michael123
-
Posts
16 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by michael123
-
-
yes i have updated java , and removed everything listed besides babylon
-
The ads have been gone since last night lol sry forgot to tell u, and system seems to be fine , but alot slower and freezes from time to time for a breif momment
-
I've been able to remove everything u listed from program and features, however i could not find the babylon toolbar =/
-
And i also had a question, after doing a scan with avira and sending the threats to the quarantine, does "deleting" mean deleting them from the quarantine or deleting the whole file?
-
ComboFix 12-07-19.02 - Bugs Bunny 07/19/2012 23:48:37.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4863.2710 [GMT -4:00]
Running from: c:\users\Bugs Bunny\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bugs Bunny\AppData\Roaming\Mozilla\Firefox\Profiles\rdp52gji.default\searchplugins\bing-zugo.xml
.
.
((((((((((((((((((((((((( Files Created from 2012-06-20 to 2012-07-20 )))))))))))))))))))))))))))))))
.
.
2012-07-20 03:57 . 2012-07-20 03:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-07-20 03:57 . 2012-07-20 03:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-19 16:12 . 2012-07-19 16:12 -------- d-----w- c:\users\Bugs Bunny\AppData\Roaming\Malwarebytes
2012-07-19 16:12 . 2012-07-19 16:12 -------- d-----w- c:\programdata\Malwarebytes
2012-07-19 16:12 . 2012-07-19 16:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-19 16:12 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-19 07:59 . 2012-07-19 08:01 -------- d-----w- c:\program files (x86)\GUMB215.tmp
2012-07-19 03:23 . 2012-07-19 03:23 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-07-19 03:22 . 2012-07-19 20:37 -------- d-----w- c:\users\Bugs Bunny\AppData\Local\PMB Files
2012-07-19 03:22 . 2012-07-19 20:37 -------- d-----w- c:\programdata\PMB Files
2012-07-19 00:08 . 2012-07-19 00:08 -------- d-----w- c:\program files\trend micro
2012-07-19 00:08 . 2012-07-19 00:10 -------- d-----w- C:\rsit
2012-07-18 23:58 . 2012-07-18 23:58 -------- d-----w- C:\TDSSKiller_Quarantine
2012-07-18 20:15 . 2012-07-18 20:15 -------- d-----w- c:\users\Bugs Bunny\AppData\Roaming\Avira
2012-07-18 20:13 . 2012-07-18 20:13 -------- d-----w- C:\desktop
2012-07-18 20:02 . 2012-07-18 20:03 -------- d-----w- c:\program files (x86)\Ask.com
2012-07-18 20:02 . 2012-05-02 19:24 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2012-07-18 20:02 . 2012-04-27 14:20 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-07-18 20:02 . 2012-04-25 04:32 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-07-18 20:01 . 2012-07-18 20:03 -------- d-----w- c:\programdata\Avira
2012-07-18 20:01 . 2012-07-18 20:01 -------- d-----w- c:\program files (x86)\Avira
2012-07-18 16:54 . 2012-07-18 16:55 -------- d-----w- c:\program files (x86)\GUMDB22.tmp
2012-07-18 16:24 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys
2012-07-18 15:48 . 2012-07-18 15:48 -------- d-----w- c:\users\Bugs Bunny\AppData\Roaming\SUPERAntiSpyware.com
2012-07-18 15:48 . 2012-07-18 15:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-07-18 15:48 . 2012-07-18 15:48 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-07-18 15:29 . 2012-07-18 15:29 -------- d-----w- c:\program files (x86)\Trend Micro
2012-07-18 15:23 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FC24DD5-6FBD-4A5B-A5A9-BB684093A6E2}\mpengine.dll
2012-07-18 13:22 . 2012-07-18 15:18 -------- d-----w- c:\users\Guest
2012-07-18 11:18 . 2012-07-18 11:18 -------- d-----w- c:\program files\Enigma Software Group
2012-07-18 11:16 . 2012-07-18 15:15 -------- d-----w- c:\windows\F896D02690164122B9BD957FF092FFE9.TMP
2012-07-18 11:14 . 2012-07-18 11:14 -------- d-----w- c:\users\Bugs Bunny\AppData\Roaming\SpeedyPC Software
2012-07-18 11:14 . 2012-07-18 11:14 -------- d-----w- c:\users\Bugs Bunny\AppData\Roaming\DriverCure
2012-07-18 11:14 . 2012-07-18 11:14 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software
2012-07-18 11:14 . 2012-07-18 12:53 -------- d-----w- c:\programdata\SpeedyPC Software
2012-07-18 11:14 . 2012-07-18 11:14 -------- d-----w- c:\program files (x86)\SpeedyPC Software
2012-07-18 08:17 . 2012-07-18 15:15 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-07-18 08:17 . 2012-07-18 15:15 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-07-18 02:01 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll
2012-07-18 02:01 . 2012-06-06 05:09 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-18 02:01 . 2012-06-06 05:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-18 02:00 . 2012-06-09 05:30 14165504 ----a-w- c:\windows\system32\shell32.dll
2012-07-18 02:00 . 2012-06-02 05:27 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-18 02:00 . 2012-06-02 05:38 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-18 02:00 . 2012-06-02 05:38 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-07-18 02:00 . 2012-06-02 05:37 459216 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-18 02:00 . 2012-06-02 05:27 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-18 02:00 . 2012-06-02 04:48 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-07-18 02:00 . 2012-06-02 04:47 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-07-18 02:00 . 2012-06-02 04:48 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-07-18 02:00 . 2012-06-02 04:42 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-07-18 01:59 . 2012-06-06 05:50 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-18 01:59 . 2012-06-06 05:09 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2012-07-13 05:36 . 2012-07-18 04:20 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-07-13 05:36 . 2012-07-18 04:29 -------- d-----w- c:\program files (x86)\PC Tools Registry Mechanic
2012-07-13 02:37 . 2012-07-13 02:39 -------- d-----w- c:\users\Bugs Bunny\AppData\Roaming\DivX
2012-07-13 02:36 . 2012-07-18 07:05 -------- d-----w- c:\program files\DivX
2012-07-13 02:35 . 2012-07-18 15:15 -------- d-----w- c:\program files (x86)\DivX
2012-07-13 02:35 . 2012-07-18 07:05 -------- d-----w- c:\programdata\DivX
2012-07-13 02:26 . 2012-07-18 04:50 -------- d-----w- c:\program files (x86)\MediaPlayerLite
2012-07-13 02:26 . 2012-07-18 04:51 -------- d-----w- c:\program files (x86)\Giant Savings
2012-07-13 02:21 . 2012-07-13 02:21 -------- d-----w- c:\program files (x86)\GUM91D3.tmp
2012-07-13 02:19 . 2012-07-18 15:15 -------- d-----w- c:\program files (x86)\QuickTime
2012-07-13 02:18 . 2012-07-13 02:18 -------- d-----w- c:\users\Bugs Bunny\AppData\Local\Real
2012-07-13 02:17 . 2012-07-18 05:39 -------- d-----w- c:\program files (x86)\Real
2012-07-13 02:16 . 2012-07-18 15:09 -------- d-----w- c:\users\Bugs Bunny\AppData\Local\Google
2012-07-13 02:16 . 2012-07-18 15:50 -------- d-----w- c:\program files (x86)\Google
2012-07-11 08:00 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 08:00 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3(63).dll
2012-06-24 16:52 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-24 16:52 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-24 16:52 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-24 16:52 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-24 16:51 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-24 16:51 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-24 16:51 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-24 16:51 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-24 16:51 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-23 04:36 . 2012-06-23 04:36 -------- d-----w- c:\users\Bugs Bunny\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-18 16:20 . 2011-09-25 01:20 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-18 15:37 . 2012-05-03 02:19 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-18 15:37 . 2011-09-25 00:54 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-18 15:37 . 2012-05-03 02:37 9822920 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-31 16:25 . 2011-09-25 13:46 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-27 08:17 . 2012-05-27 08:17 670816 ----a-w- c:\windows\SysWow64\xsherlock.xem
2012-05-04 10:52 . 2012-06-12 23:11 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:08 . 2012-06-12 23:11 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08 . 2012-06-12 23:11 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-02 05:32 . 2012-06-12 23:12 208896 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:50 . 2012-06-12 23:10 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:34 . 2012-06-12 23:12 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:34 . 2012-06-12 23:12 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:28 . 2012-06-12 23:12 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:59 . 2012-06-12 23:10 1460224 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 05:59 . 2012-06-12 23:10 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:59 . 2012-06-12 23:10 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 04:47 . 2012-06-12 23:09 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:47 . 2012-06-12 23:09 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-04-24 04:47 . 2012-06-12 23:10 1156608 ----a-w- c:\windows\SysWow64\crypt32.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2011-12-26 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2011-12-26 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-05 00:20 1514152 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-05 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Bugs Bunny\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Bugs Bunny\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Bugs Bunny\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-09 5661056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-01-05 1391272]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-02 348624]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\Bugs Bunny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Bugs Bunny\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
ERUNT AutoBackup.lnk - c:\desktop\AUTOBACK.EXE [2005-10-20 38912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-18 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 dump_wmimmc;dump_wmimmc;c:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-18 136176]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]
R3 vtany;vtany;c:\windows\vtany.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-25 1255736]
R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x]
R3 xspirit;xspirit;c:\windows\xspirit.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-05-02 27760]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-02 86224]
S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-02 465360]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [2010-01-06 676864]
S3 SrvHsfPCIe;SrvHsfPCIe;c:\windows\system32\DRIVERS\VSTBS36.SYS [2009-06-10 287744]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-03 01:37]
.
2012-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-18 15:48]
.
2012-07-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-18 15:48]
.
2012-07-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 5f957f63-c1a7-47b5-9bef-89507b8472fc.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2012-07-19 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task d921bfdc-0aea-458e-9479-8d3b230d2d3a.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Bugs Bunny\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Bugs Bunny\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Bugs Bunny\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 97792 ----a-w- c:\users\Bugs Bunny\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\Bugs Bunny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Bugs Bunny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Bugs Bunny\AppData\Roaming\Mozilla\Firefox\Profiles\rdp52gji.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=10148&l=dis&tb=AVR-3
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q=
FF - user.js: extensions.BabylonToolbar_i.id - e880ced400000000000094445213b7f8
FF - user.js: extensions.BabylonToolbar_i.hardId - e880ced400000000000094445213b7f8
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15349
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:21
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100886
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\xsherlock]
"ImagePath"="c:\windows\system32\xsherlock.xem"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-07-20 00:08:52
ComboFix-quarantined-files.txt 2012-07-20 04:08
.
Pre-Run: 636,072,755,200 bytes free
Post-Run: 636,464,680,960 bytes free
.
- - End Of File - - 8C7C97BE12FBFF5E200CDEB9C00853E9
-
ooooohh sry bout that~ hope this is better
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org
Database version: v2012.07.19.11
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Bugs Bunny :: BUGSBUNNY-PC [administrator]
Protection: Enabled
7/19/2012 12:14:53 PM
mbam-log-2012-07-19 (12-14-53).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 227411
Time elapsed: 4 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 13
HKCR\CLSID\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044044435} (PUP.Codec.PR) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055045535} (PUP.Codec.PR) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0000435.BHO.1 (PUP.Codec.PR) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011041135} (PUP.Codec.PR) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0000435.BHO (PUP.Codec.PR) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0000435.FBApi (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0000435.FBApi.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0000435.Sandbox (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0000435.Sandbox.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Program Files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll (PUP.Codec.PR) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
(end)
-
{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fcharset0 Calibri;}}
{\colortbl ;\red0\green0\blue255;}
{\*\generator Msftedit 5.41.21.2509;}\viewkind4\uc1\pard\sa200\sl276\slmult1\lang9\f0\fs22 Malwarebytes Anti-Malware (Trial) 1.62.0.1300\par
{\field{\*\fldinst{HYPERLINK "www.malwarebytes.org"}}{\fldrslt{\ul\cf1 www.malwarebytes.org}}}\f0\fs22\par
\par
Database version: v2012.07.19.11\par
\par
Windows 7 x64 NTFS\par
Internet Explorer 9.0.8112.16421\par
Bugs Bunny :: BUGSBUNNY-PC [administrator]\par
\par
Protection: Enabled\par
\par
7/19/2012 12:14:53 PM\par
mbam-log-2012-07-19 (12-14-53).txt\par
\par
Scan type: Quick scan\par
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM\par
Scan options disabled: P2P\par
Objects scanned: 227411\par
Time elapsed: 4 minute(s), 59 second(s)\par
\par
Memory Processes Detected: 0\par
(No malicious items detected)\par
\par
Memory Modules Detected: 0\par
(No malicious items detected)\par
\par
Registry Keys Detected: 13\par
HKCR\\CLSID\\\{11111111-1111-1111-1111-110011041135\} (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
HKCR\\TypeLib\\\{44444444-4444-4444-4444-440044044435\} (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
HKCR\\Interface\\\{55555555-5555-5555-5555-550055045535\} (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
HKCR\\CrossriderApp0000435.BHO.1 (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\\{11111111-1111-1111-1111-110011041135\} (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\\{11111111-1111-1111-1111-110011041135\} (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\\{11111111-1111-1111-1111-110011041135\} (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\PreApproved\\\{11111111-1111-1111-1111-110011041135\} (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
HKCR\\CrossriderApp0000435.BHO (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
HKCR\\CrossriderApp0000435.FBApi (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.\par
HKCR\\CrossriderApp0000435.FBApi.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.\par
HKCR\\CrossriderApp0000435.Sandbox (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.\par
HKCR\\CrossriderApp0000435.Sandbox.1 (PUP.CrossFire.Gen) -> Quarantined and deleted successfully.\par
\par
Registry Values Detected: 0\par
(No malicious items detected)\par
\par
Registry Data Items Detected: 0\par
(No malicious items detected)\par
\par
Folders Detected: 0\par
(No malicious items detected)\par
\par
Files Detected: 2\par
C:\\Program Files (x86)\\Premiumplay Codec-C\\Premiumplay Codec-C.dll (PUP.Codec.PR) -> Quarantined and deleted successfully.\par
C:\\Windows\\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.\par
\par
(end)\par
}
-
Yessir~ ty once agn lol , heres the log u asked for :
22:53:30.0578 3788 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
22:53:31.0186 3788 ============================================================
22:53:31.0186 3788 Current date / time: 2012/07/18 22:53:31.0186
22:53:31.0186 3788 SystemInfo:
22:53:31.0186 3788
22:53:31.0186 3788 OS Version: 6.1.7600 ServicePack: 0.0
22:53:31.0186 3788 Product type: Workstation
22:53:31.0186 3788 ComputerName: BUGSBUNNY-PC
22:53:31.0186 3788 UserName: Bugs Bunny
22:53:31.0186 3788 Windows directory: C:\Windows
22:53:31.0186 3788 System windows directory: C:\Windows
22:53:31.0186 3788 Running under WOW64
22:53:31.0186 3788 Processor architecture: Intel x64
22:53:31.0186 3788 Number of processors: 4
22:53:31.0186 3788 Page size: 0x1000
22:53:31.0186 3788 Boot type: Normal boot
22:53:31.0186 3788 ============================================================
22:53:35.0554 3788 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDDA00 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:53:35.0585 3788 ============================================================
22:53:35.0585 3788 \Device\Harddisk0\DR0:
22:53:35.0585 3788 MBR partitions:
22:53:35.0585 3788 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:53:35.0585 3788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000
22:53:35.0585 3788 ============================================================
22:53:35.0601 3788 C: <-> \Device\Harddisk0\DR0\Partition1
22:53:35.0632 3788 I: <-> \Device\Harddisk0\DR0\Partition0
22:53:35.0632 3788 ============================================================
22:53:35.0632 3788 Initialize success
22:53:35.0632 3788 ============================================================
22:53:39.0953 3916 ============================================================
22:53:39.0953 3916 Scan started
22:53:39.0953 3916 Mode: Manual;
22:53:39.0953 3916 ============================================================
22:53:42.0465 3916 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:53:42.0465 3916 !SASCORE - ok
22:53:42.0839 3916 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
22:53:42.0855 3916 1394ohci - ok
22:53:42.0948 3916 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
22:53:42.0964 3916 ACPI - ok
22:53:42.0995 3916 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
22:53:43.0011 3916 AcpiPmi - ok
22:53:43.0089 3916 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:53:43.0089 3916 AdobeARMservice - ok
22:53:43.0697 3916 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:53:43.0713 3916 AdobeFlashPlayerUpdateSvc - ok
22:53:44.0072 3916 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:53:44.0150 3916 adp94xx - ok
22:53:44.0321 3916 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:53:44.0352 3916 adpahci - ok
22:53:44.0399 3916 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:53:44.0430 3916 adpu320 - ok
22:53:44.0477 3916 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:53:44.0493 3916 AeLookupSvc - ok
22:53:44.0618 3916 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
22:53:44.0680 3916 AFD - ok
22:53:44.0727 3916 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
22:53:44.0742 3916 agp440 - ok
22:53:44.0789 3916 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:53:44.0820 3916 ALG - ok
22:53:44.0852 3916 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
22:53:44.0867 3916 aliide - ok
22:53:44.0883 3916 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
22:53:44.0898 3916 amdide - ok
22:53:44.0914 3916 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:53:44.0945 3916 AmdK8 - ok
22:53:44.0976 3916 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:53:44.0992 3916 AmdPPM - ok
22:53:45.0039 3916 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
22:53:45.0054 3916 amdsata - ok
22:53:45.0101 3916 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:53:45.0132 3916 amdsbs - ok
22:53:45.0148 3916 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
