Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help! Undetectable Virus??


  • This topic is locked This topic is locked
38 replies to this topic

#1 SilentAngerX7

SilentAngerX7

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 18 August 2012 - 04:42 PM

Hello, and thank you for taking the time to read and acknowledge my topic. I've been having some weird issues lately, and even though I'm 99.9% sure I'm infected with a virus, no Anti-Virus/Anti-Malware software has given me any evidence. It all started after I noticed that my system font had randomly changed. I had changed my monitor resolution from its native 1024x768 resolution to 800x600, and started to play Minecraft, but in the game was only when I noticed the font on Window titles, the clock, etc. had changed. I even changed back to my native resolution and still found the wierd font there. I made a system restore and the font went back to normal. I also was in the middle of modding one of my games, when i noticed one of the files had been deleted. Microsoft Outlook would randomly open. I don't know whether or not this is relevant to my supposed virus problem, but anything weird I took into consideration. MalwareBytes would randomly block completely different outgoing IP Addresses when Firefox wasn't open. One of which was 85.17.184.22. However, now the major problem I've been getting is major performance drops. Start-ups take longer. Programs take longer to open. Games have constant stuttering issues and take 3x the amount of time to start-up. I'll notice that my cursor lags behind. I received a notification from Yahoo! Mail stating that my account was logged in by an IP Address located in Slovakia. I have tried multiple programs/Anti-Virus Softwares to try to detect or remove this "virus", but none have come up to detect anything.
Here is the list of all the Programs and Softwares I have tried:

Microsoft Security Essentials
Avast! Internet Security 2012 (Trial)
MalwareBytes Anti-Malware PRO (Trial)
ESET NOD32 Anti-Virus (Trial)
TDSSKiller
Kaspersky Virus Removal
RougeKiller
Hijackthis
ComboFix
ESET Free Online Scanner
GMER Rootkit Detector

I really didn't want to bother anyone with this, but I really need assistance! Please Help!
Windows XP Media Center Edition 2002 SP3

I also used the HiJackFree tool from Emsisoft Emergency Kit and found many weird/infected files and services.
I was told to post this topic here because I ran ComboFix and I needed to post the log. I was also told to download and run DDS and post the log here. I have the logs posted and in addition screenshots of the suspicious files.
Regarding the files in the screenshots, should i delete them? I don't want to make my system worse.

Attached Files


Edited by SilentAngerX7, 19 August 2012 - 03:30 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:28 AM

Posted 23 August 2012 - 04:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/465720 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 SilentAngerX7

SilentAngerX7
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 23 August 2012 - 05:10 PM

I am still getting major performance drops, cursor lag, however, I have not received any messages from MalwareBytes although the trial for PRO ended days ago. I still need help, and unfortunately, I do not have a Windows CD.

#4 SilentAngerX7

SilentAngerX7
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 26 August 2012 - 11:31 AM

UPDATE: OMG! MY PC GOT WORSE!!! I ran GMER Rootkit Detector, and the first time, I let it run for hours. When I went to check it, it had closed out! The second time I ran it, I let it run for hours as usual, and when I checked on it (Turned my monitor back on) my screen read, "This computer has been locked" in XP Professional Style and it prompted me for a password! I don't use a password, and my login account is the only one on my PC! I just hit enter and it led me to my desktop, where I found that GMER had ran fine, and I saved the log. So I exited out of GMER and tried to start task manager with Right-Click> Start Task Manager, but it didn't open. So I tried CTRL>ALT>Delete and it still didn't work! I also tried opening Firefox, but the process kept crashing! So, I tried to restart my computer, but then, it closed out in Windows XP Professional Style, with the dialog box saying "Windows is shutting down", and while it was doing that, it switched themes between Windows XP and Windows Classic! THEN, there was a blue screen that appeared for less than a second that read "There is a problem..." It was so fast I couldn't finish reading it. It finally shut down, and now my computer is running normally, but still with the problems stated earlier! WHAT THE FRICK IS HAPPENING TO MY COMPUTER!!!!!!!!!!!!!!???????????!?!?!

I will attach the new logs. PLEASE HELP!!!!!!!!!!!!

Attached Files


Edited by SilentAngerX7, 26 August 2012 - 10:21 PM.


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 28 August 2012 - 09:44 AM

Greetings SilentAngerX7 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary. :thumbup2: If you prefer I call you something other than your screen name I would be pleased to do so.


===================================================


Ground Rules:

  • First, I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the Posted Image button but use the Posted Image button instead.
  • In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:

===================================================


Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided. I will post back as soon as possible.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 28 August 2012 - 12:49 PM

I am reposting all log information attachments.

Oh My!



