Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect and Sloooow Browser


  • This topic is locked This topic is locked
13 replies to this topic

#1 emenc

emenc

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:53 AM

Posted 01 April 2012 - 04:10 PM

Thanks so much for being here and giving me some hope. I've been through several malware removoval software to rid my computer of this Trojan. Nothing worked, so far. Google redirects to Happili, gimmeanswers, and some other crazy sites, browser is extremely slooow.


DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.6001.19190 BrowserJavaVersion: 1.6.0_26
Run by Mommy at 16:28:52 on 2012-04-01
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1255.972.1033.18.6134.3096 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: PC Tools Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Ati2evxx.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Windows\Explorer.EXE
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\LogTransport2.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uWindow Title = Internet Explorer provided by Dell
uURLSearchHooks: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
uURLSearchHooks: PC Tools Browser Defender: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
mURLSearchHooks: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll
mWinlogon: Userinit=c:\windows\syswow64\userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: PC Tools Browser Defender BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110925194325.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: PC Tools Browser Defender: {472734ea-242a-422b-adf8-83d1e48cc825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [AdobeBridge]
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
mRun: [<NO NAME>]
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [SSDMonitor] "C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
mRun: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI
uPolicies-explorer: NoInstrumentation = 1
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: C:\Windows\system32\wpclsp.dll
LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.photogize.com/bponet/ImageUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} - hxxp://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab
DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} - hxxp://pephoto.lifepics.com/net/Uploader/LPUploader57.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: Interfaces\{FE4BD1F1-3009-40FD-9727-B0B41325F28C} : NameServer = 68.237.161.12 71.250.0.12
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: PC Tools Browser Defender BHO: {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
BHO-X64: Browser Defender BHO - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110925194325.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: NCH Toolbar: {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: PC Tools Browser Defender: {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [(Default)]
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [SSDMonitor] "C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
mRun-x64: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mommy\AppData\Roaming\Mozilla\Firefox\Profiles\5s3acqof.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
R0 pctEFA;PC Tools Extended File Attributes;C:\Windows\system32\drivers\pctEFA64.sys --> C:\Windows\system32\drivers\pctEFA64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 TfFsMon;TfFsMon;C:\Windows\system32\drivers\TfFsMon.sys --> C:\Windows\system32\drivers\TfFsMon.sys [?]
R0 TFSysMon;TfSysMon;C:\Windows\system32\drivers\TfSysMon.sys --> C:\Windows\system32\drivers\TfSysMon.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 pctgntdi;pctgntdi;\??\C:\Windows\System32\drivers\pctgntdi64.sys --> C:\Windows\System32\drivers\pctgntdi64.sys [?]
R1 PCTSD;PC Tools Spyware Doctor Driver;C:\Windows\system32\Drivers\PCTSD64.sys --> C:\Windows\system32\Drivers\PCTSD64.sys [?]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 Browser Defender Update Service;Browser Defender Update Service;C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-3-20 550864]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-10-10 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-10-10 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-10-10 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-10-10 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2010-10-10 199008]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2010-10-10 208272]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-3-21 793048]
R2 sdAuxService;PC Tools Auxiliary Service;C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-3-20 402336]
R2 sdCoreService;PC Tools Security Service;C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [2012-3-20 1117624]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y60x64.sys --> C:\Windows\system32\DRIVERS\e1y60x64.sys [?]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 PCTBD;PC Tools Browser Defender Driver;C:\Windows\system32\Drivers\PCTBD64.sys --> C:\Windows\system32\Drivers\PCTBD64.sys [?]
R3 pctplsg;pctplsg;\??\C:\Windows\System32\drivers\pctplsg64.sys --> C:\Windows\System32\drivers\pctplsg64.sys [?]
R3 t3;Sound Blaster X-Fi Xtreme Audio (Vista);C:\Windows\system32\drivers\t3.sys --> C:\Windows\system32\drivers\t3.sys [?]
R3 TfNetMon;TfNetMon;\??\C:\Windows\system32\drivers\TfNetMon.sys --> C:\Windows\system32\drivers\TfNetMon.sys [?]
R4 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe [2012-1-18 995744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-23 136176]
S2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-10-6 375176]
S3 acfva;acfva;C:\Windows\system32\DRIVERS\ACFVA64.sys --> C:\Windows\system32\DRIVERS\ACFVA64.sys [?]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 288112]
S3 Creative ALchemy AL1 Licensing Service;Creative ALchemy AL1 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exe [2009-4-21 79360]
S3 Dgasstea;Dgasstea; [x]
S3 dgcfltr;DGC Filter Driver;C:\Windows\system32\DRIVERS\ACFDCP64.sys --> C:\Windows\system32\DRIVERS\ACFDCP64.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-6-2 1038088]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-23 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 PCD5SRVC{048DBD20-445E8C82-05040104};PCD5SRVC{048DBD20-445E8C82-05040104} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms [2008-11-4 28152]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 ThreatFire;ThreatFire;C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service --> C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-8-26 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-04-01 04:26:39 -------- d-----w- C:\Users\Mommy\AppData\Roaming\DriverCure
2012-04-01 04:26:38 -------- d-----w- C:\Users\Mommy\AppData\Roaming\SpeedyPC Software
2012-04-01 04:26:22 -------- d-----w- C:\Program Files (x86)\Common Files\SpeedyPC Software
2012-04-01 04:26:21 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-04-01 04:26:21 -------- d-----w- C:\Program Files (x86)\SpeedyPC Software
2012-03-30 15:47:32 110080 ----a-r- C:\Users\Mommy\AppData\Roaming\Microsoft\Installer\{5B210B8A-B66E-4702-B44D-0D6F388D29EB}\IconD7F16134.exe
2012-03-30 15:47:32 110080 ----a-r- C:\Users\Mommy\AppData\Roaming\Microsoft\Installer\{5B210B8A-B66E-4702-B44D-0D6F388D29EB}\Icon1226A4C5.exe
2012-03-30 15:47:31 110080 ----a-r- C:\Users\Mommy\AppData\Roaming\Microsoft\Installer\{5B210B8A-B66E-4702-B44D-0D6F388D29EB}\IconF7A21AF7.exe
2012-03-30 15:47:24 -------- d-----w- C:\sh4ldr
2012-03-30 15:47:24 -------- d-----w- C:\Program Files\Enigma Software Group
2012-03-30 15:36:53 -------- d-----w- C:\Windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP
2012-03-30 15:36:39 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-03-25 02:59:44 -------- d-----w- C:\Program Files\iPod
2012-03-25 02:59:41 -------- d-----w- C:\Program Files\iTunes
2012-03-25 02:59:41 -------- d-----w- C:\Program Files (x86)\iTunes
2012-03-22 04:44:47 -------- d-----w- C:\Users\Mommy\AppData\Roaming\Malwarebytes
2012-03-22 04:44:32 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-22 04:44:30 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-22 04:44:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-22 04:29:29 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-22 00:58:46 116016 ----a-w- C:\Windows\System32\drivers\55392029.sys
2012-03-22 00:24:11 116016 ----a-w- C:\Windows\System32\drivers\37757168.sys
2012-03-21 22:24:54 -------- d-----w- C:\Users\Mommy\AppData\Roaming\Registry Mechanic
2012-03-21 22:20:31 212992 ----a-w- C:\Windows\SysWow64\UniBoxVB12.ocx
2012-03-21 22:20:31 1101824 ----a-w- C:\Windows\SysWow64\UniBox210.ocx
2012-03-21 22:20:30 880640 ----a-w- C:\Windows\SysWow64\UniBox10.ocx
2012-03-21 22:20:30 512472 ----a-w- C:\Windows\SysWow64\msxml.dll
2012-03-21 22:20:30 40408 ----a-w- C:\Windows\System32\CleanMFT64.exe
2012-03-21 22:17:16 -------- d-----w- C:\Users\Mommy\AppData\Roaming\Product_RM
2012-03-20 16:14:39 706776 --s---w- C:\Windows\System32\drivers\TfSysMon.sys
2012-03-20 16:14:38 65664 --s---w- C:\Windows\System32\drivers\TfFsMon.sys
2012-03-20 16:14:38 41968 --s---w- C:\Windows\System32\drivers\TfNetMon.sys
2012-03-20 06:08:59 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E3F67802-5307-4C0D-8C67-EDEB32F75814}\mpengine.dll
2012-03-20 04:42:35 70760 ----a-w- C:\Windows\System32\drivers\PCTBD64.sys
2012-03-20 04:42:34 767952 ----a-w- C:\Windows\BDTSupport.dll
2012-03-20 04:42:33 2250704 ----a-w- C:\Windows\PCTBDCore.dll
2012-03-20 04:42:33 1681360 ----a-w- C:\Windows\PCTBDRes.dll
2012-03-20 04:42:33 149456 ----a-w- C:\Windows\SGDetectionTool.dll
2012-03-20 04:41:50 339608 ----a-w- C:\Windows\System32\drivers\pctgntdi64.sys
2012-03-20 04:41:50 145432 ----a-w- C:\Windows\System32\drivers\pctwfpfilter64.sys
2012-03-20 04:41:36 14776 ----a-w- C:\Windows\System32\drivers\pctBTFix64.sys
2012-03-20 04:41:23 92896 ----a-w- C:\Windows\System32\drivers\pctplsg64.sys
2012-03-20 04:41:06 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-03-20 04:14:09 453896 ----a-w- C:\Windows\System32\drivers\pctDS64.sys
2012-03-20 04:14:09 1096688 ----a-w- C:\Windows\System32\drivers\pctEFA64.sys
2012-03-20 04:14:05 367912 ----a-w- C:\Windows\System32\drivers\PCTCore64.sys
2012-03-20 04:14:00 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-03-20 04:14:00 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-03-20 04:07:13 -------- d-----w- C:\Users\Mommy\AppData\Roaming\TestApp
2012-03-20 04:07:13 -------- d-----w- C:\ProgramData\PC Tools
2012-03-18 22:45:29 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-18 22:45:29 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-14 19:26:56 708096 ----a-w- C:\Windows\System32\rdpencom.dll
2012-03-14 19:26:55 613376 ----a-w- C:\Windows\SysWow64\rdpencom.dll
2012-03-14 19:26:55 209920 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
.
==================== Find3M ====================
.
2012-02-23 13:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-14 16:49:43 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-02-14 16:49:43 196096 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-02-14 15:45:30 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-02-14 15:45:30 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-02-13 14:38:31 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll
2012-02-13 14:12:08 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2012-02-13 14:06:48 834048 ----a-w- C:\Windows\System32\d2d1.dll
2012-02-13 14:03:11 1555968 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-13 13:47:57 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-02-13 13:44:40 1068544 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-02 15:34:25 2765824 ----a-w- C:\Windows\System32\win32k.sys
2012-01-03 14:25:21 404992 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 16:35:49.67 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:53 AM

Posted 01 April 2012 - 11:49 PM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 emenc

emenc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:53 AM

Posted 02 April 2012 - 09:43 AM

Thanks much for responding so quickly. I tried downloading ComboFix, but got an error message "due to an unknown error...try saving to a different location." ComboFix does not give me the option of saving to a different location. Please advise. Thanks.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:53 AM