22:53:45.0164 3916 amdxata - ok
22:53:45.0507 3916 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:53:45.0507 3916 AntiVirSchedulerService - ok
22:53:45.0663 3916 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:53:45.0663 3916 AntiVirService - ok
22:53:45.0710 3916 AntiVirWebService (e38ba9fab3981a2115c53260b930fd3c) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
22:53:45.0710 3916 AntiVirWebService - ok
22:53:45.0772 3916 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
22:53:45.0772 3916 AppID - ok
22:53:45.0803 3916 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:53:45.0803 3916 AppIDSvc - ok
22:53:45.0834 3916 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
22:53:45.0850 3916 Appinfo - ok
22:53:45.0928 3916 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:53:45.0944 3916 Apple Mobile Device - ok
22:53:46.0022 3916 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
22:53:46.0037 3916 AppMgmt - ok
22:53:46.0068 3916 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:53:46.0115 3916 arc - ok
22:53:46.0131 3916 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:53:46.0146 3916 arcsas - ok
22:53:46.0162 3916 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:53:46.0178 3916 AsyncMac - ok
22:53:46.0193 3916 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
22:53:46.0193 3916 atapi - ok
22:53:46.0334 3916 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:53:46.0334 3916 AudioEndpointBuilder - ok
22:53:46.0349 3916 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:53:46.0349 3916 AudioSrv - ok
22:53:46.0427 3916 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
22:53:46.0443 3916 avgntflt - ok
22:53:46.0490 3916 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
22:53:46.0490 3916 avipbb - ok
22:53:46.0521 3916 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
22:53:46.0521 3916 avkmgr - ok
22:53:46.0583 3916 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
22:53:46.0599 3916 AxInstSV - ok
22:53:46.0755 3916 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:53:46.0817 3916 b06bdrv - ok
22:53:46.0973 3916 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:53:47.0004 3916 b57nd60a - ok
22:53:47.0036 3916 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:53:47.0082 3916 BDESVC - ok
22:53:47.0114 3916 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:53:47.0114 3916 Beep - ok
22:53:47.0223 3916 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
22:53:47.0363 3916 BFE - ok
22:53:47.0675 3916 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
22:53:47.0769 3916 BITS - ok
22:53:47.0878 3916 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:53:47.0878 3916 blbdrive - ok
22:53:48.0128 3916 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:53:48.0237 3916 Bonjour Service - ok
22:53:48.0362 3916 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
22:53:48.0393 3916 bowser - ok
22:53:48.0424 3916 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:53:48.0440 3916 BrFiltLo - ok
22:53:48.0440 3916 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:53:48.0455 3916 BrFiltUp - ok
22:53:48.0471 3916 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
22:53:48.0471 3916 Browser - ok
22:53:48.0580 3916 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:53:48.0642 3916 Brserid - ok
22:53:48.0658 3916 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:53:48.0674 3916 BrSerWdm - ok
22:53:48.0674 3916 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:53:48.0674 3916 BrUsbMdm - ok
22:53:48.0705 3916 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:53:48.0705 3916 BrUsbSer - ok
22:53:48.0736 3916 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:53:48.0736 3916 BTHMODEM - ok
22:53:48.0783 3916 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:53:48.0783 3916 bthserv - ok
22:53:48.0814 3916 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:53:48.0861 3916 cdfs - ok
22:53:48.0876 3916 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
22:53:48.0892 3916 cdrom - ok
22:53:48.0970 3916 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:53:49.0001 3916 CertPropSvc - ok
22:53:49.0048 3916 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:53:49.0064 3916 circlass - ok
22:53:49.0110 3916 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:53:49.0173 3916 CLFS - ok
22:53:49.0251 3916 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:53:49.0282 3916 clr_optimization_v2.0.50727_32 - ok
22:53:49.0344 3916 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:53:49.0360 3916 clr_optimization_v2.0.50727_64 - ok
22:53:49.0438 3916 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:53:49.0547 3916 clr_optimization_v4.0.30319_32 - ok
22:53:49.0578 3916 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:53:49.0610 3916 clr_optimization_v4.0.30319_64 - ok
22:53:49.0625 3916 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:53:49.0641 3916 CmBatt - ok
22:53:49.0656 3916 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
22:53:49.0672 3916 cmdide - ok
22:53:49.0734 3916 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
22:53:49.0797 3916 CNG - ok
22:53:49.0812 3916 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:53:49.0812 3916 Compbatt - ok
22:53:49.0844 3916 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:53:49.0859 3916 CompositeBus - ok
22:53:49.0875 3916 COMSysApp - ok
22:53:49.0890 3916 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:53:49.0890 3916 crcdisk - ok
22:53:49.0937 3916 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
22:53:49.0968 3916 CryptSvc - ok
22:53:50.0031 3916 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
22:53:50.0093 3916 CSC - ok
22:53:50.0265 3916 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
22:53:50.0280 3916 CscService - ok
22:53:50.0358 3916 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:53:50.0358 3916 DcomLaunch - ok
22:53:50.0452 3916 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:53:50.0592 3916 defragsvc - ok
22:53:50.0686 3916 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
22:53:50.0702 3916 DfsC - ok
22:53:50.0780 3916 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
22:53:50.0795 3916 Dhcp - ok
22:53:50.0811 3916 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:53:50.0826 3916 discache - ok
22:53:50.0889 3916 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:53:50.0904 3916 Disk - ok
22:53:50.0967 3916 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
22:53:51.0029 3916 Dnscache - ok
22:53:51.0045 3916 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
22:53:51.0060 3916 dot3svc - ok
22:53:51.0185 3916 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
22:53:51.0201 3916 Dot4 - ok
22:53:51.0216 3916 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:53:51.0216 3916 Dot4Print - ok
22:53:51.0248 3916 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
22:53:51.0263 3916 dot4usb - ok
22:53:51.0279 3916 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
22:53:51.0279 3916 DPS - ok
22:53:51.0310 3916 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:53:51.0326 3916 drmkaud - ok
22:53:51.0388 3916 dump_wmimmc - ok
22:53:51.0450 3916 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
22:53:51.0482 3916 DXGKrnl - ok
22:53:51.0513 3916 EagleX64 - ok
22:53:51.0544 3916 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:53:51.0544 3916 EapHost - ok
22:53:51.0684 3916 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:53:51.0809 3916 ebdrv - ok
22:53:51.0887 3916 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
22:53:51.0887 3916 EFS - ok
22:53:51.0950 3916 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
22:53:52.0012 3916 ehRecvr - ok
22:53:52.0043 3916 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:53:52.0059 3916 ehSched - ok
22:53:52.0137 3916 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:53:52.0168 3916 elxstor - ok
22:53:52.0184 3916 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
22:53:52.0199 3916 ErrDev - ok
22:53:52.0246 3916 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:53:52.0246 3916 EventSystem - ok
22:53:52.0277 3916 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:53:52.0277 3916 exfat - ok
22:53:52.0293 3916 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:53:52.0308 3916 fastfat - ok
22:53:52.0355 3916 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
22:53:52.0371 3916 Fax - ok
22:53:52.0386 3916 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:53:52.0386 3916 fdc - ok
22:53:52.0418 3916 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:53:52.0418 3916 fdPHost - ok
22:53:52.0464 3916 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:53:52.0464 3916 FDResPub - ok
22:53:52.0480 3916 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:53:52.0496 3916 FileInfo - ok
22:53:52.0511 3916 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:53:52.0527 3916 Filetrace - ok
22:53:52.0527 3916 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:53:52.0542 3916 flpydisk - ok
22:53:52.0574 3916 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
22:53:52.0620 3916 FltMgr - ok
22:53:52.0730 3916 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
22:53:52.0792 3916 FontCache - ok
22:53:52.0886 3916 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:53:52.0917 3916 FontCache3.0.0.0 - ok
22:53:52.0979 3916 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:53:53.0042 3916 FsDepends - ok
22:53:53.0104 3916 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
22:53:53.0104 3916 Fs_Rec - ok
22:53:53.0151 3916 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:53:53.0229 3916 fvevol - ok
22:53:53.0244 3916 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:53:53.0260 3916 gagp30kx - ok
22:53:53.0291 3916 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:53:53.0291 3916 GEARAspiWDM - ok
22:53:53.0338 3916 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
22:53:53.0354 3916 gpsvc - ok
22:53:53.0541 3916 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:53:53.0556 3916 gupdate - ok
22:53:53.0572 3916 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:53:53.0572 3916 gupdatem - ok
22:53:53.0603 3916 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:53:53.0619 3916 hcw85cir - ok
22:53:53.0666 3916 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
22:53:53.0697 3916 HdAudAddService - ok
22:53:53.0712 3916 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:53:53.0728 3916 HDAudBus - ok
22:53:53.0744 3916 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:53:53.0759 3916 HidBatt - ok
22:53:53.0775 3916 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:53:53.0775 3916 HidBth - ok
22:53:53.0790 3916 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:53:53.0790 3916 HidIr - ok
22:53:53.0806 3916 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:53:53.0822 3916 hidserv - ok
22:53:53.0853 3916 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
22:53:53.0853 3916 HidUsb - ok
22:53:53.0884 3916 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
22:53:53.0884 3916 hkmsvc - ok
22:53:53.0915 3916 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
22:53:53.0946 3916 HomeGroupListener - ok
22:53:53.0978 3916 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
22:53:53.0993 3916 HomeGroupProvider - ok
22:53:54.0087 3916 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
22:53:54.0102 3916 hpqcxs08 - ok
22:53:54.0118 3916 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
22:53:54.0118 3916 hpqddsvc - ok
22:53:54.0149 3916 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
22:53:54.0165 3916 HpSAMD - ok
22:53:54.0274 3916 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
22:53:54.0368 3916 HTTP - ok
22:53:54.0368 3916 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
22:53:54.0383 3916 hwpolicy - ok
22:53:54.0414 3916 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:53:54.0430 3916 i8042prt - ok
22:53:54.0461 3916 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
22:53:54.0492 3916 iaStorV - ok
22:53:54.0570 3916 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:53:54.0664 3916 idsvc - ok
22:53:54.0851 3916 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:53:54.0867 3916 iirsp - ok
22:53:55.0023 3916 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
22:53:55.0038 3916 IKEEXT - ok
22:53:55.0070 3916 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
22:53:55.0085 3916 intelide - ok
22:53:55.0148 3916 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:53:55.0148 3916 intelppm - ok
22:53:55.0226 3916 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:53:55.0226 3916 IPBusEnum - ok
22:53:55.0272 3916 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:53:55.0272 3916 IpFilterDriver - ok
22:53:55.0366 3916 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
22:53:55.0428 3916 iphlpsvc - ok
22:53:55.0475 3916 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:53:55.0491 3916 IPMIDRV - ok
22:53:55.0522 3916 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:53:55.0538 3916 IPNAT - ok
22:53:55.0616 3916 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
22:53:55.0647 3916 iPod Service - ok
22:53:55.0678 3916 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:53:55.0678 3916 IRENUM - ok
22:53:55.0709 3916 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
22:53:55.0709 3916 isapnp - ok
22:53:55.0756 3916 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
22:53:55.0787 3916 iScsiPrt - ok
22:53:55.0818 3916 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:53:55.0834 3916 kbdclass - ok
22:53:55.0850 3916 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
22:53:55.0850 3916 kbdhid - ok
22:53:55.0881 3916 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:53:55.0881 3916 KeyIso - ok
22:53:55.0912 3916 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
22:53:55.0943 3916 KSecDD - ok
22:53:55.0974 3916 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
22:53:56.0006 3916 KSecPkg - ok
22:53:56.0037 3916 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:53:56.0037 3916 ksthunk - ok
22:53:56.0099 3916 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:53:56.0146 3916 KtmRm - ok
22:53:56.0193 3916 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
22:53:56.0193 3916 LanmanServer - ok
22:53:56.0240 3916 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
22:53:56.0240 3916 LanmanWorkstation - ok
22:53:56.0318 3916 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:53:56.0318 3916 lltdio - ok
22:53:56.0380 3916 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:53:56.0411 3916 lltdsvc - ok
22:53:56.0427 3916 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:53:56.0427 3916 lmhosts - ok
22:53:56.0458 3916 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:53:56.0474 3916 LSI_FC - ok
22:53:56.0505 3916 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:53:56.0520 3916 LSI_SAS - ok
22:53:56.0552 3916 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:53:56.0567 3916 LSI_SAS2 - ok
22:53:56.0583 3916 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:53:56.0598 3916 LSI_SCSI - ok
22:53:56.0614 3916 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:53:56.0630 3916 luafv - ok
22:53:56.0801 3916 McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
22:53:56.0848 3916 McComponentHostService - ok
22:53:56.0879 3916 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
22:53:56.0910 3916 Mcx2Svc - ok
22:53:56.0957 3916 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:53:56.0957 3916 megasas - ok
22:53:57.0020 3916 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:53:57.0035 3916 MegaSR - ok
22:53:57.0066 3916 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:53:57.0082 3916 MMCSS - ok
22:53:57.0082 3916 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:53:57.0098 3916 Modem - ok
22:53:57.0129 3916 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:53:57.0144 3916 monitor - ok
22:53:57.0207 3916 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:53:57.0222 3916 mouclass - ok
22:53:57.0269 3916 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:53:57.0285 3916 mouhid - ok
22:53:57.0347 3916 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
22:53:57.0378 3916 mountmgr - ok
22:53:57.0472 3916 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:53:57.0488 3916 MozillaMaintenance - ok
22:53:57.0534 3916 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
22:53:57.0550 3916 mpio - ok
22:53:57.0566 3916 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:53:57.0597 3916 mpsdrv - ok
22:53:57.0706 3916 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
22:53:57.0722 3916 MpsSvc - ok
22:53:57.0737 3916 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
22:53:57.0768 3916 MRxDAV - ok
22:53:57.0815 3916 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:53:57.0831 3916 mrxsmb - ok
22:53:57.0878 3916 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:53:57.0909 3916 mrxsmb10 - ok
22:53:57.0940 3916 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:53:57.0956 3916 mrxsmb20 - ok
22:53:57.0971 3916 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
22:53:57.0987 3916 msahci - ok
22:53:58.0018 3916 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
22:53:58.0049 3916 msdsm - ok
22:53:58.0080 3916 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:53:58.0112 3916 MSDTC - ok
22:53:58.0143 3916 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:53:58.0143 3916 Msfs - ok
22:53:58.0158 3916 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:53:58.0174 3916 mshidkmdf - ok
22:53:58.0190 3916 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
22:53:58.0205 3916 msisadrv - ok
22:53:58.0424 3916 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:53:58.0439 3916 MSiSCSI - ok
22:53:58.0455 3916 msiserver - ok
22:53:58.0517 3916 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:53:58.0533 3916 MSKSSRV - ok
22:53:58.0580 3916 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:53:58.0595 3916 MSPCLOCK - ok
22:53:58.0626 3916 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:53:58.0626 3916 MSPQM - ok
22:53:58.0751 3916 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
22:53:58.0798 3916 MsRPC - ok
22:53:58.0814 3916 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
22:53:58.0829 3916 mssmbios - ok
22:53:58.0860 3916 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:53:58.0876 3916 MSTEE - ok
22:53:58.0907 3916 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:53:58.0923 3916 MTConfig - ok
22:53:58.0985 3916 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:53:58.0985 3916 Mup - ok
22:53:59.0032 3916 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
22:53:59.0094 3916 napagent - ok
22:53:59.0157 3916 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:53:59.0204 3916 NativeWifiP - ok
22:53:59.0469 3916 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
22:53:59.0578 3916 NDIS - ok
22:53:59.0625 3916 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:53:59.0625 3916 NdisCap - ok
22:53:59.0656 3916 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:53:59.0672 3916 NdisTapi - ok
22:53:59.0687 3916 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
22:53:59.0703 3916 Ndisuio - ok
22:53:59.0734 3916 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:53:59.0765 3916 NdisWan - ok
22:53:59.0781 3916 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
22:53:59.0796 3916 NDProxy - ok
22:53:59.0843 3916 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
22:53:59.0859 3916 Net Driver HPZ12 - ok
22:53:59.0890 3916 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:53:59.0906 3916 NetBIOS - ok
22:53:59.0952 3916 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
22:53:59.0999 3916 NetBT - ok
22:54:00.0030 3916 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:54:00.0030 3916 Netlogon - ok
22:54:00.0093 3916 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:54:00.0093 3916 Netman - ok
22:54:00.0155 3916 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:54:00.0171 3916 netprofm - ok
22:54:00.0264 3916 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:54:00.0296 3916 NetTcpPortSharing - ok
22:54:00.0358 3916 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:54:00.0374 3916 nfrd960 - ok
22:54:00.0436 3916 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
22:54:00.0452 3916 NlaSvc - ok
22:54:00.0467 3916 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:54:00.0467 3916 Npfs - ok
22:54:00.0514 3916 npggsvc - ok
22:54:00.0545 3916 NPPTNT2 - ok
22:54:00.0576 3916 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:54:00.0576 3916 nsi - ok
