Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Programs Crash After Using ComboFix


  • This topic is locked This topic is locked
70 replies to this topic

#1 911zabuza

911zabuza

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 10 May 2012 - 07:10 PM

a friend downloaded codec-c on my computer and when i tried to remove it it would not uninstall when i looked it up on google it said that it was malware and that combofix would remove it. After using combofix some programs crash like internet explorer youtube downloader windows live messenger and other i unninstalled most of these programs and reinstalled them to no avail. so i unninstalled most of them again.

combo fix log is


ComboFix 12-05-06.03 - Falconi 05/06/2012 21:03:54.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2036.962 [GMT -4:00]
Running from: c:\users\Falconi\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ClickPotatoLite
c:\program files\ClickPotatoLite\bin\10.0.701.0\ClickPotatoLiteSACB.exe
c:\program files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
c:\program files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\chrome.manifest
c:\program files\Mozilla Firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}\defaults\preferences\prefs.js
c:\programdata\Codec-C
c:\programdata\Codec-C\bhoclass.dll
c:\programdata\Codec-C\content.js
c:\programdata\Codec-C\data\content.js
c:\programdata\Codec-C\data\jsondb.js
c:\programdata\Codec-C\settings.ini
c:\programdata\Codec-C\uninstall.exe
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\IsUn0413.exe
c:\windows\security\Database\tmp.edb
c:\windows\sysguard
c:\windows\sysguard\img\bg_fixed.jpg
c:\windows\sysguard\img\bg_licence.jpg
c:\windows\sysguard\img\bg_main.jpg
c:\windows\sysguard\img\bg_warning.jpg
c:\windows\sysguard\img\splash.jpg
c:\windows\sysguard\settings.ini
c:\windows\sysguard\sounds\1.mp3
c:\windows\sysguard\sounds\2.mp3
c:\windows\sysguard\sounds\3.mp3
c:\windows\sysguard\uninstall.exe
c:\windows\sysguard\warning\alertpage.jpg
c:\windows\sysguard\warning\spacer.gif
c:\windows\sysguard\warning\warnpage.html
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Boonty Games
.
.
((((((((((((((((((((((((( Files Created from 2012-04-07 to 2012-05-07 )))))))))))))))))))))))))))))))
.
.
2012-05-06 22:30 . 2012-04-13 07:36 6734704 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FF978E4E-2794-4C7F-BB4E-4DF1B0F916F8}\mpengine.dll
2012-05-06 18:09 . 2012-05-06 18:09 141399376 ----a-w- c:\program files\Common Files\Windows Live\(81).cache\wlc586E.tmp
2012-05-06 17:33 . 2012-05-06 19:38 -------- d-----w- c:\programdata\YTD YouTube Downloader & Converter
2012-05-06 17:33 . 2012-05-06 17:33 -------- d-----w- c:\program files\YTD YouTube Downloader & Converter
2012-05-06 08:36 . 2012-05-06 22:08 -------- d-----w- c:\users\Falconi\AppData\Local\temp(463)
2012-05-06 03:08 . 2012-05-06 06:08 -------- d-----w- c:\users\Falconi\AppData\Local\temp(281)
2012-05-05 04:43 . 2012-05-05 04:43 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-05-05 04:38 . 2012-05-05 13:33 -------- d-----w- c:\program files\Windows Live(204)
2012-05-05 04:37 . 2012-05-05 04:37 141399376 ----a-w- c:\program files\Common Files\Windows Live\(80).cache\wlc191E.tmp
2012-05-05 01:29 . 2012-05-05 01:52 -------- d-----w- c:\users\Falconi\AppData\Roaming\Dev-Cpp
2012-05-04 03:58 . 2012-05-04 03:58 -------- d-----w- c:\program files\YouTube Downloader Toolbar(205)
2012-05-04 03:58 . 2012-05-04 03:58 -------- d-----w- c:\program files\Common Files\Spigot(78)
2012-04-30 19:30 . 2012-04-13 07:36 6734704 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-17 03:12 . 2012-04-17 03:12 -------- d-----w- c:\program files\fbphotozoom
2012-04-17 03:09 . 2012-05-06 22:28 -------- d--h--w- c:\programdata\{F0297D39-7A45-442F-AFF5-271488E85934}
2012-04-17 02:41 . 2006-11-02 09:39 15821312 ----a-w- c:\windows\system32\imageres.dll
2012-04-12 19:29 . 2012-05-06 22:28 -------- d-----w- c:\windows\en
2012-04-12 19:28 . 2012-03-08 22:32 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-04-12 19:19 . 2012-04-12 19:19 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\3a8ae4a21cd18e103\MeshBetaRemover.exe
2012-04-12 19:19 . 2012-04-12 19:19 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\38c31cf21cd18e102\DSETUP.dll
2012-04-12 19:19 . 2012-04-12 19:19 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\38c31cf21cd18e102\DXSETUP.exe
2012-04-12 19:19 . 2012-04-12 19:19 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\38c31cf21cd18e102\dsetup32.dll
2012-04-11 21:27 . 2012-04-11 21:27 -------- d-----w- c:\users\Falconi\.dvdcss
2012-04-11 21:02 . 2012-04-11 21:02 -------- d-----w- c:\users\Falconi\AppData\Local\MPlayer
2012-04-11 20:59 . 2012-04-11 21:02 -------- d-----w- c:\programdata\PMS
2012-04-11 20:59 . 2012-04-11 21:01 -------- d-----w- c:\program files\PS3 Media Server
2012-04-11 04:17 . 2012-04-11 04:27 -------- d-----w- c:\windows\system32\NtmsData
2012-04-11 01:52 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 01:52 . 2012-02-29 15:11 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 01:52 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 01:52 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 01:48 . 2012-03-06 06:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 01:48 . 2012-03-06 06:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 01:17 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-04-09 01:26 . 2012-04-09 01:26 -------- d-----w- c:\program files\iPod
2012-04-09 01:26 . 2012-04-09 01:28 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-21 00:44 . 2012-03-21 00:44 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 00:44 . 2012-03-21 00:44 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-11 13:58 . 2012-03-10 16:38 112832 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-03-08 22:50 . 2012-03-08 22:50 49016 ----a-w- c:\windows\system32\sirenacm.dll
2012-03-08 22:37 . 2012-03-08 22:37 302448 ----a-w- c:\windows\WLXPGSS.SCR
2012-03-08 18:54 . 2010-05-08 15:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-04 01:40 . 2011-03-28 22:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-02-14 15:45 . 2012-03-13 17:25 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45 . 2012-03-13 17:25 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12 . 2012-03-13 17:25 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47 . 2012-03-13 17:25 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44 . 2012-03-13 17:25 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 18:35 . 2012-02-10 18:36 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5B269773-69CB-49CF-A17B-477A88F7347B}\gapaengine.dll
2012-02-07 15:02 . 2012-02-07 15:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
c:\progra~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll [BU]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3F4D6D35-8FB6-44B4-95B0-36469D4299DD}]
c:\programdata\Codec-C\bhoclass.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "c:\progra~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Falconi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Falconi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Falconi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ford mpeg road draw"="c:\programdata\drive site multi.e60eyo" [X]
"ares"="c:\program files\Ares\Ares.exe" [2010-10-27 1015808]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"ares vista"="c:\program files\Ares Vista\AresVista.exe" [BU]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2011-08-28 4992880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"Philips Device Listener"="c:\program files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" [2010-11-20 380416]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 17:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-05-21 15:15 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDog305]
2007-01-05 17:37 61440 ----a-w- c:\windows\vm305_sti.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HotSync"="c:\program files\PalmSource\Desktop\HotSync.exe" -AllUsers
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"NPSStartup"=
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Tango"=c:\program files\Tango\Tango.exe
"V0230Mon.exe"=c:\windows\V0230Mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3015805696-1494919734-731465133-1000]
"EnableNotificationsRef"=dword:00000001
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL498B15E9
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-08 02:13]
.
2012-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-08 02:13]
.
2012-04-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3015805696-1494919734-731465133-1000Core.job
- c:\users\Falconi\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-14 19:05]
.
2012-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3015805696-1494919734-731465133-1000UA.job
- c:\users\Falconi\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-14 19:05]
.
2012-05-01 c:\windows\Tasks\Norton Security Scan for Falconi.job
- c:\progra~1\NORTON~1\NORTON~1\Engine\351~1.6\Nss.exe [2011-07-27 11:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://googe.nl/
mSearch Bar = hxxp://www.tangosearch.com/?useie5=1&q=
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game07.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Falconi\AppData\Roaming\Mozilla\Firefox\Profiles\4h3d30tm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - msn.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF - Ext: QuestScan: {F0E1168A-B4B5-484C-B77E-0D28E6B64096} - c:\program files\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}
FF - Ext: Microsoft Choice Guard: ChoiceGuard@Microsoft - %profile%\extensions\ChoiceGuard@Microsoft
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: FBPhotoZoom: fbphotozoom@installdaddy.com - %profile%\extensions\fbphotozoom@installdaddy.com
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: incredibar.com: ffxtlbr@incredibar.com - %profile%\extensions\ffxtlbr@incredibar.com
FF - Ext: Codec-C: info@allpremiumplay.info - %profile%\extensions\info@allpremiumplay.info
FF - Ext: Music Genie Community Toolbar: {15383fb0-65a6-49a8-8036-2d33e7620f77} - %profile%\extensions\{15383fb0-65a6-49a8-8036-2d33e7620f77}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Norton Safe Web Lite Toolbar: {203FB6B2-2E1E-4474-863B-4C483ECCE78E} - c:\programdata\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.1.8\coFFNST
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: Codec-C: info@allpremiumplay.info - c:\users\Falconi\AppData\Roaming\Mozilla\Firefox\Profiles\4h3d30tm.default\extensions\info@allpremiumplay.info
FF - user.js: extensions.BabylonToolbar_i.id - 100332b3000000000000001d099aaf1f
FF - user.js: extensions.BabylonToolbar_i.hardId - 100332b3000000000000001d099aaf1f
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15402
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:01
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111249
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8nKdVrju&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 100332b3000000000000001d099aaf1f
FF - user.js: extensions.incredibar_i.instlDay - 15423
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:32
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6R8nKdVrju
FF - user.js: extensions.incredibar_i.upn2n - 92824066543741228
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10606
FF - user.js: extensions.incredibar_i.ppd - 81%5F3
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{15383fb0-65a6-49a8-8036-2d33e7620f77} - (no file)
Toolbar-10 - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{15383FB0-65A6-49A8-8036-2D33E7620F77} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NSL]
"ImagePath"="\"c:\program files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files\Norton Safe Web Lite\Engine\1.0.1.8\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5732)
c:\users\Falconi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Stardock\MyColors\VistaSrv.exe
c:\program files\Stardock\MyColors\WBVista.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CISVC.EXE
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\mqsvc.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\program files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\mqtgsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\windows\system32\msfeedssync.exe
.
**************************************************************************
.
Completion time: 2012-05-06 21:38:26 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-07 01:37
ComboFix2.txt 2012-05-06 16:51
ComboFix3.txt 2012-05-06 09:20
ComboFix4.txt 2012-05-06 08:36
ComboFix5.txt 2012-05-06 19:45
.
Pre-Run: 122,089,480,192 bytes free
Post-Run: 122,254,479,360 bytes free
.
- - End Of File - - 64713C1730543D9198C83008436D4BE8



After Seeing this i used CleanMyPC - Registry Cleaner on my computer to see if it would fix it but it did not.

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:58 AM

Posted 13 May 2012 - 12:00 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 13 May 2012 - 09:41 AM

thanks for helping but you did read that i already used a registry cleaner before i posted my problem

#4 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 13 May 2012 - 09:53 AM

DSS Checkup:

Results of screen317's Security Check version 0.99.32
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Biologie voor jou Leerlingen-cd-rom 2 Havo Vwo
Microsoft Security Essentials
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

