Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirect bug


  • This topic is locked This topic is locked
31 replies to this topic

#1 novice39

novice39

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 24 April 2012 - 07:09 PM

HI
I am a novice IT guy and have recently started to design a website. All was going well until it was hacked. it was been redirected to a .ru domain. Anyways, I tracked down the offending module and now when I insert the page title in google the link appears in the search listing but when I click it it redirects to google home page or "welcome nginx".

I downloaded the combofix and ran the programme and now need to know how I should proceed. The following is the log generated after I ran the programme. I should also say I have scanned the PC with three different antiviruses including in safe-mode and three different malware programmes, and nothing was found. I am on a fast learning curve and so nay help would be great.

the log is as follows
ComboFix 12-04-20.03 - Derick Gill 24/04/2012 20:39:59.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.353.1033.18.3326.1897 [GMT 1:00]
Running from: c:\users\Derick Gill\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-03-24 to 2012-04-24 )))))))))))))))))))))))))))))))
.
.
2012-04-24 19:49 . 2012-04-24 19:50 -------- d-----w- c:\users\Derick Gill\AppData\Local\temp
2012-04-24 19:49 . 2012-04-24 19:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-18 23:16 . 2012-04-18 23:16 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-04-16 19:23 . 2012-04-16 23:12 -------- d-----w- c:\program files\PC Tools
2012-04-16 19:17 . 2012-02-24 09:36 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-04-16 19:17 . 2012-04-16 23:12 -------- d-----w- c:\program files\Common Files\PC Tools
2012-04-16 19:16 . 2012-04-16 22:57 -------- d-----w- c:\programdata\PC Tools
2012-04-16 19:16 . 2012-04-16 19:16 -------- d-----w- c:\users\Derick Gill\AppData\Roaming\TestApp
2012-04-16 18:48 . 2012-04-16 18:48 -------- d-----w- c:\programdata\Kaspersky Lab
2012-04-15 23:54 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-15 21:57 . 2012-04-15 21:57 -------- d-----w- c:\program files\FileZilla Server
2012-04-15 19:44 . 2012-04-15 19:44 -------- d-----w- c:\users\Derick Gill\AppData\Roaming\Malwarebytes
2012-04-15 19:44 . 2012-04-15 19:44 -------- d-----w- c:\programdata\Malwarebytes
2012-04-15 19:44 . 2012-04-15 19:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-15 19:44 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-15 19:31 . 2012-04-15 19:31 -------- d-----w- c:\users\Derick Gill\AppData\Roaming\SUPERAntiSpyware.com
2012-04-15 19:31 . 2012-04-15 19:31 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-04-15 19:31 . 2012-04-15 19:31 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-04-15 18:34 . 2012-04-15 18:34 388096 ----a-r- c:\users\Derick Gill\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-15 18:34 . 2012-04-15 18:34 -------- d-----w- c:\program files\Trend Micro
2012-04-15 00:46 . 2012-04-15 00:46 -------- dc-h--w- c:\programdata\{088731A3-EE4A-44A0-9F02-C4181FD3C640}
2012-04-15 00:28 . 2012-04-15 00:28 -------- d-----w- c:\program files\FileZilla FTP Client
2012-04-14 23:45 . 2012-04-14 23:45 -------- d--h--w- c:\programdata\Common Files
2012-04-14 23:44 . 2012-04-14 23:44 -------- d-----w- c:\users\Derick Gill\AppData\Roaming\pdfforge
2012-04-14 23:44 . 2012-03-14 17:23 54784 ----a-w- c:\windows\system32\pdfcmon.dll
2012-04-14 23:44 . 1998-06-24 00:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2012-04-14 23:44 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2012-04-14 23:39 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-04-14 23:34 . 2012-04-14 23:34 83249512 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlcDBFE.tmp
2012-04-14 23:15 . 2012-04-14 23:14 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C93144CE-0086-4915-9C97-A063DB23D914}\gapaengine.dll
2012-04-13 23:24 . 2012-04-13 23:24 -------- d-----w- c:\programdata\MFAData
2012-04-13 22:30 . 2012-04-13 22:30 159608 ----a-w- c:\windows\system32\mfevtps.exe.e6f1.deleteme
2012-04-13 21:58 . 2012-04-13 21:58 42960 ----a-w- c:\windows\system32\drivers\zdjmujnw.sys
2012-04-13 21:16 . 2012-04-13 21:16 159608 ----a-w- c:\windows\system32\mfevtps.exe.b221.deleteme
2012-04-13 19:40 . 2012-04-13 19:41 -------- d-----w- c:\program files\Microsoft Security Client
2012-04-13 19:37 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2012-04-13 19:08 . 2012-04-17 07:45 -------- d-----w- c:\program files\stinger
2012-04-13 14:29 . 2012-04-13 19:11 -------- d-----w- c:\programdata\Avira
2012-04-12 19:01 . 2012-04-12 19:01 -------- d-----w- c:\program files\Akeeba
2012-04-12 16:02 . 2012-04-12 16:02 -------- d-----w- c:\users\Derick Gille\AppData\Local\join.me
2012-04-12 11:31 . 2012-04-12 11:32 -------- d-----w- c:\program files\pdfforge Toolbar
2012-04-12 11:31 . 2012-04-12 11:32 -------- d-----w- c:\program files\Application Updater
2012-04-12 11:31 . 2012-04-12 11:31 -------- d-----w- c:\program files\Common Files\Spigot
2012-04-12 11:27 . 2012-04-14 17:08 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-12 02:11 . 2012-03-06 06:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 02:11 . 2012-03-06 06:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 05:34 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-04-04 16:30 . 2012-04-04 16:30 -------- d-----w- c:\program files\Common Files\Nitro PDF
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 17:08 . 2011-06-01 18:18 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-25 18:49 . 2011-12-02 18:49 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-03-25 18:49 . 2011-12-02 18:49 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-03-12 09:39 . 2011-11-16 13:02 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2012-03-07 00:15 . 2010-11-30 16:03 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2010-11-30 16:03 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-07 00:03 . 2011-12-02 18:24 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:03 . 2010-11-30 16:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-07 00:02 . 2010-11-30 16:03 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-03-07 00:01 . 2010-11-30 16:03 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-07 00:01 . 2010-11-30 16:03 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-07 00:01 . 2010-11-30 16:03 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-26 18:40 . 2012-02-26 18:48 707354 ----a-w- c:\windows\unins000.exe
2012-02-24 16:43 . 2012-02-24 16:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-14 15:45 . 2012-03-14 08:08 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45 . 2012-03-14 08:08 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12 . 2012-03-14 08:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47 . 2012-03-14 08:08 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44 . 2012-03-14 08:08 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 00:11 . 2012-02-10 00:11 53248 ----a-r- c:\users\Derick Gill\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-02-07 10:02 . 2012-02-07 10:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-02-02 16:06 . 2012-02-02 16:06 28672 ----a-r- c:\users\Derick Gill\AppData\Roaming\Microsoft\Installer\{0984EA04-EB2C-4AC4-BD0B-94115A48C19E}\_22C74AF0D4E3_4382_8D20_1E2B86DD8A17.exe
2012-02-02 15:16 . 2012-03-14 08:08 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2010-05-15 15:48 237072 ------w- c:\windows\system32\MpSigStub.exe
2010-10-12 16:33 . 2010-10-12 16:33 124344 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
2010-10-12 18:15 . 2010-10-12 18:15 13240 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2010-10-12 16:37 . 2010-10-12 16:37 70592 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2010-10-12 16:35 . 2010-10-12 16:35 91576 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2010-10-12 16:34 . 2010-10-12 16:34 22464 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2010-10-12 16:32 . 2010-10-12 16:32 255416 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2010-10-12 16:35 . 2010-10-12 16:35 31672 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2010-10-12 16:34 . 2010-10-12 16:34 40384 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2010-07-14 12:42 . 2010-07-14 12:42 898480 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2010-10-12 16:37 . 2010-10-12 16:37 24000 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-03-13 04:39 . 2012-04-15 18:13 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}"= "c:\program files\SFT_eng7\prxtbSFT0.dll" [2011-03-28 176936]
"{0e38f85e-eee9-426a-ae1c-60c36b729951}"= "c:\program files\VisualBeeCommunity\prxtbVisu.dll" [2011-05-09 176936]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files\NCH_EN\prxtbNCH_.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}]
.
[HKEY_CLASSES_ROOT\clsid\{0e38f85e-eee9-426a-ae1c-60c36b729951}]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}]
2011-03-28 16:22 176936 ----a-w- c:\program files\SFT_eng7\prxtbSFT0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0e38f85e-eee9-426a-ae1c-60c36b729951}]
2011-05-09 09:49 176936 ----a-w- c:\program files\VisualBeeCommunity\prxtbVisu.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2012-01-17 19:28 262312 ----a-w- c:\program files\blekkotb\auxi\blekkoAu.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
2012-01-17 19:28 86696 ----a-w- c:\program files\blekkotb\blekkoDx.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
2011-08-03 11:31 89008 ----a-w- c:\progra~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e}]
2011-05-09 08:49 176936 ----a-w- c:\program files\NCH_EN\prxtbNCH_.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 12:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "c:\progra~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll" [2011-08-03 89008]
"{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}"= "c:\program files\SFT_eng7\prxtbSFT0.dll" [2011-03-28 176936]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-03-28 176936]
"{0e38f85e-eee9-426a-ae1c-60c36b729951}"= "c:\program files\VisualBeeCommunity\prxtbVisu.dll" [2011-05-09 176936]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files\NCH_EN\prxtbNCH_.dll" [2011-05-09 176936]
"{26c9e18c-3717-4be1-a225-04e4471f5b6e}"= "c:\program files\blekkotb\blekkoDx.dll" [2012-01-17 86696]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[HKEY_CLASSES_ROOT\clsid\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{0e38f85e-eee9-426a-ae1c-60c36b729951}]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{0E38F85E-EEE9-426A-AE1C-60C36B729951}"= "c:\program files\VisualBeeCommunity\prxtbVisu.dll" [2011-05-09 176936]
"{37483B40-C254-4A72-BDA4-22EE90182C1E}"= "c:\program files\NCH_EN\prxtbNCH_.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{0e38f85e-eee9-426a-ae1c-60c36b729951}]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-03-07 3905920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-04-28 17145856]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2009-05-20 660136]
"lxdnamon"="c:\program files\Lexmark 2600 Series\lxdnamon.exe" [2009-05-20 16040]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-10-12 304568]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-11-30 296056]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-07 4241512]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-04-11 981856]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-01 634880]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"FileZilla Server Interface"="c:\program files\FileZilla Server\FileZilla Server Interface.exe" [2012-02-26 1044992]
.
c:\users\Derick Gill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-17 1320288]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Online plug-in.lnk - c:\windows\Installer\{0F1F7A90-E71B-4E45-A066-2891619F22E1}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2011-1-12 77824]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-17 1320288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-08-17 18:19 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\SEARCH~1\SEARCH~1\datamngr.dll c:\progra~1\WI83E4~1\Datamngr\datamngr.dll c:\progra~1\WI83E4~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 17:08]
.
2012-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 15:45]
.
2012-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 15:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3031607
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Derick Gill\AppData\Roaming\Mozilla\Firefox\Profiles\ou75t0l8.newprofile\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://inpsc.com/administrator/index.php
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&q=
FF - user.js: capability.policy.policynames - allowclipboard
FF - user.js: capability.policy.allowclipboard.sites - hxxp://www.inpsc.com, http://www.inpsc.ie, http//localhost/joomla15
FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccess
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-24 20:50
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-04-24 20:52:34
ComboFix-quarantined-files.txt 2012-04-24 19:52
ComboFix2.txt 2012-04-20 23:34
.
Pre-Run: 360,977,780,736 bytes free
Post-Run: 361,154,641,920 bytes free
.
- - End Of File - - 8B9C7BB672E9904220E107141D2B4413

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 29 April 2012 - 07:47 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 02 May 2012 - 12:15 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 novice39

novice39
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 02 May 2012 - 02:42 AM

HI Gringo
Sorry for the late reply. I have started to transfer important files to a backup and will complete the rest of your instructions today. I have two kids and they just came down with chicken poxs and have found it hard to get to the PC and get a good run at sorting this issue out.

Yes I still need you help and hope to have the required files posted today. Thanks very much for the reminder - it is appreciated.

Novice39

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 02 May 2012 - 03:01 AM

Hello


Don't worry if you need more time just let me know and we will work something out - real life comes first!!



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 novice39

novice39
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 03 May 2012 - 07:46 PM

Hi Gringo
Thanks for you patience. Here is the content of the checkup.txt file from running the screen317 security check. I will run DDS in the morning
Cheers

Results of screen317's Security Check version 0.99.32
x86 (UAC is enabled)
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
avast! Free Antivirus
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

