Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please help Diagnose


  • This topic is locked This topic is locked
27 replies to this topic

#1 renegadestar87

renegadestar87

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 13 April 2012 - 02:36 PM

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:25:01 PM, on 4/13/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\PROGRA~1\AVG\AVG2012\avgrsx.exe
E:\Program Files\AVG\AVG2012\avgcsrvx.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\vcsFPService.exe
E:\WINDOWS\System32\WLTRYSVC.EXE
E:\WINDOWS\System32\bcmwltry.exe
E:\WINDOWS\system32\spoolsv.exe
e:\program files\idt\wdm\stacsv.exe
E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
E:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
E:\Program Files\AVG\AVG2012\avgfws.exe
E:\Program Files\AVG\AVG2012\avgwdsvc.exe
E:\WINDOWS\system32\FsUsbExService.Exe
E:\Program Files\AVG\AVG2012\avgnsx.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
E:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
E:\WINDOWS\system32\UAService7.exe
E:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
E:\Program Files\AVG\AVG2012\avgcsrvx.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\IDT\WDM\sttray.exe
E:\WINDOWS\system32\AESTFltr.exe
E:\Program Files\Synaptics\SynTP\SynTPEnh.exe
E:\WINDOWS\system32\WLTRAY.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
E:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\AVG\AVG2012\avgtray.exe
E:\Program Files\AVG Secure Search\vprot.exe
E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
E:\Program Files\Windows Desktop Search\WindowsSearch.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
E:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
E:\WINDOWS\system32\msiexec.exe
E:\WINDOWS\system32\rundll32.exe
E:\DOCUME~1\Owner\LOCALS~1\Temp\_AI3D.tmp\Setup.exe
E:\WINDOWS\system32\MsiExec.exe
E:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
E:\WINDOWS\system32\MsiExec.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/solidyoutube/{CB8778D8-4D70-43E0-BA53-9E2147B25C2F}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/solidyoutube/{CB8778D8-4D70-43E0-BA53-9E2147B25C2F}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - E:\Program Files\NCH_EN\prxtbNCH_.dll
F2 - REG:system.ini: UserInit=E:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - E:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: NCH EN - {37483b40-c254-4a72-bda4-22ee90182c1e} - E:\Program Files\NCH_EN\prxtbNCH_.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - E:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - E:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] E:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [FreeFallProtection] E:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "E:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "E:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "E:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "E:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "E:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Akamai NetSession Interface] E:\Documents and Settings\Owner\Local Settings\Application Data\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [KiesTrayAgent] E:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = E:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://euvpn.interpublic.com/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - E:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - E:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - E:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - E:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SAMSUNG KiesAllShare Service (KiesAllShare) - Unknown owner - E:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - E:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - E:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - E:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - e:\program files\idt\wdm\stacsv.exe
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - E:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - E:\WINDOWS\system32\UAService7.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - E:\WINDOWS\system32\vcsFPService.exe
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - E:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
O23 - Service: DW WLAN Tray Service (wltrysvc) - Unknown owner - E:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: WRSVC - Unknown owner - E:\Program Files\Webroot\WRSA.exe (file missing)

--
End of file - 16655 bytes

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:30 PM

Posted 14 April 2012 - 12:32 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:30 PM

Posted 16 April 2012 - 11:26 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 renegadestar87

renegadestar87
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 18 April 2012 - 01:45 PM

Hi Gringo,

Firstly I'd like to apologize for not getting back to you as I have been away from my laptop for a several day being away for work.
I intend to back up my my laptop tomorrow and will then follow the steps you have suggested and will post back this time tomorrow!
Thanks for your help!

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:30 PM

Posted 18 April 2012 - 02:54 PM

I will be waiting on you



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 renegadestar87

renegadestar87
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 19 April 2012 - 04:18 PM

Hi Gringo,

I ran the DeFogger and then followed to do the Security Check, however after when I ran the D.D.S application there was no log that came up and I was unable to exit the application.
I did however receive receive a log from the Security Check application, should I be worried that the D.D.S application never came up with a log.
Here is the Security Check log. Thanks for all your help!!


Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

AVG 2012
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 30
Java version out of date!
Adobe Flash Player 10.1.102.64 Flash Player out of Date!
Adobe Reader X (10.1.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
``````````End of Log````````````

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:30 PM

Posted 19 April 2012 - 09:23 PM

lets try this one


Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 renegadestar87

renegadestar87
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 20 April 2012 - 01:45 PM

Hi Gringo,

The OTL program worked fine. Here's the log from the OTL.txt

Thanks!


OTL logfile created on: 4/20/2012 7:39:37 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = E:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.21 Gb Available Physical Memory | 73.88% Memory free
4.83 Gb Paging File | 4.03 Gb Available in Paging File | 83.41% Paging File free
Paging file location(s): E:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Program Files
Drive E: | 298.08 Gb Total Space | 49.90 Gb Free Space | 16.74% Space Free | Partition Type: NTFS

Computer Name: USER-76A1A8E1F5 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - E:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - E:\WINDOWS\system32\UAService7.exe ()
PRC - E:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - E:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
PRC - E:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - E:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - e:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.)
PRC - E:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - E:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - E:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - E:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - E:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe ()
PRC - E:\WINDOWS\system32\vcsFPService.exe (Validity Sensors, Inc.)
PRC - E:\WINDOWS\system32\AESTFltr.exe (Andrea Electronics Corporation)
PRC - E:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - E:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe ()
PRC - E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - E:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - E:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe (Microsoft Corporation)
PRC - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\acrobat_sl.exe (Adobe Systems Incorporated)
PRC - E:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)


========== Modules (No Company Name) ==========

MOD - E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\ppgooglenaclpluginchrome.dll ()
MOD - E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\pdf.dll ()
MOD - E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\avutil-51.dll ()
MOD - E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\avformat-53.dll ()
MOD - E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\avcodec-53.dll ()
MOD - E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\gcswf32.dll ()
MOD - E:\WINDOWS\system32\UAService7.exe ()
MOD - E:\WINDOWS\system32\preflib.dll ()
MOD - E:\WINDOWS\system32\bcm1xsup.dll ()
MOD - E:\WINDOWS\system32\btwicons.dll ()
MOD - E:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - E:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - E:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe ()
MOD - E:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe ()


========== Win32 Services (SafeList) ==========

SRV - (KiesAllShare) -- E:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe File not found
SRV - (UserAccess7) SecuROM User Access Service (V7) -- E:\WINDOWS\system32\UAService7.exe ()
SRV - (avgwd) -- E:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- E:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (FLEXnet Licensing Service) -- E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
SRV - (SolidWorks Licensing Service) -- E:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe (SolidWorks)
SRV - (Autodesk Licensing Service) -- E:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (FsUsbExService) -- E:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (STacSV) -- e:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.)
SRV - (InstallFilterService) -- E:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe ()
SRV - (UNS) Intel® -- E:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- E:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (vcsFPService) -- E:\WINDOWS\system32\vcsFPService.exe (Validity Sensors, Inc.)
SRV - (ServiceLayer) -- E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (mi-raysat_3dsMax2009_32) -- E:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe ()


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (dgderdrv) -- System32\drivers\dgderdrv.sys File not found
DRV - (Changer) -- File not found
DRV - (cerc6) -- File not found
DRV - (MBAMSwissArmy) -- E:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (Avgtdix) -- E:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgldx86) -- E:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- E:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- E:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- E:\WINDOWS\system32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- E:\WINDOWS\system32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- E:\WINDOWS\system32\drivers\avgidsehx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- E:\WINDOWS\system32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
DRV - (BCM43XX) -- E:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (FsUsbExDisk) -- E:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (STHDA) -- E:\WINDOWS\system32\drivers\sthda.sys (IDT, Inc.)
DRV - (RTLE8023xp) -- E:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (Impcd) -- E:\WINDOWS\system32\drivers\Impcd.sys (Intel Corporation)
DRV - (btaudio) -- E:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (HECI) Intel® -- E:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation)
DRV - (BTWUSB) -- E:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (NVHDA) -- E:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (BTKRNL) -- E:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btwhid) -- E:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (AESTAud) -- E:\WINDOWS\system32\drivers\AESTAud.sys (Andrea Electronics Corporation)
DRV - (pccsmcfd) -- E:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (BTWDNDIS) -- E:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (BTDriver) -- E:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (WinUSB) -- E:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (Hardlock) -- E:\WINDOWS\system32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/solidyoutube/{CB8778D8-4D70-43E0-BA53-9E2147B25C2F}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/solidyoutube/{CB8778D8-4D70-43E0-BA53-9E2147B25C2F}
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - E:\Program Files\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=0000000000000000000078e400f0f158&tlver=1.4.19.19&affID=17160
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{2A001B8A-0EBE-4794-9E92-9DE8214E7481}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=FM&apn_dtid=TES002YYGB&apn_uid=e1066e05-db61-4521-8de0-214777864d3d&apn_sauid=FBBE0E2E-C6BD-4891-82C1-634A5AB53F3E
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={5C491A86-175F-4302-8A1C-E3B2FED6DC70}&mid=12bf7a00a64a47d0a5c5a9ad461418ab-825bbf7dd30aa2df5cda676268b6d7608ef1f8dd&lang=en&ds=AVG&pr=pr&d=2012-03-17 13:47:52&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/solidyoutube/{CB8778D8-4D70-43E0-BA53-9E2147B25C2F}?q={searchTerms}
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801948
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{F46673B1-9364-49E6-ACD1-134BDD49A054}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 55030
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: e:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: E:\Program Files\AVG\AVG2012\Firefox\ [2012/04/18 18:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: E:\Program Files\AVG\AVG2012\Firefox4\ [2012/04/18 18:40:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: E:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/04/18 18:40:17 | 000,000,000 | ---D | M]

[2010/11/08 06:17:13 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2011/07/09 14:56:58 | 000,000,000 | ---D | M] (No name found) -- E:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\kz1r0ebp.default\extensions
[2011/01/08 13:01:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- E:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\kz1r0ebp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/24 22:41:04 | 000,000,000 | ---D | M] (Babylon) -- E:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\kz1r0ebp.default\extensions\ffxtlbr@babylon.com
[2011/07/04 21:17:02 | 000,000,000 | ---D | M] (ALOT Toolbar) -- E:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\kz1r0ebp.default\extensions\toolbar@alot.com
[2011/02/01 20:05:08 | 000,002,333 | ---- | M] () -- E:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\kz1r0ebp.default\searchplugins\askcom.xml
[2011/08/13 11:46:58 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions
[2011/05/24 22:41:05 | 000,002,423 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\babylon.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2111_0\plugins/avgnpss.dll
CHR - plugin: Skype Toolbars (Enabled) = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = E:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = E:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = E:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = E:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = E:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = E:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = e:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2111_0\
CHR - Extension: Skype Click to Call = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: AVG Do-Not-Track = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2126_0\
CHR - Extension: Gmail = E:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2010/11/17 03:36:40 | 000,000,767 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (dsWebAllowBHO Class) - {2F85D76C-0569-466F-A488-493E6BD0E955} - E:\Program Files\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Do-Not-Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - E:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - E:\Program Files\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] E:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] E:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "E:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AESTFltr] E:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [AVG_TRAY] E:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FreeFallProtection] E:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] E:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] E:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SysTrayApp] E:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-1960408961-630328440-1644491937-1003..\Run: [Akamai NetSession Interface] E:\Documents and Settings\Owner\Local Settings\Application Data\Akamai\netsession_win.exe File not found
O4 - HKU\S-1-5-21-1960408961-630328440-1644491937-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1960408961-630328440-1644491937-1003..\Run: [KiesTrayAgent] E:\Program Files\Samsung\Kies\KiesTrayAgent.exe File not found
O4 - Startup: E:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = E:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: E:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: E:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: E:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = E:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Convert link target to Adobe PDF - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - E:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send to &Bluetooth Device... - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: AVG Do-Not-Track - {DA58ACA7-18A6-403A-93DA-6E4172D43709} - E:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://euvpn.interpublic.com/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{15FE1169-2388-4E28-858D-C099779A1371}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - E:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:\WINDOWS\system32\userinit.exe) - E:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - File not found
O24 - Desktop WallPaper: E:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: E:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - E:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/02 07:14:22 | 000,000,000 | ---D | M] - E:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2008/03/13 02:12:18 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (E:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/18 18:40:45 | 000,000,000 | ---D | C] -- E:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2012/04/18 18:40:03 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\drivers\AVG
[2012/04/13 20:14:59 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Owner\Start Menu\Programs\HiJackThis
[2012/04/01 12:06:30 | 000,000,000 | ---D | C] -- E:\Program Files\Championship Manager 5
[2012/03/28 11:27:05 | 000,000,000 | ---D | C] -- E:\Documents and Settings\Owner\Desktop\WINDOW DISPLAY
[2012/03/22 20:59:39 | 000,000,000 | ---D | C] -- E:\WINDOWS\System32\cache
[2010/11/01 08:17:14 | 007,749,632 | ---- | C] (Chaos Group Ltd) -- E:\Program Files\vray2009.dll
[2010/11/01 08:17:14 | 002,875,392 | ---- | C] (Intel Corporation) -- E:\Program Files\libmmd.dll
[3 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/20 19:40:45 | 000,497,496 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2012/04/20 19:40:45 | 000,085,814 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[2012/04/20 19:36:33 | 000,002,359 | ---- | M] () -- E:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2012/04/20 19:36:24 | 000,247,299 | ---- | M] () -- E:\WINDOWS\System32\NvApps.xml
[2012/04/20 19:36:24 | 000,080,671 | ---- | M] () -- E:\WINDOWS\System32\nvModes.001
[2012/04/20 19:36:20 | 000,002,206 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2012/04/20 19:35:56 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2012/04/20 16:45:00 | 000,000,978 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-630328440-1644491937-1003UA.job
[2012/04/20 15:25:22 | 095,695,681 | ---- | M] () -- E:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/04/19 20:23:09 | 000,000,116 | ---- | M] () -- E:\WINDOWS\NeroDigital.ini
[2012/04/19 19:53:32 | 000,045,056 | ---- | M] () -- E:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/19 19:52:36 | 000,000,266 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\Shortcut to OTHER FORMATS.lnk
[2012/04/19 17:45:00 | 000,000,926 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-630328440-1644491937-1003Core.job
[2012/04/18 19:26:41 | 000,000,904 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\Shortcut to dds (1).lnk
[2012/04/18 19:20:00 | 000,000,685 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\Shortcut to SecurityCheck.lnk