22:54:00.0592 3916 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:54:00.0608 3916 nsiproxy - ok
22:54:00.0701 3916 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
22:54:00.0779 3916 Ntfs - ok
22:54:00.0951 3916 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:54:00.0951 3916 Null - ok
22:54:01.0076 3916 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
22:54:01.0122 3916 NVENETFD - ok
22:54:02.0386 3916 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:54:02.0495 3916 nvlddmkm - ok
22:54:02.0667 3916 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
22:54:02.0682 3916 nvraid - ok
22:54:02.0714 3916 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys
22:54:02.0729 3916 nvsmu - ok
22:54:02.0745 3916 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
22:54:02.0760 3916 nvstor - ok
22:54:02.0854 3916 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
22:54:02.0870 3916 nvsvc - ok
22:54:03.0213 3916 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:54:03.0369 3916 nvUpdatusService - ok
22:54:03.0509 3916 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
22:54:03.0525 3916 nv_agp - ok
22:54:03.0540 3916 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
22:54:03.0556 3916 ohci1394 - ok
22:54:03.0618 3916 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:54:03.0650 3916 p2pimsvc - ok
22:54:03.0681 3916 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:54:03.0728 3916 p2psvc - ok
22:54:03.0759 3916 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:54:03.0774 3916 Parport - ok
22:54:03.0806 3916 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
22:54:03.0821 3916 partmgr - ok
22:54:03.0837 3916 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:54:03.0852 3916 PcaSvc - ok
22:54:03.0868 3916 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
22:54:03.0899 3916 pci - ok
22:54:03.0915 3916 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
22:54:03.0930 3916 pciide - ok
22:54:03.0962 3916 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:54:03.0993 3916 pcmcia - ok
22:54:04.0008 3916 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:54:04.0024 3916 pcw - ok
22:54:04.0086 3916 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:54:04.0149 3916 PEAUTH - ok
22:54:04.0383 3916 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
22:54:04.0461 3916 PeerDistSvc - ok
22:54:04.0586 3916 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:54:04.0601 3916 PerfHost - ok
22:54:04.0788 3916 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
22:54:04.0851 3916 pla - ok
22:54:05.0116 3916 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
22:54:05.0116 3916 PlugPlay - ok
22:54:05.0241 3916 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
22:54:05.0241 3916 Pml Driver HPZ12 - ok
22:54:05.0272 3916 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:54:05.0288 3916 PNRPAutoReg - ok
22:54:05.0319 3916 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:54:05.0319 3916 PNRPsvc - ok
22:54:05.0428 3916 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
22:54:05.0475 3916 PolicyAgent - ok
22:54:05.0506 3916 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:54:05.0506 3916 Power - ok
22:54:05.0568 3916 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
22:54:05.0568 3916 PptpMiniport - ok
22:54:05.0600 3916 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:54:05.0615 3916 Processor - ok
22:54:05.0646 3916 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
22:54:05.0662 3916 ProfSvc - ok
22:54:05.0678 3916 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:54:05.0678 3916 ProtectedStorage - ok
22:54:05.0693 3916 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
22:54:05.0709 3916 Psched - ok
22:54:05.0787 3916 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:54:05.0849 3916 ql2300 - ok
22:54:05.0943 3916 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:54:05.0958 3916 ql40xx - ok
22:54:06.0005 3916 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:54:06.0036 3916 QWAVE - ok
22:54:06.0052 3916 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:54:06.0052 3916 QWAVEdrv - ok
22:54:06.0068 3916 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:54:06.0083 3916 RasAcd - ok
22:54:06.0130 3916 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:54:06.0130 3916 RasAgileVpn - ok
22:54:06.0161 3916 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:54:06.0192 3916 RasAuto - ok
22:54:06.0239 3916 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:54:06.0302 3916 Rasl2tp - ok
22:54:06.0380 3916 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
22:54:06.0411 3916 RasMan - ok
22:54:06.0442 3916 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:54:06.0473 3916 RasPppoe - ok
22:54:06.0489 3916 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:54:06.0504 3916 RasSstp - ok
22:54:06.0567 3916 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
22:54:06.0582 3916 rdbss - ok
22:54:06.0614 3916 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:54:06.0660 3916 rdpbus - ok
22:54:06.0676 3916 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:54:06.0692 3916 RDPCDD - ok
22:54:06.0723 3916 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
22:54:06.0754 3916 RDPDR - ok
22:54:06.0770 3916 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:54:06.0770 3916 RDPENCDD - ok
22:54:06.0801 3916 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:54:06.0801 3916 RDPREFMP - ok
22:54:06.0832 3916 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
22:54:06.0863 3916 RDPWD - ok
22:54:06.0910 3916 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
22:54:06.0926 3916 rdyboost - ok
22:54:06.0957 3916 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:54:06.0972 3916 RemoteAccess - ok
22:54:07.0004 3916 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:54:07.0035 3916 RemoteRegistry - ok
22:54:07.0050 3916 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:54:07.0066 3916 RpcEptMapper - ok
22:54:07.0082 3916 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:54:07.0113 3916 RpcLocator - ok
22:54:07.0206 3916 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:54:07.0206 3916 RpcSs - ok
22:54:07.0284 3916 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:54:07.0300 3916 rspndr - ok
22:54:07.0394 3916 RTL8192su (fc00c0de6dc83de1b2b01420e2195b21) C:\Windows\system32\DRIVERS\RTL8192su.sys
22:54:07.0440 3916 RTL8192su - ok
22:54:07.0456 3916 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
22:54:07.0456 3916 s3cap - ok
22:54:07.0487 3916 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:54:07.0487 3916 SamSs - ok
22:54:07.0581 3916 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:54:07.0581 3916 SASDIFSV - ok
22:54:07.0628 3916 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:54:07.0628 3916 SASKUTIL - ok
22:54:07.0659 3916 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
22:54:07.0674 3916 sbp2port - ok
22:54:07.0830 3916 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:54:07.0862 3916 SCardSvr - ok
22:54:07.0955 3916 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
22:54:07.0971 3916 scfilter - ok
22:54:08.0033 3916 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
22:54:08.0033 3916 Schedule - ok
22:54:08.0080 3916 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:54:08.0080 3916 SCPolicySvc - ok
22:54:08.0111 3916 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
22:54:08.0174 3916 SDRSVC - ok
22:54:08.0236 3916 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:54:08.0236 3916 secdrv - ok
22:54:08.0298 3916 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
22:54:08.0330 3916 seclogon - ok
22:54:08.0376 3916 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:54:08.0376 3916 SENS - ok
22:54:08.0392 3916 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:54:08.0408 3916 SensrSvc - ok
22:54:08.0439 3916 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:54:08.0439 3916 Serenum - ok
22:54:08.0470 3916 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:54:08.0486 3916 Serial - ok
22:54:08.0517 3916 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:54:08.0532 3916 sermouse - ok
22:54:08.0564 3916 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
22:54:08.0595 3916 SessionEnv - ok
22:54:08.0626 3916 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
22:54:08.0657 3916 sffdisk - ok
22:54:08.0673 3916 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:54:08.0673 3916 sffp_mmc - ok
22:54:08.0688 3916 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
22:54:08.0704 3916 sffp_sd - ok
22:54:08.0720 3916 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:54:08.0735 3916 sfloppy - ok
22:54:08.0798 3916 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:54:08.0829 3916 SharedAccess - ok
22:54:08.0876 3916 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
22:54:08.0876 3916 ShellHWDetection - ok
22:54:08.0907 3916 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:54:08.0922 3916 SiSRaid2 - ok
22:54:08.0938 3916 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:54:08.0954 3916 SiSRaid4 - ok
22:54:08.0969 3916 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:54:09.0000 3916 Smb - ok
22:54:09.0032 3916 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:54:09.0032 3916 SNMPTRAP - ok
22:54:09.0063 3916 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:54:09.0063 3916 spldr - ok
22:54:09.0125 3916 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
22:54:09.0141 3916 Spooler - ok
22:54:09.0578 3916 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
22:54:09.0749 3916 sppsvc - ok
22:54:09.0952 3916 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:54:09.0968 3916 sppuinotify - ok
22:54:10.0077 3916 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
22:54:10.0124 3916 srv - ok
22:54:10.0233 3916 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
22:54:10.0264 3916 srv2 - ok
22:54:10.0311 3916 SrvHsfPCIe (a42b22601cc2754428b5f82e040fd1c7) C:\Windows\system32\DRIVERS\VSTBS36.SYS
22:54:10.0358 3916 SrvHsfPCIe - ok
22:54:10.0404 3916 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
22:54:10.0498 3916 SrvHsfV92 - ok
22:54:10.0748 3916 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
22:54:10.0794 3916 SrvHsfWinac - ok
22:54:10.0841 3916 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
22:54:10.0857 3916 srvnet - ok
22:54:10.0904 3916 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:54:10.0935 3916 SSDPSRV - ok
22:54:10.0950 3916 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:54:10.0982 3916 SstpSvc - ok
22:54:11.0060 3916 Steam Client Service - ok
22:54:11.0153 3916 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:54:11.0153 3916 Stereo Service - ok
22:54:11.0169 3916 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:54:11.0184 3916 stexstor - ok
22:54:11.0356 3916 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
22:54:11.0387 3916 stisvc - ok
22:54:11.0418 3916 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
22:54:11.0418 3916 storflt - ok
22:54:11.0450 3916 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
22:54:11.0465 3916 storvsc - ok
22:54:11.0481 3916 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
22:54:11.0481 3916 swenum - ok
22:54:11.0730 3916 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:54:11.0762 3916 swprv - ok
22:54:11.0949 3916 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
22:54:11.0949 3916 SysMain - ok
22:54:12.0027 3916 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
22:54:12.0042 3916 TabletInputService - ok
22:54:12.0074 3916 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
22:54:12.0105 3916 TapiSrv - ok
22:54:12.0152 3916 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:54:12.0167 3916 TBS - ok
22:54:12.0370 3916 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
22:54:12.0464 3916 Tcpip - ok
22:54:12.0807 3916 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
22:54:12.0822 3916 TCPIP6 - ok
22:54:12.0947 3916 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
22:54:12.0963 3916 tcpipreg - ok
22:54:12.0994 3916 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:54:13.0010 3916 TDPIPE - ok
22:54:13.0025 3916 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
22:54:13.0025 3916 TDTCP - ok
22:54:13.0056 3916 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
22:54:13.0088 3916 tdx - ok
22:54:13.0103 3916 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
22:54:13.0119 3916 TermDD - ok
22:54:13.0228 3916 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
22:54:13.0290 3916 TermService - ok
22:54:13.0322 3916 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:54:13.0322 3916 Themes - ok
22:54:13.0353 3916 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:54:13.0353 3916 THREADORDER - ok
22:54:13.0384 3916 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:54:13.0384 3916 TrkWks - ok
22:54:13.0446 3916 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
22:54:13.0478 3916 TrustedInstaller - ok
22:54:13.0509 3916 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:54:13.0509 3916 tssecsrv - ok
22:54:13.0556 3916 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
22:54:13.0556 3916 tunnel - ok
22:54:13.0587 3916 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:54:13.0602 3916 uagp35 - ok
22:54:13.0634 3916 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
22:54:13.0649 3916 udfs - ok
22:54:13.0680 3916 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:54:13.0696 3916 UI0Detect - ok
22:54:13.0712 3916 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
22:54:13.0727 3916 uliagpkx - ok
22:54:13.0758 3916 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
22:54:13.0758 3916 umbus - ok
22:54:13.0774 3916 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:54:13.0790 3916 UmPass - ok
22:54:13.0821 3916 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
22:54:13.0852 3916 UmRdpService - ok
22:54:13.0883 3916 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:54:13.0946 3916 upnphost - ok
22:54:13.0992 3916 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:54:13.0992 3916 USBAAPL64 - ok
22:54:14.0008 3916 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
22:54:14.0024 3916 usbccgp - ok
22:54:14.0055 3916 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
22:54:14.0070 3916 usbcir - ok
22:54:14.0086 3916 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
22:54:14.0102 3916 usbehci - ok
22:54:14.0148 3916 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
22:54:14.0180 3916 usbhub - ok
22:54:14.0180 3916 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
22:54:14.0195 3916 usbohci - ok
22:54:14.0226 3916 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:54:14.0242 3916 usbprint - ok
22:54:14.0289 3916 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:54:14.0304 3916 usbscan - ok
22:54:14.0320 3916 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:54:14.0351 3916 USBSTOR - ok
22:54:14.0367 3916 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
22:54:14.0367 3916 usbuhci - ok
22:54:14.0398 3916 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:54:14.0398 3916 UxSms - ok
22:54:14.0414 3916 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:54:14.0414 3916 VaultSvc - ok
22:54:14.0429 3916 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
22:54:14.0445 3916 vdrvroot - ok
22:54:14.0507 3916 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
22:54:14.0554 3916 vds - ok
22:54:14.0570 3916 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:54:14.0585 3916 vga - ok
22:54:14.0601 3916 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:54:14.0601 3916 VgaSave - ok
22:54:14.0632 3916 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
22:54:14.0663 3916 vhdmp - ok
22:54:14.0663 3916 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
22:54:14.0679 3916 viaide - ok
22:54:14.0710 3916 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
22:54:14.0710 3916 vmbus - ok
22:54:14.0726 3916 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
22:54:14.0741 3916 VMBusHID - ok
22:54:14.0757 3916 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
22:54:14.0772 3916 volmgr - ok
22:54:14.0819 3916 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
22:54:14.0866 3916 volmgrx - ok
22:54:14.0913 3916 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
22:54:14.0944 3916 volsnap - ok
22:54:14.0991 3916 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:54:15.0022 3916 vsmraid - ok
22:54:15.0240 3916 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
22:54:15.0381 3916 VSS - ok
22:54:15.0459 3916 vtany - ok
22:54:16.0535 3916 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
22:54:16.0832 3916 vwifibus - ok
22:54:17.0502 3916 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:54:17.0534 3916 vwififlt - ok
22:54:18.0111 3916 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:54:18.0173 3916 W32Time - ok
22:54:18.0204 3916 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:54:18.0236 3916 WacomPen - ok
22:54:18.0329 3916 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:54:18.0345 3916 WANARP - ok
22:54:18.0360 3916 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:54:18.0360 3916 Wanarpv6 - ok
22:54:18.0438 3916 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:54:18.0532 3916 WatAdminSvc - ok
22:54:18.0594 3916 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
22:54:18.0672 3916 wbengine - ok
22:54:18.0828 3916 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:54:18.0844 3916 WbioSrvc - ok
22:54:18.0891 3916 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
22:54:18.0922 3916 wcncsvc - ok
22:54:18.0938 3916 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:54:18.0953 3916 WcsPlugInService - ok
22:54:18.0984 3916 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:54:18.0984 3916 Wd - ok
22:54:19.0062 3916 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:54:19.0109 3916 Wdf01000 - ok
22:54:19.0125 3916 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:54:19.0140 3916 WdiServiceHost - ok
22:54:19.0140 3916 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:54:19.0140 3916 WdiSystemHost - ok
22:54:19.0187 3916 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
22:54:19.0312 3916 WebClient - ok
22:54:19.0406 3916 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:54:19.0421 3916 Wecsvc - ok
22:54:19.0437 3916 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:54:19.0452 3916 wercplsupport - ok
22:54:19.0484 3916 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:54:19.0499 3916 WerSvc - ok
22:54:19.0530 3916 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:54:19.0546 3916 WfpLwf - ok
22:54:19.0562 3916 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:54:19.0577 3916 WIMMount - ok
22:54:19.0608 3916 WinDefend - ok
22:54:19.0624 3916 WinHttpAutoProxySvc - ok
22:54:19.0702 3916 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:54:19.0702 3916 Winmgmt - ok
22:54:19.0827 3916 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
22:54:19.0920 3916 WinRM - ok
22:54:20.0154 3916 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:54:20.0170 3916 Wlansvc - ok
22:54:20.0248 3916 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:54:20.0248 3916 WmiAcpi - ok
22:54:20.0310 3916 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:54:20.0342 3916 wmiApSrv - ok
22:54:20.0373 3916 WMPNetworkSvc - ok
22:54:20.0404 3916 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:54:20.0420 3916 WPCSvc - ok
22:54:20.0451 3916 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
22:54:20.0451 3916 WPDBusEnum - ok
22:54:20.0466 3916 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:54:20.0482 3916 ws2ifsl - ok
22:54:20.0498 3916 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
22:54:20.0513 3916 wscsvc - ok
22:54:20.0529 3916 WSearch - ok
22:54:20.0654 3916 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:54:20.0763 3916 wuauserv - ok
22:54:20.0903 3916 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
22:54:20.0934 3916 WudfPf - ok
22:54:20.0966 3916 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:54:20.0981 3916 WUDFRd - ok
22:54:21.0012 3916 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
22:54:21.0012 3916 wudfsvc - ok
22:54:21.0044 3916 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:54:21.0075 3916 WwanSvc - ok
22:54:21.0106 3916 xsherlock - ok
22:54:21.0122 3916 xspirit - ok
22:54:21.0153 3916 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:54:21.0387 3916 \Device\Harddisk0\DR0 - ok
22:54:21.0387 3916 Boot (0x1200) (5f35d90b0ab8157488fa58d07b0bc982) \Device\Harddisk0\DR0\Partition0
22:54:21.0402 3916 \Device\Harddisk0\DR0\Partition0 - ok