CCleaner
CleanMyPC - Registry Cleaner
Java™ 6 Update 31
Java™ 6 Update 5
Java™ 6 Update 7
Java version out of date!
Adobe Flash Player 10.3.183.7 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (3.6.13) Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
``````````End of Log````````````

DSS text:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Falconi at 10:44:41 on 2012-05-13
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2036.878 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Stardock\MyColors\VistaSrv.exe
C:\Program Files\Stardock\MyColors\WBVista.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\CISVC.EXE
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Windows\System32\svchost.exe -k LPDService
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\mqsvc.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\mqtgsvc.exe
c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Ares\Ares.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Falconi\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Windows\system32\taskeng.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin\ClickClean.exe
C:\Users\Falconi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Falconi\Downloads\SecurityCheck.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Falconi\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\nircmdc.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uWindow Title = Internet Explorer, optimized for Bing and MSN
uStart Page = hxxp://search.babylon.com/?affID=112555&tt=100512_4_&babsrc=HP_ss&mntrId=100332b3000000000000001d099aaf1f
uSearch Bar =
mStart Page = hxxp://www.bigseekpro.com/solidyoutube/{C344036E-FFCF-4BB1-A2E7-6DF2871F2404}
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: Norton Safe Web Lite: {30ceeea2-3742-40e4-85dd-812bf1cbb83d} - c:\program files\norton safe web lite\engine\1.0.1.8\coIEPlg.dll
TB: Veoh Video Compass: {52836eb0-631a-47b1-94a6-61f9d9112dae} - c:\program files\veoh networks\veoh video compass\SearchRecsPlugin.dll
TB: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\toolbar\imeshdtxmltbpi.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Ford mpeg road draw] "c:\programdata\drive site multi.e60eyo"
uRun: [ares] "c:\program files\ares\Ares.exe" -h
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
uRun: [ares vista] "c:\program files\ares vista\AresVista.exe" -h
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download video on this page - c:\program files\tomabo\youtube video downloader\YVD_IE.dll/300
IE: Download video this links to - c:\program files\tomabo\youtube video downloader\YVD_IE.dll/301
IE: {3B6D08AA-FC34-4400-A751-ED25A651A9B5} - res://c:\program files\tomabo\youtube video downloader\YVD_IE.dll/300
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game07.zylom.com/activex/zylomgamesplayer.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{76CF2298-B69F-4B6B-A737-896E9B2E24C7} : DhcpNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\falconi\appdata\roaming\mozilla\firefox\profiles\4h3d30tm.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112555&tt=100512_4_&babsrc=HP_ss&mntrId=100332b3000000000000001d099aaf1f
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=112555&tt=100512_4_&babsrc=KW_ss&mntrId=100332b3000000000000001d099aaf1f&q=
FF - component: c:\programdata\norton\{92622aad-05e8-4459-b256-765ce1e929fb}\nst_1.0.1.8\coffnst\components\coFFNST.dll
FF - component: c:\users\falconi\appdata\roaming\mozilla\firefox\profiles\4h3d30tm.default\extensions\{15383fb0-65a6-49a8-8036-2d33e7620f77}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\falconi\appdata\roaming\mozilla\firefox\profiles\4h3d30tm.default\extensions\{15383fb0-65a6-49a8-8036-2d33e7620f77}\components\RadioWMPCoreGecko5.dll
FF - component: c:\users\falconi\appdata\roaming\mozilla\firefox\profiles\4h3d30tm.default\extensions\{15383fb0-65a6-49a8-8036-2d33e7620f77}\components\RadioWMPCoreGecko6.dll
FF - component: c:\users\falconi\appdata\roaming\mozilla\firefox\profiles\4h3d30tm.default\extensions\{15383fb0-65a6-49a8-8036-2d33e7620f77}\components\RadioWMPCoreGecko7.dll
FF - component: c:\users\falconi\appdata\roaming\mozilla\firefox\profiles\4h3d30tm.default\extensions\{15383fb0-65a6-49a8-8036-2d33e7620f77}\components\RadioWMPCoreGecko8.dll
FF - component: c:\users\falconi\appdata\roaming\mozilla\firefox\profiles\4h3d30tm.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\progra~1\palm\packag~1\NPInstal.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\sony\media go\npmediago.dll
FF - plugin: c:\program files\sony\playstation network downloader\nppsndl.dll
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\realarcade\npraclient.dll
FF - plugin: c:\users\falconi\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\falconi\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF - Ext: Microsoft Choice Guard: ChoiceGuard@Microsoft - %profile%\extensions\ChoiceGuard@Microsoft
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: FBPhotoZoom: fbphotozoom@installdaddy.com - %profile%\extensions\fbphotozoom@installdaddy.com
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: incredibar.com: ffxtlbr@incredibar.com - %profile%\extensions\ffxtlbr@incredibar.com
FF - Ext: Codec-C: info@allpremiumplay.info - %profile%\extensions\info@allpremiumplay.info
FF - Ext: Music Genie Community Toolbar: {15383fb0-65a6-49a8-8036-2d33e7620f77} - %profile%\extensions\{15383fb0-65a6-49a8-8036-2d33e7620f77}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Norton Safe Web Lite Toolbar: {203FB6B2-2E1E-4474-863B-4C483ECCE78E} - c:\programdata\norton\{92622aad-05e8-4459-b256-765ce1e929fb}\nst_1.0.1.8\coFFNST
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\DivXHTML5
FF - Ext: Codec-C: info@allpremiumplay.info - c:\users\falconi\appdata\roaming\mozilla\firefox\profiles\4h3d30tm.default\extensions\info@allpremiumplay.info
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8nKdVrju&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 100332b3000000000000001d099aaf1f
FF - user.js: extensions.incredibar_i.instlDay - 15423
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:32:04
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6R8nKdVrju
FF - user.js: extensions.incredibar_i.upn2n - 92824066543741228
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10606
FF - user.js: extensions.incredibar_i.ppd - 81%5F3
FF - user.js: extensions.BabylonToolbar_i.id - 100332b3000000000000001d099aaf1f
FF - user.js: extensions.BabylonToolbar_i.hardId - 100332b3000000000000001d099aaf1f
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15472
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1719:34:00
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112555&tt=100512_4_
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R1 MpKslcc6cd4ba;MpKslcc6cd4ba;c:\programdata\microsoft\microsoft antimalware\definition updates\{bccf60de-f882-4eef-a88b-37193cbe642f}\MpKslcc6cd4ba.sys [2012-5-13 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2006-10-10 5632]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2007-2-27 32256]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-4-23 785304]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-10-8 21504]
R2 iprip;RIP Listener;c:\windows\system32\svchost.exe -k ipripsvc [2008-10-8 21504]
R2 NSL;Norton Safe Web Lite;c:\program files\norton safe web lite\engine\1.0.1.8\ccSvcHst.exe [2010-6-24 126904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-7 135664]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-9-6 36608]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-7 135664]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-10-8 21504]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]
S3 V0230Vfx;V0230Vfx;c:\windows\system32\drivers\V0230Vfx.sys [2010-6-18 6272]
S3 V0230VID;Live! Cam Video IM Pro;c:\windows\system32\drivers\V0230VID.sys [2010-6-18 509760]
S3 vvftav;vvftav;c:\windows\system32\drivers\vvftav.sys [2008-6-23 474368]
S3 WMSvc;Web Management Service;c:\windows\system32\inetsrv\WMSvc.exe [2008-10-8 11264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 ZSMC0305;USB PC Camera VC305;c:\windows\system32\drivers\usbVM305.sys [2008-6-23 1466624]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-22 47128]
S4 RsFx0105;RsFx0105 Driver;c:\windows\system32\drivers\RsFx0105.sys [2011-9-22 238696]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2011-9-22 370024]
.
=============== Created Last 30 ================
.
2012-05-13 14:08:01 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{bccf60de-f882-4eef-a88b-37193cbe642f}\MpKslcc6cd4ba.sys
2012-05-13 00:21:18 6734704 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{bccf60de-f882-4eef-a88b-37193cbe642f}\mpengine.dll
2012-05-12 23:33:06 -------- d-----w- c:\users\falconi\appdata\roaming\YourFileDownloader
2012-05-12 23:33:06 -------- d-----w- c:\program files\YourFileDownloader
2012-05-12 23:23:34 -------- d-----w- c:\users\falconi\appdata\roaming\Tomabo
2012-05-12 23:23:33 -------- d-----w- c:\program files\Tomabo
2012-05-12 22:54:25 42960 ----a-w- c:\windows\system32\drivers\sqldtbqs.sys
2012-05-12 22:22:23 -------- d-----w- c:\program files\Windows Live SkyDrive
2012-05-12 22:20:58 74520 ----a-w- c:\program files\common files\windows live\.cache\814f7dc61cd308d\DSETUP.dll
2012-05-12 22:20:58 484632 ----a-w- c:\program files\common files\windows live\.cache\814f7dc61cd308d\DXSETUP.exe
2012-05-12 22:20:58 1670936 ----a-w- c:\program files\common files\windows live\.cache\814f7dc61cd308d\dsetup32.dll
2012-05-12 22:20:07 141399376 ----a-w- c:\program files\common files\windows live\.cache\wlc7EB0.tmp
2012-05-12 21:25:37 15712 ----a-w- c:\program files\common files\windows live\.cache\c5909c661cd308507\MeshBetaRemover.exe
2012-05-12 21:25:33 89944 ----a-w- c:\program files\common files\windows live\.cache\c2a0a8661cd308506\DSETUP.dll
2012-05-12 21:25:33 537432 ----a-w- c:\program files\common files\windows live\.cache\c2a0a8661cd308506\DXSETUP.exe
2012-05-12 21:25:33 1801048 ----a-w- c:\program files\common files\windows live\.cache\c2a0a8661cd308506\dsetup32.dll
2012-05-12 21:25:27 94040 ----a-w- c:\program files\common files\windows live\.cache\be3140561cd308505\DSETUP.dll
2012-05-12 21:25:27 525656 ----a-w- c:\program files\common files\windows live\.cache\be3140561cd308505\DXSETUP.exe
2012-05-12 21:25:27 1691480 ----a-w- c:\program files\common files\windows live\.cache\be3140561cd308505\dsetup32.dll
2012-05-12 17:45:53 6734704 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-05-11 02:36:00 307200 ----a-w- c:\program files\internet explorer\iediagcmd.exe
2012-05-11 02:36:00 161792 ----a-w- c:\windows\system32\msls31.dll
2012-05-11 02:36:00 107008 ----a-w- c:\program files\internet explorer\iecleanup.exe
2012-05-11 02:27:23 6144 ----a-w- c:\program files\internet explorer\iecompat.dll
2012-05-10 22:51:18 -------- d-----w- c:\users\falconi\appdata\roaming\Malwarebytes
2012-05-10 22:50:54 -------- d-----w- c:\programdata\Malwarebytes
2012-05-10 22:50:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-10 03:01:55 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 03:01:54 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-10 03:01:54 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 23:59:09 -------- d-----w- c:\users\falconi\appdata\roaming\CleanMyPC Software
2012-05-09 23:58:22 -------- d-----w- c:\program files\CleanMyPC
2012-05-09 21:34:31 -------- d-----w- c:\program files\Registry Clean Expert
2012-05-09 00:18:06 141399376 ----a-w- c:\program files\common files\windows live\.cache\wlc99D1.tmp
2012-05-09 00:08:52 -------- d-----w- c:\program files\Application Updater
2012-05-07 19:37:14 -------- d-----w- c:\programdata\AVS4YOU
2012-05-07 19:37:07 -------- d-----w- c:\users\falconi\appdata\roaming\AVS4YOU
2012-05-07 19:30:34 -------- d-----w- c:\users\falconi\appdata\roaming\NCH Software
2012-05-07 19:22:18 -------- d-----w- c:\users\falconi\appdata\roaming\spotmau
2012-05-07 19:21:49 -------- d-----w- c:\program files\Advanced Fix 2012
2012-05-07 19:20:59 -------- d-----w- c:\programdata\TuneUp360
2012-05-07 19:20:36 -------- d-----w- c:\program files\Wondershare
2012-05-07 02:56:17 -------- d-----w- c:\users\falconi\appdata\roaming\DriverCure
2012-05-07 02:56:14 -------- d-----w- c:\users\falconi\appdata\roaming\ParetoLogic
2012-05-07 02:55:20 -------- d-----w- c:\programdata\ParetoLogic
2012-05-07 02:55:00 -------- d-----w- c:\program files\Registry Easy
2012-05-07 02:37:28 -------- d-----w- c:\program files\PC Tools(1)
2012-05-07 02:22:31 0 ----a-w- c:\windows\system32\drivers\is-QT6UH.tmp
2012-05-07 02:22:26 162584 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2012-05-07 02:22:15 203088 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-05-07 02:22:07 -------- d-----w- c:\program files\common files\PC Tools
2012-05-07 02:21:59 -------- d-----w- c:\program files\PC Tools
2012-05-07 02:21:30 -------- d-----w- c:\users\falconi\appdata\roaming\PCPro
2012-05-07 02:21:30 -------- d-----w- c:\users\falconi\appdata\roaming\PC Cleaners
2012-05-07 02:20:44 -------- d-----w- c:\programdata\PC Tools
2012-05-07 02:20:39 -------- d-----w- c:\users\falconi\appdata\roaming\TestApp
2012-05-07 02:20:30 5276432 ----a-w- c:\windows\uninst.exe
2012-05-07 02:20:20 -------- d-----w- c:\programdata\PC1Data
2012-05-07 01:29:22 -------- d-sh--w- C:\$RECYCLE.BIN
2012-05-07 00:59:03 98816 ----a-w- c:\windows\sed.exe
2012-05-07 00:59:03 518144 ----a-w- c:\windows\SWREG.exe
2012-05-07 00:59:03 256000 ----a-w- c:\windows\PEV.exe
2012-05-07 00:59:03 208896 ----a-w- c:\windows\MBR.exe
2012-05-07 00:58:53 -------- d-----w- C:\ComboFix
2012-05-06 22:40:49 -------- d-----w- c:\users\falconi\appdata\local\{1468A37D-6BF6-4881-91CC-2CFEC345737A}
2012-05-06 22:40:35 -------- d-----w- c:\users\falconi\appdata\local\{4F112094-F8C5-4C1D-A0A7-806FE0500ADF}
2012-05-06 18:09:30 141399376 ----a-w- c:\program files\common files\windows live\(81).cache\wlc586E.tmp
2012-05-06 08:36:51 -------- d-----w- c:\users\falconi\appdata\local\temp(463)
2012-05-06 06:41:40 -------- d-----w- c:\users\falconi\appdata\local\{86D89D60-CA63-4BF2-9490-8797C056F9A6}
2012-05-06 06:41:14 -------- d-----w- c:\users\falconi\appdata\local\{FE1185B0-0932-4418-ABB8-8039FD90E465}
2012-05-06 05:26:01 -------- d--h--w- c:\programdata\{F0297D39-7A45-442F-AFF5-271488E85934}(253)
2012-05-06 03:08:48 -------- d-----w- c:\users\falconi\appdata\local\temp(281)
2012-05-05 04:37:40 141399376 ----a-w- c:\program files\common files\windows live\(80).cache\wlc191E.tmp
2012-05-05 04:11:31 -------- d-----w- c:\users\falconi\appdata\local\{92C4EC00-6020-4E33-9051-94C04F46F2A3}
2012-05-05 01:29:21 -------- d-----w- c:\users\falconi\appdata\roaming\Dev-Cpp
2012-05-05 00:57:56 -------- d-----w- c:\users\falconi\appdata\local\{F01305BA-F00B-4F46-9324-C2E4E27C8013}
2012-05-04 03:58:46 -------- d-----w- c:\program files\common files\Spigot(78)
2012-05-03 16:10:35 -------- d-----w- c:\users\falconi\appdata\local\{A7B73C1D-5FEA-4B58-BB1F-57D6C26770BE}
2012-05-03 16:10:22 -------- d-----w- c:\users\falconi\appdata\local\{0BB884E4-3DFF-4419-9D72-5E8B95C1A210}
2012-05-01 21:36:09 -------- d-----w- c:\users\falconi\appdata\local\{EF592C64-0635-48AC-997E-E1D67EFD5E58}
2012-05-01 21:35:58 -------- d-----w- c:\users\falconi\appdata\local\{E9FEF136-83C4-470F-817E-55DA11900684}
2012-05-01 05:17:38 -------- d-----w- c:\users\falconi\appdata\local\{A3BCCBFF-2504-4993-AE73-82C417385AB9}
2012-05-01 05:17:27 -------- d-----w- c:\users\falconi\appdata\local\{7512F152-D318-486D-ADC7-AF449B749A6F}
2012-04-30 13:31:42 -------- d-----w- c:\users\falconi\appdata\local\{CFDC2282-3E81-43FE-B06F-AAAB58AE256F}
2012-04-30 13:31:28 -------- d-----w- c:\users\falconi\appdata\local\{7940CF2E-A720-45BE-84E1-1B76918EAC10}
2012-04-30 01:30:50 -------- d-----w- c:\users\falconi\appdata\local\{987C465D-BBDA-4723-9E18-7A7152652ED0}
2012-04-30 01:30:38 -------- d-----w- c:\users\falconi\appdata\local\{797563BF-4FF1-41AA-BB66-58FAD6E89D3E}
2012-04-29 13:30:02 -------- d-----w- c:\users\falconi\appdata\local\{F4472C25-E0C4-4250-AC91-12DFC0E89D15}
2012-04-29 13:29:37 -------- d-----w- c:\users\falconi\appdata\local\{0231AF88-A425-4353-8E5E-DAC3CF339F6C}
2012-04-28 21:19:49 -------- d-----w- c:\users\falconi\appdata\local\{AAFC757C-347C-4504-898A-FF8E1DCABB7C}
2012-04-28 21:19:37 -------- d-----w- c:\users\falconi\appdata\local\{7C9F8131-7FFA-44A1-B60A-F409E1F3F293}
2012-04-28 06:41:42 -------- d-----w- c:\users\falconi\appdata\local\{41D30FEA-B0D9-4E13-9955-45551DF6C4C0}
2012-04-28 06:41:31 -------- d-----w- c:\users\falconi\appdata\local\{B0275597-C7C8-496D-A382-B76A397A26BC}
2012-04-27 18:40:34 -------- d-----w- c:\users\falconi\appdata\local\{99BC147D-3566-4A8A-8C8A-C4564CCE1A29}
2012-04-27 18:40:19 -------- d-----w- c:\users\falconi\appdata\local\{EF6CC426-9AA9-413B-8945-F2563D2242B9}
2012-04-27 02:02:02 -------- d-----w- c:\users\falconi\appdata\local\{B288A940-E08C-4ECF-B0D2-7CBBF006B0A5}
2012-04-27 02:01:47 -------- d-----w- c:\users\falconi\appdata\local\{24F7C5CB-8F74-4DD8-9A36-0309154743FE}
2012-04-26 14:01:18 -------- d-----w- c:\users\falconi\appdata\local\{9F129F63-65F0-4151-B1DE-30EFC621139F}
2012-04-26 14:01:05 -------- d-----w- c:\users\falconi\appdata\local\{F007B604-FF25-4825-9224-36E48B373CB7}
2012-04-26 00:07:09 -------- d-----w- c:\users\falconi\appdata\local\{C761BA1D-5F9E-4917-8E41-F1206A341F95}
2012-04-26 00:06:58 -------- d-----w- c:\users\falconi\appdata\local\{21F7E539-458C-4A1F-8CEA-6D1F0778BECC}
2012-04-25 12:06:21 -------- d-----w- c:\users\falconi\appdata\local\{ACEAC6C3-7C89-495F-8D7D-D863EEE2C1B8}
2012-04-25 12:06:07 -------- d-----w- c:\users\falconi\appdata\local\{7E9C369F-6AA6-49F9-8257-04CF67981792}
2012-04-24 12:47:59 -------- d-----w- c:\users\falconi\appdata\local\{6A094B45-E6C1-4340-91FF-EE3CD319B16B}
2012-04-24 12:47:46 -------- d-----w- c:\users\falconi\appdata\local\{8AF5E2DD-15C2-4575-A449-78020227B76B}
2012-04-23 17:56:19 -------- d-----w- c:\users\falconi\appdata\local\{A6F88A23-92F3-4E59-BA29-780B2629E511}
2012-04-23 17:56:06 -------- d-----w- c:\users\falconi\appdata\local\{0EBEE118-6C0A-4F6C-A1AE-4B1DD5A38CFB}
2012-04-23 00:13:33 -------- d-----w- c:\users\falconi\appdata\local\{C9D85C7C-0A49-4EB5-8CDB-83F4ABB17B83}
2012-04-22 12:12:47 -------- d-----w- c:\users\falconi\appdata\local\{08EBFB89-EB44-4A34-9C0C-022B18B8017D}
2012-04-22 12:12:18 -------- d-----w- c:\users\falconi\appdata\local\{F9242543-5022-4669-8E42-F8582B0CB6BB}
2012-04-21 20:14:54 -------- d-----w- c:\users\falconi\appdata\local\{333E5B90-E5E4-4A5E-A774-1FC3C1B5154B}
2012-04-21 20:14:09 -------- d-----w- c:\users\falconi\appdata\local\{74F2DB7F-5322-4809-BADA-3A4D6AAA3F1E}
2012-04-21 08:04:17 -------- d-----w- c:\users\falconi\appdata\local\{975097E9-6383-4CC7-BF6E-9674A3CC0C3C}
2012-04-21 08:04:02 -------- d-----w- c:\users\falconi\appdata\local\{6BA837D1-D795-4390-9754-75544146D000}
2012-04-20 20:03:27 -------- d-----w- c:\users\falconi\appdata\local\{D4B2B3F9-90FE-46B3-A00B-FC349F619A24}
2012-04-20 20:03:17 -------- d-----w- c:\users\falconi\appdata\local\{9C35A098-344F-489F-B15B-A945DC979340}
2012-04-20 06:47:15 -------- d-----w- c:\users\falconi\appdata\local\{4C1496E5-BE35-41DB-9473-6342D648D226}
2012-04-20 06:46:58 -------- d-----w- c:\users\falconi\appdata\local\{5F654D81-786B-4A8E-A5E4-40100E325FCC}
2012-04-19 18:46:25 -------- d-----w- c:\users\falconi\appdata\local\{32B34E71-06D5-4DCD-9FE4-87686EE01C44}