[2012/04/18 18:56:34 | 000,002,447 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2012/04/18 18:40:45 | 000,000,702 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/04/15 02:00:00 | 000,000,342 | ---- | M] () -- E:\WINDOWS\tasks\AdobeAAMUpdater-1.0-USER-76A1A8E1F5-Owner.job
[2012/04/13 19:46:49 | 000,002,284 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\Google Chrome.lnk
[2012/04/13 19:46:49 | 000,002,262 | ---- | M] () -- E:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/12 17:22:52 | 000,001,374 | ---- | M] () -- E:\WINDOWS\imsins.BAK
[2012/04/10 22:32:39 | 000,002,265 | ---- | M] () -- E:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/04/10 19:07:27 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/04/10 13:02:00 | 000,000,486 | ---- | M] () -- E:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/04/04 20:16:50 | 000,080,671 | ---- | M] () -- E:\WINDOWS\System32\nvModes.dat
[2012/04/01 17:28:16 | 003,985,254 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\Postage Ebay.bmp
[2012/04/01 12:10:21 | 000,126,976 | ---- | M] () -- E:\WINDOWS\System32\UAService7.exe
[2012/03/28 12:40:30 | 008,126,850 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\2.pdf
[2012/03/28 12:39:33 | 000,680,980 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\front.pdf
[2012/03/28 12:35:51 | 000,211,270 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\MOMENTUM LOGO [Converted].pdf
[2012/03/28 12:29:24 | 001,510,256 | ---- | M] () -- E:\Documents and Settings\Owner\Desktop\Xperia_Identity_GUIDELINES_Final_artwork_V1.1Abbreviated.pdf
[2012/03/23 23:16:01 | 000,000,284 | ---- | M] () -- E:\WINDOWS\tasks\AppleSoftwareUpdate.job
[3 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/20 15:25:22 | 095,695,681 | ---- | C] () -- E:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/04/19 19:52:36 | 000,000,266 | ---- | C] () -- E:\Documents and Settings\Owner\Desktop\Shortcut to OTHER FORMATS.lnk
[2012/04/18 19:26:41 | 000,000,904 | ---- | C] () -- E:\Documents and Settings\Owner\Desktop\Shortcut to dds (1).lnk
[2012/04/18 19:20:00 | 000,000,685 | ---- | C] () -- E:\Documents and Settings\Owner\Desktop\Shortcut to SecurityCheck.lnk
[2012/04/18 18:40:45 | 000,000,702 | ---- | C] () -- E:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/04/13 20:14:59 | 000,002,447 | ---- | C] () -- E:\Documents and Settings\Owner\Desktop\HiJackThis.lnk
[2012/04/01 17:28:15 | 003,985,254 | ---- | C] () -- E:\Documents and Settings\Owner\Desktop\Postage Ebay.bmp
[2012/04/01 12:10:21 | 000,126,976 | ---- | C] () -- E:\WINDOWS\System32\UAService7.exe
[2012/03/28 12:40:27 | 008,126,850 | ---- | C] () -- E:\Documents and Settings\Owner\Desktop\2.pdf
[2012/03/28 12:39:29 | 000,680,980 | ---- | C] () -- E:\Documents and Settings\Owner\Desktop\front.pdf
[2012/03/28 12:35:51 | 000,211,270 | ---- | C] () -- E:\Documents and Settings\Owner\Desktop\MOMENTUM LOGO [Converted].pdf
[2012/03/28 12:29:24 | 001,510,256 | ---- | C] () -- E:\Documents and Settings\Owner\Desktop\Xperia_Identity_GUIDELINES_Final_artwork_V1.1Abbreviated.pdf
[2012/02/16 20:43:28 | 000,003,072 | ---- | C] () -- E:\WINDOWS\System32\iacenc.dll
[2011/12/29 01:40:44 | 000,540,380 | ---- | C] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1960408961-630328440-1644491937-1003-0.dat
[2011/12/28 02:26:33 | 000,110,592 | ---- | C] () -- E:\WINDOWS\System32\FsUsbExDevice.Dll
[2011/12/28 02:26:33 | 000,036,640 | ---- | C] () -- E:\WINDOWS\System32\FsUsbExDisk.Sys
[2011/12/28 02:26:11 | 000,002,528 | ---- | C] () -- E:\Documents and Settings\Owner\Application Data\$_hpcst$.hpc
[2011/12/13 14:02:16 | 000,000,064 | ---- | C] () -- E:\WINDOWS\System32\rp_stats.dat
[2011/12/13 14:02:16 | 000,000,044 | ---- | C] () -- E:\WINDOWS\System32\rp_rules.dat
[2011/08/20 15:26:22 | 000,323,966 | ---- | C] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/08/09 18:42:35 | 000,129,024 | ---- | C] () -- E:\WINDOWS\System32\AVERM.dll
[2011/08/09 18:42:35 | 000,028,672 | ---- | C] () -- E:\WINDOWS\System32\AVEQT.dll
[2011/06/07 12:13:38 | 000,974,848 | ---- | C] () -- E:\WINDOWS\System32\cis-2.4.dll
[2011/06/07 12:13:38 | 000,081,920 | ---- | C] () -- E:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/06/07 12:13:38 | 000,065,536 | ---- | C] () -- E:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/06/07 12:13:38 | 000,057,344 | ---- | C] () -- E:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/03/06 15:50:52 | 000,012,118 | -HS- | C] () -- E:\Documents and Settings\Owner\Local Settings\Application Data\62175231
[2011/03/06 15:50:52 | 000,012,118 | -HS- | C] () -- E:\Documents and Settings\All Users\Application Data\62175231
[2011/01/23 22:08:43 | 000,174,040 | ---- | C] () -- E:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/23 19:21:20 | 000,050,428 | -H-- | C] () -- E:\WINDOWS\System32\mlfcache.dat
[2011/01/16 22:45:46 | 000,000,664 | ---- | C] () -- E:\WINDOWS\System32\d3d9caps.dat
[2010/11/09 06:41:04 | 000,016,384 | ---- | C] () -- E:\WINDOWS\System32\FileOps.exe
[2010/11/09 02:14:33 | 000,000,000 | ---- | C] () -- E:\WINDOWS\eDrawingOfficeAutomator.INI
[2010/11/04 01:37:49 | 000,045,056 | ---- | C] () -- E:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/03 02:11:14 | 000,000,116 | ---- | C] () -- E:\WINDOWS\NeroDigital.ini
[2010/11/02 08:00:18 | 000,000,000 | ---- | C] () -- E:\WINDOWS\nsreg.dat
[2010/11/01 12:43:45 | 000,004,161 | ---- | C] () -- E:\WINDOWS\ODBCINST.INI
[2010/11/01 12:42:11 | 003,549,312 | ---- | C] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/01 08:17:14 | 000,000,125 | ---- | C] () -- E:\Program Files\plugin.ini
[2010/11/01 07:51:39 | 000,000,056 | -H-- | C] () -- E:\WINDOWS\System32\ezsidmv.dat
[2010/11/01 05:37:56 | 000,000,376 | ---- | C] () -- E:\WINDOWS\ODBC.INI
[2010/11/01 02:18:59 | 000,080,671 | ---- | C] () -- E:\WINDOWS\System32\nvModes.dat
[2010/11/01 02:13:45 | 000,143,360 | ---- | C] () -- E:\WINDOWS\System32\preflib.dll
[2010/11/01 02:13:44 | 000,025,088 | ---- | C] () -- E:\WINDOWS\System32\WLTRYSVC.EXE
[2010/11/01 02:13:43 | 000,757,760 | ---- | C] () -- E:\WINDOWS\System32\bcm1xsup.dll
[2010/11/01 02:13:33 | 001,589,414 | ---- | C] () -- E:\WINDOWS\System32\nvdata.bin
[2010/11/01 02:07:39 | 000,073,728 | ---- | C] () -- E:\WINDOWS\System32\RtNicProp32.dll
[2010/11/01 01:55:47 | 000,002,048 | --S- | C] () -- E:\WINDOWS\bootstat.dat
[2010/11/01 01:50:09 | 000,021,640 | ---- | C] () -- E:\WINDOWS\System32\emptyregdb.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> E:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 116 bytes -> E:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C

< End of report >

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:30 PM

Posted 20 April 2012 - 02:07 PM

Hello

If you have any problems just come back and let me know

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 renegadestar87

renegadestar87
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 20 April 2012 - 04:31 PM

Hi Gringo,

The ComboFix doesn't appear to be working at all. I've had the blue screen in ComboFix saying that it's scanning for infected files for over an hour now and no log has come up. Should I be worried that there's something wrong with my computer or is there something else you can recommend?

Regards

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:30 PM

Posted 20 April 2012 - 06:35 PM

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
ComboFix /nombr
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 renegadestar87

renegadestar87
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 22 April 2012 - 05:58 AM

Hi Gringo,

After following your post the ComboFix application ran again and I could see what looked like a report type thing building up (neon green text on a black background) but then it disappears and I'm left with a blue screen that says it's scanning and should only take 10 minutes or more if badly infected etc...

Cheers

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:30 PM

Posted 22 April 2012 - 08:41 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 renegadestar87

renegadestar87
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:30 PM

Posted 22 April 2012 - 09:38 AM

Hi Gringo,

TDSS Killer came up with no infected or suspicious files. Here's the report. As well as report for aswMBR


15:26:16.0750 4596 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
15:26:17.0125 4596 ============================================================
15:26:17.0125 4596 Current date / time: 2012/04/22 15:26:17.0125
15:26:17.0125 4596 SystemInfo:
15:26:17.0125 4596
15:26:17.0125 4596 OS Version: 5.1.2600 ServicePack: 3.0
15:26:17.0125 4596 Product type: Workstation
15:26:17.0125 4596 ComputerName: USER-76A1A8E1F5
15:26:17.0125 4596 UserName: Owner
15:26:17.0125 4596 Windows directory: E:\WINDOWS
15:26:17.0125 4596 System windows directory: E:\WINDOWS
15:26:17.0125 4596 Processor architecture: Intel x86
15:26:17.0125 4596 Number of processors: 4
15:26:17.0125 4596 Page size: 0x1000
15:26:17.0125 4596 Boot type: Normal boot
15:26:17.0125 4596 ============================================================
15:26:20.0734 4596 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:26:20.0843 4596 \Device\Harddisk0\DR0:
15:26:20.0843 4596 MBR partitions:
15:26:20.0843 4596 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
15:26:20.0875 4596 E: <-> \Device\Harddisk0\DR0\Partition0
15:26:20.0875 4596 Initialize success
15:26:20.0875 4596 ============================================================
15:26:30.0656 5724 ============================================================
15:26:30.0656 5724 Scan started
15:26:30.0656 5724 Mode: Manual;
15:26:30.0656 5724 ============================================================
15:26:31.0093 5724 Abiosdsk - ok
15:26:31.0109 5724 abp480n5 - ok
15:26:31.0156 5724 Acceler (3c189400c996a4301c3f1bd93c9c1a17) E:\WINDOWS\system32\DRIVERS\Acceler.sys
15:26:31.0171 5724 Acceler - ok
15:26:31.0234 5724 ACPI (8fd99680a539792a30e97944fdaecf17) E:\WINDOWS\system32\DRIVERS\ACPI.sys
15:26:31.0234 5724 ACPI - ok
15:26:31.0281 5724 ACPIEC (9859c0f6936e723e4892d7141b1327d5) E:\WINDOWS\system32\drivers\ACPIEC.sys
15:26:31.0281 5724 ACPIEC - ok
15:26:31.0328 5724 adfs (6d7f09cd92a9fef3a8efce66231fdd79) E:\WINDOWS\system32\drivers\adfs.sys
15:26:31.0328 5724 adfs - ok
15:26:31.0390 5724 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:26:31.0828 5724 Adobe LM Service - ok
15:26:31.0875 5724 adpu160m - ok
15:26:31.0921 5724 aec (8bed39e3c35d6a489438b8141717a557) E:\WINDOWS\system32\drivers\aec.sys
15:26:31.0937 5724 aec - ok
15:26:31.0968 5724 AESTAud (f21d5e93a94514be9f5b6ebf74a696b2) E:\WINDOWS\system32\drivers\AESTAud.sys
15:26:31.0984 5724 AESTAud - ok
15:26:32.0046 5724 AFD (1e44bc1e83d8fd2305f8d452db109cf9) E:\WINDOWS\System32\drivers\afd.sys
15:26:32.0375 5724 AFD - ok
15:26:32.0515 5724 Aha154x - ok
15:26:32.0625 5724 aic78u2 - ok
15:26:32.0687 5724 aic78xx - ok
15:26:32.0718 5724 Alerter (a9a3daa780ca6c9671a19d52456705b4) E:\WINDOWS\system32\alrsvc.dll
15:26:32.0734 5724 Alerter - ok
15:26:32.0750 5724 ALG (8c515081584a38aa007909cd02020b3d) E:\WINDOWS\System32\alg.exe
15:26:32.0750 5724 ALG - ok
15:26:32.0765 5724 AliIde - ok
15:26:32.0765 5724 amsint - ok
15:26:32.0828 5724 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:26:32.0875 5724 Apple Mobile Device - ok
15:26:32.0906 5724 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) E:\WINDOWS\System32\appmgmts.dll
15:26:32.0906 5724 AppMgmt - ok
15:26:32.0906 5724 asc - ok
15:26:32.0921 5724 asc3350p - ok
15:26:32.0921 5724 asc3550 - ok
15:26:32.0984 5724 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:26:33.0062 5724 aspnet_state - ok
15:26:33.0093 5724 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) E:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:26:33.0109 5724 AsyncMac - ok
15:26:33.0156 5724 atapi (9f3a2f5aa6875c72bf062c712cfa2674) E:\WINDOWS\system32\DRIVERS\atapi.sys
15:26:33.0156 5724 atapi - ok
15:26:33.0171 5724 Atdisk - ok
15:26:33.0203 5724 Atmarpc (9916c1225104ba14794209cfa8012159) E:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:26:33.0203 5724 Atmarpc - ok
15:26:33.0250 5724 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) E:\WINDOWS\System32\audiosrv.dll
15:26:33.0265 5724 AudioSrv - ok
15:26:33.0296 5724 audstub (d9f724aa26c010a217c97606b160ed68) E:\WINDOWS\system32\DRIVERS\audstub.sys
15:26:33.0296 5724 audstub - ok
15:26:33.0343 5724 Autodesk Licensing Service (ead65493edba0ebea2192d46b938298e) E:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
15:26:33.0656 5724 Autodesk Licensing Service - ok
15:26:33.0812 5724 AVGIDSAgent (f5689fba4360be50839999882e0a9d99) E:\Program Files\AVG\AVG2012\avgidsagent.exe
15:26:33.0921 5724 AVGIDSAgent - ok
15:26:33.0968 5724 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) E:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
15:26:33.0968 5724 AVGIDSDriver - ok
15:26:34.0000 5724 AVGIDSEH (f4050c31e6a83cf1e4cdc80d165f7f08) E:\WINDOWS\system32\DRIVERS\avgidsehx.sys
15:26:34.0015 5724 AVGIDSEH - ok
15:26:34.0031 5724 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) E:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
15:26:34.0031 5724 AVGIDSFilter - ok
15:26:34.0062 5724 AVGIDSShim (baf975b72062f53d327788e99d64197e) E:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
15:26:34.0062 5724 AVGIDSShim - ok
15:26:34.0078 5724 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) E:\WINDOWS\system32\DRIVERS\avgldx86.sys
15:26:34.0093 5724 Avgldx86 - ok
15:26:34.0093 5724 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) E:\WINDOWS\system32\DRIVERS\avgmfx86.sys
15:26:34.0093 5724 Avgmfx86 - ok
15:26:34.0125 5724 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) E:\WINDOWS\system32\DRIVERS\avgrkx86.sys
15:26:34.0140 5724 Avgrkx86 - ok
15:26:34.0156 5724 Avgtdix (b2fc9d4de6a2e57a4dfb5a11440c5b85) E:\WINDOWS\system32\DRIVERS\avgtdix.sys
15:26:34.0156 5724 Avgtdix - ok
15:26:34.0187 5724 avgwd (ea1145debcd508fd25bd1e95c4346929) E:\Program Files\AVG\AVG2012\avgwdsvc.exe
15:26:34.0187 5724 avgwd - ok
15:26:34.0265 5724 BCM43XX (345d38f298368dd6b0df5c4f37457a22) E:\WINDOWS\system32\DRIVERS\bcmwl5.sys
15:26:34.0328 5724 BCM43XX - ok
15:26:34.0375 5724 Beep (da1f27d85e0d1525f6621372e7b685e9) E:\WINDOWS\system32\drivers\Beep.sys
15:26:34.0375 5724 Beep - ok
15:26:34.0421 5724 BITS (574738f61fca2935f5265dc4e5691314) E:\WINDOWS\system32\qmgr.dll
15:26:34.0546 5724 BITS - ok
15:26:34.0578 5724 Browser (a06ce3399d16db864f55faeb1f1927a9) E:\WINDOWS\System32\browser.dll
15:26:34.0593 5724 Browser - ok
15:26:34.0625 5724 btaudio (9e8cf88d340e32fcb3c53955b2df388f) E:\WINDOWS\system32\drivers\btaudio.sys
15:26:34.0640 5724 btaudio - ok
15:26:34.0687 5724 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) E:\WINDOWS\system32\DRIVERS\btport.sys
15:26:34.0703 5724 BTDriver - ok
15:26:34.0734 5724 BTKRNL (9f704f40cd50ae05bbfc492c0342e765) E:\WINDOWS\system32\DRIVERS\btkrnl.sys
15:26:34.0765 5724 BTKRNL - ok
15:26:34.0796 5724 btwdins (8487071731230d3d40807e0b28f64725) E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
15:26:34.0812 5724 btwdins - ok
15:26:34.0828 5724 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) E:\WINDOWS\system32\DRIVERS\btwdndis.sys