Posted 02 April 2012 - 09:48 AM

Hello


download with IE and see if it will let you save it to the desktop


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 emenc

emenc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:53 AM

Posted 02 April 2012 - 11:14 AM

ComboFix 12-04-01.02 - Mommy 04/02/2012 11:54:29.1.8 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1255.972.1033.18.6134.4250 [GMT -4:00]
Running from: c:\users\Mommy\Desktop\ComboFix.exe
SP: PC Tools Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{5813C198-2956-4E8C-BC03-D2FF7F9CBB1A}\_Setup.dll
c:\programdata\Tarma Installer\{5813C198-2956-4E8C-BC03-D2FF7F9CBB1A}\20100425013822.log
c:\programdata\Tarma Installer\{5813C198-2956-4E8C-BC03-D2FF7F9CBB1A}\Setup.dat
c:\programdata\Tarma Installer\{5813C198-2956-4E8C-BC03-D2FF7F9CBB1A}\Setup.exe
c:\programdata\Tarma Installer\{5813C198-2956-4E8C-BC03-D2FF7F9CBB1A}\Setup.ico
c:\users\Mommy\GoToAssistDownloadHelper.exe
H:\Autorun.inf
H:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-03-02 to 2012-04-02 )))))))))))))))))))))))))))))))
.
.
2012-04-02 16:04 . 2012-04-02 16:04 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2012-04-02 16:04 . 2012-04-02 16:04 -------- d-----w- c:\users\Mommy1\AppData\Local\temp
2012-04-02 16:04 . 2012-04-02 16:04 -------- d-----w- c:\users\Mommy\AppData\Local\temp
2012-04-02 16:04 . 2012-04-02 16:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-02 16:04 . 2012-04-02 16:04 -------- d-----w- c:\users\Chana Toba\AppData\Local\temp
2012-04-02 14:14 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EBCED237-F113-4B90-86EB-BC8C47E940B1}\mpengine.dll
2012-04-01 04:26 . 2012-04-01 04:26 -------- d-----w- c:\users\Mommy\AppData\Roaming\DriverCure
2012-04-01 04:26 . 2012-04-01 04:26 -------- d-----w- c:\users\Mommy\AppData\Roaming\SpeedyPC Software
2012-04-01 04:26 . 2012-04-01 04:26 -------- d-----w- c:\program files (x86)\Common Files\SpeedyPC Software
2012-04-01 04:26 . 2012-04-01 05:26 -------- d-----w- c:\program files (x86)\SpeedyPC Software
2012-04-01 04:26 . 2012-04-01 04:26 -------- d-----w- c:\programdata\SpeedyPC Software
2012-03-30 15:47 . 2012-03-30 15:47 110080 ----a-r- c:\users\Mommy\AppData\Roaming\Microsoft\Installer\{5B210B8A-B66E-4702-B44D-0D6F388D29EB}\IconD7F16134.exe
2012-03-30 15:47 . 2012-03-30 15:47 110080 ----a-r- c:\users\Mommy\AppData\Roaming\Microsoft\Installer\{5B210B8A-B66E-4702-B44D-0D6F388D29EB}\Icon1226A4C5.exe
2012-03-30 15:47 . 2012-03-30 15:47 110080 ----a-r- c:\users\Mommy\AppData\Roaming\Microsoft\Installer\{5B210B8A-B66E-4702-B44D-0D6F388D29EB}\IconF7A21AF7.exe
2012-03-30 15:47 . 2012-03-30 15:48 -------- d-----w- C:\sh4ldr
2012-03-30 15:47 . 2012-03-30 15:47 -------- d-----w- c:\program files\Enigma Software Group
2012-03-30 15:36 . 2012-03-30 15:47 -------- d-----w- c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP
2012-03-30 15:36 . 2012-03-30 15:36 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-03-25 02:59 . 2012-03-25 02:59 -------- d-----w- c:\program files\iPod
2012-03-25 02:59 . 2012-03-25 03:01 -------- d-----w- c:\program files\iTunes
2012-03-25 02:59 . 2012-03-25 03:01 -------- d-----w- c:\program files (x86)\iTunes
2012-03-22 04:44 . 2012-03-22 04:44 -------- d-----w- c:\users\Mommy\AppData\Roaming\Malwarebytes
2012-03-22 04:44 . 2012-03-22 04:44 -------- d-----w- c:\programdata\Malwarebytes
2012-03-22 04:44 . 2011-12-10 19:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-22 04:44 . 2012-03-22 04:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-22 04:29 . 2012-03-22 04:29 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-22 00:58 . 2012-03-22 00:58 116016 ----a-w- c:\windows\system32\drivers\55392029.sys
2012-03-22 00:24 . 2012-03-22 00:24 116016 ----a-w- c:\windows\system32\drivers\37757168.sys
2012-03-21 22:24 . 2012-03-21 22:41 -------- d-----w- c:\users\Mommy\AppData\Roaming\Registry Mechanic
2012-03-21 22:20 . 2008-04-02 20:54 1101824 ----a-w- c:\windows\SysWow64\UniBox210.ocx
2012-03-21 22:20 . 2008-04-02 20:53 212992 ----a-w- c:\windows\SysWow64\UniBoxVB12.ocx
2012-03-21 22:20 . 2011-12-12 18:07 512472 ----a-w- c:\windows\SysWow64\msxml.dll
2012-03-21 22:20 . 2011-12-12 18:07 40408 ----a-w- c:\windows\system32\CleanMFT64.exe
2012-03-21 22:20 . 2008-04-02 20:53 880640 ----a-w- c:\windows\SysWow64\UniBox10.ocx
2012-03-21 22:17 . 2012-03-21 22:17 -------- d-----w- c:\users\Mommy\AppData\Roaming\Product_RM
2012-03-20 16:14 . 2012-02-24 13:16 706776 --s---w- c:\windows\system32\drivers\TfSysMon.sys
2012-03-20 16:14 . 2012-02-24 13:16 65664 --s---w- c:\windows\system32\drivers\TfFsMon.sys
2012-03-20 16:14 . 2012-02-24 13:16 41968 --s---w- c:\windows\system32\drivers\TfNetMon.sys
2012-03-20 04:42 . 2011-09-28 17:14 70760 ----a-w- c:\windows\system32\drivers\PCTBD64.sys
2012-03-20 04:42 . 2012-02-17 19:08 767952 ----a-w- c:\windows\BDTSupport.dll
2012-03-20 04:42 . 2012-02-17 19:08 149456 ----a-w- c:\windows\SGDetectionTool.dll
2012-03-20 04:42 . 2012-02-17 19:08 2250704 ----a-w- c:\windows\PCTBDCore.dll
2012-03-20 04:42 . 2012-02-17 19:08 1681360 ----a-w- c:\windows\PCTBDRes.dll
2012-03-20 04:41 . 2012-02-24 14:31 145432 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
2012-03-20 04:41 . 2012-02-24 14:31 339608 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
2012-03-20 04:41 . 2012-02-24 14:35 14776 ----a-w- c:\windows\system32\drivers\pctBTFix64.sys
2012-03-20 04:41 . 2012-02-24 14:37 92896 ----a-w- c:\windows\system32\drivers\pctplsg64.sys
2012-03-20 04:41 . 2012-03-21 22:20 -------- d-----w- c:\program files (x86)\PC Tools
2012-03-20 04:14 . 2011-12-01 20:07 1096688 ----a-w- c:\windows\system32\drivers\pctEFA64.sys
2012-03-20 04:14 . 2011-12-01 20:07 453896 ----a-w- c:\windows\system32\drivers\pctDS64.sys
2012-03-20 04:14 . 2011-11-14 19:12 367912 ----a-w- c:\windows\system32\drivers\PCTCore64.sys
2012-03-20 04:14 . 2012-03-21 22:20 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2012-03-20 04:14 . 2012-02-24 14:36 230952 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-03-20 04:07 . 2012-03-20 16:14 -------- d-----w- c:\programdata\PC Tools
2012-03-20 04:07 . 2012-03-20 04:07 -------- d-----w- c:\users\Mommy\AppData\Roaming\TestApp
2012-03-18 22:45 . 2012-03-18 22:45 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-18 22:45 . 2012-03-18 22:45 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-14 19:26 . 2012-01-09 16:16 708096 ----a-w- c:\windows\system32\rdpencom.dll
2012-03-14 19:26 . 2012-01-09 15:54 613376 ----a-w- c:\windows\SysWow64\rdpencom.dll
2012-03-14 19:26 . 2012-01-09 14:27 209920 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 13:18 . 2009-10-05 00:59 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{c2db4fe6-8409-45ce-8010-189a7b5cce86}"= "c:\program files (x86)\NCH\tbNCH.dll" [2010-04-15 2515552]
.
[HKEY_CLASSES_ROOT\clsid\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
2010-04-15 16:33 2515552 ----a-w- c:\program files (x86)\NCH\tbNCH.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{c2db4fe6-8409-45ce-8010-189a7b5cce86}"= "c:\program files (x86)\NCH\tbNCH.dll" [2010-04-15 2515552]
.
[HKEY_CLASSES_ROOT\clsid\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-12-12 103896]
.
c:\users\Chana Toba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [N/A]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 acfva;acfva;c:\windows\system32\DRIVERS\ACFVA64.sys [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-09-04 288112]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-23 20:28]
.
2012-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-23 20:28]
.
2012-04-01 c:\windows\Tasks\SpeedyPC Registration3.job
- c:\windows\system32\rundll32.exe [2006-11-02 09:45]
.
2012-04-02 c:\windows\Tasks\SpeedyPC Update Version3.job
- c:\program files (x86)\Common Files\SpeedyPC Software\UUS3\SpeedyPC_Update3.exe [2011-10-06 16:18]
.
2012-04-02 c:\windows\Tasks\User_Feed_Synchronization-{2A8DB03E-0AC1-45B9-BF15-A0135D5E5FC5}.job
- c:\windows\system32\msfeedssync.exe [2012-02-14 04:44]
.
2012-04-02 c:\windows\Tasks\User_Feed_Synchronization-{C84BFF51-6583-4BBE-AA97-61219FEC4DA7}.job
- c:\windows\system32\msfeedssync.exe [2012-02-14 04:44]
.
2012-04-02 c:\windows\Tasks\User_Feed_Synchronization-{E2D54262-694A-404C-9744-A2AA85D71DC9}.job
- c:\windows\system32\msfeedssync.exe [2012-02-14 04:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
TCP: Interfaces\{FE4BD1F1-3009-40FD-9727-B0B41325F28C}: NameServer = 68.237.161.12 71.250.0.12
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Mommy\AppData\Roaming\Mozilla\Firefox\Profiles\5s3acqof.default\
FF - prefs.js: network.proxy.type - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
WebBrowser-{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{048DBD20-445E8C82-05040104}]
"ImagePath"="\??\c:\progra~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2012-04-02 12:07:19
ComboFix-quarantined-files.txt 2012-04-02 16:07
.
Pre-Run: 252,140,175,360 bytes free
Post-Run: 253,780,774,912 bytes free
.
- - End Of File - - 1A3209B08BB8D7C7F2CBB9722FA4DA2F

#6 emenc

emenc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:53 AM

Posted 02 April 2012 - 11:18 AM

For the record, IE hung with the download, but I managed with Mozilla by right clicking the link (slapping forehead). It's too early to tell if my virus has been cleared. I'll keep thy posted as long as you keep this thread alive.

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:53 AM

Posted 02 April 2012 - 11:33 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 emenc