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 10.6.2
Run by Owner at 12:21:39 on 2012-08-25
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2045.1231 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: ESET NOD32 Antivirus 5.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: H - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: CorePluginIEBHO Class: {13fa2453-9287-4f18-8554-976d7c02f4ee} - c:\perfect world entertainment\core client\plugins\CorePluginIE.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [DS3 Tool] c:\program files\motioninjoy\ds3\DS3_Tool.exe -mini
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uPolicies-explorer: RestrictRun = 0 (0x0)
mPolicies-explorer: RestrictRun = 0 (0x0)
IE: &AOL Toolbar search - c:\program files\aol toolbar\toolbar.dll/SEARCH.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1270945228656
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1270945219062
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{53C2984B-6D51-4C7D-9CEF-4BFFCD1F0CB3} : NameServer = 192.168.0.1
TCP: Interfaces\{E01E289F-7B81-4279-8815-6C42183666A4} : NameServer = 192.168.0.1
Notify: igfxcui - igfxdev.dll
Notify: PCANotify - PCANotify.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\pdb3g8vp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z149&ocid=zdhp&install_date=20111212
FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\pdb3g8vp.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\mail.ru\gamecenter\npdetector.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\mail.ru\gamecenter\NPSWF32.dll
FF - plugin: c:\perfect world entertainment\core client\plugins\npCorePluginFF.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_268.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
============= SERVICES / DRIVERS ===============
.
R1 AW_HOST;AW_HOST;c:\windows\system32\drivers\AW_HOST5.sys [2007-3-30 18232]
R1 awlegacy;awlegacy;c:\windows\system32\drivers\AWLEGACY.sys [2007-3-30 17848]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2012-3-14 120152]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2012-3-14 104160]
R2 awhost32;Symantec pcAnywhere Host Service;c:\program files\symantec\pcanywhere\awhost32.exe [2007-5-11 132728]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2012-3-7 913144]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\hi-rez studios\HiPatchService.exe [2012-2-10 8704]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-5 655944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-2-21 1258856]
R2 PciSx;PciSx;c:\windows\system32\drivers\PciSx.sys [2008-12-27 39424]
R2 sensorsview;sensorsview;c:\windows\system32\drivers\sensorsview.sys [2008-1-10 4224]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-5 22344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2011-12-2 124136]
R3 pspdisp;pspdisp;c:\windows\system32\drivers\pspdisp.sys [2011-1-18 3072]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2007-9-17 333328]
S2 BDVEDISK;BDVEDISK;\??\c:\program files\bitdefender\bitdefender 2009\bdvedisk.sys --> c:\program files\bitdefender\bitdefender 2009\BDVEDISK.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-13 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-13 135664]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\drivers\MijXfilt.sys [2011-12-10 99400]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-8 113120]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 Pci7200Sx;Pci7200Sx;c:\windows\system32\drivers\Pci7200Sx.sys [2006-3-13 5844]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\iobit\game booster 3\driver\WinRing0.sys [2012-8-9 14416]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 Desura Install Service;Desura Install Service;c:\program files\common files\desura\desura_service.exe [2012-2-21 131912]
.
=============== Created Last 30 ================
.
2012-08-20 01:09:16 412813 ----a-w- c:\windows\Wordpad_2009.exe
2012-08-19 21:10:03 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-19 21:09:48 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-08-18 17:39:51 -------- d-----w- c:\documents and settings\owner\application data\EurekaLog
2012-08-12 01:11:13 -------- d-----w- c:\program files\ESET
2012-08-10 08:48:22 -------- d-sha-r- C:\cmdcons
2012-08-10 01:58:28 -------- d-----w- C:\cabs
2012-08-09 06:42:58 -------- d-----w- c:\documents and settings\owner\application data\BANDISOFT
2012-08-09 06:40:39 -------- d-----w- c:\program files\Bandicam
2012-08-09 06:40:37 -------- d-----w- c:\program files\BandiMPEG1
2012-08-09 05:20:27 -------- d-----w- c:\program files\VideoLAN
2012-08-09 04:32:32 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2012-08-09 04:32:27 -------- d-----w- c:\program files\ffdshow
2012-08-05 21:02:23 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2012-08-05 21:02:23 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2012-08-05 21:02:21 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2012-08-05 21:02:21 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2012-08-05 21:02:18 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2012-08-05 21:02:17 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-08-05 21:02:16 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2012-08-05 21:02:15 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2012-08-05 21:02:13 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2012-08-05 21:02:12 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2012-08-05 07:25:51 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes
2012-08-05 07:25:34 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-08-05 07:25:33 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-05 07:25:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-04 20:32:20 -------- d-----w- c:\program files\AVAST Software
2012-08-04 20:32:20 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2012-08-03 20:05:09 -------- d-----w- c:\documents and settings\owner\local settings\application data\Facebook
2012-08-03 05:09:19 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-08-03 05:09:19 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2012-08-19 21:09:08 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-19 21:09:08 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-06 22:43:05 140480 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-08-06 22:42:52 298016 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-08-06 22:42:52 298016 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-08-01 19:40:39 99400 ----a-w- c:\windows\system32\drivers\MijXfilt.sys
2012-07-30 18:53:36 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-30 18:53:36 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-29 08:31:14 1090748 ----a-w- c:\windows\system32\nvdrsdb1.bin
2012-07-29 08:31:14 1 ----a-w- c:\windows\system32\nvdrssel.bin
2012-07-29 08:31:13 1090748 ----a-w- c:\windows\system32\nvdrsdb0.bin
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 15:19:08 328192 ----a-w- C:\umodel.exe
2012-07-03 15:07:44 832512 ----a-w- c:\windows\system32\wininet.dll
2012-07-03 15:07:43 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-03 15:07:42 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-07-03 15:07:42 17408 ----a-w- c:\windows\system32\corpol.dll
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-29 03:08:00 884072 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-06-29 03:08:00 7524352 ----a-w- c:\windows\system32\nvcuda.dll
2012-06-29 03:08:00 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-29 03:08:00 4488448 ----a-w- c:\windows\system32\nv4_disp.dll
2012-06-29 03:08:00 2578280 ----a-w- c:\windows\system32\nvcuvid.dll
2012-06-29 03:08:00 2375680 ----a-w- c:\windows\system32\nvapi.dll
2012-06-29 03:08:00 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-06-29 03:08:00 1865064 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-06-29 03:08:00 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-06-29 03:08:00 12544448 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-06-29 03:08:00 1007464 ----a-w- c:\windows\system32\nvdispco32.dll
2012-06-29 00:04:12 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-06-29 00:04:11 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-06-29 00:04:11 143720 ----a-w- c:\windows\system32\nvcolor.exe
2012-06-29 00:04:10 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-06-29 00:04:09 15511912 ----a-w- c:\windows\system32\nvcpl.dll
2012-06-21 02:00:02 298016 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-06-07 00:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
.
============= FINISH: 12:23:09.96 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/10/2006 10:52:44 AM
System Uptime: 8/25/2012 12:11:29 PM (0 hours ago)
.
Motherboard: Intel Corporation | | D945GCZ
Processor: Intel® Pentium® D CPU 2.80GHz | J3E1 | 2800/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 228 GiB total, 52.4 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 2.407 GiB free.
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Linksys Wireless-G PCI Network Adapter with SpeedBooster
Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_00421737&REV_02\4&F0A7CC7&0&08F0
Manufacturer: Linksys
Name: Linksys Wireless-G PCI Network Adapter with SpeedBooster
PNP Device ID: PCI\VEN_14E4&DEV_4318&SUBSYS_00421737&REV_02\4&F0A7CC7&0&08F0
Service: BCM43XX
.
Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-H552B_______________GA04____\5&16085481&0&0.0.0
Manufacturer: (Standard CD-ROM drives)
Name: TSSTcorp CD/DVDW TS-H552B
PNP Device ID: IDE\CDROMTSSTCORP_CD/DVDW_TS-H552B_______________GA04____\5&16085481&0&0.0.0
Service: cdrom
.
Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMLITE-ON_CD-ROM_LTN-4891S________________NGS3____\5&16085481&0&0.1.0
Manufacturer: (Standard CD-ROM drives)
Name: LITE-ON CD-ROM LTN-4891S
PNP Device ID: IDE\CDROMLITE-ON_CD-ROM_LTN-4891S________________NGS3____\5&16085481&0&0.1.0
Service: cdrom
.
==== System Restore Points ===================
.
RP1449: 8/17/2012 3:20:53 AM - System Checkpoint
RP1450: 8/17/2012 3:21:43 AM - Error Restore Point
RP1451: 8/18/2012 3:45:36 AM - System Checkpoint
RP1452: 8/19/2012 2:25:36 PM - System Checkpoint
RP1453: 8/19/2012 5:07:46 PM - Removed Java™ 7 Update 3
RP1454: 8/19/2012 5:08:43 PM - Installed Java 7 Update 6
RP1455: 8/20/2012 6:06:20 PM - System Checkpoint
.
==== Installed Programs ======================
.
??????? ?????@Mail.Ru
A.V.A
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 7.0
AnalogX Vocal Remover (WinAmp)
AOL Coach Version 2.0(Build:20041026.5 en)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
Audacity 2.0
Bandicam
Bandisoft MPEG-1 Decoder
Battlefield 2142 Deluxe Edition
Battlefield Play4Free
Blacklight Retribution
Blender
Bonjour
Bulk Rename Utility 2.7.1.2
Burnout™ Paradise The Ultimate Box
CCleaner
CopyTrans Suite Remove Only
CORE Client
Crysis®
Crysis® 2
Delcam PS-Exchange520105 (remove only)
Desura
Desura:
Digital Media Reader
ESET NOD32 Antivirus
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159
ffdshow [rev 3154] [2009-12-09]
First Strike Mod
FL Studio 10
Game Booster 3
GameSpy Comrade
Google Toolbar for Internet Explorer
Google Update Helper
Hi-Rez Studios Authenticate and Update Service
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
iExplorer 2.2.1.3
iFunbox (v1.98.948.666), iFunbox DevTeam
Intel Audio Studio
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
iTunes
Java 7 Update 6
Java Auto Updater
Java™ SE Development Kit 7 Update 3
JavaFX 2.0.3
JavaFX 2.0.3 SDK
Lexmark X6100 Series
Linksys Wireless-G PCI Network Adapter with SpeedBooster
LiveReg (Symantec Corporation)
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Digital Image Library 9 - Blocker
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel Viewer 2003
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Picture It! Library 10
Microsoft Picture It! Premium 10
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WinUsb 1.0
Microsoft Works
MotioninJoy ds3 driver version 0.6.0004
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Keyboard Driver
Napster Burn Engine
Need for Madness Single Player
Nero BurnRights
Nero OEM
NVIDIA Control Panel 304.79
NVIDIA Graphics Driver 304.79
NVIDIA HD Audio Driver 1.3.17.0
NVIDIA Install Application
NVIDIA nView 136.28
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0604
NVIDIA Update 1.10.8
NVIDIA Update Components
OpenOffice.org 3.3
Origin
Pando Media Booster
PowerDVD
PSPdisp v0.6
PunkBuster Services
Quick Media Converter
QuickTime
REACTOR
RealPlayer Basic
Realtek AC'97 Audio
Realtek High Definition Audio Driver
Recovery Software Suite Gateway
Repulse
RocketDock 1.3.5
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB2722913)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SensorsView Pro 3.1
SigmaTel Audio
Sonic Encoders
Steam
Symantec pcAnywhere
System Requirements Lab CYRI
Tribes Ascend Closed Beta
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687400) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)
VLC media player 2.0.3
Warface
Warmonger
WebFldrs XP
Winamp
Winamp Detector Plug-in
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB890760
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR 4.01 (32-bit)
Xfire (remove only)
.
==== Event Viewer Messages From Past Week ========
.
8/25/2012 12:15:59 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
8/24/2012 7:26:32 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}
8/24/2012 7:23:15 AM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
8/23/2012 1:04:12 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
8/22/2012 6:20:41 PM, error: Service Control Manager [7034] - The Hi-Rez Studios Authenticate and Update Service service terminated unexpectedly. It has done this 1 time(s).
8/21/2012 8:15:20 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
8/21/2012 8:15:20 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
8/21/2012 8:15:10 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
8/21/2012 8:15:10 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
8/20/2012 2:07:01 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Imapi PxHelp20
8/19/2012 1:48:09 AM, error: Dhcp [1002] - The IP address lease 192.168.2.5 for the Network Card with network address 000F667A42FD has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
8/19/2012 1:09:35 PM, error: NetBT [4307] - Initialization failed because the transport refused to open initial Addresses.
8/18/2012 3:35:35 PM, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.
8/18/2012 3:34:32 PM, error: Service Control Manager [7000] - The BDVEDISK service failed to start due to the following error: The system cannot find the file specified.
.
==== End Of File ===========================