15:26:34.0828 5724 BTWDNDIS - ok
15:26:34.0843 5724 btwhid (c51d50cf24da69a9c499e65b0edb3bb7) E:\WINDOWS\system32\DRIVERS\btwhid.sys
15:26:34.0843 5724 btwhid - ok
15:26:34.0875 5724 BTWUSB (581ca1a9b6f8cba92e3bc8460c14faab) E:\WINDOWS\system32\Drivers\btwusb.sys
15:26:34.0875 5724 BTWUSB - ok
15:26:34.0937 5724 catchme - ok
15:26:34.0968 5724 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) E:\WINDOWS\system32\drivers\cbidf2k.sys
15:26:34.0968 5724 cbidf2k - ok
15:26:35.0000 5724 CCDECODE (0be5aef125be881c4f854c554f2b025c) E:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:26:35.0000 5724 CCDECODE - ok
15:26:35.0015 5724 cd20xrnt - ok
15:26:35.0031 5724 Cdaudio (c1b486a7658353d33a10cc15211a873b) E:\WINDOWS\system32\drivers\Cdaudio.sys
15:26:35.0031 5724 Cdaudio - ok
15:26:35.0062 5724 Cdfs (c885b02847f5d2fd45a24e219ed93b32) E:\WINDOWS\system32\drivers\Cdfs.sys
15:26:35.0062 5724 Cdfs - ok
15:26:35.0093 5724 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) E:\WINDOWS\system32\DRIVERS\cdrom.sys
15:26:35.0093 5724 Cdrom - ok
15:26:35.0109 5724 cerc6 - ok
15:26:35.0109 5724 Changer - ok
15:26:35.0125 5724 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) E:\WINDOWS\system32\cisvc.exe
15:26:35.0140 5724 CiSvc - ok
15:26:35.0171 5724 ClipSrv (34cbe729f38138217f9c80212a2a0c82) E:\WINDOWS\system32\clipsrv.exe
15:26:35.0171 5724 ClipSrv - ok
15:26:35.0234 5724 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:26:35.0312 5724 clr_optimization_v2.0.50727_32 - ok
15:26:35.0359 5724 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:26:35.0406 5724 clr_optimization_v4.0.30319_32 - ok
15:26:35.0484 5724 CmBatt (0f6c187d38d98f8df904589a5f94d411) E:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:26:35.0484 5724 CmBatt - ok
15:26:35.0500 5724 CmdIde - ok
15:26:35.0515 5724 Compbatt (6e4c9f21f0fae8940661144f41b13203) E:\WINDOWS\system32\DRIVERS\compbatt.sys
15:26:35.0515 5724 Compbatt - ok
15:26:35.0515 5724 COMSysApp - ok
15:26:35.0531 5724 Cpqarray - ok
15:26:35.0546 5724 CryptSvc (3d4e199942e29207970e04315d02ad3b) E:\WINDOWS\System32\cryptsvc.dll
15:26:35.0546 5724 CryptSvc - ok
15:26:35.0562 5724 dac2w2k - ok
15:26:35.0562 5724 dac960nt - ok
15:26:35.0609 5724 DcomLaunch (6b27a5c03dfb94b4245739065431322c) E:\WINDOWS\system32\rpcss.dll
15:26:35.0609 5724 DcomLaunch - ok
15:26:35.0625 5724 dgderdrv - ok
15:26:35.0640 5724 Dhcp (5e38d7684a49cacfb752b046357e0589) E:\WINDOWS\System32\dhcpcsvc.dll
15:26:35.0640 5724 Dhcp - ok
15:26:35.0656 5724 Disk (044452051f3e02e7963599fc8f4f3e25) E:\WINDOWS\system32\DRIVERS\disk.sys
15:26:35.0671 5724 Disk - ok
15:26:35.0671 5724 dmadmin - ok
15:26:35.0703 5724 dmboot (d992fe1274bde0f84ad826acae022a41) E:\WINDOWS\system32\drivers\dmboot.sys
15:26:35.0718 5724 dmboot - ok
15:26:35.0750 5724 dmio (7c824cf7bbde77d95c08005717a95f6f) E:\WINDOWS\system32\drivers\dmio.sys
15:26:35.0750 5724 dmio - ok
15:26:35.0765 5724 dmload (e9317282a63ca4d188c0df5e09c6ac5f) E:\WINDOWS\system32\drivers\dmload.sys
15:26:35.0765 5724 dmload - ok
15:26:35.0796 5724 dmserver (57edec2e5f59f0335e92f35184bc8631) E:\WINDOWS\System32\dmserver.dll
15:26:35.0796 5724 dmserver - ok
15:26:35.0828 5724 DMusic (8a208dfcf89792a484e76c40e5f50b45) E:\WINDOWS\system32\drivers\DMusic.sys
15:26:35.0828 5724 DMusic - ok
15:26:35.0859 5724 Dnscache (5f7e24fa9eab896051ffb87f840730d2) E:\WINDOWS\System32\dnsrslvr.dll
15:26:35.0859 5724 Dnscache - ok
15:26:35.0890 5724 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) E:\WINDOWS\System32\dot3svc.dll
15:26:35.0890 5724 Dot3svc - ok
15:26:35.0890 5724 dpti2o - ok
15:26:35.0937 5724 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) E:\WINDOWS\system32\drivers\drmkaud.sys
15:26:35.0937 5724 drmkaud - ok
15:26:35.0968 5724 EapHost (2187855a7703adef0cef9ee4285182cc) E:\WINDOWS\System32\eapsvc.dll
15:26:35.0968 5724 EapHost - ok
15:26:35.0984 5724 ERSvc (bc93b4a066477954555966d77fec9ecb) E:\WINDOWS\System32\ersvc.dll
15:26:36.0000 5724 ERSvc - ok
15:26:36.0015 5724 Eventlog (65df52f5b8b6e9bbd183505225c37315) E:\WINDOWS\system32\services.exe
15:26:36.0031 5724 Eventlog - ok
15:26:36.0062 5724 EventSystem (d4991d98f2db73c60d042f1aef79efae) E:\WINDOWS\system32\es.dll
15:26:36.0078 5724 EventSystem - ok
15:26:36.0093 5724 Fastfat (38d332a6d56af32635675f132548343e) E:\WINDOWS\system32\drivers\Fastfat.sys
15:26:36.0093 5724 Fastfat - ok
15:26:36.0125 5724 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) E:\WINDOWS\System32\shsvcs.dll
15:26:36.0171 5724 FastUserSwitchingCompatibility - ok
15:26:36.0203 5724 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) E:\WINDOWS\system32\drivers\Fdc.sys
15:26:36.0203 5724 Fdc - ok
15:26:36.0218 5724 Fips (d45926117eb9fa946a6af572fbe1caa3) E:\WINDOWS\system32\drivers\Fips.sys
15:26:36.0218 5724 Fips - ok
15:26:36.0296 5724 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:26:36.0421 5724 FLEXnet Licensing Service - ok
15:26:36.0437 5724 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) E:\WINDOWS\system32\drivers\Flpydisk.sys
15:26:36.0437 5724 Flpydisk - ok
15:26:36.0484 5724 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) E:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:26:36.0484 5724 FltMgr - ok
15:26:36.0640 5724 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) e:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:26:36.0640 5724 FontCache3.0.0.0 - ok
15:26:36.0718 5724 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) E:\WINDOWS\system32\FsUsbExDisk.SYS
15:26:36.0921 5724 FsUsbExDisk - ok
15:26:36.0953 5724 FsUsbExService (f96c429788350db4ba6771c3034dfd88) E:\WINDOWS\system32\FsUsbExService.Exe
15:26:37.0437 5724 FsUsbExService - ok
15:26:37.0500 5724 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) E:\WINDOWS\system32\drivers\Fs_Rec.sys
15:26:37.0500 5724 Fs_Rec - ok
15:26:37.0515 5724 Ftdisk (6ac26732762483366c3969c9e4d2259d) E:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:26:37.0531 5724 Ftdisk - ok
15:26:37.0578 5724 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) E:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:26:37.0609 5724 GEARAspiWDM - ok
15:26:37.0656 5724 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) E:\WINDOWS\system32\DRIVERS\msgpc.sys
15:26:37.0671 5724 Gpc - ok
15:26:37.0718 5724 Hardlock (d64a40b94602158e40527ae95e7a9193) E:\WINDOWS\system32\drivers\hardlock.sys
15:26:37.0828 5724 Hardlock - ok
15:26:37.0875 5724 HDAudBus (573c7d0a32852b48f3058cfd8026f511) E:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:26:37.0875 5724 HDAudBus - ok
15:26:37.0921 5724 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) E:\WINDOWS\system32\DRIVERS\HECI.sys
15:26:37.0921 5724 HECI - ok
15:26:37.0968 5724 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) E:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:26:37.0968 5724 helpsvc - ok
15:26:38.0000 5724 HidServ (deb04da35cc871b6d309b77e1443c796) E:\WINDOWS\System32\hidserv.dll
15:26:38.0015 5724 HidServ - ok
15:26:38.0046 5724 hidusb (ccf82c5ec8a7326c3066de870c06daf1) E:\WINDOWS\system32\DRIVERS\hidusb.sys
15:26:38.0046 5724 hidusb - ok
15:26:38.0093 5724 hkmsvc (8878bd685e490239777bfe51320b88e9) E:\WINDOWS\System32\kmsvc.dll
15:26:38.0093 5724 hkmsvc - ok
15:26:38.0093 5724 hpn - ok
15:26:38.0156 5724 HTTP (f80a415ef82cd06ffaf0d971528ead38) E:\WINDOWS\system32\Drivers\HTTP.sys
15:26:38.0156 5724 HTTP - ok
15:26:38.0187 5724 HTTPFilter (6100a808600f44d999cebdef8841c7a3) E:\WINDOWS\System32\w3ssl.dll
15:26:38.0187 5724 HTTPFilter - ok
15:26:38.0203 5724 i2omgmt - ok
15:26:38.0218 5724 i2omp - ok
15:26:38.0250 5724 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) E:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:26:38.0250 5724 i8042prt - ok
15:26:38.0359 5724 idsvc (c01ac32dc5c03076cfb852cb5da5229c) E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:26:38.0406 5724 idsvc - ok
15:26:38.0468 5724 Imapi (083a052659f5310dd8b6a6cb05edcf8e) E:\WINDOWS\system32\DRIVERS\imapi.sys
15:26:38.0468 5724 Imapi - ok
15:26:38.0500 5724 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) E:\WINDOWS\system32\imapi.exe
15:26:38.0515 5724 ImapiService - ok
15:26:38.0531 5724 Impcd (2db41ba61d5e44d0667cf126d35dcf34) E:\WINDOWS\system32\DRIVERS\Impcd.sys
15:26:38.0546 5724 Impcd - ok
15:26:38.0562 5724 ini910u - ok
15:26:38.0593 5724 InstallFilterService (36944f997af08dd85985acbd17e8eda5) E:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
15:26:38.0875 5724 InstallFilterService - ok
15:26:38.0921 5724 IntelIde - ok
15:26:38.0953 5724 intelppm (8c953733d8f36eb2133f5bb58808b66b) E:\WINDOWS\system32\DRIVERS\intelppm.sys
15:26:38.0968 5724 intelppm - ok
15:26:39.0015 5724 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) E:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:26:39.0015 5724 Ip6Fw - ok
15:26:39.0062 5724 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) E:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:26:39.0062 5724 IpFilterDriver - ok
15:26:39.0093 5724 IpInIp (b87ab476dcf76e72010632b5550955f5) E:\WINDOWS\system32\DRIVERS\ipinip.sys
15:26:39.0093 5724 IpInIp - ok
15:26:39.0125 5724 IpNat (cc748ea12c6effde940ee98098bf96bb) E:\WINDOWS\system32\DRIVERS\ipnat.sys
15:26:39.0140 5724 IpNat - ok
15:26:39.0203 5724 iPod Service (9033d67b7112d23eded6789bacded128) E:\Program Files\iPod\bin\iPodService.exe
15:26:39.0218 5724 iPod Service - ok
15:26:39.0250 5724 IPSec (23c74d75e36e7158768dd63d92789a91) E:\WINDOWS\system32\DRIVERS\ipsec.sys
15:26:39.0250 5724 IPSec - ok
15:26:39.0281 5724 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) E:\WINDOWS\system32\DRIVERS\irenum.sys
15:26:39.0281 5724 IRENUM - ok
15:26:39.0296 5724 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) E:\WINDOWS\system32\DRIVERS\isapnp.sys
15:26:39.0312 5724 isapnp - ok
15:26:39.0359 5724 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) E:\Program Files\Java\jre6\bin\jqs.exe
15:26:39.0421 5724 JavaQuickStarterService - ok
15:26:39.0453 5724 Kbdclass (463c1ec80cd17420a542b7f36a36f128) E:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:26:39.0453 5724 Kbdclass - ok
15:26:39.0484 5724 kbdhid (9ef487a186dea361aa06913a75b3fa99) E:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:26:39.0500 5724 kbdhid - ok
15:26:39.0515 5724 KiesAllShare - ok
15:26:39.0546 5724 kmixer (692bcf44383d056aed41b045a323d378) E:\WINDOWS\system32\drivers\kmixer.sys
15:26:39.0546 5724 kmixer - ok
15:26:39.0562 5724 KSecDD (b467646c54cc746128904e1654c750c1) E:\WINDOWS\system32\drivers\KSecDD.sys
15:26:39.0578 5724 KSecDD - ok
15:26:39.0609 5724 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) E:\WINDOWS\System32\srvsvc.dll
15:26:39.0640 5724 LanmanServer - ok
15:26:39.0687 5724 lanmanworkstation (a8888a5327621856c0cec4e385f69309) E:\WINDOWS\System32\wkssvc.dll
15:26:39.0687 5724 lanmanworkstation - ok
15:26:39.0687 5724 lbrtfdc - ok
15:26:39.0718 5724 LmHosts (a7db739ae99a796d91580147e919cc59) E:\WINDOWS\System32\lmhsvc.dll
15:26:39.0734 5724 LmHosts - ok
15:26:39.0781 5724 LMS (5460828f8951d310b42b442877603b8d) E:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:26:39.0781 5724 LMS - ok
15:26:39.0828 5724 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) E:\WINDOWS\system32\drivers\mbamswissarmy.sys
15:26:39.0843 5724 MBAMSwissArmy - ok
15:26:39.0875 5724 Messenger (986b1ff5814366d71e0ac5755c88f2d3) E:\WINDOWS\System32\msgsvc.dll
15:26:39.0875 5724 Messenger - ok
15:26:39.0906 5724 mi-raysat_3dsMax2009_32 (aa0c4a2c33ce075df2c272d678734991) E:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
15:26:40.0359 5724 mi-raysat_3dsMax2009_32 - ok
15:26:40.0421 5724 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) E:\WINDOWS\system32\drivers\mnmdd.sys
15:26:40.0421 5724 mnmdd - ok
15:26:40.0468 5724 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) E:\WINDOWS\system32\mnmsrvc.exe
15:26:40.0468 5724 mnmsrvc - ok
15:26:40.0515 5724 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) E:\WINDOWS\system32\drivers\Modem.sys
15:26:40.0515 5724 Modem - ok
15:26:40.0578 5724 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) E:\WINDOWS\system32\DRIVERS\mouclass.sys
15:26:40.0578 5724 Mouclass - ok
15:26:40.0609 5724 mouhid (b1c303e17fb9d46e87a98e4ba6769685) E:\WINDOWS\system32\DRIVERS\mouhid.sys
15:26:40.0609 5724 mouhid - ok
15:26:40.0640 5724 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) E:\WINDOWS\system32\drivers\MountMgr.sys
15:26:40.0640 5724 MountMgr - ok
15:26:40.0656 5724 mraid35x - ok
15:26:40.0687 5724 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) E:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:26:40.0703 5724 MRxDAV - ok
15:26:40.0750 5724 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) E:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:26:40.0796 5724 MRxSmb - ok
15:26:40.0843 5724 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) E:\WINDOWS\system32\msdtc.exe
15:26:40.0843 5724 MSDTC - ok
15:26:40.0875 5724 Msfs (c941ea2454ba8350021d774daf0f1027) E:\WINDOWS\system32\drivers\Msfs.sys
15:26:40.0875 5724 Msfs - ok
15:26:40.0890 5724 MSIServer - ok
15:26:40.0921 5724 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) E:\WINDOWS\system32\drivers\MSKSSRV.sys
15:26:40.0937 5724 MSKSSRV - ok
15:26:40.0968 5724 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) E:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:26:40.0968 5724 MSPCLOCK - ok
15:26:41.0015 5724 MSPQM (bad59648ba099da4a17680b39730cb3d) E:\WINDOWS\system32\drivers\MSPQM.sys
15:26:41.0015 5724 MSPQM - ok
15:26:41.0078 5724 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) E:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:26:41.0078 5724 mssmbios - ok
15:26:41.0125 5724 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) E:\WINDOWS\system32\drivers\MSTEE.sys
15:26:41.0125 5724 MSTEE - ok
15:26:41.0171 5724 Mup (de6a75f5c270e756c5508d94b6cf68f5) E:\WINDOWS\system32\drivers\Mup.sys
15:26:41.0203 5724 Mup - ok
15:26:41.0265 5724 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:26:41.0265 5724 NABTSFEC - ok
15:26:41.0312 5724 napagent (0102140028fad045756796e1c685d695) E:\WINDOWS\System32\qagentrt.dll
15:26:41.0328 5724 napagent - ok
15:26:41.0406 5724 NBService (87a00faedd703d8d2bdcb29ce5eeea6b) E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
15:26:42.0062 5724 NBService - ok
15:26:42.0203 5724 NDIS (1df7f42665c94b825322fae71721130d) E:\WINDOWS\system32\drivers\NDIS.sys
15:26:42.0203 5724 NDIS - ok
15:26:42.0250 5724 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) E:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:26:42.0265 5724 NdisIP - ok
15:26:42.0281 5724 NdisTapi (0109c4f3850dfbab279542515386ae22) E:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:26:42.0500 5724 NdisTapi - ok
15:26:42.0562 5724 Ndisuio (f927a4434c5028758a842943ef1a3849) E:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:26:42.0562 5724 Ndisuio - ok
15:26:42.0609 5724 NdisWan (edc1531a49c80614b2cfda43ca8659ab) E:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:26:42.0609 5724 NdisWan - ok
15:26:42.0640 5724 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) E:\WINDOWS\system32\drivers\NDProxy.sys
15:26:42.0671 5724 NDProxy - ok
15:26:42.0734 5724 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) E:\WINDOWS\system32\DRIVERS\netbios.sys
15:26:42.0734 5724 NetBIOS - ok
