming\Ad-Aware Antivirus
2012-05-22 19:26:09 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-05-22 19:26:09 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-05-22 19:19:16 -------- d-----w- c:\users\user\appdata\roaming\SpeedMaxPc
2012-05-22 19:19:16 -------- d-----w- c:\users\user\appdata\roaming\DriverCure
2012-05-22 19:18:59 -------- d-----w- c:\program files\common files\SpeedMaxPc
2012-05-22 19:18:58 -------- d-----w- c:\programdata\SpeedMaxPc
2012-05-22 14:21:12 -------- d-----w- c:\users\user\appdata\local\Mozilla
2012-05-22 14:16:18 -------- d-----w- c:\programdata\IObit
2012-05-22 14:16:10 -------- d-----w- c:\users\user\appdata\roaming\IObit
2012-05-22 14:16:06 -------- d-----w- c:\program files\IObit
2012-05-22 14:08:36 -------- d-----w- c:\program files\I Want This
2012-05-22 11:08:30 -------- d-----w- c:\users\user\appdata\roaming\AVG
2012-05-19 18:50:15 -------- d-----w- c:\users\user\appdata\local\ElevatedDiagnostics
2012-05-19 18:01:20 -------- d-----w- c:\windows\CtDrvInstall
2012-05-18 20:33:51 -------- d-----w- c:\users\user\Tracing
2012-05-18 20:30:05 -------- d-----w- c:\program files\Microsoft LifeCam
2012-05-18 19:50:44 -------- d-----w- c:\programdata\boost_interprocess
2012-05-18 19:50:18 -------- d-----r- c:\program files\Skype
2012-05-18 17:00:34 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-18 17:00:34 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-16 20:06:03 -------- d-----w- c:\program files\Bonzuna
2012-05-16 20:06:00 -------- d-----w- c:\windows\system32\searchplugins
2012-05-16 20:05:58 -------- d-----w- c:\program files\Search Core Systems
.
==================== Find3M ====================
.
2012-05-18 17:12:45 952 --sha-w- c:\programdata\KGyGaAvL.sys
2012-04-19 03:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-03-19 04:17:28 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
============= FINISH: 10:24:01.58 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 01/03/2012 09:15:54
System Uptime: 11/06/2012 02:14:45 (8 hours ago)
.
Motherboard: MEDIONPC | | MS-7646
Processor: AMD Athlon™ II X4 620 Processor | CPU 1 | 780/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 910 GiB total, 775.74 GiB free.
D: is FIXED (NTFS) - 20 GiB total, 10.457 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\5&A37D171&0&3
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\5&A37D171&0&3
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SBRE
Device ID: ROOT\LEGACY_SBRE\0000
Manufacturer:
Name: SBRE
PNP Device ID: ROOT\LEGACY_SBRE\0000
Service: SBRE
.
==== System Restore Points ===================
.
RP74: 28/05/2012 17:54:55 - Installed AVG 2012
RP75: 09/06/2012 20:26:56 - Installed AVG 2012
RP76: 09/06/2012 20:28:22 - Installed AVG 2012
RP77: 10/06/2012 14:50:09 - Removed Java™ 6 Update 20
.
==== Installed Programs ======================
.
Ad-Aware Antivirus
Ad-Aware Browsing Protection
Ad-Aware Security Toolbar
Adobe Acrobat Reader 3.01
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 9.3.2
Adobe Shockwave Player 11.5
Adobe Type Manager 4.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
AVG 2012
AVG PC Tuneup
Bonjour
Bonzuna
Canon G.726 WMP-Decoder
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.3
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities Original Data Security Tools
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility
CCC Help English
Compatibility Pack for the 2007 Office system
CorelDRAW Essentials 4
CorelDRAW Essentials 4 - Content
CorelDRAW Essentials 4 - Draw
CorelDRAW Essentials 4 - Extra Content
CorelDRAW Essentials 4 - Filters
CorelDRAW Essentials 4 - ICA
CorelDRAW Essentials 4 - IPM - No VBA
CorelDRAW Essentials 4 - Lang BR
CorelDRAW Essentials 4 - Lang DE
CorelDRAW Essentials 4 - Lang EN
CorelDRAW Essentials 4 - Lang ES
CorelDRAW Essentials 4 - Lang FR
CorelDRAW Essentials 4 - Lang IT
CorelDRAW Essentials 4 - Lang NL
CorelDRAW Essentials 4 - PHOTO-PAINT
Creative Software AutoUpdate
Creative System Information
Creative WebCam Center
Creative WebCam Vista Driver (1.00.03.00)
Creative WebCam Vista User's Guide (English)
CyberLink LabelPrint
CyberLink Power2Go
CyberLink PowerDVD Copy
EPSON Printer Software
Funmoods on IE and Chrome
GIMP 2.6.10
Google Chrome
iTunes
Java Auto Updater
Java™ 6 Update 20
Junk Mail filter update
Medion Home Cinema
Memeo AutoSync
Memeo Instant Backup
Memeo Send
Memeo Share
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 97, Professional Edition
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Mozilla Firefox 12.0 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
PlayReady PC Runtime x86
PriceGong 2.6.4
Realtek High Definition Audio Driver
Seagate Dashboard
Skype Click to Call
Skype™ 5.9
Spelling Dictionaries Support For Adobe Reader 9
Spybot - Search & Destroy
Windows Core Toolbar
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
11/06/2012 09:50:47, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR6.
10/06/2012 17:08:06, Error: Service Control Manager [7034] - The Advanced SystemCare Service 5 service terminated unexpectedly. It has done this 1 time(s).
10/06/2012 15:45:02, Error: Microsoft-Windows-Time-Service [34] - The time service has detected that the system time needs to be changed by -86411 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.15:123) is working properly.
10/06/2012 14:54:54, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
09/06/2012 20:11:15, Error: Service Control Manager [7022] - The Ad-Aware service hung on starting.
09/06/2012 20:08:02, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Skype C2C Service service.
09/06/2012 20:01:19, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
09/06/2012 20:00:46, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
09/06/2012 20:00:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
09/06/2012 20:00:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
09/06/2012 20:00:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
09/06/2012 20:00:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
09/06/2012 20:00:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
09/06/2012 20:00:38, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
09/06/2012 20:00:35, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ATMhelpr Avgldx86 Avgmfx86 Avgtdix DfsC discache NetBIOS NetBT nsiproxy Psched rdbss SbFw SBRE spldr tdx vwififlt Wanarpv6 WfpLwf
09/06/2012 20:00:35, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
09/06/2012 20:00:35, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
09/06/2012 20:00:35, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
09/06/2012 20:00:35, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
09/06/2012 20:00:35, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
09/06/2012 20:00:34, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
09/06/2012 20:00:34, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
09/06/2012 20:00:34, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
09/06/2012 20:00:34, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
09/06/2012 20:00:34, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
.
==== End Of File ===========================

#5
gringo_pr
Posted 10 June 2012 - 10:31 AM

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 6,706 posts
Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

:multiple Anti Virus programs:

    It looks like you are operating your computer with multiple Anti Virus programs running in memory at once:

    AV: Lavasoft Ad-Aware
    AV: AVG Anti-Virus Free

    Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

    Please remove all but one of them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

    In your next post I need the following

  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know
If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic
Please Only Copy And Paste Reports Into Topic - Do Not Attach
My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

#6
peppercat
Posted 11 June 2012 - 08:04 AM

    New Member

  • Members
  • Pip
  • 28 posts
Hi Gringo I have enclosed the log from combofix I hope I have done it correctly

About the only problem I had was when I tried to remove the Lavasoft AD -Aware program the PC froze and I had to switch it off at the mains .When I turned It back on I couldnt get online again in the end I went to my ISP and they couldnt find the problem and told me to take the PC in to get it checked .In desperation I went back to full back up I did two days ago and restored from there and got it back.I hope I got rid of it now.

I am also getting a warning that my browser settings are at risk I cant see the exact wording at the moment I will write it down and let you have it.

Thanks again sorry I was so long getting back to you but a bit of anovice on this

I als o tried to rem ove that funmoods but it wouldnt let me

cheers

ComboFix 12-06-10.01 - User 11/06/2012 13:24:39.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.2814.1839 [GMT 1:00]
Running from: c:\users\User\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Funmoods\funmoods\1.5.11.16\bh\fuNMoods.dll
c:\program files\Funmoods\funmoods\1.5.11.16\fuNMoodstlbr.dll
c:\program files\I Want This
c:\users\User\AppData\Local\Temp\{C53F78E8-CE4C-424C-8D84-A017CF3E6623}\fpb.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-05-11 to 2012-06-11 )))))))))))))))))))))))))))))))
.
.
2012-06-11 12:30 . 2012-06-11 12:30 -------- d-----w- c:\users\User\AppData\Local\temp
2012-06-11 12:30 . 2012-06-11 12:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-11 11:55 . 2012-06-11 11:55 -------- d-----w- c:\programdata\GFI Software
2012-06-11 11:44 . 2012-06-11 11:55 -------- d-----w- c:\users\User\AppData\Local\adaware
2012-06-11 09:38 . 2012-06-11 09:38 -------- d-----w- C:\temp
2012-06-10 15:31 . 2012-06-10 15:31 -------- d-----w- c:\programdata\MemeoCommon
2012-06-10 15:31 . 2012-06-11 17:19 -------- d-----w- c:\users\User\AppData\Roaming\Memeo
2012-06-10 15:30 . 2012-06-10 15:30 -------- d-----w- c:\users\User\AppData\Roaming\Seagate
2012-06-10 15:29 . 2012-06-11 10:59 -------- d-----w- c:\program files\Common Files\Memeo
2012-06-10 15:29 . 2012-06-10 15:30 -------- d-----w- c:\program files\Memeo
2012-06-10 15:28 . 2012-06-11 10:58 -------- d-----w- c:\program files\Seagate
2012-05-29 10:37 . 2012-05-29 10:37 -------- d-----w- c:\users\User\AppData\Roaming\Malwarebytes
2012-05-29 10:37 . 2012-05-29 10:37 -------- d-----w- c:\programdata\Malwarebytes
2012-05-29 10:37 . 2012-06-09 19:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-29 10:37 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-28 16:55 . 2012-05-28 16:55 -------- d-----w- C:\$AVG
2012-05-22 19:30 . 2012-05-22 19:30 -------- d-----w- c:\programdata\Lavasoft
2012-05-22 19:30 . 2012-06-11 11:55 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-05-22 19:30 . 2012-06-11 11:41 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-05-22 19:30 . 2012-05-22 19:30 -------- d-----w- c:\users\User\AppData\Roaming\Blekko
2012-05-22 19:28 . 2012-06-11 16:58 -------- d-----w- c:\users\User\AppData\Roaming\Ad-Aware Antivirus
2012-05-22 19:26 . 2012-06-11 11:41 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-05-22 19:26 . 2012-06-11 11:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-05-22 19:19 . 2012-05-22 19:19 -------- d-----w- c:\users\User\AppData\Roaming\SpeedMaxPc
2012-05-22 19:19 . 2012-05-22 19:19 -------- d-----w- c:\users\User\AppData\Roaming\DriverCure
2012-05-22 19:18 . 2012-05-22 19:18 -------- d-----w- c:\program files\Common Files\SpeedMaxPc
2012-05-22 19:18 . 2012-06-11 11:41 -------- d-----w- c:\program files\SpeedMaxPc
2012-05-22 19:18 . 2012-05-22 19:19 -------- d-----w- c:\programdata\SpeedMaxPc
2012-05-22 14:21 . 2012-05-22 14:21 -------- d-----w- c:\users\User\AppData\Local\Mozilla
2012-05-22 14:16 . 2012-05-22 14:16 -------- d-----w- c:\programdata\IObit
2012-05-22 14:16 . 2012-05-22 15:23 -------- d-----w- c:\users\User\AppData\Roaming\IObit
2012-05-22 14:16 . 2012-06-11 11:40 -------- d-----w- c:\program files\IObit
2012-05-22 11:08 . 2012-05-22 11:08 -------- d-----w- c:\users\User\AppData\Roaming\AVG
2012-05-19 18:50 . 2012-06-09 19:04 -------- d-----w- c:\users\User\AppData\Local\ElevatedDiagnostics
2012-05-19 18:01 . 2012-05-19 18:01 -------- d-----w- c:\windows\CtDrvInstall
2012-05-18 20:33 . 2012-05-23 13:10 -------- d-----w- c:\users\User\Tracing
2012-05-18 20:30 . 2012-05-18 20:30 -------- d-----w- c:\program files\Microsoft LifeCam
2012-05-18 19:50 . 2012-05-19 18:04 -------- d-----w- c:\programdata\boost_interprocess
2012-05-18 19:50 . 2012-05-23 19:52 -------- d-----w- c:\users\User\AppData\Roaming\Skype
2012-05-18 19:50 . 2012-05-18 19:50 -------- d-----r- c:\program files\Skype
2012-05-18 19:50 . 2012-05-18 19:50 -------- d-----w- c:\program files\Common Files\Skype
2012-05-18 19:50 . 2012-06-09 19:08 -------- d-----w- c:\programdata\Skype
2012-05-18 17:00 . 2012-05-18 17:00 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-18 17:00 . 2012-05-18 17:00 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-16 20:06 . 2012-05-16 20:06 -------- d-----w- c:\program files\Bonzuna
2012-05-16 20:06 . 2012-05-16 20:06 -------- d-----w- c:\windows\system32\searchplugins
2012-05-16 20:05 . 2012-05-16 20:05 -------- d-----w- c:\program files\Search Core Systems
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-18 17:12 . 2012-03-17 16:49 952 --sha-w- c:\programdata\KGyGaAvL.sys
2012-04-19 03:50 . 2012-04-19 03:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-04-21 01:18 . 2012-05-22 18:41 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-04-29 16:01 2067328 ----a-w- c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ACC01A56-70E3-472E-9C4F-83B1DA817DD8}]
2012-02-22 15:55 590896 ----a-w- c:\program files\Search Core Systems\Windows Core Toolbar\browserhelper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-04-29 2067328]
"{3A6BE320-DC9B-4D24-A6E8-621B81544F4B}"= "c:\program files\Search Core Systems\Windows Core Toolbar\wcoretb.dll" [2012-02-22 628272]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{3a6be320-dc9b-4d24-a6e8-621b81544f4b}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative WebCam Tray"="c:\program files\Creative\Shared Files\CamTray.exe" [2005-10-27 299008]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-04-29 1116544]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"VX6000"="c:\windows\vVX6000.exe" [2010-05-20 764784]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"V0330Cfg.exe"="V0330Cfg.exe" [2006-08-21 20480]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1996-11-17 111376]
Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1996-11-17 51984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2012-02-01 500568]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-05-03 158856]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 uxddrv;Dynamically loaded UxdDrv;I:\uxddrv86.sys [x]
R3 V0330VID;WebCam Vista;c:\windows\system32\DRIVERS\V0330Vid.sys [2006-09-12 173632]
R3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\DRIVERS\VX6000Xp.sys [2010-05-20 2074480]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-17 1343400]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
S1 ATMhelpr;ATMhelpr; [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 172032]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-04-29 932736]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-05 230912]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-09-22 579072]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-21 30392]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-588432827-1575026354-3503086576-1000Core.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-22 15:49]
.
2012-06-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-588432827-1575026354-3503086576-1000UA.job
- c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-22 15:49]
.
2012-05-26 c:\windows\Tasks\SpeedMaxPc Registration3.job
- c:\program files\Common Files\SpeedMaxPc\UUS3\UUS3.dll [2011-12-12 22:43]
.
2012-05-22 c:\windows\Tasks\SpeedMaxPc Update3.job
- c:\program files\Common Files\SpeedMaxPc\UUS3\Update3.exe [2011-12-12 22:43]
.
2012-05-22 c:\windows\Tasks\SpeedMaxPc.job
- c:\program files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe [2011-12-22 00:31]
.
2012-06-11 c:\windows\Tasks\Windows Core Helper.job
- c:\program files\Search Core Systems\Windows Core Toolbar\wcthelper.exe [2012-02-22 15:55]
.
2012-06-11 c:\windows\Tasks\Windows Core Toolbar Updater.job
- c:\program files\Search Core Systems\Windows Core Toolbar\wcupdt.exe [2012-02-22 15:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.searchbrowsing.com
mStart Page = hxxp://www.searchbrowsing.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72741-17534-1/4
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
DPF: {E33968CE-FF77-4DC3-A052-2921C0D60177} - hxxps://www.remotecontrol26.co.uk/DMS%20Website/Kiosk/Bootstrap270/2.7.1.151/Bootstrap.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3un8z7x5.default\
FF - prefs.js: browser.search.selectedEngine - SearchBrowsing
FF - prefs.js: browser.startup.homepage - hxxp://www.searchbrowsing.com
FF - prefs.js: keyword.URL - hxxp://www.searchbrowsing.com/web.php?src=hmp&hl=en&camefrom=defaultsearch&q=
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
Toolbar-Locked - (no file)
Toolbar-{6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-SBRegRebootCleaner - c:\program files\Ad-Aware Antivirus\SBRC.exe
SafeBoot-BsScanner
AddRemove-I Want This - c:\program files\I Want This\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-06-11 13:32:09
ComboFix-quarantined-files.txt 2012-06-11 12:32
.
Pre-Run: 834,704,146,432 bytes free
Post-Run: 834,336,043,008 bytes free
.
- - End Of File - - DF90C8A40394CFB6466E02694BAD0D94

#7
peppercat
Posted 11 June 2012 - 08:14 AM

    New Member

  • Members
  • Pip
  • 28 posts
Sorry forgot to say I have just l ooked at some of the programs and the computer seems to be running normally if not a bit quicker,Firefox goes to avg from searchbrowsing ,Google and Explorer go to searchbrowsing Yahoo is ok and so is Bing

cheers again

#8
gringo_pr
Posted 11 June 2012 - 10:28 AM

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 6,706 posts
Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know
If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic
Please Only Copy And Paste Reports Into Topic - Do Not Attach
My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

#9
peppercat
Posted 12 June 2012 - 04:30 AM

    New Member

  • Members
  • Pip
  • 28 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-11 20:10:10
-----------------------------
20:10:10.579 OS Version: Windows 6.1.7600
20:10:10.579 Number of processors: 4 586 0x502
20:10:10.580 ComputerName: USER-PC UserName: User
20:10:12.429 Initialize success
20:13:06.554 AVAST engine defs: 12061100
20:14:15.498 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005a
20:14:15.498 Disk 0 Vendor: Hitachi_ MS2O Size: 953869MB BusType: 11
20:14:15.518 Disk 0 MBR read successfully
20:14:15.518 Disk 0 MBR scan
20:14:15.533 Disk 0 unknown MBR code
20:14:15.533 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
20:14:15.565 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 932262 MB offset 206848
20:14:15.611 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 20480 MB offset 1909479424
20:14:15.638 Disk 0 Partition 4 00 12 Compaq diag NTFS 1025 MB offset 1951422464
20:14:15.701 Disk 0 scanning sectors +1953523120
20:14:15.930 Disk 0 scanning C:\Windows\system32\drivers
20:14:24.380 Service scanning
20:14:44.353 Service uxddrv I:\uxddrv86.sys **LOCKED** 21
20:14:48.935 Modules scanning
20:14:53.555 Disk 0 trace - called modules:
20:14:53.568 ntkrnlpa.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys halmacpi.dll amdsata.sys
20:14:53.573 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d5dac8]
20:14:53.578 3 CLASSPNP.SYS[8b58b59e] -> nt!IofCallDriver -> [0x85e0f8c8]
20:14:53.583 5 amdxata.sys[8b1696b3] -> nt!IofCallDriver -> \Device\0000005a[0x86be9218]
20:14:55.014 AVAST engine scan C:\Windows
20:15:00.981 AVAST engine scan C:\Windows\system32
20:17:51.117 AVAST engine scan C:\Windows\system32\drivers
20:18:06.549 AVAST engine scan C:\Users\User
20:22:18.195 AVAST engine scan C:\ProgramData
20:23:07.990 Scan finished successfully
20:27:50.292 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
20:27:50.297 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"