2012-04-19 18:46:14 -------- d-----w- c:\users\falconi\appdata\local\{92CF7CEE-132B-4292-854A-E8388117B039}
2012-04-19 05:45:01 -------- d-----w- c:\users\falconi\appdata\local\{6239C030-9760-485A-8869-03B4029CAD91}
2012-04-19 05:44:44 -------- d-----w- c:\users\falconi\appdata\local\{8AC692CE-9ECD-4E04-9A80-D452F03675B3}
2012-04-18 16:17:45 -------- d-----w- c:\users\falconi\appdata\local\{B6A9E99A-DAA6-47AD-946D-4620D4A37D2C}
2012-04-18 16:17:32 -------- d-----w- c:\users\falconi\appdata\local\{203BD048-4C1E-49C1-B201-2078CA8CDFED}
2012-04-18 04:17:04 -------- d-----w- c:\users\falconi\appdata\local\{BB4D7BE8-3143-4C90-8F89-A9D98A078AB9}
2012-04-18 04:16:53 -------- d-----w- c:\users\falconi\appdata\local\{E7DC033A-7A72-4169-8B51-F9B958B71482}
2012-04-17 16:16:26 -------- d-----w- c:\users\falconi\appdata\local\{9DA9F149-A133-473D-9049-BFB43EED8D3C}
2012-04-17 16:16:15 -------- d-----w- c:\users\falconi\appdata\local\{DB0067BC-A177-4ADA-AE26-BD4BD5483D89}
2012-04-17 03:12:23 -------- d-----w- c:\program files\fbphotozoom
2012-04-17 03:09:28 -------- d--h--w- c:\programdata\{F0297D39-7A45-442F-AFF5-271488E85934}
2012-04-17 02:41:12 15821312 ----a-w- c:\windows\system32\imageres.dll
2012-04-17 02:36:37 -------- d-----w- c:\users\falconi\appdata\local\{3C96B1AA-7ACE-44B7-9DF6-4CA38204DCEB}
2012-04-17 02:36:24 -------- d-----w- c:\users\falconi\appdata\local\{4B114F64-BBE6-433A-A733-831AF6A7F663}
2012-04-16 04:34:08 -------- d-----w- c:\users\falconi\appdata\local\{C793E235-B4C0-4010-A2DC-9784A30F1CF0}
2012-04-16 04:33:55 -------- d-----w- c:\users\falconi\appdata\local\{FB5ACF02-FE95-499C-84D2-CC664D7C1B32}
2012-04-15 12:20:13 -------- d-----w- c:\users\falconi\appdata\local\{99ADF6F9-D3F0-428D-A749-A5C921B0DD59}
2012-04-15 12:20:01 -------- d-----w- c:\users\falconi\appdata\local\{BF92FDDB-9D42-4AA7-9B2F-4F920F859A1A}
2012-04-14 18:13:30 -------- d-----w- c:\users\falconi\appdata\local\{3B80DD2A-5E68-4169-B5E2-B4A6ACC035DD}
2012-04-14 18:13:18 -------- d-----w- c:\users\falconi\appdata\local\{1D7F45A1-555B-4631-A21F-333C9F88D52C}
2012-04-14 04:44:00 -------- d-----w- c:\users\falconi\appdata\local\{94C3F1DC-CEB5-4DEA-B76B-A6FB841583C5}
2012-04-14 04:43:48 -------- d-----w- c:\users\falconi\appdata\local\{66F6F19B-E9AC-4E1E-BDC9-7F32D7BDBF23}
2012-04-13 15:48:08 -------- d-----w- c:\users\falconi\appdata\local\{4C8B0A56-9032-4AF2-8F08-9D491D4D6880}
2012-04-13 15:47:53 -------- d-----w- c:\users\falconi\appdata\local\{7DAA109C-3E64-4A7A-9C0E-7F276716183E}
2012-04-13 15:45:04 -------- d-----w- c:\users\falconi\appdata\local\{A02793EC-EC7F-458B-A119-7B738F917410}
.
==================== Find3M ====================
.
2012-03-30 12:39:11 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-29 13:39:19 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-03-21 00:44:12 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 00:44:12 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-20 23:28:50 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-03-08 18:54:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-01 14:46:01 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-01 14:46:01 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-29 15:11:45 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:11:42 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:09:53 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 14:08:47 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-29 13:44:50 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-29 13:41:40 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-02-29 13:32:37 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 10:47:02.43 ===============


Attach.txt:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 5/21/2008 10:54:13 AM
System Uptime: 5/13/2012 10:05:30 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0RY007
Processor: Intel® Core™2 Duo CPU E4600 @ 2.40GHz | Socket 775 | 1200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 121.979 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.948 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
32 Bit HP CIO Components Installer
3DVIA Player 4.1
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression
Ares 2.1.7
AviSynth 2.5
BabylonObjectInstaller
Biologie voor jou Leerlingen-cd-rom 2 Havo Vwo
BitTorrent
Bonjour
BufferChm
calibre
CCleaner
Cheat Engine 5.6
CleanMyPC - Registry Cleaner
Combined Community Codec Pack 2008-09-21 16:18
Creative Live! Cam Video IM Pro Driver (1.03.02.00)
CustomerResearchQFolder
D1300
D1300_Help
Dell DataSafe Online
Dell Getting Started Guide
Dell Support Center
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Setup
Dropbox
Easy Video Downloader version 1.0
EDocs
eSupportQFolder
Exact Audio Copy PSP Edition 1.0
ffdshow v1.1.3996 [2011-10-13]
getPlus® for Adobe
Google Chrome
Google Update Helper
GoToAssist 8.0.0.514
Governor of Poker 2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054)
Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2635973)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
HP Customer Participation Program 8.0
HP Deskjet & Photosmart Printer Driver Software 8.0.A
HP Imaging Device Functions 8.0
HP Photosmart Essential
HP Product Assistant
HP Solution Center 8.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.11.0
iTunes
Java Auto Updater
Java™ 6 Update 31
Java™ 6 Update 5
Java™ 6 Update 7
Junk Mail filter update
Logitech Vid HD
Logitech Webcam Software
MarketResearch
Media Go
Media Go Video Playback Engine 1.88.115.12060
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Help Viewer 1.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual C++ 2010 Express - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
mowemcowboy Screen Saver
Mozilla Firefox (3.6.13)
MSVC80_x86_v2
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music, Photos & Videos Launcher
Nero 7 Ultra Edition
neroxml
Norton Safe Web Lite
Norton Security Scan
OpenOffice.org Installer 1.0
Outlook Express SMTP Changer 1.0
Paint.NET v3.36
Palm Desktop by ACCESS
PC Connectivity Solution
PlayStation®Network Downloader
PlayStation®Store
Product Documentation Launcher
Project64 1.6
PS3 Media Server
QuickTime
Realtek High Definition Audio Driver
Recuva (remove only)
Registry Reviver
Rhapsody Player Engine
Rockstar Custom Tracks 1.0
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
sdscreen Screen Saver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Service Pack 3 for SQL Server 2008 (KB2546951)
SF_CDA_ProductContext
SF_CDA_Software
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
Sql Server Customer Experience Improvement Program
Stardock MyColors
Status
Switch Sound File Converter
swMSM
Talking Toucan Sam
teed off Screen Saver
Toolbox
TrayApp
Trellix Web Express Site Building
Unity
Unity Web Player
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB PC Camera VC305
VC80CRTRedist - 8.0.50727.6195
Veoh Video Compass
Video mp3 Extractor Pro
Vimicro Cam 2nd Edition
Vimicro USB PC Camera(VC0305)
WebReg
Weet wat je eet
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
WinRAR archiver
Xvid Video Codec
YourFileDownloader
YouTube Video Downloader 3.0.0
.
==== End Of File ===========================


The problems i had are some programs crash when used or for example when i us internet explorer and i go to a other site then google it will also crash

#5 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 13 May 2012 - 09:58 AM

o and the cleanup log is from security check i believe

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:58 AM

Posted 13 May 2012 - 11:33 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 13 May 2012 - 03:06 PM

The one i ran last week is on top of the tread i will run it again and post the new one

#8 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 13 May 2012 - 03:27 PM

ComboFix 12-05-13.03 - Falconi 05/13/2012 16:10:22.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2036.1158 [GMT -4:00]
Running from: c:\users\Falconi\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\d099d5d32234107015f7c6faadadaf21_c
c:\users\Public\sdelevURL.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-04-13 to 2012-05-13 )))))))))))))))))))))))))))))))
.
.
2012-05-13 20:22 . 2012-05-13 20:23 -------- d-----w- c:\users\Falconi\AppData\Local\temp
2012-05-13 20:22 . 2012-05-13 20:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-13 15:42 . 2012-05-13 15:42 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5B538513-6D81-4907-B645-71B3FFF90CC3}\offreg.dll
2012-05-13 15:42 . 2012-05-13 15:42 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5B538513-6D81-4907-B645-71B3FFF90CC3}\MpKsl04e0a8c6.sys
2012-05-13 15:37 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5B538513-6D81-4907-B645-71B3FFF90CC3}\mpengine.dll
2012-05-13 14:58 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-12 21:25 . 2012-05-12 21:25 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\c5909c661cd308507\MeshBetaRemover.exe
2012-05-12 21:25 . 2012-05-12 21:25 89944 ----a-w- c:\program files\Common Files\Windows Live\.cache\c2a0a8661cd308506\DSETUP.dll
2012-05-12 21:25 . 2012-05-12 21:25 537432 ----a-w- c:\program files\Common Files\Windows Live\.cache\c2a0a8661cd308506\DXSETUP.exe
2012-05-12 21:25 . 2012-05-12 21:25 1801048 ----a-w- c:\program files\Common Files\Windows Live\.cache\c2a0a8661cd308506\dsetup32.dll
2012-05-12 21:25 . 2012-05-12 21:25 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\be3140561cd308505\DSETUP.dll
2012-05-12 21:25 . 2012-05-12 21:25 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\be3140561cd308505\DXSETUP.exe
2012-05-12 21:25 . 2012-05-12 21:25 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\be3140561cd308505\dsetup32.dll
2012-05-11 02:36 . 2012-05-11 02:36 307200 ----a-w- c:\program files\Internet Explorer\iediagcmd.exe
2012-05-11 02:36 . 2012-05-11 02:36 161792 ----a-w- c:\windows\system32\msls31.dll
2012-05-11 02:36 . 2012-05-11 02:36 107008 ----a-w- c:\program files\Internet Explorer\iecleanup.exe
2012-05-11 02:27 . 2011-08-13 04:43 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2012-05-10 22:51 . 2012-05-10 22:51 -------- d-----w- c:\users\Falconi\AppData\Roaming\Malwarebytes
2012-05-10 22:50 . 2012-05-10 22:50 -------- d-----w- c:\programdata\Malwarebytes
2012-05-10 22:50 . 2012-05-12 22:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-10 03:01 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-10 03:01 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-10 03:01 . 2012-04-02 13:36 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 23:59 . 2012-05-09 23:59 -------- d-----w- c:\users\Falconi\AppData\Roaming\CleanMyPC Software
2012-05-09 23:58 . 2012-05-09 23:58 -------- d-----w- c:\program files\CleanMyPC
2012-05-09 21:34 . 2012-05-09 21:38 -------- d-----w- c:\program files\Registry Clean Expert
2012-05-09 00:18 . 2012-05-09 00:18 141399376 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlc99D1.tmp
2012-05-09 00:08 . 2012-05-10 22:34 -------- d-----w- c:\program files\Application Updater
2012-05-07 19:37 . 2012-05-07 19:37 -------- d-----w- c:\programdata\AVS4YOU
2012-05-07 19:37 . 2012-05-07 19:37 -------- d-----w- c:\users\Falconi\AppData\Roaming\AVS4YOU
2012-05-07 19:30 . 2012-05-07 19:30 -------- d-----w- c:\users\Falconi\AppData\Roaming\NCH Software
2012-05-07 19:30 . 2012-05-07 19:30 -------- d-----w- c:\programdata\NCH Software
2012-05-07 19:22 . 2012-05-07 19:22 -------- d-----w- c:\users\Falconi\AppData\Roaming\spotmau
2012-05-07 19:21 . 2012-05-07 22:03 -------- d-----w- c:\program files\Advanced Fix 2012
2012-05-07 19:20 . 2012-05-07 22:23 -------- d-----w- c:\programdata\TuneUp360
2012-05-07 19:20 . 2012-05-07 19:20 -------- d-----w- c:\program files\Wondershare
2012-05-07 02:56 . 2012-05-07 02:56 -------- d-----w- c:\users\Falconi\AppData\Roaming\DriverCure
2012-05-07 02:56 . 2012-05-07 02:56 -------- d-----w- c:\users\Falconi\AppData\Roaming\ParetoLogic
2012-05-07 02:55 . 2012-05-07 22:07 -------- d-----w- c:\programdata\ParetoLogic
2012-05-07 02:55 . 2012-05-09 22:17 -------- d-----w- c:\program files\Registry Easy
2012-05-07 02:22 . 2012-05-07 02:22 0 ----a-w- c:\windows\system32\drivers\is-QT6UH.tmp
2012-05-07 02:22 . 2012-03-16 16:15 162584 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2012-05-07 02:22 . 2012-04-23 18:17 203088 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2012-05-07 02:22 . 2012-05-10 21:15 -------- d-----w- c:\program files\Common Files\PC Tools
2012-05-07 02:21 . 2012-05-10 22:20 -------- d-----w- c:\program files\PC Tools
2012-05-07 02:21 . 2012-05-10 00:44 -------- d-----w- c:\users\Falconi\AppData\Roaming\PCPro
2012-05-07 02:21 . 2012-05-07 02:21 -------- d-----w- c:\users\Falconi\AppData\Roaming\PC Cleaners
2012-05-07 02:20 . 2012-05-10 21:15 -------- d-----w- c:\programdata\PC Tools
2012-05-07 02:20 . 2012-05-07 02:20 -------- d-----w- c:\users\Falconi\AppData\Roaming\TestApp
2012-05-07 02:20 . 2012-05-07 02:19 5276432 ----a-w- c:\windows\uninst.exe
2012-05-07 02:20 . 2012-05-07 02:20 -------- d-----w- c:\programdata\PC1Data
2012-05-06 18:09 . 2012-05-06 18:09 141399376 ----a-w- c:\program files\Common Files\Windows Live\(81).cache\wlc586E.tmp
2012-05-05 04:43 . 2012-05-05 04:43 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-05-05 04:37 . 2012-05-05 04:37 141399376 ----a-w- c:\program files\Common Files\Windows Live\(80).cache\wlc191E.tmp
2012-05-05 01:29 . 2012-05-05 01:52 -------- d-----w- c:\users\Falconi\AppData\Roaming\Dev-Cpp
2012-05-04 03:58 . 2012-05-04 03:58 -------- d-----w- c:\program files\Common Files\Spigot(78)
2012-04-17 03:12 . 2012-04-17 03:12 -------- d-----w- c:\program files\fbphotozoom
2012-04-17 03:09 . 2012-05-08 00:20 -------- d--h--w- c:\programdata\{F0297D39-7A45-442F-AFF5-271488E85934}
2012-04-17 02:41 . 2006-11-02 09:39 15821312 ----a-w- c:\windows\system32\imageres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-21 00:44 . 2012-03-21 00:44 74112 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-21 00:44 . 2012-03-21 00:44 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-11 13:58 . 2012-03-10 16:38 112832 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2012-03-08 18:54 . 2010-05-08 15:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-29 15:11 . 2012-04-11 01:52 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:11 . 2012-04-11 01:52 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:09 . 2012-04-11 01:52 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 13:32 . 2012-04-11 01:52 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "c:\progra~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Falconi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Falconi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Falconi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ford mpeg road draw"="c:\programdata\drive site multi.e60eyo" [X]
"ares"="c:\program files\Ares\Ares.exe" [2010-10-27 1015808]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"ares vista"="c:\program files\Ares Vista\AresVista.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 17:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-05-21 15:15 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDog305]
2007-01-05 17:37 61440 ----a-w- c:\windows\vm305_sti.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Cleaner Scheduler]
2012-02-28 04:51 1401224 ----a-w- c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HotSync"="c:\program files\PalmSource\Desktop\HotSync.exe" -AllUsers
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"NPSStartup"=
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Tango"=c:\program files\Tango\Tango.exe
"V0230Mon.exe"=c:\windows\V0230Mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3015805696-1494919734-731465133-1000]
"EnableNotificationsRef"=dword:00000001
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL04E0A8C6
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LPDService REG_MULTI_SZ LPDSVC
rsmsvcs REG_MULTI_SZ ntmssvc
ipripsvc REG_MULTI_SZ iprip
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-08 02:13]
.
2012-05-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-08 02:13]
.
2012-05-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3015805696-1494919734-731465133-1000Core.job
- c:\users\Falconi\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-14 19:05]
.
2012-05-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3015805696-1494919734-731465133-1000UA.job
- c:\users\Falconi\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-14 19:05]
.
2012-05-12 c:\windows\Tasks\Norton Security Scan for Falconi.job
- c:\progra~1\NORTON~1\NORTON~1\Engine\351~1.6\Nss.exe [2011-07-27 11:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.babylon.com/?affID=112555&tt=100512_4_&babsrc=HP_ss&mntrId=100332b3000000000000001d099aaf1f
mStart Page = hxxp://www.bigseekpro.com/solidyoutube/{C344036E-FFCF-4BB1-A2E7-6DF2871F2404}
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Download video on this page - c:\program files\Tomabo\YouTube Video Downloader\YVD_IE.dll/300
IE: Download video this links to - c:\program files\Tomabo\YouTube Video Downloader\YVD_IE.dll/301
IE: {{3B6D08AA-FC34-4400-A751-ED25A651A9B5} - res://c:\program files\Tomabo\YouTube Video Downloader\YVD_IE.dll/300
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game07.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\users\Falconi\AppData\Roaming\Mozilla\Firefox\Profiles\4h3d30tm.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112555&tt=100512_4_&babsrc=HP_ss&mntrId=100332b3000000000000001d099aaf1f
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=112555&tt=100512_4_&babsrc=KW_ss&mntrId=100332b3000000000000001d099aaf1f&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF - Ext: Microsoft Choice Guard: ChoiceGuard@Microsoft - %profile%\extensions\ChoiceGuard@Microsoft
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: FBPhotoZoom: fbphotozoom@installdaddy.com - %profile%\extensions\fbphotozoom@installdaddy.com
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: incredibar.com: ffxtlbr@incredibar.com - %profile%\extensions\ffxtlbr@incredibar.com
FF - Ext: Codec-C: info@allpremiumplay.info - %profile%\extensions\info@allpremiumplay.info
FF - Ext: Music Genie Community Toolbar: {15383fb0-65a6-49a8-8036-2d33e7620f77} - %profile%\extensions\{15383fb0-65a6-49a8-8036-2d33e7620f77}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Norton Safe Web Lite Toolbar: {203FB6B2-2E1E-4474-863B-4C483ECCE78E} - c:\programdata\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.1.8\coFFNST
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: Codec-C: info@allpremiumplay.info - c:\users\Falconi\AppData\Roaming\Mozilla\Firefox\Profiles\4h3d30tm.default\extensions\info@allpremiumplay.info
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8nKdVrju&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 100332b3000000000000001d099aaf1f
FF - user.js: extensions.incredibar_i.instlDay - 15423
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1420:32
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6R8nKdVrju
FF - user.js: extensions.incredibar_i.upn2n - 92824066543741228
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10606
FF - user.js: extensions.incredibar_i.ppd - 81%5F3
FF - user.js: extensions.BabylonToolbar_i.id - 100332b3000000000000001d099aaf1f