22:54:21.0418 3916 Boot (0x1200) (338a0e5de7d59309f79e937f0ae3e543) \Device\Harddisk0\DR0\Partition1
22:54:21.0418 3916 \Device\Harddisk0\DR0\Partition1 - ok
22:54:21.0418 3916 ============================================================
22:54:21.0418 3916 Scan finished
22:54:21.0418 3916 ============================================================
22:54:21.0434 3940 Detected object count: 0
22:54:21.0434 3940 Actual detected object count: 0
-
TDSSKILLER log; {\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fcharset0 Tahoma;}{\f1\fnil\fcharset0 Calibri;}}
{\colortbl ;\red0\green0\blue0;}
{\*\generator Msftedit 5.41.21.2509;}\viewkind4\uc1\pard\cf1\f0\fs18 19:54:13.0735 1568\tab TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11\par
19:54:14.0192 1568\tab ============================================================\par
19:54:14.0192 1568\tab Current date / time: 2012/07/18 19:54:14.0192\par
19:54:14.0193 1568\tab SystemInfo:\par
19:54:14.0193 1568\tab\par
19:54:14.0193 1568\tab OS Version: 6.1.7600 ServicePack: 0.0\par
19:54:14.0193 1568\tab Product type: Workstation\par
19:54:14.0193 1568\tab ComputerName: BUGSBUNNY-PC\par
19:54:14.0193 1568\tab UserName: Bugs Bunny\par
19:54:14.0193 1568\tab Windows directory: C:\\Windows\par
19:54:14.0193 1568\tab System windows directory: C:\\Windows\par
19:54:14.0193 1568\tab Running under WOW64\par
19:54:14.0193 1568\tab Processor architecture: Intel x64\par
19:54:14.0193 1568\tab Number of processors: 4\par
19:54:14.0193 1568\tab Page size: 0x1000\par
19:54:14.0193 1568\tab Boot type: Normal boot\par
19:54:14.0193 1568\tab ============================================================\par
19:54:16.0098 1568\tab Drive \\Device\\Harddisk0\\DR0 - Size: 0xAEA8CDDA00 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040\par
19:54:16.0117 1568\tab ============================================================\par
19:54:16.0117 1568\tab\\Device\\Harddisk0\\DR0:\par
19:54:16.0118 1568\tab MBR partitions:\par
19:54:16.0118 1568\tab\\Device\\Harddisk0\\DR0\\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000\par
19:54:16.0118 1568\tab\\Device\\Harddisk0\\DR0\\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x57513000\par
19:54:16.0118 1568\tab ============================================================\par
19:54:16.0148 1568\tab C: <-> \\Device\\Harddisk0\\DR0\\Partition1\par
19:54:16.0175 1568\tab I: <-> \\Device\\Harddisk0\\DR0\\Partition0\par
19:54:16.0175 1568\tab ============================================================\par
19:54:16.0175 1568\tab Initialize success\par
19:54:16.0175 1568\tab ============================================================\par
19:57:38.0298 2428\tab ============================================================\par
19:57:38.0298 2428\tab Scan started\par
19:57:38.0298 2428\tab Mode: Manual; \par
19:57:38.0298 2428\tab ============================================================\par
19:57:39.0447 2428\tab !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\\Program Files\\SUPERAntiSpyware\\SASCORE64.EXE\par
19:57:39.0460 2428\tab !SASCORE - ok\par
19:57:41.0255 2428\tab 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\\Windows\\system32\\DRIVERS\\1394ohci.sys\par
19:57:41.0278 2428\tab 1394ohci - ok\par
19:57:41.0535 2428\tab ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\\Windows\\system32\\DRIVERS\\ACPI.sys\par
19:57:41.0560 2428\tab ACPI - ok\par
19:57:41.0602 2428\tab AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\\Windows\\system32\\DRIVERS\\acpipmi.sys\par
19:57:41.0624 2428\tab AcpiPmi - ok\par
19:57:41.0838 2428\tab AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe\par
19:57:45.0803 2428\tab AdobeARMservice - ok\par
19:57:47.0250 2428\tab AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe\par
19:57:47.0254 2428\tab AdobeFlashPlayerUpdateSvc - ok\par
19:57:47.0319 2428\tab adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\\Windows\\system32\\DRIVERS\\adp94xx.sys\par
19:57:47.0337 2428\tab adp94xx - ok\par
19:57:47.0409 2428\tab adpahci (597f78224ee9224ea1a13d6350ced962) C:\\Windows\\system32\\DRIVERS\\adpahci.sys\par
19:57:47.0414 2428\tab adpahci - ok\par
19:57:47.0442 2428\tab adpu320 (e109549c90f62fb570b9540c4b148e54) C:\\Windows\\system32\\DRIVERS\\adpu320.sys\par
19:57:47.0446 2428\tab adpu320 - ok\par
19:57:47.0476 2428\tab AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\\Windows\\System32\\aelupsvc.dll\par
19:57:47.0478 2428\tab AeLookupSvc - ok\par
19:57:47.0532 2428\tab AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\\Windows\\system32\\drivers\\afd.sys\par
19:57:47.0551 2428\tab AFD - ok\par
19:57:47.0588 2428\tab agp440 (608c14dba7299d8cb6ed035a68a15799) C:\\Windows\\system32\\DRIVERS\\agp440.sys\par
19:57:47.0592 2428\tab agp440 - ok\par
19:57:47.0609 2428\tab ALG (3290d6946b5e30e70414990574883ddb) C:\\Windows\\System32\\alg.exe\par
19:57:47.0613 2428\tab ALG - ok\par
19:57:47.0658 2428\tab aliide (5812713a477a3ad7363c7438ca2ee038) C:\\Windows\\system32\\DRIVERS\\aliide.sys\par
19:57:47.0659 2428\tab aliide - ok\par
19:57:47.0673 2428\tab amdide (1ff8b4431c353ce385c875f194924c0c) C:\\Windows\\system32\\DRIVERS\\amdide.sys\par
19:57:47.0675 2428\tab amdide - ok\par
19:57:47.0703 2428\tab AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\\Windows\\system32\\DRIVERS\\amdk8.sys\par
19:57:47.0706 2428\tab AmdK8 - ok\par
19:57:47.0719 2428\tab AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\\Windows\\system32\\DRIVERS\\amdppm.sys\par
19:57:47.0721 2428\tab AmdPPM - ok\par
19:57:47.0740 2428\tab amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\\Windows\\system32\\drivers\\amdsata.sys\par
19:57:47.0743 2428\tab amdsata - ok\par
19:57:47.0767 2428\tab amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\\Windows\\system32\\DRIVERS\\amdsbs.sys\par
19:57:47.0772 2428\tab amdsbs - ok\par
19:57:47.0785 2428\tab amdxata (db27766102c7bf7e95140a2aa81d042e) C:\\Windows\\system32\\drivers\\amdxata.sys\par
19:57:47.0788 2428\tab amdxata - ok\par
19:57:48.0143 2428\tab AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\sched.exe\par
19:57:48.0145 2428\tab AntiVirSchedulerService - ok\par
19:57:48.0190 2428\tab AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\avguard.exe\par
19:57:48.0192 2428\tab AntiVirService - ok\par
19:57:48.0252 2428\tab AntiVirWebService (e38ba9fab3981a2115c53260b930fd3c) C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\AVWEBGRD.EXE\par
19:57:48.0274 2428\tab AntiVirWebService - ok\par
19:57:48.0323 2428\tab AppID (42fd751b27fa0e9c69bb39f39e409594) C:\\Windows\\system32\\drivers\\appid.sys\par
19:57:48.0325 2428\tab AppID - ok\par
19:57:48.0346 2428\tab AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\\Windows\\System32\\appidsvc.dll\par
19:57:48.0349 2428\tab AppIDSvc - ok\par
19:57:48.0372 2428\tab Appinfo (d065be66822847b7f127d1f90158376e) C:\\Windows\\System32\\appinfo.dll\par
19:57:48.0375 2428\tab Appinfo - ok\par
19:57:48.0420 2428\tab Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\\Program Files (x86)\\Common Files\\Apple\\Mobile Device Support\\AppleMobileDeviceService.exe\par
19:57:48.0422 2428\tab Apple Mobile Device - ok\par
19:57:48.0473 2428\tab AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\\Windows\\System32\\appmgmts.dll\par
19:57:48.0477 2428\tab AppMgmt - ok\par
19:57:48.0500 2428\tab arc (c484f8ceb1717c540242531db7845c4e) C:\\Windows\\system32\\DRIVERS\\arc.sys\par
19:57:48.0503 2428\tab arc - ok\par
19:57:48.0515 2428\tab arcsas (019af6924aefe7839f61c830227fe79c) C:\\Windows\\system32\\DRIVERS\\arcsas.sys\par
19:57:48.0518 2428\tab arcsas - ok\par
19:57:48.0539 2428\tab AsyncMac (769765ce2cc62867468cea93969b2242) C:\\Windows\\system32\\DRIVERS\\asyncmac.sys\par
19:57:48.0541 2428\tab AsyncMac - ok\par
19:57:48.0556 2428\tab atapi (02062c0b390b7729edc9e69c680a6f3c) C:\\Windows\\system32\\DRIVERS\\atapi.sys\par
19:57:48.0559 2428\tab atapi - ok\par
19:57:48.0596 2428\tab AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\\Windows\\System32\\Audiosrv.dll\par
19:57:48.0601 2428\tab AudioEndpointBuilder - ok\par
19:57:48.0608 2428\tab AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\\Windows\\System32\\Audiosrv.dll\par
19:57:48.0613 2428\tab AudioSrv - ok\par
19:57:48.0701 2428\tab avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\\Windows\\system32\\DRIVERS\\avgntflt.sys\par
19:57:48.0704 2428\tab avgntflt - ok\par
19:57:48.0733 2428\tab avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\\Windows\\system32\\DRIVERS\\avipbb.sys\par
19:57:48.0736 2428\tab avipbb - ok\par
19:57:48.0771 2428\tab avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\\Windows\\system32\\DRIVERS\\avkmgr.sys\par
19:57:48.0773 2428\tab avkmgr - ok\par
19:57:48.0805 2428\tab AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\\Windows\\System32\\AxInstSV.dll\par
19:57:48.0810 2428\tab AxInstSV - ok\par
19:57:48.0843 2428\tab b06bdrv (3e5b191307609f7514148c6832bb0842) C:\\Windows\\system32\\DRIVERS\\bxvbda.sys\par
19:57:48.0863 2428\tab b06bdrv - ok\par
19:57:48.0901 2428\tab b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\\Windows\\system32\\DRIVERS\\b57nd60a.sys\par
19:57:48.0918 2428\tab b57nd60a - ok\par
19:57:48.0970 2428\tab BDESVC (fde360167101b4e45a96f939f388aeb0) C:\\Windows\\System32\\bdesvc.dll\par
19:57:48.0973 2428\tab BDESVC - ok\par
19:57:48.0994 2428\tab Beep (16a47ce2decc9b099349a5f840654746) C:\\Windows\\system32\\drivers\\Beep.sys\par
19:57:48.0996 2428\tab Beep - ok\par
19:57:49.0077 2428\tab BFE (4992c609a6315671463e30f6512bc022) C:\\Windows\\System32\\bfe.dll\par
19:57:49.0103 2428\tab BFE - ok\par
19:57:49.0298 2428\tab BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\\Windows\\System32\\qmgr.dll\par
19:57:49.0331 2428\tab BITS - ok\par
19:57:49.0378 2428\tab blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\\Windows\\system32\\DRIVERS\\blbdrive.sys\par
19:57:49.0381 2428\tab blbdrive - ok\par
19:57:49.0535 2428\tab Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\\Program Files\\Bonjour\\mDNSResponder.exe\par
19:57:49.0540 2428\tab Bonjour Service - ok\par
19:57:49.0572 2428\tab bowser (19d20159708e152267e53b66677a4995) C:\\Windows\\system32\\DRIVERS\\bowser.sys\par
19:57:49.0576 2428\tab bowser - ok\par
19:57:49.0601 2428\tab BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\\Windows\\system32\\DRIVERS\\BrFiltLo.sys\par
19:57:49.0603 2428\tab BrFiltLo - ok\par
19:57:49.0622 2428\tab BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\\Windows\\system32\\DRIVERS\\BrFiltUp.sys\par
19:57:49.0631 2428\tab BrFiltUp - ok\par
19:57:49.0660 2428\tab Browser (94fbc06f294d58d02361918418f996e3) C:\\Windows\\System32\\browser.dll\par
19:57:49.0662 2428\tab Browser - ok\par
19:57:49.0690 2428\tab Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\\Windows\\System32\\Drivers\\Brserid.sys\par
19:57:49.0703 2428\tab Brserid - ok\par
19:57:49.0713 2428\tab BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\\Windows\\System32\\Drivers\\BrSerWdm.sys\par
19:57:49.0715 2428\tab BrSerWdm - ok\par
19:57:49.0719 2428\tab BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\\Windows\\System32\\Drivers\\BrUsbMdm.sys\par
19:57:49.0720 2428\tab BrUsbMdm - ok\par
19:57:49.0733 2428\tab BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\\Windows\\System32\\Drivers\\BrUsbSer.sys\par
19:57:49.0735 2428\tab BrUsbSer - ok\par
19:57:49.0756 2428\tab BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\\Windows\\system32\\DRIVERS\\bthmodem.sys\par
19:57:49.0759 2428\tab BTHMODEM - ok\par
19:57:49.0794 2428\tab bthserv (95f9c2976059462cbbf227f7aab10de9) C:\\Windows\\system32\\bthserv.dll\par
19:57:49.0798 2428\tab bthserv - ok\par
19:57:49.0823 2428\tab cdfs (b8bd2bb284668c84865658c77574381a) C:\\Windows\\system32\\DRIVERS\\cdfs.sys\par
19:57:49.0826 2428\tab cdfs - ok\par
19:57:49.0848 2428\tab cdrom (83d2d75e1efb81b3450c18131443f7db) C:\\Windows\\system32\\DRIVERS\\cdrom.sys\par
19:57:49.0853 2428\tab cdrom - ok\par
19:57:49.0884 2428\tab CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\\Windows\\System32\\certprop.dll\par
19:57:49.0888 2428\tab CertPropSvc - ok\par
19:57:49.0916 2428\tab circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\\Windows\\system32\\DRIVERS\\circlass.sys\par
19:57:49.0918 2428\tab circlass - ok\par
19:57:49.0948 2428\tab CLFS (fe1ec06f2253f691fe36217c592a0206) C:\\Windows\\system32\\CLFS.sys\par
19:57:49.0964 2428\tab CLFS - ok\par
19:57:50.0024 2428\tab clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe\par
19:57:50.0028 2428\tab clr_optimization_v2.0.50727_32 - ok\par
19:57:50.0066 2428\tab clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\\Windows\\Microsoft.NET\\Framework64\\v2.0.50727\\mscorsvw.exe\par
19:57:50.0071 2428\tab clr_optimization_v2.0.50727_64 - ok\par
19:57:50.0139 2428\tab clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe\par
19:57:50.0165 2428\tab clr_optimization_v4.0.30319_32 - ok\par
19:57:50.0199 2428\tab clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\mscorsvw.exe\par
19:57:50.0203 2428\tab clr_optimization_v4.0.30319_64 - ok\par
19:57:50.0226 2428\tab CmBatt (0840155d0bddf1190f84a663c284bd33) C:\\Windows\\system32\\DRIVERS\\CmBatt.sys\par
19:57:50.0228 2428\tab CmBatt - ok\par
19:57:50.0249 2428\tab cmdide (e19d3f095812725d88f9001985b94edd) C:\\Windows\\system32\\DRIVERS\\cmdide.sys\par
19:57:50.0251 2428\tab cmdide - ok\par
19:57:50.0296 2428\tab CNG (ca7720b73446fddec5c69519c1174c98) C:\\Windows\\system32\\Drivers\\cng.sys\par
19:57:50.0311 2428\tab CNG - ok\par
19:57:50.0337 2428\tab Compbatt (102de219c3f61415f964c88e9085ad14) C:\\Windows\\system32\\DRIVERS\\compbatt.sys\par
19:57:50.0339 2428\tab Compbatt - ok\par
19:57:50.0370 2428\tab CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\\Windows\\system32\\DRIVERS\\CompositeBus.sys\par
19:57:50.0373 2428\tab CompositeBus - ok\par
19:57:50.0387 2428\tab COMSysApp - ok\par
19:57:50.0403 2428\tab crcdisk (1c827878a998c18847245fe1f34ee597) C:\\Windows\\system32\\DRIVERS\\crcdisk.sys\par
19:57:50.0405 2428\tab crcdisk - ok\par
19:57:50.0433 2428\tab CryptSvc (f02786b66375292e58c8777082d4396d) C:\\Windows\\system32\\cryptsvc.dll\par
19:57:50.0435 2428\tab CryptSvc - ok\par
19:57:50.0469 2428\tab CSC (4a6173c2279b498cd8f57cae504564cb) C:\\Windows\\system32\\drivers\\csc.sys\par
19:57:50.0488 2428\tab CSC - ok\par
19:57:50.0527 2428\tab CscService (873fbf927c06e5cee04dec617502f8fd) C:\\Windows\\System32\\cscsvc.dll\par
19:57:50.0546 2428\tab CscService - ok\par
19:57:50.0586 2428\tab DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\\Windows\\system32\\rpcss.dll\par
19:57:50.0605 2428\tab DcomLaunch - ok\par
19:57:50.0636 2428\tab defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\\Windows\\System32\\defragsvc.dll\par
19:57:50.0652 2428\tab defragsvc - ok\par
19:57:50.0699 2428\tab DfsC (9c253ce7311ca60fc11c774692a13208) C:\\Windows\\system32\\Drivers\\dfsc.sys\par
19:57:50.0702 2428\tab DfsC - ok\par
19:57:50.0738 2428\tab Dhcp (ce3b9562d997f69b330d181a8875960f) C:\\Windows\\system32\\dhcpcore.dll\par
19:57:50.0754 2428\tab Dhcp - ok\par
19:57:50.0774 2428\tab discache (13096b05847ec78f0977f2c0f79e9ab3) C:\\Windows\\system32\\drivers\\discache.sys\par
19:57:50.0777 2428\tab discache - ok\par
19:57:50.0801 2428\tab Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\\Windows\\system32\\DRIVERS\\disk.sys\par
19:57:50.0804 2428\tab Disk - ok\par
19:57:50.0836 2428\tab Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\\Windows\\System32\\dnsrslvr.dll\par
19:57:50.0837 2428\tab Dnscache - ok\par
19:57:50.0872 2428\tab dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\\Windows\\System32\\dot3svc.dll\par
19:57:50.0876 2428\tab dot3svc - ok\par
19:57:50.0916 2428\tab Dot4 (b42ed0320c6e41102fde0005154849bb) C:\\Windows\\system32\\DRIVERS\\Dot4.sys\par
19:57:50.0920 2428\tab Dot4 - ok\par
19:57:50.0938 2428\tab Dot4Print (85135ad27e79b689335c08167d917cde) C:\\Windows\\system32\\DRIVERS\\Dot4Prt.sys\par
19:57:50.0940 2428\tab Dot4Print - ok\par
19:57:50.0965 2428\tab dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\\Windows\\system32\\DRIVERS\\dot4usb.sys\par
19:57:50.0967 2428\tab dot4usb - ok\par
19:57:50.0999 2428\tab DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\\Windows\\system32\\dps.dll\par
19:57:51.0001 2428\tab DPS - ok\par
19:57:51.0035 2428\tab drmkaud (9b19f34400d24df84c858a421c205754) C:\\Windows\\system32\\drivers\\drmkaud.sys\par
19:57:51.0037 2428\tab drmkaud - ok\par
19:57:51.0105 2428\tab dump_wmimmc - ok\par
19:57:51.0163 2428\tab DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\\Windows\\System32\\drivers\\dxgkrnl.sys\par
19:57:51.0189 2428\tab DXGKrnl - ok\par
19:57:51.0221 2428\tab EagleX64 - ok\par
19:57:51.0255 2428\tab EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\\Windows\\System32\\eapsvc.dll\par
19:57:51.0257 2428\tab EapHost - ok\par
19:57:51.0376 2428\tab ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\\Windows\\system32\\DRIVERS\\evbda.sys\par
19:57:51.0443 2428\tab ebdrv - ok\par
19:57:51.0529 2428\tab EFS (156f6159457d0aa7e59b62681b56eb90) C:\\Windows\\System32\\lsass.exe\par
19:57:51.0531 2428\tab EFS - ok\par
19:57:51.0594 2428\tab ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\\Windows\\ehome\\ehRecvr.exe\par
19:57:51.0614 2428\tab ehRecvr - ok\par
19:57:51.0646 2428\tab ehSched (4705e8ef9934482c5bb488ce28afc681) C:\\Windows\\ehome\\ehsched.exe\par
19:57:51.0649 2428\tab ehSched - ok\par
19:57:51.0743 2428\tab elxstor (0e5da5369a0fcaea12456dd852545184) C:\\Windows\\system32\\DRIVERS\\elxstor.sys\par
19:57:51.0754 2428\tab elxstor - ok\par
19:57:51.0771 2428\tab ErrDev (34a3c54752046e79a126e15c51db409b) C:\\Windows\\system32\\DRIVERS\\errdev.sys\par
19:57:51.0773 2428\tab ErrDev - ok\par
19:57:51.0827 2428\tab EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\\Windows\\system32\\es.dll\par
19:57:51.0832 2428\tab EventSystem - ok\par
19:57:51.0852 2428\tab exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\\Windows\\system32\\drivers\\exfat.sys\par
19:57:51.0857 2428\tab exfat - ok\par
19:57:51.0877 2428\tab fastfat (0adc83218b66a6db380c330836f3e36d) C:\\Windows\\system32\\drivers\\fastfat.sys\par
19:57:51.0890 2428\tab fastfat - ok\par
19:57:51.0950 2428\tab Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\\Windows\\system32\\fxssvc.exe\par
19:57:51.0973 2428\tab Fax - ok\par
19:57:52.0011 2428\tab fdc (d765d19cd8ef61f650c384f62fac00ab) C:\\Windows\\system32\\DRIVERS\\fdc.sys\par
19:57:52.0050 2428\tab fdc - ok\par
19:57:52.0063 2428\tab fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\\Windows\\system32\\fdPHost.dll\par
19:57:52.0065 2428\tab fdPHost - ok\par
19:57:52.0082 2428\tab FDResPub (802496cb59a30349f9a6dd22d6947644) C:\\Windows\\system32\\fdrespub.dll\par
19:57:52.0086 2428\tab FDResPub - ok\par
19:57:52.0105 2428\tab FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\\Windows\\system32\\drivers\\fileinfo.sys\par
19:57:52.0119 2428\tab FileInfo - ok\par
19:57:52.0134 2428\tab Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\\Windows\\system32\\drivers\\filetrace.sys\par
19:57:52.0136 2428\tab Filetrace - ok\par
19:57:52.0150 2428\tab flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\\Windows\\system32\\DRIVERS\\flpydisk.sys\par
19:57:52.0153 2428\tab flpydisk - ok\par
19:57:52.0190 2428\tab FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\\Windows\\system32\\drivers\\fltmgr.sys\par
19:57:52.0207 2428\tab FltMgr - ok\par
19:57:52.0271 2428\tab FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\\Windows\\system32\\FntCache.dll\par
19:57:52.0300 2428\tab FontCache - ok\par
19:57:52.0372 2428\tab FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\\Windows\\Microsoft.Net\\Framework64\\v3.0\\WPF\\PresentationFontCache.exe\par
19:57:52.0374 2428\tab FontCache3.0.0.0 - ok\par
19:57:52.0401 2428\tab FsDepends (d43703496149971890703b4b1b723eac) C:\\Windows\\system32\\drivers\\FsDepends.sys\par
19:57:52.0404 2428\tab FsDepends - ok\par
19:57:52.0431 2428\tab Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\\Windows\\system32\\drivers\\Fs_Rec.sys\par
19:57:52.0434 2428\tab Fs_Rec - ok\par
19:57:52.0457 2428\tab fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\\Windows\\system32\\DRIVERS\\fvevol.sys\par
19:57:52.0474 2428\tab fvevol - ok\par
19:57:52.0491 2428\tab gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\\Windows\\system32\\DRIVERS\\gagp30kx.sys\par
19:57:52.0494 2428\tab gagp30kx - ok\par
19:57:52.0524 2428\tab GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\\Windows\\system32\\DRIVERS\\GEARAspiWDM.sys\par
19:57:52.0526 2428\tab GEARAspiWDM - ok\par
19:57:52.0571 2428\tab gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\\Windows\\System32\\gpsvc.dll\par