#10
peppercat
Posted 12 June 2012 - 05:05 AM

    New Member

  • Members
  • Pip
  • 28 posts
20:03:25.0887 5372 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
20:03:26.0030 5372 ============================================================
20:03:26.0030 5372 Current date / time: 2012/06/11 20:03:26.0030
20:03:26.0030 5372 SystemInfo:
20:03:26.0030 5372
20:03:26.0030 5372 OS Version: 6.1.7600 ServicePack: 0.0
20:03:26.0030 5372 Product type: Workstation
20:03:26.0030 5372 ComputerName: USER-PC
20:03:26.0031 5372 UserName: User
20:03:26.0031 5372 Windows directory: C:\Windows
20:03:26.0031 5372 System windows directory: C:\Windows
20:03:26.0031 5372 Processor architecture: Intel x86
20:03:26.0031 5372 Number of processors: 4
20:03:26.0031 5372 Page size: 0x1000
20:03:26.0031 5372 Boot type: Normal boot
20:03:26.0031 5372 ============================================================
20:03:27.0476 5372 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:03:27.0496 5372 ============================================================
20:03:27.0496 5372 \Device\Harddisk0\DR0:
20:03:27.0496 5372 MBR partitions:
20:03:27.0496 5372 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:03:27.0496 5372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x71CD3000
20:03:27.0496 5372 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x71D05800, BlocksNum 0x2800000
20:03:27.0496 5372 ============================================================
20:03:27.0526 5372 C: <-> \Device\Harddisk0\DR0\Partition1
20:03:27.0576 5372 D: <-> \Device\Harddisk0\DR0\Partition2
20:03:27.0576 5372 ============================================================
20:03:27.0576 5372 Initialize success
20:03:27.0576 5372 ============================================================
20:03:47.0858 4116 ============================================================
20:03:47.0858 4116 Scan started
20:03:47.0858 4116 Mode: Manual;
20:03:47.0858 4116 ============================================================
20:03:48.0330 4116 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
20:03:48.0336 4116 1394ohci - ok
20:03:48.0374 4116 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
20:03:48.0380 4116 ACPI - ok
20:03:48.0413 4116 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
20:03:48.0416 4116 AcpiPmi - ok
20:03:48.0440 4116 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
20:03:48.0456 4116 adp94xx - ok
20:03:48.0487 4116 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
20:03:48.0487 4116 adpahci - ok
20:03:48.0518 4116 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
20:03:48.0518 4116 adpu320 - ok
20:03:48.0910 4116 AdvancedSystemCareService5 (3d672573ef8f317f10c2aabbb2586262) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
20:03:48.0968 4116 AdvancedSystemCareService5 - ok
20:03:48.0994 4116 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
20:03:48.0995 4116 AeLookupSvc - ok
20:03:49.0033 4116 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
20:03:49.0039 4116 AFD - ok
20:03:49.0059 4116 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
20:03:49.0061 4116 agp440 - ok
20:03:49.0095 4116 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
20:03:49.0098 4116 aic78xx - ok
20:03:49.0123 4116 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
20:03:49.0126 4116 ALG - ok
20:03:49.0143 4116 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
20:03:49.0144 4116 aliide - ok
20:03:49.0180 4116 AMD External Events Utility (946848a3cac9909d8f72a4847419e77d) C:\Windows\system32\atiesrxx.exe
20:03:49.0183 4116 AMD External Events Utility - ok
20:03:49.0194 4116 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
20:03:49.0197 4116 amdagp - ok
20:03:49.0221 4116 amdide (211fce336502911ec03fc15a91344c98) C:\Windows\system32\DRIVERS\amdide.sys
20:03:49.0222 4116 amdide - ok
20:03:49.0246 4116 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
20:03:49.0249 4116 AmdK8 - ok
20:03:49.0459 4116 amdkmdag (19529728442d4794b96d1b8a9a63eca1) C:\Windows\system32\DRIVERS\atikmdag.sys
20:03:49.0553 4116 amdkmdag - ok
20:03:49.0654 4116 amdkmdap (b44737ff566b5888d15fdb66849f34e5) C:\Windows\system32\DRIVERS\atikmpag.sys
20:03:49.0659 4116 amdkmdap - ok
20:03:49.0704 4116 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
20:03:49.0707 4116 AmdPPM - ok
20:03:49.0736 4116 amdsata (04b2587c961c084634054d60d3eb385b) C:\Windows\system32\DRIVERS\amdsata.sys
20:03:49.0738 4116 amdsata - ok
20:03:49.0779 4116 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
20:03:49.0784 4116 amdsbs - ok
20:03:49.0801 4116 amdxata (c078b06811670b90a52ae51ac3808e1e) C:\Windows\system32\DRIVERS\amdxata.sys
20:03:49.0804 4116 amdxata - ok
20:03:49.0830 4116 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
20:03:49.0832 4116 AppID - ok
20:03:49.0868 4116 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
20:03:49.0870 4116 AppIDSvc - ok
20:03:49.0886 4116 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
20:03:49.0887 4116 Appinfo - ok
20:03:49.0953 4116 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:03:49.0957 4116 Apple Mobile Device - ok
20:03:49.0999 4116 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
20:03:50.0003 4116 arc - ok
20:03:50.0024 4116 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
20:03:50.0028 4116 arcsas - ok
20:03:50.0063 4116 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
20:03:50.0066 4116 AsyncMac - ok
20:03:50.0103 4116 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
20:03:50.0105 4116 atapi - ok
20:03:50.0149 4116 AtiHdmiService (c822c615b2f693ef4e5b355432976a81) C:\Windows\system32\drivers\AtiHdmi.sys
20:03:50.0152 4116 AtiHdmiService - ok
20:03:50.0170 4116 AtiPcie (4ffe74e33bd9170950116f0ca46eac89) C:\Windows\system32\DRIVERS\AtiPcie.sys
20:03:50.0171 4116 AtiPcie - ok
20:03:50.0209 4116 ATMhelpr (3ef1db7f168851914517d4ed36b57c04) C:\Windows\system32\drivers\ATMhelpr.sys
20:03:50.0227 4116 ATMhelpr - ok
20:03:50.0274 4116 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
20:03:50.0284 4116 AudioEndpointBuilder - ok
20:03:50.0298 4116 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
20:03:50.0305 4116 Audiosrv - ok
20:03:50.0534 4116 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
20:03:50.0578 4116 AVGIDSAgent - ok
20:03:50.0740 4116 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
20:03:50.0774 4116 AVGIDSDriver - ok
20:03:50.0794 4116 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
20:03:50.0820 4116 AVGIDSEH - ok
20:03:50.0825 4116 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
20:03:50.0844 4116 AVGIDSFilter - ok
20:03:50.0861 4116 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
20:03:50.0878 4116 AVGIDSShim - ok
20:03:50.0927 4116 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
20:03:50.0941 4116 Avgldx86 - ok
20:03:50.0988 4116 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
20:03:50.0991 4116 Avgmfx86 - ok
20:03:51.0015 4116 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
20:03:51.0046 4116 Avgrkx86 - ok
20:03:51.0084 4116 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
20:03:51.0108 4116 Avgtdix - ok
20:03:51.0190 4116 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:03:51.0231 4116 avgwd - ok
20:03:51.0271 4116 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
20:03:51.0276 4116 AxInstSV - ok
20:03:51.0306 4116 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
20:03:51.0318 4116 b06bdrv - ok
20:03:51.0356 4116 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:03:51.0363 4116 b57nd60x - ok
20:03:51.0383 4116 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
20:03:51.0386 4116 BDESVC - ok
20:03:51.0406 4116 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
20:03:51.0408 4116 Beep - ok
20:03:51.0454 4116 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
20:03:51.0462 4116 BFE - ok
20:03:51.0495 4116 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll
20:03:51.0519 4116 BITS - ok
20:03:51.0555 4116 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
20:03:51.0557 4116 blbdrive - ok
20:03:51.0652 4116 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:03:51.0659 4116 Bonjour Service - ok
20:03:51.0687 4116 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
20:03:51.0690 4116 bowser - ok
20:03:51.0700 4116 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:03:51.0700 4116 BrFiltLo - ok
20:03:51.0720 4116 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:03:51.0720 4116 BrFiltUp - ok
20:03:51.0774 4116 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
20:03:51.0778 4116 BridgeMP - ok
20:03:51.0810 4116 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
20:03:51.0814 4116 Browser - ok
20:03:51.0916 4116 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
20:03:51.0923 4116 Brserid - ok
20:03:51.0951 4116 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
20:03:51.0955 4116 BrSerWdm - ok
20:03:51.0980 4116 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:03:51.0983 4116 BrUsbMdm - ok
20:03:52.0004 4116 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
20:03:52.0007 4116 BrUsbSer - ok
20:03:52.0029 4116 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
20:03:52.0031 4116 BTHMODEM - ok
20:03:52.0056 4116 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
20:03:52.0058 4116 bthserv - ok
20:03:52.0133 4116 catchme - ok
20:03:52.0157 4116 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
20:03:52.0161 4116 cdfs - ok
20:03:52.0178 4116 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
20:03:52.0181 4116 cdrom - ok
20:03:52.0194 4116 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
20:03:52.0197 4116 CertPropSvc - ok
20:03:52.0220 4116 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
20:03:52.0222 4116 circlass - ok
20:03:52.0251 4116 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
20:03:52.0256 4116 CLFS - ok
20:03:52.0313 4116 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:03:52.0324 4116 clr_optimization_v2.0.50727_32 - ok
20:03:52.0335 4116 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
20:03:52.0338 4116 CmBatt - ok
20:03:52.0358 4116 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
20:03:52.0360 4116 cmdide - ok
20:03:52.0386 4116 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
20:03:52.0392 4116 CNG - ok
20:03:52.0413 4116 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
20:03:52.0415 4116 Compbatt - ok
20:03:52.0441 4116 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:03:52.0443 4116 CompositeBus - ok
20:03:52.0455 4116 COMSysApp - ok
20:03:52.0472 4116 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
20:03:52.0473 4116 crcdisk - ok
20:03:52.0499 4116 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
20:03:52.0501 4116 CryptSvc - ok
20:03:52.0527 4116 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
20:03:52.0532 4116 DcomLaunch - ok
20:03:52.0554 4116 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
20:03:52.0558 4116 defragsvc - ok
20:03:52.0583 4116 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
20:03:52.0585 4116 DfsC - ok
20:03:52.0615 4116 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
20:03:52.0623 4116 Dhcp - ok
20:03:52.0642 4116 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
20:03:52.0645 4116 discache - ok
20:03:52.0676 4116 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
20:03:52.0680 4116 Disk - ok
20:03:52.0696 4116 Dnscache (d0722e963d3c6145446874241401b209) C:\Windows\System32\dnsrslvr.dll
20:03:52.0701 4116 Dnscache - ok
20:03:52.0721 4116 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
20:03:52.0727 4116 dot3svc - ok
20:03:52.0747 4116 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
20:03:52.0757 4116 DPS - ok
20:03:52.0792 4116 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
20:03:52.0795 4116 drmkaud - ok
20:03:52.0849 4116 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
20:03:52.0865 4116 DXGKrnl - ok
20:03:52.0887 4116 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
20:03:52.0891 4116 EapHost - ok
20:03:53.0007 4116 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
20:03:53.0036 4116 ebdrv - ok
20:03:53.0116 4116 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
20:03:53.0123 4116 EFS - ok
20:03:53.0175 4116 ehRecvr (c8143f413c07507b0a56f08a5a8c4772) C:\Windows\ehome\ehRecvr.exe
20:03:53.0212 4116 ehRecvr - ok
20:03:53.0234 4116 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
20:03:53.0239 4116 ehSched - ok
20:03:53.0275 4116 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
20:03:53.0287 4116 elxstor - ok
20:03:53.0301 4116 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
20:03:53.0302 4116 ErrDev - ok
20:03:53.0339 4116 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
20:03:53.0344 4116 EventSystem - ok
20:03:53.0370 4116 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
20:03:53.0374 4116 exfat - ok
20:03:53.0395 4116 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
20:03:53.0399 4116 fastfat - ok
20:03:53.0446 4116 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
20:03:53.0455 4116 Fax - ok
20:03:53.0481 4116 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
20:03:53.0483 4116 fdc - ok
20:03:53.0533 4116 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
20:03:53.0536 4116 fdPHost - ok
20:03:53.0551 4116 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
20:03:53.0554 4116 FDResPub - ok
20:03:53.0578 4116 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
20:03:53.0580 4116 FileInfo - ok
20:03:53.0590 4116 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
20:03:53.0592 4116 Filetrace - ok
20:03:53.0616 4116 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
20:03:53.0618 4116 flpydisk - ok
20:03:53.0639 4116 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
20:03:53.0644 4116 FltMgr - ok
20:03:53.0689 4116 FontCache (b6512a85815fdc3d560c3705f5bdb93d) C:\Windows\system32\FntCache.dll
20:03:53.0699 4116 FontCache - ok
20:03:53.0756 4116 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:03:53.0760 4116 FontCache3.0.0.0 - ok
20:03:53.0783 4116 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
20:03:53.0783 4116 FsDepends - ok
20:03:53.0803 4116 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
20:03:53.0803 4116 Fs_Rec - ok
20:03:53.0849 4116 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
20:03:53.0856 4116 fvevol - ok
20:03:53.0885 4116 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:03:53.0889 4116 gagp30kx - ok
20:03:53.0977 4116 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:03:53.0985 4116 GEARAspiWDM - ok
20:03:54.0034 4116 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
20:03:54.0049 4116 gpsvc - ok
20:03:54.0070 4116 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
20:03:54.0072 4116 hcw85cir - ok
20:03:54.0109 4116 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
20:03:54.0113 4116 HdAudAddService - ok
20:03:54.0149 4116 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:03:54.0151 4116 HDAudBus - ok
20:03:54.0164 4116 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
20:03:54.0165 4116 HidBatt - ok
20:03:54.0189 4116 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
20:03:54.0191 4116 HidBth - ok
20:03:54.0212 4116 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
20:03:54.0213 4116 HidIr - ok
20:03:54.0232 4116 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
20:03:54.0234 4116 hidserv - ok
20:03:54.0252 4116 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
20:03:54.0253 4116 HidUsb - ok
20:03:54.0281 4116 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
20:03:54.0284 4116 hkmsvc - ok
20:03:54.0300 4116 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
20:03:54.0303 4116 HomeGroupListener - ok
20:03:54.0326 4116 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
20:03:54.0329 4116 HomeGroupProvider - ok
20:03:54.0354 4116 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
20:03:54.0356 4116 HpSAMD - ok
20:03:54.0383 4116 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
20:03:54.0389 4116 HTTP - ok
20:03:54.0395 4116 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
20:03:54.0396 4116 hwpolicy - ok
20:03:54.0425 4116 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
20:03:54.0426 4116 i8042prt - ok
20:03:54.0477 4116 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
20:03:54.0486 4116 iaStorV - ok
20:03:54.0576 4116 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:03:54.0594 4116 idsvc - ok
20:03:54.0649 4116 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
20:03:54.0650 4116 iirsp - ok
20:03:54.0706 4116 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
20:03:54.0723 4116 IKEEXT - ok
20:03:54.0903 4116 IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\Windows\system32\drivers\RTKVHDA.sys
20:03:54.0966 4116 IntcAzAudAddService - ok
20:03:55.0053 4116 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
20:03:55.0056 4116 intelide - ok
20:03:55.0077 4116 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
20:03:55.0079 4116 intelppm - ok
20:03:55.0105 4116 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
20:03:55.0108 4116 IPBusEnum - ok
20:03:55.0131 4116 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:03:55.0134 4116 IpFilterDriver - ok
20:03:55.0164 4116 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
20:03:55.0172 4116 iphlpsvc - ok
20:03:55.0202 4116 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:03:55.0204 4116 IPMIDRV - ok
20:03:55.0219 4116 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
20:03:55.0222 4116 IPNAT - ok
20:03:55.0305 4116 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
20:03:55.0317 4116 iPod Service - ok
20:03:55.0363 4116 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
20:03:55.0364 4116 IRENUM - ok
20:03:55.0382 4116 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
20:03:55.0383 4116 isapnp - ok
20:03:55.0409 4116 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
20:03:55.0412 4116 iScsiPrt - ok
20:03:55.0436 4116 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:03:55.0438 4116 kbdclass - ok
20:03:55.0453 4116 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
20:03:55.0455 4116 kbdhid - ok
20:03:55.0466 4116 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:03:55.0468 4116 KeyIso - ok
20:03:55.0478 4116 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
20:03:55.0480 4116 KSecDD - ok
20:03:55.0501 4116 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
20:03:55.0504 4116 KSecPkg - ok
20:03:55.0534 4116 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
20:03:55.0540 4116 KtmRm - ok
20:03:55.0577 4116 LanmanServer (bca92cb047a4326925ecef759dbaa233) C:\Windows\System32\srvsvc.dll
20:03:55.0582 4116 LanmanServer - ok
20:03:55.0608 4116 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
20:03:55.0612 4116 LanmanWorkstation - ok
20:03:55.0643 4116 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
20:03:55.0645 4116 lltdio - ok
20:03:55.0665 4116 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
20:03:55.0669 4116 lltdsvc - ok
20:03:55.0681 4116 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
20:03:55.0684 4116 lmhosts - ok
20:03:55.0705 4116 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:03:55.0707 4116 LSI_FC - ok
20:03:55.0732 4116 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:03:55.0734 4116 LSI_SAS - ok
20:03:55.0836 4116 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:03:55.0839 4116 LSI_SAS2 - ok
20:03:55.0857 4116 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:03:55.0861 4116 LSI_SCSI - ok
20:03:55.0882 4116 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
20:03:55.0886 4116 luafv - ok
20:03:55.0899 4116 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
20:03:55.0903 4116 Mcx2Svc - ok
20:03:55.0921 4116 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
20:03:55.0923 4116 megasas - ok
20:03:55.0941 4116 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
20:03:55.0951 4116 MegaSR - ok
20:03:56.0038 4116 Microsoft SharePoint Workspace Audit Service - ok
20:03:56.0130 4116 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:03:56.0135 4116 MMCSS - ok
20:03:56.0157 4116 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
20:03:56.0159 4116 Modem - ok
20:03:56.0177 4116 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
20:03:56.0178 4116 monitor - ok
20:03:56.0195 4116 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
20:03:56.0196 4116 mouclass - ok
20:03:56.0223 4116 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
20:03:56.0225 4116 mouhid - ok
20:03:56.0239 4116 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
20:03:56.0242 4116 mountmgr - ok
20:03:56.0303 4116 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:03:56.0308 4116 MozillaMaintenance - ok
20:03:56.0341 4116 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
20:03:56.0345 4116 mpio - ok
20:03:56.0364 4116 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
20:03:56.0368 4116 mpsdrv - ok
20:03:56.0408 4116 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
20:03:56.0417 4116 MpsSvc - ok
20:03:56.0436 4116 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
20:03:56.0439 4116 MRxDAV - ok
20:03:56.0471 4116 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:03:56.0474 4116 mrxsmb - ok
20:03:56.0496 4116 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:03:56.0500 4116 mrxsmb10 - ok
20:03:56.0514 4116 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:03:56.0517 4116 mrxsmb20 - ok
20:03:56.0546 4116 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
20:03:56.0548 4116 msahci - ok
20:03:56.0627 4116 MSCamSvc (d98350792a7ce82e7459a7c36481beda) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
20:03:56.0631 4116 MSCamSvc - ok
20:03:56.0657 4116 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
20:03:56.0662 4116 msdsm - ok
20:03:56.0696 4116 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
20:03:56.0704 4116 MSDTC - ok
20:03:56.0733 4116 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
20:03:56.0736 4116 Msfs - ok
20:03:56.0751 4116 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
20:03:56.0754 4116 mshidkmdf - ok
20:03:56.0768 4116 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
20:03:56.0771 4116 msisadrv - ok
20:03:56.0808 4116 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
20:03:56.0813 4116 MSiSCSI - ok
20:03:56.0817 4116 msiserver - ok
20:03:56.0840 4116 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
20:03:56.0842 4116 MSKSSRV - ok
20:03:56.0855 4116 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
20:03:56.0857 4116 MSPCLOCK - ok
20:03:56.0862 4116 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
20:03:56.0864 4116 MSPQM - ok
20:03:56.0882 4116 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
20:03:56.0885 4116 MsRPC - ok
20:03:56.0907 4116 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
20:03:56.0908 4116 mssmbios - ok
20:03:56.0920 4116 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
20:03:56.0921 4116 MSTEE - ok
20:03:56.0930 4116 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
20:03:56.0931 4116 MTConfig - ok
20:03:56.0942 4116 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
20:03:56.0944 4116 Mup - ok
20:03:56.0966 4116 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
20:03:56.0971 4116 napagent - ok
20:03:57.0001 4116 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
20:03:57.0005 4116 NativeWifiP - ok