emenc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:53 AM

Posted 02 April 2012 - 01:05 PM

12:35:53.0084 5176 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48
12:35:53.0444 5176 ============================================================
12:35:53.0444 5176 Current date / time: 2012/04/02 12:35:53.0444
12:35:53.0444 5176 SystemInfo:
12:35:53.0444 5176
12:35:53.0444 5176 OS Version: 6.0.6002 ServicePack: 2.0
12:35:53.0444 5176 Product type: Workstation
12:35:53.0445 5176 ComputerName: MOMMY-PC
12:35:53.0445 5176 UserName: Mommy
12:35:53.0445 5176 Windows directory: C:\Windows
12:35:53.0445 5176 System windows directory: C:\Windows
12:35:53.0445 5176 Running under WOW64
12:35:53.0445 5176 Processor architecture: Intel x64
12:35:53.0445 5176 Number of processors: 8
12:35:53.0445 5176 Page size: 0x1000
12:35:53.0445 5176 Boot type: Normal boot
12:35:53.0445 5176 ============================================================
12:35:55.0002 5176 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:35:55.0018 5176 Drive \Device\Harddisk1\DR1 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:35:55.0314 5176 \Device\Harddisk0\DR0:
12:35:55.0315 5176 MBR used
12:35:55.0315 5176 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x1E00000
12:35:55.0315 5176 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x35EAEFF8
12:35:55.0333 5176 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x37CD3000, BlocksNum 0x1F872800
12:35:55.0333 5176 \Device\Harddisk1\DR1:
12:35:55.0374 5176 MBR used
12:35:55.0374 5176 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
12:35:55.0533 5176 Initialize success
12:35:55.0533 5176 ============================================================
12:35:58.0805 5272 ============================================================
12:35:58.0805 5272 Scan started
12:35:58.0805 5272 Mode: Manual;
12:35:58.0805 5272 ============================================================
12:36:00.0801 5272 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:36:00.0802 5272 ACDaemon - ok
12:36:00.0968 5272 acfva (5f173e8cafcbd1bbe2c43e5fd64f0513) C:\Windows\system32\DRIVERS\ACFVA64.sys
12:36:00.0994 5272 acfva - ok
12:36:01.0042 5272 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
12:36:01.0045 5272 ACPI - ok
12:36:01.0100 5272 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
12:36:01.0101 5272 adfs - ok
12:36:01.0182 5272 Adobe LM Service (5ddc0a8d2cd60bda593ddaf45821ce08) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
12:36:01.0200 5272 Adobe LM Service - ok
12:36:01.0388 5272 Adobe Version Cue CS4 (9444a3530c2e88b7ed96a566ff9ccc13) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
12:36:01.0395 5272 Adobe Version Cue CS4 - ok
12:36:01.0570 5272 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
12:36:01.0572 5272 AdobeActiveFileMonitor7.0 - ok
12:36:01.0673 5272 AdobeVersionCue (fc9d93d13127e3252466d4a33039b54b) C:\Program Files (x86)\Adobe\Adobe Version Cue\service\VersionCue.exe
12:36:01.0675 5272 AdobeVersionCue - ok
12:36:01.0763 5272 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
12:36:01.0770 5272 adp94xx - ok
12:36:01.0798 5272 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
12:36:01.0803 5272 adpahci - ok
12:36:01.0830 5272 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
12:36:01.0833 5272 adpu160m - ok
12:36:01.0866 5272 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
12:36:01.0903 5272 adpu320 - ok
12:36:01.0955 5272 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
12:36:01.0955 5272 AeLookupSvc - ok
12:36:02.0018 5272 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
12:36:02.0018 5272 Afc - ok
12:36:02.0166 5272 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
12:36:02.0172 5272 AFD - ok
12:36:02.0233 5272 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
12:36:02.0235 5272 agp440 - ok
12:36:02.0272 5272 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
12:36:02.0275 5272 aic78xx - ok
12:36:02.0295 5272 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
12:36:02.0296 5272 ALG - ok
12:36:02.0317 5272 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
12:36:02.0318 5272 aliide - ok
12:36:02.0333 5272 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
12:36:02.0334 5272 amdide - ok
12:36:02.0352 5272 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
12:36:02.0354 5272 AmdK8 - ok
12:36:02.0385 5272 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
12:36:02.0386 5272 Appinfo - ok
12:36:02.0621 5272 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:36:02.0622 5272 Apple Mobile Device - ok
12:36:02.0716 5272 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
12:36:02.0720 5272 arc - ok
12:36:02.0751 5272 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
12:36:02.0753 5272 arcsas - ok
12:36:02.0925 5272 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:36:02.0952 5272 aspnet_state - ok
12:36:03.0005 5272 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
12:36:03.0007 5272 AsyncMac - ok
12:36:03.0046 5272 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
12:36:03.0046 5272 atapi - ok
12:36:03.0092 5272 Ati External Event Utility (db3cac73fbd321ecf401e804e9f32b70) C:\Windows\system32\Ati2evxx.exe
12:36:03.0098 5272 Ati External Event Utility - ok
12:36:03.0199 5272 atikmdag (4ac28891bb930b0cdff8d958de34488a) C:\Windows\system32\DRIVERS\atikmdag.sys
12:36:03.0332 5272 atikmdag - ok
12:36:03.0466 5272 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
12:36:03.0469 5272 AudioEndpointBuilder - ok
12:36:03.0507 5272 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
12:36:03.0511 5272 AudioSrv - ok
12:36:03.0547 5272 Beep - ok
12:36:03.0664 5272 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
12:36:03.0667 5272 BFE - ok
12:36:03.0848 5272 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\system32\qmgr.dll
12:36:03.0856 5272 BITS - ok
12:36:03.0885 5272 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
12:36:03.0888 5272 blbdrive - ok
12:36:04.0031 5272 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:36:04.0034 5272 Bonjour Service - ok
12:36:04.0124 5272 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
12:36:04.0151 5272 bowser - ok
12:36:04.0197 5272 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
12:36:04.0199 5272 BrFiltLo - ok
12:36:04.0211 5272 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
12:36:04.0213 5272 BrFiltUp - ok
12:36:04.0246 5272 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
12:36:04.0247 5272 Browser - ok
12:36:04.0613 5272 Browser Defender Update Service (335219836821cb675533ab4731779754) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
12:36:04.0616 5272 Browser Defender Update Service - ok
12:36:04.0751 5272 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
12:36:04.0770 5272 Brserid - ok
12:36:04.0799 5272 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
12:36:04.0801 5272 BrSerWdm - ok
12:36:04.0819 5272 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
12:36:04.0820 5272 BrUsbMdm - ok
12:36:04.0837 5272 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
12:36:04.0839 5272 BrUsbSer - ok
12:36:04.0864 5272 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
12:36:04.0866 5272 BTHMODEM - ok
12:36:04.0887 5272 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
12:36:04.0889 5272 cdfs - ok
12:36:04.0948 5272 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
12:36:04.0951 5272 cdrom - ok
12:36:05.0010 5272 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
12:36:05.0010 5272 CertPropSvc - ok
12:36:05.0026 5272 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
12:36:05.0028 5272 circlass - ok
12:36:05.0104 5272 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
12:36:05.0116 5272 CLFS - ok
12:36:05.0211 5272 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:36:05.0214 5272 clr_optimization_v2.0.50727_32 - ok
12:36:05.0277 5272 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:36:05.0279 5272 clr_optimization_v2.0.50727_64 - ok
12:36:05.0377 5272 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:36:05.0378 5272 clr_optimization_v4.0.30319_32 - ok
12:36:05.0580 5272 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:36:05.0581 5272 clr_optimization_v4.0.30319_64 - ok
12:36:05.0698 5272 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
12:36:05.0700 5272 cmdide - ok
12:36:05.0853 5272 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\drivers\compbatt.sys
12:36:05.0854 5272 Compbatt - ok
12:36:05.0861 5272 COMSysApp - ok
12:36:05.0878 5272 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
12:36:05.0879 5272 crcdisk - ok
12:36:05.0926 5272 Creative ALchemy AL1 Licensing Service (86a591677c54ff0c12290b3292202530) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
12:36:05.0929 5272 Creative ALchemy AL1 Licensing Service - ok
12:36:05.0996 5272 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
12:36:05.0997 5272 CryptSvc - ok
12:36:06.0056 5272 CTAudSvcService (964192d989f17923502996425078fc06) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
12:36:06.0058 5272 CTAudSvcService - ok
12:36:06.0108 5272 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
12:36:06.0112 5272 DcomLaunch - ok
12:36:06.0153 5272 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
12:36:06.0154 5272 DfsC - ok
12:36:06.0365 5272 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
12:36:06.0419 5272 DFSR - ok
12:36:06.0488 5272 dgcfltr (1105faa8e317dc14a3315efc70d4988f) C:\Windows\system32\DRIVERS\ACFDCP64.sys
12:36:06.0489 5272 dgcfltr - ok
12:36:06.0545 5272 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
12:36:06.0547 5272 Dhcp - ok
12:36:06.0625 5272 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
12:36:06.0629 5272 disk - ok
12:36:06.0702 5272 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
12:36:06.0702 5272 Dnscache - ok
12:36:06.0753 5272 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
12:36:06.0755 5272 dot3svc - ok
12:36:06.0801 5272 dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
12:36:06.0803 5272 dot4 - ok
12:36:06.0828 5272 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:36:06.0829 5272 Dot4Print - ok
12:36:06.0848 5272 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
12:36:06.0850 5272 dot4usb - ok
12:36:06.0882 5272 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
12:36:06.0883 5272 DPS - ok
12:36:06.0915 5272 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
12:36:06.0917 5272 drmkaud - ok
12:36:06.0990 5272 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
12:36:06.0994 5272 DXGKrnl - ok
12:36:07.0069 5272 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
12:36:07.0073 5272 e1express - ok
12:36:07.0095 5272 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
12:36:07.0097 5272 E1G60 - ok
12:36:07.0137 5272 e1yexpress (b37f6853d6e0c6f5f8efde33e831b5f8) C:\Windows\system32\DRIVERS\e1y60x64.sys
12:36:07.0138 5272 e1yexpress - ok
12:36:07.0178 5272 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
12:36:07.0179 5272 EapHost - ok
12:36:07.0203 5272 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
12:36:07.0206 5272 Ecache - ok
12:36:07.0255 5272 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
12:36:07.0260 5272 ehRecvr - ok
12:36:07.0274 5272 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
12:36:07.0276 5272 ehSched - ok
12:36:07.0289 5272 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
12:36:07.0289 5272 ehstart - ok
12:36:07.0340 5272 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
12:36:07.0346 5272 elxstor - ok
12:36:07.0387 5272 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
12:36:07.0389 5272 EMDMgmt - ok
12:36:07.0404 5272 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
12:36:07.0406 5272 ErrDev - ok
12:36:07.0489 5272 esgiguard (df96c3cd6ae15f6d0a6bcb70f9c1e88d) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
12:36:07.0491 5272 esgiguard - ok
12:36:07.0565 5272 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
12:36:07.0567 5272 EventSystem - ok
12:36:07.0603 5272 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
12:36:07.0606 5272 exfat - ok
12:36:07.0653 5272 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
12:36:07.0655 5272 fastfat - ok
12:36:07.0695 5272 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
12:36:07.0697 5272 fdc - ok
12:36:07.0724 5272 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
12:36:07.0725 5272 fdPHost - ok
12:36:07.0744 5272 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
12:36:07.0745 5272 FDResPub - ok
12:36:07.0759 5272 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
12:36:07.0761 5272 FileInfo - ok
12:36:07.0779 5272 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
12:36:07.0780 5272 Filetrace - ok
12:36:07.0870 5272 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:36:07.0874 5272 FLEXnet Licensing Service - ok
12:36:07.0941 5272 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:36:07.0955 5272 FLEXnet Licensing Service 64 - ok
12:36:07.0986 5272 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
12:36:07.0988 5272 flpydisk - ok
12:36:08.0018 5272 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
12:36:08.0023 5272 FltMgr - ok
12:36:08.0128 5272 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
12:36:08.0136 5272 FontCache - ok
12:36:08.0186 5272 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:36:08.0188 5272 FontCache3.0.0.0 - ok
12:36:08.0212 5272 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
12:36:08.0213 5272 Fs_Rec - ok
12:36:08.0236 5272 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
12:36:08.0238 5272 gagp30kx - ok
12:36:08.0281 5272 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:36:08.0281 5272 GEARAspiWDM - ok
12:36:08.0342 5272 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
12:36:08.0347 5272 gpsvc - ok
12:36:08.0460 5272 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:36:08.0461 5272 gupdate - ok
12:36:08.0472 5272 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:36:08.0473 5272 gupdatem - ok
12:36:08.0547 5272 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
12:36:08.0551 5272 HdAudAddService - ok
12:36:08.0606 5272 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:36:08.0613 5272 HDAudBus - ok
12:36:08.0647 5272 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
12:36:08.0649 5272 HidBth - ok
12:36:08.0664 5272 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
12:36:08.0666 5272 HidIr - ok
12:36:08.0698 5272 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
12:36:08.0699 5272 hidserv - ok
12:36:08.0742 5272 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
12:36:08.0743 5272 HidUsb - ok
12:36:08.0779 5272 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
12:36:08.0781 5272 hkmsvc - ok
12:36:08.0811 5272 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
12:36:08.0813 5272 HpCISSs - ok
12:36:08.0884 5272 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
12:36:08.0893 5272 HTTP - ok
12:36:08.0912 5272 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
12:36:08.0914 5272 i2omp - ok
12:36:08.0949 5272 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
12:36:08.0951 5272 i8042prt - ok
12:36:08.0996 5272 iaStor (fc28e90f2204d8fd147fa9bfa8a51c01) C:\Windows\system32\drivers\iastor.sys
12:36:09.0002 5272 iaStor - ok
12:36:09.0039 5272 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
12:36:09.0044 5272 iaStorV - ok
12:36:09.0118 5272 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:36:09.0135 5272 idsvc - ok
12:36:09.0173 5272 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
12:36:09.0175 5272 iirsp - ok
12:36:09.0220 5272 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
12:36:09.0224 5272 IKEEXT - ok
12:36:09.0305 5272 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\DRIVERS\intelide.sys
12:36:09.0305 5272 intelide - ok
12:36:09.0431 5272 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
12:36:09.0432 5272 intelppm - ok
12:36:09.0539 5272 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
12:36:09.0541 5272 IPBusEnum - ok
12:36:09.0683 5272 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:36:09.0710 5272 IpFilterDriver - ok
12:36:09.0766 5272 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
12:36:09.0769 5272 iphlpsvc - ok
12:36:09.0824 5272 IpInIp - ok
12:36:09.0936 5272 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
12:36:09.0939 5272 IPMIDRV - ok
12:36:09.0961 5272 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
12:36:09.0962 5272 IPNAT - ok
12:36:10.0089 5272 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
12:36:10.0096 5272 iPod Service - ok
12:36:10.0202 5272 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
12:36:10.0204 5272 IRENUM - ok
12:36:10.0244 5272 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
12:36:10.0246 5272 isapnp - ok
12:36:10.0351 5272 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
12:36:10.0353 5272 iScsiPrt - ok
12:36:10.0426 5272 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
12:36:10.0454 5272 iteatapi - ok
12:36:10.0506 5272 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
12:36:10.0508 5272 iteraid - ok
12:36:10.0531 5272 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
12:36:10.0532 5272 kbdclass - ok
12:36:10.0629 5272 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
12:36:10.0651 5272 kbdhid - ok
12:36:10.0739 5272 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
12:36:10.0740 5272 KeyIso - ok
12:36:10.0961 5272 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
12:36:10.0987 5272 KSecDD - ok
12:36:11.0027 5272 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
12:36:11.0029 5272 ksthunk - ok
12:36:11.0064 5272 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
12:36:11.0068 5272 KtmRm - ok
12:36:11.0136 5272 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
12:36:11.0139 5272 LanmanServer - ok
12:36:11.0218 5272 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
12:36:11.0221 5272 LanmanWorkstation - ok
12:36:11.0395 5272 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
12:36:11.0398 5272 lltdio - ok
12:36:11.0432 5272 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
12:36:11.0435 5272 lltdsvc - ok
12:36:11.0450 5272 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
12:36:11.0451 5272 lmhosts - ok
12:36:11.0624 5272 LMIGuardianSvc (e01fded75312652de448e5aa792afa59) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
12:36:11.0649 5272 LMIGuardianSvc - ok
12:36:11.0701 5272 lmimirr - ok
12:36:11.0867 5272 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
12:36:11.0876 5272 LSI_FC - ok
12:36:11.0905 5272 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
12:36:11.0908 5272 LSI_SAS - ok
12:36:11.0933 5272 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
12:36:11.0936 5272 LSI_SCSI - ok
12:36:11.0954 5272 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
12:36:11.0957 5272 luafv - ok
12:36:11.0993 5272 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
12:36:11.0996 5272 Mcx2Svc - ok
12:36:12.0041 5272 mdmxsdk (a3b8f49446f15931e46380151e73221f) C:\Windows\system32\DRIVERS\ACFSDK64.sys
12:36:12.0049 5272 mdmxsdk - ok
12:36:12.0080 5272 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
12:36:12.0082 5272 megasas - ok
12:36:12.0103 5272 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
12:36:12.0110 5272 MegaSR - ok
12:36:12.0143 5272 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
12:36:12.0144 5272 MMCSS - ok
12:36:12.0159 5272 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
12:36:12.0161 5272 Modem - ok
12:36:12.0177 5272 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
12:36:12.0178 5272 monitor - ok
12:36:12.0193 5272 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
12:36:12.0194 5272 mouclass - ok
12:36:12.0217 5272 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
12:36:12.0218 5272 mouhid - ok
12:36:12.0238 5272 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
12:36:12.0240 5272 MountMgr - ok
12:36:12.0262 5272 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
12:36:12.0264 5272 mpio - ok
12:36:12.0291 5272 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
12:36:12.0293 5272 mpsdrv - ok
12:36:12.0364 5272 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
12:36:12.0369 5272 MpsSvc - ok
12:36:12.0383 5272 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
12:36:12.0385 5272 Mraid35x - ok
12:36:12.0406 5272 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
12:36:12.0409 5272 MRxDAV - ok
12:36:12.0461 5272 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:36:12.0464 5272 mrxsmb - ok
12:36:12.0504 5272 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:36:12.0509 5272 mrxsmb10 - ok
12:36:12.0518 5272 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:36:12.0521 5272 mrxsmb20 - ok
12:36:12.0542 5272 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
12:36:12.0544 5272 msahci - ok
12:36:12.0562 5272 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
12:36:12.0565 5272 msdsm - ok
12:36:12.0601 5272 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
12:36:12.0604 5272 MSDTC - ok
12:36:12.0642 5272 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
12:36:12.0643 5272 Msfs - ok
12:36:12.0666 5272 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
12:36:12.0667 5272 msisadrv - ok
12:36:12.0699 5272 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
12:36:12.0703 5272 MSiSCSI - ok
12:36:12.0710 5272 msiserver - ok
12:36:12.0729 5272 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
12:36:12.0731 5272 MSKSSRV - ok
12:36:12.0754 5272 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
12:36:12.0756 5272 MSPCLOCK - ok
12:36:12.0768 5272 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
12:36:12.0769 5272 MSPQM - ok
12:36:12.0811 5272 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
12:36:12.0816 5272 MsRPC - ok
12:36:12.0833 5272 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
12:36:12.0833 5272 mssmbios - ok
12:36:12.0848 5272 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
12:36:12.0850 5272 MSTEE - ok
12:36:12.0871 5272 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
12:36:12.0873 5272 Mup - ok
12:36:12.0925 5272 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
12:36:12.0929 5272 napagent - ok
12:36:13.0000 5272 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
12:36:13.0016 5272 NativeWifiP - ok
12:36:13.0098 5272 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
12:36:13.0103 5272 NDIS - ok
12:36:13.0148 5272 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
12:36:13.0150 5272 NdisTapi - ok
12:36:13.0176 5272 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
12:36:13.0178 5272 Ndisuio - ok
12:36:13.0253 5272 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
12:36:13.0260 5272 NdisWan - ok
12:36:13.0277 5272 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
12:36:13.0279 5272 NDProxy - ok
12:36:13.0334 5272 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
12:36:13.0335 5272 Net Driver HPZ12 - ok
12:36:13.0349 5272 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
12:36:13.0351 5272 NetBIOS - ok
12:36:13.0409 5272 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
12:36:13.0414 5272 netbt - ok
12:36:13.0462 5272 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
12:36:13.0463 5272 Netlogon - ok