SUPERAntiSpyware
Java™ 6 Update 31
Adobe Flash Player 11.2.202.233
Adobe Reader X (10.1.3)
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Microsoft Security Essentials msseces.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
``````````End of Log````````````

#7 novice39

novice39
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 03 May 2012 - 08:25 PM

Hi Gringo
Decided to run DDS - here are the file content
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Frank Gillespie at 2:12:22 on 2012-05-04
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.353.1033.18.3326.1754 [GMT 1:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\XAMPP\apache\bin\httpd.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Lexmark 2600 Series\lxdnmon.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Microsoft\BingBar\BBSvc.EXE
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxdnserv.exe
C:\Windows\system32\lxdncoms.exe
C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\locator.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Citrix\ICA Client\WFCRUN32.EXE
C:\XAMPP\apache\bin\httpd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3031607
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: SFT_eng7 Toolbar: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - c:\program files\sft_eng7\prxtbSFT0.dll
uURLSearchHooks: VisualBeeCommunity Toolbar: {0e38f85e-eee9-426a-ae1c-60c36b729951} - c:\program files\visualbeecommunity\prxtbVisu.dll
uURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
mURLSearchHooks: SFT_eng7 Toolbar: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - c:\program files\sft_eng7\prxtbSFT0.dll
mURLSearchHooks: VisualBeeCommunity Toolbar: {0e38f85e-eee9-426a-ae1c-60c36b729951} - c:\program files\visualbeecommunity\prxtbVisu.dll
mURLSearchHooks: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
BHO: SFT_eng7 Toolbar: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - c:\program files\sft_eng7\prxtbSFT0.dll
BHO: VisualBeeCommunity Toolbar: {0e38f85e-eee9-426a-ae1c-60c36b729951} - c:\program files\visualbeecommunity\prxtbVisu.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Updater For Spam Free Search Bar: {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - c:\program files\blekkotb\auxi\blekkoAu.dll
BHO: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - c:\program files\blekkotb\blekkoDx.dll
BHO: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\datamngr\toolbar\imeshdtxmltbpi.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: SearchCore for Browsers: {be7a24f5-69cb-4708-b77b-b1eda6043b95} - c:\progra~1\search~1\search~1\BROWSE~1.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Support.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: Support.com Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\datamngr\toolbar\imeshdtxmltbpi.dll
TB: SFT_eng7 Toolbar: {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - c:\program files\sft_eng7\prxtbSFT0.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
TB: VisualBeeCommunity Toolbar: {0e38f85e-eee9-426a-ae1c-60c36b729951} - c:\program files\visualbeecommunity\prxtbVisu.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: NCH EN Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - c:\program files\nch_en\prxtbNCH_.dll
TB: Spam Free Search Bar: {26c9e18c-3717-4be1-a225-04e4471f5b6e} - c:\program files\blekkotb\blekkoDx.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [HDAudDeck] c:\program files\via\viaudioi\vdeck\VDeck.exe -r
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [lxdnmon.exe] "c:\program files\lexmark 2600 series\lxdnmon.exe"
mRun: [lxdnamon] "c:\program files\lexmark 2600 series\lxdnamon.exe"
mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [DATAMNGR] c:\progra~1\search~1\search~1\DATAMN~1.EXE
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [FileZilla Server Interface] "c:\program files\filezilla server\FileZilla Server Interface.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\frankg~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\users\frankg~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
StartupFolder: c:\users\frankg~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\online~1.lnk - c:\windows\installer\{0f1f7a90-e71b-4e45-a066-2891619f22e1}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{C39F2CD2-FF91-412F-B7FE-CEDC0C8D0C9E} : DhcpNameServer = 192.168.1.254
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
AppInit_DLLs: c:\progra~1\search~1\search~1\datamngr.dll c:\progra~1\wi83e4~1\datamngr\datamngr.dll c:\progra~1\wi83e4~1\datamngr\IEBHO.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\frank gillespie\appdata\roaming\mozilla\firefox\profiles\ou75t0l8.newprofile\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://inpsc.com/administrator/index.php
FF - prefs.js: keyword.URL - hxxp://blekko.com/?source=c3348dd4&tbp=url&toolbarid=blekkotb&u=___userid___&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npdf.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitromozilla.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\frank gillespie\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\frank gillespie\appdata\roaming\mozilla\plugins\npatgpc.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
.
---- FIREFOX POLICIES ----
FF - user.js: capability.policy.policynames - allowclipboard
FF - user.js: capability.policy.allowclipboard.sites - hxxp://www.inpsc.com, http://www.inpsc.ie, http//localhost/joomla15
FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccess
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-2 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-11-30 337880]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-7-14 65584]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2010-10-18 20549]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-4-11 784792]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-11-30 20696]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-11-30 57688]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-11-30 44768]
R2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2009-6-9 155648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdnserv.exe [2008-2-27 98984]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-15 654408]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\nitro pdf\reader 2\NitroPDFReaderDriverService2.exe [2012-3-25 175632]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-9-15 88576]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-8-19 450848]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-15 22344]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-8-18 1009152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1caaa681188d020;Google Update Service (gupdate1caaa681188d020);c:\program files\google\update\GoogleUpdate.exe [2010-2-10 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-1-31 158856]
S2 XAMPP;XAMPP Service;c:\xampp\service.exe [2007-12-21 60928]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-12 253088]
S3 ExpressAccountsService;Express Accounts;c:\program files\nch software\expressaccounts\expressaccounts.exe [2012-2-2 2982916]
S3 ExpressInvoiceService;Express Invoice;c:\program files\nch software\expressinvoice\expressinvoice.exe [2012-2-2 1987588]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-10 133104]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-6-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-4-19 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 129976]
S3 netr73;Belkin Wireless 54G USB Network Adapter Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-8-25 464384]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-05-03 16:01:28 6734704 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{2824bbef-52ad-4947-9b73-7f19f35ac228}\mpengine.dll
2012-05-02 08:03:23 6734704 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-04-30 11:03:37 -------- d-----w- c:\program files\iPod
2012-04-30 11:03:33 -------- d-----w- c:\program files\iTunes
2012-04-26 17:30:22 -------- d-----w- c:\users\frank gillespie\appdata\local\Microsoft Games
2012-04-25 11:52:28 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-25 11:52:20 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-04-25 11:52:20 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-04-24 19:52:36 -------- d-----w- c:\users\frank gillespie\appdata\local\temp
2012-04-24 19:51:46 -------- d-sh--w- C:\$RECYCLE.BIN
2012-04-24 19:38:19 -------- d-----w- C:\ComboFix
2012-04-20 23:02:18 98816 ----a-w- c:\windows\sed.exe
2012-04-20 23:02:18 518144 ----a-w- c:\windows\SWREG.exe
2012-04-20 23:02:18 256000 ----a-w- c:\windows\PEV.exe
2012-04-20 23:02:18 208896 ----a-w- c:\windows\MBR.exe
2012-04-18 23:16:24 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-04-16 19:23:30 -------- d-----w- c:\program files\PC Tools
2012-04-16 19:17:40 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-04-16 19:17:36 -------- d-----w- c:\program files\common files\PC Tools
2012-04-16 19:16:47 -------- d-----w- c:\programdata\PC Tools
2012-04-16 19:16:45 -------- d-----w- c:\users\frank gillespie\appdata\roaming\TestApp
2012-04-16 18:48:27 -------- d-----w- c:\programdata\Kaspersky Lab
2012-04-15 21:57:36 -------- d-----w- c:\program files\FileZilla Server
2012-04-15 19:44:19 -------- d-----w- c:\users\frank gillespie\appdata\roaming\Malwarebytes
2012-04-15 19:44:08 -------- d-----w- c:\programdata\Malwarebytes
2012-04-15 19:44:06 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-15 19:44:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-15 19:31:49 -------- d-----w- c:\users\frank gillespie\appdata\roaming\SUPERAntiSpyware.com
2012-04-15 19:31:01 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-04-15 19:31:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-04-15 18:34:49 388096 ----a-r- c:\users\frank gillespie\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-04-15 18:34:46 -------- d-----w- c:\program files\Trend Micro
2012-04-15 00:46:42 -------- dc-h--w- c:\programdata\{088731A3-EE4A-44A0-9F02-C4181FD3C640}
2012-04-14 23:45:44 -------- d--h--w- c:\programdata\Common Files
2012-04-14 23:44:15 -------- d-----w- c:\users\frank gillespie\appdata\roaming\pdfforge
2012-04-14 23:44:06 54784 ----a-w- c:\windows\system32\pdfcmon.dll
2012-04-14 23:44:06 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2012-04-14 23:44:04 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2012-04-14 23:39:07 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-04-14 23:34:04 83249512 ----a-w- c:\program files\common files\windows live\.cache\wlcDBFE.tmp
2012-04-14 23:27:21 14744 ----a-w- c:\users\frank gillespie\appdata\roaming\microsoft\identitycrl\production\ppcrlconfig.dll
2012-04-14 23:15:06 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c93144ce-0086-4915-9c97-a063db23d914}\gapaengine.dll
2012-04-13 23:24:12 -------- d-----w- c:\programdata\MFAData
2012-04-13 22:30:38 159608 ----a-w- c:\windows\system32\mfevtps.exe.e6f1.deleteme
2012-04-13 21:58:41 42960 ----a-w- c:\windows\system32\drivers\zdjmujnw.sys
2012-04-13 21:16:17 159608 ----a-w- c:\windows\system32\mfevtps.exe.b221.deleteme
2012-04-13 19:40:03 -------- d-----w- c:\program files\Microsoft Security Client
2012-04-13 19:37:45 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2012-04-13 19:08:08 -------- d-----w- c:\program files\stinger
2012-04-13 14:29:11 -------- d-----w- c:\programdata\Avira
2012-04-12 19:01:21 -------- d-----w- c:\program files\Akeeba
2012-04-12 16:02:13 -------- d-----w- c:\users\frank gillespie\appdata\local\join.me
2012-04-12 11:31:59 -------- d-----w- c:\program files\pdfforge Toolbar
2012-04-12 11:31:59 -------- d-----w- c:\program files\common files\Spigot
2012-04-12 11:31:59 -------- d-----w- c:\program files\Application Updater
2012-04-12 11:27:24 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-12 02:11:43 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 02:11:43 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 05:34:41 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-04-04 16:30:37 -------- d-----w- c:\program files\common files\Nitro PDF
2012-04-04 05:53:56 182160 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-04-04 05:53:56 182160 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2012-04-14 17:08:12 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-25 18:49:02 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-03-25 18:49:02 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-03-20 19:44:12 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 19:44:12 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-12 09:39:40 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2012-03-07 00:15:19 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:03:51 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-07 00:01:48 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-02-29 15:11:45 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:11:42 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:09:53 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 13:32:37 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-26 18:40:34 707354 ----a-w- c:\windows\unins000.exe
2012-02-24 16:43:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-14 15:45:30 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45:30 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47:57 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44:40 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-07 10:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
.
============= FINISH: 2:13:24.59 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 17/08/2009 20:57:23
System Uptime: 04/05/2012 02:04:14 (0 hours ago)
.
Motherboard: Dell Inc. | | 0F896N
Processor: AMD Athlon™ 7550 Dual-Core Processor | AM2 | 1300/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 321.142 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 5.541 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is FIXED (NTFS) - 932 GiB total, 642.608 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.22beta
Acrobat.com
Adobe After Effects 6.5
Adobe AIR
Adobe Audition 1.5
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Encore DVD 1.5
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Photoshop Elements 7.0
Adobe Premiere Elements 7.0
Adobe Premiere Elements 7.0 Templates
Adobe Premiere Pro 1.5
Adobe Reader X (10.1.3)
Adobe Stock Photos 1.0
Akeeba eXtract Wizard 3.3
Anti-phishing Domain Advisor
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
ATI Catalyst Control Center
avast! Free Antivirus
Belkin 54Mbps Wireless Network Adapter
Bing Bar
Bonjour
CameraHelperMsi
Camtasia Studio 7
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Citrix online plug-in
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (PNA)
Citrix online plug-in (SSON)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
CNET TechTracker
Conduit Engine
CorelDRAW Essentials 4
CorelDRAW Essentials 4 - Content
CorelDRAW Essentials 4 - Draw
CorelDRAW Essentials 4 - Extra Content
CorelDRAW Essentials 4 - Filters
CorelDRAW Essentials 4 - ICA
CorelDRAW Essentials 4 - IPM - No VBA
CorelDRAW Essentials 4 - Lang BR
CorelDRAW Essentials 4 - Lang DE
CorelDRAW Essentials 4 - Lang EN
CorelDRAW Essentials 4 - Lang ES
CorelDRAW Essentials 4 - Lang FR
CorelDRAW Essentials 4 - Lang IT
CorelDRAW Essentials 4 - Lang NL
CorelDRAW Essentials 4 - PHOTO-PAINT
CorelDRAW Essentials 4 - Windows Shell Extension
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell Support Center (Support Software)
EndNote X Demonstration Edition
erLT
Express Accounts
Express Invoice
FileZilla Client 3.5.3
FileZilla Server
Free CSS Toolbox 1.2
Free NaturalReader
Frontcam
Google Chrome
Google Earth Plug-in
Google Update Helper
GoToAssist 8.0.0.514
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
iCloud
iPhone Configuration Utility
ISI ResearchSoft - Export Helper
iTunes
Java Auto Updater
Java™ 6 Update 31
join.me
Junk Mail filter update
jZip
Ledger
Lexmark 2600 Series
Lexmark Toolbar
Lexmark Tools for Office
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
MacroKey Manager
Malwarebytes Anti-Malware version 1.61.0.1400
MediaBar
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Project 2000 SR-1
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MobileMe Control Panel
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVC80_x86
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
NCH EN Toolbar
Nitro Reader 2
Notepad++
OGA Notifier 2.0.0048.0
PC Connectivity Solution
PDFCreator
pdfforge Toolbar v5.3
Platform
PrimoPDF -- brought to you by Nitro PDF Software
Python 2.6.2
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Safari
SearchCore for Browsers
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Serif WebPlus Starter Edition
SFT_eng7 Toolbar
Simple CSS 2.1
Skins
Skype Click to Call
Skype™ 5.8
SmartSound Quicktracks for Premiere Elements
SmoothDraw 3.2.11
Spam Free Search Bar
SUPERAntiSpyware
TweetDeck
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VIA Platform Device Manager
Visual Studio Tools for the Office system 3.0 Runtime
VisualBee for Microsoft PowerPoint
VisualBeeCommunity Toolbar
WampServer 2.1
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows jZip Toolbar
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Wordshark 4
XAMPP 1.7.4
.
==== Event Viewer Messages From Past Week ========
.
30/04/2012 21:05:26, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
30/04/2012 13:00:48, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
28/04/2012 10:12:11, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
28/04/2012 10:12:11, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
28/04/2012 10:12:11, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
28/04/2012 10:12:11, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
28/04/2012 10:12:11, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver has restarted scanning items and is out of pass through mode.
28/04/2012 09:56:57, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
28/04/2012 09:56:57, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
28/04/2012 09:56:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
27/04/2012 20:52:16, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
27/04/2012 20:52:04, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Adobe Acrobat Update Service service to connect.
