Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pesky Win32/Bamital!dat infection


  • This topic is locked This topic is locked
46 replies to this topic

#1 Tvarius

Tvarius

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 25 March 2012 - 04:00 PM

Hello everyone I'm obviously new here but not so new to computers. I can't figure out how to completely rid my desktop of this infection. Every time it is detected, it is seemingly removed but it is immediately detected again. I believe my machine has had this for several months. I discovered this infection after seemingly ridding my machine of the WinkZink browser hijacker infection.

O/S: Vista 32bit (primary partition)
Anti-malware programs: AVG 2012 free edition, Microsoft Security Essentials; both are always up-to-date. AVG doesn't seem to catch the infection but MSE does. It thinks it removes it just to discover it again.

Any and all help will be appreciated.

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:27 AM

Posted 26 March 2012 - 08:39 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

1.Do not run any other tool untill instructed to do so!
doing so will only at best cause you unneeded worry as it finds our backups and may even list our tools
and at worst can cause conficts with our tools and lead to unforseen things to happen2.Please Do not Attach logs or put in code boxes.
besides the time it takes me to open the reports it makes it harder to find something if I need to go back to do more research and putting them in code boxes just makes them so hard to read3. After each step give me a little feedback
It does not need to be long but just something so I know how things are going it can be something like
I am still getting redirected
The computer is running as it should
Don't put things like - it is the same as before or still the same this just makes me go back and look for you last feedback as to how things are4. read every post completely before doing anything
Pay special attention to the Notes** I have put in
These are things I have found that happen allot and can be taken care of easily just by reading the Notes**

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.


Backup any files that cannot be replaced

If you have not done it yet spend a few minutes to backup any files that cannot be replaced. Removing malware can be unpredictable and this may save you and me allot of grief later.

You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

you may want to backup the whole harddrive there is some good info in the Preparation Guide on how to make full backups and how to restore it back if something goes wrong. Read the tutorial and print it out so you will know what to do in case the unforeseen happens.

When you have the files backed up you may do the following.


Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Tvarius

Tvarius
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 26 March 2012 - 04:51 PM

Thank you for your prompt reply! I'm about to attempt these instructions right now.

edit: Backing up my files. This will take a while...

Edited by Tvarius, 26 March 2012 - 05:11 PM.


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:27 AM

Posted 26 March 2012 - 07:00 PM

no problem and better safe than sorry


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Tvarius

Tvarius
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 26 March 2012 - 07:53 PM

LOGS

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_18
Run by Lawrence at 19:45:25 on 2012-03-26
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.3582.2009 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxdocoms.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Windows\System32\MAFWDITray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DisplayFusion2\DisplayFusion.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\AVG\AVG2012\avgui.exe
C:\Program Files\AVG\AVG2012\avgcfgex.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: AutorunsDisabled - No File
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\8.0.0.34\AVG Secure Search_toolbar.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\8.0.0.34\AVG Secure Search_toolbar.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [DisplayFusion] "c:\program files\displayfusion2\DisplayFusion.exe"
uRun: [Google Update] "c:\users\lawrence\appdata\local\google\update\GoogleUpdate.exe" /c
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.5; OfficeLivePatch.1.3; .NET4.0C; msn OptimizedIE8;ENUS)" -"http://www.candystand.com/play/billiards"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [NPSStartup]
mRun: [hpqSRMon]
mRun: [M-Audio Taskbar Icon] c:\windows\system32\MAFWDITray.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\public\docume~1\windows\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 68.238.96.12
TCP: Interfaces\{31F0D195-F93D-4E97-BD77-8060550D50E0} : DhcpNameServer = 192.168.1.1 68.238.96.12
TCP: Interfaces\{42003879-3A3D-40D7-A53B-7DA4E13CA1B8} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{4A9E2A95-2EA7-4106-B7C1-ED03F0E451DB} : DhcpNameServer = 192.168.1.1 68.238.96.12
TCP: Interfaces\{BB97F205-AEB2-421E-B719-F849CA24B250} : DhcpNameServer = 192.168.1.1 68.87.74.166 68.87.68.166
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\8.0.1\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
mASetup: {7070D8E0-650A-46b3-B03C-9497582E6A74} - %SystemRoot%\system32\soundschemes.exe /AddRegistration
mASetup: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - %SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\lawrence\appdata\roaming\mozilla\firefox\profiles\xk2msjgb.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divxoldversion\divx web player\npdivx32.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\lawrence\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\lawrence\appdata\local\microsoft\internet explorer\downloaded program files\npsoe.dll
FF - plugin: c:\users\lawrence\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\lawrence\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R1 hugoio;hugoio;c:\program files\i-menu\hugoio.sys [2011-9-5 9760]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-1-26 176128]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2011-1-26 284672]
R2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ati technologies\ati.ace\reservation manager\AMD Reservation Manager.exe [2010-6-17 140224]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-12-8 21504]
R2 lxdo_device;lxdo_device;c:\windows\system32\lxdocoms.exe -service --> c:\windows\system32\lxdocoms.exe -service [?]
R2 WDDMService;WDDMService;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2011-3-9 238592]
R2 WDFME;WD File Management Engine;c:\program files\western digital\wd smartware\front parlor\wdfme\WDFME.exe [2011-3-9 1060864]
R2 WDSC;WD File Management Shadow Engine;c:\program files\western digital\wd smartware\front parlor\WDSC.exe [2011-3-9 484352]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2011-3-14 37944]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-4-20 7772160]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-4-20 243712]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2010-11-17 97296]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.SYS [2008-3-20 98328]
R3 MAFWPROFIRE;Service for M-Audio ProFire;c:\windows\system32\drivers\MAudioProFire.sys [2009-9-23 209288]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 lxdoCATSCustConnectService;lxdoCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdoserv.exe [2007-7-17 94208]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-15 183560]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2008-3-20 98328]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.SYS [2008-3-20 171032]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2008-3-20 171032]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.SYS [2008-3-20 528920]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2008-3-20 528920]
S3 CTEAPSFX.SYS;CTEAPSFX.SYS;c:\windows\system32\drivers\CTEAPSFX.SYS [2008-3-20 163352]
S3 CTEAPSFX;CTEAPSFX;c:\windows\system32\drivers\CTEAPSFX.SYS [2008-3-20 163352]
S3 CTEDSPFX.SYS;CTEDSPFX.SYS;c:\windows\system32\drivers\CTEDSPFX.SYS [2008-3-20 259096]
S3 CTEDSPFX;CTEDSPFX;c:\windows\system32\drivers\CTEDSPFX.SYS [2008-3-20 259096]
S3 CTEDSPIO.SYS;CTEDSPIO.SYS;c:\windows\system32\drivers\CTEDSPIO.SYS [2008-3-20 134168]
S3 CTEDSPIO;CTEDSPIO;c:\windows\system32\drivers\CTEDSPIO.SYS [2008-3-20 134168]
S3 CTEDSPSY.SYS;CTEDSPSY.SYS;c:\windows\system32\drivers\CTEDSPSY.SYS [2008-3-20 309784]
S3 CTEDSPSY;CTEDSPSY;c:\windows\system32\drivers\CTEDSPSY.SYS [2008-3-20 309784]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.SYS [2008-3-20 99352]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2008-3-20 99352]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.SYS [2008-3-20 1324056]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2008-3-20 1324056]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.SYS [2008-3-20 72728]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2008-3-20 72728]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.SYS [2008-3-20 534040]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2008-3-20 534040]
S3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\drivers\deltaII.sys [2009-2-23 302728]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-22 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-10-10 36608]
S3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2010-10-11 13312]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2010-10-10 90240]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2010-10-10 14976]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2010-10-10 121856]
S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2006-11-2 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2006-11-2 251904]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WlanUIG;2Wire 802.11g USB Driver;c:\windows\system32\drivers\WlanUIG.sys [2008-12-7 347648]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2011-7-27 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2011-7-27 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2011-7-27 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2011-7-27 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2011-7-27 25704]
S4 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\8.0.1\ToolbarUpdater.exe [2011-9-29 246600]
.
=============== Created Last 30 ================
.
2012-03-26 04:17:33 6582328 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{61fcfea2-3ebd-4502-a60d-6c99ec931d78}\mpengine.dll
2012-03-15 03:35:05 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-15 03:35:03 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-15 03:35:03 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-15 03:35:03 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-15 03:35:03 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-15 03:35:03 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-15 03:35:02 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-03-15 03:34:52 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-15 03:34:52 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-07 18:31:18 -------- d-----w- c:\users\lawrence\appdata\local\{FD30B664-6E5B-4B59-B351-26F9D9AC70A6}
2012-03-06 22:51:08 -------- d-----w- c:\users\lawrence\appdata\local\{3186888B-28D2-4633-BF96-23B9FFBBB0ED}
2012-03-06 22:50:58 -------- d-----w- c:\users\lawrence\appdata\local\{37AFB895-25C4-425B-A22B-14ADF77041BA}
2012-03-06 22:48:43 -------- d-----w- c:\windows\en
2012-03-06 22:45:53 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2012-03-06 22:45:53 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2012-03-06 22:45:52 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-03-06 22:45:33 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-03-06 22:39:48 -------- d-----w- c:\users\lawrence\appdata\local\{C0AFAFB5-DB0D-4531-A0F0-3CA54C7F2F10}
2012-03-06 22:39:48 -------- d-----w- c:\users\lawrence\appdata\local\{82E24AFC-61D9-49A3-840C-13A4E476633E}
.
==================== Find3M ====================
.
2012-03-15 04:18:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2010-01-26 21:22:14 4636488 ----a-w- c:\program files\common files\Samsung_Mobile_USB_Driver(V5.2)_V1.2.1060.0.exe
.
============= FINISH: 19:45:59.46 ===============

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:27 AM

Posted 26 March 2012 - 08:33 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Tvarius

Tvarius
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 26 March 2012 - 09:38 PM

Unfortunately I didn't have the Microsoft Security Essentials completely disabled when I ran the DDS tool. Should I re-run the tool and post the Logs again prior to running the Combofix tool?

Edited by Tvarius, 26 March 2012 - 09:40 PM.