20:03:57.0023 4116 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
20:03:57.0038 4116 NDIS - ok
20:03:57.0038 4116 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
20:03:57.0038 4116 NdisCap - ok
20:03:57.0069 4116 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
20:03:57.0069 4116 NdisTapi - ok
20:03:57.0101 4116 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
20:03:57.0101 4116 Ndisuio - ok
20:03:57.0101 4116 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
20:03:57.0101 4116 NdisWan - ok
20:03:57.0122 4116 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
20:03:57.0124 4116 NDProxy - ok
20:03:57.0131 4116 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
20:03:57.0132 4116 NetBIOS - ok
20:03:57.0148 4116 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
20:03:57.0151 4116 NetBT - ok
20:03:57.0165 4116 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:03:57.0167 4116 Netlogon - ok
20:03:57.0198 4116 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
20:03:57.0203 4116 Netman - ok
20:03:57.0215 4116 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
20:03:57.0219 4116 netprofm - ok
20:03:57.0277 4116 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:03:57.0282 4116 NetTcpPortSharing - ok
20:03:57.0324 4116 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
20:03:57.0327 4116 nfrd960 - ok
20:03:57.0358 4116 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
20:03:57.0368 4116 NlaSvc - ok
20:03:57.0386 4116 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
20:03:57.0388 4116 Npfs - ok
20:03:57.0405 4116 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
20:03:57.0409 4116 nsi - ok
20:03:57.0419 4116 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
20:03:57.0420 4116 nsiproxy - ok
20:03:57.0502 4116 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
20:03:57.0525 4116 Ntfs - ok
20:03:57.0604 4116 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
20:03:57.0607 4116 Null - ok
20:03:57.0637 4116 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
20:03:57.0642 4116 nvraid - ok
20:03:57.0664 4116 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
20:03:57.0667 4116 nvstor - ok
20:03:57.0686 4116 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
20:03:57.0688 4116 nv_agp - ok
20:03:57.0711 4116 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
20:03:57.0713 4116 ohci1394 - ok
20:03:57.0779 4116 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:03:57.0784 4116 ose - ok
20:03:58.0028 4116 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:03:58.0082 4116 osppsvc - ok
20:03:58.0166 4116 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:03:58.0183 4116 p2pimsvc - ok
20:03:58.0219 4116 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
20:03:58.0231 4116 p2psvc - ok
20:03:58.0278 4116 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
20:03:58.0282 4116 Parport - ok
20:03:58.0308 4116 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
20:03:58.0311 4116 partmgr - ok
20:03:58.0328 4116 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
20:03:58.0331 4116 Parvdm - ok
20:03:58.0356 4116 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
20:03:58.0361 4116 PcaSvc - ok
20:03:58.0372 4116 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
20:03:58.0375 4116 pci - ok
20:03:58.0393 4116 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
20:03:58.0395 4116 pciide - ok
20:03:58.0414 4116 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
20:03:58.0417 4116 pcmcia - ok
20:03:58.0441 4116 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
20:03:58.0444 4116 pcw - ok
20:03:58.0470 4116 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
20:03:58.0479 4116 PEAUTH - ok
20:03:58.0560 4116 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
20:03:58.0582 4116 pla - ok
20:03:58.0698 4116 PlugPlay (2cc2008f1296968fba162ed9f9afe328) C:\Windows\system32\umpnpmgr.dll
20:03:58.0710 4116 PlugPlay - ok
20:03:58.0736 4116 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
20:03:58.0743 4116 PNRPAutoReg - ok
20:03:58.0771 4116 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:03:58.0781 4116 PNRPsvc - ok
20:03:58.0823 4116 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
20:03:58.0831 4116 PolicyAgent - ok
20:03:58.0859 4116 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
20:03:58.0865 4116 Power - ok
20:03:58.0913 4116 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
20:03:58.0916 4116 PptpMiniport - ok
20:03:58.0931 4116 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
20:03:58.0933 4116 Processor - ok
20:03:58.0959 4116 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
20:03:58.0965 4116 ProfSvc - ok
20:03:59.0032 4116 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:03:59.0076 4116 ProtectedStorage - ok
20:03:59.0253 4116 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
20:03:59.0253 4116 Psched - ok
20:03:59.0323 4116 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:03:59.0328 4116 PSI_SVC_2 - ok
20:03:59.0409 4116 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
20:03:59.0426 4116 ql2300 - ok
20:03:59.0525 4116 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
20:03:59.0530 4116 ql40xx - ok
20:03:59.0562 4116 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
20:03:59.0573 4116 QWAVE - ok
20:03:59.0600 4116 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
20:03:59.0604 4116 QWAVEdrv - ok
20:03:59.0616 4116 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
20:03:59.0619 4116 RasAcd - ok
20:03:59.0655 4116 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:03:59.0658 4116 RasAgileVpn - ok
20:03:59.0672 4116 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
20:03:59.0677 4116 RasAuto - ok
20:03:59.0689 4116 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:03:59.0692 4116 Rasl2tp - ok
20:03:59.0732 4116 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
20:03:59.0740 4116 RasMan - ok
20:03:59.0766 4116 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
20:03:59.0769 4116 RasPppoe - ok
20:03:59.0783 4116 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
20:03:59.0786 4116 RasSstp - ok
20:03:59.0804 4116 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
20:03:59.0809 4116 rdbss - ok
20:03:59.0831 4116 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
20:03:59.0833 4116 rdpbus - ok
20:03:59.0845 4116 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:03:59.0847 4116 RDPCDD - ok
20:03:59.0867 4116 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
20:03:59.0869 4116 RDPENCDD - ok
20:03:59.0884 4116 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
20:03:59.0886 4116 RDPREFMP - ok
20:03:59.0918 4116 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
20:03:59.0923 4116 RDPWD - ok
20:03:59.0948 4116 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
20:03:59.0952 4116 rdyboost - ok
20:03:59.0975 4116 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
20:03:59.0979 4116 RemoteAccess - ok
20:04:00.0003 4116 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
20:04:00.0008 4116 RemoteRegistry - ok
20:04:00.0019 4116 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
20:04:00.0023 4116 RpcEptMapper - ok
20:04:00.0028 4116 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
20:04:00.0032 4116 RpcLocator - ok
20:04:00.0053 4116 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
20:04:00.0059 4116 RpcSs - ok
20:04:00.0072 4116 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
20:04:00.0075 4116 rspndr - ok
20:04:00.0115 4116 RTL8167 (bcebd5d1aabce4efb7597635e347c44b) C:\Windows\system32\DRIVERS\Rt86win7.sys
20:04:00.0119 4116 RTL8167 - ok
20:04:00.0158 4116 RTL8192su (51adef77e4c929535fd50da153774e79) C:\Windows\system32\DRIVERS\RTL8192su.sys
20:04:00.0165 4116 RTL8192su - ok
20:04:00.0182 4116 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:04:00.0185 4116 SamSs - ok
20:04:00.0218 4116 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
20:04:00.0220 4116 sbp2port - ok
20:04:00.0238 4116 SBRE - ok
20:04:00.0366 4116 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
20:04:00.0385 4116 SBSDWSCService - ok
20:04:00.0414 4116 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
20:04:00.0419 4116 SCardSvr - ok
20:04:00.0457 4116 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
20:04:00.0458 4116 scfilter - ok
20:04:00.0491 4116 Schedule (3e8b0c453e25613a1f59762a5c42aa75) C:\Windows\system32\schedsvc.dll
20:04:00.0502 4116 Schedule - ok
20:04:00.0526 4116 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
20:04:00.0528 4116 SCPolicySvc - ok
20:04:00.0538 4116 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
20:04:00.0543 4116 SDRSVC - ok
20:04:00.0623 4116 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:04:00.0628 4116 SeaPort - ok
20:04:00.0677 4116 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:04:00.0680 4116 secdrv - ok
20:04:00.0704 4116 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
20:04:00.0712 4116 seclogon - ok
20:04:00.0734 4116 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
20:04:00.0741 4116 SENS - ok
20:04:00.0755 4116 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
20:04:00.0763 4116 SensrSvc - ok
20:04:00.0796 4116 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
20:04:00.0797 4116 Serenum - ok
20:04:00.0815 4116 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
20:04:00.0817 4116 Serial - ok
20:04:00.0888 4116 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
20:04:00.0891 4116 sermouse - ok
20:04:00.0933 4116 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
20:04:00.0937 4116 SessionEnv - ok
20:04:00.0950 4116 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
20:04:00.0952 4116 sffdisk - ok
20:04:00.0961 4116 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:04:00.0962 4116 sffp_mmc - ok
20:04:00.0975 4116 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:04:00.0976 4116 sffp_sd - ok
20:04:00.0984 4116 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
20:04:00.0985 4116 sfloppy - ok
20:04:01.0027 4116 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
20:04:01.0033 4116 SharedAccess - ok
20:04:01.0054 4116 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
20:04:01.0061 4116 ShellHWDetection - ok
20:04:01.0085 4116 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
20:04:01.0087 4116 sisagp - ok
20:04:01.0117 4116 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:04:01.0119 4116 SiSRaid2 - ok
20:04:01.0142 4116 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
20:04:01.0145 4116 SiSRaid4 - ok
20:04:01.0340 4116 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:04:01.0410 4116 Skype C2C Service - ok
20:04:01.0506 4116 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files\Skype\Updater\Updater.exe
20:04:01.0510 4116 SkypeUpdate - ok
20:04:01.0597 4116 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
20:04:01.0601 4116 Smb - ok
20:04:01.0628 4116 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
20:04:01.0636 4116 SNMPTRAP - ok
20:04:01.0648 4116 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
20:04:01.0649 4116 spldr - ok
20:04:01.0671 4116 Spooler (49b6dd6ab3715b7a67965f17194e98a9) C:\Windows\System32\spoolsv.exe
20:04:01.0677 4116 Spooler - ok
20:04:01.0787 4116 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
20:04:01.0808 4116 sppsvc - ok
20:04:01.0871 4116 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
20:04:01.0880 4116 sppuinotify - ok
20:04:01.0924 4116 srv (50a83ca406c808bd35ac9141a0c7618f) C:\Windows\system32\DRIVERS\srv.sys
20:04:01.0933 4116 srv - ok
20:04:01.0964 4116 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
20:04:01.0970 4116 srv2 - ok
20:04:01.0983 4116 srvnet (bd1433a32792fd0dc450479094fc435a) C:\Windows\system32\DRIVERS\srvnet.sys
20:04:01.0986 4116 srvnet - ok
20:04:02.0009 4116 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
20:04:02.0015 4116 SSDPSRV - ok
20:04:02.0028 4116 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
20:04:02.0033 4116 SstpSvc - ok
20:04:02.0052 4116 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
20:04:02.0054 4116 stexstor - ok
20:04:02.0100 4116 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
20:04:02.0111 4116 StiSvc - ok
20:04:02.0135 4116 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
20:04:02.0148 4116 swenum - ok
20:04:02.0178 4116 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
20:04:02.0186 4116 swprv - ok
20:04:02.0232 4116 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
20:04:02.0247 4116 SysMain - ok
20:04:02.0258 4116 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
20:04:02.0262 4116 TabletInputService - ok
20:04:02.0270 4116 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
20:04:02.0275 4116 TapiSrv - ok
20:04:02.0289 4116 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
20:04:02.0292 4116 TBS - ok
20:04:02.0393 4116 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys
20:04:02.0406 4116 Tcpip - ok
20:04:02.0515 4116 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys
20:04:02.0535 4116 TCPIP6 - ok
20:04:02.0572 4116 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
20:04:02.0575 4116 tcpipreg - ok
20:04:02.0596 4116 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
20:04:02.0597 4116 TDPIPE - ok
20:04:02.0613 4116 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
20:04:02.0614 4116 TDTCP - ok
20:04:02.0636 4116 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
20:04:02.0638 4116 tdx - ok
20:04:02.0656 4116 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
20:04:02.0658 4116 TermDD - ok
20:04:02.0685 4116 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
20:04:02.0692 4116 TermService - ok
20:04:02.0706 4116 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
20:04:02.0709 4116 Themes - ok
20:04:02.0728 4116 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:04:02.0730 4116 THREADORDER - ok
20:04:02.0746 4116 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
20:04:02.0749 4116 TrkWks - ok
20:04:02.0795 4116 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
20:04:02.0801 4116 TrustedInstaller - ok
20:04:02.0834 4116 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:04:02.0838 4116 tssecsrv - ok
20:04:02.0873 4116 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
20:04:02.0878 4116 tunnel - ok
20:04:02.0906 4116 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
20:04:02.0909 4116 uagp35 - ok
20:04:02.0932 4116 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
20:04:02.0940 4116 udfs - ok
20:04:02.0979 4116 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
20:04:02.0984 4116 UI0Detect - ok
20:04:03.0007 4116 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
20:04:03.0009 4116 uliagpkx - ok
20:04:03.0038 4116 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
20:04:03.0041 4116 umbus - ok
20:04:03.0066 4116 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
20:04:03.0068 4116 UmPass - ok
20:04:03.0085 4116 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
20:04:03.0093 4116 upnphost - ok
20:04:03.0118 4116 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
20:04:03.0135 4116 USBAAPL - ok
20:04:03.0172 4116 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
20:04:03.0175 4116 usbaudio - ok
20:04:03.0192 4116 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
20:04:03.0194 4116 usbccgp - ok
20:04:03.0209 4116 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
20:04:03.0211 4116 usbcir - ok
20:04:03.0229 4116 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys
20:04:03.0231 4116 usbehci - ok
20:04:03.0284 4116 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\Windows\system32\DRIVERS\usbfilter.sys
20:04:03.0287 4116 usbfilter - ok
20:04:03.0325 4116 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys
20:04:03.0330 4116 usbhub - ok
20:04:03.0347 4116 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
20:04:03.0349 4116 usbohci - ok
20:04:03.0377 4116 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
20:04:03.0379 4116 usbprint - ok
20:04:03.0395 4116 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:04:03.0398 4116 USBSTOR - ok
20:04:03.0419 4116 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
20:04:03.0421 4116 usbuhci - ok
20:04:03.0449 4116 uxddrv - ok
20:04:03.0475 4116 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
20:04:03.0480 4116 UxSms - ok
20:04:03.0521 4116 V0330VID (40f9792b85292b6e35e411296494129f) C:\Windows\system32\DRIVERS\V0330Vid.sys
20:04:03.0521 4116 V0330VID - ok
20:04:03.0537 4116 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:04:03.0537 4116 VaultSvc - ok
20:04:03.0582 4116 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
20:04:03.0584 4116 vdrvroot - ok
20:04:03.0615 4116 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
20:04:03.0625 4116 vds - ok
20:04:03.0645 4116 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
20:04:03.0647 4116 vga - ok
20:04:03.0662 4116 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
20:04:03.0663 4116 VgaSave - ok
20:04:03.0688 4116 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
20:04:03.0692 4116 vhdmp - ok
20:04:03.0721 4116 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
20:04:03.0723 4116 viaagp - ok
20:04:03.0730 4116 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
20:04:03.0732 4116 ViaC7 - ok
20:04:03.0748 4116 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
20:04:03.0749 4116 viaide - ok
20:04:03.0764 4116 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
20:04:03.0766 4116 volmgr - ok
20:04:03.0782 4116 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
20:04:03.0786 4116 volmgrx - ok
20:04:03.0803 4116 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
20:04:03.0807 4116 volsnap - ok
20:04:03.0827 4116 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
20:04:03.0829 4116 vsmraid - ok
20:04:03.0938 4116 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
20:04:03.0958 4116 VSS - ok
20:04:04.0087 4116 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
20:04:04.0103 4116 vToolbarUpdater11.0.2 - ok
20:04:04.0183 4116 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
20:04:04.0187 4116 vwifibus - ok
20:04:04.0209 4116 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
20:04:04.0213 4116 vwififlt - ok
20:04:04.0245 4116 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
20:04:04.0247 4116 vwifimp - ok
20:04:04.0469 4116 VX6000 (719bac5b5a9c2c1fdf7323fb7e36ca32) C:\Windows\system32\DRIVERS\VX6000Xp.sys
20:04:04.0497 4116 VX6000 - ok
20:04:04.0589 4116 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
20:04:04.0589 4116 W32Time - ok
20:04:04.0640 4116 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
20:04:04.0642 4116 WacomPen - ok
20:04:04.0671 4116 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
20:04:04.0674 4116 WANARP - ok
20:04:04.0678 4116 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
20:04:04.0680 4116 Wanarpv6 - ok
20:04:04.0767 4116 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
20:04:04.0916 4116 WatAdminSvc - ok
20:04:05.0034 4116 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
20:04:05.0055 4116 wbengine - ok
20:04:05.0068 4116 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
20:04:05.0074 4116 WbioSrvc - ok
20:04:05.0098 4116 wcncsvc (d0f88aa11ee1a62bcc6d6a8a7783ca11) C:\Windows\System32\wcncsvc.dll
20:04:05.0106 4116 wcncsvc - ok
20:04:05.0131 4116 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
20:04:05.0136 4116 WcsPlugInService - ok
20:04:05.0171 4116 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
20:04:05.0172 4116 Wd - ok
20:04:05.0199 4116 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:04:05.0206 4116 Wdf01000 - ok
20:04:05.0222 4116 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:04:05.0226 4116 WdiServiceHost - ok
20:04:05.0231 4116 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:04:05.0236 4116 WdiSystemHost - ok
20:04:05.0254 4116 WebClient (d87c7d2c517f82a5ab7a73e203063d9e) C:\Windows\System32\webclnt.dll
20:04:05.0259 4116 WebClient - ok
20:04:05.0282 4116 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
20:04:05.0286 4116 Wecsvc - ok
20:04:05.0293 4116 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
20:04:05.0296 4116 wercplsupport - ok
20:04:05.0318 4116 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
20:04:05.0320 4116 WerSvc - ok
20:04:05.0343 4116 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
20:04:05.0344 4116 WfpLwf - ok
20:04:05.0352 4116 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
20:04:05.0353 4116 WIMMount - ok
20:04:05.0427 4116 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
20:04:05.0445 4116 WinDefend - ok
20:04:05.0456 4116 WinHttpAutoProxySvc - ok
20:04:05.0504 4116 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
20:04:05.0517 4116 Winmgmt - ok
20:04:05.0592 4116 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
20:04:05.0614 4116 WinRM - ok
20:04:05.0696 4116 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
20:04:05.0696 4116 WinUsb - ok
20:04:05.0759 4116 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
20:04:05.0781 4116 Wlansvc - ok
20:04:05.0940 4116 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:04:05.0964 4116 wlidsvc - ok
20:04:06.0046 4116 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:04:06.0049 4116 WmiAcpi - ok
20:04:06.0098 4116 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
20:04:06.0103 4116 wmiApSrv - ok
20:04:06.0209 4116 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:04:06.0232 4116 WMPNetworkSvc - ok
20:04:06.0288 4116 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
20:04:06.0292 4116 WPCSvc - ok
20:04:06.0307 4116 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
20:04:06.0311 4116 WPDBusEnum - ok
20:04:06.0335 4116 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
20:04:06.0336 4116 ws2ifsl - ok
20:04:06.0342 4116 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
20:04:06.0347 4116 wscsvc - ok
20:04:06.0351 4116 WSearch - ok
20:04:06.0416 4116 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
20:04:06.0436 4116 wuauserv - ok
20:04:06.0511 4116 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
20:04:06.0516 4116 WudfPf - ok
20:04:06.0545 4116 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:04:06.0549 4116 WUDFRd - ok
20:04:06.0573 4116 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
20:04:06.0582 4116 wudfsvc - ok
20:04:06.0602 4116 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
20:04:06.0609 4116 WwanSvc - ok
20:04:06.0654 4116 MBR (0x1B8) (8bcb23b30db1819e7d8ddae01aebb583) \Device\Harddisk0\DR0
20:04:09.0215 4116 \Device\Harddisk0\DR0 - ok
20:04:09.0243 4116 Boot (0x1200) (00dc1d8fb1433d6fa1c46ab14c3c0429) \Device\Harddisk0\DR0\Partition0
20:04:09.0244 4116 \Device\Harddisk0\DR0\Partition0 - ok
20:04:09.0249 4116 Boot (0x1200) (017e8c417df82a5fd777d68104bae452) \Device\Harddisk0\DR0\Partition1
20:04:09.0250 4116 \Device\Harddisk0\DR0\Partition1 - ok
20:04:09.0285 4116 Boot (0x1200) (98041d7cc3bc68880449ea27efca2624) \Device\Harddisk0\DR0\Partition2
20:04:09.0286 4116 \Device\Harddisk0\DR0\Partition2 - ok
20:04:09.0286 4116 ============================================================
20:04:09.0286 4116 Scan finished
20:04:09.0286 4116 ============================================================
20:04:09.0298 2624 Detected object count: 0
20:04:09.0298 2624 Actual detected object count: 0