FF - user.js: extensions.BabylonToolbar_i.hardId - 100332b3000000000000001d099aaf1f
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15472
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1719:34
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112555&tt=100512_4_
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{29EF3ADA-1B32-4289-A806-0D62F074684F}_is1 - c:\program files\Easy Video Downloader\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-13 16:22
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\users\Falconi\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NSL]
"ImagePath"="\"c:\program files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files\Norton Safe Web Lite\Engine\1.0.1.8\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-05-13 16:26:19
ComboFix-quarantined-files.txt 2012-05-13 20:26
ComboFix2.txt 2012-05-07 01:38
ComboFix3.txt 2012-05-06 16:51
ComboFix4.txt 2012-05-06 09:20
ComboFix5.txt 2012-05-13 20:08
.
Pre-Run: 133,385,658,368 bytes free
Post-Run: 134,065,844,224 bytes free
.
- - End Of File - - FCB22423E3A4089475FA943C84FBA6DE

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:58 AM

Posted 13 May 2012 - 10:15 PM

Greetings

do the programs still crash?

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 14 May 2012 - 02:36 PM

yes programs still crash i will run the programs

#11 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 14 May 2012 - 02:37 PM

should i repair registry to before i used registry cleaner?

#12 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 14 May 2012 - 02:40 PM

tdss:


15:37:15.0246 4748 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
15:37:15.0824 4748 ============================================================
15:37:15.0824 4748 Current date / time: 2012/05/14 15:37:15.0824
15:37:15.0824 4748 SystemInfo:
15:37:15.0824 4748
15:37:15.0824 4748 OS Version: 6.0.6002 ServicePack: 2.0
15:37:15.0825 4748 Product type: Workstation
15:37:15.0825 4748 ComputerName: FALCONI-PC
15:37:15.0825 4748 UserName: Falconi
15:37:15.0825 4748 Windows directory: C:\Windows
15:37:15.0825 4748 System windows directory: C:\Windows
15:37:15.0825 4748 Processor architecture: Intel x86
15:37:15.0825 4748 Number of processors: 2
15:37:15.0825 4748 Page size: 0x1000
15:37:15.0825 4748 Boot type: Normal boot
15:37:15.0825 4748 ============================================================
15:37:30.0632 4748 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:37:30.0678 4748 ============================================================
15:37:30.0678 4748 \Device\Harddisk0\DR0:
15:37:30.0679 4748 MBR partitions:
15:37:30.0679 4748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x18000, BlocksNum 0x1400000
15:37:30.0679 4748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1418000, BlocksNum 0x24016000
15:37:30.0679 4748 ============================================================
15:37:30.0716 4748 C: <-> \Device\Harddisk0\DR0\Partition1
15:37:30.0749 4748 D: <-> \Device\Harddisk0\DR0\Partition0
15:37:30.0749 4748 ============================================================
15:37:30.0749 4748 Initialize success
15:37:30.0749 4748 ============================================================
15:37:51.0724 5712 ============================================================
15:37:51.0724 5712 Scan started
15:37:51.0724 5712 Mode: Manual;
15:37:51.0724 5712 ============================================================
15:37:52.0410 5712 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:37:52.0416 5712 ACPI - ok
15:37:52.0562 5712 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:37:52.0563 5712 AdobeARMservice - ok
15:37:52.0616 5712 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
15:37:52.0626 5712 adp94xx - ok
15:37:52.0688 5712 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
15:37:52.0696 5712 adpahci - ok
15:37:52.0742 5712 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
15:37:52.0748 5712 adpu160m - ok
15:37:52.0795 5712 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
15:37:52.0799 5712 adpu320 - ok
15:37:52.0846 5712 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:37:52.0847 5712 AeLookupSvc - ok
15:37:52.0872 5712 AERTFilters (330a1e4df07c2e29949ed8631cd8828e) C:\Windows\system32\AERTSrv.exe
15:37:52.0874 5712 AERTFilters - ok
15:37:53.0059 5712 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:37:53.0064 5712 AFD - ok
15:37:53.0092 5712 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
15:37:53.0094 5712 agp440 - ok
15:37:53.0117 5712 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:37:53.0134 5712 aic78xx - ok
15:37:53.0169 5712 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:37:53.0172 5712 ALG - ok
15:37:53.0197 5712 aliide (e32a92e1574a467f7c762922f6162d76) C:\Windows\system32\drivers\aliide.sys
15:37:53.0199 5712 aliide - ok
15:37:53.0240 5712 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
15:37:53.0244 5712 amdagp - ok
15:37:53.0274 5712 amdide (b52b576cb0099a62f87214f371031561) C:\Windows\system32\drivers\amdide.sys
15:37:53.0275 5712 amdide - ok
15:37:53.0317 5712 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
15:37:53.0319 5712 AmdK7 - ok
15:37:53.0341 5712 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
15:37:53.0344 5712 AmdK8 - ok
15:37:53.0391 5712 AppHostSvc (dfae18c675d71fd06d57dc69d2913975) C:\Windows\system32\inetsrv\apphostsvc.dll
15:37:53.0392 5712 AppHostSvc - ok
15:37:53.0410 5712 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:37:53.0411 5712 Appinfo - ok
15:37:53.0595 5712 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:37:53.0598 5712 Apple Mobile Device - ok
15:37:53.0817 5712 Application Updater (f4c5530d92fa7f9a41c19edfc4c51bd4) C:\Program Files\Application Updater\ApplicationUpdater.exe
15:37:53.0830 5712 Application Updater - ok
15:37:53.0861 5712 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
15:37:53.0863 5712 arc - ok
15:37:53.0901 5712 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
15:37:53.0903 5712 arcsas - ok
15:37:54.0464 5712 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:37:54.0476 5712 aspnet_state - ok
15:37:54.0568 5712 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:37:54.0592 5712 AsyncMac - ok
15:37:54.0661 5712 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:37:54.0662 5712 atapi - ok
15:37:54.0854 5712 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:37:54.0890 5712 AudioEndpointBuilder - ok
15:37:54.0897 5712 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:37:54.0901 5712 Audiosrv - ok
15:37:54.0961 5712 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:37:54.0971 5712 Beep - ok
15:37:55.0010 5712 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
15:37:55.0017 5712 BFE - ok
15:37:55.0118 5712 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
15:37:55.0134 5712 BITS - ok
15:37:55.0139 5712 blbdrive - ok
15:37:55.0303 5712 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:37:55.0312 5712 Bonjour Service - ok
15:37:55.0375 5712 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:37:55.0405 5712 bowser - ok
15:37:55.0437 5712 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:37:55.0448 5712 BrFiltLo - ok
15:37:55.0469 5712 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:37:55.0470 5712 BrFiltUp - ok
15:37:55.0517 5712 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:37:55.0525 5712 Browser - ok
15:37:55.0571 5712 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:37:55.0574 5712 Brserid - ok
15:37:55.0600 5712 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:37:55.0602 5712 BrSerWdm - ok
15:37:55.0625 5712 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:37:55.0628 5712 BrUsbMdm - ok
15:37:55.0679 5712 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:37:55.0680 5712 BrUsbSer - ok
15:37:55.0713 5712 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:37:55.0722 5712 BTHMODEM - ok
15:37:55.0885 5712 catchme - ok
15:37:55.0931 5712 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:37:55.0934 5712 cdfs - ok
15:37:56.0032 5712 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:37:56.0034 5712 cdrom - ok
15:37:56.0059 5712 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:37:56.0062 5712 CertPropSvc - ok
15:37:56.0083 5712 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
15:37:56.0085 5712 circlass - ok
15:37:56.0128 5712 CISVC (745d20b75b3bdda545022625ed5dbb1b) C:\Windows\system32\CISVC.EXE
15:37:56.0130 5712 CISVC - ok
15:37:56.0230 5712 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:37:56.0235 5712 CLFS - ok
15:37:56.0362 5712 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:37:56.0389 5712 clr_optimization_v2.0.50727_32 - ok
15:37:56.0557 5712 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:37:56.0560 5712 clr_optimization_v4.0.30319_32 - ok
15:37:56.0579 5712 cmdide (c177dd90b5dc1dcaa96ccece752e6f0f) C:\Windows\system32\drivers\cmdide.sys
15:37:56.0581 5712 cmdide - ok
15:37:56.0602 5712 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys
15:37:56.0604 5712 Compbatt - ok
15:37:56.0609 5712 COMSysApp - ok
15:37:56.0644 5712 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
15:37:56.0646 5712 crcdisk - ok
15:37:56.0667 5712 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
15:37:56.0669 5712 Crusoe - ok
15:37:56.0707 5712 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
15:37:56.0742 5712 CryptSvc - ok
15:37:56.0815 5712 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:37:56.0829 5712 DcomLaunch - ok
15:37:56.0906 5712 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:37:56.0909 5712 DfsC - ok
15:37:57.0066 5712 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:37:57.0102 5712 DFSR - ok
15:37:57.0336 5712 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:37:57.0341 5712 Dhcp - ok
15:37:57.0459 5712 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:37:57.0461 5712 disk - ok
15:37:57.0525 5712 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:37:57.0528 5712 Dnscache - ok
15:37:57.0557 5712 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:37:57.0562 5712 dot3svc - ok
15:37:57.0614 5712 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:37:57.0618 5712 DPS - ok
15:37:57.0668 5712 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:37:57.0669 5712 drmkaud - ok
15:37:57.0759 5712 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:37:57.0772 5712 DXGKrnl - ok
15:37:57.0813 5712 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
15:37:57.0818 5712 e1express - ok
15:37:57.0851 5712 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:37:57.0854 5712 E1G60 - ok
15:37:58.0008 5712 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:37:58.0011 5712 EapHost - ok
15:37:58.0057 5712 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:37:58.0060 5712 Ecache - ok
15:37:58.0160 5712 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:37:58.0168 5712 ehRecvr - ok
15:37:58.0207 5712 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:37:58.0210 5712 ehSched - ok
15:37:58.0243 5712 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:37:58.0245 5712 ehstart - ok
15:37:58.0289 5712 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
15:37:58.0295 5712 elxstor - ok
15:37:58.0355 5712 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:37:58.0410 5712 EMDMgmt - ok
15:37:58.0530 5712 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:37:58.0537 5712 EventSystem - ok
15:37:58.0575 5712 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:37:58.0579 5712 exfat - ok
15:37:59.0128 5712 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:37:59.0132 5712 fastfat - ok
15:37:59.0192 5712 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:37:59.0194 5712 fdc - ok
15:37:59.0260 5712 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:37:59.0263 5712 fdPHost - ok
15:37:59.0280 5712 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:37:59.0283 5712 FDResPub - ok
15:37:59.0337 5712 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:37:59.0339 5712 FileInfo - ok
15:37:59.0394 5712 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:37:59.0396 5712 Filetrace - ok
15:37:59.0433 5712 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
15:37:59.0435 5712 flpydisk - ok
15:37:59.0466 5712 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:37:59.0471 5712 FltMgr - ok
15:37:59.0575 5712 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:37:59.0590 5712 FontCache - ok
15:37:59.0638 5712 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:37:59.0640 5712 FontCache3.0.0.0 - ok
15:37:59.0683 5712 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
15:37:59.0686 5712 FsUsbExDisk - ok
15:37:59.0704 5712 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:37:59.0706 5712 Fs_Rec - ok
15:37:59.0834 5712 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
15:37:59.0836 5712 gagp30kx - ok
15:37:59.0887 5712 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\Windows\system32\Drivers\GEARAspiWDM.sys
15:37:59.0889 5712 GEARAspiWDM - ok
15:37:59.0972 5712 getPlusHelper (0879dc7444a201df84e69c5dd5083d61) C:\Program Files\NOS\bin\getPlus_Helper.dll
15:37:59.0974 5712 getPlusHelper - ok
15:38:00.0051 5712 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
15:38:00.0053 5712 GoToAssist - ok
15:38:00.0162 5712 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:38:00.0177 5712 gpsvc - ok
15:38:00.0288 5712 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
15:38:00.0291 5712 gupdate - ok
15:38:00.0301 5712 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
15:38:00.0303 5712 gupdatem - ok
15:38:00.0450 5712 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:38:00.0461 5712 HDAudBus - ok
15:38:00.0501 5712 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:38:00.0503 5712 HidBth - ok
15:38:00.0523 5712 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:38:00.0525 5712 HidIr - ok
15:38:00.0575 5712 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
15:38:00.0577 5712 hidserv - ok
15:38:00.0603 5712 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:38:00.0604 5712 HidUsb - ok
15:38:00.0667 5712 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:38:00.0671 5712 hkmsvc - ok
15:38:00.0696 5712 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
15:38:00.0698 5712 HpCISSs - ok
15:38:00.0779 5712 hpqcxs08 (ed377b3c83fdea8d906109a085d219ba) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
15:38:00.0784 5712 hpqcxs08 - ok
15:38:00.0813 5712 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
15:38:00.0816 5712 hpqddsvc - ok
15:38:00.0885 5712 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:38:00.0893 5712 HTTP - ok
15:38:00.0950 5712 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
15:38:00.0954 5712 i2omp - ok
15:38:01.0006 5712 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:38:01.0008 5712 i8042prt - ok
15:38:01.0218 5712 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
15:38:01.0225 5712 iaStor - ok
15:38:01.0251 5712 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
15:38:01.0256 5712 iaStorV - ok
15:38:01.0346 5712 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:38:01.0349 5712 IDriverT - ok
15:38:01.0490 5712 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:38:01.0505 5712 idsvc - ok
15:38:01.0848 5712 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:38:01.0906 5712 igfx - ok
15:38:02.0063 5712 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:38:02.0065 5712 iirsp - ok
15:38:02.0183 5712 IISADMIN (dae181c2fdb0d02159c56185a469e10b) C:\Windows\system32\inetsrv\inetinfo.exe
15:38:02.0209 5712 IISADMIN - ok
15:38:03.0171 5712 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:38:03.0181 5712 IKEEXT - ok
15:38:03.0406 5712 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
15:38:03.0497 5712 IntcAzAudAddService - ok
15:38:03.0692 5712 intelide (59b00efb24ead979becf413703bb1fac) C:\Windows\system32\DRIVERS\intelide.sys
15:38:03.0694 5712 intelide - ok
15:38:03.0741 5712 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:38:03.0743 5712 intelppm - ok
15:38:03.0788 5712 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:38:03.0800 5712 IPBusEnum - ok
15:38:03.0872 5712 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:38:03.0874 5712 IpFilterDriver - ok
15:38:03.0931 5712 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
15:38:03.0938 5712 iphlpsvc - ok
15:38:03.0956 5712 IpInIp - ok
15:38:04.0027 5712 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
15:38:04.0033 5712 IPMIDRV - ok
15:38:04.0076 5712 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:38:04.0089 5712 IPNAT - ok
15:38:04.0179 5712 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
15:38:04.0194 5712 iPod Service - ok
15:38:04.0225 5712 iprip (03d54e7bcf9b77ceaf34dc0057420352) C:\Windows\System32\iprip.dll
15:38:04.0228 5712 iprip - ok
15:38:04.0233 5712 ipvwabzv - ok
15:38:04.0283 5712 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:38:04.0294 5712 IRENUM - ok
15:38:04.0332 5712 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
15:38:04.0351 5712 isapnp - ok
15:38:04.0418 5712 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:38:04.0422 5712 iScsiPrt - ok
15:38:04.0450 5712 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:38:04.0452 5712 iteatapi - ok
15:38:04.0474 5712 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:38:04.0524 5712 iteraid - ok
15:38:04.0599 5712 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:38:04.0601 5712 kbdclass - ok
15:38:04.0667 5712 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:38:04.0668 5712 kbdhid - ok
15:38:04.0701 5712 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:38:04.0719 5712 KeyIso - ok
15:38:04.0764 5712 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
15:38:04.0799 5712 KMWDFILTER - ok
15:38:04.0866 5712 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:38:04.0874 5712 KSecDD - ok
15:38:04.0955 5712 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:38:04.0964 5712 KtmRm - ok
15:38:05.0136 5712 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
15:38:05.0143 5712 LanmanServer - ok
15:38:05.0212 5712 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:38:05.0223 5712 LanmanWorkstation - ok
15:38:05.0278 5712 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:38:05.0291 5712 lltdio - ok
15:38:05.0341 5712 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:38:05.0348 5712 lltdsvc - ok
15:38:05.0373 5712 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:38:05.0385 5712 lmhosts - ok
15:38:05.0446 5712 LPDSVC (fee78621beca00b537cd70a6afaae112) C:\Windows\system32\lpdsvc.dll
15:38:05.0449 5712 LPDSVC - ok
15:38:05.0490 5712 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
15:38:05.0494 5712 LSI_FC - ok
15:38:05.0542 5712 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
15:38:05.0553 5712 LSI_SAS - ok
15:38:05.0583 5712 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
15:38:05.0589 5712 LSI_SCSI - ok
15:38:05.0642 5712 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:38:05.0671 5712 luafv - ok
15:38:05.0712 5712 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
15:38:05.0764 5712 LVPr2Mon - ok
15:38:05.0893 5712 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
15:38:05.0896 5712 LVPrcSrv - ok
15:38:05.0934 5712 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:38:05.0939 5712 Mcx2Svc - ok