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:27 AM

Posted 26 March 2012 - 09:53 PM

that is ok - go ahead and run combofix for me


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Tvarius

Tvarius
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 26 March 2012 - 10:12 PM

Ok I didn't experience any issues running the Combofix tool. Here is the Log:

ComboFix 12-03-26.02 - Lawrence 03/26/2012 21:55:30.1.2 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.3582.2206 [GMT -5:00]
Running from: c:\users\Lawrence\Documents\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lawrence\AppData\Local\assembly\tmp
c:\users\Lawrence\AppData\Local\assembly\tmp\KURPNLLJ\__AssemblyInfo__.ini
c:\users\Lawrence\AppData\Local\assembly\tmp\KURPNLLJ\BccthisStore.DLL
c:\windows\~GLC0000.TMP
c:\windows\~GLC0001.TMP
c:\windows\~GLH0000.TMP
c:\windows\~GLH0001.TMP
.
.
((((((((((((((((((((((((( Files Created from 2012-02-27 to 2012-03-27 )))))))))))))))))))))))))))))))
.
.
2012-03-27 03:03 . 2012-03-27 03:03 -------- d-----w- c:\users\Lawrence\AppData\Local\temp
2012-03-27 03:03 . 2012-03-27 03:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-27 00:45 . 2012-03-27 00:45 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61FCFEA2-3EBD-4502-A60D-6C99EC931D78}\MpKslfc514f1a.sys
2012-03-26 04:17 . 2012-03-14 02:15 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61FCFEA2-3EBD-4502-A60D-6C99EC931D78}\mpengine.dll
2012-03-15 03:35 . 2012-02-02 15:16 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-03-15 03:35 . 2012-02-14 15:45 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-15 03:35 . 2012-02-14 15:45 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-03-15 03:35 . 2012-02-13 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-03-15 03:35 . 2012-02-13 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-03-15 03:35 . 2012-02-13 13:44 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-03-15 03:35 . 2012-01-31 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-03-15 03:34 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-15 03:34 . 2012-01-09 13:58 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-06 22:48 . 2012-03-06 22:48 -------- d-----w- c:\windows\en
2012-03-06 22:45 . 2009-09-04 23:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2012-03-06 22:45 . 2009-09-04 23:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2012-03-06 22:45 . 2009-09-04 23:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-03-06 22:45 . 2006-11-29 19:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-15 04:18 . 2011-06-16 03:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-14 02:15 . 2012-01-31 21:48 6582328 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-03-06 22:46 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-02-19 23:23 . 2012-02-19 23:26 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2D2E5EF6-5B1E-4845-A9C1-725623C53320}\gapaengine.dll
2012-01-31 12:44 . 2010-02-27 04:35 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-31 09:51 . 2012-02-19 23:26 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2010-01-26 21:22 . 2010-01-26 21:22 4636488 ----a-w- c:\program files\Common Files\Samsung_Mobile_USB_Driver(V5.2)_V1.2.1060.0.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2012-01-29 15:55 . 2012-02-01 03:22 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-09-29 19:48 1451336 ----a-w- c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll" [2011-09-29 1451336]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-08-22 6276408]
"DisplayFusion"="c:\program files\DisplayFusion2\DisplayFusion.exe" [2012-01-03 2788792]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"M-Audio Taskbar Icon"="c:\windows\system32\MAFWDITray.exe" [2009-09-23 313864]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-07 421736]
.
c:\users\Lawrence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-12-15 3446512]
Vista & XP Virtual Desktops.lnk - c:\users\Lawrence\AppData\Roaming\Microsoft\Installer\{F4735C64-9A74-4E48-894B-1CA5D83B99C8}\MainIcon.ico [2008-12-13 106023]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-3-9 3986944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\2Wire Wireless Manager]
2007-05-02 16:26 61440 ----a-w- c:\program files\2Wire Wireless Manager\2Wire.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-05-04 21:05 311296 ----a-r- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdloader]
2010-02-26 23:43 50520 ----a-w- c:\users\Lawrence\AppData\Roaming\mjusbsp\cdloader2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2008-03-20 20:35 23040 ----a-w- c:\windows\System32\CTHELPER.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
2008-03-20 20:35 23552 ----a-w- c:\windows\System32\CTXFIHLP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeltaIITaskbarApp]
2008-03-03 15:13 236040 ----a-w- c:\windows\System32\DeltaIITray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-02-10 00:58 136176 ----atw- c:\users\Lawrence\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-07 00:05 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
2006-12-08 21:16 65536 ----a-w- c:\hp\KBD\KbdStub.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 9500 Series Fax Server]
2007-09-18 10:28 307200 ----a-w- c:\program files\Lexmark 9500 Series\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdoamon]
2007-08-10 06:11 20480 ----a-w- c:\program files\Lexmark 9500 Series\lxdoamon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdomon.exe]
2007-09-06 20:38 450560 ----a-w- c:\program files\Lexmark 9500 Series\lxdomon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2011-08-22 06:18 6276408 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2011-05-13 22:03 4283256 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 19:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefaultMIDI]
2008-03-20 20:19 31232 ----a-w- c:\windows\System32\MIDIDEF.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 07:00 90112 ------w- c:\windows\Updreg.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
2011-09-29 19:48 218440 ----a-w- c:\program files\AVG Secure Search\vprot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WrtMon.exe]
2007-04-11 16:30 26704 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\WrtMon.exe
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLFC514F1A
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
2008-04-11 23:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 16:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741694961-368276400-3577190821-1000Core.job
- c:\users\Lawrence\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-10 00:58]
.
2012-03-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741694961-368276400-3577190821-1000UA.job
- c:\users\Lawrence\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-10 00:58]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1 68.238.96.12
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
FF - ProfilePath - c:\users\Lawrence\AppData\Roaming\Mozilla\Firefox\Profiles\xk2msjgb.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKLM-Run-NPSStartup - (no file)
HKLM-Run-hpqSRMon - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-AutoStartNPSAgent - c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe
MSConfigStartUp-EasyTether - c:\program files\Mobile Stream\EasyTether\easytthr.exe
MSConfigStartUp-HP Software Update - c:\program files\Hp\HP Software Update\HPWuSchd2.exe
MSConfigStartUp-Lexmark 4200 Series Fax Server - c:\program files\Lexmark 4200 Series\fm3032.exe
MSConfigStartUp-PRISMSVR - c:\windows\system32\PRISMSVR.EXE
MSConfigStartUp-VeohPlugin - c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-26 22:03
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-03-26 22:05:49
ComboFix-quarantined-files.txt 2012-03-27 03:05
.
Pre-Run: 79,247,925,248 bytes free
Post-Run: 80,437,633,024 bytes free
.
- - End Of File - - BFC438E5443132A9490D2303D8DB6201

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:27 AM

Posted 26 March 2012 - 10:20 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Tvarius

Tvarius
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 26 March 2012 - 10:49 PM

...

Edited by Tvarius, 26 March 2012 - 10:52 PM.


#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:27 AM

Posted 26 March 2012 - 10:53 PM

is everything OK


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Tvarius

Tvarius
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 26 March 2012 - 10:56 PM

So far so good. I'm waiting for the aswMBR scan to complete then I will re-Post the log files.

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:27 AM

Posted 26 March 2012 - 11:00 PM

OH OK I seen post 11 empty and had me worried

when it is complete make a new post as I will not be notified if you make an edit