15:26:42.0765 5724 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) E:\WINDOWS\system32\DRIVERS\netbt.sys
15:26:42.0765 5724 NetBT - ok
15:26:42.0812 5724 NetDDE (b857ba82860d7ff85ae29b095645563b) E:\WINDOWS\system32\netdde.exe
15:26:42.0828 5724 NetDDE - ok
15:26:42.0828 5724 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) E:\WINDOWS\system32\netdde.exe
15:26:42.0828 5724 NetDDEdsdm - ok
15:26:42.0875 5724 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:26:42.0875 5724 Netlogon - ok
15:26:42.0921 5724 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) E:\WINDOWS\System32\netman.dll
15:26:42.0921 5724 Netman - ok
15:26:42.0984 5724 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:26:43.0046 5724 NetTcpPortSharing - ok
15:26:43.0093 5724 Nla (943337d786a56729263071623bbb9de5) E:\WINDOWS\System32\mswsock.dll
15:26:43.0109 5724 Nla - ok
15:26:43.0125 5724 Npfs (3182d64ae053d6fb034f44b6def8034a) E:\WINDOWS\system32\drivers\Npfs.sys
15:26:43.0125 5724 Npfs - ok
15:26:43.0203 5724 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) E:\WINDOWS\system32\drivers\Ntfs.sys
15:26:43.0250 5724 Ntfs - ok
15:26:43.0281 5724 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:26:43.0281 5724 NtLmSsp - ok
15:26:43.0312 5724 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) E:\WINDOWS\system32\ntmssvc.dll
15:26:43.0328 5724 NtmsSvc - ok
15:26:43.0359 5724 Null (73c1e1f395918bc2c6dd67af7591a3ad) E:\WINDOWS\system32\drivers\Null.sys
15:26:43.0359 5724 Null - ok
15:26:43.0546 5724 nv (4f14180092151d72ac76593e41740e65) E:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:26:43.0765 5724 nv - ok
15:26:43.0859 5724 NVHDA (cf68bcac297b4c98c1d25b81e4011de4) E:\WINDOWS\system32\drivers\nvhda32.sys
15:26:43.0890 5724 NVHDA - ok
15:26:43.0968 5724 nvsvc (99bc52c3523c16327c9bb989660b64b9) E:\WINDOWS\system32\nvsvc32.exe
15:26:44.0312 5724 nvsvc - ok
15:26:44.0375 5724 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) E:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:26:44.0375 5724 NwlnkFlt - ok
15:26:44.0406 5724 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) E:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:26:44.0406 5724 NwlnkFwd - ok
15:26:44.0484 5724 ose (7a56cf3e3f12e8af599963b16f50fb6a) E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:26:44.0484 5724 ose - ok
15:26:44.0546 5724 Parport (5575faf8f97ce5e713d108c2a58d7c7c) E:\WINDOWS\system32\drivers\Parport.sys
15:26:44.0546 5724 Parport - ok
15:26:44.0578 5724 PartMgr (beb3ba25197665d82ec7065b724171c6) E:\WINDOWS\system32\drivers\PartMgr.sys
15:26:44.0578 5724 PartMgr - ok
15:26:44.0593 5724 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) E:\WINDOWS\system32\drivers\ParVdm.sys
15:26:44.0593 5724 ParVdm - ok
15:26:44.0656 5724 pccsmcfd (fd2041e9ba03db7764b2248f02475079) E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:26:44.0656 5724 pccsmcfd - ok
15:26:44.0687 5724 PCI (a219903ccf74233761d92bef471a07b1) E:\WINDOWS\system32\DRIVERS\pci.sys
15:26:44.0687 5724 PCI - ok
15:26:44.0687 5724 PCIDump - ok
15:26:44.0703 5724 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) E:\WINDOWS\system32\DRIVERS\pciide.sys
15:26:44.0703 5724 PCIIde - ok
15:26:44.0750 5724 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) E:\WINDOWS\system32\drivers\Pcmcia.sys
15:26:44.0750 5724 Pcmcia - ok
15:26:44.0750 5724 PDCOMP - ok
15:26:44.0765 5724 PDFRAME - ok
15:26:44.0781 5724 PDRELI - ok
15:26:44.0781 5724 PDRFRAME - ok
15:26:44.0796 5724 perc2 - ok
15:26:44.0796 5724 perc2hib - ok
15:26:44.0843 5724 PlugPlay (65df52f5b8b6e9bbd183505225c37315) E:\WINDOWS\system32\services.exe
15:26:44.0843 5724 PlugPlay - ok
15:26:44.0859 5724 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:26:44.0859 5724 PolicyAgent - ok
15:26:44.0890 5724 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) E:\WINDOWS\system32\DRIVERS\raspptp.sys
15:26:44.0890 5724 PptpMiniport - ok
15:26:44.0890 5724 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:26:44.0890 5724 ProtectedStorage - ok
15:26:44.0906 5724 PSched (09298ec810b07e5d582cb3a3f9255424) E:\WINDOWS\system32\DRIVERS\psched.sys
15:26:44.0906 5724 PSched - ok
15:26:44.0937 5724 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) E:\WINDOWS\system32\DRIVERS\ptilink.sys
15:26:44.0937 5724 Ptilink - ok
15:26:44.0937 5724 ql1080 - ok
15:26:44.0937 5724 Ql10wnt - ok
15:26:44.0953 5724 ql12160 - ok
15:26:44.0968 5724 ql1240 - ok
15:26:44.0968 5724 ql1280 - ok
15:26:45.0000 5724 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) E:\WINDOWS\system32\DRIVERS\rasacd.sys
15:26:45.0000 5724 RasAcd - ok
15:26:45.0093 5724 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) E:\WINDOWS\System32\rasauto.dll
15:26:45.0093 5724 RasAuto - ok
15:26:45.0234 5724 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) E:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:26:45.0265 5724 Rasl2tp - ok
15:26:45.0281 5724 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) E:\WINDOWS\System32\rasmans.dll
15:26:45.0296 5724 RasMan - ok
15:26:45.0296 5724 RasPppoe (5bc962f2654137c9909c3d4603587dee) E:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:26:45.0312 5724 RasPppoe - ok
15:26:45.0312 5724 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) E:\WINDOWS\system32\DRIVERS\raspti.sys
15:26:45.0312 5724 Raspti - ok
15:26:45.0343 5724 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) E:\WINDOWS\system32\DRIVERS\rdbss.sys
15:26:45.0343 5724 Rdbss - ok
15:26:45.0359 5724 RDPCDD (4912d5b403614ce99c28420f75353332) E:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:26:45.0359 5724 RDPCDD - ok
15:26:45.0390 5724 rdpdr (15cabd0f7c00c47c70124907916af3f1) E:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:26:45.0406 5724 rdpdr - ok
15:26:45.0437 5724 RDPWD (5b3055daa788bd688594d2f5981f2a83) E:\WINDOWS\system32\drivers\RDPWD.sys
15:26:45.0640 5724 RDPWD - ok
15:26:45.0671 5724 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) E:\WINDOWS\system32\sessmgr.exe
15:26:45.0671 5724 RDSessMgr - ok
15:26:45.0703 5724 redbook (f828dd7e1419b6653894a8f97a0094c5) E:\WINDOWS\system32\DRIVERS\redbook.sys
15:26:45.0703 5724 redbook - ok
15:26:45.0734 5724 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) E:\WINDOWS\System32\mprdim.dll
15:26:45.0750 5724 RemoteAccess - ok
15:26:45.0781 5724 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) E:\WINDOWS\system32\regsvc.dll
15:26:45.0781 5724 RemoteRegistry - ok
15:26:45.0812 5724 RpcLocator (aaed593f84afa419bbae8572af87cf6a) E:\WINDOWS\system32\locator.exe
15:26:45.0812 5724 RpcLocator - ok
15:26:45.0843 5724 RpcSs (6b27a5c03dfb94b4245739065431322c) E:\WINDOWS\system32\rpcss.dll
15:26:45.0843 5724 RpcSs - ok
15:26:45.0890 5724 RSVP (471b3f9741d762abe75e9deea4787e47) E:\WINDOWS\system32\rsvp.exe
15:26:45.0890 5724 RSVP - ok
15:26:45.0921 5724 RTLE8023xp (387c8f70e992efa3d25816ecc1ab2b8b) E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
15:26:45.0937 5724 RTLE8023xp - ok
15:26:45.0953 5724 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:26:45.0953 5724 SamSs - ok
15:26:45.0984 5724 SCardSvr (86d007e7a654b9a71d1d7d856b104353) E:\WINDOWS\System32\SCardSvr.exe
15:26:45.0984 5724 SCardSvr - ok
15:26:46.0015 5724 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) E:\WINDOWS\system32\schedsvc.dll
15:26:46.0031 5724 Schedule - ok
15:26:46.0046 5724 Secdrv (90a3935d05b494a5a39d37e71f09a677) E:\WINDOWS\system32\DRIVERS\secdrv.sys
15:26:46.0046 5724 Secdrv - ok
15:26:46.0062 5724 seclogon (cbe612e2bb6a10e3563336191eda1250) E:\WINDOWS\System32\seclogon.dll
15:26:46.0062 5724 seclogon - ok
15:26:46.0062 5724 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) E:\WINDOWS\system32\sens.dll
15:26:46.0078 5724 SENS - ok
15:26:46.0093 5724 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) E:\WINDOWS\system32\drivers\Serial.sys
15:26:46.0109 5724 Serial - ok
15:26:46.0203 5724 ServiceLayer (3ec8de67b1c78c31e54c0f030e6bd7d5) E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:26:46.0781 5724 ServiceLayer - ok
15:26:46.0859 5724 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) E:\WINDOWS\system32\drivers\Sfloppy.sys
15:26:46.0875 5724 Sfloppy - ok
15:26:46.0921 5724 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) E:\WINDOWS\System32\ipnathlp.dll
15:26:46.0921 5724 SharedAccess - ok
15:26:46.0984 5724 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) E:\WINDOWS\System32\shsvcs.dll
15:26:46.0984 5724 ShellHWDetection - ok
15:26:47.0000 5724 Simbad - ok
15:26:47.0078 5724 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) E:\Program Files\Skype\Updater\Updater.exe
15:26:47.0093 5724 SkypeUpdate - ok
15:26:47.0156 5724 SLIP (866d538ebe33709a5c9f5c62b73b7d14) E:\WINDOWS\system32\DRIVERS\SLIP.sys
15:26:47.0171 5724 SLIP - ok
15:26:47.0234 5724 SolidWorks Licensing Service (fd17103aabd35f727255607b8898e7e4) E:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
15:26:47.0406 5724 SolidWorks Licensing Service - ok
15:26:47.0437 5724 Sparrow - ok
15:26:47.0500 5724 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) E:\WINDOWS\system32\drivers\splitter.sys
15:26:47.0500 5724 splitter - ok
15:26:47.0546 5724 Spooler (60784f891563fb1b767f70117fc2428f) E:\WINDOWS\system32\spoolsv.exe
15:26:47.0562 5724 Spooler - ok
15:26:47.0593 5724 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) E:\WINDOWS\system32\DRIVERS\sr.sys
15:26:47.0609 5724 sr - ok
15:26:47.0625 5724 srservice (3805df0ac4296a34ba4bf93b346cc378) E:\WINDOWS\system32\srsvc.dll
15:26:47.0640 5724 srservice - ok
15:26:47.0687 5724 Srv (47ddfc2f003f7f9f0592c6874962a2e7) E:\WINDOWS\system32\DRIVERS\srv.sys
15:26:47.0718 5724 Srv - ok
15:26:47.0765 5724 SSDPSRV (0a5679b3714edab99e357057ee88fca6) E:\WINDOWS\System32\ssdpsrv.dll
15:26:47.0765 5724 SSDPSRV - ok
15:26:47.0796 5724 STacSV (72c4ab16d4152ec65ad9c2bbb5c25302) e:\program files\idt\wdm\stacsv.exe
15:26:47.0796 5724 STacSV - ok
15:26:47.0812 5724 stdflt (972f577308b006070de8d09573dbae53) E:\WINDOWS\system32\DRIVERS\stdflt.sys
15:26:47.0812 5724 stdflt - ok
15:26:47.0859 5724 STHDA (462206697984111b2c30e7cf7c580146) E:\WINDOWS\system32\drivers\sthda.sys
15:26:47.0890 5724 STHDA - ok
15:26:47.0906 5724 stisvc (8bad69cbac032d4bbacfce0306174c30) E:\WINDOWS\system32\wiaservc.dll
15:26:47.0921 5724 stisvc - ok
15:26:47.0953 5724 streamip (77813007ba6265c4b6098187e6ed79d2) E:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:26:47.0953 5724 streamip - ok
15:26:47.0984 5724 swenum (3941d127aef12e93addf6fe6ee027e0f) E:\WINDOWS\system32\DRIVERS\swenum.sys
15:26:47.0984 5724 swenum - ok
15:26:48.0000 5724 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) E:\WINDOWS\system32\drivers\swmidi.sys
15:26:48.0000 5724 swmidi - ok
15:26:48.0000 5724 SwPrv - ok
15:26:48.0015 5724 symc810 - ok
15:26:48.0031 5724 symc8xx - ok
15:26:48.0046 5724 sym_hi - ok
15:26:48.0046 5724 sym_u3 - ok
15:26:48.0093 5724 SynTP (cf196a45fd61118c95585489fad5b2aa) E:\WINDOWS\system32\DRIVERS\SynTP.sys
15:26:48.0125 5724 SynTP - ok
15:26:48.0140 5724 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) E:\WINDOWS\system32\drivers\sysaudio.sys
15:26:48.0140 5724 sysaudio - ok
15:26:48.0171 5724 SysmonLog (c7abbc59b43274b1109df6b24d617051) E:\WINDOWS\system32\smlogsvc.exe
15:26:48.0171 5724 SysmonLog - ok
15:26:48.0203 5724 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) E:\WINDOWS\System32\tapisrv.dll
15:26:48.0218 5724 TapiSrv - ok
15:26:48.0234 5724 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) E:\WINDOWS\system32\DRIVERS\tcpip.sys
15:26:48.0250 5724 Tcpip - ok
15:26:48.0265 5724 TDPIPE (6471a66807f5e104e4885f5b67349397) E:\WINDOWS\system32\drivers\TDPIPE.sys
15:26:48.0265 5724 TDPIPE - ok
15:26:48.0296 5724 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) E:\WINDOWS\system32\drivers\TDTCP.sys
15:26:48.0296 5724 TDTCP - ok
15:26:48.0312 5724 TermDD (88155247177638048422893737429d9e) E:\WINDOWS\system32\DRIVERS\termdd.sys
15:26:48.0312 5724 TermDD - ok
15:26:48.0359 5724 TermService (ff3477c03be7201c294c35f684b3479f) E:\WINDOWS\System32\termsrv.dll
15:26:48.0359 5724 TermService - ok
15:26:48.0406 5724 Themes (99bc0b50f511924348be19c7c7313bbf) E:\WINDOWS\System32\shsvcs.dll
15:26:48.0406 5724 Themes - ok
15:26:48.0437 5724 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) E:\WINDOWS\system32\tlntsvr.exe
15:26:48.0437 5724 TlntSvr - ok
15:26:48.0453 5724 TosIde - ok
15:26:48.0484 5724 TrkWks (55bca12f7f523d35ca3cb833c725f54e) E:\WINDOWS\system32\trkwks.dll
15:26:48.0500 5724 TrkWks - ok
15:26:48.0531 5724 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) E:\WINDOWS\system32\drivers\Udfs.sys
15:26:48.0531 5724 Udfs - ok
15:26:48.0546 5724 ultra - ok
15:26:48.0625 5724 UNS (9e89c2d6945389270de067ce51ff7425) E:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:26:48.0656 5724 UNS - ok
15:26:48.0703 5724 Update (402ddc88356b1bac0ee3dd1580c76a31) E:\WINDOWS\system32\DRIVERS\update.sys
15:26:48.0718 5724 Update - ok
15:26:48.0750 5724 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) E:\WINDOWS\System32\upnphost.dll
15:26:48.0750 5724 upnphost - ok
15:26:48.0781 5724 UPS (05365fb38fca1e98f7a566aaaf5d1815) E:\WINDOWS\System32\ups.exe
15:26:48.0781 5724 UPS - ok
15:26:48.0843 5724 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) E:\WINDOWS\system32\Drivers\usbaapl.sys
15:26:48.0875 5724 USBAAPL - ok
15:26:48.0921 5724 usbccgp (173f317ce0db8e21322e71b7e60a27e8) E:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:26:48.0921 5724 usbccgp - ok
15:26:48.0953 5724 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) E:\WINDOWS\system32\DRIVERS\usbehci.sys
15:26:48.0953 5724 usbehci - ok
15:26:48.0984 5724 usbhub (1ab3cdde553b6e064d2e754efe20285c) E:\WINDOWS\system32\DRIVERS\usbhub.sys
15:26:48.0984 5724 usbhub - ok
15:26:49.0046 5724 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) E:\WINDOWS\system32\DRIVERS\usbscan.sys
15:26:49.0046 5724 usbscan - ok
15:26:49.0078 5724 usbstor (a32426d9b14a089eaa1d922e0c5801a9) E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:26:49.0078 5724 usbstor - ok
15:26:49.0125 5724 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) E:\WINDOWS\system32\Drivers\usbvideo.sys
15:26:49.0125 5724 usbvideo - ok
15:26:49.0156 5724 UserAccess7 (0edfe36e05a62888eff6d97ae494b2a5) E:\WINDOWS\system32\UAService7.exe
15:26:49.0437 5724 UserAccess7 - ok
15:26:49.0515 5724 vcsFPService (fcf1a2bddcdf9f317b9650800e61c397) E:\WINDOWS\system32\vcsFPService.exe
15:26:50.0046 5724 vcsFPService - ok
15:26:50.0109 5724 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) E:\WINDOWS\System32\drivers\vga.sys
15:26:50.0109 5724 VgaSave - ok
15:26:50.0125 5724 ViaIde - ok
15:26:50.0156 5724 VolSnap (4c8fcb5cc53aab716d810740fe59d025) E:\WINDOWS\system32\drivers\VolSnap.sys
15:26:50.0156 5724 VolSnap - ok
15:26:50.0187 5724 VSS (7a9db3a67c333bf0bd42e42b8596854b) E:\WINDOWS\System32\vssvc.exe
15:26:50.0203 5724 VSS - ok
15:26:50.0265 5724 W32Time (54af4b1d5459500ef0937f6d33b1914f) E:\WINDOWS\system32\w32time.dll
15:26:50.0265 5724 W32Time - ok
15:26:50.0296 5724 Wanarp (e20b95baedb550f32dd489265c1da1f6) E:\WINDOWS\system32\DRIVERS\wanarp.sys
15:26:50.0296 5724 Wanarp - ok
15:26:50.0343 5724 Wdf01000 (d918617b46457b9ac28027722e30f647) E:\WINDOWS\system32\Drivers\wdf01000.sys
15:26:50.0359 5724 Wdf01000 - ok
15:26:50.0375 5724 WDICA - ok