12:36:13.0511 5272 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
12:36:13.0515 5272 Netman - ok
12:36:13.0702 5272 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:36:13.0715 5272 NetMsmqActivator - ok
12:36:13.0718 5272 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:36:13.0720 5272 NetPipeActivator - ok
12:36:13.0762 5272 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
12:36:13.0765 5272 netprofm - ok
12:36:13.0773 5272 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:36:13.0774 5272 NetTcpActivator - ok
12:36:13.0778 5272 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:36:13.0779 5272 NetTcpPortSharing - ok
12:36:13.0812 5272 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
12:36:13.0814 5272 nfrd960 - ok
12:36:13.0833 5272 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
12:36:13.0836 5272 NlaSvc - ok
12:36:13.0860 5272 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
12:36:13.0861 5272 Npfs - ok
12:36:13.0924 5272 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
12:36:13.0926 5272 nsi - ok
12:36:13.0942 5272 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
12:36:13.0944 5272 nsiproxy - ok
12:36:14.0022 5272 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
12:36:14.0056 5272 Ntfs - ok
12:36:14.0077 5272 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
12:36:14.0079 5272 Null - ok
12:36:14.0101 5272 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
12:36:14.0104 5272 nvraid - ok
12:36:14.0125 5272 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
12:36:14.0128 5272 nvstor - ok
12:36:14.0143 5272 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
12:36:14.0147 5272 nv_agp - ok
12:36:14.0154 5272 NwlnkFlt - ok
12:36:14.0162 5272 NwlnkFwd - ok
12:36:14.0308 5272 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:36:14.0327 5272 odserv - ok
12:36:14.0390 5272 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
12:36:14.0391 5272 ohci1394 - ok
12:36:14.0543 5272 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:36:14.0557 5272 ose - ok
12:36:14.0728 5272 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
12:36:14.0735 5272 p2pimsvc - ok
12:36:14.0843 5272 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
12:36:14.0850 5272 p2psvc - ok
12:36:15.0096 5272 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
12:36:15.0106 5272 Parport - ok
12:36:15.0149 5272 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
12:36:15.0152 5272 partmgr - ok
12:36:15.0187 5272 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
12:36:15.0188 5272 PcaSvc - ok
12:36:15.0369 5272 PCD5SRVC{048DBD20-445E8C82-05040104} (58c1cd52347c4835dc3606cd4723f426) C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms
12:36:15.0410 5272 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
12:36:15.0499 5272 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
12:36:15.0503 5272 pci - ok
12:36:15.0564 5272 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
12:36:15.0564 5272 pciide - ok
12:36:15.0684 5272 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
12:36:15.0711 5272 pcmcia - ok
12:36:15.0794 5272 PCTBD (7b92f2574a45a99da507a153c7920e8a) C:\Windows\system32\Drivers\PCTBD64.sys
12:36:15.0795 5272 PCTBD - ok
12:36:15.0886 5272 PCTCore (d48bd0ff27afb97005b33c9b6d26da3f) C:\Windows\system32\drivers\PCTCore64.sys
12:36:15.0891 5272 PCTCore - ok
12:36:16.0008 5272 pctDS (1335454528adfa13e1d3c4fa3fdbdc42) C:\Windows\system32\drivers\pctDS64.sys
12:36:16.0062 5272 pctDS - ok
12:36:16.0156 5272 pctEFA (df2a2505f17319dada4b204688cec0c2) C:\Windows\system32\drivers\pctEFA64.sys
12:36:16.0181 5272 pctEFA - ok
12:36:16.0293 5272 pctgntdi (3c5daa3cfba8b413ca8df5e8f742948e) C:\Windows\System32\drivers\pctgntdi64.sys
12:36:16.0295 5272 pctgntdi - ok
12:36:16.0517 5272 PCToolsSSDMonitorSvc (a0937771070bf59468b4939dd0ae59fd) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
12:36:16.0523 5272 PCToolsSSDMonitorSvc - ok
12:36:16.0692 5272 pctplsg (d263246e4484170c3a15fabca8168bdb) C:\Windows\System32\drivers\pctplsg64.sys
12:36:16.0693 5272 pctplsg - ok
12:36:16.0937 5272 PCTSD (9b7670b21e7fcbe9da9c4a751f31cca6) C:\Windows\system32\Drivers\PCTSD64.sys
12:36:16.0938 5272 PCTSD - ok
12:36:17.0109 5272 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
12:36:17.0135 5272 PEAUTH - ok
12:36:17.0243 5272 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
12:36:17.0251 5272 PerfHost - ok
12:36:17.0394 5272 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
12:36:17.0404 5272 pla - ok
12:36:17.0486 5272 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
12:36:17.0490 5272 PlugPlay - ok
12:36:17.0556 5272 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
12:36:17.0558 5272 Pml Driver HPZ12 - ok
12:36:17.0701 5272 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
12:36:17.0708 5272 PNRPAutoReg - ok
12:36:17.0728 5272 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
12:36:17.0735 5272 PNRPsvc - ok
12:36:17.0806 5272 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
12:36:17.0810 5272 PolicyAgent - ok
12:36:17.0878 5272 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
12:36:17.0881 5272 PptpMiniport - ok
12:36:17.0914 5272 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
12:36:17.0916 5272 Processor - ok
12:36:17.0954 5272 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
12:36:17.0956 5272 ProfSvc - ok
12:36:18.0002 5272 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
12:36:18.0003 5272 ProtectedStorage - ok
12:36:18.0068 5272 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
12:36:18.0069 5272 PSched - ok
12:36:18.0119 5272 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
12:36:18.0121 5272 PxHlpa64 - ok
12:36:18.0186 5272 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
12:36:18.0211 5272 ql2300 - ok
12:36:18.0240 5272 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
12:36:18.0243 5272 ql40xx - ok
12:36:18.0274 5272 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
12:36:18.0279 5272 QWAVE - ok
12:36:18.0294 5272 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
12:36:18.0296 5272 QWAVEdrv - ok
12:36:18.0408 5272 R300 (4ac28891bb930b0cdff8d958de34488a) C:\Windows\system32\DRIVERS\atikmdag.sys
12:36:18.0439 5272 R300 - ok
12:36:18.0473 5272 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
12:36:18.0475 5272 RasAcd - ok
12:36:18.0507 5272 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
12:36:18.0509 5272 RasAuto - ok
12:36:18.0556 5272 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:36:18.0559 5272 Rasl2tp - ok
12:36:18.0580 5272 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
12:36:18.0583 5272 RasMan - ok
12:36:18.0626 5272 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
12:36:18.0627 5272 RasPppoe - ok
12:36:18.0670 5272 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
12:36:18.0672 5272 RasSstp - ok
12:36:18.0720 5272 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
12:36:18.0733 5272 rdbss - ok
12:36:18.0768 5272 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:36:18.0770 5272 RDPCDD - ok
12:36:18.0791 5272 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
12:36:18.0796 5272 rdpdr - ok
12:36:18.0805 5272 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
12:36:18.0806 5272 RDPENCDD - ok
12:36:18.0857 5272 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
12:36:18.0861 5272 RDPWD - ok
12:36:18.0883 5272 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
12:36:18.0885 5272 RemoteAccess - ok
12:36:18.0931 5272 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
12:36:18.0933 5272 RemoteRegistry - ok
12:36:18.0956 5272 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
12:36:18.0958 5272 RpcLocator - ok
12:36:19.0019 5272 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
12:36:19.0026 5272 RpcSs - ok
12:36:19.0056 5272 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
12:36:19.0059 5272 rspndr - ok
12:36:19.0101 5272 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
12:36:19.0102 5272 SamSs - ok
12:36:19.0128 5272 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
12:36:19.0131 5272 sbp2port - ok
12:36:19.0176 5272 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
12:36:19.0179 5272 SCardSvr - ok
12:36:19.0242 5272 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
12:36:19.0251 5272 Schedule - ok
12:36:19.0294 5272 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
12:36:19.0295 5272 SCPolicySvc - ok
12:36:19.0434 5272 sdAuxService (17d6a03103586d7954ba74c2219ce1bb) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
12:36:19.0436 5272 sdAuxService - ok
12:36:19.0508 5272 sdCoreService (d2b30a5a8f57c00b0fa84a8880e9ec5b) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
12:36:19.0512 5272 sdCoreService - ok
12:36:19.0613 5272 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
12:36:19.0615 5272 SDRSVC - ok
12:36:19.0723 5272 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:36:19.0763 5272 secdrv - ok
12:36:19.0797 5272 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
12:36:19.0798 5272 seclogon - ok
12:36:19.0812 5272 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll
12:36:19.0813 5272 SENS - ok
12:36:19.0829 5272 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
12:36:19.0831 5272 Serenum - ok
12:36:19.0853 5272 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
12:36:19.0857 5272 Serial - ok
12:36:19.0877 5272 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
12:36:19.0880 5272 sermouse - ok
12:36:19.0906 5272 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
12:36:19.0907 5272 SessionEnv - ok
12:36:19.0972 5272 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
12:36:19.0973 5272 sffdisk - ok
12:36:20.0000 5272 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
12:36:20.0002 5272 sffp_mmc - ok
12:36:20.0027 5272 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
12:36:20.0028 5272 sffp_sd - ok
12:36:20.0040 5272 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
12:36:20.0041 5272 sfloppy - ok
12:36:20.0064 5272 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
12:36:20.0067 5272 SharedAccess - ok
12:36:20.0138 5272 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
12:36:20.0141 5272 ShellHWDetection - ok
12:36:20.0158 5272 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
12:36:20.0160 5272 SiSRaid2 - ok
12:36:20.0184 5272 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
12:36:20.0186 5272 SiSRaid4 - ok
12:36:20.0259 5272 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
12:36:20.0275 5272 slsvc - ok
12:36:20.0324 5272 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
12:36:20.0327 5272 SLUINotify - ok
12:36:20.0372 5272 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
12:36:20.0374 5272 Smb - ok
12:36:20.0405 5272 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
12:36:20.0407 5272 SNMPTRAP - ok
12:36:20.0455 5272 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
12:36:20.0455 5272 spldr - ok
12:36:20.0537 5272 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
12:36:20.0539 5272 Spooler - ok
12:36:20.0588 5272 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
12:36:20.0589 5272 sprtsvc_DellSupportCenter - ok
12:36:20.0696 5272 SpyHunter 4 Service (45a20a8416ee7dc7711953cc68b07643) C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe
12:36:20.0701 5272 SpyHunter 4 Service - ok
12:36:20.0756 5272 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
12:36:20.0762 5272 srv - ok
12:36:20.0823 5272 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
12:36:20.0825 5272 srv2 - ok
12:36:20.0850 5272 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
12:36:20.0852 5272 srvnet - ok
12:36:20.0878 5272 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
12:36:20.0880 5272 SSDPSRV - ok
12:36:20.0905 5272 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
12:36:20.0906 5272 SstpSvc - ok
12:36:20.0965 5272 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
12:36:20.0973 5272 stisvc - ok
12:36:21.0080 5272 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:36:21.0082 5272 stllssvr - ok
12:36:21.0119 5272 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
12:36:21.0119 5272 swenum - ok
12:36:21.0215 5272 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
12:36:21.0219 5272 swprv - ok
12:36:21.0260 5272 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
12:36:21.0262 5272 Symc8xx - ok
12:36:21.0290 5272 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
12:36:21.0292 5272 Sym_hi - ok
12:36:21.0316 5272 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
12:36:21.0317 5272 Sym_u3 - ok
12:36:21.0377 5272 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
12:36:21.0383 5272 SysMain - ok
12:36:21.0439 5272 t3 (2db4c095927423ed14e6acaa21b101eb) C:\Windows\system32\drivers\t3.sys
12:36:21.0448 5272 t3 - ok
12:36:21.0476 5272 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
12:36:21.0478 5272 TabletInputService - ok
12:36:21.0521 5272 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
12:36:21.0524 5272 TapiSrv - ok
12:36:21.0545 5272 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
12:36:21.0546 5272 TBS - ok
12:36:21.0624 5272 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
12:36:21.0633 5272 Tcpip - ok
12:36:21.0716 5272 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
12:36:21.0724 5272 Tcpip6 - ok
12:36:21.0782 5272 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
12:36:21.0783 5272 tcpipreg - ok
12:36:21.0809 5272 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
12:36:21.0811 5272 TDPIPE - ok
12:36:21.0838 5272 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
12:36:21.0839 5272 TDTCP - ok
12:36:21.0882 5272 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
12:36:21.0885 5272 tdx - ok
12:36:21.0927 5272 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
12:36:21.0928 5272 TermDD - ok
12:36:21.0980 5272 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
12:36:21.0985 5272 TermService - ok
12:36:22.0028 5272 TfFsMon (9cd5c339754e2310790ca27dbbd31f88) C:\Windows\system32\drivers\TfFsMon.sys
12:36:22.0029 5272 TfFsMon - ok
12:36:22.0046 5272 TfNetMon (00809507fafa1be93dbbace5029f27bb) C:\Windows\system32\drivers\TfNetMon.sys
12:36:22.0046 5272 TfNetMon - ok
12:36:22.0113 5272 TFSysMon (3593a7b1264fba24fe9e097a99b3e848) C:\Windows\system32\drivers\TfSysMon.sys
12:36:22.0118 5272 TFSysMon - ok
12:36:22.0187 5272 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
12:36:22.0191 5272 Themes - ok
12:36:22.0212 5272 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
12:36:22.0213 5272 THREADORDER - ok
12:36:22.0332 5272 ThreatFire - ok
12:36:22.0365 5272 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
12:36:22.0368 5272 TrkWks - ok
12:36:22.0455 5272 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
12:36:22.0456 5272 TrustedInstaller - ok
12:36:22.0488 5272 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:36:22.0490 5272 tssecsrv - ok
12:36:22.0525 5272 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
12:36:22.0527 5272 tunmp - ok
12:36:22.0585 5272 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
12:36:22.0585 5272 tunnel - ok
12:36:22.0620 5272 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
12:36:22.0629 5272 uagp35 - ok
12:36:22.0676 5272 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
12:36:22.0681 5272 udfs - ok
12:36:22.0709 5272 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
12:36:22.0710 5272 UI0Detect - ok
12:36:22.0733 5272 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
12:36:22.0748 5272 uliagpkx - ok
12:36:22.0780 5272 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
12:36:22.0784 5272 uliahci - ok
12:36:22.0808 5272 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
12:36:22.0811 5272 UlSata - ok
12:36:22.0833 5272 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
12:36:22.0836 5272 ulsata2 - ok
12:36:22.0850 5272 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
12:36:22.0851 5272 umbus - ok
12:36:22.0876 5272 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
12:36:22.0879 5272 upnphost - ok
12:36:22.0940 5272 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
12:36:22.0952 5272 USBAAPL64 - ok
12:36:23.0023 5272 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
12:36:23.0037 5272 usbccgp - ok
12:36:23.0066 5272 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
12:36:23.0069 5272 usbcir - ok
12:36:23.0091 5272 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
12:36:23.0092 5272 usbehci - ok
12:36:23.0136 5272 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
12:36:23.0140 5272 usbhub - ok
12:36:23.0155 5272 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
12:36:23.0157 5272 usbohci - ok
12:36:23.0190 5272 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
12:36:23.0204 5272 usbprint - ok
12:36:23.0285 5272 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
12:36:23.0286 5272 usbscan - ok
12:36:23.0350 5272 usbser (f7386007fb19e7685fc7b298560aa81f) C:\Windows\system32\DRIVERS\usbser.sys
12:36:23.0351 5272 usbser - ok
12:36:23.0369 5272 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:36:23.0371 5272 USBSTOR - ok
12:36:23.0420 5272 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
12:36:23.0422 5272 usbuhci - ok
12:36:23.0461 5272 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
12:36:23.0462 5272 UxSms - ok
12:36:23.0510 5272 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
12:36:23.0517 5272 vds - ok
12:36:23.0543 5272 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
12:36:23.0545 5272 vga - ok
12:36:23.0554 5272 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
12:36:23.0555 5272 VgaSave - ok
12:36:23.0572 5272 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
12:36:23.0574 5272 viaide - ok
12:36:23.0588 5272 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
12:36:23.0590 5272 volmgr - ok
12:36:23.0678 5272 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
12:36:23.0692 5272 volmgrx - ok
12:36:23.0756 5272 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
12:36:23.0761 5272 volsnap - ok
12:36:23.0783 5272 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
12:36:23.0786 5272 vsmraid - ok
12:36:23.0844 5272 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
12:36:23.0852 5272 VSS - ok
12:36:23.0907 5272 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
12:36:23.0910 5272 W32Time - ok
12:36:23.0947 5272 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
12:36:23.0949 5272 WacomPen - ok
12:36:23.0992 5272 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
12:36:23.0995 5272 Wanarp - ok
12:36:23.0998 5272 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
12:36:23.0999 5272 Wanarpv6 - ok
12:36:24.0047 5272 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
12:36:24.0055 5272 wcncsvc - ok
12:36:24.0082 5272 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
12:36:24.0084 5272 WcsPlugInService - ok
12:36:24.0098 5272 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
12:36:24.0100 5272 Wd - ok
12:36:24.0132 5272 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
12:36:24.0144 5272 Wdf01000 - ok
12:36:24.0166 5272 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
12:36:24.0168 5272 WdiServiceHost - ok
12:36:24.0172 5272 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
12:36:24.0173 5272 WdiSystemHost - ok
12:36:24.0219 5272 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
12:36:24.0221 5272 WebClient - ok
12:36:24.0326 5272 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
12:36:24.0328 5272 Wecsvc - ok
12:36:24.0361 5272 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
12:36:24.0363 5272 wercplsupport - ok
12:36:24.0388 5272 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
12:36:24.0390 5272 WerSvc - ok
12:36:24.0413 5272 WinDefend - ok
12:36:24.0418 5272 WinHttpAutoProxySvc - ok
12:36:24.0500 5272 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
12:36:24.0502 5272 Winmgmt - ok
12:36:24.0661 5272 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
12:36:24.0674 5272 WinRM - ok
12:36:24.0751 5272 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
12:36:24.0756 5272 Wlansvc - ok
12:36:24.0807 5272 WmiAcpi (7999dfb1c555efc0db69576f70027867) C:\Windows\system32\drivers\wmiacpi.sys
12:36:24.0809 5272 WmiAcpi - ok
12:36:24.0876 5272 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
12:36:24.0880 5272 wmiApSrv - ok
12:36:24.0889 5272 WMPNetworkSvc - ok
12:36:24.0919 5272 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
12:36:24.0922 5272 WPCSvc - ok
12:36:24.0972 5272 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
12:36:24.0974 5272 WPDBusEnum - ok
12:36:25.0033 5272 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
12:36:25.0035 5272 WpdUsb - ok
12:36:25.0244 5272 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:36:25.0257 5272 WPFFontCache_v0400 - ok
12:36:25.0285 5272 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
12:36:25.0286 5272 ws2ifsl - ok
12:36:25.0338 5272 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll
12:36:25.0340 5272 wscsvc - ok
12:36:25.0355 5272 WSearch - ok
12:36:25.0583 5272 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
12:36:25.0601 5272 wuauserv - ok
12:36:25.0708 5272 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:36:25.0721 5272 WUDFRd - ok
12:36:25.0752 5272 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
12:36:25.0754 5272 wudfsvc - ok
12:36:25.0800 5272 XAudio (83df798b830a215c7bfe1836edeee4b4) C:\Windows\system32\DRIVERS\ACFXAU64.sys
12:36:25.0801 5272 XAudio - ok
12:36:25.0899 5272 XAudioService (940bd17ff643d6faffee5c865d8da5d9) C:\Windows\system32\DRIVERS\ACFXAU64.exe
12:36:25.0910 5272 XAudioService - ok
12:36:25.0928 5272 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:36:25.0996 5272 \Device\Harddisk0\DR0 - ok
12:36:26.0292 5272 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
12:36:26.0360 5272 \Device\Harddisk1\DR1 - ok
12:36:26.0406 5272 Boot (0x1200) (454eff057382085bb664ec69b3a20dee) \Device\Harddisk0\DR0\Partition0
12:36:26.0409 5272 \Device\Harddisk0\DR0\Partition0 - ok
12:36:26.0412 5272 Boot (0x1200) (c43733497a8ba95292c6c684deb2d034) \Device\Harddisk0\DR0\Partition1
12:36:26.0414 5272 \Device\Harddisk0\DR0\Partition1 - ok
12:36:26.0446 5272 Boot (0x1200) (fa322cefc240f68b980305e32af1faa3) \Device\Harddisk0\DR0\Partition2
12:36:26.0451 5272 \Device\Harddisk0\DR0\Partition2 - ok
12:36:26.0453 5272 Boot (0x1200) (9d261b075d044a40ca290374a0a3dc4b) \Device\Harddisk1\DR1\Partition0
12:36:26.0456 5272 \Device\Harddisk1\DR1\Partition0 - ok
12:36:26.0456 5272 ============================================================
12:36:26.0457 5272 Scan finished
12:36:26.0457 5272 ============================================================
12:36:26.0465 5264 Detected object count: 0
12:36:26.0465 5264 Actual detected object count: 0
12:36:42.0575 5496 ============================================================
12:36:42.0575 5496 Scan started
12:36:42.0575 5496 Mode: Manual; SigCheck; TDLFS;
12:36:42.0575 5496 ============================================================
12:36:43.0253 5496 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:36:44.0379 5496 ACDaemon - ok
12:36:44.0587 5496 acfva (5f173e8cafcbd1bbe2c43e5fd64f0513) C:\Windows\system32\DRIVERS\ACFVA64.sys
12:36:44.0599 5496 acfva - ok