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Tvarius

Tvarius
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:09:27 AM

Posted 27 March 2012 - 12:17 PM

22:36:55.0690 4736 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
22:36:56.0080 4736 ============================================================
22:36:56.0080 4736 Current date / time: 2012/03/26 22:36:56.0080
22:36:56.0080 4736 SystemInfo:
22:36:56.0080 4736
22:36:56.0080 4736 OS Version: 6.0.6002 ServicePack: 2.0
22:36:56.0080 4736 Product type: Workstation
22:36:56.0080 4736 ComputerName: LAWRENCE-PC
22:36:56.0080 4736 UserName: Lawrence
22:36:56.0080 4736 Windows directory: C:\Windows
22:36:56.0080 4736 System windows directory: C:\Windows
22:36:56.0080 4736 Processor architecture: Intel x86
22:36:56.0080 4736 Number of processors: 2
22:36:56.0080 4736 Page size: 0x1000
22:36:56.0080 4736 Boot type: Normal boot
22:36:56.0080 4736 ============================================================
22:36:56.0735 4736 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
22:36:56.0844 4736 \Device\Harddisk0\DR0:
22:36:56.0844 4736 MBR used
22:36:56.0844 4736 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x192B5260
22:36:56.0844 4736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x192B6000, BlocksNum 0x328D800
22:36:56.0844 4736 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C543AA0, BlocksNum 0xC80730
22:36:56.0938 4736 Initialize success
22:36:56.0938 4736 ============================================================
22:37:46.0267 3900 ============================================================
22:37:46.0267 3900 Scan started
22:37:46.0267 3900 Mode: Manual;
22:37:46.0267 3900 ============================================================
22:37:46.0673 3900 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:37:46.0688 3900 ACPI - ok
22:37:46.0782 3900 Adobe LM Service (85ae7a3a151a9a12a87e029df3b1b3e3) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:37:47.0406 3900 Adobe LM Service - ok
22:37:47.0484 3900 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:37:47.0500 3900 AdobeARMservice - ok
22:37:47.0640 3900 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
22:37:47.0640 3900 adp94xx - ok
22:37:47.0671 3900 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
22:37:47.0671 3900 adpahci - ok
22:37:47.0687 3900 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
22:37:47.0687 3900 adpu160m - ok
22:37:47.0718 3900 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
22:37:47.0718 3900 adpu320 - ok
22:37:47.0765 3900 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:37:47.0765 3900 AeLookupSvc - ok
22:37:47.0812 3900 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:37:47.0827 3900 AFD - ok
22:37:47.0843 3900 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
22:37:47.0843 3900 agp440 - ok
22:37:47.0874 3900 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:37:47.0874 3900 aic78xx - ok
22:37:47.0905 3900 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:37:47.0905 3900 ALG - ok
22:37:47.0952 3900 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
22:37:47.0952 3900 aliide - ok
22:37:47.0999 3900 AMD External Events Utility (ebccbcbf1df132e4775e5d6e6dea3ed0) C:\Windows\system32\atiesrxx.exe
22:37:47.0999 3900 AMD External Events Utility - ok
22:37:48.0108 3900 AMD FUEL Service - ok
22:37:48.0155 3900 AMD Reservation Manager (9fe76d783a7d47965d086a220b54277b) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
22:37:48.0233 3900 AMD Reservation Manager - ok
22:37:48.0248 3900 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
22:37:48.0248 3900 amdagp - ok
22:37:48.0264 3900 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
22:37:48.0264 3900 amdide - ok
22:37:48.0311 3900 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
22:37:48.0311 3900 amdiox86 - ok
22:37:48.0342 3900 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
22:37:48.0342 3900 AmdK7 - ok
22:37:48.0373 3900 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
22:37:48.0373 3900 AmdK8 - ok
22:37:48.0592 3900 amdkmdag (f89643a2ca001b1162061e306f8bf267) C:\Windows\system32\DRIVERS\atikmdag.sys
22:37:48.0763 3900 amdkmdag - ok
22:37:48.0904 3900 amdkmdap (fb68e1b9cec598f0f69503f3aebb45dd) C:\Windows\system32\DRIVERS\atikmpag.sys
22:37:48.0904 3900 amdkmdap - ok
22:37:48.0950 3900 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:37:48.0950 3900 Appinfo - ok
22:37:49.0060 3900 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:37:49.0060 3900 Apple Mobile Device - ok
22:37:49.0091 3900 AppMgmt (0fe769cae5855b53c90e23f85e7e89ff) C:\Windows\System32\appmgmts.dll
22:37:49.0106 3900 AppMgmt - ok
22:37:49.0138 3900 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
22:37:49.0138 3900 arc - ok
22:37:49.0153 3900 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
22:37:49.0153 3900 arcsas - ok
22:37:49.0200 3900 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:37:49.0200 3900 AsyncMac - ok
22:37:49.0231 3900 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:37:49.0231 3900 atapi - ok
22:37:49.0278 3900 AtiHDAudioService (0c3c2e9136397e1aaa9033dcae25ced2) C:\Windows\system32\drivers\AtihdLH3.sys
22:37:49.0278 3900 AtiHDAudioService - ok
22:37:49.0325 3900 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:37:49.0325 3900 AudioEndpointBuilder - ok
22:37:49.0340 3900 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:37:49.0356 3900 Audiosrv - ok
22:37:49.0543 3900 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
22:37:49.0574 3900 AVGIDSAgent - ok
22:37:49.0699 3900 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
22:37:49.0699 3900 AVGIDSDriver - ok
22:37:49.0746 3900 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
22:37:49.0746 3900 AVGIDSEH - ok
22:37:49.0777 3900 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
22:37:49.0777 3900 AVGIDSFilter - ok
22:37:49.0824 3900 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
22:37:49.0824 3900 AVGIDSShim - ok
22:37:49.0840 3900 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
22:37:49.0855 3900 Avgldx86 - ok
22:37:49.0886 3900 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
22:37:49.0886 3900 Avgmfx86 - ok
22:37:49.0933 3900 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
22:37:49.0933 3900 Avgrkx86 - ok
22:37:49.0980 3900 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
22:37:49.0980 3900 Avgtdix - ok
22:37:50.0058 3900 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
22:37:50.0074 3900 avgwd - ok
22:37:50.0152 3900 BBSvc (66e66fd5a83c8bbfb791d14246d84015) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
22:37:50.0152 3900 BBSvc - ok
22:37:50.0198 3900 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:37:50.0198 3900 Beep - ok
22:37:50.0261 3900 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
22:37:50.0261 3900 BFE - ok
22:37:50.0323 3900 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
22:37:50.0339 3900 BITS - ok
22:37:50.0370 3900 blbdrive - ok
22:37:50.0464 3900 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:37:50.0464 3900 Bonjour Service - ok
22:37:50.0510 3900 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:37:50.0510 3900 bowser - ok
22:37:50.0542 3900 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:37:50.0542 3900 BrFiltLo - ok
22:37:50.0588 3900 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:37:50.0588 3900 BrFiltUp - ok
22:37:50.0635 3900 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:37:50.0635 3900 Browser - ok
22:37:50.0651 3900 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:37:50.0651 3900 Brserid - ok
22:37:50.0666 3900 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:37:50.0682 3900 BrSerWdm - ok
22:37:50.0682 3900 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:37:50.0682 3900 BrUsbMdm - ok
22:37:50.0698 3900 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:37:50.0713 3900 BrUsbSer - ok
22:37:50.0729 3900 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:37:50.0729 3900 BTHMODEM - ok
22:37:50.0791 3900 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
22:37:50.0807 3900 BVRPMPR5 - ok
22:37:50.0947 3900 catchme - ok
22:37:50.0978 3900 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:37:50.0978 3900 cdfs - ok
22:37:51.0025 3900 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:37:51.0041 3900 cdrom - ok
22:37:51.0088 3900 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:37:51.0103 3900 CertPropSvc - ok
22:37:51.0150 3900 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
22:37:51.0166 3900 circlass - ok
22:37:51.0212 3900 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:37:51.0228 3900 CLFS - ok
22:37:51.0290 3900 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:37:51.0306 3900 clr_optimization_v2.0.50727_32 - ok
22:37:51.0400 3900 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:37:51.0400 3900 clr_optimization_v4.0.30319_32 - ok
22:37:51.0431 3900 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
22:37:51.0431 3900 cmdide - ok
22:37:51.0462 3900 COMMONFX (334d77efc9f3d22dee021a9bb3f4e13e) C:\Windows\system32\drivers\COMMONFX.SYS
22:37:51.0462 3900 COMMONFX - ok
22:37:51.0478 3900 COMMONFX.SYS (334d77efc9f3d22dee021a9bb3f4e13e) C:\Windows\System32\drivers\COMMONFX.SYS
22:37:51.0478 3900 COMMONFX.SYS - ok
22:37:51.0524 3900 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
22:37:51.0524 3900 Compbatt - ok
22:37:51.0556 3900 COMSysApp - ok
22:37:51.0587 3900 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
22:37:51.0587 3900 crcdisk - ok
22:37:51.0618 3900 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
22:37:51.0618 3900 Crusoe - ok
22:37:51.0665 3900 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
22:37:51.0665 3900 CryptSvc - ok
22:37:51.0696 3900 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
22:37:51.0696 3900 CSC - ok
22:37:51.0758 3900 CscService (0a2095f92f6ae4fe6484d911b0c21e95) C:\Windows\System32\cscsvc.dll
22:37:51.0758 3900 CscService - ok
22:37:51.0805 3900 CT20XUT (270dfada559691363a276478bab36b68) C:\Windows\system32\drivers\CT20XUT.SYS
22:37:51.0805 3900 CT20XUT - ok
22:37:51.0836 3900 CT20XUT.SYS (270dfada559691363a276478bab36b68) C:\Windows\System32\drivers\CT20XUT.SYS
22:37:51.0836 3900 CT20XUT.SYS - ok
22:37:51.0883 3900 ctac32k (34ac8a1dc4299a34ff06949011eb53ef) C:\Windows\system32\drivers\ctac32k.sys
22:37:51.0899 3900 ctac32k - ok
22:37:51.0961 3900 ctaud2k (bbe95f29eabc46371dadfacc586d420b) C:\Windows\system32\drivers\ctaud2k.sys
22:37:51.0961 3900 ctaud2k - ok
22:37:52.0055 3900 CTAUDFX (be7dcee4191c74156288b1d217350189) C:\Windows\system32\drivers\CTAUDFX.SYS
22:37:52.0055 3900 CTAUDFX - ok
22:37:52.0086 3900 CTAUDFX.SYS (be7dcee4191c74156288b1d217350189) C:\Windows\System32\drivers\CTAUDFX.SYS
22:37:52.0086 3900 CTAUDFX.SYS - ok
22:37:52.0117 3900 CTEAPSFX (e55f88b27498a4b5e17eac75425a7755) C:\Windows\system32\drivers\CTEAPSFX.SYS
22:37:52.0117 3900 CTEAPSFX - ok
22:37:52.0133 3900 CTEAPSFX.SYS (e55f88b27498a4b5e17eac75425a7755) C:\Windows\System32\drivers\CTEAPSFX.SYS
22:37:52.0133 3900 CTEAPSFX.SYS - ok
22:37:52.0180 3900 CTEDSPFX (6be4e4dcb76874765c55ecb1f474f7fd) C:\Windows\system32\drivers\CTEDSPFX.SYS
22:37:52.0180 3900 CTEDSPFX - ok
22:37:52.0195 3900 CTEDSPFX.SYS (6be4e4dcb76874765c55ecb1f474f7fd) C:\Windows\System32\drivers\CTEDSPFX.SYS
22:37:52.0195 3900 CTEDSPFX.SYS - ok
22:37:52.0242 3900 CTEDSPIO (1e7d07d669a2572b73006fede47e173f) C:\Windows\system32\drivers\CTEDSPIO.SYS
22:37:52.0242 3900 CTEDSPIO - ok
22:37:52.0258 3900 CTEDSPIO.SYS (1e7d07d669a2572b73006fede47e173f) C:\Windows\System32\drivers\CTEDSPIO.SYS
22:37:52.0258 3900 CTEDSPIO.SYS - ok
22:37:52.0304 3900 CTEDSPSY (b70dfa869ee0b63b9fa01b038c886640) C:\Windows\system32\drivers\CTEDSPSY.SYS
22:37:52.0320 3900 CTEDSPSY - ok
22:37:52.0336 3900 CTEDSPSY.SYS (b70dfa869ee0b63b9fa01b038c886640) C:\Windows\System32\drivers\CTEDSPSY.SYS
22:37:52.0336 3900 CTEDSPSY.SYS - ok
22:37:52.0382 3900 CTERFXFX (10bc33d886bcd3f0add4aab8051015c1) C:\Windows\system32\drivers\CTERFXFX.SYS
22:37:52.0382 3900 CTERFXFX - ok
22:37:52.0398 3900 CTERFXFX.SYS (10bc33d886bcd3f0add4aab8051015c1) C:\Windows\System32\drivers\CTERFXFX.SYS
22:37:52.0398 3900 CTERFXFX.SYS - ok
22:37:52.0460 3900 CTEXFIFX (6337bdb64b1b94fac817a6a9b83b5800) C:\Windows\system32\drivers\CTEXFIFX.SYS
22:37:52.0476 3900 CTEXFIFX - ok
22:37:52.0523 3900 CTEXFIFX.SYS (6337bdb64b1b94fac817a6a9b83b5800) C:\Windows\System32\drivers\CTEXFIFX.SYS
22:37:52.0523 3900 CTEXFIFX.SYS - ok
22:37:52.0585 3900 CTHWIUT (a6c62ae40fc06ea5dbcf82ac24f7ea4e) C:\Windows\system32\drivers\CTHWIUT.SYS
22:37:52.0585 3900 CTHWIUT - ok
22:37:52.0601 3900 CTHWIUT.SYS (a6c62ae40fc06ea5dbcf82ac24f7ea4e) C:\Windows\System32\drivers\CTHWIUT.SYS
22:37:52.0601 3900 CTHWIUT.SYS - ok
22:37:52.0648 3900 ctprxy2k (da5ea613e3e77e64d7191bb85675dc45) C:\Windows\system32\drivers\ctprxy2k.sys
22:37:52.0648 3900 ctprxy2k - ok
22:37:52.0694 3900 CTSBLFX (6ea007e24f959fc3cc342aee53838a38) C:\Windows\system32\drivers\CTSBLFX.SYS
22:37:52.0694 3900 CTSBLFX - ok
22:37:52.0726 3900 CTSBLFX.SYS (6ea007e24f959fc3cc342aee53838a38) C:\Windows\System32\drivers\CTSBLFX.SYS
22:37:52.0726 3900 CTSBLFX.SYS - ok
22:37:52.0772 3900 ctsfm2k (8cc0d8a826974a2fde2d24b2739ad177) C:\Windows\system32\drivers\ctsfm2k.sys
22:37:52.0788 3900 ctsfm2k - ok
22:37:52.0835 3900 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:37:52.0850 3900 DcomLaunch - ok