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-26 12:05:26
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17 HDT722525DLA380 rev.V44OA91A
Running: li68o77l.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\uwtdypow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0xAC7804B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwCreateThread [0xAC7807F0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xAC780AB0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDuplicateObject [0xAC7805D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwLoadDriver [0xAC7808B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenProcess [0xAC780350]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenThread [0xAC780410]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0xAC780570]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwQueueApcThread [0xAC780630]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetContextThread [0xAC780530]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xAC7804F0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xAC780670]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSystemInformation [0xAC780870]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xAC7803B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0xAC780430]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSystemDebugControl [0xAC780830]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateProcess [0xAC780370]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0xAC780470]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xAC7805F0]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2FD0 80504888 12 Bytes [B0, 03, 78, AC, 30, 04, 78, ...] {MOV AL, 0x3; JS 0xffffffffffffffb0; XOR [EAX+EDI*2], AL; LODSB ; XOR [EAX], CL; JS 0xffffffffffffffb8}
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB59493C0, 0x84296A, 0xE8000020]
init C:\WINDOWS\System32\Drivers\sunkfilt.sys entry point in "init" section [0xB3297300]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[996] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
.text C:\Program Files\Mozilla Firefox\firefox.exe[1488] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 0116B52A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1488] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 0141B6F5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1488] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 0141B6D2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[1488] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 0141B653 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{5FE70257-8B90-0DCC-61FD-B90EC142E469}\InProcServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{5FE70257-8B90-0DCC-61FD-B90EC142E469}\InProcServer32@jakichofnpffaodgdeeh 0x6A 0x61 0x6E 0x64 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{5FE70257-8B90-0DCC-61FD-B90EC142E469}\InProcServer32@iakiahagihffdkbolb 0x6A 0x61 0x69 0x64 ...

---- EOF - GMER 1.0.15 ----
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 28 August 2012 - 01:26 PM

Greetings SilentAngerX7,

Thank you for allowing me some time to review the information. As we proceed I will ask you to copy and paste all information unless instructed otherwise.

You indicated you ran TDSSKiller and Combofix prior to posting. I would like to review those logs. I will also have you run another program for me.

Please perform the below.


===================================================


Obtaining Current ComboFix.txt

--------------------

Please copy and paste the contents of the following file in your reply.

C:\ComboFix.txt


===================================================


Posting Previous TDSSKiller log

--------------------

  • Using Windows Explorer navigate to the root directory (normally c:\)
  • Locate the TDSSKiller log which will be named similar to:

    TDSSKiller_version_date_time_log.txt
  • Copy and paste the contents of that document in your reply

===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    Posted Image
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    Posted Image
  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Combofix log
  • TDSSKiller log
  • aswMBR log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 SilentAngerX7

SilentAngerX7
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 28 August 2012 - 08:05 PM

Alright, here goes and thanks again for your assistance as I REALLY appreciate it.
I had ran aswMBR before, but I received an error that didn't allow me to continue the scan. I will run it again tonight.