20:34:55.0092 5844 ============================================================
20:34:55.0092 5844 Scan started
20:34:55.0092 5844 Mode: Manual;
20:34:55.0092 5844 ============================================================
20:34:55.0661 5844 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
20:34:55.0663 5844 1394ohci - ok
20:34:55.0694 5844 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
20:34:55.0697 5844 ACPI - ok
20:34:55.0713 5844 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
20:34:55.0713 5844 AcpiPmi - ok
20:34:55.0735 5844 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
20:34:55.0738 5844 adp94xx - ok
20:34:55.0758 5844 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
20:34:55.0760 5844 adpahci - ok
20:34:55.0777 5844 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
20:34:55.0779 5844 adpu320 - ok
20:34:55.0875 5844 AdvancedSystemCareService5 (3d672573ef8f317f10c2aabbb2586262) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
20:34:55.0884 5844 AdvancedSystemCareService5 - ok
20:34:55.0910 5844 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
20:34:55.0913 5844 AeLookupSvc - ok
20:34:55.0952 5844 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
20:34:55.0958 5844 AFD - ok
20:34:55.0983 5844 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
20:34:55.0985 5844 agp440 - ok
20:34:56.0001 5844 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
20:34:56.0001 5844 aic78xx - ok
20:34:56.0021 5844 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
20:34:56.0021 5844 ALG - ok
20:34:56.0021 5844 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
20:34:56.0021 5844 aliide - ok
20:34:56.0052 5844 AMD External Events Utility (946848a3cac9909d8f72a4847419e77d) C:\Windows\system32\atiesrxx.exe
20:34:56.0052 5844 AMD External Events Utility - ok
20:34:56.0076 5844 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
20:34:56.0078 5844 amdagp - ok
20:34:56.0094 5844 amdide (211fce336502911ec03fc15a91344c98) C:\Windows\system32\DRIVERS\amdide.sys
20:34:56.0095 5844 amdide - ok
20:34:56.0110 5844 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
20:34:56.0112 5844 AmdK8 - ok
20:34:56.0263 5844 amdkmdag (19529728442d4794b96d1b8a9a63eca1) C:\Windows\system32\DRIVERS\atikmdag.sys
20:34:56.0290 5844 amdkmdag - ok
20:34:56.0350 5844 amdkmdap (b44737ff566b5888d15fdb66849f34e5) C:\Windows\system32\DRIVERS\atikmpag.sys
20:34:56.0352 5844 amdkmdap - ok
20:34:56.0368 5844 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
20:34:56.0369 5844 AmdPPM - ok
20:34:56.0391 5844 amdsata (04b2587c961c084634054d60d3eb385b) C:\Windows\system32\DRIVERS\amdsata.sys
20:34:56.0392 5844 amdsata - ok
20:34:56.0408 5844 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
20:34:56.0410 5844 amdsbs - ok
20:34:56.0424 5844 amdxata (c078b06811670b90a52ae51ac3808e1e) C:\Windows\system32\DRIVERS\amdxata.sys
20:34:56.0425 5844 amdxata - ok
20:34:56.0436 5844 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
20:34:56.0437 5844 AppID - ok
20:34:56.0458 5844 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
20:34:56.0459 5844 AppIDSvc - ok
20:34:56.0467 5844 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
20:34:56.0468 5844 Appinfo - ok
20:34:56.0519 5844 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:34:56.0522 5844 Apple Mobile Device - ok
20:34:56.0556 5844 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
20:34:56.0557 5844 arc - ok
20:34:56.0572 5844 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
20:34:56.0574 5844 arcsas - ok
20:34:56.0587 5844 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
20:34:56.0588 5844 AsyncMac - ok
20:34:56.0609 5844 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
20:34:56.0610 5844 atapi - ok
20:34:56.0639 5844 AtiHdmiService (c822c615b2f693ef4e5b355432976a81) C:\Windows\system32\drivers\AtiHdmi.sys
20:34:56.0641 5844 AtiHdmiService - ok
20:34:56.0652 5844 AtiPcie (4ffe74e33bd9170950116f0ca46eac89) C:\Windows\system32\DRIVERS\AtiPcie.sys
20:34:56.0652 5844 AtiPcie - ok
20:34:56.0683 5844 ATMhelpr (3ef1db7f168851914517d4ed36b57c04) C:\Windows\system32\drivers\ATMhelpr.sys
20:34:56.0684 5844 ATMhelpr - ok
20:34:56.0716 5844 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
20:34:56.0719 5844 AudioEndpointBuilder - ok
20:34:56.0725 5844 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
20:34:56.0728 5844 Audiosrv - ok
20:34:56.0899 5844 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
20:34:56.0922 5844 AVGIDSAgent - ok
20:34:57.0017 5844 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
20:34:57.0019 5844 AVGIDSDriver - ok
20:34:57.0025 5844 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
20:34:57.0026 5844 AVGIDSEH - ok
20:34:57.0030 5844 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
20:34:57.0031 5844 AVGIDSFilter - ok
20:34:57.0043 5844 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
20:34:57.0043 5844 AVGIDSShim - ok
20:34:57.0058 5844 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
20:34:57.0060 5844 Avgldx86 - ok
20:34:57.0069 5844 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
20:34:57.0069 5844 Avgmfx86 - ok
20:34:57.0073 5844 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
20:34:57.0073 5844 Avgrkx86 - ok
20:34:57.0089 5844 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
20:34:57.0089 5844 Avgtdix - ok
20:34:57.0172 5844 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:34:57.0176 5844 avgwd - ok
20:34:57.0203 5844 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
20:34:57.0206 5844 AxInstSV - ok
20:34:57.0238 5844 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
20:34:57.0246 5844 b06bdrv - ok
20:34:57.0271 5844 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:34:57.0284 5844 b57nd60x - ok
20:34:57.0306 5844 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
20:34:57.0309 5844 BDESVC - ok
20:34:57.0330 5844 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
20:34:57.0332 5844 Beep - ok
20:34:57.0365 5844 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
20:34:57.0374 5844 BFE - ok
20:34:57.0408 5844 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll
20:34:57.0417 5844 BITS - ok
20:34:57.0437 5844 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
20:34:57.0438 5844 blbdrive - ok
20:34:57.0517 5844 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:34:57.0523 5844 Bonjour Service - ok
20:34:57.0543 5844 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
20:34:57.0544 5844 bowser - ok
20:34:57.0560 5844 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:34:57.0561 5844 BrFiltLo - ok
20:34:57.0580 5844 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:34:57.0581 5844 BrFiltUp - ok
20:34:57.0614 5844 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
20:34:57.0616 5844 BridgeMP - ok
20:34:57.0641 5844 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
20:34:57.0643 5844 Browser - ok
20:34:57.0664 5844 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
20:34:57.0668 5844 Brserid - ok
20:34:57.0682 5844 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
20:34:57.0684 5844 BrSerWdm - ok
20:34:57.0704 5844 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:34:57.0705 5844 BrUsbMdm - ok
20:34:57.0719 5844 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
20:34:57.0720 5844 BrUsbSer - ok
20:34:57.0736 5844 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
20:34:57.0737 5844 BTHMODEM - ok
20:34:57.0754 5844 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
20:34:57.0756 5844 bthserv - ok
20:34:57.0806 5844 catchme - ok
20:34:57.0819 5844 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
20:34:57.0822 5844 cdfs - ok
20:34:57.0835 5844 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
20:34:57.0837 5844 cdrom - ok
20:34:57.0859 5844 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
20:34:57.0860 5844 CertPropSvc - ok
20:34:57.0877 5844 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
20:34:57.0878 5844 circlass - ok
20:34:57.0899 5844 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
20:34:57.0901 5844 CLFS - ok
20:34:57.0944 5844 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:34:57.0946 5844 clr_optimization_v2.0.50727_32 - ok
20:34:57.0958 5844 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
20:34:57.0959 5844 CmBatt - ok
20:34:57.0973 5844 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
20:34:57.0974 5844 cmdide - ok
20:34:57.0991 5844 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
20:34:57.0994 5844 CNG - ok
20:34:58.0011 5844 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
20:34:58.0012 5844 Compbatt - ok
20:34:58.0023 5844 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:34:58.0024 5844 CompositeBus - ok
20:34:58.0027 5844 COMSysApp - ok
20:34:58.0046 5844 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
20:34:58.0047 5844 crcdisk - ok
20:34:58.0065 5844 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
20:34:58.0067 5844 CryptSvc - ok
20:34:58.0092 5844 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
20:34:58.0098 5844 DcomLaunch - ok
20:34:58.0120 5844 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
20:34:58.0123 5844 defragsvc - ok
20:34:58.0148 5844 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
20:34:58.0150 5844 DfsC - ok
20:34:58.0166 5844 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
20:34:58.0166 5844 Dhcp - ok
20:34:58.0176 5844 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
20:34:58.0176 5844 discache - ok
20:34:58.0196 5844 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
20:34:58.0196 5844 Disk - ok
20:34:58.0217 5844 Dnscache (d0722e963d3c6145446874241401b209) C:\Windows\System32\dnsrslvr.dll
20:34:58.0219 5844 Dnscache - ok
20:34:58.0229 5844 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
20:34:58.0232 5844 dot3svc - ok
20:34:58.0241 5844 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
20:34:58.0243 5844 DPS - ok
20:34:58.0265 5844 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
20:34:58.0266 5844 drmkaud - ok
20:34:58.0305 5844 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
20:34:58.0310 5844 DXGKrnl - ok
20:34:58.0327 5844 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
20:34:58.0329 5844 EapHost - ok
20:34:58.0442 5844 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
20:34:58.0463 5844 ebdrv - ok
20:34:58.0540 5844 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
20:34:58.0544 5844 EFS - ok
20:34:58.0599 5844 ehRecvr (c8143f413c07507b0a56f08a5a8c4772) C:\Windows\ehome\ehRecvr.exe
20:34:58.0608 5844 ehRecvr - ok
20:34:58.0633 5844 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
20:34:58.0635 5844 ehSched - ok
20:34:58.0679 5844 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
20:34:58.0687 5844 elxstor - ok
20:34:58.0707 5844 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
20:34:58.0710 5844 ErrDev - ok
20:34:58.0744 5844 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
20:34:58.0747 5844 EventSystem - ok
20:34:58.0767 5844 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
20:34:58.0769 5844 exfat - ok
20:34:58.0793 5844 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
20:34:58.0795 5844 fastfat - ok
20:34:58.0816 5844 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
20:34:58.0823 5844 Fax - ok
20:34:58.0838 5844 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
20:34:58.0839 5844 fdc - ok
20:34:58.0848 5844 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
20:34:58.0850 5844 fdPHost - ok
20:34:58.0858 5844 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
20:34:58.0859 5844 FDResPub - ok
20:34:58.0876 5844 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
20:34:58.0877 5844 FileInfo - ok
20:34:58.0888 5844 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
20:34:58.0889 5844 Filetrace - ok
20:34:58.0906 5844 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
20:34:58.0907 5844 flpydisk - ok
20:34:58.0920 5844 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
20:34:58.0921 5844 FltMgr - ok
20:34:58.0957 5844 FontCache (b6512a85815fdc3d560c3705f5bdb93d) C:\Windows\system32\FntCache.dll
20:34:58.0965 5844 FontCache - ok
20:34:59.0021 5844 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:34:59.0025 5844 FontCache3.0.0.0 - ok
20:34:59.0052 5844 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
20:34:59.0054 5844 FsDepends - ok
20:34:59.0069 5844 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
20:34:59.0071 5844 Fs_Rec - ok
20:34:59.0096 5844 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
20:34:59.0099 5844 fvevol - ok
20:34:59.0117 5844 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:34:59.0118 5844 gagp30kx - ok
20:34:59.0159 5844 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:34:59.0159 5844 GEARAspiWDM - ok
20:34:59.0198 5844 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
20:34:59.0204 5844 gpsvc - ok
20:34:59.0218 5844 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
20:34:59.0219 5844 hcw85cir - ok
20:34:59.0244 5844 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
20:34:59.0260 5844 HdAudAddService - ok
20:34:59.0275 5844 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:34:59.0275 5844 HDAudBus - ok
20:34:59.0291 5844 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
20:34:59.0291 5844 HidBatt - ok
20:34:59.0321 5844 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
20:34:59.0322 5844 HidBth - ok
20:34:59.0335 5844 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
20:34:59.0336 5844 HidIr - ok
20:34:59.0356 5844 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
20:34:59.0357 5844 hidserv - ok
20:34:59.0367 5844 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
20:34:59.0368 5844 HidUsb - ok
20:34:59.0388 5844 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
20:34:59.0390 5844 hkmsvc - ok
20:34:59.0406 5844 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
20:34:59.0410 5844 HomeGroupListener - ok
20:34:59.0432 5844 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
20:34:59.0436 5844 HomeGroupProvider - ok
20:34:59.0461 5844 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
20:34:59.0462 5844 HpSAMD - ok
20:34:59.0481 5844 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
20:34:59.0485 5844 HTTP - ok
20:34:59.0494 5844 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
20:34:59.0494 5844 hwpolicy - ok
20:34:59.0515 5844 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
20:34:59.0516 5844 i8042prt - ok
20:34:59.0537 5844 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
20:34:59.0540 5844 iaStorV - ok
20:34:59.0632 5844 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:34:59.0645 5844 idsvc - ok
20:34:59.0697 5844 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
20:34:59.0699 5844 iirsp - ok
20:34:59.0732 5844 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
20:34:59.0743 5844 IKEEXT - ok
20:34:59.0859 5844 IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\Windows\system32\drivers\RTKVHDA.sys
20:34:59.0898 5844 IntcAzAudAddService - ok
20:34:59.0985 5844 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
20:34:59.0987 5844 intelide - ok
20:35:00.0000 5844 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
20:35:00.0003 5844 intelppm - ok
20:35:00.0027 5844 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
20:35:00.0030 5844 IPBusEnum - ok
20:35:00.0105 5844 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:35:00.0108 5844 IpFilterDriver - ok
20:35:00.0188 5844 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
20:35:00.0202 5844 iphlpsvc - ok
20:35:00.0217 5844 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:35:00.0220 5844 IPMIDRV - ok
20:35:00.0286 5844 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
20:35:00.0289 5844 IPNAT - ok
20:35:00.0370 5844 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
20:35:00.0403 5844 iPod Service - ok
20:35:00.0428 5844 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
20:35:00.0429 5844 IRENUM - ok
20:35:00.0447 5844 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
20:35:00.0448 5844 isapnp - ok
20:35:00.0474 5844 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
20:35:00.0477 5844 iScsiPrt - ok
20:35:00.0501 5844 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:35:00.0503 5844 kbdclass - ok
20:35:00.0508 5844 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
20:35:00.0509 5844 kbdhid - ok
20:35:00.0523 5844 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:35:00.0525 5844 KeyIso - ok
20:35:00.0535 5844 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
20:35:00.0536 5844 KSecDD - ok
20:35:00.0558 5844 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
20:35:00.0559 5844 KSecPkg - ok
20:35:00.0581 5844 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
20:35:00.0585 5844 KtmRm - ok
20:35:00.0611 5844 LanmanServer (bca92cb047a4326925ecef759dbaa233) C:\Windows\System32\srvsvc.dll
20:35:00.0621 5844 LanmanServer - ok
20:35:00.0665 5844 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
20:35:00.0675 5844 LanmanWorkstation - ok
20:35:00.0717 5844 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
20:35:00.0719 5844 lltdio - ok
20:35:00.0757 5844 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
20:35:00.0766 5844 lltdsvc - ok
20:35:00.0780 5844 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
20:35:00.0785 5844 lmhosts - ok
20:35:00.0804 5844 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:35:00.0806 5844 LSI_FC - ok
20:35:00.0895 5844 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:35:00.0898 5844 LSI_SAS - ok
20:35:00.0917 5844 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:35:00.0919 5844 LSI_SAS2 - ok
20:35:00.0945 5844 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:35:00.0947 5844 LSI_SCSI - ok
20:35:00.0963 5844 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
20:35:00.0965 5844 luafv - ok
20:35:00.0981 5844 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
20:35:00.0985 5844 Mcx2Svc - ok
20:35:00.0994 5844 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
20:35:00.0996 5844 megasas - ok
20:35:01.0011 5844 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
20:35:01.0015 5844 MegaSR - ok
20:35:01.0086 5844 Microsoft SharePoint Workspace Audit Service - ok
20:35:01.0120 5844 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:35:01.0126 5844 MMCSS - ok
20:35:01.0147 5844 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
20:35:01.0149 5844 Modem - ok
20:35:01.0167 5844 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
20:35:01.0168 5844 monitor - ok
20:35:01.0184 5844 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
20:35:01.0186 5844 mouclass - ok
20:35:01.0205 5844 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
20:35:01.0206 5844 mouhid - ok
20:35:01.0221 5844 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
20:35:01.0223 5844 mountmgr - ok
20:35:01.0259 5844 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:35:01.0262 5844 MozillaMaintenance - ok
20:35:01.0288 5844 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
20:35:01.0290 5844 mpio - ok
20:35:01.0304 5844 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
20:35:01.0305 5844 mpsdrv - ok
20:35:01.0347 5844 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
20:35:01.0357 5844 MpsSvc - ok
20:35:01.0376 5844 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
20:35:01.0378 5844 MRxDAV - ok
20:35:01.0402 5844 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:35:01.0404 5844 mrxsmb - ok
20:35:01.0416 5844 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:35:01.0416 5844 mrxsmb10 - ok
20:35:01.0436 5844 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:35:01.0436 5844 mrxsmb20 - ok
20:35:01.0456 5844 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
20:35:01.0456 5844 msahci - ok
20:35:01.0533 5844 MSCamSvc (d98350792a7ce82e7459a7c36481beda) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
20:35:01.0538 5844 MSCamSvc - ok
20:35:01.0564 5844 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
20:35:01.0567 5844 msdsm - ok
20:35:01.0594 5844 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
20:35:01.0602 5844 MSDTC - ok
20:35:01.0632 5844 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
20:35:01.0634 5844 Msfs - ok
20:35:01.0650 5844 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
20:35:01.0651 5844 mshidkmdf - ok
20:35:01.0667 5844 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
20:35:01.0669 5844 msisadrv - ok
20:35:01.0699 5844 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
20:35:01.0706 5844 MSiSCSI - ok
20:35:01.0713 5844 msiserver - ok
20:35:01.0730 5844 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
20:35:01.0732 5844 MSKSSRV - ok
20:35:01.0745 5844 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
20:35:01.0746 5844 MSPCLOCK - ok
20:35:01.0756 5844 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
20:35:01.0757 5844 MSPQM - ok
20:35:01.0773 5844 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
20:35:01.0774 5844 MsRPC - ok
20:35:01.0796 5844 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
20:35:01.0798 5844 mssmbios - ok
20:35:01.0810 5844 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
20:35:01.0811 5844 MSTEE - ok
20:35:01.0820 5844 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
20:35:01.0821 5844 MTConfig - ok
20:35:01.0832 5844 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
20:35:01.0833 5844 Mup - ok
20:35:01.0856 5844 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
20:35:01.0861 5844 napagent - ok
20:35:01.0874 5844 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
20:35:01.0876 5844 NativeWifiP - ok
20:35:01.0901 5844 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
20:35:01.0908 5844 NDIS - ok
20:35:01.0917 5844 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
20:35:01.0918 5844 NdisCap - ok
20:35:01.0931 5844 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
20:35:01.0932 5844 NdisTapi - ok
20:35:01.0941 5844 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
20:35:01.0943 5844 Ndisuio - ok
20:35:01.0951 5844 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
20:35:01.0953 5844 NdisWan - ok
20:35:01.0963 5844 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
20:35:01.0964 5844 NDProxy - ok
20:35:01.0971 5844 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
20:35:01.0973 5844 NetBIOS - ok
20:35:01.0989 5844 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
20:35:01.0991 5844 NetBT - ok
20:35:02.0006 5844 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:35:02.0007 5844 Netlogon - ok
20:35:02.0039 5844 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
20:35:02.0043 5844 Netman - ok
20:35:02.0055 5844 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
20:35:02.0060 5844 netprofm - ok
20:35:02.0109 5844 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:35:02.0114 5844 NetTcpPortSharing - ok
20:35:02.0138 5844 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
20:35:02.0139 5844 nfrd960 - ok
20:35:02.0153 5844 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
20:35:02.0158 5844 NlaSvc - ok
20:35:02.0169 5844 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
20:35:02.0171 5844 Npfs - ok
20:35:02.0188 5844 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
20:35:02.0190 5844 nsi - ok
20:35:02.0201 5844 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
20:35:02.0202 5844 nsiproxy - ok