12:36:44.0670 5496 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
12:36:44.0685 5496 ACPI - ok
12:36:44.0735 5496 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
12:36:44.0744 5496 adfs - ok
12:36:44.0817 5496 Adobe LM Service (5ddc0a8d2cd60bda593ddaf45821ce08) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
12:36:44.0821 5496 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
12:36:44.0821 5496 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
12:36:44.0973 5496 Adobe Version Cue CS4 (9444a3530c2e88b7ed96a566ff9ccc13) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
12:36:44.0984 5496 Adobe Version Cue CS4 - ok
12:36:45.0136 5496 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
12:36:45.0146 5496 AdobeActiveFileMonitor7.0 - ok
12:36:45.0191 5496 AdobeVersionCue (fc9d93d13127e3252466d4a33039b54b) C:\Program Files (x86)\Adobe\Adobe Version Cue\service\VersionCue.exe
12:36:45.0195 5496 AdobeVersionCue ( UnsignedFile.Multi.Generic ) - warning
12:36:45.0195 5496 AdobeVersionCue - detected UnsignedFile.Multi.Generic (1)
12:36:45.0290 5496 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
12:36:45.0322 5496 adp94xx - ok
12:36:45.0367 5496 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
12:36:45.0385 5496 adpahci - ok
12:36:45.0423 5496 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
12:36:45.0435 5496 adpu160m - ok
12:36:45.0468 5496 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
12:36:45.0480 5496 adpu320 - ok
12:36:45.0515 5496 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
12:36:45.0544 5496 AeLookupSvc - ok
12:36:45.0613 5496 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
12:36:45.0623 5496 Afc - ok
12:36:45.0741 5496 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
12:36:45.0792 5496 AFD - ok
12:36:45.0819 5496 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
12:36:45.0830 5496 agp440 - ok
12:36:45.0849 5496 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
12:36:45.0862 5496 aic78xx - ok
12:36:45.0905 5496 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
12:36:45.0948 5496 ALG - ok
12:36:46.0002 5496 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
12:36:46.0014 5496 aliide - ok
12:36:46.0060 5496 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
12:36:46.0070 5496 amdide - ok
12:36:46.0196 5496 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
12:36:46.0239 5496 AmdK8 - ok
12:36:46.0295 5496 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
12:36:46.0313 5496 Appinfo - ok
12:36:46.0523 5496 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:36:46.0534 5496 Apple Mobile Device - ok
12:36:46.0676 5496 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
12:36:46.0689 5496 arc - ok
12:36:46.0852 5496 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
12:36:46.0866 5496 arcsas - ok
12:36:47.0068 5496 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:36:47.0081 5496 aspnet_state - ok
12:36:47.0132 5496 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
12:36:47.0179 5496 AsyncMac - ok
12:36:47.0256 5496 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
12:36:47.0269 5496 atapi - ok
12:36:47.0409 5496 Ati External Event Utility (db3cac73fbd321ecf401e804e9f32b70) C:\Windows\system32\Ati2evxx.exe
12:36:47.0473 5496 Ati External Event Utility - ok
12:36:48.0107 5496 atikmdag (4ac28891bb930b0cdff8d958de34488a) C:\Windows\system32\DRIVERS\atikmdag.sys
12:36:48.0344 5496 atikmdag - ok
12:36:48.0508 5496 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
12:36:48.0551 5496 AudioEndpointBuilder - ok
12:36:48.0559 5496 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
12:36:48.0601 5496 AudioSrv - ok
12:36:48.0615 5496 Beep - ok
12:36:48.0665 5496 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
12:36:48.0714 5496 BFE - ok
12:36:48.0859 5496 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\system32\qmgr.dll
12:36:48.0969 5496 BITS - ok
12:36:49.0103 5496 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
12:36:49.0150 5496 blbdrive - ok
12:36:49.0286 5496 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:36:49.0331 5496 Bonjour Service - ok
12:36:49.0475 5496 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
12:36:49.0514 5496 bowser - ok
12:36:49.0615 5496 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
12:36:49.0648 5496 BrFiltLo - ok
12:36:49.0787 5496 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
12:36:49.0821 5496 BrFiltUp - ok
12:36:49.0955 5496 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
12:36:50.0002 5496 Browser - ok
12:36:50.0287 5496 Browser Defender Update Service (335219836821cb675533ab4731779754) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
12:36:50.0351 5496 Browser Defender Update Service - ok
12:36:50.0443 5496 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
12:36:50.0515 5496 Brserid - ok
12:36:50.0625 5496 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
12:36:50.0696 5496 BrSerWdm - ok
12:36:50.0778 5496 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
12:36:50.0848 5496 BrUsbMdm - ok
12:36:50.0988 5496 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
12:36:51.0058 5496 BrUsbSer - ok
12:36:51.0190 5496 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
12:36:51.0234 5496 BTHMODEM - ok
12:36:51.0271 5496 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
12:36:51.0320 5496 cdfs - ok
12:36:51.0432 5496 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
12:36:51.0454 5496 cdrom - ok
12:36:51.0510 5496 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
12:36:51.0535 5496 CertPropSvc - ok
12:36:51.0601 5496 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
12:36:51.0633 5496 circlass - ok
12:36:51.0822 5496 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
12:36:51.0858 5496 CLFS - ok
12:36:51.0936 5496 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:36:51.0945 5496 clr_optimization_v2.0.50727_32 - ok
12:36:52.0019 5496 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:36:52.0027 5496 clr_optimization_v2.0.50727_64 - ok
12:36:52.0178 5496 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:36:52.0187 5496 clr_optimization_v4.0.30319_32 - ok
12:36:52.0473 5496 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:36:52.0483 5496 clr_optimization_v4.0.30319_64 - ok
12:36:52.0706 5496 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
12:36:52.0715 5496 cmdide - ok
12:36:52.0853 5496 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\drivers\compbatt.sys
12:36:52.0864 5496 Compbatt - ok
12:36:52.0883 5496 COMSysApp - ok
12:36:52.0928 5496 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
12:36:52.0939 5496 crcdisk - ok
12:36:53.0051 5496 Creative ALchemy AL1 Licensing Service (86a591677c54ff0c12290b3292202530) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
12:36:53.0056 5496 Creative ALchemy AL1 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:36:53.0056 5496 Creative ALchemy AL1 Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:36:53.0114 5496 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
12:36:53.0144 5496 CryptSvc - ok
12:36:53.0200 5496 CTAudSvcService (964192d989f17923502996425078fc06) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
12:36:53.0207 5496 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
12:36:53.0207 5496 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
12:36:53.0281 5496 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
12:36:53.0351 5496 DcomLaunch - ok
12:36:53.0449 5496 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
12:36:53.0464 5496 DfsC - ok
12:36:53.0647 5496 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
12:36:53.0728 5496 DFSR - ok
12:36:53.0846 5496 dgcfltr (1105faa8e317dc14a3315efc70d4988f) C:\Windows\system32\DRIVERS\ACFDCP64.sys
12:36:53.0850 5496 dgcfltr ( UnsignedFile.Multi.Generic ) - warning
12:36:53.0850 5496 dgcfltr - detected UnsignedFile.Multi.Generic (1)
12:36:53.0937 5496 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
12:36:53.0975 5496 Dhcp - ok
12:36:54.0100 5496 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
12:36:54.0114 5496 disk - ok
12:36:54.0193 5496 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
12:36:54.0210 5496 Dnscache - ok
12:36:54.0321 5496 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
12:36:54.0358 5496 dot3svc - ok
12:36:54.0443 5496 dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
12:36:54.0491 5496 dot4 - ok
12:36:54.0553 5496 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:36:54.0599 5496 Dot4Print - ok
12:36:54.0715 5496 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
12:36:54.0762 5496 dot4usb - ok
12:36:54.0800 5496 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
12:36:54.0847 5496 DPS - ok
12:36:55.0007 5496 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
12:36:55.0038 5496 drmkaud - ok
12:36:55.0410 5496 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
12:36:55.0445 5496 DXGKrnl - ok
12:36:55.0671 5496 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
12:36:55.0717 5496 e1express - ok
12:36:55.0838 5496 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
12:36:55.0881 5496 E1G60 - ok
12:36:56.0045 5496 e1yexpress (b37f6853d6e0c6f5f8efde33e831b5f8) C:\Windows\system32\DRIVERS\e1y60x64.sys
12:36:56.0060 5496 e1yexpress - ok
12:36:56.0177 5496 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
12:36:56.0210 5496 EapHost - ok
12:36:56.0362 5496 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
12:36:56.0378 5496 Ecache - ok
12:36:56.0454 5496 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
12:36:56.0498 5496 ehRecvr - ok
12:36:56.0543 5496 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
12:36:56.0559 5496 ehSched - ok
12:36:56.0604 5496 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
12:36:56.0619 5496 ehstart - ok
12:36:56.0726 5496 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
12:36:56.0809 5496 elxstor - ok
12:36:56.0853 5496 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
12:36:56.0886 5496 EMDMgmt - ok
12:36:56.0912 5496 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
12:36:56.0927 5496 ErrDev - ok
12:36:57.0055 5496 esgiguard (df96c3cd6ae15f6d0a6bcb70f9c1e88d) C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
12:36:57.0065 5496 esgiguard - ok
12:36:57.0141 5496 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
12:36:57.0199 5496 EventSystem - ok
12:36:57.0263 5496 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
12:36:57.0282 5496 exfat - ok
12:36:57.0327 5496 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
12:36:57.0361 5496 fastfat - ok
12:36:57.0452 5496 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
12:36:57.0496 5496 fdc - ok
12:36:57.0640 5496 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
12:36:57.0683 5496 fdPHost - ok
12:36:57.0760 5496 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
12:36:57.0826 5496 FDResPub - ok
12:36:57.0841 5496 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
12:36:57.0854 5496 FileInfo - ok
12:36:57.0878 5496 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
12:36:57.0920 5496 Filetrace - ok
12:36:58.0133 5496 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:36:58.0190 5496 FLEXnet Licensing Service - ok
12:36:58.0416 5496 FLEXnet Licensing Service 64 (1c3fb052a0bb72edaed90785c34d6eed) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:36:58.0450 5496 FLEXnet Licensing Service 64 - ok
12:36:58.0518 5496 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
12:36:58.0562 5496 flpydisk - ok
12:36:58.0696 5496 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
12:36:58.0714 5496 FltMgr - ok
12:36:58.0811 5496 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
12:36:58.0851 5496 FontCache - ok
12:36:59.0018 5496 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:36:59.0028 5496 FontCache3.0.0.0 - ok
12:36:59.0151 5496 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
12:36:59.0183 5496 Fs_Rec - ok
12:36:59.0217 5496 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
12:36:59.0230 5496 gagp30kx - ok
12:36:59.0354 5496 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:36:59.0364 5496 GEARAspiWDM - ok
12:36:59.0596 5496 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
12:36:59.0651 5496 gpsvc - ok
12:36:59.0816 5496 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:36:59.0828 5496 gupdate - ok
12:36:59.0832 5496 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:36:59.0843 5496 gupdatem - ok
12:37:00.0090 5496 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
12:37:00.0109 5496 HdAudAddService - ok
12:37:00.0414 5496 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:37:00.0465 5496 HDAudBus - ok
12:37:00.0628 5496 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
12:37:00.0693 5496 HidBth - ok
12:37:00.0778 5496 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
12:37:00.0843 5496 HidIr - ok
12:37:00.0937 5496 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
12:37:00.0968 5496 hidserv - ok
12:37:01.0169 5496 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
12:37:01.0200 5496 HidUsb - ok
12:37:01.0277 5496 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
12:37:01.0323 5496 hkmsvc - ok
12:37:01.0425 5496 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
12:37:01.0438 5496 HpCISSs - ok
12:37:01.0581 5496 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
12:37:01.0657 5496 HTTP - ok
12:37:01.0718 5496 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
12:37:01.0729 5496 i2omp - ok
12:37:01.0796 5496 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
12:37:01.0827 5496 i8042prt - ok
12:37:01.0859 5496 iaStor (fc28e90f2204d8fd147fa9bfa8a51c01) C:\Windows\system32\drivers\iastor.sys
12:37:01.0878 5496 iaStor - ok
12:37:01.0911 5496 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
12:37:01.0927 5496 iaStorV - ok
12:37:02.0060 5496 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:37:02.0122 5496 idsvc - ok
12:37:02.0161 5496 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
12:37:02.0174 5496 iirsp - ok
12:37:02.0339 5496 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
12:37:02.0376 5496 IKEEXT - ok
12:37:02.0502 5496 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\DRIVERS\intelide.sys
12:37:02.0509 5496 intelide - ok
12:37:02.0628 5496 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
12:37:02.0657 5496 intelppm - ok
12:37:03.0019 5496 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
12:37:03.0049 5496 IPBusEnum - ok
12:37:03.0313 5496 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:37:03.0341 5496 IpFilterDriver - ok
12:37:03.0405 5496 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
12:37:03.0420 5496 iphlpsvc - ok
12:37:03.0431 5496 IpInIp - ok
12:37:03.0491 5496 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
12:37:03.0521 5496 IPMIDRV - ok
12:37:03.0566 5496 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
12:37:03.0600 5496 IPNAT - ok
12:37:03.0776 5496 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
12:37:03.0833 5496 iPod Service - ok
12:37:03.0898 5496 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
12:37:03.0933 5496 IRENUM - ok
12:37:03.0982 5496 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
12:37:03.0992 5496 isapnp - ok
12:37:04.0065 5496 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
12:37:04.0079 5496 iScsiPrt - ok
12:37:04.0131 5496 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
12:37:04.0140 5496 iteatapi - ok
12:37:04.0194 5496 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
12:37:04.0204 5496 iteraid - ok
12:37:04.0311 5496 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
12:37:04.0322 5496 kbdclass - ok
12:37:04.0442 5496 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
12:37:04.0468 5496 kbdhid - ok
12:37:04.0552 5496 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
12:37:04.0568 5496 KeyIso - ok
12:37:04.0700 5496 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
12:37:04.0724 5496 KSecDD - ok
12:37:04.0747 5496 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
12:37:04.0786 5496 ksthunk - ok
12:37:04.0873 5496 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
12:37:04.0929 5496 KtmRm - ok
12:37:05.0025 5496 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
12:37:05.0042 5496 LanmanServer - ok
12:37:05.0106 5496 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
12:37:05.0126 5496 LanmanWorkstation - ok
12:37:05.0225 5496 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
12:37:05.0268 5496 lltdio - ok
12:37:05.0400 5496 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
12:37:05.0446 5496 lltdsvc - ok
12:37:05.0530 5496 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
12:37:05.0573 5496 lmhosts - ok
12:37:05.0871 5496 LMIGuardianSvc (e01fded75312652de448e5aa792afa59) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
12:37:05.0905 5496 LMIGuardianSvc - ok
12:37:05.0964 5496 lmimirr - ok
12:37:06.0105 5496 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
12:37:06.0119 5496 LSI_FC - ok
12:37:06.0185 5496 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
12:37:06.0198 5496 LSI_SAS - ok
12:37:06.0287 5496 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
12:37:06.0301 5496 LSI_SCSI - ok
12:37:06.0375 5496 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
12:37:06.0418 5496 luafv - ok
12:37:06.0514 5496 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
12:37:06.0531 5496 Mcx2Svc - ok
12:37:06.0663 5496 mdmxsdk (a3b8f49446f15931e46380151e73221f) C:\Windows\system32\DRIVERS\ACFSDK64.sys
12:37:06.0675 5496 mdmxsdk - ok
12:37:06.0760 5496 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
12:37:06.0772 5496 megasas - ok
12:37:06.0900 5496 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
12:37:06.0939 5496 MegaSR - ok
12:37:07.0039 5496 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
12:37:07.0081 5496 MMCSS - ok
12:37:07.0155 5496 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
12:37:07.0197 5496 Modem - ok
12:37:07.0265 5496 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
12:37:07.0308 5496 monitor - ok
12:37:07.0372 5496 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
12:37:07.0385 5496 mouclass - ok
12:37:07.0461 5496 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
12:37:07.0504 5496 mouhid - ok
12:37:07.0567 5496 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
12:37:07.0580 5496 MountMgr - ok
12:37:07.0682 5496 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
12:37:07.0696 5496 mpio - ok
12:37:07.0770 5496 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
12:37:07.0802 5496 mpsdrv - ok
12:37:07.0918 5496 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
12:37:08.0338 5496 MpsSvc - ok
12:37:08.0604 5496 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
12:37:08.0615 5496 Mraid35x - ok
12:37:08.0786 5496 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
12:37:08.0807 5496 MRxDAV - ok
12:37:08.0889 5496 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:37:08.0906 5496 mrxsmb - ok
12:37:08.0997 5496 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:37:09.0016 5496 mrxsmb10 - ok
12:37:09.0052 5496 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:37:09.0068 5496 mrxsmb20 - ok
12:37:09.0121 5496 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
12:37:09.0154 5496 msahci - ok
12:37:09.0199 5496 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
12:37:09.0212 5496 msdsm - ok
12:37:09.0329 5496 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
12:37:09.0374 5496 MSDTC - ok
12:37:09.0454 5496 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
12:37:09.0496 5496 Msfs - ok
12:37:09.0553 5496 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
12:37:09.0565 5496 msisadrv - ok
12:37:09.0661 5496 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
12:37:09.0705 5496 MSiSCSI - ok
12:37:09.0719 5496 msiserver - ok
12:37:09.0758 5496 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
12:37:09.0801 5496 MSKSSRV - ok
12:37:09.0841 5496 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
12:37:09.0883 5496 MSPCLOCK - ok
12:37:09.0954 5496 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
12:37:09.0997 5496 MSPQM - ok
12:37:10.0140 5496 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
12:37:10.0158 5496 MsRPC - ok
12:37:10.0236 5496 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
12:37:10.0248 5496 mssmbios - ok
12:37:10.0318 5496 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
12:37:10.0361 5496 MSTEE - ok
12:37:10.0416 5496 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
12:37:10.0431 5496 Mup - ok
12:37:10.0490 5496 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
12:37:10.0554 5496 napagent - ok
12:37:10.0655 5496 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
12:37:10.0675 5496 NativeWifiP - ok
12:37:10.0798 5496 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
12:37:10.0883 5496 NDIS - ok
12:37:10.0976 5496 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
12:37:11.0008 5496 NdisTapi - ok
12:37:11.0071 5496 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
12:37:11.0113 5496 Ndisuio - ok
12:37:11.0193 5496 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
12:37:11.0225 5496 NdisWan - ok
12:37:11.0296 5496 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
12:37:11.0327 5496 NDProxy - ok
12:37:11.0445 5496 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
12:37:11.0450 5496 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:37:11.0450 5496 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:37:11.0544 5496 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
12:37:11.0587 5496 NetBIOS - ok
12:37:11.0714 5496 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
12:37:11.0748 5496 netbt - ok
12:37:12.0131 5496 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
12:37:12.0147 5496 Netlogon - ok
12:37:12.0275 5496 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
12:37:12.0331 5496 Netman - ok
12:37:12.0471 5496 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:12.0484 5496 NetMsmqActivator - ok
12:37:12.0500 5496 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:12.0513 5496 NetPipeActivator - ok
12:37:12.0564 5496 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
12:37:12.0611 5496 netprofm - ok
12:37:12.0781 5496 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:12.0794 5496 NetTcpActivator - ok
12:37:12.0798 5496 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:12.0810 5496 NetTcpPortSharing - ok
12:37:12.0864 5496 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
12:37:12.0876 5496 nfrd960 - ok
12:37:12.0944 5496 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
12:37:12.0989 5496 NlaSvc - ok
12:37:13.0078 5496 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
12:37:13.0109 5496 Npfs - ok
12:37:13.0185 5496 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
12:37:13.0228 5496 nsi - ok
12:37:13.0311 5496 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
12:37:13.0354 5496 nsiproxy - ok
12:37:13.0614 5496 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
12:37:13.0675 5496 Ntfs - ok
12:37:13.0962 5496 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
12:37:14.0004 5496 Null - ok
12:37:14.0094 5496 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