27/04/2012 18:48:15, Error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).
27/04/2012 17:58:10, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {F706B4B5-72BC-49D5-967C-05194FA83446} to the user FrankGillesp-PC\Frank Gillespie SID (S-1-5-21-2714370813-3487279461-1532469648-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
27/04/2012 13:29:09, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
27/04/2012 10:14:45, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
27/04/2012 08:09:56, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
27/04/2012 01:25:45, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.125.508.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8304.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode
27/04/2012 01:25:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
27/04/2012 01:16:53, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi ctxusbm MpFilter SASDIFSV SASKUTIL spldr Wanarpv6
27/04/2012 01:16:53, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
27/04/2012 01:16:15, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
27/04/2012 01:16:11, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
27/04/2012 01:16:08, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
27/04/2012 01:15:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
04/05/2012 02:04:36, Error: EventLog [6008] - The previous system shutdown at 02:03:11 on 04/05/2012 was unexpected.
04/05/2012 01:28:23, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
04/05/2012 01:28:23, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
04/05/2012 01:26:17, Error: EventLog [6008] - The previous system shutdown at 01:24:49 on 04/05/2012 was unexpected.
03/05/2012 20:30:16, Error: bowser [8003] - The master browser has received a server announcement from the computer FRANKGILLESPIE that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C39F2CD2-FF91-412F-B7FE-CED. The master browser is stopping or an election is being forced.
03/05/2012 17:27:42, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.1 for the Network Card with network address 0024E8246EBF has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
03/05/2012 17:00:37, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
03/05/2012 16:40:12, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EapHost service.
02/05/2012 12:45:27, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
02/05/2012 09:11:23, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
02/05/2012 08:52:06, Error: EventLog [6008] - The previous system shutdown at 08:50:17 on 02/05/2012 was unexpected.
01/05/2012 03:06:01, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Eventlog service.
.
==== End Of File ===========================

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 03 May 2012 - 08:39 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

:multiple Anti Virus programs:

It looks like you are operating your computer with multiple Anti Virus programs running in memory at once:

AV: avast! Antivirus
AV: Microsoft Security Essentials


Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.

Please remove all but one of them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 novice39

novice39
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 04 May 2012 - 06:20 AM

HI Gringo
The log from running combofix is below.
In answer to your question, how things are now, let me give you a brief overview of the problems I am having. I am building a Free Not for Profit web site which is hosted on the largest provider here in Ireland. I got a call from a colleague to tell me that when she searched it in google she got a virus alert (I had been opening in browser and had not detected the problem).
1. I changed all the passwords and deactivated the website straight away.
2. I ran three reputable antivirus packages twice (1 ran in safe mode) and no virus found.
3. I then ran two antimalware programmes, again in twice as above – no virus found.
4. I checked the status of the site with google web master tools – not problems reported there.
5. I uninstalled all the modules and components (joomla site) and when I opened the page again through google I got either a redirect to google, or avast/Microsoft essentials virus alert or welcome to nginx.
The problem still exists but only with this page. The host provider recons that when I was uploading a file (module, component or image) to the web site through fillzilla that I must be reinfecting the page (prior to this the provider issued a security alert advising us that they had a security breach and asking us to change passwords.
During the rebuild component and Module installing was timing out on the desk top and the pc seemed to be getting very slow. Then one evening the MSE blocked a potential Trojan virus attack three times (None since) but I do not know if this was from the PC hard rive or blocked from a web page) and when I read up on the Trojan it indicated this and the redirect as a symptom (but now I think this might have been a result of having two antivirus programme running). I deleted the virus log from MSE – Just in case!
The host provider recons it is a virus on the PC and so I have started to rebuild on another PC and but have not tested it! I will also be asking google to re configure (I think that is the right term) in their search engine to make certain the google is not the problem or that it not detected/quarantined? it as a dangerous page. If after all this (rebuild on new PC, reconfigure by google) then the problem must be the host (I think!). In total I have spent over two week trying to sort this one out. You help is great. The combfix log is below. (sorry if email too long)

ComboFix 12-05-03.03 - novice39 04/05/2012 11:47:54.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.353.1033.18.3326.1875 [GMT 1:00]
Running from: c:\users\novice39\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-04-04 to 2012-05-04 )))))))))))))))))))))))))))))))
.
.
2012-05-04 10:56 . 2012-05-04 10:56 -------- d-----w- c:\users\novice39\AppData\Local\temp
2012-05-04 10:56 . 2012-05-04 10:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-04 10:44 . 2012-05-04 10:44 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{13EFBE0B-4772-4B0A-A3EB-77DDE1FFC995}\offreg.dll
2012-05-04 10:41 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{13EFBE0B-4772-4B0A-A3EB-77DDE1FFC995}\mpengine.dll
2012-05-02 08:03 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-30 11:03 . 2012-04-30 11:03 -------- d-----w- c:\program files\iPod
2012-04-30 11:03 . 2012-04-30 11:05 -------- d-----w- c:\program files\iTunes
2012-04-26 17:30 . 2012-04-26 17:39 -------- d-----w- c:\users\novice39\AppData\Local\Microsoft Games
2012-04-25 11:52 . 2012-04-25 11:52 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-25 11:52 . 2012-04-25 11:52 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-25 11:52 . 2012-04-25 11:52 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-04-18 23:16 . 2012-04-18 23:16 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-04-16 19:23 . 2012-04-16 23:12 -------- d-----w- c:\program files\PC Tools
2012-04-16 19:17 . 2012-02-24 09:36 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-04-16 19:17 . 2012-04-16 23:12 -------- d-----w- c:\program files\Common Files\PC Tools
2012-04-16 19:16 . 2012-04-16 22:57 -------- d-----w- c:\programdata\PC Tools
2012-04-16 19:16 . 2012-04-16 19:16 -------- d-----w- c:\users\novice39\AppData\Roaming\TestApp
2012-04-16 18:48 . 2012-04-16 18:48 -------- d-----w- c:\programdata\Kaspersky Lab
2012-04-15 21:57 . 2012-04-15 21:57 -------- d-----w- c:\program files\FileZilla Server
2012-04-15 19:44 . 2012-04-15 19:44 -------- d-----w- c:\users\novice39\AppData\Roaming\Malwarebytes
2012-04-15 19:44 . 2012-04-15 19:44 -------- d-----w- c:\programdata\Malwarebytes
2012-04-15 19:44 . 2012-04-15 19:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-15 19:44 . 2012-04-04 14:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-15 19:31 . 2012-04-15 19:31 -------- d-----w- c:\users\novice39\AppData\Roaming\SUPERAntiSpyware.com
2012-04-15 19:31 . 2012-04-27 19:55 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-04-15 19:31 . 2012-04-15 19:31 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-04-15 18:34 . 2012-04-15 18:34 388096 ----a-r- c:\users\novice39\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-15 18:34 . 2012-04-15 18:34 -------- d-----w- c:\program files\Trend Micro
2012-04-15 00:46 . 2012-04-15 00:46 -------- dc-h--w- c:\programdata\{088731A3-EE4A-44A0-9F02-C4181FD3C640}
2012-04-15 00:28 . 2012-04-15 00:28 -------- d-----w- c:\program files\FileZilla FTP Client
2012-04-14 23:45 . 2012-04-14 23:45 -------- d--h--w- c:\programdata\Common Files
2012-04-14 23:44 . 2012-04-14 23:44 -------- d-----w- c:\users\novice39\AppData\Roaming\pdfforge
2012-04-14 23:44 . 2012-03-14 17:23 54784 ----a-w- c:\windows\system32\pdfcmon.dll
2012-04-14 23:44 . 1998-06-24 00:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2012-04-14 23:44 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2012-04-14 23:39 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-04-14 23:34 . 2012-04-14 23:34 83249512 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlcDBFE.tmp
2012-04-14 23:15 . 2012-04-14 23:14 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C93144CE-0086-4915-9C97-A063DB23D914}\gapaengine.dll
2012-04-13 23:24 . 2012-04-13 23:24 -------- d-----w- c:\programdata\MFAData
2012-04-13 22:30 . 2012-04-13 22:30 159608 ----a-w- c:\windows\system32\mfevtps.exe.e6f1.deleteme
2012-04-13 21:58 . 2012-04-13 21:58 42960 ----a-w- c:\windows\system32\drivers\zdjmujnw.sys
2012-04-13 21:16 . 2012-04-13 21:16 159608 ----a-w- c:\windows\system32\mfevtps.exe.b221.deleteme
2012-04-13 19:40 . 2012-05-01 02:06 -------- d-----w- c:\program files\Microsoft Security Client
2012-04-13 19:37 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2012-04-13 19:08 . 2012-04-17 07:45 -------- d-----w- c:\program files\stinger
2012-04-13 14:29 . 2012-04-13 19:11 -------- d-----w- c:\programdata\Avira
2012-04-12 19:01 . 2012-04-12 19:01 -------- d-----w- c:\program files\Akeeba
2012-04-12 16:02 . 2012-04-12 16:02 -------- d-----w- c:\users\novice39\AppData\Local\join.me
2012-04-12 11:31 . 2012-04-12 11:32 -------- d-----w- c:\program files\pdfforge Toolbar
2012-04-12 11:31 . 2012-04-12 11:32 -------- d-----w- c:\program files\Application Updater
2012-04-12 11:31 . 2012-04-12 11:31 -------- d-----w- c:\program files\Common Files\Spigot
2012-04-12 11:27 . 2012-04-14 17:08 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-12 02:11 . 2012-03-06 06:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 02:11 . 2012-03-06 06:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 05:34 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-04-04 16:30 . 2012-04-04 16:30 -------- d-----w- c:\program files\Common Files\Nitro PDF
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 17:08 . 2011-06-01 18:18 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-25 18:49 . 2011-12-02 18:49 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-03-25 18:49 . 2011-12-02 18:49 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-03-20 19:44 . 2012-03-20 19:44 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-20 19:44 . 2011-04-27 14:25 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-12 09:39 . 2011-11-16 13:02 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2012-02-26 18:40 . 2012-02-26 18:48 707354 ----a-w- c:\windows\unins000.exe
2012-02-24 16:43 . 2012-02-24 16:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-14 15:45 . 2012-03-14 08:08 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45 . 2012-03-14 08:08 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12 . 2012-03-14 08:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47 . 2012-03-14 08:08 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44 . 2012-03-14 08:08 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 00:11 . 2012-02-10 00:11 53248 ----a-r- c:\users\novice39\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-02-07 10:02 . 2012-02-07 10:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-10-12 16:33 . 2010-10-12 16:33 124344 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
2010-10-12 18:15 . 2010-10-12 18:15 13240 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2010-10-12 16:37 . 2010-10-12 16:37 70592 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2010-10-12 16:35 . 2010-10-12 16:35 91576 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2010-10-12 16:34 . 2010-10-12 16:34 22464 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2010-10-12 16:32 . 2010-10-12 16:32 255416 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2010-10-12 16:35 . 2010-10-12 16:35 31672 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2010-10-12 16:34 . 2010-10-12 16:34 40384 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2010-07-14 12:42 . 2010-07-14 12:42 898480 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2010-10-12 16:37 . 2010-10-12 16:37 24000 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2012-04-25 11:52 . 2012-04-15 18:13 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}"= "c:\program files\SFT_eng7\prxtbSFT0.dll" [2011-03-28 176936]
"{0e38f85e-eee9-426a-ae1c-60c36b729951}"= "c:\program files\VisualBeeCommunity\prxtbVisu.dll" [2011-05-09 176936]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files\NCH_EN\prxtbNCH_.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}]
.
[HKEY_CLASSES_ROOT\clsid\{0e38f85e-eee9-426a-ae1c-60c36b729951}]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}]
2011-03-28 16:22 176936 ----a-w- c:\program files\SFT_eng7\prxtbSFT0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0e38f85e-eee9-426a-ae1c-60c36b729951}]
2011-05-09 09:49 176936 ----a-w- c:\program files\VisualBeeCommunity\prxtbVisu.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
2012-01-17 19:28 262312 ----a-w- c:\program files\blekkotb\auxi\blekkoAu.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
2012-01-17 19:28 86696 ----a-w- c:\program files\blekkotb\blekkoDx.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
2011-08-03 11:31 89008 ----a-w- c:\progra~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e}]
2011-05-09 08:49 176936 ----a-w- c:\program files\NCH_EN\prxtbNCH_.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 12:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "c:\progra~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll" [2011-08-03 89008]
"{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}"= "c:\program files\SFT_eng7\prxtbSFT0.dll" [2011-03-28 176936]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-03-28 176936]
"{0e38f85e-eee9-426a-ae1c-60c36b729951}"= "c:\program files\VisualBeeCommunity\prxtbVisu.dll" [2011-05-09 176936]
"{37483b40-c254-4a72-bda4-22ee90182c1e}"= "c:\program files\NCH_EN\prxtbNCH_.dll" [2011-05-09 176936]
"{26c9e18c-3717-4be1-a225-04e4471f5b6e}"= "c:\program files\blekkotb\blekkoDx.dll" [2012-01-17 86696]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[HKEY_CLASSES_ROOT\clsid\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{0e38f85e-eee9-426a-ae1c-60c36b729951}]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_CLASSES_ROOT\clsid\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
"{0E38F85E-EEE9-426A-AE1C-60C36B729951}"= "c:\program files\VisualBeeCommunity\prxtbVisu.dll" [2011-05-09 176936]
"{37483B40-C254-4A72-BDA4-22EE90182C1E}"= "c:\program files\NCH_EN\prxtbNCH_.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{0e38f85e-eee9-426a-ae1c-60c36b729951}]
.
[HKEY_CLASSES_ROOT\clsid\{37483b40-c254-4a72-bda4-22ee90182c1e}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-04-27 3905920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-04-28 17145856]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"lxdnmon.exe"="c:\program files\Lexmark 2600 Series\lxdnmon.exe" [2009-05-20 660136]
"lxdnamon"="c:\program files\Lexmark 2600 Series\lxdnamon.exe" [2009-05-20 16040]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-10-12 304568]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-11-30 296056]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2012-04-11 981856]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-01 634880]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"FileZilla Server Interface"="c:\program files\FileZilla Server\FileZilla Server Interface.exe" [2012-02-26 1044992]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
c:\users\novice39\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-17 1320288]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Online plug-in.lnk - c:\windows\Installer\{0F1F7A90-E71B-4E45-A066-2891619F22E1}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2011-1-12 77824]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-17 1320288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-08-17 18:19 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\SEARCH~1\SEARCH~1\datamngr.dll c:\progra~1\WI83E4~1\Datamngr\datamngr.dll c:\progra~1\WI83E4~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 17:08]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 15:45]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-10 15:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3031607
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\novice39\AppData\Roaming\Mozilla\Firefox\Profiles\ou75t0l8.newprofile\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://inpsc.com/administrator/index.php
FF - prefs.js: keyword.URL - hxxp://blekko.com/?source=c3348dd4&tbp=url&toolbarid=blekkotb&u=___userid___&q=
FF - user.js: capability.policy.policynames - allowclipboard
FF - user.js: capability.policy.allowclipboard.sites - hxxp://www.inpsc.com, http://www.inpsc.ie, http//localhost/joomla15
FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccess
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-04 11:56
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-05-04 11:58:56
ComboFix-quarantined-files.txt 2012-05-04 10:58
ComboFix2.txt 2012-04-24 19:52
ComboFix3.txt 2012-04-20 23:34
.
Pre-Run: 343,472,017,408 bytes free
Post-Run: 343,599,337,472 bytes free
.
- - End Of File - - 871D1AA2851B9F9E85FC2346BDCEADB8

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 04 May 2012 - 07:39 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 novice39

novice39
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 04 May 2012 - 09:23 AM