22:37:52.0897 3900 DELTAII (20a04d8077cccba1711070eb01f02afb) C:\Windows\system32\DRIVERS\deltaII.sys
22:37:52.0960 3900 DELTAII - ok
22:37:52.0975 3900 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:37:52.0991 3900 DfsC - ok
22:37:53.0069 3900 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
22:37:53.0100 3900 DFSR - ok
22:37:53.0162 3900 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
22:37:53.0162 3900 Dhcp - ok
22:37:53.0194 3900 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:37:53.0209 3900 disk - ok
22:37:53.0240 3900 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
22:37:53.0240 3900 Dnscache - ok
22:37:53.0287 3900 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
22:37:53.0287 3900 dot3svc - ok
22:37:53.0350 3900 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
22:37:53.0365 3900 Dot4 - ok
22:37:53.0396 3900 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:37:53.0396 3900 Dot4Print - ok
22:37:53.0428 3900 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
22:37:53.0428 3900 dot4usb - ok
22:37:53.0474 3900 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:37:53.0474 3900 DPS - ok
22:37:53.0521 3900 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:37:53.0521 3900 drmkaud - ok
22:37:53.0584 3900 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:37:53.0599 3900 DXGKrnl - ok
22:37:53.0662 3900 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:37:53.0662 3900 E1G60 - ok
22:37:53.0708 3900 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:37:53.0708 3900 EapHost - ok
22:37:53.0740 3900 easytether - ok
22:37:53.0786 3900 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:37:53.0802 3900 Ecache - ok
22:37:53.0802 3900 Scan interrupted by user!
22:37:53.0802 3900 Scan interrupted by user!
22:37:53.0802 3900 Scan interrupted by user!
22:37:53.0802 3900 ============================================================
22:37:53.0802 3900 Scan finished
22:37:53.0802 3900 ============================================================
22:37:53.0802 3424 Detected object count: 0
22:37:53.0802 3424 Actual detected object count: 0
22:38:41.0604 5288 ============================================================
22:38:41.0604 5288 Scan started
22:38:41.0604 5288 Mode: Manual;
22:38:41.0604 5288 ============================================================
22:38:41.0978 5288 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
22:38:41.0978 5288 ACPI - ok
22:38:42.0041 5288 Adobe LM Service (85ae7a3a151a9a12a87e029df3b1b3e3) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:38:42.0041 5288 Adobe LM Service - ok
22:38:42.0165 5288 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:38:42.0165 5288 AdobeARMservice - ok
22:38:42.0228 5288 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
22:38:42.0228 5288 adp94xx - ok
22:38:42.0275 5288 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
22:38:42.0275 5288 adpahci - ok
22:38:42.0321 5288 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
22:38:42.0321 5288 adpu160m - ok
22:38:42.0353 5288 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
22:38:42.0353 5288 adpu320 - ok
22:38:42.0415 5288 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:38:42.0415 5288 AeLookupSvc - ok
22:38:42.0462 5288 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
22:38:42.0462 5288 AFD - ok
22:38:42.0493 5288 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
22:38:42.0493 5288 agp440 - ok
22:38:42.0540 5288 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:38:42.0540 5288 aic78xx - ok
22:38:42.0571 5288 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:38:42.0571 5288 ALG - ok
22:38:42.0587 5288 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
22:38:42.0587 5288 aliide - ok
22:38:42.0618 5288 AMD External Events Utility (ebccbcbf1df132e4775e5d6e6dea3ed0) C:\Windows\system32\atiesrxx.exe
22:38:42.0618 5288 AMD External Events Utility - ok
22:38:42.0696 5288 AMD FUEL Service - ok
22:38:42.0758 5288 AMD Reservation Manager (9fe76d783a7d47965d086a220b54277b) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
22:38:42.0758 5288 AMD Reservation Manager - ok
22:38:42.0774 5288 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
22:38:42.0774 5288 amdagp - ok
22:38:42.0789 5288 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
22:38:42.0789 5288 amdide - ok
22:38:42.0821 5288 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
22:38:42.0821 5288 amdiox86 - ok
22:38:42.0852 5288 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
22:38:42.0852 5288 AmdK7 - ok
22:38:42.0867 5288 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
22:38:42.0867 5288 AmdK8 - ok
22:38:43.0070 5288 amdkmdag (f89643a2ca001b1162061e306f8bf267) C:\Windows\system32\DRIVERS\atikmdag.sys
22:38:43.0133 5288 amdkmdag - ok
22:38:43.0242 5288 amdkmdap (fb68e1b9cec598f0f69503f3aebb45dd) C:\Windows\system32\DRIVERS\atikmpag.sys
22:38:43.0242 5288 amdkmdap - ok
22:38:43.0289 5288 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:38:43.0289 5288 Appinfo - ok
22:38:43.0382 5288 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:38:43.0382 5288 Apple Mobile Device - ok
22:38:43.0413 5288 AppMgmt (0fe769cae5855b53c90e23f85e7e89ff) C:\Windows\System32\appmgmts.dll
22:38:43.0413 5288 AppMgmt - ok
22:38:43.0445 5288 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
22:38:43.0445 5288 arc - ok
22:38:43.0476 5288 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
22:38:43.0476 5288 arcsas - ok
22:38:43.0523 5288 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:38:43.0523 5288 AsyncMac - ok
22:38:43.0554 5288 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
22:38:43.0554 5288 atapi - ok
22:38:43.0585 5288 AtiHDAudioService (0c3c2e9136397e1aaa9033dcae25ced2) C:\Windows\system32\drivers\AtihdLH3.sys
22:38:43.0585 5288 AtiHDAudioService - ok
22:38:43.0632 5288 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:38:43.0632 5288 AudioEndpointBuilder - ok
22:38:43.0632 5288 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
22:38:43.0647 5288 Audiosrv - ok
22:38:43.0819 5288 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
22:38:43.0850 5288 AVGIDSAgent - ok
22:38:43.0975 5288 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
22:38:43.0975 5288 AVGIDSDriver - ok
22:38:44.0022 5288 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
22:38:44.0022 5288 AVGIDSEH - ok
22:38:44.0069 5288 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
22:38:44.0069 5288 AVGIDSFilter - ok
22:38:44.0100 5288 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
22:38:44.0100 5288 AVGIDSShim - ok
22:38:44.0131 5288 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
22:38:44.0131 5288 Avgldx86 - ok
22:38:44.0162 5288 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
22:38:44.0162 5288 Avgmfx86 - ok
22:38:44.0209 5288 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
22:38:44.0209 5288 Avgrkx86 - ok
22:38:44.0240 5288 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
22:38:44.0256 5288 Avgtdix - ok
22:38:44.0334 5288 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
22:38:44.0334 5288 avgwd - ok
22:38:44.0412 5288 BBSvc (66e66fd5a83c8bbfb791d14246d84015) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
22:38:44.0412 5288 BBSvc - ok
22:38:44.0459 5288 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:38:44.0459 5288 Beep - ok
22:38:44.0505 5288 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
22:38:44.0505 5288 BFE - ok
22:38:44.0552 5288 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
22:38:44.0568 5288 BITS - ok
22:38:44.0583 5288 blbdrive - ok
22:38:44.0630 5288 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:38:44.0630 5288 Bonjour Service - ok
22:38:44.0677 5288 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
22:38:44.0677 5288 bowser - ok
22:38:44.0708 5288 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:38:44.0708 5288 BrFiltLo - ok
22:38:44.0739 5288 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:38:44.0739 5288 BrFiltUp - ok
22:38:44.0786 5288 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:38:44.0786 5288 Browser - ok
22:38:44.0802 5288 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:38:44.0802 5288 Brserid - ok
22:38:44.0817 5288 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:38:44.0817 5288 BrSerWdm - ok
22:38:44.0833 5288 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:38:44.0833 5288 BrUsbMdm - ok
22:38:44.0849 5288 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:38:44.0864 5288 BrUsbSer - ok
22:38:44.0880 5288 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:38:44.0880 5288 BTHMODEM - ok
22:38:44.0927 5288 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\Windows\system32\drivers\BVRPMPR5.SYS
22:38:44.0927 5288 BVRPMPR5 - ok
22:38:45.0020 5288 catchme - ok
22:38:45.0067 5288 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:38:45.0067 5288 cdfs - ok
22:38:45.0098 5288 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
22:38:45.0098 5288 cdrom - ok
22:38:45.0161 5288 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:38:45.0161 5288 CertPropSvc - ok
22:38:45.0176 5288 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
22:38:45.0176 5288 circlass - ok
22:38:45.0207 5288 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
22:38:45.0207 5288 CLFS - ok
22:38:45.0270 5288 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:38:45.0270 5288 clr_optimization_v2.0.50727_32 - ok
22:38:45.0332 5288 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:38:45.0348 5288 clr_optimization_v4.0.30319_32 - ok
22:38:45.0363 5288 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
22:38:45.0363 5288 cmdide - ok
22:38:45.0410 5288 COMMONFX (334d77efc9f3d22dee021a9bb3f4e13e) C:\Windows\system32\drivers\COMMONFX.SYS
22:38:45.0410 5288 COMMONFX - ok
22:38:45.0426 5288 COMMONFX.SYS (334d77efc9f3d22dee021a9bb3f4e13e) C:\Windows\System32\drivers\COMMONFX.SYS
22:38:45.0426 5288 COMMONFX.SYS - ok
22:38:45.0441 5288 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
22:38:45.0441 5288 Compbatt - ok
22:38:45.0457 5288 COMSysApp - ok
22:38:45.0473 5288 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
22:38:45.0488 5288 crcdisk - ok
22:38:45.0504 5288 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
22:38:45.0504 5288 Crusoe - ok
22:38:45.0535 5288 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
22:38:45.0535 5288 CryptSvc - ok
22:38:45.0566 5288 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
22:38:45.0566 5288 CSC - ok
22:38:45.0613 5288 CscService (0a2095f92f6ae4fe6484d911b0c21e95) C:\Windows\System32\cscsvc.dll
22:38:45.0613 5288 CscService - ok
22:38:45.0660 5288 CT20XUT (270dfada559691363a276478bab36b68) C:\Windows\system32\drivers\CT20XUT.SYS
22:38:45.0660 5288 CT20XUT - ok
22:38:45.0675 5288 CT20XUT.SYS (270dfada559691363a276478bab36b68) C:\Windows\System32\drivers\CT20XUT.SYS
22:38:45.0675 5288 CT20XUT.SYS - ok
22:38:45.0738 5288 ctac32k (34ac8a1dc4299a34ff06949011eb53ef) C:\Windows\system32\drivers\ctac32k.sys
22:38:45.0738 5288 ctac32k - ok
22:38:45.0800 5288 ctaud2k (bbe95f29eabc46371dadfacc586d420b) C:\Windows\system32\drivers\ctaud2k.sys
22:38:45.0800 5288 ctaud2k - ok
22:38:45.0847 5288 CTAUDFX (be7dcee4191c74156288b1d217350189) C:\Windows\system32\drivers\CTAUDFX.SYS
22:38:45.0847 5288 CTAUDFX - ok
22:38:45.0878 5288 CTAUDFX.SYS (be7dcee4191c74156288b1d217350189) C:\Windows\System32\drivers\CTAUDFX.SYS
22:38:45.0878 5288 CTAUDFX.SYS - ok
22:38:45.0909 5288 CTEAPSFX (e55f88b27498a4b5e17eac75425a7755) C:\Windows\system32\drivers\CTEAPSFX.SYS
22:38:45.0925 5288 CTEAPSFX - ok
22:38:45.0941 5288 CTEAPSFX.SYS (e55f88b27498a4b5e17eac75425a7755) C:\Windows\System32\drivers\CTEAPSFX.SYS
22:38:45.0941 5288 CTEAPSFX.SYS - ok
22:38:45.0972 5288 CTEDSPFX (6be4e4dcb76874765c55ecb1f474f7fd) C:\Windows\system32\drivers\CTEDSPFX.SYS
22:38:45.0987 5288 CTEDSPFX - ok
22:38:46.0003 5288 CTEDSPFX.SYS (6be4e4dcb76874765c55ecb1f474f7fd) C:\Windows\System32\drivers\CTEDSPFX.SYS
22:38:46.0003 5288 CTEDSPFX.SYS - ok
22:38:46.0050 5288 CTEDSPIO (1e7d07d669a2572b73006fede47e173f) C:\Windows\system32\drivers\CTEDSPIO.SYS
22:38:46.0050 5288 CTEDSPIO - ok
22:38:46.0065 5288 CTEDSPIO.SYS (1e7d07d669a2572b73006fede47e173f) C:\Windows\System32\drivers\CTEDSPIO.SYS
22:38:46.0065 5288 CTEDSPIO.SYS - ok
22:38:46.0112 5288 CTEDSPSY (b70dfa869ee0b63b9fa01b038c886640) C:\Windows\system32\drivers\CTEDSPSY.SYS
22:38:46.0112 5288 CTEDSPSY - ok
22:38:46.0128 5288 CTEDSPSY.SYS (b70dfa869ee0b63b9fa01b038c886640) C:\Windows\System32\drivers\CTEDSPSY.SYS
22:38:46.0128 5288 CTEDSPSY.SYS - ok
22:38:46.0175 5288 CTERFXFX (10bc33d886bcd3f0add4aab8051015c1) C:\Windows\system32\drivers\CTERFXFX.SYS
22:38:46.0175 5288 CTERFXFX - ok
22:38:46.0190 5288 CTERFXFX.SYS (10bc33d886bcd3f0add4aab8051015c1) C:\Windows\System32\drivers\CTERFXFX.SYS
22:38:46.0190 5288 CTERFXFX.SYS - ok
22:38:46.0253 5288 CTEXFIFX (6337bdb64b1b94fac817a6a9b83b5800) C:\Windows\system32\drivers\CTEXFIFX.SYS
22:38:46.0268 5288 CTEXFIFX - ok
22:38:46.0299 5288 CTEXFIFX.SYS (6337bdb64b1b94fac817a6a9b83b5800) C:\Windows\System32\drivers\CTEXFIFX.SYS
22:38:46.0315 5288 CTEXFIFX.SYS - ok
22:38:46.0346 5288 CTHWIUT (a6c62ae40fc06ea5dbcf82ac24f7ea4e) C:\Windows\system32\drivers\CTHWIUT.SYS
22:38:46.0346 5288 CTHWIUT - ok
22:38:46.0362 5288 CTHWIUT.SYS (a6c62ae40fc06ea5dbcf82ac24f7ea4e) C:\Windows\System32\drivers\CTHWIUT.SYS
22:38:46.0362 5288 CTHWIUT.SYS - ok