#11
peppercat
Posted 12 June 2012 - 05:09 AM

    New Member

  • Members
  • Pip
  • 28 posts
20:35:02.0246 5844 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
20:35:02.0253 5844 Ntfs - ok
20:35:02.0403 5844 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
20:35:02.0405 5844 Null - ok
20:35:02.0427 5844 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
20:35:02.0429 5844 nvraid - ok
20:35:02.0455 5844 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
20:35:02.0458 5844 nvstor - ok
20:35:02.0477 5844 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
20:35:02.0479 5844 nv_agp - ok
20:35:02.0490 5844 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
20:35:02.0490 5844 ohci1394 - ok
20:35:02.0537 5844 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:35:02.0537 5844 ose - ok
20:35:02.0762 5844 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:35:02.0810 5844 osppsvc - ok
20:35:02.0903 5844 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:35:02.0914 5844 p2pimsvc - ok
20:35:02.0943 5844 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
20:35:02.0955 5844 p2psvc - ok
20:35:03.0002 5844 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
20:35:03.0005 5844 Parport - ok
20:35:03.0032 5844 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
20:35:03.0034 5844 partmgr - ok
20:35:03.0052 5844 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
20:35:03.0054 5844 Parvdm - ok
20:35:03.0081 5844 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
20:35:03.0090 5844 PcaSvc - ok
20:35:03.0106 5844 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
20:35:03.0110 5844 pci - ok
20:35:03.0134 5844 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
20:35:03.0136 5844 pciide - ok
20:35:03.0164 5844 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
20:35:03.0169 5844 pcmcia - ok
20:35:03.0182 5844 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
20:35:03.0185 5844 pcw - ok
20:35:03.0219 5844 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
20:35:03.0225 5844 PEAUTH - ok
20:35:03.0307 5844 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
20:35:03.0328 5844 pla - ok
20:35:03.0421 5844 PlugPlay (2cc2008f1296968fba162ed9f9afe328) C:\Windows\system32\umpnpmgr.dll
20:35:03.0434 5844 PlugPlay - ok
20:35:03.0460 5844 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
20:35:03.0467 5844 PNRPAutoReg - ok
20:35:03.0495 5844 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:35:03.0505 5844 PNRPsvc - ok
20:35:03.0547 5844 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
20:35:03.0558 5844 PolicyAgent - ok
20:35:03.0583 5844 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
20:35:03.0593 5844 Power - ok
20:35:03.0637 5844 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
20:35:03.0639 5844 PptpMiniport - ok
20:35:03.0655 5844 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
20:35:03.0656 5844 Processor - ok
20:35:03.0683 5844 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
20:35:03.0688 5844 ProfSvc - ok
20:35:03.0706 5844 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:35:03.0709 5844 ProtectedStorage - ok
20:35:03.0721 5844 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
20:35:03.0723 5844 Psched - ok
20:35:03.0768 5844 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:35:03.0772 5844 PSI_SVC_2 - ok
20:35:03.0833 5844 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
20:35:03.0846 5844 ql2300 - ok
20:35:03.0906 5844 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
20:35:03.0908 5844 ql40xx - ok
20:35:03.0934 5844 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
20:35:03.0940 5844 QWAVE - ok
20:35:04.0008 5844 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
20:35:04.0010 5844 QWAVEdrv - ok
20:35:04.0084 5844 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
20:35:04.0086 5844 RasAcd - ok
20:35:04.0213 5844 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:35:04.0215 5844 RasAgileVpn - ok
20:35:04.0280 5844 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
20:35:04.0288 5844 RasAuto - ok
20:35:04.0305 5844 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:35:04.0308 5844 Rasl2tp - ok
20:35:04.0331 5844 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
20:35:04.0339 5844 RasMan - ok
20:35:04.0348 5844 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
20:35:04.0350 5844 RasPppoe - ok
20:35:04.0365 5844 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
20:35:04.0368 5844 RasSstp - ok
20:35:04.0385 5844 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
20:35:04.0387 5844 rdbss - ok
20:35:04.0404 5844 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
20:35:04.0405 5844 rdpbus - ok
20:35:04.0427 5844 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:35:04.0428 5844 RDPCDD - ok
20:35:04.0441 5844 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
20:35:04.0442 5844 RDPENCDD - ok
20:35:04.0450 5844 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
20:35:04.0450 5844 RDPREFMP - ok
20:35:04.0475 5844 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
20:35:04.0477 5844 RDPWD - ok
20:35:04.0496 5844 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
20:35:04.0497 5844 rdyboost - ok
20:35:04.0524 5844 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
20:35:04.0527 5844 RemoteAccess - ok
20:35:04.0543 5844 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
20:35:04.0546 5844 RemoteRegistry - ok
20:35:04.0559 5844 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
20:35:04.0562 5844 RpcEptMapper - ok
20:35:04.0567 5844 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
20:35:04.0569 5844 RpcLocator - ok
20:35:04.0592 5844 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
20:35:04.0596 5844 RpcSs - ok
20:35:04.0612 5844 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
20:35:04.0613 5844 rspndr - ok
20:35:04.0637 5844 RTL8167 (bcebd5d1aabce4efb7597635e347c44b) C:\Windows\system32\DRIVERS\Rt86win7.sys
20:35:04.0639 5844 RTL8167 - ok
20:35:04.0656 5844 RTL8192su (51adef77e4c929535fd50da153774e79) C:\Windows\system32\DRIVERS\RTL8192su.sys
20:35:04.0656 5844 RTL8192su - ok
20:35:04.0672 5844 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:35:04.0672 5844 SamSs - ok
20:35:04.0687 5844 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
20:35:04.0687 5844 sbp2port - ok
20:35:04.0703 5844 SBRE - ok
20:35:04.0825 5844 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
20:35:04.0848 5844 SBSDWSCService - ok
20:35:04.0879 5844 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
20:35:04.0885 5844 SCardSvr - ok
20:35:04.0922 5844 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
20:35:04.0924 5844 scfilter - ok
20:35:04.0960 5844 Schedule (3e8b0c453e25613a1f59762a5c42aa75) C:\Windows\system32\schedsvc.dll
20:35:04.0972 5844 Schedule - ok
20:35:04.0992 5844 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
20:35:04.0993 5844 SCPolicySvc - ok
20:35:05.0003 5844 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
20:35:05.0007 5844 SDRSVC - ok
20:35:05.0071 5844 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:35:05.0078 5844 SeaPort - ok
20:35:05.0118 5844 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:35:05.0120 5844 secdrv - ok
20:35:05.0145 5844 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
20:35:05.0152 5844 seclogon - ok
20:35:05.0166 5844 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
20:35:05.0174 5844 SENS - ok
20:35:05.0187 5844 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
20:35:05.0191 5844 SensrSvc - ok
20:35:05.0211 5844 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
20:35:05.0213 5844 Serenum - ok
20:35:05.0237 5844 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
20:35:05.0239 5844 Serial - ok
20:35:05.0254 5844 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
20:35:05.0255 5844 sermouse - ok
20:35:05.0282 5844 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
20:35:05.0287 5844 SessionEnv - ok
20:35:05.0308 5844 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
20:35:05.0309 5844 sffdisk - ok
20:35:05.0318 5844 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:35:05.0319 5844 sffp_mmc - ok
20:35:05.0332 5844 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:35:05.0333 5844 sffp_sd - ok
20:35:05.0338 5844 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
20:35:05.0340 5844 sfloppy - ok
20:35:05.0385 5844 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
20:35:05.0392 5844 SharedAccess - ok
20:35:05.0421 5844 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
20:35:05.0429 5844 ShellHWDetection - ok
20:35:05.0451 5844 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
20:35:05.0452 5844 sisagp - ok
20:35:05.0474 5844 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:35:05.0475 5844 SiSRaid2 - ok
20:35:05.0500 5844 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
20:35:05.0501 5844 SiSRaid4 - ok
20:35:05.0694 5844 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:35:05.0709 5844 Skype C2C Service - ok
20:35:05.0790 5844 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files\Skype\Updater\Updater.exe
20:35:05.0801 5844 SkypeUpdate - ok
20:35:05.0879 5844 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
20:35:05.0882 5844 Smb - ok
20:35:05.0910 5844 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
20:35:05.0918 5844 SNMPTRAP - ok
20:35:05.0930 5844 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
20:35:05.0933 5844 spldr - ok
20:35:05.0951 5844 Spooler (49b6dd6ab3715b7a67965f17194e98a9) C:\Windows\System32\spoolsv.exe
20:35:05.0958 5844 Spooler - ok
20:35:06.0087 5844 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
20:35:06.0123 5844 sppsvc - ok
20:35:06.0187 5844 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
20:35:06.0195 5844 sppuinotify - ok
20:35:06.0240 5844 srv (50a83ca406c808bd35ac9141a0c7618f) C:\Windows\system32\DRIVERS\srv.sys
20:35:06.0246 5844 srv - ok
20:35:06.0283 5844 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
20:35:06.0289 5844 srv2 - ok
20:35:06.0307 5844 srvnet (bd1433a32792fd0dc450479094fc435a) C:\Windows\system32\DRIVERS\srvnet.sys
20:35:06.0311 5844 srvnet - ok
20:35:06.0359 5844 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
20:35:06.0369 5844 SSDPSRV - ok
20:35:06.0393 5844 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
20:35:06.0398 5844 SstpSvc - ok
20:35:06.0417 5844 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
20:35:06.0418 5844 stexstor - ok
20:35:06.0449 5844 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
20:35:06.0459 5844 StiSvc - ok
20:35:06.0484 5844 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
20:35:06.0485 5844 swenum - ok
20:35:06.0510 5844 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
20:35:06.0518 5844 swprv - ok
20:35:06.0572 5844 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
20:35:06.0590 5844 SysMain - ok
20:35:06.0607 5844 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
20:35:06.0610 5844 TabletInputService - ok
20:35:06.0625 5844 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
20:35:06.0633 5844 TapiSrv - ok
20:35:06.0646 5844 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
20:35:06.0650 5844 TBS - ok
20:35:06.0742 5844 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys
20:35:06.0762 5844 Tcpip - ok
20:35:06.0870 5844 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys
20:35:06.0889 5844 TCPIP6 - ok
20:35:06.0922 5844 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
20:35:06.0923 5844 tcpipreg - ok
20:35:06.0936 5844 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
20:35:06.0937 5844 TDPIPE - ok
20:35:06.0946 5844 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
20:35:06.0947 5844 TDTCP - ok
20:35:06.0960 5844 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
20:35:06.0961 5844 tdx - ok
20:35:06.0981 5844 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
20:35:06.0982 5844 TermDD - ok
20:35:07.0013 5844 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
20:35:07.0020 5844 TermService - ok
20:35:07.0031 5844 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
20:35:07.0033 5844 Themes - ok
20:35:07.0052 5844 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:35:07.0054 5844 THREADORDER - ok
20:35:07.0062 5844 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
20:35:07.0065 5844 TrkWks - ok
20:35:07.0110 5844 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
20:35:07.0116 5844 TrustedInstaller - ok
20:35:07.0149 5844 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:35:07.0152 5844 tssecsrv - ok
20:35:07.0171 5844 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
20:35:07.0173 5844 tunnel - ok
20:35:07.0196 5844 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
20:35:07.0197 5844 uagp35 - ok
20:35:07.0212 5844 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
20:35:07.0216 5844 udfs - ok
20:35:07.0245 5844 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
20:35:07.0248 5844 UI0Detect - ok
20:35:07.0264 5844 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
20:35:07.0265 5844 uliagpkx - ok
20:35:07.0279 5844 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
20:35:07.0280 5844 umbus - ok
20:35:07.0299 5844 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
20:35:07.0299 5844 UmPass - ok
20:35:07.0318 5844 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
20:35:07.0323 5844 upnphost - ok
20:35:07.0342 5844 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
20:35:07.0343 5844 USBAAPL - ok
20:35:07.0414 5844 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
20:35:07.0417 5844 usbaudio - ok
20:35:07.0434 5844 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
20:35:07.0437 5844 usbccgp - ok
20:35:07.0451 5844 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
20:35:07.0454 5844 usbcir - ok
20:35:07.0479 5844 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys
20:35:07.0482 5844 usbehci - ok
20:35:07.0509 5844 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\Windows\system32\DRIVERS\usbfilter.sys
20:35:07.0511 5844 usbfilter - ok
20:35:07.0535 5844 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys
20:35:07.0538 5844 usbhub - ok
20:35:07.0555 5844 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
20:35:07.0556 5844 usbohci - ok
20:35:07.0576 5844 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
20:35:07.0578 5844 usbprint - ok
20:35:07.0595 5844 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:35:07.0596 5844 USBSTOR - ok
20:35:07.0618 5844 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
20:35:07.0620 5844 usbuhci - ok
20:35:07.0624 5844 uxddrv - ok
20:35:07.0641 5844 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
20:35:07.0646 5844 UxSms - ok
20:35:07.0685 5844 V0330VID (40f9792b85292b6e35e411296494129f) C:\Windows\system32\DRIVERS\V0330Vid.sys
20:35:07.0688 5844 V0330VID - ok
20:35:07.0706 5844 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:35:07.0709 5844 VaultSvc - ok
20:35:07.0731 5844 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
20:35:07.0732 5844 vdrvroot - ok
20:35:07.0755 5844 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
20:35:07.0765 5844 vds - ok
20:35:07.0786 5844 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
20:35:07.0788 5844 vga - ok
20:35:07.0802 5844 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
20:35:07.0804 5844 VgaSave - ok
20:35:07.0829 5844 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
20:35:07.0832 5844 vhdmp - ok
20:35:07.0845 5844 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
20:35:07.0847 5844 viaagp - ok
20:35:07.0854 5844 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
20:35:07.0855 5844 ViaC7 - ok
20:35:07.0857 5844 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
20:35:07.0857 5844 viaide - ok
20:35:07.0877 5844 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
20:35:07.0877 5844 volmgr - ok
20:35:07.0897 5844 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
20:35:07.0907 5844 volmgrx - ok
20:35:07.0917 5844 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
20:35:07.0917 5844 volsnap - ok
20:35:07.0951 5844 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
20:35:07.0953 5844 vsmraid - ok
20:35:08.0003 5844 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
20:35:08.0010 5844 VSS - ok
20:35:08.0120 5844 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
20:35:08.0139 5844 vToolbarUpdater11.0.2 - ok
20:35:08.0208 5844 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
20:35:08.0209 5844 vwifibus - ok
20:35:08.0224 5844 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
20:35:08.0226 5844 vwififlt - ok
20:35:08.0236 5844 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
20:35:08.0237 5844 vwifimp - ok
20:35:08.0359 5844 VX6000 (719bac5b5a9c2c1fdf7323fb7e36ca32) C:\Windows\system32\DRIVERS\VX6000Xp.sys
20:35:08.0385 5844 VX6000 - ok
20:35:08.0472 5844 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
20:35:08.0484 5844 W32Time - ok
20:35:08.0531 5844 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
20:35:08.0534 5844 WacomPen - ok
20:35:08.0554 5844 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
20:35:08.0557 5844 WANARP - ok
20:35:08.0564 5844 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
20:35:08.0567 5844 Wanarpv6 - ok
20:35:08.0652 5844 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
20:35:08.0673 5844 WatAdminSvc - ok
20:35:08.0800 5844 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
20:35:08.0821 5844 wbengine - ok
20:35:08.0833 5844 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
20:35:08.0838 5844 WbioSrvc - ok
20:35:08.0854 5844 wcncsvc (d0f88aa11ee1a62bcc6d6a8a7783ca11) C:\Windows\System32\wcncsvc.dll
20:35:08.0860 5844 wcncsvc - ok
20:35:08.0888 5844 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
20:35:08.0891 5844 WcsPlugInService - ok
20:35:08.0928 5844 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
20:35:08.0929 5844 Wd - ok
20:35:08.0941 5844 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:35:08.0956 5844 Wdf01000 - ok
20:35:08.0956 5844 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:35:08.0972 5844 WdiServiceHost - ok
20:35:08.0972 5844 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:35:08.0972 5844 WdiSystemHost - ok
20:35:08.0987 5844 WebClient (d87c7d2c517f82a5ab7a73e203063d9e) C:\Windows\System32\webclnt.dll
20:35:08.0987 5844 WebClient - ok
20:35:09.0019 5844 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
20:35:09.0019 5844 Wecsvc - ok
20:35:09.0019 5844 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
20:35:09.0037 5844 wercplsupport - ok
20:35:09.0048 5844 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
20:35:09.0053 5844 WerSvc - ok
20:35:09.0075 5844 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
20:35:09.0076 5844 WfpLwf - ok
20:35:09.0092 5844 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
20:35:09.0093 5844 WIMMount - ok
20:35:09.0175 5844 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
20:35:09.0189 5844 WinDefend - ok
20:35:09.0201 5844 WinHttpAutoProxySvc - ok
20:35:09.0254 5844 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
20:35:09.0259 5844 Winmgmt - ok
20:35:09.0380 5844 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
20:35:09.0410 5844 WinRM - ok
20:35:09.0475 5844 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
20:35:09.0477 5844 WinUsb - ok
20:35:09.0525 5844 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
20:35:09.0547 5844 Wlansvc - ok
20:35:09.0679 5844 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:35:09.0710 5844 wlidsvc - ok
20:35:09.0778 5844 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:35:09.0780 5844 WmiAcpi - ok
20:35:09.0829 5844 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
20:35:09.0835 5844 wmiApSrv - ok
20:35:09.0932 5844 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:35:09.0950 5844 WMPNetworkSvc - ok
20:35:10.0020 5844 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
20:35:10.0023 5844 WPCSvc - ok
20:35:10.0043 5844 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
20:35:10.0053 5844 WPDBusEnum - ok
20:35:10.0083 5844 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
20:35:10.0083 5844 ws2ifsl - ok
20:35:10.0097 5844 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
20:35:10.0105 5844 wscsvc - ok
20:35:10.0109 5844 WSearch - ok
20:35:10.0176 5844 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
20:35:10.0200 5844 wuauserv - ok
20:35:10.0284 5844 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
20:35:10.0288 5844 WudfPf - ok
20:35:10.0310 5844 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:35:10.0313 5844 WUDFRd - ok
20:35:10.0338 5844 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
20:35:10.0347 5844 wudfsvc - ok
20:35:10.0386 5844 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
20:35:10.0396 5844 WwanSvc - ok
20:35:10.0428 5844 MBR (0x1B8) (8bcb23b30db1819e7d8ddae01aebb583) \Device\Harddisk0\DR0
20:35:12.0953 5844 \Device\Harddisk0\DR0 - ok
20:35:12.0983 5844 Boot (0x1200) (00dc1d8fb1433d6fa1c46ab14c3c0429) \Device\Harddisk0\DR0\Partition0
20:35:12.0984 5844 \Device\Harddisk0\DR0\Partition0 - ok
20:35:12.0998 5844 Boot (0x1200) (017e8c417df82a5fd777d68104bae452) \Device\Harddisk0\DR0\Partition1
20:35:13.0000 5844 \Device\Harddisk0\DR0\Partition1 - ok
20:35:13.0042 5844 Boot (0x1200) (98041d7cc3bc68880449ea27efca2624) \Device\Harddisk0\DR0\Partition2
20:35:13.0043 5844 \Device\Harddisk0\DR0\Partition2 - ok
20:35:13.0044 5844 ============================================================
20:35:13.0044 5844 Scan finished
20:35:13.0044 5844 ============================================================
20:35:13.0067 5148 Detected object count: 0
20:35:13.0067 5148 Actual detected object count: 0
20:43:15.0223 4660 ============================================================
20:43:15.0223 4660 Scan started
20:43:15.0223 4660 Mode: Manual;
20:43:15.0223 4660 ============================================================
20:43:15.0520 4660 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
20:43:15.0522 4660 1394ohci - ok
20:43:15.0553 4660 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
20:43:15.0556 4660 ACPI - ok
20:43:15.0563 4660 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
20:43:15.0564 4660 AcpiPmi - ok
20:43:15.0586 4660 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
20:43:15.0589 4660 adp94xx - ok
20:43:15.0608 4660 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
20:43:15.0611 4660 adpahci - ok
20:43:15.0627 4660 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
20:43:15.0629 4660 adpu320 - ok
20:43:15.0722 4660 AdvancedSystemCareService5 (3d672573ef8f317f10c2aabbb2586262) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
20:43:15.0722 4660 AdvancedSystemCareService5 - ok
20:43:15.0753 4660 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
20:43:15.0753 4660 AeLookupSvc - ok
20:43:15.0799 4660 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
20:43:15.0803 4660 AFD - ok
20:43:15.0825 4660 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
20:43:15.0827 4660 agp440 - ok
20:43:15.0864 4660 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
20:43:15.0867 4660 aic78xx - ok
20:43:15.0882 4660 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
20:43:15.0885 4660 ALG - ok
20:43:15.0901 4660 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
20:43:15.0903 4660 aliide - ok
20:43:15.0930 4660 AMD External Events Utility (946848a3cac9909d8f72a4847419e77d) C:\Windows\system32\atiesrxx.exe
20:43:15.0932 4660 AMD External Events Utility - ok
20:43:15.0953 4660 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
20:43:15.0954 4660 amdagp - ok
20:43:15.0971 4660 amdide (211fce336502911ec03fc15a91344c98) C:\Windows\system32\DRIVERS\amdide.sys
20:43:15.0972 4660 amdide - ok
20:43:15.0987 4660 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
20:43:15.0988 4660 AmdK8 - ok
20:43:16.0142 4660 amdkmdag (19529728442d4794b96d1b8a9a63eca1) C:\Windows\system32\DRIVERS\atikmdag.sys
20:43:16.0170 4660 amdkmdag - ok
20:43:16.0243 4660 amdkmdap (b44737ff566b5888d15fdb66849f34e5) C:\Windows\system32\DRIVERS\atikmpag.sys
20:43:16.0245 4660 amdkmdap - ok
20:43:16.0261 4660 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
20:43:16.0262 4660 AmdPPM - ok
20:43:16.0285 4660 amdsata (04b2587c961c084634054d60d3eb385b) C:\Windows\system32\DRIVERS\amdsata.sys
20:43:16.0286 4660 amdsata - ok
20:43:16.0301 4660 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
20:43:16.0303 4660 amdsbs - ok
20:43:16.0318 4660 amdxata (c078b06811670b90a52ae51ac3808e1e) C:\Windows\system32\DRIVERS\amdxata.sys
20:43:16.0319 4660 amdxata - ok
20:43:16.0330 4660 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
20:43:16.0331 4660 AppID - ok
20:43:16.0351 4660 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
20:43:16.0352 4660 AppIDSvc - ok
20:43:16.0361 4660 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
20:43:16.0361 4660 Appinfo - ok
20:43:16.0412 4660 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:43:16.0415 4660 Apple Mobile Device - ok
20:43:16.0449 4660 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
20:43:16.0451 4660 arc - ok
20:43:16.0465 4660 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
20:43:16.0467 4660 arcsas - ok
20:43:16.0496 4660 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
20:43:16.0498 4660 AsyncMac - ok
20:43:16.0519 4660 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
20:43:16.0521 4660 atapi - ok
20:43:16.0550 4660 AtiHdmiService (c822c615b2f693ef4e5b355432976a81) C:\Windows\system32\drivers\AtiHdmi.sys
20:43:16.0552 4660 AtiHdmiService - ok
20:43:16.0562 4660 AtiPcie (4ffe74e33bd9170950116f0ca46eac89) C:\Windows\system32\DRIVERS\AtiPcie.sys
20:43:16.0563 4660 AtiPcie - ok
20:43:16.0601 4660 ATMhelpr (3ef1db7f168851914517d4ed36b57c04) C:\Windows\system32\drivers\ATMhelpr.sys
20:43:16.0602 4660 ATMhelpr - ok
20:43:16.0641 4660 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
20:43:16.0650 4660 AudioEndpointBuilder - ok
20:43:16.0663 4660 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
20:43:16.0672 4660 Audiosrv - ok
20:43:16.0862 4660 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
20:43:16.0885 4660 AVGIDSAgent - ok
20:43:16.0988 4660 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
20:43:16.0992 4660 AVGIDSDriver - ok
20:43:17.0002 4660 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
20:43:17.0004 4660 AVGIDSEH - ok
20:43:17.0009 4660 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
20:43:17.0011 4660 AVGIDSFilter - ok
20:43:17.0019 4660 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
20:43:17.0021 4660 AVGIDSShim - ok
20:43:17.0036 4660 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
20:43:17.0039 4660 Avgldx86 - ok
20:43:17.0054 4660 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
20:43:17.0055 4660 Avgmfx86 - ok
20:43:17.0061 4660 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
20:43:17.0062 4660 Avgrkx86 - ok
20:43:17.0084 4660 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
20:43:17.0087 4660 Avgtdix - ok
20:43:17.0173 4660 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:43:17.0178 4660 avgwd - ok
20:43:17.0204 4660 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
20:43:17.0207 4660 AxInstSV - ok
20:43:17.0247 4660 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
20:43:17.0255 4660 b06bdrv - ok
20:43:17.0280 4660 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:43:17.0285 4660 b57nd60x - ok
20:43:17.0307 4660 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
20:43:17.0308 4660 BDESVC - ok
20:43:17.0323 4660 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
20:43:17.0324 4660 Beep - ok
20:43:17.0353 4660 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
20:43:17.0359 4660 BFE - ok
20:43:17.0394 4660 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll
20:43:17.0403 4660 BITS - ok
20:43:17.0422 4660 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
20:43:17.0423 4660 blbdrive - ok
20:43:17.0502 4660 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:43:17.0508 4660 Bonjour Service - ok
20:43:17.0527 4660 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
20:43:17.0529 4660 bowser - ok
20:43:17.0544 4660 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:43:17.0545 4660 BrFiltLo - ok
20:43:17.0556 4660 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:43:17.0557 4660 BrFiltUp - ok
20:43:17.0573 4660 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
20:43:17.0575 4660 BridgeMP - ok
20:43:17.0600 4660 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
20:43:17.0602 4660 Browser - ok
20:43:17.0623 4660 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
20:43:17.0626 4660 Brserid - ok
20:43:17.0634 4660 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
20:43:17.0635 4660 BrSerWdm - ok
20:43:17.0655 4660 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:43:17.0656 4660 BrUsbMdm - ok
20:43:17.0671 4660 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
20:43:17.0672 4660 BrUsbSer - ok
20:43:17.0695 4660 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
20:43:17.0697 4660 BTHMODEM - ok
20:43:17.0713 4660 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
20:43:17.0715 4660 bthserv - ok
20:43:17.0766 4660 catchme - ok
20:43:17.0780 4660 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
20:43:17.0783 4660 cdfs - ok
20:43:17.0805 4660 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
20:43:17.0808 4660 cdrom - ok
20:43:17.0836 4660 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
20:43:17.0840 4660 CertPropSvc - ok
20:43:17.0854 4660 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
20:43:17.0855 4660 circlass - ok
20:43:17.0886 4660 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
20:43:17.0902 4660 CLFS - ok
20:43:17.0956 4660 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:43:17.0959 4660 clr_optimization_v2.0.50727_32 - ok
20:43:17.0976 4660 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
20:43:17.0977 4660 CmBatt - ok
20:43:17.0983 4660 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
20:43:17.0984 4660 cmdide - ok
20:43:18.0001 4660 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
20:43:18.0005 4660 CNG - ok
20:43:18.0013 4660 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
20:43:18.0014 4660 Compbatt - ok
20:43:18.0025 4660 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
20:43:18.0026 4660 CompositeBus - ok
20:43:18.0029 4660 COMSysApp - ok
20:43:18.0039 4660 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
20:43:18.0040 4660 crcdisk - ok
20:43:18.0058 4660 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
20:43:18.0060 4660 CryptSvc - ok
20:43:18.0086 4660 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
20:43:18.0091 4660 DcomLaunch - ok
20:43:18.0114 4660 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
20:43:18.0116 4660 defragsvc - ok
20:43:18.0141 4660 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
20:43:18.0143 4660 DfsC - ok
20:43:18.0156 4660 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
20:43:18.0158 4660 Dhcp - ok
20:43:18.0167 4660 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
20:43:18.0167 4660 discache - ok
20:43:18.0175 4660 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
20:43:18.0176 4660 Disk - ok
20:43:18.0185 4660 Dnscache (d0722e963d3c6145446874241401b209) C:\Windows\System32\dnsrslvr.dll
20:43:18.0187 4660 Dnscache - ok
20:43:18.0196 4660 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
20:43:18.0198 4660 dot3svc - ok
20:43:18.0209 4660 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
20:43:18.0211 4660 DPS - ok
20:43:18.0234 4660 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
20:43:18.0234 4660 drmkaud - ok
20:43:18.0272 4660 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
20:43:18.0276 4660 DXGKrnl - ok
20:43:18.0295 4660 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
20:43:18.0297 4660 EapHost - ok
20:43:18.0404 4660 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
20:43:18.0420 4660 ebdrv - ok
20:43:18.0508 4660 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
20:43:18.0513 4660 EFS - ok
20:43:18.0858 4660 ehRecvr (c8143f413c07507b0a56f08a5a8c4772) C:\Windows\ehome\ehRecvr.exe
20:43:18.0867 4660 ehRecvr - ok
20:43:18.0893 4660 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
20:43:18.0896 4660 ehSched - ok
20:43:18.0950 4660 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
20:43:18.0960 4660 elxstor - ok
20:43:18.0970 4660 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
20:43:18.0970 4660 ErrDev - ok
20:43:19.0014 4660 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
20:43:19.0018 4660 EventSystem - ok
20:43:19.0045 4660 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
20:43:19.0047 4660 exfat - ok
20:43:19.0070 4660 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
20:43:19.0073 4660 fastfat - ok
20:43:19.0103 4660 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
20:43:19.0110 4660 Fax - ok
20:43:19.0123 4660 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
20:43:19.0125 4660 fdc - ok
20:43:19.0134 4660 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
20:43:19.0135 4660 fdPHost - ok
20:43:19.0143 4660 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
20:43:19.0144 4660 FDResPub - ok
20:43:19.0161 4660 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
20:43:19.0162 4660 FileInfo - ok