15:38:06.0027 5712 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
15:38:06.0034 5712 MDM - ok
15:38:06.0082 5712 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
15:38:06.0083 5712 megasas - ok
15:38:06.0129 5712 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:38:06.0133 5712 MMCSS - ok
15:38:06.0175 5712 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:38:06.0177 5712 Modem - ok
15:38:06.0226 5712 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:38:06.0228 5712 monitor - ok
15:38:06.0277 5712 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\Windows\system32\DRIVERS\motmodem.sys
15:38:06.0278 5712 motmodem - ok
15:38:06.0426 5712 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:38:06.0428 5712 mouclass - ok
15:38:06.0465 5712 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:38:06.0467 5712 mouhid - ok
15:38:06.0511 5712 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:38:06.0513 5712 MountMgr - ok
15:38:06.0562 5712 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
15:38:06.0565 5712 MpFilter - ok
15:38:06.0584 5712 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
15:38:06.0587 5712 mpio - ok
15:38:06.0797 5712 MpKslb6dd708e (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C701CCF8-291A-4E66-89AF-91529AEEC940}\MpKslb6dd708e.sys
15:38:06.0798 5712 MpKslb6dd708e - ok
15:38:06.0845 5712 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:38:06.0847 5712 mpsdrv - ok
15:38:06.0893 5712 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
15:38:06.0903 5712 MpsSvc - ok
15:38:06.0963 5712 MQAC (4116cde6c8c97e2f4492f2755810019f) C:\Windows\system32\drivers\mqac.sys
15:38:06.0966 5712 MQAC - ok
15:38:06.0991 5712 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:38:06.0993 5712 Mraid35x - ok
15:38:07.0025 5712 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:38:07.0028 5712 MRxDAV - ok
15:38:07.0123 5712 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:38:07.0129 5712 mrxsmb - ok
15:38:07.0186 5712 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:38:07.0191 5712 mrxsmb10 - ok
15:38:07.0208 5712 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:38:07.0211 5712 mrxsmb20 - ok
15:38:07.0229 5712 msahci (2681302b63b318cbea6c82902ac5428c) C:\Windows\system32\drivers\msahci.sys
15:38:07.0231 5712 msahci - ok
15:38:07.0258 5712 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
15:38:07.0261 5712 msdsm - ok
15:38:07.0313 5712 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:38:07.0319 5712 MSDTC - ok
15:38:07.0385 5712 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:38:07.0413 5712 Msfs - ok
15:38:07.0466 5712 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:38:07.0467 5712 msisadrv - ok
15:38:07.0513 5712 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:38:07.0518 5712 MSiSCSI - ok
15:38:07.0531 5712 msiserver - ok
15:38:07.0660 5712 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:38:07.0662 5712 MSKSSRV - ok
15:38:07.0748 5712 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:38:07.0749 5712 MsMpSvc - ok
15:38:07.0772 5712 MSMQ (aabd2bc9dada61ad5eb4223baac4486d) C:\Windows\system32\mqsvc.exe
15:38:07.0776 5712 MSMQ - ok
15:38:07.0901 5712 MSMQTriggers (fa3849c021b463e383bf188a9f0c8ed5) C:\Windows\system32\mqtgsvc.exe
15:38:07.0907 5712 MSMQTriggers - ok
15:38:07.0958 5712 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:38:07.0960 5712 MSPCLOCK - ok
15:38:07.0989 5712 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:38:07.0990 5712 MSPQM - ok
15:38:08.0029 5712 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:38:08.0051 5712 MsRPC - ok
15:38:08.0095 5712 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:38:08.0097 5712 mssmbios - ok
15:38:08.0207 5712 MSSQL$SQLEXPRESS - ok
15:38:08.0430 5712 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:38:08.0433 5712 MSSQLServerADHelper100 - ok
15:38:08.0458 5712 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:38:08.0461 5712 MSTEE - ok
15:38:08.0488 5712 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:38:08.0490 5712 Mup - ok
15:38:08.0574 5712 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:38:08.0583 5712 napagent - ok
15:38:08.0639 5712 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:38:08.0645 5712 NativeWifiP - ok
15:38:08.0702 5712 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:38:08.0713 5712 NDIS - ok
15:38:08.0799 5712 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:38:08.0829 5712 NdisTapi - ok
15:38:08.0917 5712 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:38:08.0919 5712 Ndisuio - ok
15:38:08.0969 5712 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:38:08.0973 5712 NdisWan - ok
15:38:09.0021 5712 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:38:09.0023 5712 NDProxy - ok
15:38:09.0048 5712 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
15:38:09.0051 5712 Net Driver HPZ12 - ok
15:38:09.0076 5712 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:38:09.0078 5712 NetBIOS - ok
15:38:09.0109 5712 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:38:09.0114 5712 netbt - ok
15:38:09.0154 5712 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:38:09.0157 5712 Netlogon - ok
15:38:09.0215 5712 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:38:09.0223 5712 Netman - ok
15:38:09.0442 5712 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:38:09.0446 5712 NetMsmqActivator - ok
15:38:09.0452 5712 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:38:09.0455 5712 NetPipeActivator - ok
15:38:09.0512 5712 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:38:09.0520 5712 netprofm - ok
15:38:09.0529 5712 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:38:09.0531 5712 NetTcpActivator - ok
15:38:09.0538 5712 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:38:09.0541 5712 NetTcpPortSharing - ok
15:38:09.0579 5712 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:38:09.0581 5712 nfrd960 - ok
15:38:09.0626 5712 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:38:09.0629 5712 NisDrv - ok
15:38:09.0755 5712 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
15:38:09.0759 5712 NisSrv - ok
15:38:09.0836 5712 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:38:09.0842 5712 NlaSvc - ok
15:38:09.0899 5712 NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
15:38:09.0905 5712 NMIndexingService - ok
15:38:09.0913 5712 nmwcd - ok
15:38:09.0921 5712 nmwcdc - ok
15:38:09.0930 5712 nmwcdnsu - ok
15:38:09.0939 5712 nmwcdnsuc - ok
15:38:10.0051 5712 nosGetPlusHelper (1acf98d80e95add298832c7a8996b48c) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
15:38:10.0053 5712 nosGetPlusHelper - ok
15:38:10.0090 5712 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:38:10.0092 5712 Npfs - ok
15:38:10.0138 5712 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:38:10.0142 5712 nsi - ok
15:38:10.0204 5712 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:38:10.0205 5712 nsiproxy - ok
15:38:10.0267 5712 NSL (436e7b2e6f42c2717c1d670220d03336) C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
15:38:10.0270 5712 NSL - ok
15:38:10.0367 5712 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:38:10.0386 5712 Ntfs - ok
15:38:10.0456 5712 NtmsSvc (a7dff9642d510be1eec6664cd0369953) C:\Windows\system32\ntmssvc.dll
15:38:10.0468 5712 NtmsSvc - ok
15:38:10.0535 5712 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:38:10.0537 5712 ntrigdigi - ok
15:38:10.0576 5712 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:38:10.0578 5712 Null - ok
15:38:10.0617 5712 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
15:38:10.0620 5712 nvraid - ok
15:38:10.0637 5712 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
15:38:10.0639 5712 nvstor - ok
15:38:10.0661 5712 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
15:38:10.0665 5712 nv_agp - ok
15:38:10.0671 5712 NwlnkFlt - ok
15:38:10.0681 5712 NwlnkFwd - ok
15:38:11.0017 5712 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:38:11.0025 5712 odserv - ok
15:38:11.0077 5712 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:38:11.0080 5712 ohci1394 - ok
15:38:11.0124 5712 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:38:11.0128 5712 ose - ok
15:38:11.0217 5712 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:38:11.0233 5712 p2pimsvc - ok
15:38:11.0244 5712 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:38:11.0254 5712 p2psvc - ok
15:38:11.0300 5712 PalmUSBD (dc450992eba6f914080c1f7fbeeed72c) C:\Windows\system32\drivers\PalmUSBD.sys
15:38:11.0302 5712 PalmUSBD - ok
15:38:11.0320 5712 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:38:11.0323 5712 Parport - ok
15:38:11.0354 5712 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
15:38:11.0356 5712 partmgr - ok
15:38:11.0371 5712 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:38:11.0373 5712 Parvdm - ok
15:38:11.0423 5712 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:38:11.0428 5712 PcaSvc - ok
15:38:11.0490 5712 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:38:11.0494 5712 pci - ok
15:38:11.0503 5712 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
15:38:11.0505 5712 pciide - ok
15:38:11.0535 5712 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:38:11.0540 5712 pcmcia - ok
15:38:11.0596 5712 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:38:11.0614 5712 PEAUTH - ok
15:38:11.0867 5712 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\Windows\system32\DRIVERS\LV302V32.SYS
15:38:11.0914 5712 PID_PEPI - ok
15:38:12.0275 5712 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:38:12.0307 5712 pla - ok
15:38:12.0373 5712 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:38:12.0382 5712 PlugPlay - ok
15:38:12.0408 5712 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
15:38:12.0411 5712 Pml Driver HPZ12 - ok
15:38:12.0473 5712 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:38:12.0487 5712 PNRPAutoReg - ok
15:38:12.0500 5712 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:38:12.0510 5712 PNRPsvc - ok
15:38:12.0539 5712 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:38:12.0547 5712 PolicyAgent - ok
15:38:12.0606 5712 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:38:12.0608 5712 PptpMiniport - ok
15:38:12.0647 5712 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
15:38:12.0649 5712 Processor - ok
15:38:12.0682 5712 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:38:12.0691 5712 ProfSvc - ok
15:38:12.0770 5712 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:38:12.0773 5712 ProtectedStorage - ok
15:38:12.0847 5712 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:38:12.0864 5712 PSched - ok
15:38:12.0888 5712 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
15:38:12.0891 5712 PxHelp20 - ok
15:38:12.0954 5712 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
15:38:12.0972 5712 ql2300 - ok
15:38:13.0006 5712 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:38:13.0014 5712 ql40xx - ok
15:38:13.0073 5712 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:38:13.0081 5712 QWAVE - ok
15:38:13.0134 5712 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:38:13.0136 5712 QWAVEdrv - ok
15:38:13.0339 5712 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
15:38:13.0373 5712 R300 - ok
15:38:13.0764 5712 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:38:13.0766 5712 RasAcd - ok
15:38:13.0823 5712 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:38:13.0829 5712 RasAuto - ok
15:38:13.0891 5712 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:38:13.0894 5712 Rasl2tp - ok
15:38:13.0984 5712 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:38:13.0992 5712 RasMan - ok
15:38:14.0038 5712 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:38:14.0040 5712 RasPppoe - ok
15:38:14.0101 5712 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:38:14.0103 5712 RasSstp - ok
15:38:14.0136 5712 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:38:14.0142 5712 rdbss - ok
15:38:14.0148 5712 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:38:14.0152 5712 RDPCDD - ok
15:38:14.0212 5712 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
15:38:14.0219 5712 rdpdr - ok
15:38:14.0224 5712 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:38:14.0226 5712 RDPENCDD - ok
15:38:14.0286 5712 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
15:38:14.0291 5712 RDPWD - ok
15:38:14.0384 5712 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:38:14.0389 5712 RemoteAccess - ok
15:38:14.0436 5712 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:38:14.0442 5712 RemoteRegistry - ok
15:38:14.0504 5712 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
15:38:14.0506 5712 RimUsb - ok
15:38:14.0571 5712 RMCAST (eec7ee5675294b03e88aa868540007c1) C:\Windows\system32\DRIVERS\RMCAST.sys
15:38:14.0574 5712 RMCAST - ok
15:38:14.0601 5712 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:38:14.0604 5712 RpcLocator - ok
15:38:14.0679 5712 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:38:14.0689 5712 RpcSs - ok
15:38:14.0745 5712 RsFx0105 (6a7360e36cbd636972aeef0dd292a946) C:\Windows\system32\DRIVERS\RsFx0105.sys
15:38:14.0751 5712 RsFx0105 - ok
15:38:14.0820 5712 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:38:14.0823 5712 rspndr - ok
15:38:14.0843 5712 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:38:14.0846 5712 SamSs - ok
15:38:14.0914 5712 SASDIFSV (d96686fca1f9f6b06f7490553cbda6de) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:38:14.0915 5712 SASDIFSV - ok
15:38:14.0945 5712 SASENUM (7f1085895e499907f68df7731924122b) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
15:38:14.0960 5712 SASENUM - ok
15:38:14.0986 5712 SASKUTIL (2e0e10b8b547a39cdcc1b105239a43a4) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
15:38:15.0033 5712 SASKUTIL - ok
15:38:15.0063 5712 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:38:15.0066 5712 sbp2port - ok
15:38:15.0119 5712 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:38:15.0126 5712 SCardSvr - ok
15:38:15.0204 5712 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:38:15.0218 5712 Schedule - ok
15:38:15.0240 5712 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:38:15.0242 5712 SCPolicySvc - ok
15:38:15.0296 5712 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:38:15.0302 5712 SDRSVC - ok
15:38:15.0435 5712 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:38:15.0440 5712 SeaPort - ok
15:38:15.0456 5712 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:38:15.0458 5712 secdrv - ok
15:38:15.0505 5712 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:38:15.0510 5712 seclogon - ok
15:38:15.0526 5712 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
15:38:15.0531 5712 SENS - ok
15:38:15.0552 5712 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:38:15.0554 5712 Serenum - ok
15:38:15.0580 5712 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:38:15.0582 5712 Serial - ok
15:38:15.0614 5712 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:38:15.0615 5712 sermouse - ok
15:38:15.0688 5712 ServiceLayer (5c1858eeadd097912443ae8efd44da6b) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:38:15.0877 5712 ServiceLayer - ok
15:38:15.0956 5712 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:38:15.0962 5712 SessionEnv - ok
15:38:15.0987 5712 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
15:38:15.0989 5712 sffdisk - ok
15:38:16.0007 5712 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
15:38:16.0008 5712 sffp_mmc - ok
15:38:16.0041 5712 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
15:38:16.0043 5712 sffp_sd - ok
15:38:16.0065 5712 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:38:16.0066 5712 sfloppy - ok
15:38:16.0121 5712 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:38:16.0128 5712 SharedAccess - ok
15:38:16.0199 5712 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
15:38:16.0210 5712 ShellHWDetection - ok
15:38:16.0249 5712 simptcp (a275fbb7c99458c12e088dff3e58eb4d) C:\Windows\System32\tcpsvcs.exe
15:38:16.0254 5712 simptcp - ok
15:38:16.0280 5712 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
15:38:16.0283 5712 sisagp - ok
15:38:16.0303 5712 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
15:38:16.0305 5712 SiSRaid2 - ok
15:38:16.0328 5712 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
15:38:16.0331 5712 SiSRaid4 - ok
15:38:16.0524 5712 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:38:16.0629 5712 slsvc - ok
15:38:16.0732 5712 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:38:16.0746 5712 SLUINotify - ok
15:38:16.0787 5712 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:38:16.0790 5712 Smb - ok
15:38:16.0845 5712 SNMP (26ba81ba48c3d9fb292b4b60fde849f2) C:\Windows\System32\snmp.exe
15:38:16.0851 5712 SNMP - ok
15:38:16.0878 5712 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:38:16.0883 5712 SNMPTRAP - ok
15:38:16.0925 5712 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:38:16.0927 5712 spldr - ok
15:38:16.0952 5712 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:38:16.0960 5712 Spooler - ok
15:38:17.0105 5712 SQLAgent$SQLEXPRESS (a892134c28777978ecde8283dc57ac0f) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
15:38:17.0112 5712 SQLAgent$SQLEXPRESS - ok
15:38:17.0181 5712 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:38:17.0187 5712 SQLBrowser - ok
15:38:17.0213 5712 SQLWriter (135cdccc167ef0c250125bbd3abe18d5) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:38:17.0215 5712 SQLWriter - ok
15:38:17.0286 5712 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:38:17.0316 5712 srv - ok
15:38:17.0358 5712 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:38:17.0362 5712 srv2 - ok
15:38:17.0426 5712 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:38:17.0430 5712 srvnet - ok
15:38:17.0479 5712 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:38:17.0486 5712 SSDPSRV - ok
15:38:17.0538 5712 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:38:17.0545 5712 SstpSvc - ok
15:38:17.0618 5712 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:38:17.0631 5712 stisvc - ok
15:38:17.0709 5712 stllssvr (7489520e98a119b5a9a00857f4f87d16) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:38:17.0774 5712 stllssvr - ok
15:38:17.0839 5712 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:38:17.0841 5712 swenum - ok
15:38:17.0880 5712 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:38:17.0890 5712 swprv - ok
15:38:17.0924 5712 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:38:17.0926 5712 Symc8xx - ok
15:38:17.0947 5712 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:38:17.0949 5712 Sym_hi - ok
15:38:17.0970 5712 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:38:17.0973 5712 Sym_u3 - ok
15:38:18.0027 5712 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:38:18.0042 5712 SysMain - ok
15:38:18.0076 5712 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:38:18.0082 5712 TabletInputService - ok
15:38:18.0125 5712 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
15:38:18.0127 5712 taphss - ok
15:38:18.0171 5712 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:38:18.0180 5712 TapiSrv - ok
15:38:18.0240 5712 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:38:18.0246 5712 TBS - ok
15:38:18.0321 5712 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
15:38:18.0337 5712 Tcpip - ok