12:37:14.0108 5496 nvraid - ok
12:37:14.0160 5496 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
12:37:14.0173 5496 nvstor - ok
12:37:14.0195 5496 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
12:37:14.0209 5496 nv_agp - ok
12:37:14.0290 5496 NwlnkFlt - ok
12:37:14.0365 5496 NwlnkFwd - ok
12:37:14.0471 5496 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:37:14.0492 5496 odserv - ok
12:37:14.0559 5496 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
12:37:14.0591 5496 ohci1394 - ok
12:37:14.0646 5496 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:37:14.0658 5496 ose - ok
12:37:14.0792 5496 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
12:37:14.0843 5496 p2pimsvc - ok
12:37:14.0858 5496 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
12:37:14.0889 5496 p2psvc - ok
12:37:14.0981 5496 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
12:37:15.0046 5496 Parport - ok
12:37:15.0168 5496 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
12:37:15.0183 5496 partmgr - ok
12:37:15.0255 5496 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
12:37:15.0279 5496 PcaSvc - ok
12:37:15.0446 5496 PCD5SRVC{048DBD20-445E8C82-05040104} (58c1cd52347c4835dc3606cd4723f426) C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms
12:37:15.0456 5496 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
12:37:15.0626 5496 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
12:37:15.0643 5496 pci - ok
12:37:15.0715 5496 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
12:37:15.0729 5496 pciide - ok
12:37:15.0819 5496 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
12:37:15.0835 5496 pcmcia - ok
12:37:15.0996 5496 PCTBD (7b92f2574a45a99da507a153c7920e8a) C:\Windows\system32\Drivers\PCTBD64.sys
12:37:16.0005 5496 PCTBD - ok
12:37:16.0147 5496 PCTCore (d48bd0ff27afb97005b33c9b6d26da3f) C:\Windows\system32\drivers\PCTCore64.sys
12:37:16.0193 5496 PCTCore - ok
12:37:16.0234 5496 pctDS (1335454528adfa13e1d3c4fa3fdbdc42) C:\Windows\system32\drivers\pctDS64.sys
12:37:16.0252 5496 pctDS - ok
12:37:16.0416 5496 pctEFA (df2a2505f17319dada4b204688cec0c2) C:\Windows\system32\drivers\pctEFA64.sys
12:37:16.0493 5496 pctEFA - ok
12:37:16.0685 5496 pctgntdi (3c5daa3cfba8b413ca8df5e8f742948e) C:\Windows\System32\drivers\pctgntdi64.sys
12:37:16.0712 5496 pctgntdi - ok
12:37:16.0995 5496 PCToolsSSDMonitorSvc (a0937771070bf59468b4939dd0ae59fd) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
12:37:17.0066 5496 PCToolsSSDMonitorSvc - ok
12:37:17.0235 5496 pctplsg (d263246e4484170c3a15fabca8168bdb) C:\Windows\System32\drivers\pctplsg64.sys
12:37:17.0245 5496 pctplsg - ok
12:37:17.0359 5496 PCTSD (9b7670b21e7fcbe9da9c4a751f31cca6) C:\Windows\system32\Drivers\PCTSD64.sys
12:37:17.0372 5496 PCTSD - ok
12:37:17.0436 5496 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
12:37:17.0512 5496 PEAUTH - ok
12:37:17.0586 5496 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
12:37:17.0628 5496 PerfHost - ok
12:37:17.0794 5496 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
12:37:17.0851 5496 pla - ok
12:37:17.0933 5496 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
12:37:17.0968 5496 PlugPlay - ok
12:37:18.0099 5496 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
12:37:18.0105 5496 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:37:18.0105 5496 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:37:18.0201 5496 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
12:37:18.0261 5496 PNRPAutoReg - ok
12:37:18.0298 5496 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
12:37:18.0329 5496 PNRPsvc - ok
12:37:18.0387 5496 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
12:37:18.0427 5496 PolicyAgent - ok
12:37:18.0496 5496 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
12:37:18.0530 5496 PptpMiniport - ok
12:37:18.0566 5496 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
12:37:18.0610 5496 Processor - ok
12:37:18.0780 5496 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
12:37:18.0813 5496 ProfSvc - ok
12:37:18.0994 5496 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
12:37:19.0011 5496 ProtectedStorage - ok
12:37:19.0135 5496 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
12:37:19.0195 5496 PSched - ok
12:37:19.0290 5496 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
12:37:19.0300 5496 PxHlpa64 - ok
12:37:19.0445 5496 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
12:37:19.0494 5496 ql2300 - ok
12:37:19.0541 5496 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
12:37:19.0554 5496 ql40xx - ok
12:37:19.0791 5496 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
12:37:19.0812 5496 QWAVE - ok
12:37:19.0928 5496 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
12:37:19.0945 5496 QWAVEdrv - ok
12:37:20.0342 5496 R300 (4ac28891bb930b0cdff8d958de34488a) C:\Windows\system32\DRIVERS\atikmdag.sys
12:37:20.0482 5496 R300 - ok
12:37:20.0707 5496 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
12:37:20.0748 5496 RasAcd - ok
12:37:20.0807 5496 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
12:37:20.0852 5496 RasAuto - ok
12:37:21.0023 5496 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:37:21.0054 5496 Rasl2tp - ok
12:37:21.0199 5496 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
12:37:21.0235 5496 RasMan - ok
12:37:21.0351 5496 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
12:37:21.0383 5496 RasPppoe - ok
12:37:21.0462 5496 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
12:37:21.0478 5496 RasSstp - ok
12:37:21.0535 5496 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
12:37:21.0570 5496 rdbss - ok
12:37:21.0627 5496 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:37:21.0672 5496 RDPCDD - ok
12:37:21.0800 5496 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
12:37:21.0850 5496 rdpdr - ok
12:37:21.0993 5496 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
12:37:22.0040 5496 RDPENCDD - ok
12:37:22.0243 5496 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
12:37:22.0261 5496 RDPWD - ok
12:37:22.0291 5496 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
12:37:22.0340 5496 RemoteAccess - ok
12:37:22.0381 5496 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
12:37:22.0418 5496 RemoteRegistry - ok
12:37:22.0439 5496 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
12:37:22.0455 5496 RpcLocator - ok
12:37:22.0678 5496 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
12:37:22.0731 5496 RpcSs - ok
12:37:22.0831 5496 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
12:37:22.0877 5496 rspndr - ok
12:37:22.0984 5496 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
12:37:23.0000 5496 SamSs - ok
12:37:23.0077 5496 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
12:37:23.0089 5496 sbp2port - ok
12:37:23.0247 5496 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
12:37:23.0282 5496 SCardSvr - ok
12:37:23.0425 5496 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
12:37:23.0511 5496 Schedule - ok
12:37:23.0594 5496 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
12:37:23.0627 5496 SCPolicySvc - ok
12:37:23.0817 5496 sdAuxService (17d6a03103586d7954ba74c2219ce1bb) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
12:37:23.0835 5496 sdAuxService - ok
12:37:23.0910 5496 sdCoreService (d2b30a5a8f57c00b0fa84a8880e9ec5b) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
12:37:24.0003 5496 sdCoreService - ok
12:37:24.0063 5496 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
12:37:24.0081 5496 SDRSVC - ok
12:37:24.0131 5496 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:37:24.0202 5496 secdrv - ok
12:37:24.0229 5496 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
12:37:24.0276 5496 seclogon - ok
12:37:24.0370 5496 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\system32\sens.dll
12:37:24.0417 5496 SENS - ok
12:37:24.0512 5496 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
12:37:24.0584 5496 Serenum - ok
12:37:24.0669 5496 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
12:37:24.0741 5496 Serial - ok
12:37:24.0785 5496 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
12:37:24.0830 5496 sermouse - ok
12:37:24.0938 5496 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
12:37:24.0969 5496 SessionEnv - ok
12:37:25.0038 5496 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
12:37:25.0067 5496 sffdisk - ok
12:37:25.0199 5496 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
12:37:25.0229 5496 sffp_mmc - ok
12:37:25.0276 5496 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
12:37:25.0305 5496 sffp_sd - ok
12:37:25.0355 5496 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
12:37:25.0403 5496 sfloppy - ok
12:37:25.0513 5496 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
12:37:25.0561 5496 SharedAccess - ok
12:37:25.0662 5496 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
12:37:25.0676 5496 ShellHWDetection - ok
12:37:25.0815 5496 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
12:37:25.0824 5496 SiSRaid2 - ok
12:37:25.0858 5496 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
12:37:25.0867 5496 SiSRaid4 - ok
12:37:26.0055 5496 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
12:37:26.0130 5496 slsvc - ok
12:37:26.0231 5496 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
12:37:26.0258 5496 SLUINotify - ok
12:37:26.0304 5496 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
12:37:26.0331 5496 Smb - ok
12:37:26.0437 5496 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
12:37:26.0451 5496 SNMPTRAP - ok
12:37:26.0503 5496 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
12:37:26.0514 5496 spldr - ok
12:37:26.0678 5496 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
12:37:26.0695 5496 Spooler - ok
12:37:26.0769 5496 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
12:37:26.0780 5496 sprtsvc_DellSupportCenter - ok
12:37:26.0958 5496 SpyHunter 4 Service (45a20a8416ee7dc7711953cc68b07643) C:\PROGRA~1\Enigma Software Group\SpyHunter\SH4Service.exe
12:37:27.0037 5496 SpyHunter 4 Service - ok
12:37:27.0182 5496 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
12:37:27.0208 5496 srv - ok
12:37:27.0280 5496 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
12:37:27.0297 5496 srv2 - ok
12:37:27.0332 5496 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
12:37:27.0349 5496 srvnet - ok
12:37:27.0418 5496 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
12:37:27.0466 5496 SSDPSRV - ok
12:37:27.0503 5496 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
12:37:27.0521 5496 SstpSvc - ok
12:37:27.0618 5496 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
12:37:27.0662 5496 stisvc - ok
12:37:27.0787 5496 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
12:37:27.0797 5496 stllssvr - ok
12:37:27.0984 5496 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
12:37:27.0995 5496 swenum - ok
12:37:28.0180 5496 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
12:37:28.0224 5496 swprv - ok
12:37:28.0292 5496 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
12:37:28.0304 5496 Symc8xx - ok
12:37:28.0372 5496 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
12:37:28.0383 5496 Sym_hi - ok
12:37:28.0439 5496 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
12:37:28.0451 5496 Sym_u3 - ok
12:37:28.0565 5496 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
12:37:28.0655 5496 SysMain - ok
12:37:28.0829 5496 t3 (2db4c095927423ed14e6acaa21b101eb) C:\Windows\system32\drivers\t3.sys
12:37:28.0857 5496 t3 - ok
12:37:28.0924 5496 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
12:37:28.0943 5496 TabletInputService - ok
12:37:29.0021 5496 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
12:37:29.0059 5496 TapiSrv - ok
12:37:29.0109 5496 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
12:37:29.0157 5496 TBS - ok
12:37:29.0315 5496 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
12:37:29.0561 5496 Tcpip - ok
12:37:29.0894 5496 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
12:37:29.0956 5496 Tcpip6 - ok
12:37:30.0079 5496 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
12:37:30.0095 5496 tcpipreg - ok
12:37:30.0231 5496 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
12:37:30.0278 5496 TDPIPE - ok
12:37:30.0301 5496 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
12:37:30.0348 5496 TDTCP - ok
12:37:30.0421 5496 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
12:37:30.0456 5496 tdx - ok
12:37:30.0500 5496 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
12:37:30.0514 5496 TermDD - ok
12:37:30.0690 5496 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
12:37:30.0763 5496 TermService - ok
12:37:30.0859 5496 TfFsMon (9cd5c339754e2310790ca27dbbd31f88) C:\Windows\system32\drivers\TfFsMon.sys
12:37:30.0868 5496 TfFsMon - ok
12:37:30.0926 5496 TfNetMon (00809507fafa1be93dbbace5029f27bb) C:\Windows\system32\drivers\TfNetMon.sys
12:37:30.0935 5496 TfNetMon - ok
12:37:31.0286 5496 TFSysMon (3593a7b1264fba24fe9e097a99b3e848) C:\Windows\system32\drivers\TfSysMon.sys
12:37:31.0311 5496 TFSysMon - ok
12:37:31.0401 5496 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
12:37:31.0421 5496 Themes - ok
12:37:31.0484 5496 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
12:37:31.0531 5496 THREADORDER - ok
12:37:31.0679 5496 ThreatFire - ok
12:37:31.0779 5496 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
12:37:31.0827 5496 TrkWks - ok
12:37:31.0927 5496 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
12:37:31.0960 5496 TrustedInstaller - ok
12:37:32.0134 5496 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:37:32.0181 5496 tssecsrv - ok
12:37:32.0330 5496 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
12:37:32.0346 5496 tunmp - ok
12:37:32.0448 5496 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
12:37:32.0463 5496 tunnel - ok
12:37:32.0666 5496 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
12:37:32.0679 5496 uagp35 - ok
12:37:32.0775 5496 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
12:37:32.0811 5496 udfs - ok
12:37:32.0889 5496 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
12:37:32.0936 5496 UI0Detect - ok
12:37:33.0029 5496 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
12:37:33.0041 5496 uliagpkx - ok
12:37:33.0193 5496 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
12:37:33.0209 5496 uliahci - ok
12:37:33.0337 5496 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
12:37:33.0352 5496 UlSata - ok
12:37:33.0429 5496 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
12:37:33.0443 5496 ulsata2 - ok
12:37:33.0521 5496 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
12:37:33.0567 5496 umbus - ok
12:37:33.0709 5496 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
12:37:33.0764 5496 upnphost - ok
12:37:33.0845 5496 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
12:37:33.0849 5496 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
12:37:33.0849 5496 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
12:37:33.0919 5496 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
12:37:33.0954 5496 usbccgp - ok
12:37:33.0987 5496 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
12:37:34.0060 5496 usbcir - ok
12:37:34.0153 5496 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
12:37:34.0187 5496 usbehci - ok
12:37:34.0343 5496 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
12:37:34.0380 5496 usbhub - ok
12:37:34.0426 5496 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
12:37:34.0497 5496 usbohci - ok
12:37:34.0552 5496 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
12:37:34.0597 5496 usbprint - ok
12:37:34.0714 5496 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
12:37:34.0748 5496 usbscan - ok
12:37:34.0796 5496 usbser (f7386007fb19e7685fc7b298560aa81f) C:\Windows\system32\DRIVERS\usbser.sys
12:37:34.0829 5496 usbser - ok
12:37:34.0873 5496 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:37:34.0907 5496 USBSTOR - ok
12:37:34.0958 5496 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
12:37:34.0991 5496 usbuhci - ok
12:37:35.0106 5496 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
12:37:35.0140 5496 UxSms - ok
12:37:35.0246 5496 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
12:37:35.0300 5496 vds - ok
12:37:35.0339 5496 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
12:37:35.0386 5496 vga - ok
12:37:35.0453 5496 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
12:37:35.0499 5496 VgaSave - ok
12:37:35.0559 5496 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
12:37:35.0571 5496 viaide - ok
12:37:35.0618 5496 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
12:37:35.0633 5496 volmgr - ok
12:37:35.0707 5496 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
12:37:35.0734 5496 volmgrx - ok
12:37:35.0809 5496 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
12:37:35.0828 5496 volsnap - ok
12:37:35.0854 5496 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
12:37:35.0868 5496 vsmraid - ok
12:37:35.0985 5496 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
12:37:36.0078 5496 VSS - ok
12:37:36.0145 5496 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
12:37:36.0196 5496 W32Time - ok
12:37:36.0217 5496 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
12:37:36.0290 5496 WacomPen - ok
12:37:36.0421 5496 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
12:37:36.0456 5496 Wanarp - ok
12:37:36.0460 5496 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
12:37:36.0495 5496 Wanarpv6 - ok
12:37:36.0695 5496 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
12:37:36.0734 5496 wcncsvc - ok
12:37:36.0760 5496 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
12:37:36.0795 5496 WcsPlugInService - ok
12:37:36.0835 5496 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
12:37:36.0847 5496 Wd - ok
12:37:36.0970 5496 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
12:37:37.0023 5496 Wdf01000 - ok
12:37:37.0061 5496 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
12:37:37.0110 5496 WdiServiceHost - ok
12:37:37.0133 5496 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
12:37:37.0180 5496 WdiSystemHost - ok
12:37:37.0259 5496 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
12:37:37.0281 5496 WebClient - ok
12:37:37.0336 5496 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
12:37:37.0355 5496 Wecsvc - ok
12:37:37.0423 5496 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
12:37:37.0458 5496 wercplsupport - ok
12:37:37.0483 5496 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
12:37:37.0518 5496 WerSvc - ok
12:37:37.0559 5496 WinDefend - ok
12:37:37.0566 5496 WinHttpAutoProxySvc - ok
12:37:37.0750 5496 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
12:37:37.0788 5496 Winmgmt - ok
12:37:38.0062 5496 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
12:37:38.0124 5496 WinRM - ok
12:37:38.0278 5496 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
12:37:38.0307 5496 Wlansvc - ok
12:37:38.0385 5496 WmiAcpi (7999dfb1c555efc0db69576f70027867) C:\Windows\system32\drivers\wmiacpi.sys
12:37:38.0400 5496 WmiAcpi - ok
12:37:38.0520 5496 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
12:37:38.0557 5496 wmiApSrv - ok
12:37:38.0618 5496 WMPNetworkSvc - ok
12:37:38.0723 5496 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
12:37:38.0741 5496 WPCSvc - ok
12:37:38.0825 5496 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
12:37:38.0843 5496 WPDBusEnum - ok
12:37:38.0986 5496 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
12:37:39.0002 5496 WpdUsb - ok
12:37:39.0170 5496 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:37:39.0271 5496 WPFFontCache_v0400 - ok
12:37:39.0338 5496 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
12:37:39.0385 5496 ws2ifsl - ok
12:37:39.0432 5496 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll
12:37:39.0453 5496 wscsvc - ok
12:37:39.0460 5496 WSearch - ok
12:37:39.0668 5496 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
12:37:39.0765 5496 wuauserv - ok
12:37:39.0860 5496 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:37:39.0910 5496 WUDFRd - ok
12:37:40.0021 5496 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
12:37:40.0070 5496 wudfsvc - ok
12:37:40.0186 5496 XAudio (83df798b830a215c7bfe1836edeee4b4) C:\Windows\system32\DRIVERS\ACFXAU64.sys
12:37:40.0190 5496 XAudio ( UnsignedFile.Multi.Generic ) - warning
12:37:40.0190 5496 XAudio - detected UnsignedFile.Multi.Generic (1)
12:37:40.0291 5496 XAudioService (940bd17ff643d6faffee5c865d8da5d9) C:\Windows\system32\DRIVERS\ACFXAU64.exe
12:37:40.0321 5496 XAudioService ( UnsignedFile.Multi.Generic ) - warning
12:37:40.0321 5496 XAudioService - detected UnsignedFile.Multi.Generic (1)
12:37:40.0355 5496 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:37:40.0870 5496 \Device\Harddisk0\DR0 - ok
12:37:40.0873 5496 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
12:37:41.0411 5496 \Device\Harddisk1\DR1 - ok
12:37:41.0425 5496 Boot (0x1200) (454eff057382085bb664ec69b3a20dee) \Device\Harddisk0\DR0\Partition0
12:37:41.0427 5496 \Device\Harddisk0\DR0\Partition0 - ok
12:37:41.0439 5496 Boot (0x1200) (c43733497a8ba95292c6c684deb2d034) \Device\Harddisk0\DR0\Partition1
12:37:41.0442 5496 \Device\Harddisk0\DR0\Partition1 - ok
12:37:41.0490 5496 Boot (0x1200) (fa322cefc240f68b980305e32af1faa3) \Device\Harddisk0\DR0\Partition2
12:37:41.0579 5496 \Device\Harddisk0\DR0\Partition2 - ok
12:37:41.0582 5496 Boot (0x1200) (9d261b075d044a40ca290374a0a3dc4b) \Device\Harddisk1\DR1\Partition0
12:37:41.0585 5496 \Device\Harddisk1\DR1\Partition0 - ok
12:37:41.0585 5496 ============================================================
12:37:41.0585 5496 Scan finished
12:37:41.0585 5496 ============================================================
12:37:41.0591 4424 Detected object count: 10
12:37:41.0591 4424 Actual detected object count: 10
12:39:16.0920 4424 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0920 4424 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:39:16.0921 4424 AdobeVersionCue ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0921 4424 AdobeVersionCue ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:39:16.0922 4424 Creative ALchemy AL1 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0922 4424 Creative ALchemy AL1 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:39:16.0923 4424 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0923 4424 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:39:16.0924 4424 dgcfltr ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0924 4424 dgcfltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:39:16.0925 4424 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0925 4424 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:39:16.0926 4424 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0926 4424 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:39:16.0926 4424 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0926 4424 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:39:16.0927 4424 XAudio ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0927 4424 XAudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:39:16.0928 4424 XAudioService ( UnsignedFile.Multi.Generic ) - skipped by user
12:39:16.0928 4424 XAudioService ( UnsignedFile.Multi.Generic ) - User select action: Skip