ComboFix 12-08-09.01 - Owner 08/10/2012 4:55.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2045.1352 [GMT -4:00]
Running from: c:\documents and settings\Owner\My Documents\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: avast! Internet Security *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\Owner\WINDOWS
c:\documents and settings\UpdatusUser\WINDOWS
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-07-10 to 2012-08-10 )))))))))))))))))))))))))))))))
.
.
2012-08-10 01:58 . 2012-08-10 01:58 -------- d-----w- C:\cabs
2012-08-09 18:27 . 2012-08-09 18:27 -------- d-----w- c:\documents and settings\Owner\Application Data\Azureus
2012-08-09 06:42 . 2012-08-09 06:42 -------- d-----w- c:\documents and settings\Owner\Application Data\BANDISOFT
2012-08-09 06:40 . 2012-08-09 06:40 -------- d-----w- c:\program files\Bandicam
2012-08-09 06:40 . 2012-08-09 06:40 -------- d-----w- c:\program files\BandiMPEG1
2012-08-09 05:21 . 2012-08-09 07:55 -------- d-----w- c:\documents and settings\Owner\Application Data\vlc
2012-08-09 05:20 . 2012-08-09 05:20 -------- d-----w- c:\program files\VideoLAN
2012-08-09 04:32 . 2009-12-05 23:42 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2012-08-09 04:32 . 2012-08-09 04:32 -------- d-----w- c:\program files\ffdshow
2012-08-05 21:02 . 2008-03-05 19:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2012-08-05 21:02 . 2008-02-06 03:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2012-08-05 21:02 . 2007-10-12 19:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2012-08-05 21:02 . 2007-10-02 13:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2012-08-05 21:02 . 2007-07-19 22:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2012-08-05 21:02 . 2007-07-19 22:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-08-05 21:02 . 2007-05-16 20:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2012-08-05 21:02 . 2007-05-16 20:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2012-08-05 21:02 . 2007-03-15 20:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2012-08-05 21:02 . 2007-03-12 20:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2012-08-05 08:38 . 2012-08-05 08:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2012-08-05 08:33 . 2012-08-05 08:33 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2012-08-05 07:25 . 2012-08-05 07:25 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2012-08-05 07:25 . 2012-08-05 07:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-08-05 07:25 . 2012-08-05 07:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-05 07:25 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-04 20:34 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-04 20:34 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-04 20:33 . 2012-07-03 16:21 113776 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-08-04 20:33 . 2012-07-03 16:21 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-04 20:33 . 2012-07-03 16:21 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-04 20:33 . 2012-07-03 16:21 202928 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-08-04 20:33 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-04 20:33 . 2012-07-03 16:21 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-08-04 20:33 . 2012-07-03 16:21 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-04 20:33 . 2012-07-03 16:21 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-04 20:33 . 2012-07-03 16:21 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-08-04 20:32 . 2012-06-27 20:33 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2012-08-04 20:32 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr
2012-08-04 20:32 . 2012-07-03 16:21 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-04 20:32 . 2012-08-04 20:32 -------- d-----w- c:\program files\AVAST Software
2012-08-04 20:32 . 2012-08-04 20:32 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-08-03 20:05 . 2012-08-03 20:05 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Facebook
2012-08-03 05:09 . 2012-08-03 05:09 -------- d-----w- c:\windows\system32\wbem\Repository
2012-08-03 05:08 . 2012-08-03 05:08 -------- d--h--r- c:\documents and settings\Owner\Application Data\SecuROM
2012-07-26 13:09 . 2011-04-01 16:17 935936 ----a-w- C:\SDL.dll
2012-07-26 13:09 . 2012-07-03 15:19 328192 ----a-w- C:\umodel.exe
2012-07-26 12:38 . 2012-07-26 12:38 -------- d-----w- c:\program files\Harmon Enterprizes
2012-07-26 11:51 . 2012-07-26 11:51 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\ECRSC
2012-07-26 11:51 . 2012-07-26 13:08 -------- d-----w- c:\documents and settings\All Users\Application Data\ESTsoft
2012-07-26 11:12 . 2012-07-26 11:12 -------- d-----w- c:\program files\Bulk Rename Utility
2012-07-17 14:28 . 2012-07-17 14:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Solidshield
2012-07-15 04:37 . 2012-07-15 04:37 -------- d-----w- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2012-07-15 04:37 . 2012-07-15 04:37 -------- d-----w- c:\program files\Netdevil
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-06 22:43 . 2011-12-03 02:16 140480 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-08-06 22:42 . 2011-12-04 20:32 298016 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-08-06 22:42 . 2011-12-03 02:16 298016 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-08-01 19:40 . 2011-12-10 19:34 99400 ----a-w- c:\windows\system32\drivers\MijXfilt.sys
2012-07-30 18:53 . 2012-01-25 19:35 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-30 18:53 . 2012-01-25 19:35 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-29 03:08 . 2012-07-04 03:08 884072 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-06-29 03:08 . 2011-12-03 01:49 1007464 ----a-w- c:\windows\system32\nvdispco32.dll
2012-06-29 03:08 . 2011-12-03 00:58 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-29 03:08 . 2011-12-03 00:58 7524352 ----a-w- c:\windows\system32\nvcuda.dll
2012-06-29 03:08 . 2011-12-03 00:58 2578280 ----a-w- c:\windows\system32\nvcuvid.dll
2012-06-29 03:08 . 2011-12-03 00:58 19103744 ----a-w- c:\windows\system32\nvoglnt.dll
2012-06-29 03:08 . 2011-12-03 00:58 1865064 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-06-29 03:08 . 2011-12-03 00:58 2375680 ----a-w- c:\windows\system32\nvapi.dll
2012-06-29 03:08 . 2011-12-03 00:58 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2012-06-29 03:08 . 2005-04-13 10:10 12544448 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-06-29 03:08 . 2005-04-13 10:10 4488448 ----a-w- c:\windows\system32\nv4_disp.dll
2012-06-29 00:04 . 2011-12-03 00:59 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-06-29 00:04 . 2011-12-03 00:59 164200 ----a-w- c:\windows\system32\nvsvc32.exe
2012-06-29 00:04 . 2011-12-03 00:59 143720 ----a-w- c:\windows\system32\nvcolor.exe
2012-06-29 00:04 . 2011-12-03 00:59 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-06-29 00:04 . 2011-12-03 00:59 15511912 ----a-w- c:\windows\system32\nvcpl.dll
2012-06-21 02:00 . 2011-12-03 02:16 298016 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-06-13 13:19 . 2005-04-13 16:56 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2008-08-26 03:43 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2005-04-13 16:55 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2005-04-13 16:56 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2007-05-23 01:01 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2007-05-23 01:01 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2005-04-13 17:16 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2005-04-13 17:16 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2005-04-13 17:16 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2010-04-11 00:20 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2005-05-26 12:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2005-04-13 17:16 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2005-04-13 17:16 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 19:19 . 2005-04-13 16:55 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2007-05-23 01:01 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2005-04-13 17:16 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2005-04-13 17:16 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2010-04-11 02:08 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2010-04-11 02:08 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 19:18 . 2009-08-06 23:23 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2005-04-13 16:55 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-21 13:10 . 2011-12-03 00:58 28008 ----a-w- c:\windows\system32\nvhdap32.dll
2012-05-21 13:10 . 2011-12-03 00:58 124136 ----a-w- c:\windows\system32\drivers\nvhda32.sys
2012-05-21 07:34 . 2012-02-21 18:03 883048 ----a-w- c:\windows\system32\nvhdagenco3220103.dll
2012-05-15 15:39 . 2005-04-13 16:56 832512 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 10:18 . 2011-12-03 01:49 883008 ----a-w- c:\windows\system32\nvgenco32.dll
2012-07-23 08:52 . 2012-02-19 22:35 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-04-23 . 5EBAE291AA1351E68855E23E7A3C3DB8 . 3618816 . . [7.00.6000.17110] . . c:\windows\system32\mshtml.dll
[-] 2012-04-23 . 5EBAE291AA1351E68855E23E7A3C3DB8 . 3618816 . . [7.00.6000.17110] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2012-04-23 . 80992CCC608A36B5C228B280B0E6124A . 3620864 . . [7.00.6000.21312] . . c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\mshtml.dll
[7] 2012-03-01 . DCA84E94D0114502A51AAD4CF8A89EAA . 3616768 . . [7.00.6000.17109] . . c:\windows\ie7updates\KB2699988-IE7\mshtml.dll
[7] 2012-03-01 . 235C7C94F2422748D3AC2E0C91EA7CDE . 3619328 . . [7.00.6000.21311] . . c:\windows\$hf_mig$\KB2675157-IE7\SP3QFE\mshtml.dll
[7] 2011-12-19 . A8CECD5EA322B9858EB576F508AD73A5 . 3616768 . . [7.00.6000.17108] . . c:\windows\ie7updates\KB2675157-IE7\mshtml.dll
[7] 2011-12-19 . F17C9AC0B9D7BC8F6D407BB62C33FF7E . 3618816 . . [7.00.6000.21310] . . c:\windows\$hf_mig$\KB2647516-IE7\SP3QFE\mshtml.dll
[7] 2011-11-04 . 70C74E4D6EA0BEAABE3FD4857863BA31 . 3616256 . . [7.00.6000.17107] . . c:\windows\ie7updates\KB2647516-IE7\mshtml.dll
[7] 2011-11-04 . CC858D8DA261A8ACFBE1A69E90E85DF7 . 3618304 . . [7.00.6000.21309] . . c:\windows\$hf_mig$\KB2618444-IE7\SP3QFE\mshtml.dll
[7] 2011-09-05 . 56A67300C652CDF66E575B707F8B9397 . 3615744 . . [7.00.6000.17104] . . c:\windows\ie7updates\KB2618444-IE7\mshtml.dll
[7] 2011-08-18 . 06B74A61A6D689DB2F8D2DA56194EDCF . 3617792 . . [7.00.6000.21306] . . c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\mshtml.dll
[7] 2010-05-04 . F247F7AC6713066D4C71721BDC73FC2E . 3600384 . . [7.00.6000.17063] . . c:\windows\ie7updates\KB2586448-IE7\mshtml.dll
[7] 2010-05-04 . C466BDCDFAE6F6EFD618F34BA90B1923 . 3603456 . . [7.00.6000.21264] . . c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtml.dll
[7] 2010-03-11 . 94359CD5BB6AC1CC08088F4A4091FF1E . 3599872 . . [7.00.6000.17023] . . c:\windows\ie7updates\KB982381-IE7\mshtml.dll
[7] 2010-03-11 . 9289EBB759293A1381AB0C326A115AEC . 3602944 . . [7.00.6000.21228] . . c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\mshtml.dll
[7] 2009-07-19 . 758C8BEDAB7CE5F9070C85E2E57CBD80 . 3597824 . . [7.00.6000.16890] . . c:\windows\ie7updates\KB980182-IE7\mshtml.dll
[7] 2009-07-19 . F6098CC1B1C3858D53F20F3CB5774F3B . 3600384 . . [7.00.6000.21089] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\mshtml.dll
[7] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\mshtml.dll
[7] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[7] 2009-02-21 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[7] 2009-02-20 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll
[7] 2009-01-17 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[7] 2009-01-16 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[7] 2008-12-13 . 121EC39A64D64205A88C2C45B034B455 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[7] 2008-12-13 . C79FAD61CD4A26ED5AA8C16D991C6FBD . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[7] 2008-10-16 . B74F31A4BD83797D7A083F922169287D . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[7] 2008-08-27 . 1AD035E04A7068EC2820B055A3131ED8 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[7] 2008-08-26 . 25CC085720EE3617FD1F8AB9E2F7CAB2 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[7] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[7] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[7] 2008-04-24 . 8976CAB317105F7431B08EA32AB73C65 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[7] 2008-04-23 . 4D612FF5D3B7EEF200595AE6F95D5E68 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
[7] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[7] 2008-03-01 . AB2C88167D78D71D93558ACECB24CC7A . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll
[7] 2008-03-01 . 4EE273E2B09317C1217EF0DB91F93534 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
[7] 2007-12-08 . A097C36412455F0C7E42377FAF8809B7 . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll
[7] 2007-12-07 . 976C46ED4A75FC66D9C596778898CE1E . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
[7] 2007-10-30 . 54D8B404F17AA74C666F7F3AEF2AE459 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
[7] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll
[7] 2007-08-20 . E267EE248CDA7667C19001C069DE867B . 3584512 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll
[7] 2007-08-20 . AA8A4BD78D24FCDB96DDAEE3756AA372 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
[7] 2007-07-19 . BD609A26B683332A0E0E1445C5724851 . 3583488 . . [7.00.6000.16525] . . c:\windows\ie7updates\KB939653-IE7\mshtml.dll
[7] 2007-07-18 . 7CE243CFD47AD0DC431586CB8C542A11 . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll
[7] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll
[7] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:\windows\ie7updates\KB937143-IE7\mshtml.dll
[7] 2007-03-07 . 190E1AE9B973049B12A67BAD478C770C . 3581952 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\mshtml.dll
[7] 2007-03-07 . DA297A862E5F093A07D37C05F608C686 . 3582976 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\mshtml.dll
[7] 2007-01-12 . 5D45318804A30CE9D6EA83066E84B4A7 . 3580416 . . [7.00.6000.16414] . . c:\windows\ie7updates\KB931768-IE7\mshtml.dll
[7] 2006-11-08 . CBF04597F9CF7739E572276A2698FDD3 . 3577856 . . [7.00.5730.11] . . c:\windows\ie7updates\KB928090-IE7\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\ie7\mshtml.dll
[-] 2006-10-23 . 5FC7DE1195C8E9B5360FD65DBE95E5B0 . 3055104 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454$\mshtml.dll
[-] 2006-09-14 . BE45460D1453B7342E01EAE79BFBC681 . 3054592 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454_0$\mshtml.dll
[-] 2006-09-14 . CEFEA1C301139A817931BE132F0359FE . 3058688 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\mshtml.dll
[-] 2006-03-23 . DEAA438EA31095E14A196FF647E38D13 . 3053568 . . [6.00.2900.2873] . . c:\windows\$NtUninstallKB922760$\mshtml.dll
[-] 2006-03-23 . ABCD123F888E4E97C8751378CCCC4F26 . 3055616 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
[-] 2005-11-24 . D3F037F5DA702AE9DDD7663EC9D78BA7 . 3018240 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
[-] 2005-11-24 . 5E7A39950EA133BB54719A6E08C544A7 . 3015680 . . [6.00.2900.2802] . . c:\windows\$NtUninstallKB912812$\mshtml.dll
[-] 2005-03-10 . 84A1B9B0C362051E68BB131F14C6DAAD . 3010560 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB905915$\mshtml.dll
[-] 2005-03-10 . 255C2CE965543ABDC3E0A25A5DA1874A . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll
[-] 2005-01-27 . 91C5ADE25BC4E3322577854FA2E7B58B . 3008000 . . [6.00.2900.2604] . . c:\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll
[-] 2004-09-29 . 087FF7C54E7EBE4A59BD4DFC1D0EE9B8 . 3004928 . . [6.00.2900.2524] . . c:\windows\$hf_mig$\KB834707\SP2QFE\mshtml.dll
.
[-] 2012-05-15 . 4728B67CC9190C8F46500A9DF97F1490 . 832512 . . [7.00.6000.17111] . . c:\windows\system32\wininet.dll
[-] 2012-05-15 . 4728B67CC9190C8F46500A9DF97F1490 . 832512 . . [7.00.6000.17111] . . c:\windows\system32\dllcache\wininet.dll
[-] 2012-05-15 . 30EC18A4F840E14B3753CDBEC6DA4178 . 841216 . . [7.00.6000.21313] . . c:\windows\$hf_mig$\KB2699988-IE7\SP3QFE\wininet.dll
[7] 2012-03-01 . 64180153EB892153B14FE5F56F68FA3A . 832512 . . [7.00.6000.17109] . . c:\windows\ie7updates\KB2699988-IE7\wininet.dll
[7] 2012-03-01 . 250D98BE880626148704345445EA272D . 841216 . . [7.00.6000.21311] . . c:\windows\$hf_mig$\KB2675157-IE7\SP3QFE\wininet.dll
[7] 2011-12-19 . 3C28461660BAB5449F267D5E9C4E13CF . 832512 . . [7.00.6000.17108] . . c:\windows\ie7updates\KB2675157-IE7\wininet.dll
[7] 2011-12-19 . 79F234876B53CFE10BFC4A40681399C9 . 841216 . . [7.00.6000.21310] . . c:\windows\$hf_mig$\KB2647516-IE7\SP3QFE\wininet.dll
[7] 2011-10-31 . 5762E2F5C7B081F4251F92A5DF99FCCC . 832512 . . [7.00.6000.17106] . . c:\windows\ie7updates\KB2647516-IE7\wininet.dll
[7] 2011-10-31 . 4A23B5E3B92F5C54D3A04EA86FF9DC00 . 841216 . . [7.00.6000.21308] . . c:\windows\$hf_mig$\KB2618444-IE7\SP3QFE\wininet.dll
[7] 2011-08-17 . 3688E2BBE543CC753809E462C3553188 . 832512 . . [7.00.6000.17103] . . c:\windows\ie7updates\KB2618444-IE7\wininet.dll
[7] 2011-08-17 . 6E388A1A8AA9EF62E6252530549940C1 . 841216 . . [7.00.6000.21306] . . c:\windows\$hf_mig$\KB2586448-IE7\SP3QFE\wininet.dll
[7] 2010-05-04 . 83306356DE710DA87ED91A6AF6233214 . 832512 . . [7.00.6000.17055] . . c:\windows\ie7updates\KB2586448-IE7\wininet.dll
[7] 2010-05-04 . 506B3DCB9C26070072E3047C6910F844 . 841216 . . [7.00.6000.21256] . . c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\wininet.dll
[7] 2010-03-11 . B6AB2EB1DA4BB29079B84AC842520670 . 832512 . . [7.00.6000.17023] . . c:\windows\ie7updates\KB982381-IE7\wininet.dll
[7] 2010-03-11 . 7F6A9D2F3CAA7780AAFD478BF3411462 . 841216 . . [7.00.6000.21228] . . c:\windows\$hf_mig$\KB980182-IE7\SP3QFE\wininet.dll
[7] 2009-06-29 . 4C6B4138165A4C53FE8A5B1D809526C3 . 828928 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll
[7] 2009-06-29 . A39B7BA7AB9B1CC2A0009F59772DB83C . 827392 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB980182-IE7\wininet.dll
[7] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\wininet.dll
[7] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[7] 2009-03-03 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[7] 2009-03-03 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2008-12-20 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2008-10-16 . 6741EAF7B7F110E803A6E38F6E5FA6B0 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-10-16 . 0D5B75171FF51775B630A431B6C667E8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . 77C192FE56A70D7FA0247BA0A6201C32 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . EF8EBA98145BFA44E80D17A3B3453300 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2008-04-23 . F6589BE784647CFDBC22EA51CCB1A57A . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2008-04-23 . 41546B396A526918DA7995A02EA04E51 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[7] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[7] 2008-03-01 . AD21461AEF8244EDEC2EF18E55E1DCF3 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
[7] 2008-03-01 . 6316C2F0C61271C8ABDFF7429174879E . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[7] 2007-12-07 . 806D274C9A6C3AAEA5EAE8E4AF841E04 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll
[7] 2007-12-07 . B5B411BB229AE6EAD7652A32ED47BFB9 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[7] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll
[7] 2007-10-10 . 0E5D918F87EFA7D2424D66B499C7EB04 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[7] 2007-08-20 . 774435E499D8E9643EC961A6103C361F . 824832 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll
[7] 2007-08-20 . 357D54BF94FE9D6D8505A96B5C2A3BCA . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
[7] 2007-06-27 . D6ED5E042C5207553E7F5E842918137F . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
[7] 2007-06-27 . 8068CBB58FE60CC95AEB2CFF70178208 . 823808 . . [7.00.6000.16512] . . c:\windows\ie7updates\KB939653-IE7\wininet.dll
[7] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[7] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:\windows\ie7updates\KB937143-IE7\wininet.dll
[7] 2007-03-07 . 5B35DAE6E4886F64D1DA58C4E3E01EB9 . 822784 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\wininet.dll
[7] 2007-03-07 . B8F4DB39CA7353752F245379D285C80E . 823296 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[7] 2007-01-12 . BE43D00D802C92F01C8CC952C6F483F8 . 822784 . . [7.00.6000.16414] . . c:\windows\ie7updates\KB931768-IE7\wininet.dll
[7] 2006-11-08 . 92995334F993E6E49C25C6D02EC04401 . 818688 . . [7.00.5730.11] . . c:\windows\ie7updates\KB928090-IE7\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\ie7\wininet.dll
[-] 2006-10-23 . 6B2735ADFF5A5D3B9130CA4A794722F0 . 658944 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454$\wininet.dll
[-] 2006-09-14 . 621AF3F6174A3F60677F5230E28BCC07 . 658944 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454_0$\wininet.dll
[-] 2006-09-14 . D207370287CF769AEBEBF03837784963 . 664576 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll
[-] 2006-03-04 . C0845ECBF4F9164E618EE381B79C9032 . 663552 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-03-04 . 1C0979C7A489BEE573CD0BF4AD94BB06 . 658432 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB922760$\wininet.dll
[-] 2005-10-21 . E7B27B6B6E06CE34EA019FD8B858C613 . 658432 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll
[-] 2005-10-21 . AF785C4947676A7FC1673FDC5C8D0B5B . 661504 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2005-03-10 . 6F018D6319BE4F96426EA829B79E05D5 . 656896 . . [6.00.2900.2627] . . c:\windows\$NtUninstallKB905915$\wininet.dll
[-] 2005-03-10 . C8663B488996E89A84C3D17C1D12B79E . 657920 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll
[-] 2005-01-27 . A8EAC5330876548E9966A7D13025D196 . 657920 . . [6.00.2900.2598] . . c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll
[-] 2004-09-29 . 2C07195588D69A067C2AFDAA31759295 . 656896 . . [6.00.2900.2518] . . c:\windows\$hf_mig$\KB834707\SP2QFE\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{13FA2453-9287-4F18-8554-976D7C02F4EE}]
2012-01-11 02:43 63368 ----a-w- c:\perfect world entertainment\CORE Client\plugins\CorePluginIE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-23 68856]
"Steam"="c:\program files\Steam\Steam.exe" [2012-08-07 1353080]
"DS3 Tool"="c:\program files\MotioninJoy\ds3\DS3_Tool.exe" [2012-08-01 104768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-06-29 15511912]
"NvMediaCenter"="NvMCTray.dll" [2012-06-29 108392]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-06-29 1634112]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify]
2007-04-27 17:10 18744 ----a-w- c:\windows\system32\PCANotify.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Install Pending Files.LNK]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Install Pending Files.LNK
backup=c:\windows\pss\Install Pending Files.LNKCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
backup=c:\windows\pss\OpenOffice.org 3.3.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^PSPdisp.lnk]
path=c:\documents and settings\Owner\Start Menu\Programs\Startup\PSPdisp.lnk
backup=c:\windows\pss\PSPdisp.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-05-31 00:06 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2005-05-03 21:02 543232 ----a-w- c:\windows\zHotkey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DS3 Tool]
2012-08-01 19:40 104768 ----a-w- c:\program files\MotioninJoy\ds3\DS3_Tool.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2004-08-10 18:04 59392 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-08-03 20:05 138096 ----atw- c:\documents and settings\Owner\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2005-04-25 17:29 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2005-04-25 17:32 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2005-07-20 07:55 7090176 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-06-07 23:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 18:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2012-06-29 03:08 1634112 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2005-04-25 17:32 114688 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 19:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
2002-09-14 06:42 212992 ----a-w- c:\windows\SMINST\Recguard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-03 03:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 16:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
2004-11-15 22:04 135168 ----a-w- c:\program files\Digital Media Reader\shwiconEM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-04-23 20:20 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UnsignedThemes"=2 (0x2)
"PrismXL"=2 (0x2)
"iPod Service"=3 (0x3)
"Desura Install Service"=3 (0x3)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
"MHN"=3 (0x3)
"CryptSvc"=2 (0x2)
"BITS"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA Games\\Battlefield Play4Free\\BFP4f.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout™ Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout™ Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Documents and Settings\\Owner\\My Documents\\downloads\\New Folder (2)\\redsn0w_win_0.9.10b3\\redsn0w.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield 2142 Deluxe Edition\\BF2142.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield 2142 Deluxe Edition\\FirstStrike.exe"=
"c:\\Program Files\\Hi-Rez Studios\\HiRezGames\\tribes alpha\\Binaries\\Win32\\TribesAscend.exe"=
"c:\\AeriaGames\\Repulse\\Repulse.exe"=
"c:\\AeriaGames\\Repulse\\GameConsole.bin"=
"c:\\Program Files\\REACTOR\\ijjiOptimizer.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Symantec\\pcAnywhere\\awhost32.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\PSPdisp\\bin\\app\\PSPdisp.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Mail.Ru\\GameCenter\\GameCenter@Mail.Ru.exe"=
"c:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56482:TCP"= 56482:TCP:Pando Media Booster
"56482:UDP"= 56482:UDP:Pando Media Booster
"57739:TCP"= 57739:TCP:Pando Media Booster
"57739:UDP"= 57739:UDP:Pando Media Booster
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [8/4/2012 4:32 PM 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [8/4/2012 4:33 PM 202928]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [8/4/2012 4:33 PM 113776]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [8/4/2012 4:33 PM 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [8/4/2012 4:33 PM 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8/4/2012 4:34 PM 353688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/4/2012 4:34 PM 21256]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [8/4/2012 4:32 PM 133912]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\Hi-Rez Studios\HiPatchService.exe [2/10/2012 5:57 PM 8704]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8/5/2012 3:25 AM 655944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2/21/2012 2:06 PM 1258856]
R2 PciSx;PciSx;c:\windows\system32\drivers\PciSx.sys [12/27/2008 5:20 PM 39424]
R2 sensorsview;sensorsview;c:\windows\system32\drivers\sensorsview.sys [1/10/2008 7:34 AM 4224]
R2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [7/13/2009 1:07 AM 25448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/5/2012 3:25 AM 22344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [12/2/2011 8:58 PM 124136]
R3 pspdisp;pspdisp;c:\windows\system32\drivers\pspdisp.sys [1/18/2011 9:47 AM 3072]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [9/17/2007 11:27 AM 333328]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [8/9/2012 12:32 AM 14416]
S2 BDVEDISK;BDVEDISK;\??\c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys --> c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/13/2010 12:32 AM 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/13/2010 12:32 AM 135664]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\drivers\MijXfilt.sys [12/10/2011 3:34 PM 99400]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [5/8/2012 12:24 AM 113120]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 Pci7200Sx;Pci7200Sx;c:\windows\system32\drivers\Pci7200Sx.sys [3/13/2006 7:48 PM 5844]
S4 Desura Install Service;Desura Install Service;c:\program files\Common Files\Desura\desura_service.exe [2/21/2012 3:09 PM 131912]
S4 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [7/13/2009 1:07 AM 21096]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 07372712
*NewlyCreated* - 28203900
*NewlyCreated* - 99145607
*NewlyCreated* - TRUESIGHT
*NewlyCreated* - WINRING0_1_2_0
*Deregistered* - 07372712
*Deregistered* - 28203900
*Deregistered* - 99145607
*Deregistered* - TrueSight
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2012-08-10 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-08-04 16:21]
.
2012-08-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1345232452-2350884712-405960908-1006Core.job
- c:\documents and settings\Owner\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-08-03 20:05]
.
2012-08-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1345232452-2350884712-405960908-1006UA.job
- c:\documents and settings\Owner\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2012-08-03 20:05]
.
2012-08-10 c:\windows\Tasks\Game_Booster_AutoUpdate.job
- c:\program files\IObit\Game Booster 3\AutoUpdate.exe [2012-08-09 15:21]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-13 04:32]
.
2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-13 04:32]
.
2006-03-10 c:\windows\Tasks\ISP signup reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2005-04-13 00:12]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{53C2984B-6D51-4C7D-9CEF-4BFFCD1F0CB3}: NameServer = 192.168.0.1
TCP: Interfaces\{E01E289F-7B81-4279-8815-6C42183666A4}: NameServer = 192.168.0.1
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\pdb3g8vp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z149&ocid=zdhp&install_date=20111212
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-Isass Module - c:\docume~1\Owner\LOCALS~1\Temp\zabijak.exe
MSConfigStartUp-Jump Desktop - c:\program files\Jump Desktop\JumpDesktop.exe
MSConfigStartUp-Monitor - c:\program files\TEK911\Monitor\at.exe
MSConfigStartUp-SigmatelSysTrayApp - sttray.exe
AddRemove-8461-7759-5462-8226 - c:\program files\Vuze\uninstall.exe
AddRemove-First Strike Launcher - c:\program files\First StrikeFULL\Uninst.exe
AddRemove-Natural Mod - c:\program files\Natural Mod\uninstall.exe
AddRemove-{F135C9E0-3F24-42DD-B12B-8282B72A4D6F}_is1 - c:\program files\Electronic Arts\Crytek\Crysis\Bin32\Extreme_Immersive_Mod\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-10 05:06
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5FE70257-8B90-0DCC-61FD-B90EC142E469}\InProcServer32*]
"jakichofnpffaodgdeeh"=hex:6a,61,6e,64,6f,69,66,6d,6c,67,64,6b,66,64,61,70,70,
67,6d,6f,00,f9
"iakiahagihffdkbolb"=hex:6a,61,69,64,6e,69,6f,63,63,6f,68,6f,70,6e,62,6f,6a,6c,
6b,6d,00,f7
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]
"value"="?\07\02\11\02\08->"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(428)
c:\windows\system32\PCANotify.dll
.
Completion time: 2012-08-10 05:10:53
ComboFix-quarantined-files.txt 2012-08-10 09:10
.
Pre-Run: 42,327,154,688 bytes free
Post-Run: 43,050,881,024 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 0581B39DB4C71E9F6D0A946E20D8BBF8