Hi Gringo TDSSKiller report - it did no identify an infected or suspicious files

15:13:29.0604 7444 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
15:13:29.0841 7444 ============================================================
15:13:29.0841 7444 Current date / time: 2012/05/04 15:13:29.0841
15:13:29.0841 7444 SystemInfo:
15:13:29.0841 7444
15:13:29.0841 7444 OS Version: 6.0.6002 ServicePack: 2.0
15:13:29.0841 7444 Product type: Workstation
15:13:29.0842 7444 ComputerName: Novice39-PC
15:13:29.0842 7444 UserName: Novice39
15:13:29.0842 7444 Windows directory: C:\Windows
15:13:29.0842 7444 System windows directory: C:\Windows
15:13:29.0842 7444 Processor architecture: Intel x86
15:13:29.0842 7444 Number of processors: 2
15:13:29.0842 7444 Page size: 0x1000
15:13:29.0842 7444 Boot type: Normal boot
15:13:29.0842 7444 ============================================================
15:13:31.0419 7444 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:13:37.0948 7444 Drive \Device\Harddisk5\DR5 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:13:37.0950 7444 ============================================================
15:13:37.0950 7444 \Device\Harddisk0\DR0:
15:13:37.0962 7444 MBR partitions:
15:13:37.0962 7444 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1E00000
15:13:37.0962 7444 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E1F800, BlocksNum 0x38566000
15:13:37.0962 7444 \Device\Harddisk5\DR5:
15:13:37.0964 7444 MBR partitions:
15:13:37.0964 7444 \Device\Harddisk5\DR5\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
15:13:37.0964 7444 ============================================================
15:13:38.0044 7444 C: <-> \Device\Harddisk0\DR0\Partition1
15:13:38.0130 7444 D: <-> \Device\Harddisk0\DR0\Partition0
15:13:38.0156 7444 J: <-> \Device\Harddisk5\DR5\Partition0
15:13:38.0156 7444 ============================================================
15:13:38.0156 7444 Initialize success
15:13:38.0156 7444 ============================================================
15:14:06.0313 5936 ============================================================
15:14:06.0313 5936 Scan started
15:14:06.0313 5936 Mode: Manual;
15:14:06.0313 5936 ============================================================
15:14:06.0617 5936 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:14:06.0619 5936 !SASCORE - ok
15:14:06.0784 5936 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:14:06.0787 5936 ACPI - ok
15:14:06.0849 5936 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:14:06.0851 5936 Adobe LM Service - ok
15:14:06.0914 5936 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
15:14:06.0916 5936 AdobeActiveFileMonitor7.0 - ok
15:14:06.0986 5936 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:14:06.0988 5936 AdobeARMservice - ok
15:14:07.0055 5936 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:14:07.0058 5936 AdobeFlashPlayerUpdateSvc - ok
15:14:07.0110 5936 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
15:14:07.0117 5936 adp94xx - ok
15:14:07.0173 5936 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
15:14:07.0178 5936 adpahci - ok
15:14:07.0206 5936 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
15:14:07.0209 5936 adpu160m - ok
15:14:07.0233 5936 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
15:14:07.0237 5936 adpu320 - ok
15:14:07.0284 5936 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:14:07.0286 5936 AeLookupSvc - ok
15:14:07.0337 5936 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:14:07.0343 5936 AFD - ok
15:14:07.0377 5936 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
15:14:07.0379 5936 agp440 - ok
15:14:07.0421 5936 ahcix86s (356d519b2868e30100fe846d232e1757) C:\Windows\system32\drivers\ahcix86s.sys
15:14:07.0425 5936 ahcix86s - ok
15:14:07.0446 5936 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:14:07.0449 5936 aic78xx - ok
15:14:07.0461 5936 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:14:07.0463 5936 ALG - ok
15:14:07.0495 5936 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
15:14:07.0497 5936 aliide - ok
15:14:07.0512 5936 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
15:14:07.0515 5936 amdagp - ok
15:14:07.0528 5936 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
15:14:07.0530 5936 amdide - ok
15:14:07.0550 5936 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
15:14:07.0552 5936 AmdK7 - ok
15:14:07.0580 5936 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
15:14:07.0582 5936 AmdK8 - ok
15:14:07.0657 5936 Apache2.2 (53ea061ecc67223a430f153c3682ad54) c:\XAMPP\apache\bin\httpd.exe
15:14:07.0675 5936 Apache2.2 - ok
15:14:07.0704 5936 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:14:07.0705 5936 Appinfo - ok
15:14:07.0791 5936 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:14:07.0793 5936 Apple Mobile Device - ok
15:14:07.0849 5936 Application Updater (f4c5530d92fa7f9a41c19edfc4c51bd4) C:\Program Files\Application Updater\ApplicationUpdater.exe
15:14:07.0857 5936 Application Updater - ok
15:14:07.0911 5936 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
15:14:07.0913 5936 arc - ok
15:14:07.0962 5936 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
15:14:07.0965 5936 arcsas - ok
15:14:07.0995 5936 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:14:07.0995 5936 AsyncMac - ok
15:14:08.0027 5936 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:14:08.0028 5936 atapi - ok
15:14:08.0088 5936 Ati External Event Utility (740b9b4140caccd0513d999eab488e48) C:\Windows\system32\Ati2evxx.exe
15:14:08.0096 5936 Ati External Event Utility - ok
15:14:08.0254 5936 atikmdag (7526ad10925d1aa9e4e6b0fb393b701f) C:\Windows\system32\DRIVERS\atikmdag.sys
15:14:08.0327 5936 atikmdag - ok
15:14:08.0446 5936 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:14:08.0448 5936 AudioEndpointBuilder - ok
15:14:08.0455 5936 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:14:08.0457 5936 Audiosrv - ok
15:14:08.0553 5936 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
15:14:08.0556 5936 BBSvc - ok
15:14:08.0586 5936 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
15:14:08.0589 5936 BBUpdate - ok
15:14:08.0645 5936 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:14:08.0646 5936 Beep - ok
15:14:08.0700 5936 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
15:14:08.0702 5936 BFE - ok
15:14:08.0741 5936 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
15:14:08.0752 5936 BITS - ok
15:14:08.0795 5936 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
15:14:08.0797 5936 blbdrive - ok
15:14:08.0908 5936 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:14:08.0914 5936 Bonjour Service - ok
15:14:08.0943 5936 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:14:08.0946 5936 bowser - ok
15:14:09.0016 5936 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:14:09.0018 5936 BrFiltLo - ok
15:14:09.0038 5936 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:14:09.0039 5936 BrFiltUp - ok
15:14:09.0074 5936 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:14:09.0077 5936 Browser - ok
15:14:09.0104 5936 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:14:09.0108 5936 Brserid - ok
15:14:09.0128 5936 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:14:09.0131 5936 BrSerWdm - ok
15:14:09.0157 5936 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:14:09.0158 5936 BrUsbMdm - ok
15:14:09.0169 5936 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:14:09.0170 5936 BrUsbSer - ok
15:14:09.0192 5936 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:14:09.0194 5936 BTHMODEM - ok
15:14:09.0303 5936 catchme - ok
15:14:09.0342 5936 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:14:09.0345 5936 cdfs - ok
15:14:09.0371 5936 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:14:09.0374 5936 cdrom - ok
15:14:09.0416 5936 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:14:09.0417 5936 CertPropSvc - ok
15:14:09.0460 5936 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
15:14:09.0462 5936 circlass - ok
15:14:09.0499 5936 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:14:09.0504 5936 CLFS - ok
15:14:09.0571 5936 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:14:09.0574 5936 clr_optimization_v2.0.50727_32 - ok
15:14:09.0642 5936 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:14:09.0644 5936 clr_optimization_v4.0.30319_32 - ok
15:14:09.0671 5936 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
15:14:09.0673 5936 cmdide - ok
15:14:09.0692 5936 Compbatt (4fc0a44da7603229e1a9454126a59efd) C:\Windows\system32\drivers\compbatt.sys
15:14:09.0693 5936 Compbatt - ok
15:14:09.0700 5936 COMSysApp - ok
15:14:09.0728 5936 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
15:14:09.0730 5936 crcdisk - ok
15:14:09.0753 5936 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
15:14:09.0755 5936 Crusoe - ok
15:14:09.0812 5936 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
15:14:09.0814 5936 CryptSvc - ok
15:14:09.0847 5936 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys
15:14:09.0850 5936 ctxusbm - ok
15:14:09.0899 5936 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:14:09.0908 5936 DcomLaunch - ok
15:14:09.0938 5936 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:14:09.0940 5936 DfsC - ok
15:14:10.0036 5936 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:14:10.0078 5936 DFSR - ok
15:14:10.0186 5936 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:14:10.0189 5936 Dhcp - ok
15:14:10.0237 5936 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:14:10.0240 5936 disk - ok
15:14:10.0276 5936 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:14:10.0279 5936 Dnscache - ok
15:14:10.0348 5936 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
15:14:10.0351 5936 DockLoginService - ok
15:14:10.0383 5936 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:14:10.0387 5936 dot3svc - ok
15:14:10.0435 5936 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:14:10.0438 5936 DPS - ok
15:14:10.0471 5936 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:14:10.0473 5936 drmkaud - ok
15:14:10.0534 5936 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:14:10.0544 5936 DXGKrnl - ok
15:14:10.0579 5936 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
15:14:10.0584 5936 e1express - ok
15:14:10.0610 5936 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:14:10.0613 5936 E1G60 - ok
15:14:10.0640 5936 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:14:10.0643 5936 EapHost - ok
15:14:10.0696 5936 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:14:10.0700 5936 Ecache - ok
15:14:10.0736 5936 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:14:10.0741 5936 ehRecvr - ok
15:14:10.0767 5936 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:14:10.0769 5936 ehSched - ok
15:14:10.0782 5936 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:14:10.0783 5936 ehstart - ok
15:14:10.0828 5936 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
15:14:10.0834 5936 elxstor - ok
15:14:10.0887 5936 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:14:10.0894 5936 EMDMgmt - ok
15:14:10.0930 5936 ErrDev (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys
15:14:10.0932 5936 ErrDev - ok
15:14:10.0984 5936 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:14:10.0986 5936 EventSystem - ok
15:14:11.0027 5936 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:14:11.0031 5936 exfat - ok
15:14:11.0186 5936 ExpressAccountsService (82e679a82771e604f7932f3cafa66dfd) C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe
15:14:11.0234 5936 ExpressAccountsService - ok
15:14:11.0335 5936 ExpressInvoiceService (a8f85688ff64b62635fffca1c6624ea1) C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe
15:14:11.0369 5936 ExpressInvoiceService - ok
15:14:11.0479 5936 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:14:11.0481 5936 fastfat - ok
15:14:11.0518 5936 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:14:11.0520 5936 fdc - ok
15:14:11.0549 5936 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:14:11.0551 5936 fdPHost - ok
15:14:11.0561 5936 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:14:11.0563 5936 FDResPub - ok
15:14:11.0605 5936 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:14:11.0608 5936 FileInfo - ok
15:14:11.0633 5936 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:14:11.0635 5936 Filetrace - ok
15:14:11.0874 5936 FileZilla Server (7e76eed28b8b8696b7f7ed5f757aa304) C:\Program Files\FileZilla Server\FileZilla Server.exe
15:14:11.0881 5936 FileZilla Server - ok
15:14:11.0950 5936 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:14:12.0143 5936 FLEXnet Licensing Service - ok
15:14:12.0259 5936 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:14:12.0260 5936 flpydisk - ok
15:14:12.0299 5936 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:14:12.0301 5936 FltMgr - ok
15:14:12.0374 5936 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:14:12.0384 5936 FontCache - ok
15:14:12.0437 5936 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:14:12.0440 5936 FontCache3.0.0.0 - ok
15:14:12.0477 5936 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:14:12.0479 5936 Fs_Rec - ok
15:14:12.0502 5936 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
15:14:12.0505 5936 gagp30kx - ok
15:14:12.0539 5936 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:14:12.0541 5936 GEARAspiWDM - ok
15:14:12.0598 5936 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
15:14:12.0599 5936 GoToAssist - ok
15:14:12.0650 5936 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:14:12.0660 5936 gpsvc - ok
15:14:12.0733 5936 gupdate1caaa681188d020 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
15:14:12.0735 5936 gupdate1caaa681188d020 - ok
15:14:12.0749 5936 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
15:14:12.0751 5936 gupdatem - ok
15:14:12.0797 5936 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
15:14:12.0802 5936 HdAudAddService - ok
15:14:12.0852 5936 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:14:12.0861 5936 HDAudBus - ok
15:14:12.0905 5936 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:14:12.0907 5936 HidBth - ok
15:14:12.0936 5936 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:14:12.0938 5936 HidIr - ok
15:14:12.0960 5936 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
15:14:12.0962 5936 hidserv - ok
15:14:12.0990 5936 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:14:12.0992 5936 HidUsb - ok
15:14:13.0018 5936 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:14:13.0022 5936 hkmsvc - ok
15:14:13.0046 5936 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
15:14:13.0048 5936 HpCISSs - ok
15:14:13.0102 5936 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:14:13.0104 5936 HTCAND32 - ok
15:14:13.0148 5936 htcnprot (52395a94c127c0266d1c0f3cce8a4345) C:\Windows\system32\DRIVERS\htcnprot.sys
15:14:13.0150 5936 htcnprot - ok
15:14:13.0197 5936 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:14:13.0205 5936 HTTP - ok
15:14:13.0226 5936 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
15:14:13.0229 5936 i2omp - ok
15:14:13.0274 5936 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:14:13.0277 5936 i8042prt - ok
15:14:13.0311 5936 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
15:14:13.0316 5936 iaStorV - ok
15:14:13.0422 5936 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:14:13.0426 5936 IDriverT - ok
15:14:13.0520 5936 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:14:13.0534 5936 idsvc - ok
15:14:13.0556 5936 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:14:13.0558 5936 iirsp - ok
15:14:13.0610 5936 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:14:13.0616 5936 IKEEXT - ok
15:14:13.0650 5936 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:14:13.0652 5936 intelide - ok
15:14:13.0705 5936 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:14:13.0707 5936 intelppm - ok
15:14:13.0753 5936 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:14:13.0757 5936 IPBusEnum - ok
15:14:13.0785 5936 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:14:13.0787 5936 IpFilterDriver - ok
15:14:13.0834 5936 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
15:14:13.0837 5936 iphlpsvc - ok
15:14:13.0845 5936 IpInIp - ok
15:14:13.0874 5936 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
15:14:13.0876 5936 IPMIDRV - ok
15:14:13.0906 5936 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:14:13.0909 5936 IPNAT - ok
15:14:14.0021 5936 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
15:14:14.0030 5936 iPod Service - ok
15:14:14.0056 5936 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:14:14.0058 5936 IRENUM - ok
15:14:14.0077 5936 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
15:14:14.0079 5936 isapnp - ok
15:14:14.0138 5936 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:14:14.0141 5936 iScsiPrt - ok
15:14:14.0169 5936 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:14:14.0171 5936 iteatapi - ok
15:14:14.0215 5936 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:14:14.0217 5936 iteraid - ok
15:14:14.0253 5936 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:14:14.0258 5936 kbdclass - ok
15:14:14.0283 5936 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:14:14.0285 5936 kbdhid - ok
15:14:14.0319 5936 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:14:14.0321 5936 KeyIso - ok
15:14:14.0357 5936 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:14:14.0375 5936 KSecDD - ok
15:14:14.0427 5936 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:14:14.0430 5936 KtmRm - ok
15:14:14.0467 5936 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
15:14:14.0470 5936 LanmanServer - ok
15:14:14.0502 5936 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:14:14.0505 5936 LanmanWorkstation - ok
15:14:14.0533 5936 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:14:14.0534 5936 lltdio - ok
15:14:14.0569 5936 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:14:14.0578 5936 lltdsvc - ok
15:14:14.0600 5936 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:14:14.0602 5936 lmhosts - ok
15:14:14.0621 5936 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
15:14:14.0623 5936 LSI_FC - ok
15:14:14.0629 5936 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
15:14:14.0631 5936 LSI_SAS - ok
15:14:14.0638 5936 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