22:38:46.0409 5288 ctprxy2k (da5ea613e3e77e64d7191bb85675dc45) C:\Windows\system32\drivers\ctprxy2k.sys
22:38:46.0409 5288 ctprxy2k - ok
22:38:46.0455 5288 CTSBLFX (6ea007e24f959fc3cc342aee53838a38) C:\Windows\system32\drivers\CTSBLFX.SYS
22:38:46.0455 5288 CTSBLFX - ok
22:38:46.0471 5288 CTSBLFX.SYS (6ea007e24f959fc3cc342aee53838a38) C:\Windows\System32\drivers\CTSBLFX.SYS
22:38:46.0487 5288 CTSBLFX.SYS - ok
22:38:46.0518 5288 ctsfm2k (8cc0d8a826974a2fde2d24b2739ad177) C:\Windows\system32\drivers\ctsfm2k.sys
22:38:46.0518 5288 ctsfm2k - ok
22:38:46.0580 5288 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:38:46.0580 5288 DcomLaunch - ok
22:38:46.0643 5288 DELTAII (20a04d8077cccba1711070eb01f02afb) C:\Windows\system32\DRIVERS\deltaII.sys
22:38:46.0643 5288 DELTAII - ok
22:38:46.0674 5288 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
22:38:46.0674 5288 DfsC - ok
22:38:46.0736 5288 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
22:38:46.0752 5288 DFSR - ok
22:38:46.0799 5288 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
22:38:46.0799 5288 Dhcp - ok
22:38:46.0830 5288 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
22:38:46.0845 5288 disk - ok
22:38:46.0877 5288 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
22:38:46.0877 5288 Dnscache - ok
22:38:46.0908 5288 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
22:38:46.0908 5288 dot3svc - ok
22:38:46.0955 5288 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
22:38:46.0955 5288 Dot4 - ok
22:38:46.0986 5288 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:38:46.0986 5288 Dot4Print - ok
22:38:47.0017 5288 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
22:38:47.0017 5288 dot4usb - ok
22:38:47.0064 5288 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:38:47.0064 5288 DPS - ok
22:38:47.0111 5288 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:38:47.0111 5288 drmkaud - ok
22:38:47.0157 5288 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
22:38:47.0173 5288 DXGKrnl - ok
22:38:47.0220 5288 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:38:47.0220 5288 E1G60 - ok
22:38:47.0251 5288 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:38:47.0251 5288 EapHost - ok
22:38:47.0267 5288 easytether - ok
22:38:47.0313 5288 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
22:38:47.0313 5288 Ecache - ok
22:38:47.0376 5288 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
22:38:47.0376 5288 ehRecvr - ok
22:38:47.0407 5288 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
22:38:47.0407 5288 ehSched - ok
22:38:47.0407 5288 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
22:38:47.0407 5288 ehstart - ok
22:38:47.0438 5288 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
22:38:47.0438 5288 elxstor - ok
22:38:47.0516 5288 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
22:38:47.0532 5288 EMDMgmt - ok
22:38:47.0594 5288 emupia (dcf87151c15f56b4ecea370e94ca1297) C:\Windows\system32\drivers\emupia2k.sys
22:38:47.0594 5288 emupia - ok
22:38:47.0688 5288 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
22:38:47.0688 5288 EventSystem - ok
22:38:47.0735 5288 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
22:38:47.0750 5288 exfat - ok
22:38:47.0781 5288 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
22:38:47.0797 5288 fastfat - ok
22:38:47.0828 5288 Fax (dfba0f60fa301e5b1bfb1403a93ee23e) C:\Windows\system32\fxssvc.exe
22:38:47.0844 5288 Fax - ok
22:38:47.0891 5288 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
22:38:47.0891 5288 fdc - ok
22:38:47.0922 5288 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
22:38:47.0937 5288 fdPHost - ok
22:38:47.0969 5288 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
22:38:47.0969 5288 FDResPub - ok
22:38:48.0015 5288 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:38:48.0015 5288 FileInfo - ok
22:38:48.0062 5288 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:38:48.0062 5288 Filetrace - ok
22:38:48.0093 5288 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
22:38:48.0093 5288 flpydisk - ok
22:38:48.0140 5288 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
22:38:48.0140 5288 FltMgr - ok
22:38:48.0203 5288 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
22:38:48.0218 5288 FontCache - ok
22:38:48.0296 5288 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:38:48.0296 5288 FontCache3.0.0.0 - ok
22:38:48.0343 5288 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
22:38:48.0359 5288 fssfltr - ok
22:38:48.0468 5288 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
22:38:48.0483 5288 fsssvc - ok
22:38:48.0530 5288 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
22:38:48.0546 5288 FsUsbExDisk - ok
22:38:48.0608 5288 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:38:48.0608 5288 Fs_Rec - ok
22:38:48.0639 5288 fvevol (fecf4c2e42440a8d132bf94eee3c3fc9) C:\Windows\system32\DRIVERS\fvevol.sys
22:38:48.0639 5288 fvevol - ok
22:38:48.0686 5288 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
22:38:48.0686 5288 gagp30kx - ok
22:38:48.0733 5288 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\drivers\gearaspiwdm.sys
22:38:48.0733 5288 GearAspiWDM - ok
22:38:48.0780 5288 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
22:38:48.0795 5288 gpsvc - ok
22:38:48.0858 5288 ha10kx2k (36322cd973a20f189422bc25562142d7) C:\Windows\system32\drivers\ha10kx2k.sys
22:38:48.0873 5288 ha10kx2k - ok
22:38:48.0905 5288 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
22:38:48.0905 5288 HdAudAddService - ok
22:38:48.0967 5288 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:38:48.0967 5288 HDAudBus - ok
22:38:48.0998 5288 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:38:48.0998 5288 HidBth - ok
22:38:49.0029 5288 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:38:49.0029 5288 HidIr - ok
22:38:49.0076 5288 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
22:38:49.0076 5288 hidserv - ok
22:38:49.0123 5288 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
22:38:49.0123 5288 HidUsb - ok
22:38:49.0154 5288 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
22:38:49.0170 5288 hkmsvc - ok
22:38:49.0185 5288 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
22:38:49.0185 5288 HpCISSs - ok
22:38:49.0326 5288 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:38:49.0326 5288 hpqcxs08 - ok
22:38:49.0373 5288 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:38:49.0373 5288 hpqddsvc - ok
22:38:49.0435 5288 HSF_DP (88749fbf8beb18c90e7d6626c8c1910b) C:\Windows\system32\DRIVERS\HSX_DP.sys
22:38:49.0435 5288 HSF_DP - ok
22:38:49.0497 5288 HSXHWBS2 (fe440536bd98af772130dc3a6fe1915f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
22:38:49.0497 5288 HSXHWBS2 - ok
22:38:49.0560 5288 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
22:38:49.0560 5288 HTTP - ok
22:38:49.0685 5288 hugoio (7deccb2612255f4b538976ad25da0d29) C:\Program Files\i-Menu\hugoio.sys
22:38:49.0685 5288 hugoio - ok
22:38:49.0716 5288 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
22:38:49.0716 5288 i2omp - ok
22:38:49.0763 5288 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:38:49.0763 5288 i8042prt - ok
22:38:49.0794 5288 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
22:38:49.0794 5288 iaStorV - ok
22:38:49.0856 5288 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:38:49.0872 5288 idsvc - ok
22:38:49.0903 5288 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:38:49.0903 5288 iirsp - ok
22:38:49.0950 5288 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
22:38:49.0965 5288 IKEEXT - ok
22:38:49.0997 5288 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
22:38:49.0997 5288 intelide - ok
22:38:50.0012 5288 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
22:38:50.0012 5288 intelppm - ok
22:38:50.0043 5288 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
22:38:50.0059 5288 IPBusEnum - ok
22:38:50.0090 5288 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:38:50.0090 5288 IpFilterDriver - ok
22:38:50.0121 5288 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
22:38:50.0137 5288 iphlpsvc - ok
22:38:50.0153 5288 IpInIp - ok
22:38:50.0168 5288 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
22:38:50.0168 5288 IPMIDRV - ok
22:38:50.0215 5288 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:38:50.0215 5288 IPNAT - ok
22:38:50.0293 5288 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Program Files\iPod\bin\iPodService.exe
22:38:50.0293 5288 iPod Service - ok
22:38:50.0340 5288 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:38:50.0340 5288 IRENUM - ok
22:38:50.0355 5288 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
22:38:50.0355 5288 isapnp - ok
22:38:50.0402 5288 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
22:38:50.0418 5288 iScsiPrt - ok
22:38:50.0433 5288 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:38:50.0433 5288 iteatapi - ok
22:38:50.0449 5288 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:38:50.0449 5288 iteraid - ok
22:38:50.0496 5288 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:38:50.0496 5288 kbdclass - ok
22:38:50.0543 5288 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
22:38:50.0543 5288 kbdhid - ok
22:38:50.0574 5288 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:38:50.0574 5288 KeyIso - ok
22:38:50.0605 5288 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
22:38:50.0621 5288 KSecDD - ok
22:38:50.0667 5288 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
22:38:50.0667 5288 KtmRm - ok
22:38:50.0730 5288 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
22:38:50.0745 5288 LanmanServer - ok
22:38:50.0792 5288 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
22:38:50.0792 5288 LanmanWorkstation - ok
22:38:50.0901 5288 LightScribeService (dfeff67508d3a9aeb1a85d7b0f513b24) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:38:50.0901 5288 LightScribeService - ok
22:38:50.0948 5288 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:38:50.0948 5288 lltdio - ok
22:38:50.0995 5288 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
22:38:50.0995 5288 lltdsvc - ok
22:38:51.0042 5288 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
22:38:51.0057 5288 lmhosts - ok
22:38:51.0089 5288 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
22:38:51.0089 5288 LSI_FC - ok
22:38:51.0104 5288 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
22:38:51.0120 5288 LSI_SAS - ok
22:38:51.0120 5288 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
22:38:51.0135 5288 LSI_SCSI - ok
22:38:51.0167 5288 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:38:51.0167 5288 luafv - ok
22:38:51.0276 5288 lxdoCATSCustConnectService (51836e7cf12f174527a6a6232ff3767b) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdoserv.exe
22:38:51.0276 5288 lxdoCATSCustConnectService - ok
22:38:51.0291 5288 lxdo_device - ok
22:38:51.0354 5288 MAFWPROFIRE (314f856c0e56d74919e3916056a2f6fb) C:\Windows\system32\DRIVERS\MAudioProFire.sys
22:38:51.0354 5288 MAFWPROFIRE - ok
22:38:51.0385 5288 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
22:38:51.0401 5288 Mcx2Svc - ok
22:38:51.0432 5288 MDC8021X (d7010580bf4e45d5e793a1fe75758c69) C:\Windows\system32\DRIVERS\mdc8021x.sys
22:38:51.0432 5288 MDC8021X - ok
22:38:51.0479 5288 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:38:51.0479 5288 mdmxsdk - ok
22:38:51.0541 5288 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
22:38:51.0541 5288 megasas - ok
22:38:51.0572 5288 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:38:51.0572 5288 MMCSS - ok
22:38:51.0619 5288 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:38:51.0619 5288 Modem - ok
22:38:51.0650 5288 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:38:51.0650 5288 monitor - ok
22:38:51.0697 5288 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:38:51.0697 5288 mouclass - ok
22:38:51.0728 5288 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:38:51.0728 5288 mouhid - ok
22:38:51.0759 5288 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:38:51.0759 5288 MountMgr - ok
22:38:51.0822 5288 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
22:38:51.0822 5288 MpFilter - ok
22:38:51.0837 5288 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
22:38:51.0837 5288 mpio - ok
22:38:51.0947 5288 MpKsl63fd9c11 (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AF332FA-2AFF-49A4-8A60-D6083D46599E}\MpKsl63fd9c11.sys
22:38:51.0947 5288 MpKsl63fd9c11 - ok
22:38:51.0978 5288 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:38:51.0978 5288 MpNWMon - ok
22:38:52.0009 5288 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:38:52.0009 5288 mpsdrv - ok
22:38:52.0056 5288 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
22:38:52.0071 5288 MpsSvc - ok
22:38:52.0087 5288 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:38:52.0087 5288 Mraid35x - ok
22:38:52.0134 5288 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
22:38:52.0134 5288 MRxDAV - ok
22:38:52.0165 5288 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:38:52.0181 5288 mrxsmb - ok
22:38:52.0243 5288 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:38:52.0243 5288 mrxsmb10 - ok
22:38:52.0259 5288 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:38:52.0274 5288 mrxsmb20 - ok
22:38:52.0290 5288 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
22:38:52.0290 5288 msahci - ok
22:38:52.0321 5288 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