03:25:08.0876 2480 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
03:25:09.0283 2480 ============================================================
03:25:09.0283 2480 Current date / time: 2012/08/10 03:25:09.0283
03:25:09.0283 2480 SystemInfo:
03:25:09.0283 2480
03:25:09.0283 2480 OS Version: 5.1.2600 ServicePack: 3.0
03:25:09.0283 2480 Product type: Workstation
03:25:09.0283 2480 ComputerName: SHOPPC
03:25:09.0283 2480 UserName: Owner
03:25:09.0283 2480 Windows directory: C:\WINDOWS
03:25:09.0283 2480 System windows directory: C:\WINDOWS
03:25:09.0283 2480 Processor architecture: Intel x86
03:25:09.0283 2480 Number of processors: 2
03:25:09.0283 2480 Page size: 0x1000
03:25:09.0283 2480 Boot type: Normal boot
03:25:09.0283 2480 ============================================================
03:25:11.0001 2480 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
03:25:11.0126 2480 ============================================================
03:25:11.0126 2480 \Device\Harddisk0\DR0:
03:25:11.0126 2480 MBR partitions:
03:25:11.0126 2480 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x94CB9F, BlocksNum 0x1C8779E2
03:25:11.0126 2480 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x94CB60
03:25:11.0126 2480 ============================================================
03:25:11.0158 2480 C: <-> \Device\Harddisk0\DR0\Partition0
03:25:11.0158 2480 D: <-> \Device\Harddisk0\DR0\Partition1
03:25:11.0158 2480 ============================================================
03:25:11.0158 2480 Initialize success
03:25:11.0158 2480 ============================================================
03:29:49.0704 0688 Deinitialize success