20:43:19.0173 4660 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
20:43:19.0174 4660 Filetrace - ok
20:43:19.0191 4660 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
20:43:19.0192 4660 flpydisk - ok
20:43:19.0205 4660 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
20:43:19.0207 4660 FltMgr - ok
20:43:19.0234 4660 FontCache (b6512a85815fdc3d560c3705f5bdb93d) C:\Windows\system32\FntCache.dll
20:43:19.0239 4660 FontCache - ok
20:43:19.0281 4660 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:43:19.0282 4660 FontCache3.0.0.0 - ok
20:43:19.0295 4660 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
20:43:19.0297 4660 FsDepends - ok
20:43:19.0306 4660 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
20:43:19.0308 4660 Fs_Rec - ok
20:43:19.0341 4660 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
20:43:19.0345 4660 fvevol - ok
20:43:19.0369 4660 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:43:19.0371 4660 gagp30kx - ok
20:43:19.0402 4660 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:43:19.0403 4660 GEARAspiWDM - ok
20:43:19.0451 4660 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
20:43:19.0463 4660 gpsvc - ok
20:43:19.0479 4660 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
20:43:19.0480 4660 hcw85cir - ok
20:43:19.0510 4660 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
20:43:19.0512 4660 HdAudAddService - ok
20:43:19.0533 4660 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:43:19.0534 4660 HDAudBus - ok
20:43:19.0547 4660 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
20:43:19.0548 4660 HidBatt - ok
20:43:19.0574 4660 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
20:43:19.0575 4660 HidBth - ok
20:43:19.0587 4660 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
20:43:19.0588 4660 HidIr - ok
20:43:19.0608 4660 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
20:43:19.0610 4660 hidserv - ok
20:43:19.0619 4660 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
20:43:19.0620 4660 HidUsb - ok
20:43:19.0649 4660 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
20:43:19.0651 4660 hkmsvc - ok
20:43:19.0667 4660 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
20:43:19.0671 4660 HomeGroupListener - ok
20:43:19.0694 4660 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
20:43:19.0697 4660 HomeGroupProvider - ok
20:43:19.0713 4660 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
20:43:19.0714 4660 HpSAMD - ok
20:43:19.0753 4660 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
20:43:19.0757 4660 HTTP - ok
20:43:19.0770 4660 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
20:43:19.0771 4660 hwpolicy - ok
20:43:19.0783 4660 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
20:43:19.0784 4660 i8042prt - ok
20:43:19.0806 4660 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
20:43:19.0808 4660 iaStorV - ok
20:43:19.0895 4660 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:43:19.0909 4660 idsvc - ok
20:43:19.0966 4660 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
20:43:19.0969 4660 iirsp - ok
20:43:20.0016 4660 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
20:43:20.0023 4660 IKEEXT - ok
20:43:20.0134 4660 IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\Windows\system32\drivers\RTKVHDA.sys
20:43:20.0155 4660 IntcAzAudAddService - ok
20:43:20.0229 4660 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
20:43:20.0231 4660 intelide - ok
20:43:20.0244 4660 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
20:43:20.0246 4660 intelppm - ok
20:43:20.0271 4660 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
20:43:20.0273 4660 IPBusEnum - ok
20:43:20.0298 4660 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:43:20.0299 4660 IpFilterDriver - ok
20:43:20.0322 4660 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
20:43:20.0327 4660 iphlpsvc - ok
20:43:20.0369 4660 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:43:20.0372 4660 IPMIDRV - ok
20:43:20.0395 4660 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
20:43:20.0398 4660 IPNAT - ok
20:43:20.0472 4660 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
20:43:20.0485 4660 iPod Service - ok
20:43:20.0497 4660 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
20:43:20.0498 4660 IRENUM - ok
20:43:20.0515 4660 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
20:43:20.0516 4660 isapnp - ok
20:43:20.0542 4660 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
20:43:20.0544 4660 iScsiPrt - ok
20:43:20.0561 4660 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:43:20.0562 4660 kbdclass - ok
20:43:20.0570 4660 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
20:43:20.0572 4660 kbdhid - ok
20:43:20.0583 4660 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:43:20.0584 4660 KeyIso - ok
20:43:20.0595 4660 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
20:43:20.0596 4660 KSecDD - ok
20:43:20.0618 4660 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
20:43:20.0619 4660 KSecPkg - ok
20:43:20.0650 4660 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
20:43:20.0653 4660 KtmRm - ok
20:43:20.0677 4660 LanmanServer (bca92cb047a4326925ecef759dbaa233) C:\Windows\System32\srvsvc.dll
20:43:20.0680 4660 LanmanServer - ok
20:43:20.0699 4660 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
20:43:20.0702 4660 LanmanWorkstation - ok
20:43:20.0718 4660 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
20:43:20.0719 4660 lltdio - ok
20:43:20.0739 4660 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
20:43:20.0742 4660 lltdsvc - ok
20:43:20.0757 4660 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
20:43:20.0758 4660 lmhosts - ok
20:43:20.0779 4660 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:43:20.0781 4660 LSI_FC - ok
20:43:20.0806 4660 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:43:20.0808 4660 LSI_SAS - ok
20:43:20.0826 4660 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:43:20.0827 4660 LSI_SAS2 - ok
20:43:20.0839 4660 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:43:20.0840 4660 LSI_SCSI - ok
20:43:20.0856 4660 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
20:43:20.0857 4660 luafv - ok
20:43:20.0866 4660 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
20:43:20.0868 4660 Mcx2Svc - ok
20:43:20.0880 4660 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
20:43:20.0880 4660 megasas - ok
20:43:20.0896 4660 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
20:43:20.0898 4660 MegaSR - ok
20:43:20.0963 4660 Microsoft SharePoint Workspace Audit Service - ok
20:43:20.0988 4660 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:43:20.0994 4660 MMCSS - ok
20:43:21.0016 4660 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
20:43:21.0017 4660 Modem - ok
20:43:21.0027 4660 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
20:43:21.0029 4660 monitor - ok
20:43:21.0045 4660 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
20:43:21.0046 4660 mouclass - ok
20:43:21.0065 4660 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
20:43:21.0067 4660 mouhid - ok
20:43:21.0081 4660 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
20:43:21.0083 4660 mountmgr - ok
20:43:21.0107 4660 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:43:21.0107 4660 MozillaMaintenance - ok
20:43:21.0127 4660 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
20:43:21.0127 4660 mpio - ok
20:43:21.0147 4660 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
20:43:21.0147 4660 mpsdrv - ok
20:43:21.0191 4660 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
20:43:21.0199 4660 MpsSvc - ok
20:43:21.0227 4660 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
20:43:21.0229 4660 MRxDAV - ok
20:43:21.0254 4660 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:43:21.0255 4660 mrxsmb - ok
20:43:21.0270 4660 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:43:21.0272 4660 mrxsmb10 - ok
20:43:21.0281 4660 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:43:21.0282 4660 mrxsmb20 - ok
20:43:21.0304 4660 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
20:43:21.0305 4660 msahci - ok
20:43:21.0361 4660 MSCamSvc (d98350792a7ce82e7459a7c36481beda) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
20:43:21.0364 4660 MSCamSvc - ok
20:43:21.0390 4660 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
20:43:21.0392 4660 msdsm - ok
20:43:21.0420 4660 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
20:43:21.0423 4660 MSDTC - ok
20:43:21.0442 4660 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
20:43:21.0443 4660 Msfs - ok
20:43:21.0452 4660 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
20:43:21.0453 4660 mshidkmdf - ok
20:43:21.0460 4660 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
20:43:21.0462 4660 msisadrv - ok
20:43:21.0492 4660 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
20:43:21.0495 4660 MSiSCSI - ok
20:43:21.0500 4660 msiserver - ok
20:43:21.0515 4660 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
20:43:21.0516 4660 MSKSSRV - ok
20:43:21.0531 4660 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
20:43:21.0532 4660 MSPCLOCK - ok
20:43:21.0536 4660 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
20:43:21.0538 4660 MSPQM - ok
20:43:21.0559 4660 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
20:43:21.0561 4660 MsRPC - ok
20:43:21.0582 4660 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
20:43:21.0583 4660 mssmbios - ok
20:43:21.0596 4660 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
20:43:21.0596 4660 MSTEE - ok
20:43:21.0605 4660 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
20:43:21.0606 4660 MTConfig - ok
20:43:21.0617 4660 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
20:43:21.0618 4660 Mup - ok
20:43:21.0641 4660 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
20:43:21.0645 4660 napagent - ok
20:43:21.0660 4660 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
20:43:21.0662 4660 NativeWifiP - ok
20:43:21.0686 4660 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
20:43:21.0691 4660 NDIS - ok
20:43:21.0702 4660 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
20:43:21.0703 4660 NdisCap - ok
20:43:21.0717 4660 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
20:43:21.0717 4660 NdisTapi - ok
20:43:21.0735 4660 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
20:43:21.0736 4660 Ndisuio - ok
20:43:21.0745 4660 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
20:43:21.0747 4660 NdisWan - ok
20:43:21.0757 4660 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
20:43:21.0758 4660 NDProxy - ok
20:43:21.0765 4660 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
20:43:21.0766 4660 NetBIOS - ok
20:43:21.0782 4660 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
20:43:21.0784 4660 NetBT - ok
20:43:21.0799 4660 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:43:21.0801 4660 Netlogon - ok
20:43:21.0833 4660 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
20:43:21.0839 4660 Netman - ok
20:43:21.0861 4660 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
20:43:21.0868 4660 netprofm - ok
20:43:21.0919 4660 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:43:21.0923 4660 NetTcpPortSharing - ok
20:43:21.0949 4660 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
20:43:21.0951 4660 nfrd960 - ok
20:43:21.0975 4660 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
20:43:21.0983 4660 NlaSvc - ok
20:43:21.0992 4660 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
20:43:21.0995 4660 Npfs - ok
20:43:22.0015 4660 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
20:43:22.0017 4660 nsi - ok
20:43:22.0028 4660 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
20:43:22.0029 4660 nsiproxy - ok
20:43:22.0077 4660 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
20:43:22.0086 4660 Ntfs - ok
20:43:22.0172 4660 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
20:43:22.0174 4660 Null - ok
20:43:22.0191 4660 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
20:43:22.0191 4660 nvraid - ok
20:43:22.0222 4660 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
20:43:22.0222 4660 nvstor - ok
20:43:22.0253 4660 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
20:43:22.0253 4660 nv_agp - ok
20:43:22.0364 4660 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
20:43:22.0367 4660 ohci1394 - ok
20:43:22.0429 4660 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:43:22.0433 4660 ose - ok
20:43:22.0656 4660 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:43:22.0684 4660 osppsvc - ok
20:43:22.0772 4660 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:43:22.0781 4660 p2pimsvc - ok
20:43:22.0806 4660 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
20:43:22.0811 4660 p2psvc - ok
20:43:22.0844 4660 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
20:43:22.0845 4660 Parport - ok
20:43:22.0855 4660 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
20:43:22.0856 4660 partmgr - ok
20:43:22.0870 4660 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
20:43:22.0871 4660 Parvdm - ok
20:43:22.0935 4660 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
20:43:22.0938 4660 PcaSvc - ok
20:43:22.0956 4660 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
20:43:22.0957 4660 pci - ok
20:43:22.0977 4660 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
20:43:22.0978 4660 pciide - ok
20:43:22.0997 4660 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
20:43:22.0999 4660 pcmcia - ok
20:43:23.0008 4660 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
20:43:23.0010 4660 pcw - ok
20:43:23.0035 4660 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
20:43:23.0040 4660 PEAUTH - ok
20:43:23.0126 4660 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
20:43:23.0142 4660 pla - ok
20:43:23.0231 4660 PlugPlay (2cc2008f1296968fba162ed9f9afe328) C:\Windows\system32\umpnpmgr.dll
20:43:23.0242 4660 PlugPlay - ok
20:43:23.0253 4660 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
20:43:23.0257 4660 PNRPAutoReg - ok
20:43:23.0283 4660 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:43:23.0283 4660 PNRPsvc - ok
20:43:23.0323 4660 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
20:43:23.0333 4660 PolicyAgent - ok
20:43:23.0360 4660 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
20:43:23.0365 4660 Power - ok
20:43:23.0405 4660 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
20:43:23.0407 4660 PptpMiniport - ok
20:43:23.0423 4660 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
20:43:23.0424 4660 Processor - ok
20:43:23.0451 4660 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
20:43:23.0456 4660 ProfSvc - ok
20:43:23.0482 4660 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:43:23.0485 4660 ProtectedStorage - ok
20:43:23.0497 4660 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
20:43:23.0499 4660 Psched - ok
20:43:23.0546 4660 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
20:43:23.0550 4660 PSI_SVC_2 - ok
20:43:23.0612 4660 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
20:43:23.0624 4660 ql2300 - ok
20:43:23.0692 4660 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
20:43:23.0696 4660 ql40xx - ok
20:43:23.0729 4660 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
20:43:23.0738 4660 QWAVE - ok
20:43:23.0766 4660 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
20:43:23.0768 4660 QWAVEdrv - ok
20:43:23.0783 4660 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
20:43:23.0784 4660 RasAcd - ok
20:43:23.0805 4660 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:43:23.0807 4660 RasAgileVpn - ok
20:43:23.0822 4660 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
20:43:23.0826 4660 RasAuto - ok
20:43:23.0839 4660 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:43:23.0841 4660 Rasl2tp - ok
20:43:23.0857 4660 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
20:43:23.0863 4660 RasMan - ok
20:43:23.0874 4660 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
20:43:23.0876 4660 RasPppoe - ok
20:43:23.0891 4660 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
20:43:23.0893 4660 RasSstp - ok
20:43:23.0921 4660 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
20:43:23.0925 4660 rdbss - ok
20:43:23.0948 4660 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
20:43:23.0949 4660 rdpbus - ok
20:43:23.0962 4660 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:43:23.0963 4660 RDPCDD - ok
20:43:23.0975 4660 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
20:43:23.0977 4660 RDPENCDD - ok
20:43:23.0993 4660 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
20:43:23.0994 4660 RDPREFMP - ok
20:43:24.0018 4660 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
20:43:24.0019 4660 RDPWD - ok
20:43:24.0038 4660 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
20:43:24.0040 4660 rdyboost - ok
20:43:24.0066 4660 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
20:43:24.0068 4660 RemoteAccess - ok
20:43:24.0086 4660 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
20:43:24.0088 4660 RemoteRegistry - ok
20:43:24.0102 4660 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
20:43:24.0104 4660 RpcEptMapper - ok
20:43:24.0107 4660 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
20:43:24.0109 4660 RpcLocator - ok
20:43:24.0126 4660 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
20:43:24.0130 4660 RpcSs - ok
20:43:24.0138 4660 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
20:43:24.0139 4660 rspndr - ok
20:43:24.0163 4660 RTL8167 (bcebd5d1aabce4efb7597635e347c44b) C:\Windows\system32\DRIVERS\Rt86win7.sys
20:43:24.0165 4660 RTL8167 - ok
20:43:24.0188 4660 RTL8192su (51adef77e4c929535fd50da153774e79) C:\Windows\system32\DRIVERS\RTL8192su.sys
20:43:24.0191 4660 RTL8192su - ok
20:43:24.0207 4660 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:43:24.0208 4660 SamSs - ok
20:43:24.0226 4660 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
20:43:24.0227 4660 sbp2port - ok
20:43:24.0229 4660 SBRE - ok
20:43:24.0356 4660 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
20:43:24.0372 4660 SBSDWSCService - ok
20:43:24.0403 4660 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
20:43:24.0403 4660 SCardSvr - ok
20:43:24.0434 4660 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
20:43:24.0434 4660 scfilter - ok
20:43:24.0475 4660 Schedule (3e8b0c453e25613a1f59762a5c42aa75) C:\Windows\system32\schedsvc.dll
20:43:24.0483 4660 Schedule - ok
20:43:24.0502 4660 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
20:43:24.0503 4660 SCPolicySvc - ok
20:43:24.0513 4660 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
20:43:24.0518 4660 SDRSVC - ok
20:43:24.0582 4660 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:43:24.0587 4660 SeaPort - ok
20:43:24.0628 4660 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:43:24.0630 4660 secdrv - ok
20:43:24.0655 4660 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
20:43:24.0661 4660 seclogon - ok
20:43:24.0676 4660 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
20:43:24.0684 4660 SENS - ok
20:43:24.0697 4660 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
20:43:24.0701 4660 SensrSvc - ok
20:43:24.0721 4660 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
20:43:24.0722 4660 Serenum - ok
20:43:24.0727 4660 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
20:43:24.0728 4660 Serial - ok
20:43:24.0747 4660 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
20:43:24.0748 4660 sermouse - ok
20:43:24.0767 4660 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
20:43:24.0769 4660 SessionEnv - ok
20:43:24.0784 4660 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
20:43:24.0785 4660 sffdisk - ok
20:43:24.0803 4660 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:43:24.0804 4660 sffp_mmc - ok
20:43:24.0817 4660 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:43:24.0819 4660 sffp_sd - ok
20:43:24.0835 4660 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
20:43:24.0838 4660 sfloppy - ok
20:43:24.0874 4660 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
20:43:24.0882 4660 SharedAccess - ok
20:43:24.0921 4660 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
20:43:24.0926 4660 ShellHWDetection - ok
20:43:24.0944 4660 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
20:43:24.0945 4660 sisagp - ok
20:43:24.0967 4660 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:43:24.0968 4660 SiSRaid2 - ok
20:43:24.0985 4660 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
20:43:24.0986 4660 SiSRaid4 - ok
20:43:25.0170 4660 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:43:25.0191 4660 Skype C2C Service - ok
20:43:25.0273 4660 SkypeUpdate (579ba0a911ff5ea70cb604cd3b744b0a) C:\Program Files\Skype\Updater\Updater.exe
20:43:25.0277 4660 SkypeUpdate - ok
20:43:25.0346 4660 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
20:43:25.0348 4660 Smb - ok
20:43:25.0370 4660 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
20:43:25.0374 4660 SNMPTRAP - ok
20:43:25.0389 4660 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
20:43:25.0391 4660 spldr - ok
20:43:25.0413 4660 Spooler (49b6dd6ab3715b7a67965f17194e98a9) C:\Windows\System32\spoolsv.exe
20:43:25.0419 4660 Spooler - ok
20:43:25.0511 4660 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
20:43:25.0529 4660 sppsvc - ok
20:43:25.0597 4660 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
20:43:25.0604 4660 sppuinotify - ok
20:43:25.0649 4660 srv (50a83ca406c808bd35ac9141a0c7618f) C:\Windows\system32\DRIVERS\srv.sys
20:43:25.0655 4660 srv - ok
20:43:25.0690 4660 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\Windows\system32\DRIVERS\srv2.sys
20:43:25.0693 4660 srv2 - ok
20:43:25.0708 4660 srvnet (bd1433a32792fd0dc450479094fc435a) C:\Windows\system32\DRIVERS\srvnet.sys
20:43:25.0710 4660 srvnet - ok
20:43:25.0726 4660 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
20:43:25.0731 4660 SSDPSRV - ok
20:43:25.0753 4660 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
20:43:25.0755 4660 SstpSvc - ok
20:43:25.0777 4660 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
20:43:25.0778 4660 stexstor - ok
20:43:25.0798 4660 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
20:43:25.0803 4660 StiSvc - ok
20:43:25.0827 4660 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
20:43:25.0828 4660 swenum - ok
20:43:25.0843 4660 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
20:43:25.0847 4660 swprv - ok
20:43:26.0052 4660 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
20:43:26.0069 4660 SysMain - ok
20:43:26.0092 4660 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
20:43:26.0096 4660 TabletInputService - ok
20:43:26.0112 4660 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
20:43:26.0117 4660 TapiSrv - ok
20:43:26.0131 4660 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
20:43:26.0135 4660 TBS - ok
20:43:26.0210 4660 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\drivers\tcpip.sys
20:43:26.0219 4660 Tcpip - ok
20:43:26.0304 4660 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\Windows\system32\DRIVERS\tcpip.sys
20:43:26.0313 4660 TCPIP6 - ok
20:43:26.0356 4660 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
20:43:26.0357 4660 tcpipreg - ok
20:43:26.0371 4660 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
20:43:26.0372 4660 TDPIPE - ok
20:43:26.0380 4660 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
20:43:26.0381 4660 TDTCP - ok
20:43:26.0394 4660 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
20:43:26.0396 4660 tdx - ok
20:43:26.0415 4660 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
20:43:26.0416 4660 TermDD - ok
20:43:26.0445 4660 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
20:43:26.0452 4660 TermService - ok
20:43:26.0465 4660 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
20:43:26.0468 4660 Themes - ok
20:43:26.0487 4660 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:43:26.0489 4660 THREADORDER - ok
20:43:26.0505 4660 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
20:43:26.0508 4660 TrkWks - ok
20:43:26.0538 4660 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
20:43:26.0538 4660 TrustedInstaller - ok
20:43:26.0569 4660 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:43:26.0584 4660 tssecsrv - ok
20:43:26.0600 4660 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
20:43:26.0600 4660 tunnel - ok
20:43:26.0639 4660 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
20:43:26.0640 4660 uagp35 - ok
20:43:26.0656 4660 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
20:43:26.0659 4660 udfs - ok
20:43:26.0688 4660 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
20:43:26.0692 4660 UI0Detect - ok
20:43:26.0707 4660 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
20:43:26.0709 4660 uliagpkx - ok
20:43:26.0723 4660 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
20:43:26.0724 4660 umbus - ok
20:43:26.0742 4660 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
20:43:26.0742 4660 UmPass - ok
20:43:26.0760 4660 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
20:43:26.0763 4660 upnphost - ok
20:43:26.0785 4660 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
20:43:26.0787 4660 USBAAPL - ok
20:43:26.0814 4660 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
20:43:26.0815 4660 usbaudio - ok
20:43:26.0825 4660 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
20:43:26.0827 4660 usbccgp - ok
20:43:26.0834 4660 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
20:43:26.0835 4660 usbcir - ok
20:43:26.0846 4660 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys
20:43:26.0847 4660 usbehci - ok
20:43:26.0868 4660 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\Windows\system32\DRIVERS\usbfilter.sys
20:43:26.0869 4660 usbfilter - ok
20:43:26.0884 4660 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys
20:43:26.0886 4660 usbhub - ok
20:43:26.0898 4660 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
20:43:26.0899 4660 usbohci - ok
20:43:26.0919 4660 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
20:43:26.0920 4660 usbprint - ok
20:43:26.0938 4660 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:43:26.0939 4660 USBSTOR - ok
20:43:26.0961 4660 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
20:43:26.0962 4660 usbuhci - ok
20:43:26.0965 4660 uxddrv - ok
20:43:26.0984 4660 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
20:43:26.0986 4660 UxSms - ok
20:43:27.0018 4660 V0330VID (40f9792b85292b6e35e411296494129f) C:\Windows\system32\DRIVERS\V0330Vid.sys
20:43:27.0020 4660 V0330VID - ok
20:43:27.0032 4660 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
20:43:27.0034 4660 VaultSvc - ok
20:43:27.0057 4660 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
20:43:27.0058 4660 vdrvroot - ok
20:43:27.0079 4660 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
20:43:27.0083 4660 vds - ok
20:43:27.0096 4660 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
20:43:27.0097 4660 vga - ok
20:43:27.0112 4660 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
20:43:27.0113 4660 VgaSave - ok
20:43:27.0138 4660 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
20:43:27.0139 4660 vhdmp - ok
20:43:27.0146 4660 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
20:43:27.0147 4660 viaagp - ok
20:43:27.0152 4660 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
20:43:27.0153 4660 ViaC7 - ok
20:43:27.0165 4660 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
20:43:27.0166 4660 viaide - ok
20:43:27.0174 4660 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
20:43:27.0175 4660 volmgr - ok
20:43:27.0191 4660 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
20:43:27.0193 4660 volmgrx - ok
20:43:27.0212 4660 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
20:43:27.0214 4660 volsnap - ok
20:43:27.0236 4660 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
20:43:27.0237 4660 vsmraid - ok
20:43:27.0288 4660 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
20:43:27.0296 4660 VSS - ok
20:43:27.0405 4660 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
20:43:27.0417 4660 vToolbarUpdater11.0.2 - ok
20:43:27.0484 4660 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
20:43:27.0486 4660 vwifibus - ok
20:43:27.0501 4660 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
20:43:27.0504 4660 vwififlt - ok
20:43:27.0512 4660 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
20:43:27.0514 4660 vwifimp - ok
20:43:27.0626 4660 VX6000 (719bac5b5a9c2c1fdf7323fb7e36ca32) C:\Windows\system32\DRIVERS\VX6000Xp.sys
20:43:27.0636 4660 VX6000 - ok
20:43:27.0724 4660 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
20:43:27.0735 4660 W32Time - ok
20:43:27.0765 4660 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
20:43:27.0767 4660 WacomPen - ok
20:43:27.0788 4660 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
20:43:27.0790 4660 WANARP - ok
20:43:27.0793 4660 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
20:43:27.0794 4660 Wanarpv6 - ok
20:43:27.0889 4660 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
20:43:27.0904 4660 WatAdminSvc - ok
20:43:28.0061 4660 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
20:43:28.0080 4660 wbengine - ok
20:43:28.0093 4660 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
20:43:28.0097 4660 WbioSrvc - ok
20:43:28.0113 4660 wcncsvc (d0f88aa11ee1a62bcc6d6a8a7783ca11) C:\Windows\System32\wcncsvc.dll
20:43:28.0117 4660 wcncsvc - ok
20:43:28.0131 4660 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
20:43:28.0134 4660 WcsPlugInService - ok
20:43:28.0171 4660 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
20:43:28.0174 4660 Wd - ok
20:43:28.0221 4660 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:43:28.0229 4660 Wdf01000 - ok
20:43:28.0256 4660 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:43:28.0265 4660 WdiServiceHost - ok
20:43:28.0276 4660 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:43:28.0285 4660 WdiSystemHost - ok
20:43:28.0297 4660 WebClient (d87c7d2c517f82a5ab7a73e203063d9e) C:\Windows\System32\webclnt.dll
20:43:28.0301 4660 WebClient - ok
20:43:28.0317 4660 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
20:43:28.0322 4660 Wecsvc - ok
20:43:28.0327 4660 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
20:43:28.0331 4660 wercplsupport - ok
20:43:28.0367 4660 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
20:43:28.0370 4660 WerSvc - ok
20:43:28.0386 4660 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
20:43:28.0388 4660 WfpLwf - ok
20:43:28.0403 4660 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
20:43:28.0405 4660 WIMMount - ok
20:43:28.0477 4660 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
20:43:28.0488 4660 WinDefend - ok
20:43:28.0498 4660 WinHttpAutoProxySvc - ok
20:43:28.0545 4660 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
20:43:28.0547 4660 Winmgmt - ok
20:43:28.0601 4660 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
20:43:28.0612 4660 WinRM - ok
20:43:28.0668 4660 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
20:43:28.0669 4660 WinUsb - ok
20:43:28.0690 4660 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
20:43:28.0705 4660 Wlansvc - ok
20:43:28.0818 4660 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:43:28.0831 4660 wlidsvc - ok
20:43:28.0896 4660 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:43:28.0898 4660 WmiAcpi - ok
20:43:28.0946 4660 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
20:43:28.0949 4660 wmiApSrv - ok
20:43:29.0032 4660 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:43:29.0042 4660 WMPNetworkSvc - ok
20:43:29.0080 4660 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
20:43:29.0084 4660 WPCSvc - ok
20:43:29.0099 4660 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
20:43:29.0104 4660 WPDBusEnum - ok
20:43:29.0143 4660 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
20:43:29.0145 4660 ws2ifsl - ok
20:43:29.0160 4660 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
20:43:29.0165 4660 wscsvc - ok
20:43:29.0170 4660 WSearch - ok
20:43:29.0244 4660 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
20:43:29.0264 4660 wuauserv - ok
20:43:29.0361 4660 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
20:43:29.0364 4660 WudfPf - ok
20:43:29.0386 4660 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:43:29.0390 4660 WUDFRd - ok
20:43:29.0414 4660 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
20:43:29.0417 4660 wudfsvc - ok
20:43:29.0435 4660 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
20:43:29.0439 4660 WwanSvc - ok
20:43:29.0463 4660 MBR (0x1B8) (8bcb23b30db1819e7d8ddae01aebb583) \Device\Harddisk0\DR0
20:43:31.0990 4660 \Device\Harddisk0\DR0 - ok
20:43:32.0018 4660 Boot (0x1200) (00dc1d8fb1433d6fa1c46ab14c3c0429) \Device\Harddisk0\DR0\Partition0
20:43:32.0019 4660 \Device\Harddisk0\DR0\Partition0 - ok
20:43:32.0024 4660 Boot (0x1200) (017e8c417df82a5fd777d68104bae452) \Device\Harddisk0\DR0\Partition1
20:43:32.0025 4660 \Device\Harddisk0\DR0\Partition1 - ok
20:43:32.0060 4660 Boot (0x1200) (98041d7cc3bc68880449ea27efca2624) \Device\Harddisk0\DR0\Partition2
20:43:32.0061 4660 \Device\Harddisk0\DR0\Partition2 - ok
20:43:32.0062 4660 ============================================================
20:43:32.0062 4660 Scan finished
20:43:32.0062 4660 ============================================================
20:43:32.0078 5364 Detected object count: 0
20:43:32.0079 5364 Actual detected object count: 0