19:57:52.0591 2428\tab gpsvc - ok\par
19:57:52.0725 2428\tab gupdate (f02a533f517eb38333cb12a9e8963773) C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe\par
19:57:52.0730 2428\tab gupdate - ok\par
19:57:52.0751 2428\tab gupdatem (f02a533f517eb38333cb12a9e8963773) C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe\par
19:57:52.0753 2428\tab gupdatem - ok\par
19:57:52.0797 2428\tab hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\\Windows\\system32\\drivers\\hcw85cir.sys\par
19:57:52.0799 2428\tab hcw85cir - ok\par
19:57:52.0847 2428\tab HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\\Windows\\system32\\drivers\\HdAudio.sys\par
19:57:52.0865 2428\tab HdAudAddService - ok\par
19:57:52.0884 2428\tab HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\\Windows\\system32\\DRIVERS\\HDAudBus.sys\par
19:57:52.0887 2428\tab HDAudBus - ok\par
19:57:52.0901 2428\tab HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\\Windows\\system32\\DRIVERS\\HidBatt.sys\par
19:57:52.0903 2428\tab HidBatt - ok\par
19:57:52.0923 2428\tab HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\\Windows\\system32\\DRIVERS\\hidbth.sys\par
19:57:52.0936 2428\tab HidBth - ok\par
19:57:52.0955 2428\tab HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\\Windows\\system32\\DRIVERS\\hidir.sys\par
19:57:52.0957 2428\tab HidIr - ok\par
19:57:52.0981 2428\tab hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\\Windows\\system32\\hidserv.dll\par
19:57:52.0984 2428\tab hidserv - ok\par
19:57:53.0015 2428\tab HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\\Windows\\system32\\DRIVERS\\hidusb.sys\par
19:57:53.0018 2428\tab HidUsb - ok\par
19:57:53.0036 2428\tab hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\\Windows\\system32\\kmsvc.dll\par
19:57:53.0039 2428\tab hkmsvc - ok\par
19:57:53.0063 2428\tab HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\\Windows\\system32\\ListSvc.dll\par
19:57:53.0099 2428\tab HomeGroupListener - ok\par
19:57:53.0125 2428\tab HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\\Windows\\system32\\provsvc.dll\par
19:57:53.0145 2428\tab HomeGroupProvider - ok\par
19:57:53.0258 2428\tab hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqcxs08.dll\par
19:57:53.0269 2428\tab hpqcxs08 - ok\par
19:57:53.0288 2428\tab hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqddsvc.dll\par
19:57:53.0291 2428\tab hpqddsvc - ok\par
19:57:53.0308 2428\tab HpSAMD (0886d440058f203eba0e1825e4355914) C:\\Windows\\system32\\DRIVERS\\HpSAMD.sys\par
19:57:53.0311 2428\tab HpSAMD - ok\par
19:57:53.0370 2428\tab HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\\Windows\\system32\\drivers\\HTTP.sys\par
19:57:53.0397 2428\tab HTTP - ok\par
19:57:53.0414 2428\tab hwpolicy (f17766a19145f111856378df337a5d79) C:\\Windows\\system32\\drivers\\hwpolicy.sys\par
19:57:53.0417 2428\tab hwpolicy - ok\par
19:57:53.0456 2428\tab i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\\Windows\\system32\\DRIVERS\\i8042prt.sys\par
19:57:53.0459 2428\tab i8042prt - ok\par
19:57:53.0487 2428\tab iaStorV (b75e45c564e944a2657167d197ab29da) C:\\Windows\\system32\\drivers\\iaStorV.sys\par
19:57:53.0503 2428\tab iaStorV - ok\par
19:57:53.0588 2428\tab idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\\Windows\\Microsoft.NET\\Framework64\\v3.0\\Windows Communication Foundation\\infocard.exe\par
19:57:53.0615 2428\tab idsvc - ok\par
19:57:53.0796 2428\tab iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\\Windows\\system32\\DRIVERS\\iirsp.sys\par
19:57:53.0798 2428\tab iirsp - ok\par
19:57:53.0849 2428\tab IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\\Windows\\System32\\ikeext.dll\par
19:57:53.0876 2428\tab IKEEXT - ok\par
19:57:53.0909 2428\tab intelide (f00f20e70c6ec3aa366910083a0518aa) C:\\Windows\\system32\\DRIVERS\\intelide.sys\par
19:57:53.0911 2428\tab intelide - ok\par
19:57:53.0937 2428\tab intelppm (ada036632c664caa754079041cf1f8c1) C:\\Windows\\system32\\DRIVERS\\intelppm.sys\par
19:57:53.0939 2428\tab intelppm - ok\par
19:57:53.0964 2428\tab IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\\Windows\\system32\\ipbusenum.dll\par
19:57:53.0967 2428\tab IPBusEnum - ok\par
19:57:53.0982 2428\tab IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\\Windows\\system32\\DRIVERS\\ipfltdrv.sys\par
19:57:53.0985 2428\tab IpFilterDriver - ok\par
19:57:54.0026 2428\tab iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\\Windows\\System32\\iphlpsvc.dll\par
19:57:54.0046 2428\tab iphlpsvc - ok\par
19:57:54.0067 2428\tab IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\\Windows\\system32\\DRIVERS\\IPMIDrv.sys\par
19:57:54.0071 2428\tab IPMIDRV - ok\par
19:57:54.0090 2428\tab IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\\Windows\\system32\\drivers\\ipnat.sys\par
19:57:54.0094 2428\tab IPNAT - ok\par
19:57:54.0179 2428\tab iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\\Program Files\\iPod\\bin\\iPodService.exe\par
19:57:54.0205 2428\tab iPod Service - ok\par
19:57:54.0243 2428\tab IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\\Windows\\system32\\drivers\\irenum.sys\par
19:57:54.0246 2428\tab IRENUM - ok\par
19:57:54.0257 2428\tab isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\\Windows\\system32\\DRIVERS\\isapnp.sys\par
19:57:54.0259 2428\tab isapnp - ok\par
19:57:54.0285 2428\tab iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\\Windows\\system32\\DRIVERS\\msiscsi.sys\par
19:57:54.0298 2428\tab iScsiPrt - ok\par
19:57:54.0316 2428\tab kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\\Windows\\system32\\DRIVERS\\kbdclass.sys\par
19:57:54.0319 2428\tab kbdclass - ok\par
19:57:54.0336 2428\tab kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\\Windows\\system32\\DRIVERS\\kbdhid.sys\par
19:57:54.0345 2428\tab kbdhid - ok\par
19:57:54.0369 2428\tab KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\\Windows\\system32\\lsass.exe\par
19:57:54.0371 2428\tab KeyIso - ok\par
19:57:54.0404 2428\tab KSecDD (4f4b5fde429416877de7143044582eb5) C:\\Windows\\system32\\Drivers\\ksecdd.sys\par
19:57:54.0408 2428\tab KSecDD - ok\par
19:57:54.0430 2428\tab KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\\Windows\\system32\\Drivers\\ksecpkg.sys\par
19:57:54.0435 2428\tab KSecPkg - ok\par
19:57:54.0470 2428\tab ksthunk (6869281e78cb31a43e969f06b57347c4) C:\\Windows\\system32\\drivers\\ksthunk.sys\par
19:57:54.0473 2428\tab ksthunk - ok\par
19:57:54.0513 2428\tab KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\\Windows\\system32\\msdtckrm.dll\par
19:57:54.0530 2428\tab KtmRm - ok\par
19:57:54.0563 2428\tab LanmanServer (81f1d04d4d0e433099365127375fd501) C:\\Windows\\system32\\srvsvc.dll\par
19:57:54.0568 2428\tab LanmanServer - ok\par
19:57:54.0586 2428\tab LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\\Windows\\System32\\wkssvc.dll\par
19:57:54.0589 2428\tab LanmanWorkstation - ok\par
19:57:54.0611 2428\tab lltdio (1538831cf8ad2979a04c423779465827) C:\\Windows\\system32\\DRIVERS\\lltdio.sys\par
19:57:54.0613 2428\tab lltdio - ok\par
19:57:54.0631 2428\tab lltdsvc (c1185803384ab3feed115f79f109427f) C:\\Windows\\System32\\lltdsvc.dll\par
19:57:54.0668 2428\tab lltdsvc - ok\par
19:57:54.0679 2428\tab lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\\Windows\\System32\\lmhsvc.dll\par
19:57:54.0683 2428\tab lmhosts - ok\par
19:57:54.0706 2428\tab LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\\Windows\\system32\\DRIVERS\\lsi_fc.sys\par
19:57:54.0709 2428\tab LSI_FC - ok\par
19:57:54.0747 2428\tab LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\\Windows\\system32\\DRIVERS\\lsi_sas.sys\par
19:57:54.0749 2428\tab LSI_SAS - ok\par
19:57:54.0767 2428\tab LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\\Windows\\system32\\DRIVERS\\lsi_sas2.sys\par
19:57:54.0770 2428\tab LSI_SAS2 - ok\par
19:57:54.0787 2428\tab LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\\Windows\\system32\\DRIVERS\\lsi_scsi.sys\par
19:57:54.0791 2428\tab LSI_SCSI - ok\par
19:57:54.0806 2428\tab luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\\Windows\\system32\\drivers\\luafv.sys\par
19:57:54.0810 2428\tab luafv - ok\par
19:57:54.0924 2428\tab McComponentHostService (22a7776c5d8eb5930edf9c8dd0884259) C:\\Program Files (x86)\\McAfee Security Scan\\3.0.207\\McCHSvc.exe\par
19:57:54.0936 2428\tab McComponentHostService - ok\par
19:57:54.0961 2428\tab Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\\Windows\\system32\\Mcx2Svc.dll\par
19:57:54.0964 2428\tab Mcx2Svc - ok\par
19:57:54.0979 2428\tab megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\\Windows\\system32\\DRIVERS\\megasas.sys\par
19:57:54.0982 2428\tab megasas - ok\par
19:57:55.0143 2428\tab MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\\Windows\\system32\\DRIVERS\\MegaSR.sys\par
19:57:55.0241 2428\tab MegaSR - ok\par
19:57:55.0371 2428\tab MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\\Windows\\system32\\mmcss.dll\par
19:57:55.0374 2428\tab MMCSS - ok\par
19:57:55.0439 2428\tab Modem (800ba92f7010378b09f9ed9270f07137) C:\\Windows\\system32\\drivers\\modem.sys\par
19:57:55.0443 2428\tab Modem - ok\par
19:57:55.0588 2428\tab monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\\Windows\\system32\\DRIVERS\\monitor.sys\par
19:57:55.0589 2428\tab monitor - ok\par
19:57:55.0719 2428\tab mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\\Windows\\system32\\DRIVERS\\mouclass.sys\par
19:57:55.0724 2428\tab mouclass - ok\par
19:57:55.0787 2428\tab mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\\Windows\\system32\\DRIVERS\\mouhid.sys\par
19:57:55.0790 2428\tab mouhid - ok\par
19:57:55.0810 2428\tab mountmgr (791af66c4d0e7c90a3646066386fb571) C:\\Windows\\system32\\drivers\\mountmgr.sys\par
19:57:55.0823 2428\tab mountmgr - ok\par
19:57:56.0760 2428\tab MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe\par
19:57:56.0763 2428\tab MozillaMaintenance - ok\par
19:57:58.0196 2428\tab mpio (609d1d87649ecc19796f4d76d4c15cea) C:\\Windows\\system32\\DRIVERS\\mpio.sys\par
19:57:58.0265 2428\tab mpio - ok\par
19:57:58.0717 2428\tab mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\\Windows\\system32\\drivers\\mpsdrv.sys\par
19:57:58.0756 2428\tab mpsdrv - ok\par
19:57:59.0099 2428\tab MpsSvc (aecab449567d1846dad63ece49e893e3) C:\\Windows\\system32\\mpssvc.dll\par
19:57:59.0114 2428\tab MpsSvc - ok\par
19:57:59.0131 2428\tab MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\\Windows\\system32\\drivers\\mrxdav.sys\par
19:57:59.0136 2428\tab MRxDAV - ok\par
19:57:59.0158 2428\tab mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\\Windows\\system32\\DRIVERS\\mrxsmb.sys\par
19:57:59.0163 2428\tab mrxsmb - ok\par
19:57:59.0184 2428\tab mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\\Windows\\system32\\DRIVERS\\mrxsmb10.sys\par
19:57:59.0195 2428\tab mrxsmb10 - ok\par
19:57:59.0210 2428\tab mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\\Windows\\system32\\DRIVERS\\mrxsmb20.sys\par
19:57:59.0213 2428\tab mrxsmb20 - ok\par
19:57:59.0224 2428\tab msahci (5c37497276e3b3a5488b23a326a754b7) C:\\Windows\\system32\\DRIVERS\\msahci.sys\par
19:57:59.0225 2428\tab msahci - ok\par
19:57:59.0245 2428\tab msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\\Windows\\system32\\DRIVERS\\msdsm.sys\par
19:57:59.0259 2428\tab msdsm - ok\par
19:57:59.0286 2428\tab MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\\Windows\\System32\\msdtc.exe\par
19:57:59.0288 2428\tab MSDTC - ok\par
19:57:59.0313 2428\tab Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\\Windows\\system32\\drivers\\Msfs.sys\par
19:57:59.0314 2428\tab Msfs - ok\par
19:57:59.0333 2428\tab mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\\Windows\\System32\\drivers\\mshidkmdf.sys\par
19:57:59.0335 2428\tab mshidkmdf - ok\par
19:57:59.0353 2428\tab msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\\Windows\\system32\\DRIVERS\\msisadrv.sys\par
19:57:59.0353 2428\tab msisadrv - ok\par
19:57:59.0380 2428\tab MSiSCSI (808e98ff49b155c522e6400953177b08) C:\\Windows\\system32\\iscsiexe.dll\par
19:57:59.0382 2428\tab MSiSCSI - ok\par
19:57:59.0386 2428\tab msiserver - ok\par
19:57:59.0433 2428\tab MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\\Windows\\system32\\drivers\\MSKSSRV.sys\par
19:57:59.0434 2428\tab MSKSSRV - ok\par
19:57:59.0438 2428\tab MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\\Windows\\system32\\drivers\\MSPCLOCK.sys\par
19:57:59.0439 2428\tab MSPCLOCK - ok\par
19:57:59.0465 2428\tab MSPQM (4ed981241db27c3383d72092b618a1d0) C:\\Windows\\system32\\drivers\\MSPQM.sys\par
19:57:59.0488 2428\tab MSPQM - ok\par
19:57:59.0648 2428\tab MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\\Windows\\system32\\drivers\\MsRPC.sys\par
19:57:59.0667 2428\tab MsRPC - ok\par
19:58:00.0284 2428\tab mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\\Windows\\system32\\DRIVERS\\mssmbios.sys\par
19:58:00.0285 2428\tab mssmbios - ok\par
19:58:00.0499 2428\tab MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\\Windows\\system32\\drivers\\MSTEE.sys\par
19:58:00.0503 2428\tab MSTEE - ok\par
19:58:00.0536 2428\tab MTConfig (7ea404308934e675bffde8edf0757bcd) C:\\Windows\\system32\\DRIVERS\\MTConfig.sys\par
19:58:00.0538 2428\tab MTConfig - ok\par
19:58:00.0572 2428\tab Mup (f9a18612fd3526fe473c1bda678d61c8) C:\\Windows\\system32\\Drivers\\mup.sys\par
19:58:00.0580 2428\tab Mup - ok\par
19:58:00.0616 2428\tab napagent (4987e079a4530fa737a128be54b63b12) C:\\Windows\\system32\\qagentRT.dll\par
19:58:00.0632 2428\tab napagent - ok\par
19:58:00.0667 2428\tab NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\\Windows\\system32\\DRIVERS\\nwifi.sys\par
19:58:00.0680 2428\tab NativeWifiP - ok\par
19:58:02.0174 2428\tab NDIS (cad515dbd07d082bb317d9928ce8962c) C:\\Windows\\system32\\drivers\\ndis.sys\par
19:58:04.0767 2428\tab NDIS - ok\par
19:58:04.0861 2428\tab NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\\Windows\\system32\\DRIVERS\\ndiscap.sys\par
19:58:04.0867 2428\tab NdisCap - ok\par
19:58:04.0922 2428\tab NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\\Windows\\system32\\DRIVERS\\ndistapi.sys\par
19:58:04.0927 2428\tab NdisTapi - ok\par
19:58:04.0968 2428\tab Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\\Windows\\system32\\DRIVERS\\ndisuio.sys\par
19:58:05.0178 2428\tab Ndisuio - ok\par
19:58:05.0572 2428\tab NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\\Windows\\system32\\DRIVERS\\ndiswan.sys\par
19:58:05.0597 2428\tab NdisWan - ok\par
19:58:05.0617 2428\tab NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\\Windows\\system32\\drivers\\NDProxy.sys\par
19:58:05.0667 2428\tab NDProxy - ok\par
19:58:05.0722 2428\tab Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\\Windows\\system32\\HPZinw12.dll\par
19:58:05.0734 2428\tab Net Driver HPZ12 - ok\par
19:58:05.0766 2428\tab NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\\Windows\\system32\\DRIVERS\\netbios.sys\par
19:58:05.0773 2428\tab NetBIOS - ok\par
19:58:05.0809 2428\tab NetBT (9162b273a44ab9dce5b44362731d062a) C:\\Windows\\system32\\DRIVERS\\netbt.sys\par
19:58:06.0038 2428\tab NetBT - ok\par
19:58:06.0100 2428\tab Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\\Windows\\system32\\lsass.exe\par
19:58:06.0109 2428\tab Netlogon - ok\par
19:58:06.0240 2428\tab Netman (847d3ae376c0817161a14a82c8922a9e) C:\\Windows\\System32\\netman.dll\par
19:58:06.0280 2428\tab Netman - ok\par
19:58:06.0315 2428\tab netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\\Windows\\System32\\netprofm.dll\par
19:58:06.0341 2428\tab netprofm - ok\par
19:58:06.0413 2428\tab NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\\Windows\\Microsoft.NET\\Framework64\\v3.0\\Windows Communication Foundation\\SMSvcHost.exe\par
19:58:06.0553 2428\tab NetTcpPortSharing - ok\par
19:58:06.0912 2428\tab nfrd960 (77889813be4d166cdab78ddba990da92) C:\\Windows\\system32\\DRIVERS\\nfrd960.sys\par
19:58:06.0928 2428\tab nfrd960 - ok\par
19:58:06.0982 2428\tab NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\\Windows\\System32\\nlasvc.dll\par
19:58:07.0006 2428\tab NlaSvc - ok\par
19:58:07.0025 2428\tab Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\\Windows\\system32\\drivers\\Npfs.sys\par
19:58:07.0033 2428\tab Npfs - ok\par
19:58:07.0077 2428\tab npggsvc - ok\par
19:58:07.0113 2428\tab NPPTNT2 - ok\par
19:58:07.0136 2428\tab nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\\Windows\\system32\\nsisvc.dll\par
19:58:07.0143 2428\tab nsi - ok\par
19:58:07.0172 2428\tab nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\\Windows\\system32\\drivers\\nsiproxy.sys\par
19:58:07.0181 2428\tab nsiproxy - ok\par
19:58:07.0368 2428\tab Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\\Windows\\system32\\drivers\\Ntfs.sys\par
19:58:07.0468 2428\tab Ntfs - ok\par
19:58:07.0615 2428\tab Null (9899284589f75fa8724ff3d16aed75c1) C:\\Windows\\system32\\drivers\\Null.sys\par
19:58:07.0627 2428\tab Null - ok\par
19:58:07.0726 2428\tab NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\\Windows\\system32\\DRIVERS\\nvm62x64.sys\par
19:58:07.0756 2428\tab NVENETFD - ok\par
19:58:09.0026 2428\tab nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\\Windows\\system32\\DRIVERS\\nvlddmkm.sys\par
19:58:09.0383 2428\tab nvlddmkm - ok\par
19:58:09.0742 2428\tab nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\\Windows\\system32\\drivers\\nvraid.sys\par
19:58:09.0749 2428\tab nvraid - ok\par
19:58:09.0794 2428\tab nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\\Windows\\system32\\DRIVERS\\nvsmu.sys\par
19:58:09.0799 2428\tab nvsmu - ok\par
19:58:09.0830 2428\tab nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\\Windows\\system32\\drivers\\nvstor.sys\par
19:58:09.0869 2428\tab nvstor - ok\par
19:58:09.0970 2428\tab nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\\Windows\\system32\\nvvsvc.exe\par
19:58:10.0025 2428\tab nvsvc - ok\par
19:58:10.0346 2428\tab nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\\Program Files (x86)\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe\par
19:58:10.0436 2428\tab nvUpdatusService - ok\par
19:58:10.0566 2428\tab nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\\Windows\\system32\\DRIVERS\\nv_agp.sys\par
19:58:10.0580 2428\tab nv_agp - ok\par
19:58:10.0596 2428\tab ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\\Windows\\system32\\DRIVERS\\ohci1394.sys\par
19:58:10.0608 2428\tab ohci1394 - ok\par
19:58:10.0702 2428\tab p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\\Windows\\system32\\pnrpsvc.dll\par
19:58:10.0729 2428\tab p2pimsvc - ok\par
19:58:10.0767 2428\tab p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\\Windows\\system32\\p2psvc.dll\par
19:58:10.0796 2428\tab p2psvc - ok\par
19:58:10.0828 2428\tab Parport (0086431c29c35be1dbc43f52cc273887) C:\\Windows\\system32\\DRIVERS\\parport.sys\par
19:58:10.0885 2428\tab Parport - ok\par
19:58:10.0912 2428\tab partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\\Windows\\system32\\drivers\\partmgr.sys\par
19:58:10.0928 2428\tab partmgr - ok\par
19:58:10.0962 2428\tab PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\\Windows\\System32\\pcasvc.dll\par
19:58:10.0981 2428\tab PcaSvc - ok\par
19:58:11.0011 2428\tab pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\\Windows\\system32\\DRIVERS\\pci.sys\par
19:58:11.0040 2428\tab pci - ok\par
19:58:11.0056 2428\tab pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\\Windows\\system32\\DRIVERS\\pciide.sys\par
19:58:11.0063 2428\tab pciide - ok\par
19:58:11.0105 2428\tab pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\\Windows\\system32\\DRIVERS\\pcmcia.sys\par
19:58:11.0129 2428\tab pcmcia - ok\par
19:58:11.0148 2428\tab pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\\Windows\\system32\\drivers\\pcw.sys\par
19:58:11.0158 2428\tab pcw - ok\par
19:58:11.0238 2428\tab PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\\Windows\\system32\\drivers\\peauth.sys\par
19:58:11.0287 2428\tab PEAUTH - ok\par
19:58:11.0421 2428\tab PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\\Windows\\system32\\peerdistsvc.dll\par
19:58:11.0475 2428\tab PeerDistSvc - ok\par
19:58:11.0613 2428\tab PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\\Windows\\SysWow64\\perfhost.exe\par
19:58:11.0636 2428\tab PerfHost - ok\par
19:58:11.0821 2428\tab pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\\Windows\\system32\\pla.dll\par
19:58:11.0883 2428\tab pla - ok\par
19:58:12.0032 2428\tab PlugPlay (98b1721b8718164293b9701b98c52d77) C:\\Windows\\system32\\umpnpmgr.dll\par
19:58:12.0062 2428\tab PlugPlay - ok\par
19:58:12.0118 2428\tab Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\\Windows\\system32\\HPZipm12.dll\par
19:58:12.0139 2428\tab Pml Driver HPZ12 - ok\par