15:26:50.0437 5724 wdmaud (6768acf64b18196494413695f0c3a00f) E:\WINDOWS\system32\drivers\wdmaud.sys
15:26:50.0437 5724 wdmaud - ok
15:26:50.0484 5724 WebClient (77a354e28153ad2d5e120a5a8687bc06) E:\WINDOWS\System32\webclnt.dll
15:26:50.0500 5724 WebClient - ok
15:26:50.0562 5724 winmgmt (2d0e4ed081963804ccc196a0929275b5) E:\WINDOWS\system32\wbem\WMIsvc.dll
15:26:50.0562 5724 winmgmt - ok
15:26:50.0625 5724 WinUSB (fd600b032e741eb6aab509fc630f7c42) E:\WINDOWS\system32\DRIVERS\WinUSB.sys
15:26:50.0640 5724 WinUSB - ok
15:26:50.0671 5724 wltrysvc - ok
15:26:50.0703 5724 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) E:\WINDOWS\system32\MsPMSNSv.dll
15:26:50.0703 5724 WmdmPmSN - ok
15:26:50.0765 5724 Wmi (e76f8807070ed04e7408a86d6d3a6137) E:\WINDOWS\System32\advapi32.dll
15:26:50.0781 5724 Wmi - ok
15:26:50.0828 5724 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) E:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:26:50.0828 5724 WmiAcpi - ok
15:26:50.0843 5724 WmiApSrv (e0673f1106e62a68d2257e376079f821) E:\WINDOWS\system32\wbem\wmiapsrv.exe
15:26:50.0843 5724 WmiApSrv - ok
15:26:51.0000 5724 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:26:51.0015 5724 WPFFontCache_v0400 - ok
15:26:51.0093 5724 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) E:\WINDOWS\System32\drivers\ws2ifsl.sys
15:26:51.0093 5724 WS2IFSL - ok
15:26:51.0125 5724 wscsvc (7c278e6408d1dce642230c0585a854d5) E:\WINDOWS\system32\wscsvc.dll
15:26:51.0140 5724 wscsvc - ok
15:26:51.0187 5724 WSTCODEC (c98b39829c2bbd34e454150633c62c78) E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:26:51.0203 5724 WSTCODEC - ok
15:26:51.0203 5724 wuauserv - ok
15:26:51.0250 5724 WudfPf (f15feafffbb3644ccc80c5da584e6311) E:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:26:51.0265 5724 WudfPf - ok
15:26:51.0296 5724 WudfRd (28b524262bce6de1f7ef9f510ba3985b) E:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:26:51.0312 5724 WudfRd - ok
15:26:51.0375 5724 WudfSvc (05231c04253c5bc30b26cbaae680ed89) E:\WINDOWS\System32\WUDFSvc.dll
15:26:51.0406 5724 WudfSvc - ok
15:26:51.0437 5724 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) E:\WINDOWS\System32\wzcsvc.dll
15:26:51.0453 5724 WZCSVC - ok
15:26:51.0484 5724 xmlprov (295d21f14c335b53cb8154e5b1f892b9) E:\WINDOWS\System32\xmlprov.dll
15:26:51.0578 5724 xmlprov - ok
15:26:51.0593 5724 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:26:52.0031 5724 \Device\Harddisk0\DR0 - ok
15:26:52.0031 5724 Boot (0x1200) (7772685acba33edec19d86b4a0918a69) \Device\Harddisk0\DR0\Partition0
15:26:52.0031 5724 \Device\Harddisk0\DR0\Partition0 - ok
15:26:52.0031 5724 ============================================================
15:26:52.0031 5724 Scan finished
15:26:52.0031 5724 ============================================================
15:26:52.0046 2504 Detected object count: 0
15:26:52.0046 2504 Actual detected object count: 0
15:27:41.0000 5732 ============================================================
15:27:41.0000 5732 Scan started
15:27:41.0000 5732 Mode: Manual;
15:27:41.0000 5732 ============================================================
15:27:41.0453 5732 Abiosdsk - ok
15:27:41.0468 5732 abp480n5 - ok
15:27:41.0515 5732 Acceler (3c189400c996a4301c3f1bd93c9c1a17) E:\WINDOWS\system32\DRIVERS\Acceler.sys
15:27:41.0515 5732 Acceler - ok
15:27:41.0562 5732 ACPI (8fd99680a539792a30e97944fdaecf17) E:\WINDOWS\system32\DRIVERS\ACPI.sys
15:27:41.0562 5732 ACPI - ok
15:27:41.0609 5732 ACPIEC (9859c0f6936e723e4892d7141b1327d5) E:\WINDOWS\system32\drivers\ACPIEC.sys
15:27:41.0609 5732 ACPIEC - ok
15:27:41.0656 5732 adfs (6d7f09cd92a9fef3a8efce66231fdd79) E:\WINDOWS\system32\drivers\adfs.sys
15:27:41.0656 5732 adfs - ok
15:27:41.0718 5732 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:27:41.0718 5732 Adobe LM Service - ok
15:27:41.0750 5732 adpu160m - ok
15:27:41.0796 5732 aec (8bed39e3c35d6a489438b8141717a557) E:\WINDOWS\system32\drivers\aec.sys
15:27:41.0796 5732 aec - ok
15:27:41.0843 5732 AESTAud (f21d5e93a94514be9f5b6ebf74a696b2) E:\WINDOWS\system32\drivers\AESTAud.sys
15:27:41.0843 5732 AESTAud - ok
15:27:41.0890 5732 AFD (1e44bc1e83d8fd2305f8d452db109cf9) E:\WINDOWS\System32\drivers\afd.sys
15:27:41.0890 5732 AFD - ok
15:27:41.0906 5732 Aha154x - ok
15:27:41.0937 5732 aic78u2 - ok
15:27:41.0953 5732 aic78xx - ok
15:27:42.0015 5732 Alerter (a9a3daa780ca6c9671a19d52456705b4) E:\WINDOWS\system32\alrsvc.dll
15:27:42.0015 5732 Alerter - ok
15:27:42.0062 5732 ALG (8c515081584a38aa007909cd02020b3d) E:\WINDOWS\System32\alg.exe
15:27:42.0062 5732 ALG - ok
15:27:42.0078 5732 AliIde - ok
15:27:42.0093 5732 amsint - ok
15:27:42.0140 5732 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) E:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:27:42.0140 5732 Apple Mobile Device - ok
15:27:42.0187 5732 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) E:\WINDOWS\System32\appmgmts.dll
15:27:42.0187 5732 AppMgmt - ok
15:27:42.0218 5732 asc - ok
15:27:42.0234 5732 asc3350p - ok
15:27:42.0250 5732 asc3550 - ok
15:27:42.0296 5732 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:27:42.0296 5732 aspnet_state - ok
15:27:42.0343 5732 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) E:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:27:42.0343 5732 AsyncMac - ok
15:27:42.0390 5732 atapi (9f3a2f5aa6875c72bf062c712cfa2674) E:\WINDOWS\system32\DRIVERS\atapi.sys
15:27:42.0390 5732 atapi - ok
15:27:42.0406 5732 Atdisk - ok
15:27:42.0437 5732 Atmarpc (9916c1225104ba14794209cfa8012159) E:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:27:42.0437 5732 Atmarpc - ok
15:27:42.0500 5732 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) E:\WINDOWS\System32\audiosrv.dll
15:27:42.0500 5732 AudioSrv - ok
15:27:42.0546 5732 audstub (d9f724aa26c010a217c97606b160ed68) E:\WINDOWS\system32\DRIVERS\audstub.sys
15:27:42.0546 5732 audstub - ok
15:27:42.0578 5732 Autodesk Licensing Service (ead65493edba0ebea2192d46b938298e) E:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
15:27:42.0578 5732 Autodesk Licensing Service - ok
15:27:42.0718 5732 AVGIDSAgent (f5689fba4360be50839999882e0a9d99) E:\Program Files\AVG\AVG2012\avgidsagent.exe
15:27:42.0765 5732 AVGIDSAgent - ok
15:27:42.0828 5732 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) E:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
15:27:42.0828 5732 AVGIDSDriver - ok
15:27:42.0875 5732 AVGIDSEH (f4050c31e6a83cf1e4cdc80d165f7f08) E:\WINDOWS\system32\DRIVERS\avgidsehx.sys
15:27:42.0875 5732 AVGIDSEH - ok
15:27:42.0906 5732 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) E:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
15:27:42.0906 5732 AVGIDSFilter - ok
15:27:42.0968 5732 AVGIDSShim (baf975b72062f53d327788e99d64197e) E:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
15:27:42.0968 5732 AVGIDSShim - ok
15:27:43.0000 5732 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) E:\WINDOWS\system32\DRIVERS\avgldx86.sys
15:27:43.0000 5732 Avgldx86 - ok
15:27:43.0031 5732 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) E:\WINDOWS\system32\DRIVERS\avgmfx86.sys
15:27:43.0031 5732 Avgmfx86 - ok
15:27:43.0046 5732 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) E:\WINDOWS\system32\DRIVERS\avgrkx86.sys
15:27:43.0046 5732 Avgrkx86 - ok
15:27:43.0093 5732 Avgtdix (b2fc9d4de6a2e57a4dfb5a11440c5b85) E:\WINDOWS\system32\DRIVERS\avgtdix.sys
15:27:43.0093 5732 Avgtdix - ok
15:27:43.0125 5732 avgwd (ea1145debcd508fd25bd1e95c4346929) E:\Program Files\AVG\AVG2012\avgwdsvc.exe
15:27:43.0125 5732 avgwd - ok
15:27:43.0203 5732 BCM43XX (345d38f298368dd6b0df5c4f37457a22) E:\WINDOWS\system32\DRIVERS\bcmwl5.sys
15:27:43.0234 5732 BCM43XX - ok
15:27:43.0296 5732 Beep (da1f27d85e0d1525f6621372e7b685e9) E:\WINDOWS\system32\drivers\Beep.sys
15:27:43.0296 5732 Beep - ok
15:27:43.0406 5732 BITS (574738f61fca2935f5265dc4e5691314) E:\WINDOWS\system32\qmgr.dll
15:27:43.0421 5732 BITS - ok
15:27:43.0500 5732 Browser (a06ce3399d16db864f55faeb1f1927a9) E:\WINDOWS\System32\browser.dll
15:27:43.0515 5732 Browser - ok
15:27:43.0562 5732 btaudio (9e8cf88d340e32fcb3c53955b2df388f) E:\WINDOWS\system32\drivers\btaudio.sys
15:27:43.0562 5732 btaudio - ok
15:27:43.0593 5732 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) E:\WINDOWS\system32\DRIVERS\btport.sys
15:27:43.0593 5732 BTDriver - ok
15:27:43.0640 5732 BTKRNL (9f704f40cd50ae05bbfc492c0342e765) E:\WINDOWS\system32\DRIVERS\btkrnl.sys
15:27:43.0656 5732 BTKRNL - ok
15:27:43.0703 5732 btwdins (8487071731230d3d40807e0b28f64725) E:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
15:27:43.0703 5732 btwdins - ok
15:27:43.0796 5732 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) E:\WINDOWS\system32\DRIVERS\btwdndis.sys
15:27:43.0796 5732 BTWDNDIS - ok
15:27:43.0812 5732 btwhid (c51d50cf24da69a9c499e65b0edb3bb7) E:\WINDOWS\system32\DRIVERS\btwhid.sys
15:27:43.0812 5732 btwhid - ok
15:27:43.0828 5732 BTWUSB (581ca1a9b6f8cba92e3bc8460c14faab) E:\WINDOWS\system32\Drivers\btwusb.sys
15:27:43.0828 5732 BTWUSB - ok
15:27:43.0875 5732 catchme - ok
15:27:43.0921 5732 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) E:\WINDOWS\system32\drivers\cbidf2k.sys
15:27:43.0921 5732 cbidf2k - ok
15:27:43.0953 5732 CCDECODE (0be5aef125be881c4f854c554f2b025c) E:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:27:43.0953 5732 CCDECODE - ok
15:27:43.0953 5732 cd20xrnt - ok
15:27:44.0031 5732 Cdaudio (c1b486a7658353d33a10cc15211a873b) E:\WINDOWS\system32\drivers\Cdaudio.sys
15:27:44.0031 5732 Cdaudio - ok
15:27:44.0062 5732 Cdfs (c885b02847f5d2fd45a24e219ed93b32) E:\WINDOWS\system32\drivers\Cdfs.sys
15:27:44.0062 5732 Cdfs - ok
15:27:44.0078 5732 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) E:\WINDOWS\system32\DRIVERS\cdrom.sys
15:27:44.0093 5732 Cdrom - ok
15:27:44.0093 5732 cerc6 - ok
15:27:44.0093 5732 Changer - ok
15:27:44.0125 5732 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) E:\WINDOWS\system32\cisvc.exe
15:27:44.0125 5732 CiSvc - ok
15:27:44.0125 5732 ClipSrv (34cbe729f38138217f9c80212a2a0c82) E:\WINDOWS\system32\clipsrv.exe
15:27:44.0140 5732 ClipSrv - ok
15:27:44.0203 5732 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:27:44.0203 5732 clr_optimization_v2.0.50727_32 - ok
15:27:44.0234 5732 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:27:44.0250 5732 clr_optimization_v4.0.30319_32 - ok
15:27:44.0250 5732 CmBatt (0f6c187d38d98f8df904589a5f94d411) E:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:27:44.0250 5732 CmBatt - ok
15:27:44.0265 5732 CmdIde - ok
15:27:44.0281 5732 Compbatt (6e4c9f21f0fae8940661144f41b13203) E:\WINDOWS\system32\DRIVERS\compbatt.sys
15:27:44.0281 5732 Compbatt - ok
15:27:44.0281 5732 COMSysApp - ok
15:27:44.0296 5732 Cpqarray - ok
15:27:44.0312 5732 CryptSvc (3d4e199942e29207970e04315d02ad3b) E:\WINDOWS\System32\cryptsvc.dll
15:27:44.0312 5732 CryptSvc - ok
15:27:44.0328 5732 dac2w2k - ok
15:27:44.0328 5732 dac960nt - ok
15:27:44.0375 5732 DcomLaunch (6b27a5c03dfb94b4245739065431322c) E:\WINDOWS\system32\rpcss.dll
15:27:44.0375 5732 DcomLaunch - ok
15:27:44.0390 5732 dgderdrv - ok
15:27:44.0406 5732 Dhcp (5e38d7684a49cacfb752b046357e0589) E:\WINDOWS\System32\dhcpcsvc.dll
15:27:44.0406 5732 Dhcp - ok
15:27:44.0421 5732 Disk (044452051f3e02e7963599fc8f4f3e25) E:\WINDOWS\system32\DRIVERS\disk.sys
15:27:44.0421 5732 Disk - ok
15:27:44.0421 5732 dmadmin - ok
15:27:44.0468 5732 dmboot (d992fe1274bde0f84ad826acae022a41) E:\WINDOWS\system32\drivers\dmboot.sys
15:27:44.0484 5732 dmboot - ok
15:27:44.0484 5732 dmio (7c824cf7bbde77d95c08005717a95f6f) E:\WINDOWS\system32\drivers\dmio.sys
15:27:44.0484 5732 dmio - ok
15:27:44.0500 5732 dmload (e9317282a63ca4d188c0df5e09c6ac5f) E:\WINDOWS\system32\drivers\dmload.sys
15:27:44.0500 5732 dmload - ok
15:27:44.0531 5732 dmserver (57edec2e5f59f0335e92f35184bc8631) E:\WINDOWS\System32\dmserver.dll
15:27:44.0531 5732 dmserver - ok
15:27:44.0546 5732 DMusic (8a208dfcf89792a484e76c40e5f50b45) E:\WINDOWS\system32\drivers\DMusic.sys
15:27:44.0546 5732 DMusic - ok
15:27:44.0578 5732 Dnscache (5f7e24fa9eab896051ffb87f840730d2) E:\WINDOWS\System32\dnsrslvr.dll
15:27:44.0578 5732 Dnscache - ok
15:27:44.0593 5732 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) E:\WINDOWS\System32\dot3svc.dll
15:27:44.0593 5732 Dot3svc - ok
15:27:44.0609 5732 dpti2o - ok
15:27:44.0671 5732 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) E:\WINDOWS\system32\drivers\drmkaud.sys
15:27:44.0671 5732 drmkaud - ok
15:27:44.0687 5732 EapHost (2187855a7703adef0cef9ee4285182cc) E:\WINDOWS\System32\eapsvc.dll
15:27:44.0687 5732 EapHost - ok
15:27:44.0718 5732 ERSvc (bc93b4a066477954555966d77fec9ecb) E:\WINDOWS\System32\ersvc.dll
15:27:44.0718 5732 ERSvc - ok
15:27:44.0750 5732 Eventlog (65df52f5b8b6e9bbd183505225c37315) E:\WINDOWS\system32\services.exe
15:27:44.0765 5732 Eventlog - ok
15:27:44.0796 5732 EventSystem (d4991d98f2db73c60d042f1aef79efae) E:\WINDOWS\system32\es.dll
15:27:44.0796 5732 EventSystem - ok
15:27:44.0843 5732 Fastfat (38d332a6d56af32635675f132548343e) E:\WINDOWS\system32\drivers\Fastfat.sys
15:27:44.0843 5732 Fastfat - ok
15:27:44.0875 5732 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) E:\WINDOWS\System32\shsvcs.dll
15:27:44.0875 5732 FastUserSwitchingCompatibility - ok
15:27:44.0906 5732 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) E:\WINDOWS\system32\drivers\Fdc.sys
15:27:44.0906 5732 Fdc - ok
15:27:44.0921 5732 Fips (d45926117eb9fa946a6af572fbe1caa3) E:\WINDOWS\system32\drivers\Fips.sys
15:27:44.0921 5732 Fips - ok
15:27:45.0031 5732 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:27:45.0046 5732 FLEXnet Licensing Service - ok
15:27:45.0062 5732 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) E:\WINDOWS\system32\drivers\Flpydisk.sys
15:27:45.0062 5732 Flpydisk - ok
15:27:45.0109 5732 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) E:\WINDOWS\system32\DRIVERS\fltMgr.sys
15:27:45.0109 5732 FltMgr - ok
15:27:45.0250 5732 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) e:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:27:45.0250 5732 FontCache3.0.0.0 - ok
15:27:45.0296 5732 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) E:\WINDOWS\system32\FsUsbExDisk.SYS
15:27:45.0296 5732 FsUsbExDisk - ok
15:27:45.0312 5732 FsUsbExService (f96c429788350db4ba6771c3034dfd88) E:\WINDOWS\system32\FsUsbExService.Exe
15:27:45.0312 5732 FsUsbExService - ok
15:27:45.0328 5732 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) E:\WINDOWS\system32\drivers\Fs_Rec.sys
15:27:45.0328 5732 Fs_Rec - ok
15:27:45.0343 5732 Ftdisk (6ac26732762483366c3969c9e4d2259d) E:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:27:45.0343 5732 Ftdisk - ok
15:27:45.0375 5732 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) E:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:27:45.0390 5732 GEARAspiWDM - ok
15:27:45.0421 5732 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) E:\WINDOWS\system32\DRIVERS\msgpc.sys
15:27:45.0421 5732 Gpc - ok
15:27:45.0468 5732 Hardlock (d64a40b94602158e40527ae95e7a9193) E:\WINDOWS\system32\drivers\hardlock.sys
15:27:45.0484 5732 Hardlock - ok
15:27:45.0515 5732 HDAudBus (573c7d0a32852b48f3058cfd8026f511) E:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:27:45.0531 5732 HDAudBus - ok
15:27:45.0546 5732 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) E:\WINDOWS\system32\DRIVERS\HECI.sys