15:38:18.0355 5712 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
15:38:18.0365 5712 Tcpip6 - ok
15:38:18.0386 5712 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
15:38:18.0388 5712 tcpipreg - ok
15:38:18.0458 5712 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:38:18.0468 5712 TDPIPE - ok
15:38:18.0504 5712 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:38:18.0506 5712 TDTCP - ok
15:38:18.0534 5712 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:38:18.0537 5712 tdx - ok
15:38:18.0591 5712 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:38:18.0593 5712 TermDD - ok
15:38:18.0680 5712 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:38:18.0694 5712 TermService - ok
15:38:18.0745 5712 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
15:38:18.0754 5712 Themes - ok
15:38:18.0801 5712 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:38:18.0804 5712 THREADORDER - ok
15:38:18.0829 5712 TlntSvr (5e1bc006cb4a26507d4512795cf08373) C:\Windows\System32\tlntsvr.exe
15:38:18.0835 5712 TlntSvr - ok
15:38:18.0911 5712 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:38:18.0918 5712 TrkWks - ok
15:38:18.0996 5712 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:38:18.0997 5712 TrustedInstaller - ok
15:38:19.0034 5712 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:38:19.0036 5712 tssecsrv - ok
15:38:19.0080 5712 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:38:19.0082 5712 tunmp - ok
15:38:19.0135 5712 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:38:19.0137 5712 tunnel - ok
15:38:19.0170 5712 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
15:38:19.0173 5712 uagp35 - ok
15:38:19.0234 5712 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:38:19.0239 5712 udfs - ok
15:38:19.0303 5712 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:38:19.0309 5712 UI0Detect - ok
15:38:19.0333 5712 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
15:38:19.0335 5712 uliagpkx - ok
15:38:19.0358 5712 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
15:38:19.0364 5712 uliahci - ok
15:38:19.0386 5712 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:38:19.0389 5712 UlSata - ok
15:38:19.0430 5712 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:38:19.0433 5712 ulsata2 - ok
15:38:19.0538 5712 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:38:19.0541 5712 umbus - ok
15:38:19.0648 5712 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:38:19.0678 5712 upnphost - ok
15:38:19.0684 5712 upperdev - ok
15:38:19.0727 5712 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
15:38:19.0875 5712 USBAAPL - ok
15:38:19.0924 5712 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
15:38:19.0931 5712 usbaudio - ok
15:38:20.0004 5712 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:38:20.0006 5712 usbccgp - ok
15:38:20.0057 5712 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:38:20.0060 5712 usbcir - ok
15:38:20.0113 5712 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:38:20.0134 5712 usbehci - ok
15:38:20.0195 5712 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:38:20.0199 5712 usbhub - ok
15:38:20.0220 5712 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
15:38:20.0223 5712 usbohci - ok
15:38:20.0279 5712 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:38:20.0281 5712 usbprint - ok
15:38:20.0336 5712 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:38:20.0338 5712 usbscan - ok
15:38:20.0377 5712 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
15:38:20.0379 5712 usbser - ok
15:38:20.0385 5712 UsbserFilt - ok
15:38:20.0429 5712 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:38:20.0465 5712 USBSTOR - ok
15:38:20.0528 5712 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:38:20.0541 5712 usbuhci - ok
15:38:20.0581 5712 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:38:20.0587 5712 UxSms - ok
15:38:20.0651 5712 V0230Vfx (a0c643d5f8c60f12faa6e3454dfe9c32) C:\Windows\system32\DRIVERS\V0230Vfx.sys
15:38:20.0652 5712 V0230Vfx - ok
15:38:20.0783 5712 V0230VID (ab3a762b624ec835c1c7bb665b04ed41) C:\Windows\system32\DRIVERS\V0230VID.sys
15:38:20.0794 5712 V0230VID - ok
15:38:20.0863 5712 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:38:20.0875 5712 vds - ok
15:38:20.0909 5712 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
15:38:20.0922 5712 vga - ok
15:38:20.0944 5712 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:38:20.0952 5712 VgaSave - ok
15:38:20.0975 5712 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
15:38:20.0978 5712 viaagp - ok
15:38:21.0021 5712 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
15:38:21.0023 5712 ViaC7 - ok
15:38:21.0040 5712 viaide (689547ce911998d1e0da7a5992e025fc) C:\Windows\system32\drivers\viaide.sys
15:38:21.0043 5712 viaide - ok
15:38:21.0094 5712 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:38:21.0097 5712 volmgr - ok
15:38:21.0145 5712 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:38:21.0170 5712 volmgrx - ok
15:38:21.0223 5712 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:38:21.0251 5712 volsnap - ok
15:38:21.0273 5712 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
15:38:21.0287 5712 vsmraid - ok
15:38:21.0377 5712 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:38:21.0412 5712 VSS - ok
15:38:21.0501 5712 vvftav (090da253a1ad35c9c333a1d3bb6aaf7e) C:\Windows\system32\drivers\vvftav.sys
15:38:21.0514 5712 vvftav - ok
15:38:21.0565 5712 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:38:21.0575 5712 W32Time - ok
15:38:21.0663 5712 W3SVC (9ca92191c8f18e8b491a5b28e63c07b7) C:\Windows\system32\inetsrv\iisw3adm.dll
15:38:21.0684 5712 W3SVC - ok
15:38:21.0750 5712 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:38:21.0752 5712 WacomPen - ok
15:38:21.0797 5712 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:38:21.0799 5712 Wanarp - ok
15:38:21.0805 5712 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:38:21.0806 5712 Wanarpv6 - ok
15:38:21.0820 5712 WAS (9ca92191c8f18e8b491a5b28e63c07b7) C:\Windows\system32\inetsrv\iisw3adm.dll
15:38:21.0825 5712 WAS - ok
15:38:21.0888 5712 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:38:21.0920 5712 wcncsvc - ok
15:38:21.0973 5712 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:38:21.0979 5712 WcsPlugInService - ok
15:38:22.0021 5712 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
15:38:22.0023 5712 Wd - ok
15:38:22.0071 5712 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:38:22.0096 5712 Wdf01000 - ok
15:38:22.0181 5712 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:38:22.0188 5712 WdiServiceHost - ok
15:38:22.0192 5712 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:38:22.0200 5712 WdiSystemHost - ok
15:38:22.0310 5712 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:38:22.0343 5712 WebClient - ok
15:38:22.0434 5712 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:38:22.0442 5712 Wecsvc - ok
15:38:22.0473 5712 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:38:22.0480 5712 wercplsupport - ok
15:38:22.0514 5712 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:38:22.0521 5712 WerSvc - ok
15:38:22.0615 5712 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
15:38:22.0628 5712 WinDefend - ok
15:38:22.0701 5712 WindowBlinds (59728aed28364a597040e0b7ba07ae33) C:\Program Files\Stardock\MyColors\VistaSrv.exe
15:38:22.0706 5712 WindowBlinds - ok
15:38:22.0718 5712 WinHttpAutoProxySvc - ok
15:38:22.0789 5712 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:38:22.0797 5712 Winmgmt - ok
15:38:22.0888 5712 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:38:22.0915 5712 WinRM - ok
15:38:22.0993 5712 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:38:23.0021 5712 Wlansvc - ok
15:38:23.0083 5712 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys
15:38:23.0085 5712 WmiAcpi - ok
15:38:23.0177 5712 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:38:23.0181 5712 wmiApSrv - ok
15:38:23.0298 5712 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:38:23.0336 5712 WMPNetworkSvc - ok
15:38:23.0403 5712 WMSvc (8f09bcef47c3ed52b2ddf3fa66379327) C:\Windows\system32\inetsrv\wmsvc.exe
15:38:23.0412 5712 WMSvc - ok
15:38:23.0442 5712 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:38:23.0452 5712 WPCSvc - ok
15:38:23.0497 5712 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:38:23.0504 5712 WPDBusEnum - ok
15:38:23.0563 5712 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:38:23.0577 5712 WpdUsb - ok
15:38:23.0895 5712 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:38:23.0909 5712 WPFFontCache_v0400 - ok
15:38:23.0953 5712 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:38:23.0955 5712 ws2ifsl - ok
15:38:23.0995 5712 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
15:38:24.0002 5712 wscsvc - ok
15:38:24.0008 5712 WSearch - ok
15:38:24.0172 5712 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:38:24.0208 5712 wuauserv - ok
15:38:24.0354 5712 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:38:24.0357 5712 WUDFRd - ok
15:38:24.0395 5712 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:38:24.0401 5712 wudfsvc - ok
15:38:24.0522 5712 ZSMC0305 (400193c446f539134273ab9b88e837dc) C:\Windows\system32\Drivers\usbVM305.sys
15:38:24.0548 5712 ZSMC0305 - ok
15:38:24.0577 5712 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:38:24.0636 5712 \Device\Harddisk0\DR0 - ok
15:38:24.0652 5712 Boot (0x1200) (6bb2eb1dc6373f1f98ffeaf0205bb8a7) \Device\Harddisk0\DR0\Partition0
15:38:24.0654 5712 \Device\Harddisk0\DR0\Partition0 - ok
15:38:24.0658 5712 Boot (0x1200) (f9e93443233193d42c019dae9f2a11c9) \Device\Harddisk0\DR0\Partition1
15:38:24.0660 5712 \Device\Harddisk0\DR0\Partition1 - ok
15:38:24.0662 5712 ============================================================
15:38:24.0662 5712 Scan finished
15:38:24.0662 5712 ============================================================
15:38:24.0680 3516 Detected object count: 0
15:38:24.0680 3516 Actual detected object count: 0
15:38:59.0990 2580 ============================================================
15:38:59.0990 2580 Scan started
15:38:59.0991 2580 Mode: Manual;
15:38:59.0991 2580 ============================================================
15:39:00.0800 2580 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:39:00.0803 2580 ACPI - ok
15:39:00.0944 2580 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:39:00.0945 2580 AdobeARMservice - ok
15:39:00.0998 2580 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
15:39:01.0002 2580 adp94xx - ok
15:39:01.0115 2580 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
15:39:01.0118 2580 adpahci - ok
15:39:01.0139 2580 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
15:39:01.0140 2580 adpu160m - ok
15:39:01.0169 2580 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
15:39:01.0171 2580 adpu320 - ok
15:39:01.0203 2580 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:39:01.0204 2580 AeLookupSvc - ok
15:39:01.0263 2580 AERTFilters (330a1e4df07c2e29949ed8631cd8828e) C:\Windows\system32\AERTSrv.exe
15:39:01.0264 2580 AERTFilters - ok
15:39:01.0424 2580 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:39:01.0427 2580 AFD - ok
15:39:01.0465 2580 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
15:39:01.0466 2580 agp440 - ok
15:39:01.0542 2580 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:39:01.0543 2580 aic78xx - ok
15:39:01.0626 2580 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:39:01.0628 2580 ALG - ok
15:39:01.0664 2580 aliide (e32a92e1574a467f7c762922f6162d76) C:\Windows\system32\drivers\aliide.sys
15:39:01.0665 2580 aliide - ok
15:39:01.0688 2580 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
15:39:01.0689 2580 amdagp - ok
15:39:01.0709 2580 amdide (b52b576cb0099a62f87214f371031561) C:\Windows\system32\drivers\amdide.sys
15:39:01.0710 2580 amdide - ok
15:39:01.0733 2580 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
15:39:01.0734 2580 AmdK7 - ok
15:39:01.0756 2580 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
15:39:01.0757 2580 AmdK8 - ok
15:39:01.0856 2580 AppHostSvc (dfae18c675d71fd06d57dc69d2913975) C:\Windows\system32\inetsrv\apphostsvc.dll
15:39:01.0857 2580 AppHostSvc - ok
15:39:01.0900 2580 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:39:01.0901 2580 Appinfo - ok
15:39:02.0229 2580 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:39:02.0231 2580 Apple Mobile Device - ok
15:39:02.0363 2580 Application Updater (f4c5530d92fa7f9a41c19edfc4c51bd4) C:\Program Files\Application Updater\ApplicationUpdater.exe
15:39:02.0372 2580 Application Updater - ok
15:39:02.0399 2580 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
15:39:02.0400 2580 arc - ok
15:39:02.0464 2580 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
15:39:02.0465 2580 arcsas - ok
15:39:02.0619 2580 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:39:02.0620 2580 aspnet_state - ok
15:39:02.0698 2580 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:39:02.0699 2580 AsyncMac - ok
15:39:02.0752 2580 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:39:02.0753 2580 atapi - ok
15:39:02.0817 2580 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:39:02.0822 2580 AudioEndpointBuilder - ok
15:39:02.0832 2580 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:39:02.0836 2580 Audiosrv - ok
15:39:02.0887 2580 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:39:02.0887 2580 Beep - ok
15:39:02.0931 2580 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
15:39:02.0935 2580 BFE - ok
15:39:03.0005 2580 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
15:39:03.0018 2580 BITS - ok
15:39:03.0028 2580 blbdrive - ok
15:39:03.0165 2580 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:39:03.0169 2580 Bonjour Service - ok
15:39:03.0225 2580 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:39:03.0226 2580 bowser - ok
15:39:03.0288 2580 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:39:03.0289 2580 BrFiltLo - ok
15:39:03.0304 2580 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:39:03.0304 2580 BrFiltUp - ok
15:39:03.0352 2580 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:39:03.0354 2580 Browser - ok
15:39:03.0382 2580 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:39:03.0383 2580 Brserid - ok
15:39:03.0410 2580 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:39:03.0411 2580 BrSerWdm - ok
15:39:03.0436 2580 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:39:03.0436 2580 BrUsbMdm - ok
15:39:03.0474 2580 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:39:03.0475 2580 BrUsbSer - ok
15:39:03.0507 2580 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:39:03.0508 2580 BTHMODEM - ok
15:39:03.0761 2580 catchme - ok
15:39:03.0818 2580 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:39:03.0819 2580 cdfs - ok
15:39:03.0888 2580 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:39:03.0889 2580 cdrom - ok
15:39:03.0911 2580 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:39:03.0913 2580 CertPropSvc - ok
15:39:03.0972 2580 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
15:39:03.0973 2580 circlass - ok
15:39:04.0013 2580 CISVC (745d20b75b3bdda545022625ed5dbb1b) C:\Windows\system32\CISVC.EXE
15:39:04.0014 2580 CISVC - ok
15:39:04.0060 2580 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:39:04.0064 2580 CLFS - ok
15:39:04.0182 2580 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:39:04.0183 2580 clr_optimization_v2.0.50727_32 - ok
15:39:04.0341 2580 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:39:04.0343 2580 clr_optimization_v4.0.30319_32 - ok
15:39:04.0385 2580 cmdide (c177dd90b5dc1dcaa96ccece752e6f0f) C:\Windows\system32\drivers\cmdide.sys
15:39:04.0386 2580 cmdide - ok
15:39:04.0430 2580 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys
15:39:04.0431 2580 Compbatt - ok
15:39:04.0441 2580 COMSysApp - ok
15:39:04.0488 2580 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
15:39:04.0488 2580 crcdisk - ok
15:39:04.0540 2580 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
15:39:04.0541 2580 Crusoe - ok
15:39:04.0584 2580 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
15:39:04.0586 2580 CryptSvc - ok
15:39:04.0681 2580 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:39:04.0694 2580 DcomLaunch - ok
15:39:04.0764 2580 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:39:04.0766 2580 DfsC - ok
15:39:05.0092 2580 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:39:05.0120 2580 DFSR - ok
15:39:05.0272 2580 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:39:05.0275 2580 Dhcp - ok
15:39:05.0353 2580 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:39:05.0354 2580 disk - ok
15:39:05.0437 2580 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:39:05.0440 2580 Dnscache - ok
15:39:05.0493 2580 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:39:05.0497 2580 dot3svc - ok
15:39:05.0556 2580 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:39:05.0559 2580 DPS - ok
15:39:05.0602 2580 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:39:05.0602 2580 drmkaud - ok
15:39:05.0757 2580 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:39:05.0765 2580 DXGKrnl - ok
15:39:05.0807 2580 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys
15:39:05.0810 2580 e1express - ok
15:39:05.0900 2580 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:39:05.0902 2580 E1G60 - ok
15:39:05.0945 2580 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:39:05.0947 2580 EapHost - ok
15:39:05.0975 2580 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:39:05.0977 2580 Ecache - ok
15:39:06.0063 2580 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:39:06.0066 2580 ehRecvr - ok
15:39:06.0094 2580 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:39:06.0096 2580 ehSched - ok
15:39:06.0111 2580 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:39:06.0112 2580 ehstart - ok
15:39:06.0158 2580 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
15:39:06.0161 2580 elxstor - ok
15:39:06.0228 2580 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:39:06.0235 2580 EMDMgmt - ok
15:39:06.0275 2580 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:39:06.0279 2580 EventSystem - ok
15:39:06.0321 2580 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:39:06.0322 2580 exfat - ok
15:39:06.0360 2580 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:39:06.0362 2580 fastfat - ok
15:39:06.0454 2580 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:39:06.0455 2580 fdc - ok
15:39:06.0493 2580 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:39:06.0495 2580 fdPHost - ok
15:39:06.0545 2580 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:39:06.0547 2580 FDResPub - ok
15:39:06.0640 2580 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:39:06.0641 2580 FileInfo - ok
15:39:06.0692 2580 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:39:06.0693 2580 Filetrace - ok
15:39:06.0720 2580 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
15:39:06.0721 2580 flpydisk - ok
15:39:06.0780 2580 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:39:06.0783 2580 FltMgr - ok
15:39:06.0876 2580 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:39:06.0889 2580 FontCache - ok
15:39:06.0947 2580 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:39:06.0948 2580 FontCache3.0.0.0 - ok
15:39:06.0995 2580 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\Windows\system32\FsUsbExDisk.SYS