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-02 13:02:59
-----------------------------
13:02:59.456 OS Version: Windows x64 6.0.6002 Service Pack 2
13:02:59.456 Number of processors: 8 586 0x1A04
13:02:59.457 ComputerName: MOMMY-PC UserName: Mommy
13:03:05.395 Initialize success
13:03:08.811 AVAST engine defs: 12040200
13:03:22.070 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:03:22.073 Disk 0 Vendor: ST3750630AS DE13 Size: 715404MB BusType: 3
13:03:22.082 Disk 0 MBR read successfully
13:03:22.086 Disk 0 MBR scan
13:03:22.101 Disk 0 Windows VISTA default MBR code
13:03:22.105 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
13:03:22.127 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 145408
13:03:22.158 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 441693 MB offset 31602688
13:03:22.172 Disk 0 Partition - 00 0F Extended LBA 258278 MB offset 936192000
13:03:22.208 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 258277 MB offset 936194048
13:03:22.270 Disk 0 scanning C:\Windows\system32\drivers
13:03:37.979 Service scanning
13:04:06.486 Modules scanning
13:04:06.497 Disk 0 trace - called modules:
13:04:06.733 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:04:06.740 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005935060]
13:04:06.747 3 CLASSPNP.SYS[fffffa60012abc33] -> nt!IofCallDriver -> [0xfffffa80068d5cf0]
13:04:06.755 5 PCTCore64.sys[fffffa6000accf38] -> nt!IofCallDriver -> [0xfffffa80059057e0]
13:04:06.762 7 acpi.sys[fffffa6000939fde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80065a7060]
13:04:09.084 AVAST engine scan C:\Windows
13:04:15.344 AVAST engine scan C:\Windows\system32
13:10:06.189 AVAST engine scan C:\Windows\system32\drivers
13:10:38.782 AVAST engine scan C:\Users\Mommy
13:16:46.737 Disk 0 MBR has been saved successfully to "C:\Users\Mommy\Desktop\Bleeping computer\MBR.dat"
13:16:46.747 The log file has been saved successfully to "C:\Users\Mommy\Desktop\Bleeping computer\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-02 13:21:27
-----------------------------
13:21:27.822 OS Version: Windows x64 6.0.6002 Service Pack 2
13:21:27.822 Number of processors: 8 586 0x1A04
13:21:27.822 ComputerName: MOMMY-PC UserName: Mommy
13:21:30.864 Initialize success
13:21:38.228 AVAST engine defs: 12040200
13:21:43.656 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:21:43.656 Disk 0 Vendor: ST3750630AS DE13 Size: 715404MB BusType: 3
13:21:43.688 Disk 0 MBR read successfully
13:21:43.688 Disk 0 MBR scan
13:21:43.688 Disk 0 Windows VISTA default MBR code
13:21:43.703 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
13:21:43.734 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 145408
13:21:43.750 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 441693 MB offset 31602688
13:21:43.750 Disk 0 Partition - 00 0F Extended LBA 258278 MB offset 936192000
13:21:43.859 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 258277 MB offset 936194048
13:21:43.968 Disk 0 scanning C:\Windows\system32\drivers
13:22:03.063 Service scanning
13:22:24.435 Modules scanning
13:22:24.435 Disk 0 trace - called modules:
13:22:24.482 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
13:22:24.497 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005935060]
13:22:24.497 3 CLASSPNP.SYS[fffffa60012abc33] -> nt!IofCallDriver -> [0xfffffa80068d5cf0]
13:22:24.513 5 PCTCore64.sys[fffffa6000accf38] -> nt!IofCallDriver -> [0xfffffa80059057e0]
13:22:24.513 7 acpi.sys[fffffa6000939fde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80065a7060]
13:22:26.166 AVAST engine scan C:\Windows
13:22:50.674 AVAST engine scan C:\Windows\system32
13:27:20.273 AVAST engine scan C:\Windows\system32\drivers
13:27:36.232 AVAST engine scan C:\Users\Mommy
13:35:58.162 AVAST engine scan C:\ProgramData
13:42:48.957 Scan finished successfully