15:14:14.0640 5936 LSI_SCSI - ok
15:14:14.0653 5936 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:14:14.0655 5936 luafv - ok
15:14:14.0695 5936 LVRS (ed643e777ba3f7151ef3f0fb6be4f7f0) C:\Windows\system32\DRIVERS\lvrs.sys
15:14:14.0700 5936 LVRS - ok
15:14:14.0872 5936 LVUVC (5bc80451109a8dd7f2ddd35bce2929a3) C:\Windows\system32\DRIVERS\lvuvc.sys
15:14:14.0969 5936 LVUVC - ok
15:14:15.0119 5936 lxdnCATSCustConnectService (6ec65465744c0b9495aea4d51947db49) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
15:14:15.0123 5936 lxdnCATSCustConnectService - ok
15:14:15.0129 5936 lxdn_device - ok
15:14:15.0165 5936 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
15:14:15.0166 5936 MBAMProtector - ok
15:14:15.0224 5936 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:14:15.0230 5936 MBAMService - ok
15:14:15.0268 5936 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
15:14:15.0273 5936 MBAMSwissArmy - ok
15:14:15.0306 5936 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:14:15.0311 5936 Mcx2Svc - ok
15:14:15.0368 5936 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
15:14:15.0372 5936 megasas - ok
15:14:15.0416 5936 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
15:14:15.0422 5936 MegaSR - ok
15:14:15.0439 5936 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:14:15.0441 5936 MMCSS - ok
15:14:15.0461 5936 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:14:15.0464 5936 Modem - ok
15:14:15.0501 5936 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:14:15.0502 5936 monitor - ok
15:14:15.0515 5936 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:14:15.0517 5936 mouclass - ok
15:14:15.0551 5936 moufiltr (9b5d39ed7659ba9b38b64df2a83f1768) C:\Windows\system32\DRIVERS\moufiltr.sys
15:14:15.0552 5936 moufiltr - ok
15:14:15.0558 5936 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:14:15.0564 5936 mouhid - ok
15:14:15.0579 5936 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:14:15.0581 5936 MountMgr - ok
15:14:15.0653 5936 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:14:15.0655 5936 MozillaMaintenance - ok
15:14:15.0720 5936 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
15:14:15.0722 5936 MpFilter - ok
15:14:15.0766 5936 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
15:14:15.0769 5936 mpio - ok
15:14:15.0930 5936 MpKslf1f6d9d0 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{08CB1A3D-07AF-4DD2-99E2-220C13762E7C}\MpKslf1f6d9d0.sys
15:14:15.0931 5936 MpKslf1f6d9d0 - ok
15:14:15.0951 5936 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:14:15.0954 5936 mpsdrv - ok
15:14:16.0027 5936 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
15:14:16.0033 5936 MpsSvc - ok
15:14:16.0091 5936 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:14:16.0093 5936 Mraid35x - ok
15:14:16.0129 5936 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:14:16.0132 5936 MRxDAV - ok
15:14:16.0171 5936 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:14:16.0175 5936 mrxsmb - ok
15:14:16.0248 5936 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:14:16.0253 5936 mrxsmb10 - ok
15:14:16.0283 5936 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:14:16.0286 5936 mrxsmb20 - ok
15:14:16.0318 5936 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
15:14:16.0320 5936 msahci - ok
15:14:16.0337 5936 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
15:14:16.0340 5936 msdsm - ok
15:14:16.0393 5936 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:14:16.0397 5936 MSDTC - ok
15:14:16.0431 5936 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:14:16.0433 5936 Msfs - ok
15:14:16.0454 5936 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:14:16.0458 5936 msisadrv - ok
15:14:16.0495 5936 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:14:16.0499 5936 MSiSCSI - ok
15:14:16.0505 5936 msiserver - ok
15:14:16.0547 5936 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:14:16.0559 5936 MSKSSRV - ok
15:14:16.0647 5936 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:14:16.0648 5936 MsMpSvc - ok
15:14:16.0683 5936 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:14:16.0683 5936 MSPCLOCK - ok
15:14:16.0701 5936 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:14:16.0702 5936 MSPQM - ok
15:14:16.0733 5936 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:14:16.0737 5936 MsRPC - ok
15:14:16.0772 5936 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:14:16.0773 5936 mssmbios - ok
15:14:16.0782 5936 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:14:16.0784 5936 MSTEE - ok
15:14:16.0801 5936 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:14:16.0803 5936 Mup - ok
15:14:16.0825 5936 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:14:16.0832 5936 napagent - ok
15:14:16.0863 5936 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:14:16.0867 5936 NativeWifiP - ok
15:14:16.0915 5936 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:14:16.0924 5936 NDIS - ok
15:14:16.0980 5936 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:14:16.0981 5936 NdisTapi - ok
15:14:16.0993 5936 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:14:16.0994 5936 Ndisuio - ok
15:14:17.0006 5936 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:14:17.0008 5936 NdisWan - ok
15:14:17.0045 5936 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:14:17.0047 5936 NDProxy - ok
15:14:17.0063 5936 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:14:17.0065 5936 NetBIOS - ok
15:14:17.0098 5936 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:14:17.0101 5936 netbt - ok
15:14:17.0125 5936 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:14:17.0126 5936 Netlogon - ok
15:14:17.0153 5936 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:14:17.0157 5936 Netman - ok
15:14:17.0177 5936 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:14:17.0180 5936 netprofm - ok
15:14:17.0246 5936 netr73 (847b64e9069946556bcfcdce638566d8) C:\Windows\system32\DRIVERS\netr73.sys
15:14:17.0255 5936 netr73 - ok
15:14:17.0320 5936 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:14:17.0323 5936 NetTcpPortSharing - ok
15:14:17.0372 5936 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:14:17.0375 5936 nfrd960 - ok
15:14:17.0418 5936 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:14:17.0420 5936 NisDrv - ok
15:14:17.0524 5936 NisSrv (290c0d4c4889398797f8df3be00b9698) C:\Program Files\Microsoft Security Client\NisSrv.exe
15:14:17.0528 5936 NisSrv - ok
15:14:17.0634 5936 NitroReaderDriverReadSpool2 (ab0d77bb398b176bf3941ab95457c24f) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
15:14:17.0649 5936 NitroReaderDriverReadSpool2 - ok
15:14:17.0672 5936 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:14:17.0678 5936 NlaSvc - ok
15:14:17.0707 5936 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:14:17.0709 5936 Npfs - ok
15:14:17.0724 5936 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:14:17.0728 5936 nsi - ok
15:14:17.0760 5936 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:14:17.0763 5936 nsiproxy - ok
15:14:17.0835 5936 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:14:17.0865 5936 Ntfs - ok
15:14:17.0884 5936 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:14:17.0885 5936 ntrigdigi - ok
15:14:17.0899 5936 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:14:17.0901 5936 Null - ok
15:14:17.0919 5936 Nullorvue - ok
15:14:17.0947 5936 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
15:14:17.0949 5936 nvraid - ok
15:14:17.0964 5936 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
15:14:17.0966 5936 nvstor - ok
15:14:17.0995 5936 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
15:14:17.0997 5936 nv_agp - ok
15:14:18.0002 5936 NwlnkFlt - ok
15:14:18.0009 5936 NwlnkFwd - ok
15:14:18.0129 5936 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:14:18.0135 5936 odserv - ok
15:14:18.0167 5936 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:14:18.0169 5936 ohci1394 - ok
15:14:18.0201 5936 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:14:18.0204 5936 ose - ok
15:14:18.0251 5936 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:14:18.0261 5936 p2pimsvc - ok
15:14:18.0272 5936 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:14:18.0278 5936 p2psvc - ok
15:14:18.0316 5936 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:14:18.0318 5936 Parport - ok
15:14:18.0355 5936 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:14:18.0357 5936 partmgr - ok
15:14:18.0376 5936 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:14:18.0378 5936 Parvdm - ok
15:14:18.0449 5936 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
15:14:18.0574 5936 PassThru Service - ok
15:14:18.0612 5936 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:14:18.0618 5936 PcaSvc - ok
15:14:18.0665 5936 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
15:14:18.0667 5936 pccsmcfd - ok
15:14:18.0701 5936 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:14:18.0703 5936 pci - ok
15:14:18.0716 5936 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
15:14:18.0717 5936 pciide - ok
15:14:18.0737 5936 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:14:18.0740 5936 pcmcia - ok
15:14:18.0792 5936 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:14:18.0803 5936 PEAUTH - ok
15:14:18.0856 5936 pfc (444f122e68db44c0589227781f3c8b3f) C:\Windows\system32\drivers\pfc.sys
15:14:18.0858 5936 pfc - ok
15:14:18.0927 5936 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:14:18.0961 5936 pla - ok
15:14:19.0061 5936 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:14:19.0067 5936 PlugPlay - ok
15:14:19.0123 5936 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:14:19.0130 5936 PNRPAutoReg - ok
15:14:19.0140 5936 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:14:19.0146 5936 PNRPsvc - ok
15:14:19.0186 5936 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:14:19.0189 5936 PolicyAgent - ok
15:14:19.0233 5936 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:14:19.0235 5936 PptpMiniport - ok
15:14:19.0246 5936 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
15:14:19.0247 5936 Processor - ok
15:14:19.0268 5936 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:14:19.0273 5936 ProfSvc - ok
15:14:19.0297 5936 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:14:19.0299 5936 ProtectedStorage - ok
15:14:19.0329 5936 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:14:19.0330 5936 PSched - ok
15:14:19.0404 5936 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
15:14:19.0471 5936 PSI_SVC_2 - ok
15:14:19.0496 5936 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
15:14:19.0498 5936 PxHelp20 - ok
15:14:19.0571 5936 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
15:14:19.0593 5936 ql2300 - ok
15:14:19.0614 5936 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:14:19.0617 5936 ql40xx - ok
15:14:19.0654 5936 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:14:19.0661 5936 QWAVE - ok
15:14:19.0677 5936 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:14:19.0679 5936 QWAVEdrv - ok
15:14:19.0810 5936 R300 (7526ad10925d1aa9e4e6b0fb393b701f) C:\Windows\system32\DRIVERS\atikmdag.sys
15:14:19.0843 5936 R300 - ok
15:14:19.0961 5936 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
15:14:19.0964 5936 RapiMgr - ok
15:14:20.0018 5936 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:14:20.0020 5936 RasAcd - ok
15:14:20.0055 5936 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:14:20.0060 5936 RasAuto - ok
15:14:20.0074 5936 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:14:20.0077 5936 Rasl2tp - ok
15:14:20.0116 5936 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:14:20.0122 5936 RasMan - ok
15:14:20.0151 5936 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:14:20.0154 5936 RasPppoe - ok
15:14:20.0170 5936 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:14:20.0172 5936 RasSstp - ok
15:14:20.0193 5936 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:14:20.0198 5936 rdbss - ok
15:14:20.0208 5936 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:14:20.0209 5936 RDPCDD - ok
15:14:20.0237 5936 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
15:14:20.0242 5936 rdpdr - ok
15:14:20.0261 5936 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:14:20.0262 5936 RDPENCDD - ok
15:14:20.0309 5936 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
15:14:20.0313 5936 RDPWD - ok
15:14:20.0353 5936 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:14:20.0356 5936 RemoteAccess - ok
15:14:20.0388 5936 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:14:20.0394 5936 RemoteRegistry - ok
15:14:20.0411 5936 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:14:20.0414 5936 RpcLocator - ok
15:14:20.0457 5936 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:14:20.0462 5936 RpcSs - ok
15:14:20.0489 5936 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:14:20.0491 5936 rspndr - ok
15:14:20.0525 5936 RTL8169 (5163f804256deb8cf1ef64b780a18caa) C:\Windows\system32\DRIVERS\Rtlh86.sys
15:14:20.0528 5936 RTL8169 - ok
15:14:20.0546 5936 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:14:20.0547 5936 SamSs - ok
15:14:20.0612 5936 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:14:20.0613 5936 SASDIFSV - ok
15:14:20.0647 5936 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:14:20.0648 5936 SASKUTIL - ok
15:14:20.0663 5936 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:14:20.0665 5936 sbp2port - ok
15:14:20.0705 5936 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:14:20.0707 5936 SCardSvr - ok
15:14:20.0753 5936 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:14:20.0758 5936 Schedule - ok
15:14:20.0769 5936 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:14:20.0770 5936 SCPolicySvc - ok
15:14:20.0788 5936 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:14:20.0791 5936 SDRSVC - ok
15:14:20.0831 5936 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:14:20.0832 5936 secdrv - ok
15:14:20.0845 5936 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:14:20.0847 5936 seclogon - ok
15:14:20.0859 5936 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
15:14:20.0861 5936 SENS - ok
15:14:20.0887 5936 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:14:20.0888 5936 Serenum - ok
15:14:20.0918 5936 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:14:20.0920 5936 Serial - ok
15:14:20.0950 5936 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:14:20.0951 5936 sermouse - ok
15:14:21.0017 5936 ServiceLayer (58d5bfdf3adf49fe9cabd78cc61d92f6) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:14:21.0115 5936 ServiceLayer - ok
15:14:21.0149 5936 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:14:21.0152 5936 SessionEnv - ok
15:14:21.0179 5936 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
15:14:21.0180 5936 sffdisk - ok
15:14:21.0206 5936 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
15:14:21.0208 5936 sffp_mmc - ok
15:14:21.0225 5936 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
15:14:21.0226 5936 sffp_sd - ok
15:14:21.0264 5936 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
15:14:21.0265 5936 sfloppy - ok
15:14:21.0312 5936 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:14:21.0317 5936 SharedAccess - ok
15:14:21.0351 5936 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
15:14:21.0357 5936 ShellHWDetection - ok
15:14:21.0383 5936 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
15:14:21.0385 5936 sisagp - ok
15:14:21.0403 5936 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
15:14:21.0405 5936 SiSRaid2 - ok
15:14:21.0431 5936 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
15:14:21.0434 5936 SiSRaid4 - ok
15:14:21.0489 5936 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
15:14:21.0493 5936 SkypeUpdate - ok
15:14:21.0631 5936 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:14:21.0661 5936 slsvc - ok
15:14:21.0851 5936 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:14:21.0854 5936 SLUINotify - ok
15:14:21.0891 5936 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:14:21.0893 5936 Smb - ok
15:14:21.0925 5936 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:14:21.0930 5936 SNMPTRAP - ok
15:14:21.0951 5936 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:14:21.0953 5936 spldr - ok
15:14:21.0987 5936 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:14:21.0993 5936 Spooler - ok
15:14:22.0053 5936 sprtsvc_DellSupportCenter (777115c9cc675bd98127660712d2f784) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
15:14:22.0056 5936 sprtsvc_DellSupportCenter - ok
15:14:22.0096 5936 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:14:22.0102 5936 srv - ok
15:14:22.0135 5936 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:14:22.0139 5936 srv2 - ok
15:14:22.0151 5936 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:14:22.0154 5936 srvnet - ok
15:14:22.0185 5936 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:14:22.0191 5936 SSDPSRV - ok
15:14:22.0230 5936 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:14:22.0236 5936 SstpSvc - ok
15:14:22.0278 5936 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:14:22.0288 5936 stisvc - ok
15:14:22.0343 5936 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:14:22.0415 5936 stllssvr - ok
15:14:22.0458 5936 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:14:22.0460 5936 swenum - ok
15:14:22.0503 5936 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:14:22.0509 5936 swprv - ok
15:14:22.0530 5936 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:14:22.0532 5936 Symc8xx - ok
15:14:22.0562 5936 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:14:22.0565 5936 Sym_hi - ok
15:14:22.0580 5936 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:14:22.0583 5936 Sym_u3 - ok
15:14:22.0643 5936 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:14:22.0652 5936 SysMain - ok
15:14:22.0686 5936 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:14:22.0691 5936 TabletInputService - ok
15:14:22.0729 5936 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:14:22.0734 5936 TapiSrv - ok
15:14:22.0750 5936 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:14:22.0753 5936 TBS - ok
15:14:22.0806 5936 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
15:14:22.0820 5936 Tcpip - ok
15:14:22.0834 5936 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
15:14:22.0839 5936 Tcpip6 - ok