Sorry Gringo the report was too long to send in one go I hope its not too much of a problem

#12
gringo_pr
Posted 12 June 2012 - 07:29 AM

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 6,706 posts
Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

 ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

    In your next post I need the following

    • report from Combofix
    • let me know of any problems you may have had
    • How is the computer doing now after running the script?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know
If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic
Please Only Copy And Paste Reports Into Topic - Do Not Attach
My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

#13
peppercat
Posted 12 June 2012 - 10:20 AM

    New Member

  • Members
  • Pip
  • 28 posts
Hi I cant seem to get thethe Cf script to run I have clicked on it but it doesnt open and it will not drag to the combifix either probably something i am not doing right

#14
gringo_pr
Posted 12 June 2012 - 10:24 AM

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 6,706 posts
greetings

there is nothing to click on - you need to start by openening notepad


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know
If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic
Please Only Copy And Paste Reports Into Topic - Do Not Attach
My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

#15
peppercat
Posted 12 June 2012 - 01:30 PM

    New Member

  • Members
  • Pip
  • 28 posts
Hi sorry for the delay privacy settings were keeping me out of your site it seems although, I cant recall changing it today I am trying to let the cookies be unblocked for photobucket but it is proving to be hard for me tonight i believe that is your site anyway.
Just to clarify the text you need copying into the black window is all the previous reports they were saved to different notepads but I have put them on one now and have tried to copy and when I point over the black window paste is not highlighted so it will not play tonight so as I have an early start and before I scream out loud I had better come back tomorrow .

I have also put protected mode on I didnt realise that was off.

hope you dont mind Gringo

#16
gringo_pr
Posted 12 June 2012 - 01:56 PM

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 6,706 posts
Greetings

I have attached a file to this topic

save this file to your desktop

drag as in the picture above and drop it onto the combofix icon


send me the report that it makes


gringo

Attached Files


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know
If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic
Please Only Copy And Paste Reports Into Topic - Do Not Attach
My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

#17
peppercat
Posted 13 June 2012 - 05:48 AM

    New Member

  • Members
  • Pip
  • 28 posts
Hi I have copied CF Script.txt to desktop and have dragged it over the box and tried dragging into combofix but am getting no entry sign stopping it progressing

#18
gringo_pr
Posted 13 June 2012 - 08:25 AM

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 6,706 posts
Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know
If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic
Please Only Copy And Paste Reports Into Topic - Do Not Attach
My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.