15:39:06.0997 2580 FsUsbExDisk - ok
15:39:07.0057 2580 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:39:07.0058 2580 Fs_Rec - ok
15:39:07.0103 2580 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
15:39:07.0104 2580 gagp30kx - ok
15:39:07.0169 2580 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\Windows\system32\Drivers\GEARAspiWDM.sys
15:39:07.0170 2580 GEARAspiWDM - ok
15:39:07.0241 2580 getPlusHelper (0879dc7444a201df84e69c5dd5083d61) C:\Program Files\NOS\bin\getPlus_Helper.dll
15:39:07.0242 2580 getPlusHelper - ok
15:39:07.0281 2580 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
15:39:07.0281 2580 GoToAssist - ok
15:39:07.0346 2580 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:39:07.0353 2580 gpsvc - ok
15:39:07.0460 2580 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
15:39:07.0461 2580 gupdate - ok
15:39:07.0471 2580 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
15:39:07.0473 2580 gupdatem - ok
15:39:07.0597 2580 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:39:07.0607 2580 HDAudBus - ok
15:39:07.0656 2580 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:39:07.0657 2580 HidBth - ok
15:39:07.0669 2580 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:39:07.0670 2580 HidIr - ok
15:39:07.0705 2580 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
15:39:07.0707 2580 hidserv - ok
15:39:07.0716 2580 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:39:07.0718 2580 HidUsb - ok
15:39:07.0767 2580 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:39:07.0771 2580 hkmsvc - ok
15:39:07.0801 2580 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
15:39:07.0803 2580 HpCISSs - ok
15:39:07.0894 2580 hpqcxs08 (ed377b3c83fdea8d906109a085d219ba) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
15:39:07.0896 2580 hpqcxs08 - ok
15:39:07.0926 2580 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
15:39:07.0928 2580 hpqddsvc - ok
15:39:07.0993 2580 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:39:08.0011 2580 HTTP - ok
15:39:08.0074 2580 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
15:39:08.0075 2580 i2omp - ok
15:39:08.0115 2580 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:39:08.0117 2580 i8042prt - ok
15:39:08.0171 2580 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
15:39:08.0174 2580 iaStor - ok
15:39:08.0216 2580 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
15:39:08.0219 2580 iaStorV - ok
15:39:08.0326 2580 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:39:08.0328 2580 IDriverT - ok
15:39:08.0428 2580 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:39:08.0443 2580 idsvc - ok
15:39:08.0679 2580 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:39:08.0704 2580 igfx - ok
15:39:08.0837 2580 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:39:08.0838 2580 iirsp - ok
15:39:08.0914 2580 IISADMIN (dae181c2fdb0d02159c56185a469e10b) C:\Windows\system32\inetsrv\inetinfo.exe
15:39:08.0914 2580 IISADMIN - ok
15:39:09.0060 2580 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:39:09.0070 2580 IKEEXT - ok
15:39:09.0224 2580 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
15:39:09.0247 2580 IntcAzAudAddService - ok
15:39:09.0363 2580 intelide (59b00efb24ead979becf413703bb1fac) C:\Windows\system32\DRIVERS\intelide.sys
15:39:09.0364 2580 intelide - ok
15:39:09.0422 2580 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:39:09.0423 2580 intelppm - ok
15:39:09.0482 2580 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:39:09.0486 2580 IPBusEnum - ok
15:39:09.0536 2580 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:39:09.0539 2580 IpFilterDriver - ok
15:39:09.0628 2580 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
15:39:09.0649 2580 iphlpsvc - ok
15:39:09.0657 2580 IpInIp - ok
15:39:09.0690 2580 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
15:39:09.0691 2580 IPMIDRV - ok
15:39:09.0730 2580 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:39:09.0733 2580 IPNAT - ok
15:39:09.0839 2580 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
15:39:09.0848 2580 iPod Service - ok
15:39:09.0879 2580 iprip (03d54e7bcf9b77ceaf34dc0057420352) C:\Windows\System32\iprip.dll
15:39:09.0881 2580 iprip - ok
15:39:09.0890 2580 ipvwabzv - ok
15:39:10.0007 2580 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:39:10.0009 2580 IRENUM - ok
15:39:10.0035 2580 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
15:39:10.0037 2580 isapnp - ok
15:39:10.0117 2580 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:39:10.0122 2580 iScsiPrt - ok
15:39:10.0145 2580 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:39:10.0146 2580 iteatapi - ok
15:39:10.0178 2580 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:39:10.0179 2580 iteraid - ok
15:39:10.0229 2580 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:39:10.0230 2580 kbdclass - ok
15:39:10.0279 2580 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:39:10.0281 2580 kbdhid - ok
15:39:10.0309 2580 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:39:10.0312 2580 KeyIso - ok
15:39:10.0359 2580 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
15:39:10.0360 2580 KMWDFILTER - ok
15:39:10.0412 2580 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:39:10.0422 2580 KSecDD - ok
15:39:10.0498 2580 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:39:10.0509 2580 KtmRm - ok
15:39:10.0573 2580 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
15:39:10.0579 2580 LanmanServer - ok
15:39:10.0642 2580 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:39:10.0650 2580 LanmanWorkstation - ok
15:39:10.0709 2580 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:39:10.0711 2580 lltdio - ok
15:39:10.0771 2580 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:39:10.0778 2580 lltdsvc - ok
15:39:10.0811 2580 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:39:10.0814 2580 lmhosts - ok
15:39:10.0859 2580 LPDSVC (fee78621beca00b537cd70a6afaae112) C:\Windows\system32\lpdsvc.dll
15:39:10.0863 2580 LPDSVC - ok
15:39:10.0895 2580 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
15:39:10.0897 2580 LSI_FC - ok
15:39:10.0926 2580 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
15:39:10.0927 2580 LSI_SAS - ok
15:39:10.0955 2580 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
15:39:10.0957 2580 LSI_SCSI - ok
15:39:11.0014 2580 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:39:11.0017 2580 luafv - ok
15:39:11.0042 2580 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
15:39:11.0044 2580 LVPr2Mon - ok
15:39:11.0178 2580 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
15:39:11.0181 2580 LVPrcSrv - ok
15:39:11.0240 2580 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:39:11.0244 2580 Mcx2Svc - ok
15:39:11.0334 2580 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
15:39:11.0338 2580 MDM - ok
15:39:11.0370 2580 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
15:39:11.0371 2580 megasas - ok
15:39:11.0393 2580 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:39:11.0397 2580 MMCSS - ok
15:39:11.0448 2580 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:39:11.0450 2580 Modem - ok
15:39:11.0535 2580 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:39:11.0537 2580 monitor - ok
15:39:11.0607 2580 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\Windows\system32\DRIVERS\motmodem.sys
15:39:11.0609 2580 motmodem - ok
15:39:11.0650 2580 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:39:11.0652 2580 mouclass - ok
15:39:11.0707 2580 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:39:11.0709 2580 mouhid - ok
15:39:11.0758 2580 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:39:11.0761 2580 MountMgr - ok
15:39:11.0788 2580 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
15:39:11.0793 2580 MpFilter - ok
15:39:11.0815 2580 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
15:39:11.0816 2580 mpio - ok
15:39:11.0945 2580 MpKslb6dd708e (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C701CCF8-291A-4E66-89AF-91529AEEC940}\MpKslb6dd708e.sys
15:39:11.0945 2580 MpKslb6dd708e - ok
15:39:11.0958 2580 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:39:11.0961 2580 mpsdrv - ok
15:39:12.0007 2580 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
15:39:12.0018 2580 MpsSvc - ok
15:39:12.0069 2580 MQAC (4116cde6c8c97e2f4492f2755810019f) C:\Windows\system32\drivers\mqac.sys
15:39:12.0072 2580 MQAC - ok
15:39:12.0097 2580 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:39:12.0098 2580 Mraid35x - ok
15:39:12.0122 2580 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:39:12.0125 2580 MRxDAV - ok
15:39:12.0181 2580 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:39:12.0184 2580 mrxsmb - ok
15:39:12.0251 2580 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:39:12.0256 2580 mrxsmb10 - ok
15:39:12.0281 2580 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:39:12.0284 2580 mrxsmb20 - ok
15:39:12.0303 2580 msahci (2681302b63b318cbea6c82902ac5428c) C:\Windows\system32\drivers\msahci.sys
15:39:12.0304 2580 msahci - ok
15:39:12.0331 2580 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
15:39:12.0332 2580 msdsm - ok
15:39:12.0368 2580 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:39:12.0373 2580 MSDTC - ok
15:39:12.0429 2580 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:39:12.0430 2580 Msfs - ok
15:39:12.0499 2580 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:39:12.0500 2580 msisadrv - ok
15:39:12.0565 2580 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:39:12.0570 2580 MSiSCSI - ok
15:39:12.0577 2580 msiserver - ok
15:39:12.0625 2580 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:39:12.0627 2580 MSKSSRV - ok
15:39:12.0730 2580 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:39:12.0731 2580 MsMpSvc - ok
15:39:12.0754 2580 MSMQ (aabd2bc9dada61ad5eb4223baac4486d) C:\Windows\system32\mqsvc.exe
15:39:12.0757 2580 MSMQ - ok
15:39:12.0793 2580 MSMQTriggers (fa3849c021b463e383bf188a9f0c8ed5) C:\Windows\system32\mqtgsvc.exe
15:39:12.0797 2580 MSMQTriggers - ok
15:39:12.0840 2580 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:39:12.0842 2580 MSPCLOCK - ok
15:39:12.0888 2580 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:39:12.0889 2580 MSPQM - ok
15:39:13.0039 2580 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:39:13.0044 2580 MsRPC - ok
15:39:13.0112 2580 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:39:13.0114 2580 mssmbios - ok
15:39:13.0189 2580 MSSQL$SQLEXPRESS - ok
15:39:13.0294 2580 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
15:39:13.0296 2580 MSSQLServerADHelper100 - ok
15:39:13.0325 2580 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:39:13.0327 2580 MSTEE - ok
15:39:13.0354 2580 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:39:13.0356 2580 Mup - ok
15:39:13.0393 2580 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:39:13.0403 2580 napagent - ok
15:39:13.0455 2580 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:39:13.0459 2580 NativeWifiP - ok
15:39:13.0520 2580 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:39:13.0527 2580 NDIS - ok
15:39:13.0581 2580 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:39:13.0582 2580 NdisTapi - ok
15:39:13.0651 2580 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:39:13.0652 2580 Ndisuio - ok
15:39:13.0751 2580 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:39:13.0754 2580 NdisWan - ok
15:39:13.0804 2580 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:39:13.0810 2580 NDProxy - ok
15:39:13.0867 2580 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\Windows\system32\HPZinw12.dll
15:39:13.0869 2580 Net Driver HPZ12 - ok
15:39:13.0901 2580 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:39:13.0903 2580 NetBIOS - ok
15:39:13.0944 2580 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:39:13.0948 2580 netbt - ok
15:39:13.0987 2580 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:39:13.0990 2580 Netlogon - ok
15:39:14.0050 2580 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:39:14.0069 2580 Netman - ok
15:39:14.0165 2580 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:39:14.0168 2580 NetMsmqActivator - ok
15:39:14.0183 2580 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:39:14.0185 2580 NetPipeActivator - ok
15:39:14.0266 2580 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:39:14.0274 2580 netprofm - ok
15:39:14.0282 2580 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:39:14.0284 2580 NetTcpActivator - ok
15:39:14.0296 2580 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:39:14.0299 2580 NetTcpPortSharing - ok
15:39:14.0345 2580 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:39:14.0347 2580 nfrd960 - ok
15:39:14.0393 2580 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:39:14.0395 2580 NisDrv - ok
15:39:14.0590 2580 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
15:39:14.0595 2580 NisSrv - ok
15:39:14.0644 2580 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:39:14.0650 2580 NlaSvc - ok
15:39:14.0708 2580 NMIndexingService (a328a46d87bb92ce4d8a4528e9d84787) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
15:39:14.0715 2580 NMIndexingService - ok
15:39:14.0726 2580 nmwcd - ok
15:39:14.0740 2580 nmwcdc - ok
15:39:14.0754 2580 nmwcdnsu - ok
15:39:14.0771 2580 nmwcdnsuc - ok
15:39:14.0842 2580 nosGetPlusHelper (1acf98d80e95add298832c7a8996b48c) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
15:39:14.0844 2580 nosGetPlusHelper - ok
15:39:14.0881 2580 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:39:14.0883 2580 Npfs - ok
15:39:14.0930 2580 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:39:14.0933 2580 nsi - ok
15:39:14.0995 2580 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:39:14.0997 2580 nsiproxy - ok
15:39:15.0052 2580 NSL (436e7b2e6f42c2717c1d670220d03336) C:\Program Files\Norton Safe Web Lite\Engine\1.0.1.8\ccSvcHst.exe
15:39:15.0053 2580 NSL - ok
15:39:15.0152 2580 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:39:15.0172 2580 Ntfs - ok
15:39:15.0271 2580 NtmsSvc (a7dff9642d510be1eec6664cd0369953) C:\Windows\system32\ntmssvc.dll
15:39:15.0282 2580 NtmsSvc - ok
15:39:15.0377 2580 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:39:15.0378 2580 ntrigdigi - ok
15:39:15.0417 2580 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:39:15.0419 2580 Null - ok
15:39:15.0450 2580 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
15:39:15.0452 2580 nvraid - ok
15:39:15.0470 2580 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
15:39:15.0471 2580 nvstor - ok
15:39:15.0502 2580 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
15:39:15.0504 2580 nv_agp - ok
15:39:15.0514 2580 NwlnkFlt - ok
15:39:15.0527 2580 NwlnkFwd - ok
15:39:15.0680 2580 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:39:15.0689 2580 odserv - ok
15:39:15.0736 2580 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:39:15.0738 2580 ohci1394 - ok
15:39:15.0801 2580 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:39:15.0804 2580 ose - ok
15:39:15.0879 2580 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:39:15.0897 2580 p2pimsvc - ok
15:39:15.0917 2580 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:39:15.0928 2580 p2psvc - ok
15:39:15.0976 2580 PalmUSBD (dc450992eba6f914080c1f7fbeeed72c) C:\Windows\system32\drivers\PalmUSBD.sys
15:39:15.0979 2580 PalmUSBD - ok
15:39:16.0004 2580 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:39:16.0005 2580 Parport - ok
15:39:16.0038 2580 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
15:39:16.0040 2580 partmgr - ok
15:39:16.0054 2580 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:39:16.0055 2580 Parvdm - ok
15:39:16.0104 2580 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:39:16.0109 2580 PcaSvc - ok
15:39:16.0170 2580 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:39:16.0174 2580 pci - ok
15:39:16.0195 2580 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
15:39:16.0197 2580 pciide - ok
15:39:16.0237 2580 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:39:16.0239 2580 pcmcia - ok
15:39:16.0307 2580 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:39:16.0324 2580 PEAUTH - ok
15:39:16.0510 2580 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\Windows\system32\DRIVERS\LV302V32.SYS
15:39:16.0541 2580 PID_PEPI - ok
15:39:16.0743 2580 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:39:16.0776 2580 pla - ok
15:39:16.0908 2580 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:39:16.0916 2580 PlugPlay - ok
15:39:16.0942 2580 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\Windows\system32\HPZipm12.dll
15:39:16.0944 2580 Pml Driver HPZ12 - ok
15:39:17.0012 2580 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:39:17.0025 2580 PNRPAutoReg - ok
15:39:17.0041 2580 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:39:17.0054 2580 PNRPsvc - ok
15:39:17.0099 2580 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:39:17.0108 2580 PolicyAgent - ok
15:39:17.0182 2580 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:39:17.0185 2580 PptpMiniport - ok
15:39:17.0224 2580 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
15:39:17.0225 2580 Processor - ok
15:39:17.0267 2580 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:39:17.0274 2580 ProfSvc - ok
15:39:17.0312 2580 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:39:17.0316 2580 ProtectedStorage - ok
15:39:17.0341 2580 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:39:17.0344 2580 PSched - ok
15:39:17.0381 2580 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
15:39:17.0382 2580 PxHelp20 - ok
15:39:17.0452 2580 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
15:39:17.0462 2580 ql2300 - ok
15:39:17.0506 2580 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:39:17.0508 2580 ql40xx - ok
15:39:17.0568 2580 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:39:17.0577 2580 QWAVE - ok
15:39:17.0643 2580 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:39:17.0645 2580 QWAVEdrv - ok
15:39:17.0815 2580 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
15:39:17.0843 2580 R300 - ok
15:39:18.0008 2580 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:39:18.0010 2580 RasAcd - ok
15:39:18.0071 2580 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:39:18.0077 2580 RasAuto - ok
15:39:18.0126 2580 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:39:18.0129 2580 Rasl2tp - ok
15:39:18.0170 2580 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:39:18.0192 2580 RasMan - ok
15:39:18.0240 2580 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:39:18.0242 2580 RasPppoe - ok
15:39:18.0303 2580 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:39:18.0306 2580 RasSstp - ok
15:39:18.0341 2580 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:39:18.0346 2580 rdbss - ok
15:39:18.0360 2580 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:39:18.0361 2580 RDPCDD - ok
15:39:18.0457 2580 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
15:39:18.0460 2580 rdpdr - ok
15:39:18.0477 2580 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:39:18.0486 2580 RDPENCDD - ok
15:39:18.0570 2580 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
15:39:18.0574 2580 RDPWD - ok
15:39:18.0635 2580 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:39:18.0640 2580 RemoteAccess - ok