15:14:22.0861 5936 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
15:14:22.0862 5936 tcpipreg - ok
15:14:22.0888 5936 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:14:22.0889 5936 TDPIPE - ok
15:14:22.0919 5936 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:14:22.0920 5936 TDTCP - ok
15:14:22.0957 5936 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:14:22.0959 5936 tdx - ok
15:14:22.0989 5936 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:14:22.0992 5936 TermDD - ok
15:14:23.0143 5936 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:14:23.0156 5936 TermService - ok
15:14:23.0192 5936 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
15:14:23.0198 5936 Themes - ok
15:14:23.0231 5936 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:14:23.0234 5936 THREADORDER - ok
15:14:23.0260 5936 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:14:23.0266 5936 TrkWks - ok
15:14:23.0315 5936 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:14:23.0316 5936 TrustedInstaller - ok
15:14:23.0345 5936 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:14:23.0347 5936 tssecsrv - ok
15:14:23.0363 5936 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:14:23.0365 5936 tunmp - ok
15:14:23.0372 5936 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:14:23.0374 5936 tunnel - ok
15:14:23.0403 5936 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
15:14:23.0406 5936 uagp35 - ok
15:14:23.0448 5936 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:14:23.0453 5936 udfs - ok
15:14:23.0483 5936 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:14:23.0488 5936 UI0Detect - ok
15:14:23.0505 5936 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
15:14:23.0507 5936 uliagpkx - ok
15:14:23.0544 5936 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
15:14:23.0549 5936 uliahci - ok
15:14:23.0564 5936 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:14:23.0567 5936 UlSata - ok
15:14:23.0590 5936 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:14:23.0593 5936 ulsata2 - ok
15:14:23.0616 5936 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:14:23.0618 5936 umbus - ok
15:14:23.0724 5936 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
15:14:23.0733 5936 UMVPFSrv - ok
15:14:23.0770 5936 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:14:23.0777 5936 upnphost - ok
15:14:23.0822 5936 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
15:14:23.0824 5936 usbaudio - ok
15:14:23.0870 5936 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:14:23.0873 5936 usbccgp - ok
15:14:23.0894 5936 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:14:23.0899 5936 usbcir - ok
15:14:23.0929 5936 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:14:23.0931 5936 usbehci - ok
15:14:23.0952 5936 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:14:23.0957 5936 usbhub - ok
15:14:23.0981 5936 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
15:14:23.0983 5936 usbohci - ok
15:14:24.0018 5936 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:14:24.0020 5936 usbprint - ok
15:14:24.0050 5936 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:14:24.0053 5936 usbscan - ok
15:14:24.0085 5936 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:14:24.0088 5936 USBSTOR - ok
15:14:24.0108 5936 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:14:24.0111 5936 usbuhci - ok
15:14:24.0154 5936 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
15:14:24.0158 5936 usbvideo - ok
15:14:24.0208 5936 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
15:14:24.0210 5936 usb_rndisx - ok
15:14:24.0237 5936 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:14:24.0245 5936 UxSms - ok
15:14:24.0284 5936 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:14:24.0295 5936 vds - ok
15:14:24.0332 5936 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:14:24.0333 5936 vga - ok
15:14:24.0361 5936 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:14:24.0363 5936 VgaSave - ok
15:14:24.0408 5936 vhidmini (2ab44be1479fdb6d99d3ad0e765ac233) C:\Windows\system32\DRIVERS\walvhid.sys
15:14:24.0417 5936 vhidmini - ok
15:14:24.0440 5936 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
15:14:24.0443 5936 viaagp - ok
15:14:24.0469 5936 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
15:14:24.0472 5936 ViaC7 - ok
15:14:24.0553 5936 VIAHdAudAddService (9891a8f16931c30c72d0816306dd8185) C:\Windows\system32\drivers\viahduaa.sys
15:14:24.0571 5936 VIAHdAudAddService - ok
15:14:24.0594 5936 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
15:14:24.0597 5936 viaide - ok
15:14:24.0606 5936 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:14:24.0609 5936 volmgr - ok
15:14:24.0645 5936 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:14:24.0649 5936 volmgrx - ok
15:14:24.0681 5936 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:14:24.0684 5936 volsnap - ok
15:14:24.0708 5936 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
15:14:24.0710 5936 vsmraid - ok
15:14:24.0765 5936 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:14:24.0774 5936 VSS - ok
15:14:24.0814 5936 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:14:24.0821 5936 W32Time - ok
15:14:24.0860 5936 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:14:24.0861 5936 WacomPen - ok
15:14:24.0935 5936 wampapache (53ea061ecc67223a430f153c3682ad54) c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
15:14:24.0956 5936 wampapache - ok
15:14:24.0998 5936 wampmysqld - ok
15:14:25.0016 5936 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:14:25.0018 5936 Wanarp - ok
15:14:25.0024 5936 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:14:25.0025 5936 Wanarpv6 - ok
15:14:25.0108 5936 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
15:14:25.0110 5936 WcesComm - ok
15:14:25.0144 5936 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:14:25.0153 5936 wcncsvc - ok
15:14:25.0186 5936 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:14:25.0189 5936 WcsPlugInService - ok
15:14:25.0211 5936 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
15:14:25.0213 5936 Wd - ok
15:14:25.0241 5936 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:14:25.0247 5936 Wdf01000 - ok
15:14:25.0262 5936 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:14:25.0265 5936 WdiServiceHost - ok
15:14:25.0278 5936 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:14:25.0281 5936 WdiSystemHost - ok
15:14:25.0296 5936 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:14:25.0299 5936 WebClient - ok
15:14:25.0320 5936 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:14:25.0325 5936 Wecsvc - ok
15:14:25.0338 5936 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:14:25.0341 5936 wercplsupport - ok
15:14:25.0358 5936 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:14:25.0362 5936 WerSvc - ok
15:14:25.0438 5936 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
15:14:25.0441 5936 WinDefend - ok
15:14:25.0452 5936 WinHttpAutoProxySvc - ok
15:14:25.0489 5936 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:14:25.0491 5936 Winmgmt - ok
15:14:25.0553 5936 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:14:25.0580 5936 WinRM - ok
15:14:25.0628 5936 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:14:25.0638 5936 Wlansvc - ok
15:14:25.0681 5936 WmiAcpi (48ca581c12022ac60fe82e2b96fbf5d4) C:\Windows\system32\drivers\wmiacpi.sys
15:14:25.0683 5936 WmiAcpi - ok
15:14:25.0737 5936 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:14:25.0738 5936 wmiApSrv - ok
15:14:25.0844 5936 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:14:25.0859 5936 WMPNetworkSvc - ok
15:14:25.0874 5936 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:14:25.0880 5936 WPCSvc - ok
15:14:25.0910 5936 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:14:25.0916 5936 WPDBusEnum - ok
15:14:25.0975 5936 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:14:25.0978 5936 WpdUsb - ok
15:14:26.0094 5936 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:14:26.0108 5936 WPFFontCache_v0400 - ok
15:14:26.0131 5936 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:14:26.0133 5936 ws2ifsl - ok
15:14:26.0170 5936 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
15:14:26.0176 5936 wscsvc - ok
15:14:26.0182 5936 WSearch - ok
15:14:26.0280 5936 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:14:26.0303 5936 wuauserv - ok
15:14:26.0395 5936 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:14:26.0397 5936 WUDFRd - ok
15:14:26.0425 5936 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:14:26.0428 5936 wudfsvc - ok
15:14:26.0466 5936 XAMPP (16a004d355467e44d217dc4df62ec1e4) c:\xampp\service.exe
15:14:26.0535 5936 XAMPP - ok
15:14:26.0604 5936 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:14:26.0662 5936 \Device\Harddisk0\DR0 - ok
15:14:26.0670 5936 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk5\DR5
15:14:26.0676 5936 \Device\Harddisk5\DR5 - ok
15:14:26.0688 5936 Boot (0x1200) (68efe83cd99236e439c1ec34e2431507) \Device\Harddisk0\DR0\Partition0
15:14:26.0690 5936 \Device\Harddisk0\DR0\Partition0 - ok
15:14:26.0708 5936 Boot (0x1200) (19eae16e9ca1a2263661b3cfd003bb92) \Device\Harddisk0\DR0\Partition1
15:14:26.0710 5936 \Device\Harddisk0\DR0\Partition1 - ok
15:14:26.0717 5936 Boot (0x1200) (e2b12cb4be9c37f9d947399b574b9ab3) \Device\Harddisk5\DR5\Partition0
15:14:26.0723 5936 \Device\Harddisk5\DR5\Partition0 - ok
15:14:26.0724 5936 ============================================================
15:14:26.0724 5936 Scan finished
15:14:26.0724 5936 ============================================================
15:14:26.0748 7964 Detected object count: 0
15:14:26.0748 7964 Actual detected object count: 0
15:14:39.0793 6848 ============================================================
15:14:39.0793 6848 Scan started
15:14:39.0793 6848 Mode: Manual;
15:14:39.0793 6848 ============================================================
15:14:40.0033 6848 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:14:40.0035 6848 !SASCORE - ok
15:14:40.0093 6848 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:14:40.0095 6848 ACPI - ok
15:14:40.0132 6848 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:14:40.0133 6848 Adobe LM Service - ok
15:14:40.0188 6848 AdobeActiveFileMonitor7.0 (3fd8dc2c9735c2aa70155102cfb93eda) c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
15:14:40.0190 6848 AdobeActiveFileMonitor7.0 - ok
15:14:40.0227 6848 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:14:40.0228 6848 AdobeARMservice - ok
15:14:40.0287 6848 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:14:40.0289 6848 AdobeFlashPlayerUpdateSvc - ok
15:14:40.0334 6848 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
15:14:40.0339 6848 adp94xx - ok
15:14:40.0380 6848 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
15:14:40.0382 6848 adpahci - ok
15:14:40.0413 6848 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
15:14:40.0415 6848 adpu160m - ok
15:14:40.0432 6848 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
15:14:40.0433 6848 adpu320 - ok
15:14:40.0475 6848 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:14:40.0476 6848 AeLookupSvc - ok
15:14:40.0520 6848 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:14:40.0523 6848 AFD - ok
15:14:40.0551 6848 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
15:14:40.0552 6848 agp440 - ok
15:14:40.0601 6848 ahcix86s (356d519b2868e30100fe846d232e1757) C:\Windows\system32\drivers\ahcix86s.sys
15:14:40.0604 6848 ahcix86s - ok
15:14:40.0629 6848 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:14:40.0630 6848 aic78xx - ok
15:14:40.0644 6848 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:14:40.0645 6848 ALG - ok
15:14:40.0677 6848 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
15:14:40.0678 6848 aliide - ok
15:14:40.0695 6848 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
15:14:40.0696 6848 amdagp - ok
15:14:40.0710 6848 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
15:14:40.0711 6848 amdide - ok
15:14:40.0741 6848 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
15:14:40.0741 6848 AmdK7 - ok
15:14:40.0770 6848 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
15:14:40.0772 6848 AmdK8 - ok
15:14:40.0839 6848 Apache2.2 (53ea061ecc67223a430f153c3682ad54) c:\XAMPP\apache\bin\httpd.exe
15:14:40.0840 6848 Apache2.2 - ok
15:14:40.0861 6848 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:14:40.0862 6848 Appinfo - ok
15:14:40.0940 6848 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:14:40.0942 6848 Apple Mobile Device - ok
15:14:41.0004 6848 Application Updater (f4c5530d92fa7f9a41c19edfc4c51bd4) C:\Program Files\Application Updater\ApplicationUpdater.exe
15:14:41.0013 6848 Application Updater - ok
15:14:41.0060 6848 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
15:14:41.0061 6848 arc - ok
15:14:41.0087 6848 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
15:14:41.0088 6848 arcsas - ok
15:14:41.0135 6848 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:14:41.0136 6848 AsyncMac - ok
15:14:41.0167 6848 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:14:41.0168 6848 atapi - ok
15:14:41.0212 6848 Ati External Event Utility (740b9b4140caccd0513d999eab488e48) C:\Windows\system32\Ati2evxx.exe
15:14:41.0221 6848 Ati External Event Utility - ok
15:14:41.0404 6848 atikmdag (7526ad10925d1aa9e4e6b0fb393b701f) C:\Windows\system32\DRIVERS\atikmdag.sys
15:14:41.0446 6848 atikmdag - ok
15:14:41.0551 6848 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:14:41.0553 6848 AudioEndpointBuilder - ok
15:14:41.0561 6848 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:14:41.0564 6848 Audiosrv - ok
15:14:41.0636 6848 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
15:14:41.0637 6848 BBSvc - ok
15:14:41.0668 6848 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
15:14:41.0669 6848 BBUpdate - ok
15:14:41.0710 6848 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:14:41.0711 6848 Beep - ok
15:14:41.0752 6848 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
15:14:41.0756 6848 BFE - ok
15:14:41.0802 6848 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
15:14:41.0814 6848 BITS - ok
15:14:41.0897 6848 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
15:14:41.0897 6848 blbdrive - ok
15:14:41.0969 6848 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:14:41.0974 6848 Bonjour Service - ok
15:14:42.0009 6848 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:14:42.0009 6848 bowser - ok
15:14:42.0038 6848 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:14:42.0039 6848 BrFiltLo - ok
15:14:42.0054 6848 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:14:42.0054 6848 BrFiltUp - ok
15:14:42.0090 6848 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:14:42.0091 6848 Browser - ok
15:14:42.0122 6848 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:14:42.0123 6848 Brserid - ok
15:14:42.0161 6848 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:14:42.0162 6848 BrSerWdm - ok
15:14:42.0189 6848 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:14:42.0190 6848 BrUsbMdm - ok
15:14:42.0210 6848 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:14:42.0210 6848 BrUsbSer - ok
15:14:42.0241 6848 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:14:42.0242 6848 BTHMODEM - ok
15:14:42.0343 6848 catchme - ok
15:14:42.0359 6848 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:14:42.0360 6848 cdfs - ok
15:14:42.0387 6848 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:14:42.0389 6848 cdrom - ok
15:14:42.0418 6848 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:14:42.0419 6848 CertPropSvc - ok
15:14:42.0451 6848 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
15:14:42.0452 6848 circlass - ok
15:14:42.0491 6848 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:14:42.0494 6848 CLFS - ok
15:14:42.0562 6848 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:14:42.0563 6848 clr_optimization_v2.0.50727_32 - ok
15:14:42.0625 6848 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:14:42.0626 6848 clr_optimization_v4.0.30319_32 - ok
15:14:42.0654 6848 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
15:14:42.0654 6848 cmdide - ok
15:14:42.0666 6848 Compbatt (4fc0a44da7603229e1a9454126a59efd) C:\Windows\system32\drivers\compbatt.sys
15:14:42.0666 6848 Compbatt - ok
15:14:42.0671 6848 COMSysApp - ok
15:14:42.0702 6848 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
15:14:42.0703 6848 crcdisk - ok
15:14:42.0728 6848 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
15:14:42.0729 6848 Crusoe - ok
15:14:42.0761 6848 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
15:14:42.0763 6848 CryptSvc - ok
15:14:42.0797 6848 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys
15:14:42.0798 6848 ctxusbm - ok
15:14:42.0838 6848 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:14:42.0847 6848 DcomLaunch - ok
15:14:42.0879 6848 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:14:42.0879 6848 DfsC - ok
15:14:42.0973 6848 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:14:42.0996 6848 DFSR - ok
15:14:43.0108 6848 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:14:43.0111 6848 Dhcp - ok
15:14:43.0154 6848 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:14:43.0155 6848 disk - ok
15:14:43.0186 6848 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:14:43.0188 6848 Dnscache - ok
15:14:43.0248 6848 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
15:14:43.0250 6848 DockLoginService - ok
15:14:43.0282 6848 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:14:43.0285 6848 dot3svc - ok
15:14:43.0308 6848 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:14:43.0311 6848 DPS - ok
15:14:43.0346 6848 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:14:43.0346 6848 drmkaud - ok
15:14:43.0401 6848 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:14:43.0409 6848 DXGKrnl - ok
15:14:43.0445 6848 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
15:14:43.0448 6848 e1express - ok
15:14:43.0476 6848 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:14:43.0478 6848 E1G60 - ok
15:14:43.0506 6848 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:14:43.0508 6848 EapHost - ok
15:14:43.0546 6848 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:14:43.0548 6848 Ecache - ok
15:14:43.0602 6848 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:14:43.0605 6848 ehRecvr - ok