19:58:12.0167 2428\tab PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\\Windows\\system32\\pnrpauto.dll\par
19:58:12.0178 2428\tab PNRPAutoReg - ok\par
19:58:12.0227 2428\tab PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\\Windows\\system32\\pnrpsvc.dll\par
19:58:12.0233 2428\tab PNRPsvc - ok\par
19:58:12.0310 2428\tab PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\\Windows\\System32\\ipsecsvc.dll\par
19:58:12.0360 2428\tab PolicyAgent - ok\par
19:58:12.0403 2428\tab Power (6ba9d927dded70bd1a9caded45f8b184) C:\\Windows\\system32\\umpo.dll\par
19:58:12.0419 2428\tab Power - ok\par
19:58:12.0481 2428\tab PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\\Windows\\system32\\DRIVERS\\raspptp.sys\par
19:58:12.0503 2428\tab PptpMiniport - ok\par
19:58:12.0538 2428\tab Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\\Windows\\system32\\DRIVERS\\processr.sys\par
19:58:12.0550 2428\tab Processor - ok\par
19:58:12.0597 2428\tab ProfSvc (97293447431311c06703368ad0f6c4be) C:\\Windows\\system32\\profsvc.dll\par
19:58:12.0624 2428\tab ProfSvc - ok\par
19:58:12.0701 2428\tab ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\\Windows\\system32\\lsass.exe\par
19:58:12.0703 2428\tab ProtectedStorage - ok\par
19:58:12.0729 2428\tab Psched (ee992183bd8eaefd9973f352e587a299) C:\\Windows\\system32\\DRIVERS\\pacer.sys\par
19:58:12.0744 2428\tab Psched - ok\par
19:58:12.0819 2428\tab ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\\Windows\\system32\\DRIVERS\\ql2300.sys\par
19:58:12.0943 2428\tab ql2300 - ok\par
19:58:13.0121 2428\tab ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\\Windows\\system32\\DRIVERS\\ql40xx.sys\par
19:58:13.0142 2428\tab ql40xx - ok\par
19:58:13.0185 2428\tab QWAVE (906191634e99aea92c4816150bda3732) C:\\Windows\\system32\\qwave.dll\par
19:58:13.0215 2428\tab QWAVE - ok\par
19:58:13.0232 2428\tab QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\\Windows\\system32\\drivers\\qwavedrv.sys\par
19:58:13.0242 2428\tab QWAVEdrv - ok\par
19:58:13.0258 2428\tab RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\\Windows\\system32\\DRIVERS\\rasacd.sys\par
19:58:13.0263 2428\tab RasAcd - ok\par
19:58:13.0307 2428\tab RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\\Windows\\system32\\DRIVERS\\AgileVpn.sys\par
19:58:13.0319 2428\tab RasAgileVpn - ok\par
19:58:13.0344 2428\tab RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\\Windows\\System32\\rasauto.dll\par
19:58:13.0355 2428\tab RasAuto - ok\par
19:58:13.0391 2428\tab Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\\Windows\\system32\\DRIVERS\\rasl2tp.sys\par
19:58:13.0414 2428\tab Rasl2tp - ok\par
19:58:13.0465 2428\tab RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\\Windows\\System32\\rasmans.dll\par
19:58:13.0494 2428\tab RasMan - ok\par
19:58:13.0519 2428\tab RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\\Windows\\system32\\DRIVERS\\raspppoe.sys\par
19:58:13.0542 2428\tab RasPppoe - ok\par
19:58:13.0565 2428\tab RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\\Windows\\system32\\DRIVERS\\rassstp.sys\par
19:58:13.0577 2428\tab RasSstp - ok\par
19:58:13.0619 2428\tab rdbss (3bac8142102c15d59a87757c1d41dce5) C:\\Windows\\system32\\DRIVERS\\rdbss.sys\par
19:58:13.0700 2428\tab rdbss - ok\par
19:58:13.0718 2428\tab rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\\Windows\\system32\\DRIVERS\\rdpbus.sys\par
19:58:13.0726 2428\tab rdpbus - ok\par
19:58:13.0743 2428\tab RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\\Windows\\system32\\DRIVERS\\RDPCDD.sys\par
19:58:13.0748 2428\tab RDPCDD - ok\par
19:58:13.0775 2428\tab RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\\Windows\\system32\\drivers\\rdpdr.sys\par
19:58:13.0788 2428\tab RDPDR - ok\par
19:58:13.0804 2428\tab RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\\Windows\\system32\\drivers\\rdpencdd.sys\par
19:58:13.0808 2428\tab RDPENCDD - ok\par
19:58:13.0829 2428\tab RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\\Windows\\system32\\drivers\\rdprefmp.sys\par
19:58:13.0837 2428\tab RDPREFMP - ok\par
19:58:13.0894 2428\tab RDPWD (447de7e3dea39d422c1504f245b668b1) C:\\Windows\\system32\\drivers\\RDPWD.sys\par
19:58:13.0922 2428\tab RDPWD - ok\par
19:58:13.0957 2428\tab rdyboost (634b9a2181d98f15941236886164ec8b) C:\\Windows\\system32\\drivers\\rdyboost.sys\par
19:58:13.0983 2428\tab rdyboost - ok\par
19:58:14.0023 2428\tab RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\\Windows\\System32\\mprdim.dll\par
19:58:14.0035 2428\tab RemoteAccess - ok\par
19:58:14.0064 2428\tab RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\\Windows\\system32\\regsvc.dll\par
19:58:14.0080 2428\tab RemoteRegistry - ok\par
19:58:14.0103 2428\tab RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\\Windows\\System32\\RpcEpMap.dll\par
19:58:14.0113 2428\tab RpcEptMapper - ok\par
19:58:14.0128 2428\tab RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\\Windows\\system32\\locator.exe\par
19:58:14.0134 2428\tab RpcLocator - ok\par
19:58:14.0202 2428\tab RpcSs (7266972e86890e2b30c0c322e906b027) C:\\Windows\\system32\\rpcss.dll\par
19:58:14.0224 2428\tab RpcSs - ok\par
19:58:14.0251 2428\tab rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\\Windows\\system32\\DRIVERS\\rspndr.sys\par
19:58:14.0266 2428\tab rspndr - ok\par
19:58:14.0354 2428\tab RTL8192su (fc00c0de6dc83de1b2b01420e2195b21) C:\\Windows\\system32\\DRIVERS\\RTL8192su.sys\par
19:58:14.0396 2428\tab RTL8192su - ok\par
19:58:14.0416 2428\tab s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\\Windows\\system32\\DRIVERS\\vms3cap.sys\par
19:58:14.0423 2428\tab s3cap - ok\par
19:58:14.0448 2428\tab SamSs (156f6159457d0aa7e59b62681b56eb90) C:\\Windows\\system32\\lsass.exe\par
19:58:14.0451 2428\tab SamSs - ok\par
19:58:14.0557 2428\tab SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\\Program Files\\SUPERAntiSpyware\\SASDIFSV64.SYS\par
19:58:14.0564 2428\tab SASDIFSV - ok\par
19:58:14.0591 2428\tab SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\\Program Files\\SUPERAntiSpyware\\SASKUTIL64.SYS\par
19:58:14.0633 2428\tab SASKUTIL - ok\par
19:58:14.0876 2428\tab sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\\Windows\\system32\\DRIVERS\\sbp2port.sys\par
19:58:14.0885 2428\tab sbp2port - ok\par
19:58:14.0920 2428\tab SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\\Windows\\System32\\SCardSvr.dll\par
19:58:14.0932 2428\tab SCardSvr - ok\par
19:58:14.0950 2428\tab scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\\Windows\\system32\\DRIVERS\\scfilter.sys\par
19:58:14.0957 2428\tab scfilter - ok\par
19:58:15.0075 2428\tab Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\\Windows\\system32\\schedsvc.dll\par
19:58:15.0167 2428\tab Schedule - ok\par
19:58:15.0284 2428\tab SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\\Windows\\System32\\certprop.dll\par
19:58:15.0294 2428\tab SCPolicySvc - ok\par
19:58:15.0395 2428\tab SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\\Windows\\System32\\SDRSVC.dll\par
19:58:15.0416 2428\tab SDRSVC - ok\par
19:58:15.0495 2428\tab secdrv (3ea8a16169c26afbeb544e0e48421186) C:\\Windows\\system32\\drivers\\secdrv.sys\par
19:58:15.0503 2428\tab secdrv - ok\par
19:58:15.0520 2428\tab seclogon (463b386ebc70f98da5dff85f7e654346) C:\\Windows\\system32\\seclogon.dll\par
19:58:15.0531 2428\tab seclogon - ok\par
19:58:15.0545 2428\tab SENS (c32ab8fa018ef34c0f113bd501436d21) C:\\Windows\\System32\\sens.dll\par
19:58:15.0559 2428\tab SENS - ok\par
19:58:15.0577 2428\tab SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\\Windows\\system32\\sensrsvc.dll\par
19:58:15.0585 2428\tab SensrSvc - ok\par
19:58:15.0606 2428\tab Serenum (cb624c0035412af0debec78c41f5ca1b) C:\\Windows\\system32\\DRIVERS\\serenum.sys\par
19:58:15.0614 2428\tab Serenum - ok\par
19:58:15.0661 2428\tab Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\\Windows\\system32\\DRIVERS\\serial.sys\par
19:58:15.0675 2428\tab Serial - ok\par
19:58:15.0715 2428\tab sermouse (1c545a7d0691cc4a027396535691c3e3) C:\\Windows\\system32\\DRIVERS\\sermouse.sys\par
19:58:15.0723 2428\tab sermouse - ok\par
19:58:15.0752 2428\tab SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\\Windows\\system32\\sessenv.dll\par
19:58:15.0761 2428\tab SessionEnv - ok\par
19:58:15.0772 2428\tab sffdisk (a554811bcd09279536440c964ae35bbf) C:\\Windows\\system32\\DRIVERS\\sffdisk.sys\par
19:58:15.0778 2428\tab sffdisk - ok\par
19:58:15.0795 2428\tab sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\\Windows\\system32\\DRIVERS\\sffp_mmc.sys\par
19:58:15.0806 2428\tab sffp_mmc - ok\par
19:58:15.0823 2428\tab sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\\Windows\\system32\\DRIVERS\\sffp_sd.sys\par
19:58:15.0890 2428\tab sffp_sd - ok\par
19:58:15.0906 2428\tab sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\\Windows\\system32\\DRIVERS\\sfloppy.sys\par
19:58:15.0914 2428\tab sfloppy - ok\par
19:58:15.0963 2428\tab SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\\Windows\\System32\\ipnathlp.dll\par
19:58:15.0993 2428\tab SharedAccess - ok\par
19:58:16.0039 2428\tab ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\\Windows\\System32\\shsvcs.dll\par
19:58:16.0072 2428\tab ShellHWDetection - ok\par
19:58:16.0091 2428\tab SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\\Windows\\system32\\DRIVERS\\SiSRaid2.sys\par
19:58:16.0110 2428\tab SiSRaid2 - ok\par
19:58:16.0128 2428\tab SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\\Windows\\system32\\DRIVERS\\sisraid4.sys\par
19:58:16.0140 2428\tab SiSRaid4 - ok\par
19:58:16.0167 2428\tab Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\\Windows\\system32\\DRIVERS\\smb.sys\par
19:58:16.0179 2428\tab Smb - ok\par
19:58:16.0213 2428\tab SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\\Windows\\System32\\snmptrap.exe\par
19:58:16.0222 2428\tab SNMPTRAP - ok\par
19:58:16.0238 2428\tab spldr (b9e31e5cacdfe584f34f730a677803f9) C:\\Windows\\system32\\drivers\\spldr.sys\par
19:58:16.0246 2428\tab spldr - ok\par
19:58:16.0314 2428\tab Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\\Windows\\System32\\spoolsv.exe\par
19:58:16.0381 2428\tab Spooler - ok\par
19:58:16.0832 2428\tab sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\\Windows\\system32\\sppsvc.exe\par
19:58:17.0053 2428\tab sppsvc - ok\par
19:58:17.0206 2428\tab sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\\Windows\\system32\\sppuinotify.dll\par
19:58:17.0225 2428\tab sppuinotify - ok\par
19:58:17.0316 2428\tab srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\\Windows\\system32\\DRIVERS\\srv.sys\par
19:58:17.0371 2428\tab srv - ok\par
19:58:17.0418 2428\tab srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\\Windows\\system32\\DRIVERS\\srv2.sys\par
19:58:17.0475 2428\tab srv2 - ok\par
19:58:17.0539 2428\tab SrvHsfPCIe (a42b22601cc2754428b5f82e040fd1c7) C:\\Windows\\system32\\DRIVERS\\VSTBS36.SYS\par
19:58:17.0576 2428\tab SrvHsfPCIe - ok\par
19:58:17.0782 2428\tab SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\\Windows\\system32\\DRIVERS\\VSTDPV6.SYS\par
19:58:17.0913 2428\tab SrvHsfV92 - ok\par
19:58:18.0098 2428\tab SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\\Windows\\system32\\DRIVERS\\VSTCNXT6.SYS\par
19:58:18.0144 2428\tab SrvHsfWinac - ok\par
19:58:18.0180 2428\tab srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\\Windows\\system32\\DRIVERS\\srvnet.sys\par
19:58:18.0244 2428\tab srvnet - ok\par
19:58:18.0283 2428\tab SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\\Windows\\System32\\ssdpsrv.dll\par
19:58:18.0298 2428\tab SSDPSRV - ok\par
19:58:18.0314 2428\tab SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\\Windows\\system32\\sstpsvc.dll\par
19:58:18.0323 2428\tab SstpSvc - ok\par
19:58:18.0385 2428\tab Steam Client Service - ok\par
19:58:18.0474 2428\tab Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\\Program Files (x86)\\NVIDIA Corporation\\3D Vision\\nvSCPAPISvr.exe\par
19:58:18.0499 2428\tab Stereo Service - ok\par
19:58:18.0515 2428\tab stexstor (f3817967ed533d08327dc73bc4d5542a) C:\\Windows\\system32\\DRIVERS\\stexstor.sys\par
19:58:18.0523 2428\tab stexstor - ok\par
19:58:18.0614 2428\tab stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\\Windows\\System32\\wiaservc.dll\par
19:58:18.0661 2428\tab stisvc - ok\par
19:58:18.0782 2428\tab storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\\Windows\\system32\\DRIVERS\\vmstorfl.sys\par
19:58:18.0791 2428\tab storflt - ok\par
19:58:18.0811 2428\tab storvsc (8fccbefc5c440b3c23454656e551b09a) C:\\Windows\\system32\\DRIVERS\\storvsc.sys\par
19:58:18.0823 2428\tab storvsc - ok\par
19:58:18.0841 2428\tab swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\\Windows\\system32\\DRIVERS\\swenum.sys\par
19:58:18.0849 2428\tab swenum - ok\par
19:58:18.0898 2428\tab swprv (e08e46fdd841b7184194011ca1955a0b) C:\\Windows\\System32\\swprv.dll\par
19:58:18.0932 2428\tab swprv - ok\par
19:58:19.0082 2428\tab SysMain (3c1284516a62078fb68f768de4f1a7be) C:\\Windows\\system32\\sysmain.dll\par
19:58:19.0175 2428\tab SysMain - ok\par
19:58:19.0313 2428\tab TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\\Windows\\System32\\TabSvc.dll\par
19:58:19.0327 2428\tab TabletInputService - ok\par
19:58:19.0400 2428\tab TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\\Windows\\System32\\tapisrv.dll\par
19:58:19.0430 2428\tab TapiSrv - ok\par
19:58:19.0453 2428\tab TBS (1be03ac720f4d302ea01d40f588162f6) C:\\Windows\\System32\\tbssvc.dll\par
19:58:19.0465 2428\tab TBS - ok\par
19:58:19.0737 2428\tab Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\\Windows\\system32\\drivers\\tcpip.sys\par
19:58:19.0832 2428\tab Tcpip - ok\par
19:58:20.0208 2428\tab TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\\Windows\\system32\\DRIVERS\\tcpip.sys\par
19:58:20.0229 2428\tab TCPIP6 - ok\par
19:58:20.0372 2428\tab tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\\Windows\\system32\\drivers\\tcpipreg.sys\par
19:58:20.0382 2428\tab tcpipreg - ok\par
19:58:20.0413 2428\tab TDPIPE (3371d21011695b16333a3934340c4e7c) C:\\Windows\\system32\\drivers\\tdpipe.sys\par
19:58:20.0420 2428\tab TDPIPE - ok\par
19:58:20.0440 2428\tab TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\\Windows\\system32\\drivers\\tdtcp.sys\par
19:58:20.0448 2428\tab TDTCP - ok\par
19:58:20.0474 2428\tab tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\\Windows\\system32\\DRIVERS\\tdx.sys\par
19:58:20.0486 2428\tab tdx - ok\par
19:58:20.0510 2428\tab TermDD (c448651339196c0e869a355171875522) C:\\Windows\\system32\\DRIVERS\\termdd.sys\par
19:58:20.0530 2428\tab TermDD - ok\par
19:58:20.0622 2428\tab TermService (0f05ec2887bfe197ad82a13287d2f404) C:\\Windows\\System32\\termsrv.dll\par
19:58:20.0673 2428\tab TermService - ok\par
19:58:20.0700 2428\tab Themes (f0344071948d1a1fa732231785a0664c) C:\\Windows\\system32\\themeservice.dll\par
19:58:20.0712 2428\tab Themes - ok\par
19:58:20.0741 2428\tab THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\\Windows\\system32\\mmcss.dll\par
19:58:20.0752 2428\tab THREADORDER - ok\par
19:58:20.0779 2428\tab TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\\Windows\\System32\\trkwks.dll\par
19:58:20.0795 2428\tab TrkWks - ok\par
19:58:20.0870 2428\tab TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\\Windows\\servicing\\TrustedInstaller.exe\par
19:58:20.0892 2428\tab TrustedInstaller - ok\par
19:58:20.0929 2428\tab tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\\Windows\\system32\\DRIVERS\\tssecsrv.sys\par
19:58:20.0938 2428\tab tssecsrv - ok\par
19:58:20.0982 2428\tab tunnel (3836171a2cdf3af8ef10856db9835a70) C:\\Windows\\system32\\DRIVERS\\tunnel.sys\par
19:58:21.0005 2428\tab tunnel - ok\par
19:58:21.0031 2428\tab uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\\Windows\\system32\\DRIVERS\\uagp35.sys\par
19:58:21.0043 2428\tab uagp35 - ok\par
19:58:21.0078 2428\tab udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\\Windows\\system32\\DRIVERS\\udfs.sys\par
19:58:21.0122 2428\tab udfs - ok\par
19:58:21.0160 2428\tab UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\\Windows\\system32\\UI0Detect.exe\par
19:58:21.0173 2428\tab UI0Detect - ok\par
19:58:21.0192 2428\tab uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\\Windows\\system32\\DRIVERS\\uliagpkx.sys\par
19:58:21.0203 2428\tab uliagpkx - ok\par
19:58:21.0230 2428\tab umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\\Windows\\system32\\DRIVERS\\umbus.sys\par
19:58:21.0241 2428\tab umbus - ok\par
19:58:21.0252 2428\tab UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\\Windows\\system32\\DRIVERS\\umpass.sys\par
19:58:21.0258 2428\tab UmPass - ok\par
19:58:21.0302 2428\tab UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\\Windows\\System32\\umrdp.dll\par
19:58:21.0314 2428\tab UmRdpService - ok\par
19:58:21.0364 2428\tab upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\\Windows\\System32\\upnphost.dll\par
19:58:21.0382 2428\tab upnphost - ok\par
19:58:21.0423 2428\tab USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\\Windows\\system32\\Drivers\\usbaapl64.sys\par
19:58:21.0433 2428\tab USBAAPL64 - ok\par
19:58:21.0459 2428\tab usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\\Windows\\system32\\DRIVERS\\usbccgp.sys\par
19:58:21.0471 2428\tab usbccgp - ok\par
19:58:21.0506 2428\tab usbcir (af0892a803fdda7492f595368e3b68e7) C:\\Windows\\system32\\DRIVERS\\usbcir.sys\par
19:58:21.0533 2428\tab usbcir - ok\par
19:58:21.0555 2428\tab usbehci (92969ba5ac44e229c55a332864f79677) C:\\Windows\\system32\\DRIVERS\\usbehci.sys\par
19:58:21.0564 2428\tab usbehci - ok\par
19:58:21.0611 2428\tab usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\\Windows\\system32\\DRIVERS\\usbhub.sys\par
19:58:21.0666 2428\tab usbhub - ok\par
19:58:21.0687 2428\tab usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\\Windows\\system32\\DRIVERS\\usbohci.sys\par
19:58:21.0695 2428\tab usbohci - ok\par
19:58:21.0717 2428\tab usbprint (73188f58fb384e75c4063d29413cee3d) C:\\Windows\\system32\\DRIVERS\\usbprint.sys\par
19:58:21.0725 2428\tab usbprint - ok\par
19:58:21.0766 2428\tab usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\\Windows\\system32\\DRIVERS\\usbscan.sys\par
19:58:21.0775 2428\tab usbscan - ok\par
19:58:21.0801 2428\tab USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\\Windows\\system32\\DRIVERS\\USBSTOR.SYS\par
19:58:21.0825 2428\tab USBSTOR - ok\par
19:58:21.0840 2428\tab usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\\Windows\\system32\\drivers\\usbuhci.sys\par
19:58:21.0850 2428\tab usbuhci - ok\par
19:58:21.0891 2428\tab UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\\Windows\\System32\\uxsms.dll\par
19:58:21.0899 2428\tab UxSms - ok\par
19:58:21.0925 2428\tab VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\\Windows\\system32\\lsass.exe\par
19:58:21.0928 2428\tab VaultSvc - ok\par
19:58:21.0950 2428\tab vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\\Windows\\system32\\DRIVERS\\vdrvroot.sys\par
19:58:21.0958 2428\tab vdrvroot - ok\par
19:58:22.0032 2428\tab vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\\Windows\\System32\\vds.exe\par
19:58:22.0065 2428\tab vds - ok\par
19:58:22.0087 2428\tab vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\\Windows\\system32\\DRIVERS\\vgapnp.sys\par
19:58:22.0095 2428\tab vga - ok\par
19:58:22.0115 2428\tab VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\\Windows\\System32\\drivers\\vga.sys\par
19:58:22.0133 2428\tab VgaSave - ok\par
19:58:22.0160 2428\tab vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\\Windows\\system32\\DRIVERS\\vhdmp.sys\par
19:58:22.0190 2428\tab vhdmp - ok\par
19:58:22.0205 2428\tab viaide (e5689d93ffe4e5d66c0178761240dd54) C:\\Windows\\system32\\DRIVERS\\viaide.sys\par
19:58:22.0213 2428\tab viaide - ok\par
19:58:22.0237 2428\tab vmbus (1501699d7eda984abc4155a7da5738d1) C:\\Windows\\system32\\DRIVERS\\vmbus.sys\par
19:58:22.0249 2428\tab vmbus - ok\par
19:58:22.0267 2428\tab VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\\Windows\\system32\\DRIVERS\\VMBusHID.sys\par
19:58:22.0273 2428\tab VMBusHID - ok\par
19:58:22.0299 2428\tab volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\\Windows\\system32\\DRIVERS\\volmgr.sys\par
19:58:22.0308 2428\tab volmgr - ok\par
19:58:22.0351 2428\tab volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\\Windows\\system32\\drivers\\volmgrx.sys\par
19:58:22.0384 2428\tab volmgrx - ok\par
19:58:22.0430 2428\tab volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\\Windows\\system32\\DRIVERS\\volsnap.sys\par
19:58:22.0463 2428\tab volsnap - ok\par
19:58:22.0490 2428\tab vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\\Windows\\system32\\DRIVERS\\vsmraid.sys\par