#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 28 August 2012 - 09:08 PM

Greetings SilentAngerX7,

Thank you for the information. I did not get all of the TDSSkiller log but I want to have you run it again anyway.

Please perform the following.


===================================================


Running TDSSKiller with Changed Parameters

--------------------

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    Posted Image

  • Check Verify Driver Digital Signature and Detect TDLFS file system
  • Click OK


    Posted Image

  • Click Start Scan and allow the scan process to run


    Posted Image

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    Posted Image

  • Click Reboot computer
  • Please copy and paste the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR (from previous request)

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 SilentAngerX7

SilentAngerX7
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 29 August 2012 - 06:40 AM

I'm getting an error when running aswMBR "asMBR has encountered a problem and needs to close" this is what happened last time and both times it left off scanning on my Minecraft folder, and it was in yellow text. I was able to save a log, I don't think it will be of much use but I'll post it anyway. I also have the TDSSKiller log.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-29 00:46:47
-----------------------------
00:46:47.453 OS Version: Windows 5.1.2600 Service Pack 3
00:46:47.453 Number of processors: 2 586 0x404
00:46:47.453 ComputerName: SHOPPC UserName: Owner
00:46:50.484 Initialize success
01:02:30.562 AVAST engine defs: 12082803
01:19:31.171 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
01:19:31.171 Disk 0 Vendor: HDT722525DLA380 V44OA91A Size: 238475MB BusType: 3
01:19:31.187 Disk 0 MBR read successfully
01:19:31.187 Disk 0 MBR scan
01:19:31.265 Disk 0 unknown MBR code
01:19:31.281 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 233711 MB offset 9751455
01:19:31.296 Disk 0 Partition 2 00 0B FAT32 RECOVERY 4761 MB offset 63
01:19:31.296 Disk 0 scanning sectors +488392065
01:19:31.406 Disk 0 scanning C:\WINDOWS\system32\drivers
01:19:58.140 Service scanning
01:20:50.000 Modules scanning
01:21:07.375 Disk 0 trace - called modules:
01:21:07.390 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
01:21:07.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a8e4ab8]
01:21:07.390 3 CLASSPNP.SYS[b8168fd7] -> nt!IofCallDriver -> \Device\0000009f[0x8a981518]
01:21:07.390 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x8a8e7b00]
01:21:10.062 AVAST engine scan C:\WINDOWS
01:21:25.609 AVAST engine scan C:\WINDOWS\system32
01:32:06.000 AVAST engine scan C:\WINDOWS\system32\drivers
01:32:43.828 AVAST engine scan C:\Documents and Settings\Owner
07:33:19.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Owner\My Documents\MBR.dat"
07:33:19.437 The log file has been saved successfully to "C:\Documents and Settings\Owner\My Documents\aswMBR.txt"