22:38:52.0321 5288 msdsm - ok
22:38:52.0368 5288 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
22:38:52.0368 5288 MSDTC - ok
22:38:52.0430 5288 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:38:52.0430 5288 Msfs - ok
22:38:52.0461 5288 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:38:52.0461 5288 msisadrv - ok
22:38:52.0524 5288 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
22:38:52.0524 5288 MSiSCSI - ok
22:38:52.0539 5288 msiserver - ok
22:38:52.0586 5288 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:38:52.0602 5288 MSKSSRV - ok
22:38:52.0680 5288 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
22:38:52.0680 5288 MsMpSvc - ok
22:38:52.0711 5288 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:38:52.0727 5288 MSPCLOCK - ok
22:38:52.0742 5288 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:38:52.0742 5288 MSPQM - ok
22:38:52.0820 5288 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
22:38:52.0836 5288 MsRPC - ok
22:38:52.0883 5288 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:38:52.0883 5288 mssmbios - ok
22:38:52.0898 5288 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:38:52.0898 5288 MSTEE - ok
22:38:52.0945 5288 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
22:38:52.0945 5288 Mup - ok
22:38:52.0992 5288 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
22:38:53.0007 5288 napagent - ok
22:38:53.0070 5288 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
22:38:53.0085 5288 NativeWifiP - ok
22:38:53.0132 5288 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
22:38:53.0132 5288 NDIS - ok
22:38:53.0304 5288 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:38:53.0319 5288 NdisTapi - ok
22:38:53.0351 5288 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:38:53.0351 5288 Ndisuio - ok
22:38:53.0397 5288 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:38:53.0397 5288 NdisWan - ok
22:38:53.0460 5288 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:38:53.0460 5288 NDProxy - ok
22:38:53.0522 5288 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
22:38:53.0522 5288 Net Driver HPZ12 - ok
22:38:53.0553 5288 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:38:53.0553 5288 NetBIOS - ok
22:38:53.0585 5288 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
22:38:53.0600 5288 netbt - ok
22:38:53.0631 5288 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:38:53.0631 5288 Netlogon - ok
22:38:53.0678 5288 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
22:38:53.0694 5288 Netman - ok
22:38:53.0741 5288 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
22:38:53.0756 5288 netprofm - ok
22:38:53.0803 5288 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:38:53.0819 5288 NetTcpPortSharing - ok
22:38:53.0850 5288 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:38:53.0850 5288 nfrd960 - ok
22:38:53.0928 5288 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:38:53.0928 5288 NisDrv - ok
22:38:54.0177 5288 NisSrv (a5cb074f34bbd89948e34a630d459c0c) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
22:38:54.0177 5288 NisSrv - ok
22:38:54.0209 5288 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
22:38:54.0224 5288 NlaSvc - ok
22:38:54.0271 5288 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
22:38:54.0271 5288 Npfs - ok
22:38:54.0302 5288 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
22:38:54.0302 5288 nsi - ok
22:38:54.0349 5288 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:38:54.0349 5288 nsiproxy - ok
22:38:54.0427 5288 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
22:38:54.0443 5288 Ntfs - ok
22:38:54.0489 5288 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:38:54.0489 5288 ntrigdigi - ok
22:38:54.0505 5288 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:38:54.0505 5288 Null - ok
22:38:54.0567 5288 NVENETFD (d958a2b5f6ad5c3b8ccdc4d7da62466c) C:\Windows\system32\DRIVERS\nvmfdx32.sys
22:38:54.0583 5288 NVENETFD - ok
22:38:55.0254 5288 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:38:55.0316 5288 nvlddmkm - ok
22:38:55.0441 5288 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
22:38:55.0441 5288 nvraid - ok
22:38:55.0472 5288 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
22:38:55.0472 5288 nvstor - ok
22:38:55.0519 5288 nvstor32 (7eba6c9a0a295b1559efb9062e701218) C:\Windows\system32\DRIVERS\nvstor32.sys
22:38:55.0519 5288 nvstor32 - ok
22:38:55.0566 5288 nvsvc (4ed813efd77a9b7e57e341cdc1c5cbc4) C:\Windows\system32\nvvsvc.exe
22:38:55.0566 5288 nvsvc - ok
22:38:55.0597 5288 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
22:38:55.0597 5288 nv_agp - ok
22:38:55.0597 5288 NwlnkFlt - ok
22:38:55.0628 5288 NwlnkFwd - ok
22:38:55.0675 5288 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
22:38:55.0675 5288 ohci1394 - ok
22:38:55.0737 5288 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:38:55.0737 5288 ose - ok
22:38:55.0784 5288 ossrv (f8f7fe5d67c47c2f1016f7a139e0f664) C:\Windows\system32\drivers\ctoss2k.sys
22:38:55.0784 5288 ossrv - ok
22:38:55.0831 5288 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:38:55.0847 5288 p2pimsvc - ok
22:38:55.0862 5288 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:38:55.0878 5288 p2psvc - ok
22:38:55.0893 5288 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
22:38:55.0893 5288 Parport - ok
22:38:55.0940 5288 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
22:38:55.0956 5288 partmgr - ok
22:38:55.0987 5288 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
22:38:55.0987 5288 Parvdm - ok
22:38:56.0018 5288 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
22:38:56.0034 5288 PcaSvc - ok
22:38:56.0065 5288 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
22:38:56.0065 5288 pci - ok
22:38:56.0096 5288 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
22:38:56.0096 5288 pciide - ok
22:38:56.0127 5288 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:38:56.0127 5288 pcmcia - ok
22:38:56.0174 5288 PCTINDIS5 (7e0f42201e8948315998fcdb0d97f519) C:\Windows\system32\PCTINDIS5.SYS
22:38:56.0174 5288 PCTINDIS5 - ok
22:38:56.0221 5288 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:38:56.0237 5288 PEAUTH - ok
22:38:56.0283 5288 PfModNT (28157deb9473631ba94fe9965b5e0050) C:\Windows\system32\drivers\PfModNT.sys
22:38:56.0283 5288 PfModNT - ok
22:38:56.0377 5288 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
22:38:56.0408 5288 pla - ok
22:38:56.0439 5288 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
22:38:56.0455 5288 PlugPlay - ok
22:38:56.0502 5288 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
22:38:56.0517 5288 Pml Driver HPZ12 - ok
22:38:56.0564 5288 pneteth (088335b06f75adbcbb81575c7cae6c43) C:\Windows\system32\DRIVERS\pneteth.sys
22:38:56.0564 5288 pneteth - ok
22:38:56.0627 5288 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:38:56.0627 5288 PNRPAutoReg - ok
22:38:56.0642 5288 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
22:38:56.0658 5288 PNRPsvc - ok
22:38:56.0720 5288 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
22:38:56.0720 5288 PolicyAgent - ok
22:38:56.0767 5288 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:38:56.0767 5288 PptpMiniport - ok
22:38:56.0798 5288 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
22:38:56.0798 5288 Processor - ok
22:38:56.0845 5288 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
22:38:56.0861 5288 ProfSvc - ok
22:38:56.0892 5288 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:38:56.0892 5288 ProtectedStorage - ok
22:38:56.0939 5288 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys
22:38:56.0939 5288 Ps2 - ok
22:38:56.0985 5288 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
22:38:56.0985 5288 PSched - ok
22:38:57.0032 5288 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
22:38:57.0032 5288 PxHelp20 - ok
22:38:57.0079 5288 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
22:38:57.0079 5288 ql2300 - ok
22:38:57.0110 5288 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:38:57.0110 5288 ql40xx - ok
22:38:57.0141 5288 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
22:38:57.0157 5288 QWAVE - ok
22:38:57.0188 5288 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:38:57.0188 5288 QWAVEdrv - ok
22:38:57.0251 5288 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:38:57.0251 5288 RasAcd - ok
22:38:57.0297 5288 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
22:38:57.0297 5288 RasAuto - ok
22:38:57.0344 5288 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:38:57.0344 5288 Rasl2tp - ok
22:38:57.0407 5288 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
22:38:57.0407 5288 RasMan - ok
22:38:57.0469 5288 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
22:38:57.0469 5288 RasPppoe - ok
22:38:57.0500 5288 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
22:38:57.0516 5288 RasSstp - ok
22:38:57.0547 5288 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
22:38:57.0563 5288 rdbss - ok
22:38:57.0578 5288 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:38:57.0578 5288 RDPCDD - ok
22:38:57.0641 5288 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
22:38:57.0641 5288 rdpdr - ok
22:38:57.0656 5288 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:38:57.0656 5288 RDPENCDD - ok
22:38:57.0703 5288 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
22:38:57.0703 5288 RDPWD - ok
22:38:57.0750 5288 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
22:38:57.0750 5288 RemoteAccess - ok
22:38:57.0781 5288 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
22:38:57.0797 5288 RemoteRegistry - ok
22:38:57.0828 5288 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
22:38:57.0843 5288 RpcLocator - ok
22:38:57.0890 5288 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
22:38:57.0906 5288 RpcSs - ok
22:38:57.0937 5288 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:38:57.0937 5288 rspndr - ok
22:38:57.0984 5288 RTSTOR (52532a4ca8b251775decc87c4813abfb) C:\Windows\system32\drivers\RTSTOR.SYS
22:38:57.0984 5288 RTSTOR - ok
22:38:57.0999 5288 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
22:38:57.0999 5288 SamSs - ok
22:38:58.0046 5288 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:38:58.0046 5288 sbp2port - ok
22:38:58.0077 5288 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
22:38:58.0077 5288 SCardSvr - ok
22:38:58.0140 5288 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
22:38:58.0155 5288 Schedule - ok
22:38:58.0202 5288 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
22:38:58.0202 5288 SCPolicySvc - ok
22:38:58.0265 5288 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
22:38:58.0265 5288 SDRSVC - ok
22:38:58.0389 5288 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
22:38:58.0389 5288 SeaPort - ok
22:38:58.0436 5288 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:38:58.0436 5288 secdrv - ok
22:38:58.0483 5288 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
22:38:58.0483 5288 seclogon - ok
22:38:58.0499 5288 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
22:38:58.0499 5288 SENS - ok
22:38:58.0530 5288 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
22:38:58.0530 5288 Serenum - ok
22:38:58.0561 5288 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
22:38:58.0561 5288 Serial - ok
22:38:58.0592 5288 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:38:58.0592 5288 sermouse - ok
22:38:58.0670 5288 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
22:38:58.0670 5288 SessionEnv - ok
22:38:58.0701 5288 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
22:38:58.0701 5288 sffdisk - ok
22:38:58.0733 5288 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
22:38:58.0733 5288 sffp_mmc - ok
22:38:58.0764 5288 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
22:38:58.0764 5288 sffp_sd - ok
22:38:58.0795 5288 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:38:58.0795 5288 sfloppy - ok
22:38:58.0826 5288 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
22:38:58.0826 5288 SharedAccess - ok
22:38:58.0889 5288 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
22:38:58.0904 5288 ShellHWDetection - ok
22:38:58.0935 5288 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
22:38:58.0935 5288 sisagp - ok
22:38:58.0951 5288 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
22:38:58.0951 5288 SiSRaid2 - ok
22:38:58.0982 5288 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
22:38:58.0982 5288 SiSRaid4 - ok
22:38:59.0091 5288 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
22:38:59.0123 5288 slsvc - ok
22:38:59.0169 5288 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
22:38:59.0185 5288 SLUINotify - ok
22:38:59.0232 5288 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
22:38:59.0232 5288 Smb - ok
22:38:59.0310 5288 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
22:38:59.0310 5288 SNMPTRAP - ok
22:38:59.0341 5288 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:38:59.0341 5288 spldr - ok
22:38:59.0388 5288 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
22:38:59.0403 5288 Spooler - ok
22:38:59.0466 5288 sptd (71e276f6d189413266ea22171806597b) C:\Windows\System32\Drivers\sptd.sys
22:38:59.0466 5288 sptd - ok
22:38:59.0528 5288 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
22:38:59.0544 5288 srv - ok
22:38:59.0575 5288 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
22:38:59.0575 5288 srv2 - ok