19:58:22.0514 2428\tab vsmraid - ok\par
19:58:22.0723 2428\tab VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\\Windows\\system32\\vssvc.exe\par
19:58:22.0786 2428\tab VSS - ok\par
19:58:22.0826 2428\tab vtany - ok\par
19:58:22.0996 2428\tab vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\\Windows\\System32\\drivers\\vwifibus.sys\par
19:58:23.0006 2428\tab vwifibus - ok\par
19:58:23.0029 2428\tab vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\\Windows\\system32\\DRIVERS\\vwififlt.sys\par
19:58:23.0040 2428\tab vwififlt - ok\par
19:58:23.0091 2428\tab W32Time (1c9d80cc3849b3788048078c26486e1a) C:\\Windows\\system32\\w32time.dll\par
19:58:23.0123 2428\tab W32Time - ok\par
19:58:23.0140 2428\tab WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\\Windows\\system32\\DRIVERS\\wacompen.sys\par
19:58:23.0148 2428\tab WacomPen - ok\par
19:58:23.0190 2428\tab WANARP (47ca49400643effd3f1c9a27e1d69324) C:\\Windows\\system32\\DRIVERS\\wanarp.sys\par
19:58:23.0214 2428\tab WANARP - ok\par
19:58:23.0223 2428\tab Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\\Windows\\system32\\DRIVERS\\wanarp.sys\par
19:58:23.0225 2428\tab Wanarpv6 - ok\par
19:58:23.0394 2428\tab WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\\Windows\\system32\\Wat\\WatAdminSvc.exe\par
19:58:23.0504 2428\tab WatAdminSvc - ok\par
19:58:23.0692 2428\tab wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\\Windows\\system32\\wbengine.exe\par
19:58:23.0748 2428\tab wbengine - ok\par
19:58:23.0921 2428\tab WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\\Windows\\System32\\wbiosrvc.dll\par
19:58:23.0949 2428\tab WbioSrvc - ok\par
19:58:23.0982 2428\tab wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\\Windows\\System32\\wcncsvc.dll\par
19:58:24.0009 2428\tab wcncsvc - ok\par
19:58:24.0030 2428\tab WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\\Windows\\System32\\WcsPlugInService.dll\par
19:58:24.0039 2428\tab WcsPlugInService - ok\par
19:58:24.0077 2428\tab Wd (72889e16ff12ba0f235467d6091b17dc) C:\\Windows\\system32\\DRIVERS\\wd.sys\par
19:58:24.0089 2428\tab Wd - ok\par
19:58:24.0163 2428\tab Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\\Windows\\system32\\drivers\\Wdf01000.sys\par
19:58:24.0214 2428\tab Wdf01000 - ok\par
19:58:24.0244 2428\tab WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\\Windows\\system32\\wdi.dll\par
19:58:24.0258 2428\tab WdiServiceHost - ok\par
19:58:24.0263 2428\tab WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\\Windows\\system32\\wdi.dll\par
19:58:24.0268 2428\tab WdiSystemHost - ok\par
19:58:24.0308 2428\tab WebClient (733006127f235be7c35354ebee7b9a7b) C:\\Windows\\System32\\webclnt.dll\par
19:58:24.0337 2428\tab WebClient - ok\par
19:58:24.0371 2428\tab Wecsvc (c749025a679c5103e575e3b48e092c43) C:\\Windows\\system32\\wecsvc.dll\par
19:58:24.0394 2428\tab Wecsvc - ok\par
19:58:24.0408 2428\tab wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\\Windows\\System32\\wercplsupport.dll\par
19:58:24.0421 2428\tab wercplsupport - ok\par
19:58:24.0441 2428\tab WerSvc (6d137963730144698cbd10f202e9f251) C:\\Windows\\System32\\WerSvc.dll\par
19:58:24.0455 2428\tab WerSvc - ok\par
19:58:24.0488 2428\tab WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\\Windows\\system32\\DRIVERS\\wfplwf.sys\par
19:58:24.0499 2428\tab WfpLwf - ok\par
19:58:24.0515 2428\tab WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\\Windows\\system32\\drivers\\wimmount.sys\par
19:58:24.0526 2428\tab WIMMount - ok\par
19:58:24.0552 2428\tab WinDefend - ok\par
19:58:24.0565 2428\tab WinHttpAutoProxySvc - ok\par
19:58:24.0668 2428\tab Winmgmt (19b07e7e8915d701225da41cb3877306) C:\\Windows\\system32\\wbem\\WMIsvc.dll\par
19:58:24.0695 2428\tab Winmgmt - ok\par
19:58:24.0955 2428\tab WinRM (41fbb751936b387f9179e7f03a74fe29) C:\\Windows\\system32\\WsmSvc.dll\par
19:58:25.0032 2428\tab WinRM - ok\par
19:58:25.0389 2428\tab Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\\Windows\\System32\\wlansvc.dll\par
19:58:25.0437 2428\tab Wlansvc - ok\par
19:58:25.0491 2428\tab WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\\Windows\\system32\\DRIVERS\\wmiacpi.sys\par
19:58:25.0496 2428\tab WmiAcpi - ok\par
19:58:25.0571 2428\tab wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\\Windows\\system32\\wbem\\WmiApSrv.exe\par
19:58:25.0598 2428\tab wmiApSrv - ok\par
19:58:25.0668 2428\tab WMPNetworkSvc - ok\par
19:58:25.0731 2428\tab WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\\Windows\\System32\\wpcsvc.dll\par
19:58:25.0741 2428\tab WPCSvc - ok\par
19:58:25.0774 2428\tab WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\\Windows\\system32\\wpdbusenum.dll\par
19:58:25.0802 2428\tab WPDBusEnum - ok\par
19:58:25.0821 2428\tab ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\\Windows\\system32\\drivers\\ws2ifsl.sys\par
19:58:25.0850 2428\tab ws2ifsl - ok\par
19:58:25.0874 2428\tab wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\\Windows\\System32\\wscsvc.dll\par
19:58:25.0889 2428\tab wscsvc - ok\par
19:58:25.0895 2428\tab WSearch - ok\par
19:58:26.0026 2428\tab wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\\Windows\\system32\\wuaueng.dll\par
19:58:26.0127 2428\tab wuauserv - ok\par
19:58:26.0259 2428\tab WudfPf (7cadc74271dd6461c452c271b30bd378) C:\\Windows\\system32\\drivers\\WudfPf.sys\par
19:58:26.0281 2428\tab WudfPf - ok\par
19:58:26.0319 2428\tab WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\\Windows\\system32\\DRIVERS\\WUDFRd.sys\par
19:58:26.0343 2428\tab WUDFRd - ok\par
19:58:26.0377 2428\tab wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\\Windows\\System32\\WUDFSvc.dll\par
19:58:26.0399 2428\tab wudfsvc - ok\par
19:58:26.0443 2428\tab WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\\Windows\\System32\\wwansvc.dll\par
19:58:26.0469 2428\tab WwanSvc - ok\par
19:58:26.0497 2428\tab xsherlock - ok\par
19:58:26.0512 2428\tab xspirit - ok\par
19:58:26.0548 2428\tab MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \\Device\\Harddisk0\\DR0\par
19:58:26.0572 2428\tab\\Device\\Harddisk0\\DR0 ( Rootkit.Boot.Pihar.c ) - infected\par
19:58:26.0572 2428\tab\\Device\\Harddisk0\\DR0 - detected Rootkit.Boot.Pihar.c (0)\par
19:58:26.0598 2428\tab Boot (0x1200) (5f35d90b0ab8157488fa58d07b0bc982) \\Device\\Harddisk0\\DR0\\Partition0\par
19:58:26.0602 2428\tab\\Device\\Harddisk0\\DR0\\Partition0 - ok\par
19:58:26.0616 2428\tab Boot (0x1200) (338a0e5de7d59309f79e937f0ae3e543) \\Device\\Harddisk0\\DR0\\Partition1\par
19:58:26.0631 2428\tab\\Device\\Harddisk0\\DR0\\Partition1 - ok\par
19:58:26.0632 2428\tab ============================================================\par
19:58:26.0632 2428\tab Scan finished\par
19:58:26.0632 2428\tab ============================================================\par
19:58:26.0652 5784\tab Detected object count: 1\par
19:58:26.0652 5784\tab Actual detected object count: 1\par
19:58:49.0751 5784\tab\\Device\\Harddisk0\\DR0\\# - copied to quarantine\par
19:58:49.0752 5784\tab\\Device\\Harddisk0\\DR0 - copied to quarantine\par
19:58:49.0969 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\cmd.dll - copied to quarantine\par
19:58:49.0975 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\cmd64.dll - copied to quarantine\par
19:58:49.0987 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\sub.dll - copied to quarantine\par
19:58:49.0998 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\subx.dll - copied to quarantine\par
19:58:50.0034 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\drv32 - copied to quarantine\par
19:58:50.0055 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\drv64 - copied to quarantine\par
19:58:50.0058 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\servers.dat - copied to quarantine\par
19:58:50.0061 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\config.ini - copied to quarantine\par
19:58:50.0066 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\ldr16 - copied to quarantine\par
19:58:50.0076 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\ldr32 - copied to quarantine\par
19:58:50.0083 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\ldr64 - copied to quarantine\par
19:58:50.0087 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\s - copied to quarantine\par
19:58:50.0091 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\ldrm - copied to quarantine\par
19:58:50.0095 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\u - copied to quarantine\par
19:58:50.0122 5784\tab\\Device\\Harddisk0\\DR0\\TDLFS\\ph.dll - copied to quarantine\par
19:58:50.0152 5784\tab\\Device\\Harddisk0\\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot\par
19:58:50.0243 5784\tab\\Device\\Harddisk0\\DR0 - ok\par
19:58:50.0263 5784\tab\\Device\\Harddisk0\\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure \par
\pard\sa200\sl276\slmult1\cf0\lang9\f1\fs22\par
}
-
Info.txt info.txt logfile of random's system information tool 1.09 2012-07-18 20:08:34
======Uninstall list======
-->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
64 Bit HP CIO Components Installer-->MsiExec.exe /I{55D55008-E5F6-47D6-B16F-B2A40D4D145F}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{47FA2C44-D148-4DBC-AF60-B91934AA4842}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_Plugin.exe -maintain plugin
Adobe Reader X (10.1.3)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Application Support-->MsiExec.exe /I{343666E2-A059-48AC-AD67-230BF74E2DB2}
Apple Mobile Device Support-->MsiExec.exe /I{75104836-CAC7-444E-A39E-3F54151942F5}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Avira Free Antivirus-->C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe /REMOVE
Belkin Connect Wireless USB Adapter-->"C:\Program Files (x86)\InstallShield Installation Information\{08B73C99-D071-488F-8861-5DDA897C510D}\setup.exe" -runfromtemp -l0x0409 -removeonly
Belkin Connect Wireless USB Adapter-->MsiExec.exe /X{08B73C99-D071-488F-8861-5DDA897C510D}
Belkin Wireless G USB Adapter Driver-->C:\Program Files (x86)\InstallShield Installation Information\{D593C72C-435B-4171-8106-9CA8AA34D716}\Install.exe -uninst -l0x9
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike: Condition Zero-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/80
Counter-Strike: Source-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/240
Diablo III-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo III (2)\Uninstall.exe
DVDVideoSoftTB Toolbar-->C:\Program Files (x86)\DVDVideoSoftTB\uninstall.exe toolbar
ERUNT 1.1j-->C:\desktop\unins000.exe
Free Studio version 5.3.3-->C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Half-Life-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/70
HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 13.0-->C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3-->C:\Program Files (x86)\HP\Digital Imaging\{A00C9114-40E6-4C70-A619-7DF264B23485}\setup\hpzscr40.exe -datfile hposcr28.dat -onestop -forcereboot
HP Imaging Device Functions 13.0-->C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 3.5-->C:\Program Files (x86)\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot
HP Smart Web Printing 4.51-->C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
ijji - Gunz-->C:\ijji\ENGLISH\Gunz\Uninstall.exe
iTunes-->MsiExec.exe /I{5E11C972-1E76-45FE-8F92-14E0D1140B1B}
Java 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216027FF}
Java 7 Update 4-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217004FF}
JavaFX 2.1.0-->MsiExec.exe /X{1111706F-666A-4037-7777-210328764D10}
League of Legends-->"C:\Program Files (x86)\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly
Malwarebytes Anti-Malware version 1.60.0.1800-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Security Scan Plus-->"C:\Program Files (x86)\McAfee Security Scan\uninstall.exe"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mozilla Firefox 14.0.1 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nexon Game Manager-->"C:\ProgramData\NexonUS\NGM\NGM.exe" -mode:uninstall -dll:ngm.nexon.net/ngm/NGM/Bin/NGMDll.dll -game:0 -locale:US -load_from_local
NVIDIA 3D Vision Controller Driver 296.10-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA 3D Vision Driver 296.10-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA Graphics Driver 296.10-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX System Software 9.12.0213-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Update 1.7.11-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.Update
Premiumplay Codec-C-->C:\Program Files (x86)\Premiumplay Codec-C\Uninstall.exe
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
REACTOR-->"C:\Program Files (x86)\InstallShield Installation Information\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Shop for HP Supplies-->C:\Program Files (x86)\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.6-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Stellar Phoenix Photo Recovery-->"C:\Program Files (x86)\Stellar Phoenix Photo Recovery\unins000.exe"
SuddenAttack-->"C:\ProgramData\NexonUS\NGM\NGM.exe" -mode:uninstall -game:33583123 -locale:US
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
WinRAR 4.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
======System event log======
Computer Name: BugsBunny-PC
Event Code: 7023
Message: The IP Helper service terminated with the following error:
The specified module could not be found.
Record Number: 41259
Source Name: Service Control Manager
Time Written: 20120121185447.573400-000
Event Type: Error
User:
Computer Name: BugsBunny-PC
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.
Record Number: 41159
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120121183458.773200-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: BugsBunny-PC
Event Code: 7016
Message: The NVIDIA Display Driver Service service has reported an invalid current state 32.
Record Number: 41142
Source Name: Service Control Manager
Time Written: 20120121183457.915200-000
Event Type: Error
User:
Computer Name: BugsBunny-PC
Event Code: 1
Message: Unexpected failure. Error code: 490@01010004
Record Number: 41117
Source Name: VDS Basic Provider
Time Written: 20120121183043.000000-000
Event Type: Error
User:
Computer Name: BugsBunny-PC
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.
Record Number: 41007
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20120121182429.345400-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: BugsBunny-PC
Event Code: 6005
Message: The winlogon notification subscriber <TrustedInstaller> is taking long time to handle the notification event (CreateSession).
Record Number: 306
Source Name: Microsoft-Windows-Winlogon
Time Written: 20110925021213.000000-000
Event Type: Warning
User:
Computer Name: BugsBunny-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-1389837607-2242571852-52406370-1001:
Process 496 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-1389837607-2242571852-52406370-1001
Process 2764 (\Device\HarddiskVolume2\Program Files (x86)\Symantec AntiVirus\Rtvscan.exe) has opened key \REGISTRY\USER\S-1-5-21-1389837607-2242571852-52406370-1001\Software\Intel\LANDesk\VirusProtect6\CurrentVersion\Custom Tasks
Record Number: 294
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110925020542.807600-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: BugsBunny-PC
Event Code: 4621
Message: The COM+ Event System could not remove the EventSystem.EventSubscription object {4754316E-C139-4747-A79E-6771CEF63EF3}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}.
Object name: SLSVC_LOGON
Object description:
The HRESULT was 80070005.
Record Number: 259
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110925011757.000000-000
Event Type: Error
User:
Computer Name: BugsBunny-PC
Event Code: 1008
Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.
Record Number: 168
Source Name: Microsoft-Windows-Search
Time Written: 20110925002723.000000-000
Event Type: Warning
User:
Computer Name: BugsBunny-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 360) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
Record Number: 167
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20110925002718.257000-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE
=====Security event log=====
Computer Name: 37L4247E29-32
Event Code: 4735
Message: A security-enabled local group was changed.
Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin
Changed Attributes:
SAM Account Name: -
SID History: -
Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110925031120.330000-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4731
Message: A security-enabled local group was created.
Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7
New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin
Attributes:
SAM Account Name: Backup Operators
SID History: -
Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110925031120.330000-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4902
Message: The Per-user audit policy table was created.
Number of Elements: 0
Policy ID: 0x3138d
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110925031119.971200-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 0
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x4
Process Name:
Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110925031117.600000-000
Event Type: Audit Success
User:
Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows is starting up.
This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110925031117.522000-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 2 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0203
"asl.log"=Destination=file
checkup.txt Results of screen317's Security Check version 0.99.43
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware version 1.60.0.1800
HijackThis 2.0.2
JavaFX 2.1.0
Java 6 Update 29
Java 7 Update 4
Java version out of Date!
Adobe Reader X (10.1.3)
Mozilla Firefox (14.0.1)
Google Chrome 20.0.1132.57
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
-
Thank you soooo much for the reply! I have no idea wat i just did , but i have followed your directions step by step. Here are the logs you've asked for :
aswMBR report; aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-18 16:21:36
-----------------------------
16:21:36.153 OS Version: Windows x64 6.1.7600
16:21:36.153 Number of processors: 4 586 0x203
16:21:36.153 ComputerName: BUGSBUNNY-PC UserName: Bugs Bunny
16:21:37.676 Initialize success
16:23:09.918 AVAST engine defs: 12071800
16:24:40.254 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
16:24:40.258 Disk 0 Vendor: NVIDIA__ Size: 715404MB BusType: 8
16:24:40.262 Device \Driver\nvraid -> MajorFunction fffffa8005fb15e8
16:24:40.266 Disk 0 MBR read successfully
16:24:40.270 Disk 0 MBR scan
16:24:40.279 Disk 0 Windows 7 default MBR code
16:24:40.291 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:24:40.309 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 715302 MB offset 206848
16:24:40.349 Disk 0 scanning C:\Windows\system32\drivers
16:24:58.318 Service scanning
16:25:25.452 Modules scanning
16:25:25.464 Disk 0 trace - called modules:
16:25:25.472 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8005fb15e8]<<
16:25:25.482 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800522d060]
16:25:25.487 3 CLASSPNP.SYS[fffff88000e0143f] -> nt!IofCallDriver -> \Device\00000064[0xfffffa8004fc5060]
16:25:25.492 \Driver\nvraid[0xfffffa8005ec4e70] -> IRP_MJ_CREATE -> 0xfffffa8005fb15e8
16:25:27.680 AVAST engine scan C:\Windows
16:25:34.511 AVAST engine scan C:\Windows\system32
16:32:02.488 AVAST engine scan C:\Windows\system32\drivers
16:32:23.087 AVAST engine scan C:\Users\Bugs Bunny
16:36:59.401 AVAST engine scan C:\ProgramData
16:38:06.886 Scan finished successfully
19:52:23.873 Disk 0 MBR has been saved successfully to "C:\Users\Bugs Bunny\Documents\MBR.dat"
19:52:23.878 The log file has been saved successfully to "C:\Users\Bugs Bunny\Documents\aswMBR.txt"
19:52:34.608 Disk 0 MBR has been saved successfully to "C:\Users\Bugs Bunny\Desktop\MBR.dat"
19:52:34.614 The log file has been saved successfully to "C:\Users\Bugs Bunny\Desktop\aswMBR.txt"
RKreport.txt log; RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: Bugs Bunny [Admin rights]
Mode: Scan -- Date: 07/18/2012 20:06:38
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 3 ¤¤¤
[sUSP PATH] ERUNT AutoBackup.lnk @Bugs Bunny : C:\desktop\AUTOBACK.EXE -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: NVIDIA STRIPE 698.63G +++++
--- User ---
[MBR] 8ddca4e5b1d54e3e1a7fffcd96ad90b0
[bSP] ceb84c3e7b096f62a58a22cb4210973b : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715302 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!