I'm not sure computer was scanned with extra definitions because I forgot to save log and had to redo, at which point I wasn't asked permission for anything.

ComboFix did not fix my problem :killcomp:

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:53 AM

Posted 02 April 2012 - 01:10 PM

Hello


I want you to check all your browsers and let me know which ones are redirecting

FireFox

IE

Chrome

any browser that is installed


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 emenc

emenc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:53 AM

Posted 03 April 2012 - 11:37 AM

Hello. Back from googling as much as I possibly could, I believe the problem seems to be Mozilla based. I'm hoping that's good news.

Edited by emenc, 03 April 2012 - 11:37 AM.


#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:53 AM

Posted 04 April 2012 - 12:07 AM

Hello


yes it is - I want you to uninstall Firefox and if asked about user data or settings then I want that removed also


reinstall firefox and check for redirects again


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 emenc

emenc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:53 AM

Posted 05 April 2012 - 11:19 AM

Hello and thanks. I'll do that as soon as I get a chance. I won't have much time to test my reinstalled Mozilla because I'll be offline for some time, longer than the 3 day allowance for responses before the thread closes. I want to resolve this issue, though, without having to start from the beginning. Can you keep the thread alive for me until I get back, like in a week and half?

Thanks so much.

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:01:53 AM

Posted 05 April 2012 - 11:21 AM

What we can do is I will close this and when you get back just give me a pm and I will reopen it for you - Is that OK with you?



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 emenc

emenc
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:53 AM

Posted 05 April 2012 - 01:16 PM

Perfect. Thanks much.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users