15:14:43.0623 6848 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:14:43.0624 6848 ehSched - ok
15:14:43.0640 6848 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:14:43.0641 6848 ehstart - ok
15:14:43.0676 6848 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
15:14:43.0680 6848 elxstor - ok
15:14:43.0727 6848 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:14:43.0734 6848 EMDMgmt - ok
15:14:43.0762 6848 ErrDev (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys
15:14:43.0763 6848 ErrDev - ok
15:14:43.0819 6848 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:14:43.0823 6848 EventSystem - ok
15:14:43.0869 6848 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:14:43.0871 6848 exfat - ok
15:14:44.0038 6848 ExpressAccountsService (82e679a82771e604f7932f3cafa66dfd) C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe
15:14:44.0070 6848 ExpressAccountsService - ok
15:14:44.0191 6848 ExpressInvoiceService (a8f85688ff64b62635fffca1c6624ea1) C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe
15:14:44.0213 6848 ExpressInvoiceService - ok
15:14:44.0320 6848 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:14:44.0321 6848 fastfat - ok
15:14:44.0350 6848 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:14:44.0351 6848 fdc - ok
15:14:44.0381 6848 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:14:44.0385 6848 fdPHost - ok
15:14:44.0392 6848 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:14:44.0393 6848 FDResPub - ok
15:14:44.0413 6848 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:14:44.0414 6848 FileInfo - ok
15:14:44.0440 6848 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:14:44.0441 6848 Filetrace - ok
15:14:44.0532 6848 FileZilla Server (7e76eed28b8b8696b7f7ed5f757aa304) C:\Program Files\FileZilla Server\FileZilla Server.exe
15:14:44.0538 6848 FileZilla Server - ok
15:14:44.0594 6848 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:14:44.0605 6848 FLEXnet Licensing Service - ok
15:14:44.0719 6848 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:14:44.0720 6848 flpydisk - ok
15:14:44.0766 6848 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:14:44.0768 6848 FltMgr - ok
15:14:44.0825 6848 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:14:44.0835 6848 FontCache - ok
15:14:44.0879 6848 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:14:44.0880 6848 FontCache3.0.0.0 - ok
15:14:44.0910 6848 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:14:44.0911 6848 Fs_Rec - ok
15:14:44.0934 6848 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
15:14:44.0935 6848 gagp30kx - ok
15:14:44.0964 6848 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:14:44.0965 6848 GEARAspiWDM - ok
15:14:45.0031 6848 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
15:14:45.0032 6848 GoToAssist - ok
15:14:45.0084 6848 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:14:45.0093 6848 gpsvc - ok
15:14:45.0141 6848 gupdate1caaa681188d020 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
15:14:45.0143 6848 gupdate1caaa681188d020 - ok
15:14:45.0156 6848 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe
15:14:45.0158 6848 gupdatem - ok
15:14:45.0197 6848 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
15:14:45.0200 6848 HdAudAddService - ok
15:14:45.0245 6848 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:14:45.0251 6848 HDAudBus - ok
15:14:45.0296 6848 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:14:45.0296 6848 HidBth - ok
15:14:45.0327 6848 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:14:45.0328 6848 HidIr - ok
15:14:45.0352 6848 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
15:14:45.0354 6848 hidserv - ok
15:14:45.0390 6848 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:14:45.0391 6848 HidUsb - ok
15:14:45.0412 6848 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:14:45.0415 6848 hkmsvc - ok
15:14:45.0436 6848 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
15:14:45.0437 6848 HpCISSs - ok
15:14:45.0480 6848 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:14:45.0481 6848 HTCAND32 - ok
15:14:45.0523 6848 htcnprot (52395a94c127c0266d1c0f3cce8a4345) C:\Windows\system32\DRIVERS\htcnprot.sys
15:14:45.0524 6848 htcnprot - ok
15:14:45.0573 6848 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:14:45.0577 6848 HTTP - ok
15:14:45.0601 6848 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
15:14:45.0602 6848 i2omp - ok
15:14:45.0632 6848 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:14:45.0634 6848 i8042prt - ok
15:14:45.0670 6848 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
15:14:45.0673 6848 iaStorV - ok
15:14:45.0772 6848 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:14:45.0773 6848 IDriverT - ok
15:14:45.0872 6848 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:14:45.0882 6848 idsvc - ok
15:14:45.0906 6848 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:14:45.0907 6848 iirsp - ok
15:14:45.0960 6848 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:14:45.0967 6848 IKEEXT - ok
15:14:46.0000 6848 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:14:46.0001 6848 intelide - ok
15:14:46.0030 6848 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:14:46.0031 6848 intelppm - ok
15:14:46.0078 6848 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:14:46.0081 6848 IPBusEnum - ok
15:14:46.0111 6848 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:14:46.0112 6848 IpFilterDriver - ok
15:14:46.0159 6848 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
15:14:46.0163 6848 iphlpsvc - ok
15:14:46.0172 6848 IpInIp - ok
15:14:46.0215 6848 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
15:14:46.0217 6848 IPMIDRV - ok
15:14:46.0247 6848 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:14:46.0249 6848 IPNAT - ok
15:14:46.0365 6848 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
15:14:46.0374 6848 iPod Service - ok
15:14:46.0390 6848 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:14:46.0390 6848 IRENUM - ok
15:14:46.0411 6848 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
15:14:46.0412 6848 isapnp - ok
15:14:46.0461 6848 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:14:46.0463 6848 iScsiPrt - ok
15:14:46.0494 6848 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:14:46.0495 6848 iteatapi - ok
15:14:46.0515 6848 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:14:46.0516 6848 iteraid - ok
15:14:46.0540 6848 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:14:46.0541 6848 kbdclass - ok
15:14:46.0566 6848 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:14:46.0567 6848 kbdhid - ok
15:14:46.0594 6848 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:14:46.0597 6848 KeyIso - ok
15:14:46.0641 6848 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:14:46.0646 6848 KSecDD - ok
15:14:46.0689 6848 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:14:46.0695 6848 KtmRm - ok
15:14:46.0726 6848 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
15:14:46.0731 6848 LanmanServer - ok
15:14:46.0762 6848 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:14:46.0768 6848 LanmanWorkstation - ok
15:14:46.0791 6848 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:14:46.0793 6848 lltdio - ok
15:14:46.0829 6848 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:14:46.0833 6848 lltdsvc - ok
15:14:46.0859 6848 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:14:46.0861 6848 lmhosts - ok
15:14:46.0881 6848 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
15:14:46.0882 6848 LSI_FC - ok
15:14:46.0893 6848 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
15:14:46.0895 6848 LSI_SAS - ok
15:14:46.0915 6848 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
15:14:46.0917 6848 LSI_SCSI - ok
15:14:46.0936 6848 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:14:46.0937 6848 luafv - ok
15:14:46.0979 6848 LVRS (ed643e777ba3f7151ef3f0fb6be4f7f0) C:\Windows\system32\DRIVERS\lvrs.sys
15:14:46.0981 6848 LVRS - ok
15:14:47.0156 6848 LVUVC (5bc80451109a8dd7f2ddd35bce2929a3) C:\Windows\system32\DRIVERS\lvuvc.sys
15:14:47.0198 6848 LVUVC - ok
15:14:47.0346 6848 lxdnCATSCustConnectService (6ec65465744c0b9495aea4d51947db49) C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe
15:14:47.0349 6848 lxdnCATSCustConnectService - ok
15:14:47.0355 6848 lxdn_device - ok
15:14:47.0398 6848 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
15:14:47.0399 6848 MBAMProtector - ok
15:14:47.0438 6848 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:14:47.0446 6848 MBAMService - ok
15:14:47.0476 6848 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
15:14:47.0477 6848 MBAMSwissArmy - ok
15:14:47.0515 6848 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:14:47.0518 6848 Mcx2Svc - ok
15:14:47.0561 6848 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
15:14:47.0562 6848 megasas - ok
15:14:47.0602 6848 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
15:14:47.0606 6848 MegaSR - ok
15:14:47.0639 6848 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:14:47.0642 6848 MMCSS - ok
15:14:47.0647 6848 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:14:47.0648 6848 Modem - ok
15:14:47.0668 6848 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:14:47.0669 6848 monitor - ok
15:14:47.0682 6848 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:14:47.0683 6848 mouclass - ok
15:14:47.0701 6848 moufiltr (9b5d39ed7659ba9b38b64df2a83f1768) C:\Windows\system32\DRIVERS\moufiltr.sys
15:14:47.0702 6848 moufiltr - ok
15:14:47.0708 6848 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:14:47.0709 6848 mouhid - ok
15:14:47.0721 6848 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:14:47.0722 6848 MountMgr - ok
15:14:47.0772 6848 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:14:47.0773 6848 MozillaMaintenance - ok
15:14:47.0815 6848 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
15:14:47.0818 6848 MpFilter - ok
15:14:47.0850 6848 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
15:14:47.0852 6848 mpio - ok
15:14:47.0931 6848 MpKslf1f6d9d0 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{08CB1A3D-07AF-4DD2-99E2-220C13762E7C}\MpKslf1f6d9d0.sys
15:14:47.0932 6848 MpKslf1f6d9d0 - ok
15:14:47.0944 6848 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:14:47.0945 6848 mpsdrv - ok
15:14:47.0993 6848 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
15:14:48.0000 6848 MpsSvc - ok
15:14:48.0025 6848 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:14:48.0026 6848 Mraid35x - ok
15:14:48.0045 6848 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:14:48.0047 6848 MRxDAV - ok
15:14:48.0080 6848 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:14:48.0082 6848 mrxsmb - ok
15:14:48.0124 6848 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:14:48.0127 6848 mrxsmb10 - ok
15:14:48.0142 6848 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:14:48.0143 6848 mrxsmb20 - ok
15:14:48.0168 6848 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
15:14:48.0169 6848 msahci - ok
15:14:48.0188 6848 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
15:14:48.0190 6848 msdsm - ok
15:14:48.0243 6848 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:14:48.0247 6848 MSDTC - ok
15:14:48.0281 6848 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:14:48.0282 6848 Msfs - ok
15:14:48.0288 6848 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:14:48.0291 6848 msisadrv - ok
15:14:48.0328 6848 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:14:48.0331 6848 MSiSCSI - ok
15:14:48.0345 6848 msiserver - ok
15:14:48.0372 6848 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:14:48.0373 6848 MSKSSRV - ok
15:14:48.0448 6848 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:14:48.0449 6848 MsMpSvc - ok
15:14:48.0475 6848 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:14:48.0475 6848 MSPCLOCK - ok
15:14:48.0494 6848 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:14:48.0494 6848 MSPQM - ok
15:14:48.0532 6848 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:14:48.0535 6848 MsRPC - ok
15:14:48.0562 6848 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:14:48.0563 6848 mssmbios - ok
15:14:48.0571 6848 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:14:48.0572 6848 MSTEE - ok
15:14:48.0585 6848 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:14:48.0586 6848 Mup - ok
15:14:48.0607 6848 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:14:48.0614 6848 napagent - ok
15:14:48.0647 6848 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:14:48.0649 6848 NativeWifiP - ok
15:14:48.0692 6848 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:14:48.0698 6848 NDIS - ok
15:14:48.0739 6848 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:14:48.0740 6848 NdisTapi - ok
15:14:48.0752 6848 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:14:48.0753 6848 Ndisuio - ok
15:14:48.0775 6848 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:14:48.0777 6848 NdisWan - ok
15:14:48.0791 6848 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:14:48.0792 6848 NDProxy - ok
15:14:48.0806 6848 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:14:48.0807 6848 NetBIOS - ok
15:14:48.0843 6848 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:14:48.0845 6848 netbt - ok
15:14:48.0877 6848 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:14:48.0879 6848 Netlogon - ok
15:14:48.0913 6848 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:14:48.0919 6848 Netman - ok
15:14:48.0937 6848 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:14:48.0939 6848 netprofm - ok
15:14:48.0986 6848 netr73 (847b64e9069946556bcfcdce638566d8) C:\Windows\system32\DRIVERS\netr73.sys
15:14:48.0992 6848 netr73 - ok
15:14:49.0061 6848 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:14:49.0062 6848 NetTcpPortSharing - ok
15:14:49.0114 6848 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:14:49.0115 6848 nfrd960 - ok
15:14:49.0215 6848 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:14:49.0217 6848 NisDrv - ok
15:14:49.0323 6848 NisSrv (290c0d4c4889398797f8df3be00b9698) C:\Program Files\Microsoft Security Client\NisSrv.exe
15:14:49.0327 6848 NisSrv - ok
15:14:49.0407 6848 NitroReaderDriverReadSpool2 (ab0d77bb398b176bf3941ab95457c24f) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
15:14:49.0410 6848 NitroReaderDriverReadSpool2 - ok
15:14:49.0438 6848 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:14:49.0443 6848 NlaSvc - ok
15:14:49.0474 6848 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:14:49.0475 6848 Npfs - ok
15:14:49.0492 6848 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:14:49.0495 6848 nsi - ok
15:14:49.0528 6848 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:14:49.0528 6848 nsiproxy - ok
15:14:49.0593 6848 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:14:49.0604 6848 Ntfs - ok
15:14:49.0635 6848 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:14:49.0636 6848 ntrigdigi - ok
15:14:49.0650 6848 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:14:49.0651 6848 Null - ok
15:14:49.0657 6848 Nullorvue - ok
15:14:49.0690 6848 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
15:14:49.0692 6848 nvraid - ok
15:14:49.0707 6848 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
15:14:49.0708 6848 nvstor - ok
15:14:49.0729 6848 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
15:14:49.0731 6848 nv_agp - ok
15:14:49.0740 6848 NwlnkFlt - ok
15:14:49.0752 6848 NwlnkFwd - ok
15:14:49.0875 6848 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:14:49.0881 6848 odserv - ok
15:14:49.0909 6848 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:14:49.0911 6848 ohci1394 - ok
15:14:49.0937 6848 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:14:49.0939 6848 ose - ok
15:14:49.0992 6848 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:14:50.0002 6848 p2pimsvc - ok
15:14:50.0017 6848 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:14:50.0026 6848 p2psvc - ok
15:14:50.0058 6848 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:14:50.0059 6848 Parport - ok
15:14:50.0106 6848 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:14:50.0107 6848 partmgr - ok
15:14:50.0118 6848 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:14:50.0119 6848 Parvdm - ok
15:14:50.0183 6848 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
15:14:50.0184 6848 PassThru Service - ok
15:14:50.0204 6848 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:14:50.0207 6848 PcaSvc - ok
15:14:50.0241 6848 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
15:14:50.0242 6848 pccsmcfd - ok
15:14:50.0278 6848 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:14:50.0280 6848 pci - ok
15:14:50.0300 6848 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
15:14:50.0301 6848 pciide - ok
15:14:50.0323 6848 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:14:50.0325 6848 pcmcia - ok
15:14:50.0365 6848 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:14:50.0371 6848 PEAUTH - ok
15:14:50.0423 6848 pfc (444f122e68db44c0589227781f3c8b3f) C:\Windows\system32\drivers\pfc.sys
15:14:50.0424 6848 pfc - ok
15:14:50.0500 6848 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:14:50.0510 6848 pla - ok
15:14:50.0628 6848 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:14:50.0634 6848 PlugPlay - ok
15:14:50.0666 6848 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:14:50.0675 6848 PNRPAutoReg - ok
15:14:50.0690 6848 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:14:50.0700 6848 PNRPsvc - ok
15:14:50.0741 6848 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:14:50.0747 6848 PolicyAgent - ok
15:14:50.0792 6848 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:14:50.0794 6848 PptpMiniport - ok
15:14:50.0800 6848 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
15:14:50.0801 6848 Processor - ok
15:14:50.0820 6848 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:14:50.0824 6848 ProfSvc - ok
15:14:50.0849 6848 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:14:50.0852 6848 ProtectedStorage - ok
15:14:50.0881 6848 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:14:50.0881 6848 PSched - ok
15:14:50.0949 6848 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
15:14:50.0952 6848 PSI_SVC_2 - ok
15:14:50.0980 6848 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
15:14:50.0981 6848 PxHelp20 - ok
15:14:51.0058 6848 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