22:38:59.0606 5288 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
22:38:59.0606 5288 srvnet - ok
22:38:59.0684 5288 ssadbus (0b565af603eea1df046ff980ac54ec6d) C:\Windows\system32\DRIVERS\ssadbus.sys
22:38:59.0684 5288 ssadbus - ok
22:38:59.0731 5288 ssadmdfl (080766dfc1cc8d36c28b4003673c8cb0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
22:38:59.0731 5288 ssadmdfl - ok
22:38:59.0778 5288 ssadmdm (e83b435413580a8707ed8070072c0da2) C:\Windows\system32\DRIVERS\ssadmdm.sys
22:38:59.0778 5288 ssadmdm - ok
22:38:59.0856 5288 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
22:38:59.0856 5288 SSDPSRV - ok
22:38:59.0903 5288 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
22:38:59.0903 5288 SstpSvc - ok
22:38:59.0981 5288 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
22:38:59.0996 5288 stisvc - ok
22:39:00.0074 5288 stllssvr (e5ff667e416dac99bff16b626234a379) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:39:00.0074 5288 stllssvr - ok
22:39:00.0137 5288 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:39:00.0137 5288 swenum - ok
22:39:00.0199 5288 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
22:39:00.0199 5288 swprv - ok
22:39:00.0230 5288 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:39:00.0230 5288 Symc8xx - ok
22:39:00.0261 5288 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:39:00.0261 5288 Sym_hi - ok
22:39:00.0293 5288 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:39:00.0293 5288 Sym_u3 - ok
22:39:00.0339 5288 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
22:39:00.0339 5288 SysMain - ok
22:39:00.0386 5288 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
22:39:00.0386 5288 TabletInputService - ok
22:39:00.0433 5288 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
22:39:00.0449 5288 TapiSrv - ok
22:39:00.0480 5288 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
22:39:00.0480 5288 TBS - ok
22:39:00.0527 5288 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
22:39:00.0542 5288 Tcpip - ok
22:39:00.0573 5288 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
22:39:00.0573 5288 Tcpip6 - ok
22:39:00.0636 5288 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
22:39:00.0636 5288 tcpipreg - ok
22:39:00.0683 5288 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:39:00.0683 5288 TDPIPE - ok
22:39:00.0714 5288 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:39:00.0714 5288 TDTCP - ok
22:39:00.0745 5288 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
22:39:00.0761 5288 tdx - ok
22:39:00.0792 5288 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
22:39:00.0792 5288 TermDD - ok
22:39:00.0839 5288 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
22:39:00.0854 5288 TermService - ok
22:39:00.0901 5288 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
22:39:00.0901 5288 Themes - ok
22:39:00.0932 5288 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:39:00.0932 5288 THREADORDER - ok
22:39:00.0979 5288 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
22:39:00.0995 5288 TrkWks - ok
22:39:01.0041 5288 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
22:39:01.0041 5288 TrustedInstaller - ok
22:39:01.0088 5288 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:39:01.0088 5288 tssecsrv - ok
22:39:01.0135 5288 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:39:01.0135 5288 tunmp - ok
22:39:01.0166 5288 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
22:39:01.0166 5288 tunnel - ok
22:39:01.0213 5288 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
22:39:01.0213 5288 uagp35 - ok
22:39:01.0260 5288 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
22:39:01.0260 5288 udfs - ok
22:39:01.0307 5288 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
22:39:01.0322 5288 UI0Detect - ok
22:39:01.0338 5288 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
22:39:01.0338 5288 uliagpkx - ok
22:39:01.0385 5288 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
22:39:01.0385 5288 uliahci - ok
22:39:01.0416 5288 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:39:01.0416 5288 UlSata - ok
22:39:01.0447 5288 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:39:01.0447 5288 ulsata2 - ok
22:39:01.0494 5288 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:39:01.0494 5288 umbus - ok
22:39:01.0541 5288 UmRdpService (8a66360f38f81e960e2367b428cbd5d9) C:\Windows\System32\umrdp.dll
22:39:01.0541 5288 UmRdpService - ok
22:39:01.0587 5288 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
22:39:01.0587 5288 upnphost - ok
22:39:01.0634 5288 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
22:39:01.0634 5288 usbaudio - ok
22:39:01.0681 5288 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:39:01.0681 5288 usbccgp - ok
22:39:01.0712 5288 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:39:01.0712 5288 usbcir - ok
22:39:01.0743 5288 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
22:39:01.0743 5288 usbehci - ok
22:39:01.0806 5288 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
22:39:01.0806 5288 usbhub - ok
22:39:01.0821 5288 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
22:39:01.0821 5288 usbohci - ok
22:39:01.0853 5288 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
22:39:01.0853 5288 usbprint - ok
22:39:01.0868 5288 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
22:39:01.0868 5288 usbscan - ok
22:39:01.0915 5288 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:39:01.0915 5288 USBSTOR - ok
22:39:01.0946 5288 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
22:39:01.0946 5288 usbuhci - ok
22:39:01.0977 5288 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
22:39:01.0977 5288 UxSms - ok
22:39:02.0024 5288 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
22:39:02.0024 5288 vds - ok
22:39:02.0055 5288 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:39:02.0055 5288 vga - ok
22:39:02.0102 5288 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:39:02.0102 5288 VgaSave - ok
22:39:02.0133 5288 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
22:39:02.0133 5288 viaagp - ok
22:39:02.0149 5288 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
22:39:02.0149 5288 ViaC7 - ok
22:39:02.0180 5288 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
22:39:02.0180 5288 viaide - ok
22:39:02.0227 5288 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:39:02.0227 5288 volmgr - ok
22:39:02.0274 5288 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
22:39:02.0274 5288 volmgrx - ok
22:39:02.0336 5288 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
22:39:02.0336 5288 volsnap - ok
22:39:02.0367 5288 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
22:39:02.0367 5288 vsmraid - ok
22:39:02.0430 5288 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
22:39:02.0445 5288 VSS - ok
22:39:02.0508 5288 VSTHWBS2 (c466021d31ff6c0a6069d12299d80c0b) C:\Windows\system32\DRIVERS\VSTBS23.SYS
22:39:02.0508 5288 VSTHWBS2 - ok
22:39:02.0555 5288 VST_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:39:02.0555 5288 VST_DPV - ok
22:39:02.0664 5288 vToolbarUpdater (8f83a261b7898c1793a21391685cf59f) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
22:39:02.0664 5288 vToolbarUpdater - ok
22:39:02.0711 5288 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
22:39:02.0711 5288 W32Time - ok
22:39:02.0757 5288 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:39:02.0757 5288 WacomPen - ok
22:39:02.0789 5288 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:39:02.0804 5288 Wanarp - ok
22:39:02.0804 5288 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:39:02.0804 5288 Wanarpv6 - ok
22:39:02.0867 5288 wbengine (20b23332885dfb93fe0185362ee811e9) C:\Windows\system32\wbengine.exe
22:39:02.0882 5288 wbengine - ok
22:39:02.0913 5288 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
22:39:02.0929 5288 wcncsvc - ok
22:39:02.0976 5288 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
22:39:02.0976 5288 WcsPlugInService - ok
22:39:03.0007 5288 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
22:39:03.0007 5288 Wd - ok
22:39:03.0054 5288 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
22:39:03.0054 5288 WDC_SAM - ok
22:39:03.0147 5288 WDDMService (bf847a3972cc6b5ce26e0ea742dd52d9) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
22:39:03.0147 5288 WDDMService - ok
22:39:03.0194 5288 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:39:03.0210 5288 Wdf01000 - ok
22:39:03.0288 5288 WDFME (b5966f1dff6e20576f3c8c2d93d129fd) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
22:39:03.0303 5288 WDFME - ok
22:39:03.0335 5288 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:39:03.0335 5288 WdiServiceHost - ok
22:39:03.0335 5288 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:39:03.0350 5288 WdiSystemHost - ok
22:39:03.0366 5288 WDSC (92f0088ca18bb08bb596ef2608256f8a) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
22:39:03.0366 5288 WDSC - ok
22:39:03.0428 5288 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
22:39:03.0428 5288 WebClient - ok
22:39:03.0475 5288 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
22:39:03.0491 5288 Wecsvc - ok
22:39:03.0522 5288 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
22:39:03.0522 5288 wercplsupport - ok
22:39:03.0584 5288 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
22:39:03.0584 5288 WerSvc - ok
22:39:03.0662 5288 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
22:39:03.0662 5288 winachsf - ok
22:39:03.0756 5288 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
22:39:03.0756 5288 WinDefend - ok
22:39:03.0771 5288 WinHttpAutoProxySvc - ok
22:39:03.0834 5288 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
22:39:03.0834 5288 Winmgmt - ok
22:39:03.0912 5288 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
22:39:03.0927 5288 WinRM - ok
22:39:04.0005 5288 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
22:39:04.0021 5288 WinUSB - ok
22:39:04.0083 5288 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
22:39:04.0099 5288 Wlansvc - ok
22:39:04.0130 5288 WlanUIG (01a3d371863250118591fb829eec91ac) C:\Windows\system32\DRIVERS\WlanUIG.sys
22:39:04.0146 5288 WlanUIG - ok
22:39:04.0302 5288 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:39:04.0317 5288 wlidsvc - ok
22:39:04.0349 5288 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
22:39:04.0349 5288 WmiAcpi - ok
22:39:04.0411 5288 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
22:39:04.0411 5288 wmiApSrv - ok
22:39:04.0489 5288 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:39:04.0505 5288 WMPNetworkSvc - ok
22:39:04.0536 5288 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
22:39:04.0536 5288 WPCSvc - ok
22:39:04.0583 5288 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
22:39:04.0583 5288 WPDBusEnum - ok
22:39:04.0629 5288 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
22:39:04.0629 5288 WpdUsb - ok
22:39:04.0739 5288 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:39:04.0754 5288 WPFFontCache_v0400 - ok
22:39:04.0785 5288 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:39:04.0785 5288 ws2ifsl - ok
22:39:04.0832 5288 WsAudio_DeviceS(1) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
22:39:04.0832 5288 WsAudio_DeviceS(1) - ok
22:39:04.0863 5288 WsAudio_DeviceS(2) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
22:39:04.0863 5288 WsAudio_DeviceS(2) - ok
22:39:04.0895 5288 WsAudio_DeviceS(3) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
22:39:04.0895 5288 WsAudio_DeviceS(3) - ok
22:39:04.0941 5288 WsAudio_DeviceS(4) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
22:39:04.0941 5288 WsAudio_DeviceS(4) - ok
22:39:04.0973 5288 WsAudio_DeviceS(5) (4160cbe59d9b5be22e4c3897e8db9d56) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
22:39:04.0973 5288 WsAudio_DeviceS(5) - ok
22:39:05.0019 5288 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
22:39:05.0019 5288 wscsvc - ok
22:39:05.0035 5288 WSearch - ok
22:39:05.0129 5288 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
22:39:05.0160 5288 wuauserv - ok
22:39:05.0207 5288 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:39:05.0222 5288 WUDFRd - ok
22:39:05.0269 5288 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
22:39:05.0269 5288 wudfsvc - ok
22:39:05.0316 5288 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
22:39:05.0316 5288 XAudio - ok
22:39:05.0347 5288 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
22:39:05.0347 5288 XAudioService - ok
22:39:05.0456 5288 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
22:39:05.0456 5288 YahooAUService - ok
22:39:05.0519 5288 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:39:05.0534 5288 \Device\Harddisk0\DR0 - ok
22:39:05.0550 5288 Boot (0x1200) (8a88f7f1d69968baa3f34628839b105e) \Device\Harddisk0\DR0\Partition0
22:39:05.0550 5288 \Device\Harddisk0\DR0\Partition0 - ok
22:39:05.0565 5288 Boot (0x1200) (8890d2082366b23759d741c6d9611dea) \Device\Harddisk0\DR0\Partition1
22:39:05.0565 5288 \Device\Harddisk0\DR0\Partition1 - ok
22:39:05.0581 5288 Boot (0x1200) (4e52a849b8b3f93b60f8ffa8c94a2293) \Device\Harddisk0\DR0\Partition2
22:39:05.0581 5288 \Device\Harddisk0\DR0\Partition2 - ok
22:39:05.0581 5288 ============================================================
22:39:05.0581 5288 Scan finished
22:39:05.0581 5288 ============================================================
22:39:05.0597 4552 Detected object count: 0
22:39:05.0597 4552 Actual detected object count: 0