15:27:45.0546 5732 HECI - ok
15:27:45.0562 5732 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) E:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:27:45.0562 5732 helpsvc - ok
15:27:45.0609 5732 HidServ (deb04da35cc871b6d309b77e1443c796) E:\WINDOWS\System32\hidserv.dll
15:27:45.0609 5732 HidServ - ok
15:27:45.0640 5732 hidusb (ccf82c5ec8a7326c3066de870c06daf1) E:\WINDOWS\system32\DRIVERS\hidusb.sys
15:27:45.0640 5732 hidusb - ok
15:27:45.0687 5732 hkmsvc (8878bd685e490239777bfe51320b88e9) E:\WINDOWS\System32\kmsvc.dll
15:27:45.0687 5732 hkmsvc - ok
15:27:45.0687 5732 hpn - ok
15:27:45.0750 5732 HTTP (f80a415ef82cd06ffaf0d971528ead38) E:\WINDOWS\system32\Drivers\HTTP.sys
15:27:45.0750 5732 HTTP - ok
15:27:45.0781 5732 HTTPFilter (6100a808600f44d999cebdef8841c7a3) E:\WINDOWS\System32\w3ssl.dll
15:27:45.0796 5732 HTTPFilter - ok
15:27:45.0796 5732 i2omgmt - ok
15:27:45.0812 5732 i2omp - ok
15:27:45.0859 5732 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) E:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:27:45.0859 5732 i8042prt - ok
15:27:45.0953 5732 idsvc (c01ac32dc5c03076cfb852cb5da5229c) E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:27:45.0953 5732 idsvc - ok
15:27:45.0984 5732 Imapi (083a052659f5310dd8b6a6cb05edcf8e) E:\WINDOWS\system32\DRIVERS\imapi.sys
15:27:45.0984 5732 Imapi - ok
15:27:46.0015 5732 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) E:\WINDOWS\system32\imapi.exe
15:27:46.0015 5732 ImapiService - ok
15:27:46.0046 5732 Impcd (2db41ba61d5e44d0667cf126d35dcf34) E:\WINDOWS\system32\DRIVERS\Impcd.sys
15:27:46.0046 5732 Impcd - ok
15:27:46.0046 5732 ini910u - ok
15:27:46.0062 5732 InstallFilterService (36944f997af08dd85985acbd17e8eda5) E:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
15:27:46.0078 5732 InstallFilterService - ok
15:27:46.0078 5732 IntelIde - ok
15:27:46.0093 5732 intelppm (8c953733d8f36eb2133f5bb58808b66b) E:\WINDOWS\system32\DRIVERS\intelppm.sys
15:27:46.0093 5732 intelppm - ok
15:27:46.0109 5732 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) E:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
15:27:46.0109 5732 Ip6Fw - ok
15:27:46.0125 5732 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) E:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:27:46.0140 5732 IpFilterDriver - ok
15:27:46.0140 5732 IpInIp (b87ab476dcf76e72010632b5550955f5) E:\WINDOWS\system32\DRIVERS\ipinip.sys
15:27:46.0140 5732 IpInIp - ok
15:27:46.0171 5732 IpNat (cc748ea12c6effde940ee98098bf96bb) E:\WINDOWS\system32\DRIVERS\ipnat.sys
15:27:46.0171 5732 IpNat - ok
15:27:46.0218 5732 iPod Service (9033d67b7112d23eded6789bacded128) E:\Program Files\iPod\bin\iPodService.exe
15:27:46.0218 5732 iPod Service - ok
15:27:46.0250 5732 IPSec (23c74d75e36e7158768dd63d92789a91) E:\WINDOWS\system32\DRIVERS\ipsec.sys
15:27:46.0250 5732 IPSec - ok
15:27:46.0281 5732 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) E:\WINDOWS\system32\DRIVERS\irenum.sys
15:27:46.0281 5732 IRENUM - ok
15:27:46.0312 5732 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) E:\WINDOWS\system32\DRIVERS\isapnp.sys
15:27:46.0312 5732 isapnp - ok
15:27:46.0359 5732 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) E:\Program Files\Java\jre6\bin\jqs.exe
15:27:46.0359 5732 JavaQuickStarterService - ok
15:27:46.0390 5732 Kbdclass (463c1ec80cd17420a542b7f36a36f128) E:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:27:46.0390 5732 Kbdclass - ok
15:27:46.0406 5732 kbdhid (9ef487a186dea361aa06913a75b3fa99) E:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:27:46.0406 5732 kbdhid - ok
15:27:46.0421 5732 KiesAllShare - ok
15:27:46.0437 5732 kmixer (692bcf44383d056aed41b045a323d378) E:\WINDOWS\system32\drivers\kmixer.sys
15:27:46.0453 5732 kmixer - ok
15:27:46.0468 5732 KSecDD (b467646c54cc746128904e1654c750c1) E:\WINDOWS\system32\drivers\KSecDD.sys
15:27:46.0468 5732 KSecDD - ok
15:27:46.0500 5732 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) E:\WINDOWS\System32\srvsvc.dll
15:27:46.0500 5732 LanmanServer - ok
15:27:46.0531 5732 lanmanworkstation (a8888a5327621856c0cec4e385f69309) E:\WINDOWS\System32\wkssvc.dll
15:27:46.0531 5732 lanmanworkstation - ok
15:27:46.0546 5732 lbrtfdc - ok
15:27:46.0578 5732 LmHosts (a7db739ae99a796d91580147e919cc59) E:\WINDOWS\System32\lmhsvc.dll
15:27:46.0578 5732 LmHosts - ok
15:27:46.0609 5732 LMS (5460828f8951d310b42b442877603b8d) E:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:27:46.0609 5732 LMS - ok
15:27:46.0625 5732 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) E:\WINDOWS\system32\drivers\mbamswissarmy.sys
15:27:46.0625 5732 MBAMSwissArmy - ok
15:27:46.0656 5732 Messenger (986b1ff5814366d71e0ac5755c88f2d3) E:\WINDOWS\System32\msgsvc.dll
15:27:46.0656 5732 Messenger - ok
15:27:46.0687 5732 mi-raysat_3dsMax2009_32 (aa0c4a2c33ce075df2c272d678734991) E:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
15:27:46.0687 5732 mi-raysat_3dsMax2009_32 - ok
15:27:46.0718 5732 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) E:\WINDOWS\system32\drivers\mnmdd.sys
15:27:46.0718 5732 mnmdd - ok
15:27:46.0750 5732 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) E:\WINDOWS\system32\mnmsrvc.exe
15:27:46.0750 5732 mnmsrvc - ok
15:27:46.0796 5732 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) E:\WINDOWS\system32\drivers\Modem.sys
15:27:46.0796 5732 Modem - ok
15:27:46.0828 5732 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) E:\WINDOWS\system32\DRIVERS\mouclass.sys
15:27:46.0828 5732 Mouclass - ok
15:27:46.0843 5732 mouhid (b1c303e17fb9d46e87a98e4ba6769685) E:\WINDOWS\system32\DRIVERS\mouhid.sys
15:27:46.0843 5732 mouhid - ok
15:27:46.0859 5732 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) E:\WINDOWS\system32\drivers\MountMgr.sys
15:27:46.0859 5732 MountMgr - ok
15:27:46.0875 5732 mraid35x - ok
15:27:46.0890 5732 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) E:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:27:46.0890 5732 MRxDAV - ok
15:27:46.0921 5732 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) E:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:27:46.0921 5732 MRxSmb - ok
15:27:46.0968 5732 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) E:\WINDOWS\system32\msdtc.exe
15:27:46.0968 5732 MSDTC - ok
15:27:46.0968 5732 Msfs (c941ea2454ba8350021d774daf0f1027) E:\WINDOWS\system32\drivers\Msfs.sys
15:27:46.0984 5732 Msfs - ok
15:27:46.0984 5732 MSIServer - ok
15:27:47.0031 5732 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) E:\WINDOWS\system32\drivers\MSKSSRV.sys
15:27:47.0046 5732 MSKSSRV - ok
15:27:47.0062 5732 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) E:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:27:47.0062 5732 MSPCLOCK - ok
15:27:47.0078 5732 MSPQM (bad59648ba099da4a17680b39730cb3d) E:\WINDOWS\system32\drivers\MSPQM.sys
15:27:47.0078 5732 MSPQM - ok
15:27:47.0125 5732 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) E:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:27:47.0125 5732 mssmbios - ok
15:27:47.0140 5732 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) E:\WINDOWS\system32\drivers\MSTEE.sys
15:27:47.0140 5732 MSTEE - ok
15:27:47.0187 5732 Mup (de6a75f5c270e756c5508d94b6cf68f5) E:\WINDOWS\system32\drivers\Mup.sys
15:27:47.0187 5732 Mup - ok
15:27:47.0218 5732 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:27:47.0218 5732 NABTSFEC - ok
15:27:47.0250 5732 napagent (0102140028fad045756796e1c685d695) E:\WINDOWS\System32\qagentrt.dll
15:27:47.0250 5732 napagent - ok
15:27:47.0328 5732 NBService (87a00faedd703d8d2bdcb29ce5eeea6b) E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
15:27:47.0328 5732 NBService - ok
15:27:47.0390 5732 NDIS (1df7f42665c94b825322fae71721130d) E:\WINDOWS\system32\drivers\NDIS.sys
15:27:47.0390 5732 NDIS - ok
15:27:47.0421 5732 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) E:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:27:47.0421 5732 NdisIP - ok
15:27:47.0453 5732 NdisTapi (0109c4f3850dfbab279542515386ae22) E:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:27:47.0453 5732 NdisTapi - ok
15:27:47.0484 5732 Ndisuio (f927a4434c5028758a842943ef1a3849) E:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:27:47.0484 5732 Ndisuio - ok
15:27:47.0515 5732 NdisWan (edc1531a49c80614b2cfda43ca8659ab) E:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:27:47.0515 5732 NdisWan - ok
15:27:47.0531 5732 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) E:\WINDOWS\system32\drivers\NDProxy.sys
15:27:47.0531 5732 NDProxy - ok
15:27:47.0546 5732 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) E:\WINDOWS\system32\DRIVERS\netbios.sys
15:27:47.0546 5732 NetBIOS - ok
15:27:47.0609 5732 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) E:\WINDOWS\system32\DRIVERS\netbt.sys
15:27:47.0609 5732 NetBT - ok
15:27:47.0656 5732 NetDDE (b857ba82860d7ff85ae29b095645563b) E:\WINDOWS\system32\netdde.exe
15:27:47.0656 5732 NetDDE - ok
15:27:47.0656 5732 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) E:\WINDOWS\system32\netdde.exe
15:27:47.0671 5732 NetDDEdsdm - ok
15:27:47.0734 5732 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:27:47.0734 5732 Netlogon - ok
15:27:47.0765 5732 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) E:\WINDOWS\System32\netman.dll
15:27:47.0765 5732 Netman - ok
15:27:47.0828 5732 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:27:47.0828 5732 NetTcpPortSharing - ok
15:27:47.0890 5732 Nla (943337d786a56729263071623bbb9de5) E:\WINDOWS\System32\mswsock.dll
15:27:47.0890 5732 Nla - ok
15:27:47.0906 5732 Npfs (3182d64ae053d6fb034f44b6def8034a) E:\WINDOWS\system32\drivers\Npfs.sys
15:27:47.0906 5732 Npfs - ok
15:27:47.0953 5732 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) E:\WINDOWS\system32\drivers\Ntfs.sys
15:27:47.0953 5732 Ntfs - ok
15:27:47.0984 5732 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:27:47.0984 5732 NtLmSsp - ok
15:27:48.0015 5732 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) E:\WINDOWS\system32\ntmssvc.dll
15:27:48.0015 5732 NtmsSvc - ok
15:27:48.0031 5732 Null (73c1e1f395918bc2c6dd67af7591a3ad) E:\WINDOWS\system32\drivers\Null.sys
15:27:48.0031 5732 Null - ok
15:27:48.0234 5732 nv (4f14180092151d72ac76593e41740e65) E:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:27:48.0296 5732 nv - ok
15:27:48.0328 5732 NVHDA (cf68bcac297b4c98c1d25b81e4011de4) E:\WINDOWS\system32\drivers\nvhda32.sys
15:27:48.0343 5732 NVHDA - ok
15:27:48.0343 5732 nvsvc (99bc52c3523c16327c9bb989660b64b9) E:\WINDOWS\system32\nvsvc32.exe
15:27:48.0359 5732 nvsvc - ok
15:27:48.0390 5732 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) E:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:27:48.0390 5732 NwlnkFlt - ok
15:27:48.0390 5732 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) E:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:27:48.0390 5732 NwlnkFwd - ok
15:27:48.0437 5732 ose (7a56cf3e3f12e8af599963b16f50fb6a) E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:27:48.0437 5732 ose - ok
15:27:48.0484 5732 Parport (5575faf8f97ce5e713d108c2a58d7c7c) E:\WINDOWS\system32\drivers\Parport.sys
15:27:48.0484 5732 Parport - ok
15:27:48.0500 5732 PartMgr (beb3ba25197665d82ec7065b724171c6) E:\WINDOWS\system32\drivers\PartMgr.sys
15:27:48.0500 5732 PartMgr - ok
15:27:48.0531 5732 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) E:\WINDOWS\system32\drivers\ParVdm.sys
15:27:48.0531 5732 ParVdm - ok
15:27:48.0562 5732 pccsmcfd (fd2041e9ba03db7764b2248f02475079) E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:27:48.0562 5732 pccsmcfd - ok
15:27:48.0578 5732 PCI (a219903ccf74233761d92bef471a07b1) E:\WINDOWS\system32\DRIVERS\pci.sys
15:27:48.0593 5732 PCI - ok
15:27:48.0593 5732 PCIDump - ok
15:27:48.0609 5732 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) E:\WINDOWS\system32\DRIVERS\pciide.sys
15:27:48.0609 5732 PCIIde - ok
15:27:48.0640 5732 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) E:\WINDOWS\system32\drivers\Pcmcia.sys
15:27:48.0640 5732 Pcmcia - ok
15:27:48.0640 5732 PDCOMP - ok
15:27:48.0656 5732 PDFRAME - ok
15:27:48.0671 5732 PDRELI - ok
15:27:48.0671 5732 PDRFRAME - ok
15:27:48.0687 5732 perc2 - ok
15:27:48.0687 5732 perc2hib - ok
15:27:48.0734 5732 PlugPlay (65df52f5b8b6e9bbd183505225c37315) E:\WINDOWS\system32\services.exe
15:27:48.0734 5732 PlugPlay - ok
15:27:48.0765 5732 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:27:48.0765 5732 PolicyAgent - ok
15:27:48.0828 5732 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) E:\WINDOWS\system32\DRIVERS\raspptp.sys
15:27:48.0828 5732 PptpMiniport - ok
15:27:48.0828 5732 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:27:48.0828 5732 ProtectedStorage - ok
15:27:48.0843 5732 PSched (09298ec810b07e5d582cb3a3f9255424) E:\WINDOWS\system32\DRIVERS\psched.sys
15:27:48.0843 5732 PSched - ok
15:27:48.0859 5732 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) E:\WINDOWS\system32\DRIVERS\ptilink.sys
15:27:48.0859 5732 Ptilink - ok
15:27:48.0875 5732 ql1080 - ok
15:27:48.0875 5732 Ql10wnt - ok
15:27:48.0890 5732 ql12160 - ok
15:27:48.0906 5732 ql1240 - ok
15:27:48.0906 5732 ql1280 - ok
15:27:48.0937 5732 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) E:\WINDOWS\system32\DRIVERS\rasacd.sys
15:27:48.0937 5732 RasAcd - ok
15:27:48.0968 5732 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) E:\WINDOWS\System32\rasauto.dll
15:27:48.0984 5732 RasAuto - ok
15:27:49.0000 5732 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) E:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:27:49.0000 5732 Rasl2tp - ok
15:27:49.0015 5732 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) E:\WINDOWS\System32\rasmans.dll
15:27:49.0031 5732 RasMan - ok
15:27:49.0031 5732 RasPppoe (5bc962f2654137c9909c3d4603587dee) E:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:27:49.0046 5732 RasPppoe - ok
15:27:49.0046 5732 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) E:\WINDOWS\system32\DRIVERS\raspti.sys
15:27:49.0046 5732 Raspti - ok
15:27:49.0078 5732 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) E:\WINDOWS\system32\DRIVERS\rdbss.sys
15:27:49.0078 5732 Rdbss - ok
15:27:49.0093 5732 RDPCDD (4912d5b403614ce99c28420f75353332) E:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:27:49.0093 5732 RDPCDD - ok
15:27:49.0109 5732 rdpdr (15cabd0f7c00c47c70124907916af3f1) E:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:27:49.0125 5732 rdpdr - ok
15:27:49.0156 5732 RDPWD (5b3055daa788bd688594d2f5981f2a83) E:\WINDOWS\system32\drivers\RDPWD.sys
15:27:49.0156 5732 RDPWD - ok
15:27:49.0187 5732 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) E:\WINDOWS\system32\sessmgr.exe
15:27:49.0187 5732 RDSessMgr - ok
15:27:49.0218 5732 redbook (f828dd7e1419b6653894a8f97a0094c5) E:\WINDOWS\system32\DRIVERS\redbook.sys
15:27:49.0218 5732 redbook - ok
15:27:49.0250 5732 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) E:\WINDOWS\System32\mprdim.dll
15:27:49.0250 5732 RemoteAccess - ok
15:27:49.0281 5732 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) E:\WINDOWS\system32\regsvc.dll
15:27:49.0281 5732 RemoteRegistry - ok
15:27:49.0296 5732 RpcLocator (aaed593f84afa419bbae8572af87cf6a) E:\WINDOWS\system32\locator.exe
15:27:49.0296 5732 RpcLocator - ok
15:27:49.0343 5732 RpcSs (6b27a5c03dfb94b4245739065431322c) E:\WINDOWS\system32\rpcss.dll