15:14:51.0071 6848 ql2300 - ok
15:14:51.0124 6848 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:14:51.0126 6848 ql40xx - ok
15:14:51.0165 6848 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:14:51.0171 6848 QWAVE - ok
15:14:51.0187 6848 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:14:51.0188 6848 QWAVEdrv - ok
15:14:51.0339 6848 R300 (7526ad10925d1aa9e4e6b0fb393b701f) C:\Windows\system32\DRIVERS\atikmdag.sys
15:14:51.0365 6848 R300 - ok
15:14:51.0452 6848 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
15:14:51.0454 6848 RapiMgr - ok
15:14:51.0518 6848 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:14:51.0519 6848 RasAcd - ok
15:14:51.0547 6848 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:14:51.0549 6848 RasAuto - ok
15:14:51.0566 6848 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:14:51.0567 6848 Rasl2tp - ok
15:14:51.0600 6848 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:14:51.0603 6848 RasMan - ok
15:14:51.0633 6848 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:14:51.0634 6848 RasPppoe - ok
15:14:51.0645 6848 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:14:51.0646 6848 RasSstp - ok
15:14:51.0659 6848 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:14:51.0660 6848 rdbss - ok
15:14:51.0666 6848 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:14:51.0666 6848 RDPCDD - ok
15:14:51.0687 6848 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
15:14:51.0688 6848 rdpdr - ok
15:14:51.0698 6848 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:14:51.0699 6848 RDPENCDD - ok
15:14:51.0758 6848 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
15:14:51.0759 6848 RDPWD - ok
15:14:51.0795 6848 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:14:51.0797 6848 RemoteAccess - ok
15:14:51.0895 6848 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:14:51.0898 6848 RemoteRegistry - ok
15:14:51.0916 6848 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:14:51.0919 6848 RpcLocator - ok
15:14:51.0972 6848 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:14:51.0981 6848 RpcSs - ok
15:14:52.0007 6848 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:14:52.0008 6848 rspndr - ok
15:14:52.0027 6848 RTL8169 (5163f804256deb8cf1ef64b780a18caa) C:\Windows\system32\DRIVERS\Rtlh86.sys
15:14:52.0029 6848 RTL8169 - ok
15:14:52.0064 6848 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:14:52.0066 6848 SamSs - ok
15:14:52.0122 6848 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:14:52.0122 6848 SASDIFSV - ok
15:14:52.0146 6848 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:14:52.0148 6848 SASKUTIL - ok
15:14:52.0172 6848 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:14:52.0174 6848 sbp2port - ok
15:14:52.0206 6848 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:14:52.0212 6848 SCardSvr - ok
15:14:52.0260 6848 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:14:52.0270 6848 Schedule - ok
15:14:52.0287 6848 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:14:52.0288 6848 SCPolicySvc - ok
15:14:52.0308 6848 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:14:52.0312 6848 SDRSVC - ok
15:14:52.0348 6848 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:14:52.0350 6848 secdrv - ok
15:14:52.0363 6848 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:14:52.0366 6848 seclogon - ok
15:14:52.0386 6848 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
15:14:52.0390 6848 SENS - ok
15:14:52.0422 6848 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:14:52.0423 6848 Serenum - ok
15:14:52.0449 6848 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:14:52.0451 6848 Serial - ok
15:14:52.0484 6848 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:14:52.0485 6848 sermouse - ok
15:14:52.0546 6848 ServiceLayer (58d5bfdf3adf49fe9cabd78cc61d92f6) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:14:52.0550 6848 ServiceLayer - ok
15:14:52.0601 6848 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:14:52.0605 6848 SessionEnv - ok
15:14:52.0630 6848 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
15:14:52.0631 6848 sffdisk - ok
15:14:52.0657 6848 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
15:14:52.0658 6848 sffp_mmc - ok
15:14:52.0676 6848 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
15:14:52.0677 6848 sffp_sd - ok
15:14:52.0723 6848 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
15:14:52.0724 6848 sfloppy - ok
15:14:52.0774 6848 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:14:52.0778 6848 SharedAccess - ok
15:14:52.0821 6848 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
15:14:52.0827 6848 ShellHWDetection - ok
15:14:52.0851 6848 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
15:14:52.0853 6848 sisagp - ok
15:14:52.0871 6848 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
15:14:52.0872 6848 SiSRaid2 - ok
15:14:52.0897 6848 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
15:14:52.0898 6848 SiSRaid4 - ok
15:14:52.0949 6848 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files\Skype\Updater\Updater.exe
15:14:52.0951 6848 SkypeUpdate - ok
15:14:53.0091 6848 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:14:53.0121 6848 slsvc - ok
15:14:53.0238 6848 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:14:53.0243 6848 SLUINotify - ok
15:14:53.0284 6848 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:14:53.0285 6848 Smb - ok
15:14:53.0318 6848 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:14:53.0322 6848 SNMPTRAP - ok
15:14:53.0352 6848 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:14:53.0353 6848 spldr - ok
15:14:53.0388 6848 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:14:53.0393 6848 Spooler - ok
15:14:53.0454 6848 sprtsvc_DellSupportCenter (777115c9cc675bd98127660712d2f784) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
15:14:53.0455 6848 sprtsvc_DellSupportCenter - ok
15:14:53.0488 6848 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:14:53.0492 6848 srv - ok
15:14:53.0510 6848 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:14:53.0512 6848 srv2 - ok
15:14:53.0524 6848 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:14:53.0526 6848 srvnet - ok
15:14:53.0562 6848 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:14:53.0564 6848 SSDPSRV - ok
15:14:53.0579 6848 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:14:53.0584 6848 SstpSvc - ok
15:14:53.0630 6848 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:14:53.0634 6848 stisvc - ok
15:14:53.0686 6848 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:14:53.0688 6848 stllssvr - ok
15:14:53.0709 6848 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:14:53.0710 6848 swenum - ok
15:14:53.0746 6848 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:14:53.0753 6848 swprv - ok
15:14:53.0772 6848 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:14:53.0773 6848 Symc8xx - ok
15:14:53.0805 6848 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:14:53.0806 6848 Sym_hi - ok
15:14:53.0823 6848 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:14:53.0824 6848 Sym_u3 - ok
15:14:53.0886 6848 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:14:53.0896 6848 SysMain - ok
15:14:53.0928 6848 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:14:53.0933 6848 TabletInputService - ok
15:14:53.0971 6848 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:14:53.0978 6848 TapiSrv - ok
15:14:53.0994 6848 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:14:54.0000 6848 TBS - ok
15:14:54.0071 6848 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
15:14:54.0082 6848 Tcpip - ok
15:14:54.0103 6848 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
15:14:54.0113 6848 Tcpip6 - ok
15:14:54.0130 6848 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
15:14:54.0131 6848 tcpipreg - ok
15:14:54.0156 6848 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:14:54.0157 6848 TDPIPE - ok
15:14:54.0178 6848 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:14:54.0178 6848 TDTCP - ok
15:14:54.0226 6848 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:14:54.0227 6848 tdx - ok
15:14:54.0257 6848 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:14:54.0258 6848 TermDD - ok
15:14:54.0376 6848 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:14:54.0380 6848 TermService - ok
15:14:54.0417 6848 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
15:14:54.0420 6848 Themes - ok
15:14:54.0449 6848 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:14:54.0451 6848 THREADORDER - ok
15:14:54.0478 6848 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:14:54.0483 6848 TrkWks - ok
15:14:54.0533 6848 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:14:54.0534 6848 TrustedInstaller - ok
15:14:54.0571 6848 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:14:54.0572 6848 tssecsrv - ok
15:14:54.0589 6848 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:14:54.0590 6848 tunmp - ok
15:14:54.0598 6848 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:14:54.0599 6848 tunnel - ok
15:14:54.0630 6848 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
15:14:54.0631 6848 uagp35 - ok
15:14:54.0669 6848 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:14:54.0672 6848 udfs - ok
15:14:54.0700 6848 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:14:54.0704 6848 UI0Detect - ok
15:14:54.0723 6848 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
15:14:54.0724 6848 uliagpkx - ok
15:14:54.0761 6848 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
15:14:54.0764 6848 uliahci - ok
15:14:54.0790 6848 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:14:54.0792 6848 UlSata - ok
15:14:54.0816 6848 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:14:54.0818 6848 ulsata2 - ok
15:14:54.0842 6848 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:14:54.0843 6848 umbus - ok
15:14:54.0951 6848 UMVPFSrv (67a95b9d129ed5399e7965cd09cf30e7) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
15:14:54.0957 6848 UMVPFSrv - ok
15:14:54.0996 6848 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:14:55.0003 6848 upnphost - ok
15:14:55.0039 6848 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
15:14:55.0041 6848 usbaudio - ok
15:14:55.0063 6848 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:14:55.0065 6848 usbccgp - ok
15:14:55.0095 6848 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:14:55.0097 6848 usbcir - ok
15:14:55.0130 6848 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:14:55.0132 6848 usbehci - ok
15:14:55.0154 6848 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:14:55.0157 6848 usbhub - ok
15:14:55.0182 6848 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
15:14:55.0183 6848 usbohci - ok
15:14:55.0219 6848 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:14:55.0220 6848 usbprint - ok
15:14:55.0251 6848 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:14:55.0252 6848 usbscan - ok
15:14:55.0286 6848 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:14:55.0287 6848 USBSTOR - ok
15:14:55.0309 6848 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:14:55.0310 6848 usbuhci - ok
15:14:55.0347 6848 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
15:14:55.0349 6848 usbvideo - ok
15:14:55.0384 6848 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
15:14:55.0385 6848 usb_rndisx - ok
15:14:55.0416 6848 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:14:55.0418 6848 UxSms - ok
15:14:55.0458 6848 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:14:55.0463 6848 vds - ok
15:14:55.0491 6848 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:14:55.0492 6848 vga - ok
15:14:55.0520 6848 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:14:55.0521 6848 VgaSave - ok
15:14:55.0551 6848 vhidmini (2ab44be1479fdb6d99d3ad0e765ac233) C:\Windows\system32\DRIVERS\walvhid.sys
15:14:55.0551 6848 vhidmini - ok
15:14:55.0574 6848 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
15:14:55.0575 6848 viaagp - ok
15:14:55.0603 6848 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
15:14:55.0604 6848 ViaC7 - ok
15:14:55.0664 6848 VIAHdAudAddService (9891a8f16931c30c72d0816306dd8185) C:\Windows\system32\drivers\viahduaa.sys
15:14:55.0675 6848 VIAHdAudAddService - ok
15:14:55.0695 6848 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
15:14:55.0696 6848 viaide - ok
15:14:55.0704 6848 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:14:55.0705 6848 volmgr - ok
15:14:55.0740 6848 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:14:55.0743 6848 volmgrx - ok
15:14:55.0783 6848 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:14:55.0785 6848 volsnap - ok
15:14:55.0809 6848 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
15:14:55.0810 6848 vsmraid - ok
15:14:55.0879 6848 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:14:55.0894 6848 VSS - ok
15:14:55.0916 6848 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:14:55.0920 6848 W32Time - ok
15:14:55.0961 6848 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:14:55.0962 6848 WacomPen - ok
15:14:56.0028 6848 wampapache (53ea061ecc67223a430f153c3682ad54) c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
15:14:56.0029 6848 wampapache - ok
15:14:56.0050 6848 wampmysqld - ok
15:14:56.0068 6848 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:14:56.0070 6848 Wanarp - ok
15:14:56.0082 6848 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:14:56.0084 6848 Wanarpv6 - ok
15:14:56.0146 6848 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
15:14:56.0150 6848 WcesComm - ok
15:14:56.0203 6848 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:14:56.0211 6848 wcncsvc - ok
15:14:56.0237 6848 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:14:56.0242 6848 WcsPlugInService - ok
15:14:56.0264 6848 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
15:14:56.0266 6848 Wd - ok
15:14:56.0305 6848 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:14:56.0311 6848 Wdf01000 - ok
15:14:56.0330 6848 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:14:56.0333 6848 WdiServiceHost - ok
15:14:56.0339 6848 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:14:56.0343 6848 WdiSystemHost - ok
15:14:56.0357 6848 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:14:56.0361 6848 WebClient - ok
15:14:56.0399 6848 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:14:56.0402 6848 Wecsvc - ok
15:14:56.0432 6848 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:14:56.0437 6848 wercplsupport - ok
15:14:56.0451 6848 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:14:56.0454 6848 WerSvc - ok
15:14:56.0532 6848 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
15:14:56.0534 6848 WinDefend - ok
15:14:56.0546 6848 WinHttpAutoProxySvc - ok
15:14:56.0583 6848 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:14:56.0584 6848 Winmgmt - ok
15:14:56.0642 6848 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:14:56.0651 6848 WinRM - ok
15:14:56.0697 6848 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:14:56.0702 6848 Wlansvc - ok
15:14:56.0741 6848 WmiAcpi (48ca581c12022ac60fe82e2b96fbf5d4) C:\Windows\system32\drivers\wmiacpi.sys
15:14:56.0742 6848 WmiAcpi - ok
15:14:56.0779 6848 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:14:56.0780 6848 wmiApSrv - ok
15:14:56.0885 6848 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:14:56.0895 6848 WMPNetworkSvc - ok
15:14:56.0917 6848 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:14:56.0923 6848 WPCSvc - ok
15:14:56.0959 6848 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:14:56.0963 6848 WPDBusEnum - ok
15:14:57.0010 6848 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:14:57.0011 6848 WpdUsb - ok
15:14:57.0131 6848 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:14:57.0141 6848 WPFFontCache_v0400 - ok
15:14:57.0165 6848 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:14:57.0166 6848 ws2ifsl - ok
15:14:57.0221 6848 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
15:14:57.0226 6848 wscsvc - ok
15:14:57.0232 6848 WSearch - ok
15:14:57.0345 6848 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:14:57.0365 6848 wuauserv - ok
15:14:57.0479 6848 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:14:57.0481 6848 WUDFRd - ok
15:14:57.0504 6848 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:14:57.0506 6848 wudfsvc - ok
15:14:57.0542 6848 XAMPP (16a004d355467e44d217dc4df62ec1e4) c:\xampp\service.exe
15:14:57.0543 6848 XAMPP - ok
15:14:57.0572 6848 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:14:57.0639 6848 \Device\Harddisk0\DR0 - ok
15:14:57.0646 6848 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk5\DR5
15:14:57.0654 6848 \Device\Harddisk5\DR5 - ok
15:14:57.0673 6848 Boot (0x1200) (68efe83cd99236e439c1ec34e2431507) \Device\Harddisk0\DR0\Partition0
15:14:57.0675 6848 \Device\Harddisk0\DR0\Partition0 - ok
15:14:57.0682 6848 Boot (0x1200) (19eae16e9ca1a2263661b3cfd003bb92) \Device\Harddisk0\DR0\Partition1
15:14:57.0684 6848 \Device\Harddisk0\DR0\Partition1 - ok
15:14:57.0693 6848 Boot (0x1200) (e2b12cb4be9c37f9d947399b574b9ab3) \Device\Harddisk5\DR5\Partition0
15:14:57.0698 6848 \Device\Harddisk5\DR5\Partition0 - ok
15:14:57.0704 6848 ============================================================
15:14:57.0704 6848 Scan finished
15:14:57.0704 6848 ============================================================
15:14:57.0725 4028 Detected object count: 0
15:14:57.0725 4028 Actual detected object count: 0

#12 novice39

novice39
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 04 May 2012 - 11:25 AM

HI Gringo
Still running aswMBR for 2 hours now - how long does it take? When it started it auto selected a quick scan and finished in less than 10 minutes but then automatically shut down and rebooted PC. Am now running after selecting full C:/ scan option.

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 04 May 2012 - 01:38 PM

go ahead and stop it and do a quick scan
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 novice39

novice39
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:53 AM

Posted 04 May 2012 - 04:08 PM

HI Gringo
Started the quick scan and it seems to be taking as long - 3 hrs now. I have no problem leaving it running over night if that is what is required?

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 04 May 2012 - 09:09 PM

let it run overnight if needed


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users