#19
peppercat
Posted 13 June 2012 - 09:40 AM

    New Member

  • Members
  • Pip
  • 28 posts
Hi Gringo that went ok apart from stopping with a box OTL.exe-no disc please insert disc into drive\ device\harddisk3\DR3 I had to x out of it to get going again
Also my daughter went on here unbeknown to me to print off a picture last night and got aload of text instead i think the printer drivers are infected I uninstalled it and couldnt reload it on PC had to put it on the laptop it just gets worse.
regards

OTL logfile created on: 13/06/2012 15:16:36 - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\User\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.75 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 68.75% Memory free
5.50 Gb Paging File | 3.96 Gb Available in Paging File | 72.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910.41 Gb Total Space | 772.26 Gb Free Space | 84.83% Space Free | Partition Type: NTFS
Drive D: | 20.00 Gb Total Space | 10.46 Gb Free Space | 52.28% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\User\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe ()
PRC - C:\Program Files\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files\Search Core Systems\Windows Core Toolbar\wcthelper.exe (Search Core Systems)
PRC - C:\Program Files\Search Core Systems\Windows Core Toolbar\wcupdt.exe (Search Core System)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe (AVG)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\vVX6000.exe (Microsoft Corporation
)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Creative\Shared Files\CamTray.exe (Creative Technology Ltd)
PRC - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE ()
PRC - C:\Program Files\Microsoft Office\Office\OSA.EXE ()


========== Modules (No Company Name) ==========

MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll ()
MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\libglesv2.dll ()
MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\libegl.dll ()
MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\avutil-51.dll ()
MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\avformat-54.dll ()
MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll ()
MOD - C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll ()
MOD - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\SiteSafety.dll ()
MOD - C:\Program Files\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll ()
MOD - C:\Program Files\AVG\AVG PC Tuneup\madExcept_.bpl ()
MOD - C:\Program Files\AVG\AVG PC Tuneup\madBasic_.bpl ()
MOD - C:\Program Files\AVG\AVG PC Tuneup\madDisAsm_.bpl ()
MOD - C:\Program Files\Search Core Systems\Windows Core Toolbar\sqlite3.dll ()
MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files\Microsoft Office\Office\MSO97.DLL ()
MOD - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE ()
MOD - C:\Program Files\Microsoft Office\Office\OSA.EXE ()
MOD - C:\Windows\System32\DOCOBJ.DLL ()


========== Win32 Services (SafeList) ==========

SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (vToolbarUpdater11.0.2) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdvancedSystemCareService5) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)


========== Driver Services (SafeList) ==========

DRV - (uxddrv) -- I:\uxddrv86.sys File not found
DRV - (SBRE) -- C:\Windows\system32\drivers\SBREdrv.sys File not found
DRV - (catchme) -- C:\Users\User\AppData\Local\Temp\catchme.sys File not found
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- C:\Windows\System32\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV - (VX6000) -- C:\Windows\System32\drivers\VX6000Xp.sys (Microsoft Corporation
)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation )
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Advanced Micro Devices Inc.)
DRV - (V0330VID) -- C:\Windows\System32\drivers\V0330Vid.sys (Creative Technology Ltd.)
DRV - (ATMhelpr) -- C:\Windows\System32\drivers\ATMHELPR.SYS (Adobe Systems Incorporated)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
IE - HKLM\..\SearchScopes,DefaultScope = {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E}: "URL" = http://www.searchbro...q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://medion.msn.com [binary data]
IE - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://medion.msn.com/ [binary data]
IE - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
IE - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\..\SearchScopes,DefaultScope = {0B3BA3C6-41B1-45C1-B26C-A2EA6F14F1CA}
IE - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\..\SearchScopes\{0B3BA3C6-41B1-45C1-B26C-A2EA6F14F1CA}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.searchbrowsing.com"
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B44f5339e-fc1b-4a5a-a03c-5f45733d6918%7D&mid=51c195035f4647d19927bd2b2bb1cde0-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=AVG&v=11.0.0.9&lang=en&pr=fr&d=2012-03-12%2012%3A27%3A40&sap=ku&q="
FF - prefs.js..keyword.URL: "http://www.searchbrowsing.com/web.php?src=hmp&hl=en&camefrom=defaultsearch&q="
FF - prefs.js..browser.startup.homepage: "http://www.searchbrowsing.com"
FF - prefs.js..browser.search.selectedEngine: "SearchBrowsing"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/09 13:13:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/06/11 12:41:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.0.0.9\ [2012/04/29 17:01:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{425F6CC1-69CA-4604-BDC6-7EE7A066A843}: C:\Program Files\Search Core Systems\Windows Core Toolbar\ [2012/06/11 12:41:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/11 12:47:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.6.4\FF [2012/04/29 21:28:19 | 000,000,000 | ---D | M]

[2012/05/22 15:21:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions
[2012/06/11 12:47:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3un8z7x5.default\extensions
[2012/05/22 20:30:34 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3un8z7x5.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/06/12 17:18:28 | 000,000,648 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3un8z7x5.default\searchplugins\searchbrowsing.xml
[2012/05/22 19:41:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/29 17:01:24 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.0.0.9
[2012/04/21 02:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/05/22 20:30:29 | 000,000,616 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
[2012/04/21 03:09:17 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/06/09 20:31:25 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/21 03:09:17 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/21 03:09:17 | 000,000,935 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/04/21 03:09:17 | 000,001,166 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/04/21 03:09:17 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/04/21 03:09:18 | 000,001,121 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: SearchBrowsing (Enabled)
CHR - default_search_provider: search_url = http://www.searchbro...q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Acrobat3\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll
CHR - Extension: PriceGong = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.4_0\
CHR - Extension: Windows Core Toolbar = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlcjkchbepfdhmobhdbhfjhloijbjnc\1.1_0\
CHR - Extension: AVG Safe Search = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: Skype Click to Call = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\

O1 HOSTS File: ([2012/06/11 13:30:33 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O2 - BHO: (&Windows Core Toolbar BHO) - {ACC01A56-70E3-472E-9C4F-83B1DA817DD8} - C:\Program Files\Search Core Systems\Windows Core Toolbar\browserhelper.dll (Search Core Systems)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Core Toolbar) - {3A6BE320-DC9B-4D24-A6E8-621B81544F4B} - C:\Program Files\Search Core Systems\Windows Core Toolbar\wcoretb.dll (Search Core Systems)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [V0330Cfg.exe] C:\Windows\V0330Cfg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [VX6000] C:\Windows\vVX6000.exe (Microsoft Corporation
)
O4 - HKU\.DEFAULT..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-18..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-588432827-1575026354-3503086576-1000..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-588432827-1575026354-3503086576-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\bethany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = File not found
O4 - Startup: C:\Users\bethany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE ()
O4 - Startup: C:\Users\bethany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE ()
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE ()
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72741-17534-1/4 File not found
O9 - Extra 'Tools' menuitem : eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72741-17534-1/4 File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E33968CE-FF77-4DC3-A052-2921C0D60177} https://www.remoteco...1/Bootstrap.cab (Reg Error: Key error.)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73D3E512-476D-499C-80B6-1626897005EB}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82C7CACF-D632-4978-B367-95D2ECD4FA53}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/13 15:13:48 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/06/12 12:01:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/12 12:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/12 12:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/06/11 20:09:37 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\User\Desktop\aswMBR.exe
[2012/06/11 20:03:12 | 002,127,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller (1).exe
[2012/06/11 13:32:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/06/11 13:32:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\temp
[2012/06/11 13:22:46 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/06/11 13:22:46 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/06/11 13:22:46 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/06/11 13:22:42 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/06/11 13:22:39 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/11 13:21:26 | 004,540,367 | R--- | C] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe
[2012/06/11 12:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012/06/11 12:44:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\adaware
[2012/06/11 12:31:43 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Outlook Files
[2012/06/11 10:38:46 | 000,000,000 | ---D | C] -- C:\temp
[2012/06/10 16:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\MemeoCommon
[2012/06/10 16:31:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Memeo
[2012/06/10 16:30:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Seagate
[2012/06/10 16:29:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Memeo
[2012/06/10 16:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Memeo
[2012/06/10 16:28:32 | 000,000,000 | ---D | C] -- C:\Program Files\Seagate
[2012/05/29 11:37:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2012/05/29 11:37:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/29 11:37:21 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/05/29 11:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/05/28 17:55:49 | 000,000,000 | ---D | C] -- C:\$AVG
[2012/05/28 17:42:51 | 003,878,424 | ---- | C] (AVG Technologies) -- C:\Users\User\Desktop\avg_avct_stb_all_2012_2176_ppc2.exe
[2012/05/22 20:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/05/22 20:30:55 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2012/05/22 20:30:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\adawarebp
[2012/05/22 20:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/05/22 20:30:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Blekko
[2012/05/22 20:28:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Ad-Aware Antivirus
[2012/05/22 20:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/05/22 20:26:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/05/22 20:26:09 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/05/22 20:19:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\SpeedMaxPc
[2012/05/22 20:19:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\DriverCure
[2012/05/22 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
[2012/05/22 20:18:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedMaxPc
[2012/05/22 20:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedMaxPc
[2012/05/22 20:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedMaxPc
[2012/05/22 19:41:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/05/22 16:50:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/05/22 16:04:26 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\malicious-software-removal_files
[2012/05/22 15:21:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Mozilla
[2012/05/22 15:21:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Mozilla
[2012/05/22 15:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/05/22 15:16:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\IObit
[2012/05/22 15:16:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
[2012/05/22 15:16:06 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012/05/22 15:14:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/22 12:08:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AVG
[2012/05/22 12:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2012/05/19 19:50:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\ElevatedDiagnostics
[2012/05/19 19:01:20 | 000,000,000 | ---D | C] -- C:\Windows\CtDrvInstall
[2012/05/18 21:33:51 | 000,000,000 | ---D | C] -- C:\Users\User\Tracing
[2012/05/18 21:30:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
[2012/05/18 21:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam
[2012/05/18 20:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/05/18 20:50:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Skype
[2012/05/18 20:50:18 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/05/18 20:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/05/18 20:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/05/18 20:50:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012/05/18 18:00:34 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/05/18 18:00:34 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/05/18 10:47:08 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Downloads
[2012/05/16 21:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Bonzuna
[2012/05/16 21:06:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2012/05/16 21:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Search Core Systems
[2012/05/16 21:05:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Opera

========== Files - Modified Within 30 Days ==========

[2012/06/13 15:11:58 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/06/13 15:09:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/13 14:54:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-588432827-1575026354-3503086576-1000UA.job
[2012/06/13 13:40:41 | 001,491,520 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/13 13:40:41 | 000,535,138 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/13 11:06:03 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/13 11:06:03 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/13 10:58:52 | 000,000,300 | -H-- | M] () -- C:\Windows\tasks\Windows Core Helper.job
[2012/06/13 10:58:52 | 000,000,294 | -H-- | M] () -- C:\Windows\tasks\Windows Core Toolbar Updater.job
[2012/06/13 10:58:48 | 2213,257,216 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/12 20:30:48 | 000,000,071 | ---- | M] () -- C:\Users\User\Documents\aØ’
[2012/06/12 18:00:00 | 000,000,438 | ---- | M] () -- C:\Windows\tasks\SpeedMaxPc Registration3.job
[2012/06/12 16:54:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-588432827-1575026354-3503086576-1000Core.job
[2012/06/12 12:01:36 | 000,001,757 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/12 10:34:53 | 100,255,877 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/06/12 10:31:22 | 000,002,358 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk
[2012/06/12 10:29:21 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\SpeedMaxPc.job
[2012/06/11 20:27:50 | 000,000,512 | ---- | M] () -- C:\Users\User\Desktop\MBR.dat
[2012/06/11 20:09:31 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\User\Desktop\aswMBR.exe
[2012/06/11 20:02:21 | 002,127,960 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\User\Desktop\tdsskiller (1).exe
[2012/06/11 18:44:52 | 000,178,866 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/06/11 13:30:33 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/06/11 13:21:37 | 004,540,367 | R--- | M] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe
[2012/06/10 16:30:25 | 000,000,162 | ---- | M] () -- C:\MemeoSendAddin
[2012/05/28 17:52:36 | 003,878,424 | ---- | M] (AVG Technologies) -- C:\Users\User\Desktop\avg_avct_stb_all_2012_2176_ppc2.exe
[2012/05/24 13:22:19 | 000,000,334 | ---- | M] () -- C:\Windows\System32\CountScans.XML
[2012/05/24 12:39:00 | 000,001,190 | ---- | M] () -- C:\Windows\System32\ServiceConfig.xml
[2012/05/24 11:53:05 | 000,000,240 | ---- | M] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2012/05/23 21:30:32 | 000,000,681 | ---- | M] () -- C:\Users\User\Desktop\Malwarebytes' Anti-Malware - Shortcut.lnk
[2012/05/23 20:49:50 | 000,001,093 | ---- | M] () -- C:\Users\User\Desktop\Malwarebytes Anti-Malware Help.lnk
[2012/05/23 20:49:35 | 000,001,093 | ---- | M] () -- C:\Users\User\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/22 20:36:42 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\SpeedMaxPc Update3.job
[2012/05/22 20:27:21 | 000,001,144 | ---- | M] () -- C:\Users\User\Desktop\SpeedMaxPc.lnk
[2012/05/22 20:26:12 | 000,001,244 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/05/22 19:41:36 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/05/22 16:04:26 | 000,049,824 | ---- | M] () -- C:\Users\User\Documents\malicious-software-removal.php
[2012/05/22 15:16:10 | 000,001,234 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2012/05/22 15:16:10 | 000,001,183 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/05/22 12:07:41 | 000,001,128 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2012/05/22 12:07:41 | 000,001,104 | ---- | M] () -- C:\Users\User\Desktop\AVG PC Tuneup 2011.lnk
[2012/05/20 10:34:01 | 000,004,608 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/19 19:43:12 | 000,921,624 | ---- | M] () -- C:\DC6810xp-001.raw
[2012/05/19 19:01:57 | 000,002,303 | ---- | M] () -- C:\Users\Public\Desktop\Creative Product Registration.lnk
[2012/05/19 18:59:49 | 000,002,269 | ---- | M] () -- C:\Users\Public\Desktop\Creative WebCam Center.lnk
[2012/05/18 18:12:45 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012/05/18 18:00:34 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/05/18 18:00:34 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2012/06/12 20:17:20 | 000,000,071 | ---- | C] () -- C:\Users\User\Documents\aØ’
[2012/06/12 12:01:36 | 000,001,757 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/11 20:27:50 | 000,000,512 | ---- | C] () -- C:\Users\User\Desktop\MBR.dat
[2012/06/11 13:22:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/06/11 13:22:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/06/11 13:22:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/06/11 13:22:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/06/11 13:22:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/06/10 16:30:24 | 000,000,162 | ---- | C] () -- C:\MemeoSendAddin
[2012/05/24 13:22:19 | 000,000,334 | ---- | C] () -- C:\Windows\System32\CountScans.XML
[2012/05/24 12:39:00 | 000,001,190 | ---- | C] () -- C:\Windows\System32\ServiceConfig.xml
[2012/05/24 11:53:05 | 000,000,240 | ---- | C] () -- C:\Windows\System32\drivers\kgpcpy.cfg
[2012/05/23 21:30:32 | 000,000,681 | ---- | C] () -- C:\Users\User\Desktop\Malwarebytes' Anti-Malware - Shortcut.lnk
[2012/05/23 20:49:50 | 000,001,093 | ---- | C] () -- C:\Users\User\Desktop\Malwarebytes Anti-Malware Help.lnk
[2012/05/23 20:49:35 | 000,001,093 | ---- | C] () -- C:\Users\User\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/22 20:26:12 | 000,001,244 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/05/22 20:19:20 | 000,000,438 | ---- | C] () -- C:\Windows\tasks\SpeedMaxPc Registration3.job
[2012/05/22 20:19:03 | 000,001,144 | ---- | C] () -- C:\Users\User\Desktop\SpeedMaxPc.lnk
[2012/05/22 20:19:01 | 000,000,396 | ---- | C] () -- C:\Windows\tasks\SpeedMaxPc Update3.job
[2012/05/22 20:19:00 | 000,000,374 | ---- | C] () -- C:\Windows\tasks\SpeedMaxPc.job
[2012/05/22 19:41:36 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/05/22 19:41:36 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/05/22 16:49:12 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-588432827-1575026354-3503086576-1000UA.job
[2012/05/22 16:49:11 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-588432827-1575026354-3503086576-1000Core.job
[2012/05/22 16:04:26 | 000,049,824 | ---- | C] () -- C:\Users\User\Documents\malicious-software-removal.php
[2012/05/22 15:16:10 | 000,001,234 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2012/05/22 15:16:10 | 000,001,183 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/05/22 12:07:41 | 000,001,128 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk
[2012/05/22 12:07:41 | 000,001,104 | ---- | C] () -- C:\Users\User\Desktop\AVG PC Tuneup 2011.lnk
[2012/05/19 19:36:11 | 000,921,624 | ---- | C] () -- C:\DC6810xp-001.raw
[2012/05/19 18:59:49 | 000,002,269 | ---- | C] () -- C:\Users\Public\Desktop\Creative WebCam Center.lnk
[2012/05/16 21:05:58 | 000,000,294 | -H-- | C] () -- C:\Windows\tasks\Windows Core Toolbar Updater.job
[2012/05/16 21:05:56 | 000,000,300 | -H-- | C] () -- C:\Windows\tasks\Windows Core Helper.job
[2012/04/29 20:52:37 | 000,002,321 | ---- | C] () -- C:\Windows\ACROREAD.INI
[2012/04/29 20:51:56 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2012/04/29 20:51:56 | 000,000,177 | ---- | C] () -- C:\Windows\KPCMS.INI
[2012/04/29 20:51:54 | 000,006,144 | ---- | C] () -- C:\Windows\System32\ImgLibLead.dll
[2012/04/29 20:51:53 | 000,100,864 | ---- | C] () -- C:\Windows\System32\Dc50ip32.dll
[2012/04/29 20:51:53 | 000,065,864 | ---- | C] () -- C:\Windows\System32\Digita.sys
[2012/04/19 12:50:18 | 000,004,608 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/17 17:49:42 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012/03/16 17:10:23 | 000,000,021 | ---- | C] () -- C:\Windows\SIERRA.INI
[2012/03/15 14:03:05 | 000,000,022 | ---- | C] () -- C:\Windows\exchng.ini
[2012/03/15 14:03:04 | 000,000,957 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/03/15 14:03:04 | 000,000,611 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/03/12 15:00:12 | 000,000,642 | ---- | C] () -- C:\Users\User\AppData\Roaming\wklnhst.dat
[2010/06/15 13:18:00 | 000,203,331 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010/06/15 13:18:00 | 000,002,110 | ---- | C] () -- C:\Windows\System32\atipblag.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4

< End of report >

#20
gringo_pr
Posted 13 June 2012 - 01:39 PM

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 6,706 posts
Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :OTL
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
O3 - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - Startup: C:\Users\bethany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = File not found
O9 - Extra Button: eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72741-17534-1/4 File not found
O9 - Extra 'Tools' menuitem : eBay.co.uk - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72741-17534-1/4 File not found
O16 - DPF: {E33968CE-FF77-4DC3-A052-2921C0D60177} https://www.remoteco...1/Bootstrap.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4 
PRC - C:\Program Files\Search Core Systems\Windows Core Toolbar\wcthelper.exe (Search Core Systems)
PRC - C:\Program Files\Search Core Systems\Windows Core Toolbar\wcupdt.exe (Search Core System)
MOD - C:\Program Files\Search Core Systems\Windows Core Toolbar\sqlite3.dll ()
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
IE - HKLM\..\SearchScopes,DefaultScope = {0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E}
IE - HKLM\..\SearchScopes\{0DF56869-BA25-4E8E-82F9-AF48EA6BCC7E}: "URL" = http://www.searchbro...q={searchTerms}
IE - HKU\S-1-5-21-588432827-1575026354-3503086576-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchbrowsing.com
FF - prefs.js..browser.startup.homepage: "http://www.searchbrowsing.com"
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7B44f5339e-fc1b-4a5a-a03c-5f45733d6918%7D&mid=51c195035f4647d19927bd2b2bb1cde0-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=AVG&v=11.0.0.9&lang=en&pr=fr&d=2012-03-12%2012%3A27%3A40&sap=ku&q="
FF - prefs.js..keyword.URL: "http://www.searchbrowsing.com/web.php?src=hmp&hl=en&camefrom=defaultsearch&q="
FF - prefs.js..browser.startup.homepage: "http://www.searchbrowsing.com"
FF - prefs.js..browser.search.selectedEngine: "SearchBrowsing"
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{425F6CC1-69CA-4604-BDC6-7EE7A066A843}: C:\Program Files\Search Core Systems\Windows Core Toolbar\ [2012/06/11 12:41:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.6.4\FF [2012/04/29 21:28:19 | 000,000,000 | ---D | M]
O2 - BHO: (&Windows Core Toolbar BHO) - {ACC01A56-70E3-472E-9C4F-83B1DA817DD8} - C:\Program Files\Search Core Systems\Windows Core Toolbar\browserhelper.dll (Search Core Systems)
O3 - HKLM\..\Toolbar: (&Windows Core Toolbar) - {3A6BE320-DC9B-4D24-A6E8-621B81544F4B} - C:\Program Files\Search Core Systems\Windows Core Toolbar\wcoretb.dll (Search Core Systems)
[2012/05/22 20:30:29 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Blekko  
[2012/05/22 20:19:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\SpeedMaxPc
[2012/05/22 20:19:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\DriverCure
[2012/05/22 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
[2012/05/22 20:18:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedMaxPc
[2012/05/22 20:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedMaxPc
[2012/05/22 20:18:58 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedMaxPc
[2012/05/16 21:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Bonzuna
[2012/05/16 21:06:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2012/05/16 21:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Search Core Systems
[2012/06/13 11:06:03 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/13 11:06:03 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/13 10:58:52 | 000,000,300 | -H-- | M] () -- C:\Windows\tasks\Windows Core Helper.job
[2012/06/13 10:58:52 | 000,000,294 | -H-- | M] () -- C:\Windows\tasks\Windows Core Toolbar Updater.job
[2012/06/12 10:29:21 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\SpeedMaxPc.job
[2012/05/22 20:19:20 | 000,000,438 | ---- | C] () -- C:\Windows\tasks\SpeedMaxPc Registration3.job
[2012/05/22 20:19:03 | 000,001,144 | ---- | C] () -- C:\Users\User\Desktop\SpeedMaxPc.lnk
[2012/05/22 20:19:01 | 000,000,396 | ---- | C] () -- C:\Windows\tasks\SpeedMaxPc Update3.job
[2012/05/22 20:19:00 | 000,000,374 | ---- | C] () -- C:\Windows\tasks\SpeedMaxPc.job
[2012/05/16 21:05:58 | 000,000,294 | -H-- | C] () -- C:\Windows\tasks\Windows Core Toolbar Updater.job
[2012/05/16 21:05:56 | 000,000,300 | -H-- | C] () -- C:\Windows\tasks\Windows Core Helper.job
:Files
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlcjkchbepfdhmobhdbhfjhloijbjnc
ipconfig /flushdns /c
:Commands
[PURITY]
[emptyjava]
[EMPTYFLASH]
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know
If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic
Please Only Copy And Paste Reports Into Topic - Do Not Attach
My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->Posted Image<-- Don't worry every little bit helps.
Back to Resolved HijackThis Logs · Next Unread Topic →


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Malwarebytes Forum
  2. Computer Help
  3. Malware Removal - HijackThis Logs
  4. Resolved HijackThis Logs

Products

About

Partners

Follow Us