15:39:18.0920 2580 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:39:18.0927 2580 RemoteRegistry - ok
15:39:18.0983 2580 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
15:39:18.0984 2580 RimUsb - ok
15:39:19.0063 2580 RMCAST (eec7ee5675294b03e88aa868540007c1) C:\Windows\system32\DRIVERS\RMCAST.sys
15:39:19.0066 2580 RMCAST - ok
15:39:19.0086 2580 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:39:19.0090 2580 RpcLocator - ok
15:39:19.0144 2580 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:39:19.0156 2580 RpcSs - ok
15:39:19.0231 2580 RsFx0105 (6a7360e36cbd636972aeef0dd292a946) C:\Windows\system32\DRIVERS\RsFx0105.sys
15:39:19.0234 2580 RsFx0105 - ok
15:39:19.0287 2580 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:39:19.0289 2580 rspndr - ok
15:39:19.0324 2580 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:39:19.0327 2580 SamSs - ok
15:39:19.0432 2580 SASDIFSV (d96686fca1f9f6b06f7490553cbda6de) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:39:19.0433 2580 SASDIFSV - ok
15:39:19.0479 2580 SASENUM (7f1085895e499907f68df7731924122b) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
15:39:19.0481 2580 SASENUM - ok
15:39:19.0561 2580 SASKUTIL (2e0e10b8b547a39cdcc1b105239a43a4) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
15:39:19.0562 2580 SASKUTIL - ok
15:39:19.0607 2580 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:39:19.0608 2580 sbp2port - ok
15:39:19.0695 2580 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:39:19.0792 2580 SCardSvr - ok
15:39:20.0049 2580 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:39:20.0064 2580 Schedule - ok
15:39:20.0124 2580 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:39:20.0125 2580 SCPolicySvc - ok
15:39:20.0180 2580 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:39:20.0188 2580 SDRSVC - ok
15:39:20.0312 2580 SeaPort (d358e077a0a05d9b12da22d137ee8464) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:39:20.0315 2580 SeaPort - ok
15:39:20.0339 2580 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:39:20.0341 2580 secdrv - ok
15:39:20.0397 2580 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:39:20.0402 2580 seclogon - ok
15:39:20.0425 2580 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
15:39:20.0430 2580 SENS - ok
15:39:20.0467 2580 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:39:20.0468 2580 Serenum - ok
15:39:20.0496 2580 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:39:20.0497 2580 Serial - ok
15:39:20.0561 2580 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:39:20.0563 2580 sermouse - ok
15:39:20.0696 2580 ServiceLayer (5c1858eeadd097912443ae8efd44da6b) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
15:39:20.0708 2580 ServiceLayer - ok
15:39:20.0764 2580 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:39:20.0770 2580 SessionEnv - ok
15:39:20.0812 2580 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
15:39:20.0813 2580 sffdisk - ok
15:39:20.0841 2580 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
15:39:20.0842 2580 sffp_mmc - ok
15:39:20.0870 2580 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
15:39:20.0871 2580 sffp_sd - ok
15:39:20.0889 2580 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:39:20.0890 2580 sfloppy - ok
15:39:20.0946 2580 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:39:20.0953 2580 SharedAccess - ok
15:39:21.0024 2580 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
15:39:21.0034 2580 ShellHWDetection - ok
15:39:21.0074 2580 simptcp (a275fbb7c99458c12e088dff3e58eb4d) C:\Windows\System32\tcpsvcs.exe
15:39:21.0078 2580 simptcp - ok
15:39:21.0107 2580 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
15:39:21.0109 2580 sisagp - ok
15:39:21.0136 2580 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
15:39:21.0137 2580 SiSRaid2 - ok
15:39:21.0169 2580 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
15:39:21.0171 2580 SiSRaid4 - ok
15:39:21.0399 2580 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:39:21.0441 2580 slsvc - ok
15:39:21.0671 2580 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:39:21.0676 2580 SLUINotify - ok
15:39:21.0733 2580 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:39:21.0737 2580 Smb - ok
15:39:21.0804 2580 SNMP (26ba81ba48c3d9fb292b4b60fde849f2) C:\Windows\System32\snmp.exe
15:39:21.0810 2580 SNMP - ok
15:39:21.0844 2580 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:39:21.0854 2580 SNMPTRAP - ok
15:39:21.0899 2580 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:39:21.0902 2580 spldr - ok
15:39:21.0934 2580 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:39:21.0940 2580 Spooler - ok
15:39:22.0122 2580 SQLAgent$SQLEXPRESS (a892134c28777978ecde8283dc57ac0f) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
15:39:22.0129 2580 SQLAgent$SQLEXPRESS - ok
15:39:22.0205 2580 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:39:22.0211 2580 SQLBrowser - ok
15:39:22.0245 2580 SQLWriter (135cdccc167ef0c250125bbd3abe18d5) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:39:22.0246 2580 SQLWriter - ok
15:39:22.0357 2580 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:39:22.0366 2580 srv - ok
15:39:22.0415 2580 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:39:22.0418 2580 srv2 - ok
15:39:22.0475 2580 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:39:22.0478 2580 srvnet - ok
15:39:22.0535 2580 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:39:22.0549 2580 SSDPSRV - ok
15:39:22.0645 2580 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:39:22.0651 2580 SstpSvc - ok
15:39:22.0692 2580 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:39:22.0702 2580 stisvc - ok
15:39:22.0824 2580 stllssvr (7489520e98a119b5a9a00857f4f87d16) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:39:22.0826 2580 stllssvr - ok
15:39:22.0879 2580 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:39:22.0880 2580 swenum - ok
15:39:22.0922 2580 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:39:22.0932 2580 swprv - ok
15:39:22.0964 2580 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:39:22.0966 2580 Symc8xx - ok
15:39:22.0987 2580 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:39:22.0989 2580 Sym_hi - ok
15:39:23.0019 2580 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:39:23.0020 2580 Sym_u3 - ok
15:39:23.0106 2580 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:39:23.0120 2580 SysMain - ok
15:39:23.0160 2580 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:39:23.0165 2580 TabletInputService - ok
15:39:23.0199 2580 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
15:39:23.0200 2580 taphss - ok
15:39:23.0330 2580 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:39:23.0337 2580 TapiSrv - ok
15:39:23.0377 2580 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:39:23.0383 2580 TBS - ok
15:39:23.0481 2580 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
15:39:23.0500 2580 Tcpip - ok
15:39:23.0521 2580 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
15:39:23.0539 2580 Tcpip6 - ok
15:39:23.0602 2580 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
15:39:23.0604 2580 tcpipreg - ok
15:39:23.0648 2580 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:39:23.0650 2580 TDPIPE - ok
15:39:23.0677 2580 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:39:23.0679 2580 TDTCP - ok
15:39:23.0708 2580 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:39:23.0709 2580 tdx - ok
15:39:23.0773 2580 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:39:23.0775 2580 TermDD - ok
15:39:23.0831 2580 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:39:23.0862 2580 TermService - ok
15:39:23.0944 2580 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
15:39:23.0952 2580 Themes - ok
15:39:24.0015 2580 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:39:24.0018 2580 THREADORDER - ok
15:39:24.0046 2580 TlntSvr (5e1bc006cb4a26507d4512795cf08373) C:\Windows\System32\tlntsvr.exe
15:39:24.0053 2580 TlntSvr - ok
15:39:24.0077 2580 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:39:24.0085 2580 TrkWks - ok
15:39:24.0168 2580 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:39:24.0169 2580 TrustedInstaller - ok
15:39:24.0240 2580 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:39:24.0242 2580 tssecsrv - ok
15:39:24.0280 2580 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:39:24.0282 2580 tunmp - ok
15:39:24.0341 2580 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:39:24.0343 2580 tunnel - ok
15:39:24.0379 2580 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
15:39:24.0380 2580 uagp35 - ok
15:39:24.0442 2580 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:39:24.0448 2580 udfs - ok
15:39:24.0510 2580 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:39:24.0516 2580 UI0Detect - ok
15:39:24.0547 2580 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
15:39:24.0549 2580 uliagpkx - ok
15:39:24.0588 2580 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
15:39:24.0592 2580 uliahci - ok
15:39:24.0625 2580 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:39:24.0628 2580 UlSata - ok
15:39:24.0656 2580 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:39:24.0658 2580 ulsata2 - ok
15:39:24.0711 2580 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:39:24.0713 2580 umbus - ok
15:39:24.0799 2580 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:39:24.0810 2580 upnphost - ok
15:39:24.0823 2580 upperdev - ok
15:39:24.0881 2580 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
15:39:24.0882 2580 USBAAPL - ok
15:39:24.0944 2580 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
15:39:24.0947 2580 usbaudio - ok
15:39:25.0047 2580 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:39:25.0050 2580 usbccgp - ok
15:39:25.0081 2580 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:39:25.0082 2580 usbcir - ok
15:39:25.0170 2580 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:39:25.0172 2580 usbehci - ok
15:39:25.0217 2580 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:39:25.0222 2580 usbhub - ok
15:39:25.0252 2580 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
15:39:25.0253 2580 usbohci - ok
15:39:25.0286 2580 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:39:25.0287 2580 usbprint - ok
15:39:25.0343 2580 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:39:25.0344 2580 usbscan - ok
15:39:25.0384 2580 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
15:39:25.0385 2580 usbser - ok
15:39:25.0401 2580 UsbserFilt - ok
15:39:25.0443 2580 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:39:25.0446 2580 USBSTOR - ok
15:39:25.0493 2580 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:39:25.0495 2580 usbuhci - ok
15:39:25.0530 2580 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:39:25.0536 2580 UxSms - ok
15:39:25.0583 2580 V0230Vfx (a0c643d5f8c60f12faa6e3454dfe9c32) C:\Windows\system32\DRIVERS\V0230Vfx.sys
15:39:25.0584 2580 V0230Vfx - ok
15:39:25.0652 2580 V0230VID (ab3a762b624ec835c1c7bb665b04ed41) C:\Windows\system32\DRIVERS\V0230VID.sys
15:39:25.0659 2580 V0230VID - ok
15:39:25.0719 2580 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:39:25.0732 2580 vds - ok
15:39:25.0766 2580 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
15:39:25.0767 2580 vga - ok
15:39:25.0805 2580 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:39:25.0807 2580 VgaSave - ok
15:39:25.0856 2580 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
15:39:25.0858 2580 viaagp - ok
15:39:25.0894 2580 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
15:39:25.0896 2580 ViaC7 - ok
15:39:25.0931 2580 viaide (689547ce911998d1e0da7a5992e025fc) C:\Windows\system32\drivers\viaide.sys
15:39:25.0932 2580 viaide - ok
15:39:25.0985 2580 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:39:25.0988 2580 volmgr - ok
15:39:26.0028 2580 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:39:26.0035 2580 volmgrx - ok
15:39:26.0100 2580 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:39:26.0105 2580 volsnap - ok
15:39:26.0139 2580 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
15:39:26.0141 2580 vsmraid - ok
15:39:26.0236 2580 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:39:26.0253 2580 VSS - ok
15:39:26.0334 2580 vvftav (090da253a1ad35c9c333a1d3bb6aaf7e) C:\Windows\system32\drivers\vvftav.sys
15:39:26.0340 2580 vvftav - ok
15:39:26.0390 2580 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:39:26.0398 2580 W32Time - ok
15:39:26.0498 2580 W3SVC (9ca92191c8f18e8b491a5b28e63c07b7) C:\Windows\system32\inetsrv\iisw3adm.dll
15:39:26.0506 2580 W3SVC - ok
15:39:26.0542 2580 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:39:26.0543 2580 WacomPen - ok
15:39:26.0623 2580 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:39:26.0625 2580 Wanarp - ok
15:39:26.0638 2580 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:39:26.0639 2580 Wanarpv6 - ok
15:39:26.0655 2580 WAS (9ca92191c8f18e8b491a5b28e63c07b7) C:\Windows\system32\inetsrv\iisw3adm.dll
15:39:26.0660 2580 WAS - ok
15:39:26.0736 2580 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:39:26.0750 2580 wcncsvc - ok
15:39:26.0822 2580 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:39:26.0830 2580 WcsPlugInService - ok
15:39:26.0854 2580 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
15:39:26.0855 2580 Wd - ok
15:39:26.0914 2580 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:39:26.0923 2580 Wdf01000 - ok
15:39:26.0974 2580 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:39:26.0980 2580 WdiServiceHost - ok
15:39:26.0995 2580 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:39:27.0002 2580 WdiSystemHost - ok
15:39:27.0042 2580 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:39:27.0076 2580 WebClient - ok
15:39:27.0108 2580 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:39:27.0118 2580 Wecsvc - ok
15:39:27.0148 2580 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:39:27.0155 2580 wercplsupport - ok
15:39:27.0182 2580 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:39:27.0206 2580 WerSvc - ok
15:39:27.0312 2580 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
15:39:27.0317 2580 WinDefend - ok
15:39:27.0385 2580 WindowBlinds (59728aed28364a597040e0b7ba07ae33) C:\Program Files\Stardock\MyColors\VistaSrv.exe
15:39:27.0388 2580 WindowBlinds - ok
15:39:27.0416 2580 WinHttpAutoProxySvc - ok
15:39:27.0482 2580 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:39:27.0486 2580 Winmgmt - ok
15:39:27.0586 2580 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:39:27.0622 2580 WinRM - ok
15:39:27.0740 2580 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:39:27.0757 2580 Wlansvc - ok
15:39:27.0841 2580 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys
15:39:27.0842 2580 WmiAcpi - ok
15:39:27.0921 2580 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:39:27.0925 2580 wmiApSrv - ok
15:39:28.0102 2580 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:39:28.0113 2580 WMPNetworkSvc - ok
15:39:28.0194 2580 WMSvc (8f09bcef47c3ed52b2ddf3fa66379327) C:\Windows\system32\inetsrv\wmsvc.exe
15:39:28.0196 2580 WMSvc - ok
15:39:28.0232 2580 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:39:28.0251 2580 WPCSvc - ok
15:39:28.0318 2580 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:39:28.0325 2580 WPDBusEnum - ok
15:39:28.0362 2580 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:39:28.0365 2580 WpdUsb - ok
15:39:28.0590 2580 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:39:28.0614 2580 WPFFontCache_v0400 - ok
15:39:28.0670 2580 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:39:28.0672 2580 ws2ifsl - ok
15:39:28.0704 2580 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
15:39:28.0712 2580 wscsvc - ok
15:39:28.0726 2580 WSearch - ok
15:39:28.0886 2580 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:39:29.0086 2580 wuauserv - ok
15:39:29.0195 2580 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:39:29.0198 2580 WUDFRd - ok
15:39:29.0236 2580 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:39:29.0243 2580 wudfsvc - ok
15:39:29.0364 2580 ZSMC0305 (400193c446f539134273ab9b88e837dc) C:\Windows\system32\Drivers\usbVM305.sys
15:39:29.0380 2580 ZSMC0305 - ok
15:39:29.0410 2580 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:39:29.0469 2580 \Device\Harddisk0\DR0 - ok
15:39:29.0493 2580 Boot (0x1200) (6bb2eb1dc6373f1f98ffeaf0205bb8a7) \Device\Harddisk0\DR0\Partition0
15:39:29.0496 2580 \Device\Harddisk0\DR0\Partition0 - ok
15:39:29.0504 2580 Boot (0x1200) (f9e93443233193d42c019dae9f2a11c9) \Device\Harddisk0\DR0\Partition1
15:39:29.0507 2580 \Device\Harddisk0\DR0\Partition1 - ok
15:39:29.0508 2580 ============================================================
15:39:29.0508 2580 Scan finished
15:39:29.0508 2580 ============================================================
15:39:29.0531 5184 Detected object count: 0
15:39:29.0531 5184 Actual detected object count: 0

#13 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 14 May 2012 - 04:02 PM

aswMBR:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-14 15:36:29
-----------------------------
15:36:29.133 OS Version: Windows 6.0.6002 Service Pack 2
15:36:29.134 Number of processors: 2 586 0xF0D
15:36:29.135 ComputerName: FALCONI-PC UserName: Falconi
15:37:33.592 Initialize success
15:40:48.996 AVAST engine defs: 12051400
15:41:31.619 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:41:31.623 Disk 0 Vendor: SAMSUNG_HD321KJ CP100-13 Size: 305245MB BusType: 3
15:41:31.646 Disk 0 MBR read successfully
15:41:31.650 Disk 0 MBR scan
15:41:31.670 Disk 0 Windows VISTA default MBR code
15:41:31.674 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
15:41:31.712 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 98304
15:41:31.745 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 294956 MB offset 21069824
15:41:31.778 Disk 0 scanning sectors +625139712
15:41:31.873 Disk 0 scanning C:\Windows\system32\drivers
15:42:00.509 Service scanning
15:42:20.691 Service MpKslb6dd708e c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C701CCF8-291A-4E66-89AF-91529AEEC940}\MpKslb6dd708e.sys **LOCKED** 32
15:43:02.527 Modules scanning
15:43:13.078 Disk 0 trace - called modules:
15:43:13.124 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
15:43:13.132 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x859e9ac8]
15:43:13.139 3 CLASSPNP.SYS[8859e8b3] -> nt!IofCallDriver -> [0x851f4838]
15:43:13.147 5 acpi.sys[806906bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85211b98]
15:43:14.272 AVAST engine scan C:\Windows
15:43:37.190 AVAST engine scan C:\Windows\system32
15:56:40.019 AVAST engine scan C:\Windows\system32\drivers
15:57:43.860 AVAST engine scan C:\Users\Falconi
16:39:59.664 AVAST engine scan C:\ProgramData
16:48:50.369 Scan finished successfully
17:00:54.527 Disk 0 MBR has been saved successfully to "C:\Users\Falconi\Documents\MBR.dat"
17:00:54.640 The log file has been saved successfully to "C:\Users\Falconi\Documents\aswMBR.txt"

#14 911zabuza

911zabuza
  • Topic Starter

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:58 AM

Posted 14 May 2012 - 07:40 PM

problem continues

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:58 AM

Posted 15 May 2012 - 08:22 AM

what programs are giving you problems and what type of problem do they have?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users