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-26 22:40:46
-----------------------------
22:40:46.214 OS Version: Windows 6.0.6002 Service Pack 2
22:40:46.214 Number of processors: 2 586 0x4B02
22:40:46.214 ComputerName: LAWRENCE-PC UserName: Lawrence
22:40:47.727 Initialize success
22:41:31.651 AVAST engine defs: 12032602
22:41:57.406 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000071
22:41:57.406 Disk 0 Vendor: SAMSUNG_ VT10 Size: 238475MB BusType: 6
22:41:57.422 Disk 0 MBR read successfully
22:41:57.422 Disk 0 MBR scan
22:41:57.422 Disk 0 Windows 7 default MBR code
22:41:57.438 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 206186 MB offset 63
22:41:57.453 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 25883 MB offset 422273024
22:41:57.469 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 6400 MB offset 475282080
22:41:57.484 Disk 0 scanning sectors +488391120
22:41:57.547 Disk 0 scanning C:\Windows\system32\drivers
22:42:10.323 Service scanning
22:42:23.084 Service MpKsl63fd9c11 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7AF332FA-2AFF-49A4-8A60-D6083D46599E}\MpKsl63fd9c11.sys **LOCKED** 32
22:42:23.131 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
22:42:37.576 Modules scanning
22:42:43.676 Disk 0 trace - called modules:
22:42:43.707 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
22:42:43.707 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8726e598]
22:42:43.723 3 CLASSPNP.SYS[8cbc78b3] -> nt!IofCallDriver -> [0x86944968]
22:42:43.723 5 acpi.sys[836146bc] -> nt!IofCallDriver -> \Device\00000071[0x85f05998]
22:42:44.862 AVAST engine scan C:\
22:44:28.477 Disk 0 MBR has been saved successfully to "C:\Users\Lawrence\Documents\Desktop\MBR.dat"
22:44:28.477 The log file has been saved successfully to "C:\Users\Lawrence\Documents\Desktop\aswMBR.txt"
06:08:58.691 Scan finished successfully
12:09:46.954 Disk 0 MBR has been saved successfully to "C:\Users\Lawrence\Documents\Desktop\MBR.dat"
12:09:47.156 The log file has been saved successfully to "C:\Users\Lawrence\Documents\Desktop\aswMBR.txt"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users