+++++ PhysicalDrive1: Generic USB SD Reader USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive2: Generic USB CF Reader USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive3: Generic USB SM Reader USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive4: Generic USB MS Reader USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[1].txt >>
RKreport[1].txt
Log.txt; Logfile of random's system information tool 1.09 (written by random/random)
Run by Bugs Bunny at 2012-07-18 20:08:27
Microsoft Windows 7 Ultimate
System drive C: has 607 GB (85%) free of 715 GB
Total RAM: 4863 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:08:32 PM, on 7/18/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Bugs Bunny.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: CrossriderApp0000435 - {11111111-1111-1111-1111-110011041135} - C:\Program Files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1389837607-2242571852-52406370-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1389837607-2242571852-52406370-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = Bugs Bunny\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\desktop\AUTOBACK.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
O8 - Extra context menu item: Free YouTube Download - C:\Users\Bugs Bunny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Bugs Bunny\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: xsherlock - Wellbia.com Co., Ltd. - C:\Windows\system32\xsherlock.xem
--
End of file - 10994 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2cc
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007a0
\??\C:\Windows\system32\conhost.exe "-2090980931535698363983461302151267386-19194347817404423691752995279817890251
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1b9fdd87-d60b-4528-a1f9-f2ea7ad5c16e -SystemEventPortName:HostProcess-831c850d-4b67-4a99-acb2-ccfa6e993cab -IoCancelEventPortName:HostProcess-d265817b-3eea-4f3e-b162-4482173d26a3 -NonStateChangingEventPortName:HostProcess-694b9c78-5b8b-43db-8489-ccfc1cf98c48 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ad02dba2-aff8-4397-9a26-ee643ba71c81
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F4200 series#1323038899" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Bugs Bunny\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5f957f63-c1a7-47b5-9bef-89507b8472fc.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task d921bfdc-0aea-458e-9479-8d3b230d2d3a.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Bugs Bunny\AppData\Roaming\Mozilla\Firefox\Profiles\rdp52gji.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.ask.com?o=10148&l=dis&tb=AVR-3"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.265 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.265 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npijjiFFPlugin1.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npijjiautoinstallpluginff.dll
npijjiFFPlugin1.dll
nppl3260.xpt
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
amazondotcom.xml
babylon.xml
bing.xml
bing.xml.old
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
C:\Users\Bugs Bunny\AppData\Roaming\Mozilla\Firefox\Profiles\rdp52gji.default\searchplugins\
bing-zugo.xml
conduit.xml
s-amazon.xml
swagbuckscom.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011041135}]
Premiumplay Codec-C - C:\Program Files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll [2011-12-14 463872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-14 3843232]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-01-04 1514152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2012-01-04 1514152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MRT"=C:\Windows\system32\MRT.exe [2012-07-18 59701280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-07-09 5661056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2011-12-31 1242448]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2011-12-24 981680]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-01-16 421736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2012-01-04 1391272]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-05-02 348624]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Users\Bugs Bunny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Bugs Bunny\AppData\Roaming\Dropbox\bin\Dropbox.exe
ERUNT AutoBackup.lnk - C:\desktop\AUTOBACK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-07-18 20:08:28 ----D---- C:\Program Files\trend micro
2012-07-18 20:08:27 ----D---- C:\rsit
2012-07-18 19:58:48 ----D---- C:\TDSSKiller_Quarantine
2012-07-18 19:54:13 ----A---- C:\TDSSKiller.2.7.46.0_18.07.2012_19.54.13_log.txt
2012-07-18 16:15:49 ----D---- C:\Users\Bugs Bunny\AppData\Roaming\Avira
2012-07-18 16:13:22 ----D---- C:\desktop
2012-07-18 16:02:36 ----D---- C:\Program Files (x86)\Ask.com
2012-07-18 16:02:03 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-07-18 16:02:02 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-07-18 16:02:02 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-07-18 16:01:55 ----D---- C:\ProgramData\Avira
2012-07-18 16:01:55 ----D---- C:\Program Files (x86)\Avira
2012-07-18 12:54:16 ----D---- C:\Program Files (x86)\GUMDB22.tmp
2012-07-18 12:24:40 ----A---- C:\Windows\system32\win32k.sys
2012-07-18 12:23:19 ----A---- C:\Windows\system32\MRT.INI
2012-07-18 12:19:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-18 12:19:54 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-18 12:19:53 ----A---- C:\Windows\SYSWOW64\url.dll
2012-07-18 12:19:53 ----A---- C:\Windows\system32\url.dll
2012-07-18 12:19:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-18 12:19:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-07-18 12:19:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-18 12:19:52 ----A---- C:\Windows\system32\urlmon.dll
2012-07-18 12:19:52 ----A---- C:\Windows\system32\ieui.dll
2012-07-18 12:19:52 ----A---- C:\Windows\system32\iertutil.dll
2012-07-18 12:19:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-18 12:19:51 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-18 12:19:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-07-18 12:19:50 ----A---- C:\Windows\system32\wininet.dll
2012-07-18 12:19:50 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-18 12:19:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-18 12:19:49 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-07-18 12:19:49 ----A---- C:\Windows\system32\jscript9.dll
2012-07-18 12:19:49 ----A---- C:\Windows\system32\jscript.dll
2012-07-18 12:19:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-18 12:19:48 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-18 12:19:46 ----A---- C:\Windows\system32\mshtml.dll
2012-07-18 12:19:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-18 12:19:45 ----A---- C:\Windows\system32\ieframe.dll
2012-07-18 11:53:15 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-07-18 11:48:58 ----D---- C:\Users\Bugs Bunny\AppData\Roaming\SUPERAntiSpyware.com
2012-07-18 11:48:50 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-07-18 11:48:50 ----D---- C:\Program Files\SUPERAntiSpyware
2012-07-18 11:29:48 ----D---- C:\Program Files (x86)\Trend Micro
2012-07-18 08:41:12 ----A---- C:\Windows\svchost.exe
2012-07-18 07:18:56 ----D---- C:\Program Files\Enigma Software Group
2012-07-18 07:16:40 ----D---- C:\Windows\F896D02690164122B9BD957FF092FFE9.TMP
2012-07-18 07:14:42 ----D---- C:\Users\Bugs Bunny\AppData\Roaming\SpeedyPC Software
2012-07-18 07:14:42 ----D---- C:\Users\Bugs Bunny\AppData\Roaming\DriverCure
2012-07-18 07:14:15 ----D---- C:\ProgramData\SpeedyPC Software
2012-07-18 07:14:15 ----D---- C:\Program Files (x86)\SpeedyPC Software
2012-07-18 04:17:35 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-07-18 04:17:35 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2012-07-17 23:31:58 ----D---- C:\Windows\Minidump
2012-07-17 22:43:33 ----D---- C:\ProgramData\PMB Files
2012-07-17 22:01:00 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-17 22:01:00 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-17 22:01:00 ----A---- C:\Windows\system32\msxml6.dll
2012-07-17 22:00:33 ----A---- C:\Windows\system32\shell32.dll
2012-07-17 22:00:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-07-17 22:00:11 ----A---- C:\Windows\system32\schannel.dll
2012-07-17 22:00:10 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-07-17 22:00:10 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-17 22:00:10 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-17 22:00:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-17 22:00:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-17 22:00:10 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-17 22:00:09 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-07-17 22:00:09 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-07-13 01:36:12 ----D---- C:\Program Files (x86)\PC Tools Registry Mechanic
2012-07-12 22:37:39 ----D---- C:\Users\Bugs Bunny\AppData\Roaming\DivX
2012-07-12 22:36:54 ----D---- C:\Program Files\DivX
2012-07-12 22:35:58 ----D---- C:\Program Files (x86)\DivX
2012-07-12 22:35:24 ----D---- C:\ProgramData\DivX
2012-07-12 22:26:21 ----D---- C:\Program Files (x86)\MediaPlayerLite
2012-07-12 22:26:20 ----D---- C:\Program Files (x86)\Giant Savings
2012-07-12 22:21:40 ----D---- C:\Program Files (x86)\GUM91D3.tmp
2012-07-12 22:19:56 ----D---- C:\Program Files (x86)\QuickTime
2012-07-12 22:17:24 ----D---- C:\Program Files (x86)\Real
2012-07-12 22:16:45 ----D---- C:\Users\Bugs Bunny\AppData\Roaming\Real
2012-07-12 22:16:00 ----D---- C:\Program Files (x86)\Google
2012-07-12 22:10:25 ----D---- C:\ProgramData\Real
2012-07-11 04:00:11 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 04:00:11 ----A---- C:\Windows\system32\msxml3(63).dll
2012-06-24 12:52:19 ----A---- C:\Windows\system32\wups2.dll
2012-06-24 12:52:19 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-24 12:52:18 ----A---- C:\Windows\system32\wucltux.dll
2012-06-24 12:52:18 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-24 12:51:47 ----A---- C:\Windows\system32\wups.dll
2012-06-24 12:51:47 ----A---- C:\Windows\system32\wudriver.dll
2012-06-24 12:51:47 ----A---- C:\Windows\system32\wuapi.dll
2012-06-24 12:51:16 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-24 12:51:16 ----A---- C:\Windows\system32\wuapp.exe
======List of files/folders modified in the last 1 month======
2012-07-18 20:08:32 ----D---- C:\Windows\Prefetch
2012-07-18 20:08:31 ----D---- C:\Windows\Temp
2012-07-18 20:08:28 ----RD---- C:\Program Files
2012-07-18 20:07:21 ----D---- C:\Windows\System32
2012-07-18 20:07:21 ----D---- C:\Windows\inf
2012-07-18 20:07:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-18 20:04:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-07-18 20:04:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-07-18 20:03:08 ----D---- C:\Users\Bugs Bunny\AppData\Roaming\Dropbox
2012-07-18 20:02:19 ----D---- C:\ProgramData\NVIDIA
2012-07-18 20:00:39 ----D---- C:\Windows\system32\config
2012-07-18 19:57:17 ----SHD---- C:\System Volume Information
2012-07-18 19:54:15 ----D---- C:\Windows\system32\drivers
2012-07-18 18:00:01 ----D---- C:\Windows\system32\LogFiles
2012-07-18 16:04:35 ----SHD---- C:\$Recycle.Bin
2012-07-18 16:03:31 ----D---- C:\Windows\system32\catroot
2012-07-18 16:03:04 ----SHD---- C:\Windows\Installer
2012-07-18 16:02:39 ----HD---- C:\Config.Msi
2012-07-18 16:02:36 ----RD---- C:\Program Files (x86)
2012-07-18 16:01:55 ----HD---- C:\ProgramData
2012-07-18 16:00:13 ----D---- C:\Windows
2012-07-18 15:52:53 ----D---- C:\Program Files (x86)\Common Files
2012-07-18 15:52:42 ----D---- C:\Windows\SysWOW64
2012-07-18 12:49:09 ----D---- C:\Windows\winsxs
2012-07-18 12:44:55 ----D---- C:\Program Files (x86)\Internet Explorer
2012-07-18 12:44:54 ----D---- C:\Windows\SYSWOW64\migration
2012-07-18 12:44:50 ----D---- C:\Windows\system32\migration
2012-07-18 12:44:47 ----D---- C:\Program Files\Internet Explorer
2012-07-18 12:24:57 ----D---- C:\Windows\system32\catroot2
2012-07-18 12:20:56 ----D---- C:\Windows\debug
2012-07-18 12:20:54 ----A---- C:\Windows\system32\MRT.exe
2012-07-18 11:49:13 ----D---- C:\Windows\Tasks
2012-07-18 11:49:13 ----D---- C:\Windows\system32\Tasks
2012-07-18 11:37:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-18 11:37:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-07-18 11:18:21 ----D---- C:\Windows\system32\wfp
2012-07-18 11:18:20 ----RSD---- C:\Windows\Media
2012-07-18 11:18:13 ----D---- C:\Windows\system32\wbem
2012-07-18 11:16:25 ----D---- C:\Windows\system32\DriverStore
2012-07-18 11:16:25 ----D---- C:\Windows\system32\drivers\etc
2012-07-18 11:16:01 ----D---- C:\Windows\system32\Macromed
2012-07-18 11:16:00 ----D---- C:\Windows\system32\CodeIntegrity
2012-07-18 11:15:40 ----D---- C:\ProgramData\McAfee Security Scan
2012-07-18 11:15:40 ----D---- C:\Program Files (x86)\Steam
2012-07-18 11:15:40 ----D---- C:\Program Files (x86)\Premiumplay Codec-C
2012-07-18 11:15:40 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-18 11:15:38 ----D---- C:\Program Files (x86)\CrossriderWebApps
2012-07-18 11:14:01 ----D---- C:\Windows\registration
2012-07-18 11:13:07 ----D---- C:\Windows\SYSWOW64\Macromed
2012-07-18 11:11:22 ----D---- C:\Windows\system32\sysprep
2012-07-18 11:10:50 ----RD---- C:\Users
2012-07-18 11:10:31 ----D---- C:\Users\Bugs Bunny\AppData\Roaming\Skype
2012-07-18 11:10:26 ----SD---- C:\Users\Bugs Bunny\AppData\Roaming\Microsoft
2012-07-18 11:10:25 ----D---- C:\Users\Bugs Bunny\AppData\Roaming\Malwarebytes
2012-07-18 11:08:44 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-07-18 01:51:09 ----D---- C:\Windows\Logs
2012-07-17 21:52:04 ----D---- C:\Windows\SYSWOW64\wbem
2012-07-17 21:49:54 ----D---- C:\Windows\Downloaded Program Files
2012-07-13 19:03:07 ----AD---- C:\ProgramData\TEMP
2012-07-01 15:29:28 ----D---- C:\Windows\system32\FxsTmp
2012-06-25 14:00:36 ----D---- C:\Windows\rescache
2012-06-25 13:19:32 ----D---- C:\Windows\system32\en-US
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-13 214096]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-04-27 132832]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-05-02 27760]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-13 514048]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-04-25 98848]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 28704]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-01-06 676864]
R3 SrvHsfPCIe;SrvHsfPCIe; C:\Windows\system32\DRIVERS\VSTBS36.SYS [2009-06-10 287744]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-13 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-13 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-13 43008]
S3 dump_wmimmc;dump_wmimmc; \??\C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys [2004-12-31 4682]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-13 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-13 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-13 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-13 34896]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-08-02 51712]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-13 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-13 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-13 21760]
S3 vtany;vtany; \??\C:\Windows\vtany.sys []
S3 xspirit;xspirit; \??\C:\Windows\xspirit.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-02 86224]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-05-02 110032]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-02 465360]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-13 27136]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-13 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-29 889664]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-29 2348352]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-13 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-13 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-18 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-22 250056]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-18 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-07-17 4390376]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-13 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-24 1255736]
S3 xsherlock;xsherlock; C:\Windows\syswow64\xsherlock.xem [2012-05-27 670816]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-13 27136]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-01-16 934760]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-03-15 489256]
-----------------EOF-----------------
-
oo im sry i accidently read the last comment wrong and quoted rather than reply ~
-
Hello <user> and welcome to the Malwarebytes forum!
If you think you are infected, here are the steps needed to get your computer cleaned....
Please read the following so that you can begin the cleaning process:
IMPORTANT: Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult
You have 3 Options that you can choose from as listed below:
- Option 1 —— Free Expert advice in the Malware Removal Forum
- Option 2 —— Paying customer -- Contact Support via email
- Option 3 —— Premium, Fee-Based Support
OPTION 1
As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in the
Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have.
- Please read and follow the directions >>Right HERE<<, skipping any steps you are unable to complete.
- After posting your new post, make sure under options, you select Track this topic and choose Immediate Email Notification,
so that you're alerted when someone has replied to your post.
NOTE: Please do not post back to (bump) your topic within the first 48 hours.
Replying to your own posts changes the post count and helpers are looking for topics with zero replies.
If you reply to your own post helpers may think that you're already being helped and thus overlook your post.
- If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
Or - You may send a Private Message to a Moderator asking for assistance.
OPTION 2
Alternatively, as a paying customer, you can contact the help desk by filling out the form located >>Right HERE<<
OPTION 3
If you would like to use our Malwarebytes Premium Services, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our Malwarebytes Premium Services support site >>Right HERE<<
Please be patient, someone will assist you as soon as possible.
PS: Please use the "Reply to this Topic" or "More Reply Options" buttons (instead of the “Quote” and “MultiQuote” buttons) when replying here & at the other forums. That will make your topic easier to follow.
DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by Bugs Bunny at 13:23:32 on 2012-07-18
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4863.3004 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Symantec AntiVirus\VPTray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Premiumplay Codec-C: {11111111-1111-1111-1111-110011041135} - C:\Program Files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
mRun: [vptray] C:\PROGRA~2\SYMANT~1\VPTray.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\BUGSBU~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Bugs Bunny\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
Attach.txt .
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 9/24/2011 8:27:29 PM
System Uptime: 7/18/2012 12:46:48 PM (1 hours ago)
.
Motherboard: PEGATRON CORPORATION | | VIOLA
Processor: AMD Phenom™ 9550 Quad-Core Processor | CPU 1 | 1100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 699 GiB total, 594.155 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 0 GiB total, 0.07 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP158: 7/17/2012 11:49:12 PM - Configured League of Legends
RP159: 7/17/2012 11:53:16 PM - Configured League of Legends
RP160: 7/18/2012 12:09:46 AM - Configured League of Legends
RP161: 7/18/2012 12:17:10 AM - Restore Operation
RP162: 7/18/2012 12:42:44 AM - Removed BabylonObjectInstaller
RP163: 7/18/2012 12:47:56 AM - Removed BabylonObjectInstaller
RP164: 7/18/2012 12:48:58 AM - Windows Update
RP165: 7/18/2012 1:26:12 AM - Restore Operation
RP166: 7/18/2012 1:47:28 AM - Windows Update
RP167: 7/18/2012 3:05:55 AM - Windows Update
RP168: 7/18/2012 7:16:44 AM - Installed SpyHunter
RP169: 7/18/2012 8:45:55 AM - Removed SpyHunter
RP170: 7/18/2012 8:47:01 AM - Removed SpyHunter
RP171: 7/18/2012 11:04:25 AM - Restore Operation
RP172: 7/18/2012 12:18:32 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
Belkin Connect Wireless USB Adapter
Belkin Wireless G USB Adapter Driver
BufferChm
Copy
Counter-Strike: Condition Zero
Counter-Strike: Source
Destinations
DeviceDiscovery
Diablo III
- Option 1 —— Free Expert advice in the Malware Removal Forum
-
Hello~ I've been recently getting a random advertisement / music playing in the background coming from absolutely nothing. I've tried restarting numerous times, and even restored to an earlier point in time 3 times lol. It was proven no help and continued to make the random audio. I suspected it to be a virus/ malware so i ran numerous tests with spybot, malwarebytes, ccleaner and many more. I've also detected a babylon and managed to partially get rid of it. ( not quite sure if its fully removed because it is still in firefox about:config and some files continue to come back even after countless resets. And on IE i was able to disable babylon from search provider, but was unable to delete it). Im not quite sure if babylon has anything to do with this =/ , but if you could plz help me get to the bottom of this, itd rly help alot~ As you may already know, i dont know too much about computers =/ so a step by step direction would be greatly appreciated
TY~Also a system recovery is not responding and will not load for some reason =/
DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by Bugs Bunny at 13:23:32 on 2012-07-18
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4863.3004 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Symantec AntiVirus\DefWatch.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
C:\Program Files (x86)\Symantec AntiVirus\VPTray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Premiumplay Codec-C: {11111111-1111-1111-1111-110011041135} - C:\Program Files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
mRun: [vptray] C:\PROGRA~2\SYMANT~1\VPTray.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\BUGSBU~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Bugs Bunny\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
Attach.txt .
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 9/24/2011 8:27:29 PM
System Uptime: 7/18/2012 12:46:48 PM (1 hours ago)
.
Motherboard: PEGATRON CORPORATION | | VIOLA
Processor: AMD Phenom™ 9550 Quad-Core Processor | CPU 1 | 1100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 699 GiB total, 594.155 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 0 GiB total, 0.07 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP158: 7/17/2012 11:49:12 PM - Configured League of Legends
RP159: 7/17/2012 11:53:16 PM - Configured League of Legends
RP160: 7/18/2012 12:09:46 AM - Configured League of Legends
RP161: 7/18/2012 12:17:10 AM - Restore Operation
RP162: 7/18/2012 12:42:44 AM - Removed BabylonObjectInstaller
RP163: 7/18/2012 12:47:56 AM - Removed BabylonObjectInstaller
RP164: 7/18/2012 12:48:58 AM - Windows Update
RP165: 7/18/2012 1:26:12 AM - Restore Operation
RP166: 7/18/2012 1:47:28 AM - Windows Update
RP167: 7/18/2012 3:05:55 AM - Windows Update
RP168: 7/18/2012 7:16:44 AM - Installed SpyHunter
RP169: 7/18/2012 8:45:55 AM - Removed SpyHunter
RP170: 7/18/2012 8:47:01 AM - Removed SpyHunter
RP171: 7/18/2012 11:04:25 AM - Restore Operation
RP172: 7/18/2012 12:18:32 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
Belkin Connect Wireless USB Adapter
Belkin Wireless G USB Adapter Driver
BufferChm
Copy
Counter-Strike: Condition Zero
Counter-Strike: Source
Destinations
DeviceDiscovery
Diablo III
-
Hello~ I've been recently getting a random advertisement / music playing in the background coming from absolutely nothing. I've tried restarting numerous times, and even restored to an earlier point in time 3 times lol. It was proven no help and continued to make the random audio. I suspected it to be a virus/ malware so i ran numerous tests with spybot, malwarebytes, ccleaner and many more. I've also detected a babylon and managed to partially get rid of it. ( not quite sure if its fully removed because it is still in firefox about:config and some files continue to come back even after countless resets. And on IE i was able to disable babylon from search provider, but was unable to delete it). Im not quite sure if babylon has anything to do with this =/ , but if you could plz help me get to the bottom of this, itd rly help alot~ As you may already know, i dont know too much about computers =/ so a step by step direction would be greatly appreciated
TY~Also a system recovery is not responding and will not load for some reason =/
TY~
Please help! random advertisement playing in background, possible malware =[
in Resolved Malware Removal Logs
Posted
wow.. that took almost forever lol, and i seemed to have made a mistake =/ and accidently selected " delete incurable " instead of move incurable. ;[ Here are the logs ~
Drweb:
124e7f25.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;Trojan.NtRootKit.13531;Deleted.;
5578dcbd.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;Adware.InstallCore.19;Incurable.Deleted.;
57670667.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;BackDoor.Tdss.5231;Deleted.;
5578dcbd.qua;C:\Documents and Settings\All Users\Avira\AntiVir Desktop\INFECTED;Adware.InstallCore.19;Invalid path to file ;
5578dcbd.qua;C:\ProgramData\Avira\AntiVir Desktop\INFECTED;Adware.InstallCore.19;Invalid path to file ;
tsk0000.dta;C:\TDSSKiller_Quarantine\18.07.2012_19.54.14\mbr0000\mbr0000;Trojan.Tdlphaze.1;Incurable.Moved.;
tsk0003.dta;C:\TDSSKiller_Quarantine\18.07.2012_19.54.14\mbr0000\tdlfs0000;Trojan.DownLoad3.1188;Deleted.;
5578dcbd.qua;C:\Users\All Users\Avira\AntiVir Desktop\INFECTED;Adware.InstallCore.19;Invalid path to file ;
security check:
Results of screen317's Security Check version 0.99.43
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
Adobe Reader X (10.1.3)
Mozilla Firefox (14.0.1)
Google Chrome 20.0.1132.57
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 6%
````````````````````End of Log``````````````````````
And the system seems to be working fine , but still can notice the slight change in performance speeds since last week.