15:27:49.0343 5732 RpcSs - ok
15:27:49.0390 5732 RSVP (471b3f9741d762abe75e9deea4787e47) E:\WINDOWS\system32\rsvp.exe
15:27:49.0390 5732 RSVP - ok
15:27:49.0437 5732 RTLE8023xp (387c8f70e992efa3d25816ecc1ab2b8b) E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
15:27:49.0437 5732 RTLE8023xp - ok
15:27:49.0453 5732 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) E:\WINDOWS\system32\lsass.exe
15:27:49.0453 5732 SamSs - ok
15:27:49.0484 5732 SCardSvr (86d007e7a654b9a71d1d7d856b104353) E:\WINDOWS\System32\SCardSvr.exe
15:27:49.0484 5732 SCardSvr - ok
15:27:49.0515 5732 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) E:\WINDOWS\system32\schedsvc.dll
15:27:49.0531 5732 Schedule - ok
15:27:49.0546 5732 Secdrv (90a3935d05b494a5a39d37e71f09a677) E:\WINDOWS\system32\DRIVERS\secdrv.sys
15:27:49.0546 5732 Secdrv - ok
15:27:49.0562 5732 seclogon (cbe612e2bb6a10e3563336191eda1250) E:\WINDOWS\System32\seclogon.dll
15:27:49.0562 5732 seclogon - ok
15:27:49.0562 5732 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) E:\WINDOWS\system32\sens.dll
15:27:49.0578 5732 SENS - ok
15:27:49.0593 5732 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) E:\WINDOWS\system32\drivers\Serial.sys
15:27:49.0593 5732 Serial - ok
15:27:49.0703 5732 ServiceLayer (3ec8de67b1c78c31e54c0f030e6bd7d5) E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:27:49.0703 5732 ServiceLayer - ok
15:27:49.0750 5732 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) E:\WINDOWS\system32\drivers\Sfloppy.sys
15:27:49.0750 5732 Sfloppy - ok
15:27:49.0796 5732 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) E:\WINDOWS\System32\ipnathlp.dll
15:27:49.0796 5732 SharedAccess - ok
15:27:49.0843 5732 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) E:\WINDOWS\System32\shsvcs.dll
15:27:49.0843 5732 ShellHWDetection - ok
15:27:49.0843 5732 Simbad - ok
15:27:49.0921 5732 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) E:\Program Files\Skype\Updater\Updater.exe
15:27:49.0921 5732 SkypeUpdate - ok
15:27:49.0953 5732 SLIP (866d538ebe33709a5c9f5c62b73b7d14) E:\WINDOWS\system32\DRIVERS\SLIP.sys
15:27:49.0953 5732 SLIP - ok
15:27:50.0031 5732 SolidWorks Licensing Service (fd17103aabd35f727255607b8898e7e4) E:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
15:27:50.0031 5732 SolidWorks Licensing Service - ok
15:27:50.0031 5732 Sparrow - ok
15:27:50.0093 5732 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) E:\WINDOWS\system32\drivers\splitter.sys
15:27:50.0093 5732 splitter - ok
15:27:50.0125 5732 Spooler (60784f891563fb1b767f70117fc2428f) E:\WINDOWS\system32\spoolsv.exe
15:27:50.0140 5732 Spooler - ok
15:27:50.0156 5732 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) E:\WINDOWS\system32\DRIVERS\sr.sys
15:27:50.0171 5732 sr - ok
15:27:50.0187 5732 srservice (3805df0ac4296a34ba4bf93b346cc378) E:\WINDOWS\system32\srsvc.dll
15:27:50.0187 5732 srservice - ok
15:27:50.0218 5732 Srv (47ddfc2f003f7f9f0592c6874962a2e7) E:\WINDOWS\system32\DRIVERS\srv.sys
15:27:50.0218 5732 Srv - ok
15:27:50.0250 5732 SSDPSRV (0a5679b3714edab99e357057ee88fca6) E:\WINDOWS\System32\ssdpsrv.dll
15:27:50.0250 5732 SSDPSRV - ok
15:27:50.0281 5732 STacSV (72c4ab16d4152ec65ad9c2bbb5c25302) e:\program files\idt\wdm\stacsv.exe
15:27:50.0281 5732 STacSV - ok
15:27:50.0296 5732 stdflt (972f577308b006070de8d09573dbae53) E:\WINDOWS\system32\DRIVERS\stdflt.sys
15:27:50.0296 5732 stdflt - ok
15:27:50.0343 5732 STHDA (462206697984111b2c30e7cf7c580146) E:\WINDOWS\system32\drivers\sthda.sys
15:27:50.0359 5732 STHDA - ok
15:27:50.0406 5732 stisvc (8bad69cbac032d4bbacfce0306174c30) E:\WINDOWS\system32\wiaservc.dll
15:27:50.0421 5732 stisvc - ok
15:27:50.0453 5732 streamip (77813007ba6265c4b6098187e6ed79d2) E:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:27:50.0453 5732 streamip - ok
15:27:50.0484 5732 swenum (3941d127aef12e93addf6fe6ee027e0f) E:\WINDOWS\system32\DRIVERS\swenum.sys
15:27:50.0500 5732 swenum - ok
15:27:50.0500 5732 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) E:\WINDOWS\system32\drivers\swmidi.sys
15:27:50.0500 5732 swmidi - ok
15:27:50.0515 5732 SwPrv - ok
15:27:50.0531 5732 symc810 - ok
15:27:50.0531 5732 symc8xx - ok
15:27:50.0546 5732 sym_hi - ok
15:27:50.0562 5732 sym_u3 - ok
15:27:50.0593 5732 SynTP (cf196a45fd61118c95585489fad5b2aa) E:\WINDOWS\system32\DRIVERS\SynTP.sys
15:27:50.0593 5732 SynTP - ok
15:27:50.0609 5732 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) E:\WINDOWS\system32\drivers\sysaudio.sys
15:27:50.0609 5732 sysaudio - ok
15:27:50.0640 5732 SysmonLog (c7abbc59b43274b1109df6b24d617051) E:\WINDOWS\system32\smlogsvc.exe
15:27:50.0640 5732 SysmonLog - ok
15:27:50.0656 5732 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) E:\WINDOWS\System32\tapisrv.dll
15:27:50.0671 5732 TapiSrv - ok
15:27:50.0687 5732 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) E:\WINDOWS\system32\DRIVERS\tcpip.sys
15:27:50.0703 5732 Tcpip - ok
15:27:50.0718 5732 TDPIPE (6471a66807f5e104e4885f5b67349397) E:\WINDOWS\system32\drivers\TDPIPE.sys
15:27:50.0718 5732 TDPIPE - ok
15:27:50.0750 5732 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) E:\WINDOWS\system32\drivers\TDTCP.sys
15:27:50.0750 5732 TDTCP - ok
15:27:50.0781 5732 TermDD (88155247177638048422893737429d9e) E:\WINDOWS\system32\DRIVERS\termdd.sys
15:27:50.0781 5732 TermDD - ok
15:27:50.0796 5732 TermService (ff3477c03be7201c294c35f684b3479f) E:\WINDOWS\System32\termsrv.dll
15:27:50.0812 5732 TermService - ok
15:27:50.0843 5732 Themes (99bc0b50f511924348be19c7c7313bbf) E:\WINDOWS\System32\shsvcs.dll
15:27:50.0843 5732 Themes - ok
15:27:50.0875 5732 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) E:\WINDOWS\system32\tlntsvr.exe
15:27:50.0890 5732 TlntSvr - ok
15:27:50.0890 5732 TosIde - ok
15:27:50.0937 5732 TrkWks (55bca12f7f523d35ca3cb833c725f54e) E:\WINDOWS\system32\trkwks.dll
15:27:50.0953 5732 TrkWks - ok
15:27:50.0984 5732 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) E:\WINDOWS\system32\drivers\Udfs.sys
15:27:50.0984 5732 Udfs - ok
15:27:51.0000 5732 ultra - ok
15:27:51.0109 5732 UNS (9e89c2d6945389270de067ce51ff7425) E:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:27:51.0125 5732 UNS - ok
15:27:51.0156 5732 Update (402ddc88356b1bac0ee3dd1580c76a31) E:\WINDOWS\system32\DRIVERS\update.sys
15:27:51.0156 5732 Update - ok
15:27:51.0203 5732 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) E:\WINDOWS\System32\upnphost.dll
15:27:51.0218 5732 upnphost - ok
15:27:51.0234 5732 UPS (05365fb38fca1e98f7a566aaaf5d1815) E:\WINDOWS\System32\ups.exe
15:27:51.0234 5732 UPS - ok
15:27:51.0281 5732 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) E:\WINDOWS\system32\Drivers\usbaapl.sys
15:27:51.0281 5732 USBAAPL - ok
15:27:51.0312 5732 usbccgp (173f317ce0db8e21322e71b7e60a27e8) E:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:27:51.0312 5732 usbccgp - ok
15:27:51.0343 5732 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) E:\WINDOWS\system32\DRIVERS\usbehci.sys
15:27:51.0343 5732 usbehci - ok
15:27:51.0343 5732 usbhub (1ab3cdde553b6e064d2e754efe20285c) E:\WINDOWS\system32\DRIVERS\usbhub.sys
15:27:51.0359 5732 usbhub - ok
15:27:51.0390 5732 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) E:\WINDOWS\system32\DRIVERS\usbscan.sys
15:27:51.0406 5732 usbscan - ok
15:27:51.0421 5732 usbstor (a32426d9b14a089eaa1d922e0c5801a9) E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:27:51.0437 5732 usbstor - ok
15:27:51.0453 5732 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) E:\WINDOWS\system32\Drivers\usbvideo.sys
15:27:51.0453 5732 usbvideo - ok
15:27:51.0468 5732 UserAccess7 (0edfe36e05a62888eff6d97ae494b2a5) E:\WINDOWS\system32\UAService7.exe
15:27:51.0484 5732 UserAccess7 - ok
15:27:51.0546 5732 vcsFPService (fcf1a2bddcdf9f317b9650800e61c397) E:\WINDOWS\system32\vcsFPService.exe
15:27:51.0562 5732 vcsFPService - ok
15:27:51.0593 5732 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) E:\WINDOWS\System32\drivers\vga.sys
15:27:51.0593 5732 VgaSave - ok
15:27:51.0609 5732 ViaIde - ok
15:27:51.0625 5732 VolSnap (4c8fcb5cc53aab716d810740fe59d025) E:\WINDOWS\system32\drivers\VolSnap.sys
15:27:51.0625 5732 VolSnap - ok
15:27:51.0656 5732 VSS (7a9db3a67c333bf0bd42e42b8596854b) E:\WINDOWS\System32\vssvc.exe
15:27:51.0656 5732 VSS - ok
15:27:51.0718 5732 W32Time (54af4b1d5459500ef0937f6d33b1914f) E:\WINDOWS\system32\w32time.dll
15:27:51.0734 5732 W32Time - ok
15:27:51.0750 5732 Wanarp (e20b95baedb550f32dd489265c1da1f6) E:\WINDOWS\system32\DRIVERS\wanarp.sys
15:27:51.0750 5732 Wanarp - ok
15:27:51.0812 5732 Wdf01000 (d918617b46457b9ac28027722e30f647) E:\WINDOWS\system32\Drivers\wdf01000.sys
15:27:51.0812 5732 Wdf01000 - ok
15:27:51.0828 5732 WDICA - ok
15:27:51.0875 5732 wdmaud (6768acf64b18196494413695f0c3a00f) E:\WINDOWS\system32\drivers\wdmaud.sys
15:27:51.0875 5732 wdmaud - ok
15:27:51.0890 5732 WebClient (77a354e28153ad2d5e120a5a8687bc06) E:\WINDOWS\System32\webclnt.dll
15:27:51.0906 5732 WebClient - ok
15:27:51.0953 5732 winmgmt (2d0e4ed081963804ccc196a0929275b5) E:\WINDOWS\system32\wbem\WMIsvc.dll
15:27:51.0953 5732 winmgmt - ok
15:27:51.0984 5732 WinUSB (fd600b032e741eb6aab509fc630f7c42) E:\WINDOWS\system32\DRIVERS\WinUSB.sys
15:27:51.0984 5732 WinUSB - ok
15:27:52.0000 5732 wltrysvc - ok
15:27:52.0031 5732 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) E:\WINDOWS\system32\MsPMSNSv.dll
15:27:52.0046 5732 WmdmPmSN - ok
15:27:52.0078 5732 Wmi (e76f8807070ed04e7408a86d6d3a6137) E:\WINDOWS\System32\advapi32.dll
15:27:52.0093 5732 Wmi - ok
15:27:52.0109 5732 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) E:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:27:52.0109 5732 WmiAcpi - ok
15:27:52.0156 5732 WmiApSrv (e0673f1106e62a68d2257e376079f821) E:\WINDOWS\system32\wbem\wmiapsrv.exe
15:27:52.0171 5732 WmiApSrv - ok
15:27:52.0265 5732 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) E:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:27:52.0265 5732 WPFFontCache_v0400 - ok
15:27:52.0328 5732 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) E:\WINDOWS\System32\drivers\ws2ifsl.sys
15:27:52.0328 5732 WS2IFSL - ok
15:27:52.0359 5732 wscsvc (7c278e6408d1dce642230c0585a854d5) E:\WINDOWS\system32\wscsvc.dll
15:27:52.0375 5732 wscsvc - ok
15:27:52.0406 5732 WSTCODEC (c98b39829c2bbd34e454150633c62c78) E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:27:52.0406 5732 WSTCODEC - ok
15:27:52.0406 5732 wuauserv - ok
15:27:52.0453 5732 WudfPf (f15feafffbb3644ccc80c5da584e6311) E:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:27:52.0468 5732 WudfPf - ok
15:27:52.0515 5732 WudfRd (28b524262bce6de1f7ef9f510ba3985b) E:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:27:52.0515 5732 WudfRd - ok
15:27:52.0578 5732 WudfSvc (05231c04253c5bc30b26cbaae680ed89) E:\WINDOWS\System32\WUDFSvc.dll
15:27:52.0578 5732 WudfSvc - ok
15:27:52.0609 5732 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) E:\WINDOWS\System32\wzcsvc.dll
15:27:52.0625 5732 WZCSVC - ok
15:27:52.0671 5732 xmlprov (295d21f14c335b53cb8154e5b1f892b9) E:\WINDOWS\System32\xmlprov.dll
15:27:52.0671 5732 xmlprov - ok
15:27:52.0703 5732 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:27:52.0875 5732 \Device\Harddisk0\DR0 - ok
15:27:52.0875 5732 Boot (0x1200) (7772685acba33edec19d86b4a0918a69) \Device\Harddisk0\DR0\Partition0
15:27:52.0875 5732 \Device\Harddisk0\DR0\Partition0 - ok
15:27:52.0875 5732 ============================================================
15:27:52.0875 5732 Scan finished
15:27:52.0875 5732 ============================================================
15:27:52.0875 4920 Detected object count: 0
15:27:52.0875 4920 Actual detected object count: 0



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-22 15:28:30
-----------------------------
15:28:30.109 OS Version: Windows 5.1.2600 Service Pack 3
15:28:30.109 Number of processors: 4 586 0x2502
15:28:30.109 ComputerName: USER-76A1A8E1F5 UserName: Owner
15:28:32.078 Initialize success
15:30:35.234 AVAST engine defs: 12042200
15:37:03.453 The log file has been saved successfully to "E:\Documents and Settings\Owner\Desktop\aswMBR.txt"

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:30 PM

Posted 22 April 2012 - 10:22 AM

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :OTL
    FF - user.js - File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "E:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
    O4 - HKU\S-1-5-21-1960408961-630328440-1644491937-1003..\Run: [Akamai NetSession Interface] E:\Documents and Settings\Owner\Local Settings\Application Data\Akamai\netsession_win.exe File not found
    O4 - HKU\S-1-5-21-1960408961-630328440-1644491937-1003..\Run: [KiesTrayAgent] E:\Program Files\Samsung\Kies\KiesTrayAgent.exe File not found
    O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - File not found
    @Alternate Data Stream - 124 bytes -> E:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
    @Alternate Data Stream - 116 bytes -> E:\Documents and Settings\All Users\Application Data\TEMP:661DFA1C    
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/solidyoutube/{CB8778D8-4D70-43E0-BA53-9E2147B25C2F}
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
    IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/solidyoutube/{CB8778D8-4D70-43E0-BA53-9E2147B25C2F}
    IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - E:\Program Files\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=0000000000000000000078e400f0f158&tlver=1.4.19.19&affID=17160
    IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{2A001B8A-0EBE-4794-9E92-9DE8214E7481}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=FM&apn_dtid=TES002YYGB&apn_uid=e1066e05-db61-4521-8de0-214777864d3d&apn_sauid=FBBE0E2E-C6BD-4891-82C1-634A5AB53F3E
    IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}
    IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/solidyoutube/{CB8778D8-4D70-43E0-BA53-9E2147B25C2F}?q={searchTerms}
    IE - HKU\S-1-5-21-1960408961-630328440-1644491937-1003\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801948
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 55030
    FF - prefs.js..network.proxy.type: 1
    [2011/05/24 22:41:04 | 000,000,000 | ---D | M] (Babylon) -- E:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\kz1r0ebp.default\extensions\ffxtlbr@babylon.com
    [2011/07/04 21:17:02 | 000,000,000 | ---D | M] (ALOT Toolbar) -- E:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\kz1r0ebp.default\extensions\toolbar@alot.com
    [2011/02/01 20:05:08 | 000,002,333 | ---- | M] () -- E:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\kz1r0ebp.default\searchplugins\askcom.xml
    [2011/05/24 22:41:05 | 000,002,423 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\babylon.xml
    O1 - Hosts: 127.0.0.1 activate.adobe.com
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - E:\Program Files\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
    [2011/03/06 15:50:52 | 000,012,118 | -HS- | C] () -- E:\Documents and Settings\Owner\Local Settings\Application Data\62175231
    [2011/03/06 15:50:52 | 000,012,118 | -HS- | C] () -- E:\Documents and Settings\All Users\Application Data\62175231
    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo

Edited by gringo_pr, 22 April 2012 - 10:39 AM.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users