00:42:14.0125 3192 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
00:42:14.0515 3192 ============================================================
00:42:14.0515 3192 Current date / time: 2012/08/29 00:42:14.0515
00:42:14.0515 3192 SystemInfo:
00:42:14.0515 3192
00:42:14.0515 3192 OS Version: 5.1.2600 ServicePack: 3.0
00:42:14.0515 3192 Product type: Workstation
00:42:14.0515 3192 ComputerName: SHOPPC
00:42:14.0515 3192 UserName: Owner
00:42:14.0515 3192 Windows directory: C:\WINDOWS
00:42:14.0515 3192 System windows directory: C:\WINDOWS
00:42:14.0515 3192 Processor architecture: Intel x86
00:42:14.0515 3192 Number of processors: 2
00:42:14.0515 3192 Page size: 0x1000
00:42:14.0515 3192 Boot type: Normal boot
00:42:14.0515 3192 ============================================================
00:42:16.0093 3192 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:42:16.0218 3192 Drive \Device\Harddisk5\DR7 - Size: 0xEEB00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:42:16.0218 3192 ============================================================
00:42:16.0218 3192 \Device\Harddisk0\DR0:
00:42:16.0218 3192 MBR partitions:
00:42:16.0218 3192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x94CB9F, BlocksNum 0x1C8779E2
00:42:16.0218 3192 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x94CB60
00:42:16.0218 3192 \Device\Harddisk5\DR7:
00:42:16.0218 3192 MBR partitions:
00:42:16.0218 3192 \Device\Harddisk5\DR7\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7757E0
00:42:16.0218 3192 ============================================================
00:42:16.0265 3192 C: <-> \Device\Harddisk0\DR0\Partition1
00:42:16.0265 3192 D: <-> \Device\Harddisk0\DR0\Partition2
00:42:16.0265 3192 ============================================================
00:42:16.0265 3192 Initialize success
00:42:16.0265 3192 ============================================================
00:42:18.0890 2288 ============================================================
00:42:18.0890 2288 Scan started
00:42:18.0890 2288 Mode: Manual;
00:42:18.0890 2288 ============================================================
00:42:19.0875 2288 ================ Scan system memory ========================
00:42:19.0875 2288 System memory - ok
00:42:19.0875 2288 ================ Scan services =============================
00:42:20.0203 2288 Abiosdsk - ok
00:42:20.0234 2288 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
00:42:20.0234 2288 abp480n5 - ok
00:42:20.0312 2288 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:42:20.0375 2288 ACPI - ok
00:42:20.0406 2288 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:42:20.0406 2288 ACPIEC - ok
00:42:20.0437 2288 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
00:42:20.0484 2288 adpu160m - ok
00:42:20.0562 2288 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:42:20.0625 2288 aec - ok
00:42:20.0671 2288 [ 2C5C22990156A1063E19AD162191DC1D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
00:42:20.0718 2288 AegisP - ok
00:42:20.0812 2288 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:42:20.0875 2288 AFD - ok
00:42:20.0937 2288 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
00:42:20.0984 2288 agp440 - ok
00:42:21.0046 2288 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
00:42:21.0093 2288 agpCPQ - ok
00:42:21.0125 2288 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
00:42:21.0140 2288 Aha154x - ok
00:42:21.0187 2288 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
00:42:21.0250 2288 aic78u2 - ok
00:42:21.0281 2288 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
00:42:21.0296 2288 aic78xx - ok
00:42:21.0328 2288 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:42:21.0343 2288 Alerter - ok
00:42:21.0375 2288 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
00:42:21.0375 2288 ALG - ok
00:42:21.0375 2288 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
00:42:21.0390 2288 AliIde - ok
00:42:21.0406 2288 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
00:42:21.0421 2288 alim1541 - ok
00:42:21.0437 2288 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
00:42:21.0453 2288 amdagp - ok
00:42:21.0468 2288 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
00:42:21.0468 2288 amsint - ok
00:42:21.0625 2288 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:42:21.0625 2288 Apple Mobile Device - ok
00:42:21.0718 2288 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:42:21.0796 2288 AppMgmt - ok
00:42:21.0843 2288 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:42:21.0890 2288 Arp1394 - ok
00:42:21.0906 2288 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
00:42:21.0921 2288 asc - ok
00:42:21.0953 2288 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
00:42:21.0953 2288 asc3350p - ok
00:42:21.0968 2288 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
00:42:21.0968 2288 asc3550 - ok
00:42:22.0015 2288 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
00:42:22.0031 2288 ASCTRM - ok
00:42:22.0156 2288 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:42:22.0187 2288 aspnet_state - ok
00:42:22.0218 2288 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:42:22.0218 2288 AsyncMac - ok
00:42:22.0281 2288 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:42:22.0281 2288 atapi - ok
00:42:22.0281 2288 Atdisk - ok
00:42:22.0328 2288 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:42:22.0375 2288 Atmarpc - ok
00:42:22.0421 2288 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:42:22.0437 2288 AudioSrv - ok
00:42:22.0484 2288 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:42:22.0500 2288 audstub - ok
00:42:22.0546 2288 [ C7DFD42D1906BB6F3AB7368A638C706A ] awecho C:\WINDOWS\system32\drivers\awechomd.sys
00:42:22.0546 2288 awecho - ok
00:42:22.0656 2288 [ 6118CE3AEA5DB6C34872B934002E1AB6 ] awhost32 C:\Program Files\Symantec\pcAnywhere\awhost32.exe
00:42:22.0703 2288 awhost32 - ok
00:42:22.0734 2288 [ FCD631B75D01FECB673D52BFE87774AC ] awlegacy C:\WINDOWS\System32\Drivers\awlegacy.sys
00:42:22.0734 2288 awlegacy - ok
00:42:22.0765 2288 [ BE23B51D1AF7AB948F883F864454393D ] AW_HOST C:\WINDOWS\system32\drivers\aw_host5.sys
00:42:22.0765 2288 AW_HOST - ok
00:42:22.0828 2288 [ 438179ABE9B7A922A21B8D6369FF52FF ] BCM42RLY C:\WINDOWS\System32\BCM42RLY.SYS
00:42:22.0828 2288 BCM42RLY - ok
00:42:22.0984 2288 [ 38CA1443660D0F5F06887C6A2E692AEB ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
00:42:23.0062 2288 BCM43XX - ok
00:42:23.0093 2288 BDVEDISK - ok
00:42:23.0125 2288 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:42:23.0140 2288 Beep - ok
00:42:23.0296 2288 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
00:42:23.0406 2288 BITS - ok
00:42:23.0578 2288 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:42:23.0687 2288 Bonjour Service - ok
00:42:23.0750 2288 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
00:42:23.0765 2288 Browser - ok
00:42:23.0906 2288 catchme - ok
00:42:23.0953 2288 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
00:42:23.0953 2288 cbidf - ok
00:42:23.0968 2288 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:42:23.0968 2288 cbidf2k - ok
00:42:24.0000 2288 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
00:42:24.0000 2288 cd20xrnt - ok
00:42:24.0046 2288 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:42:24.0046 2288 Cdaudio - ok
00:42:24.0125 2288 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:42:24.0140 2288 Cdfs - ok
00:42:24.0171 2288 [ C3E76B0C05EBF7261ABFB08D9E75822E ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
00:42:24.0171 2288 Cdr4_xp - ok
00:42:24.0187 2288 [ 17590DFE29E02842A6E3A463E443D1B9 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
00:42:24.0187 2288 Cdralw2k - ok
00:42:24.0203 2288 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:42:24.0265 2288 Cdrom - ok
00:42:24.0265 2288 Changer - ok
00:42:24.0296 2288 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:42:24.0312 2288 CiSvc - ok
00:42:24.0343 2288 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:42:24.0343 2288 ClipSrv - ok
00:42:24.0437 2288 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:42:24.0453 2288 clr_optimization_v2.0.50727_32 - ok
00:42:24.0546 2288 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:42:24.0656 2288 clr_optimization_v4.0.30319_32 - ok
00:42:24.0703 2288 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
00:42:24.0718 2288 CmdIde - ok
00:42:24.0734 2288 COMSysApp - ok
00:42:24.0750 2288 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
00:42:24.0750 2288 Cpqarray - ok
00:42:24.0796 2288 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:42:24.0812 2288 CryptSvc - ok
00:42:24.0875 2288 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
00:42:24.0937 2288 dac2w2k - ok
00:42:24.0937 2288 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
00:42:24.0953 2288 dac960nt - ok
00:42:25.0109 2288 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:42:25.0234 2288 DcomLaunch - ok
00:42:25.0312 2288 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files\Common Files\Desura\desura_service.exe
00:42:25.0359 2288 Desura Install Service - ok
00:42:25.0437 2288 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:42:25.0468 2288 Dhcp - ok
00:42:25.0500 2288 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:42:25.0515 2288 Disk - ok
00:42:25.0531 2288 dmadmin - ok
00:42:25.0796 2288 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:42:26.0062 2288 dmboot - ok
00:42:26.0125 2288 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:42:26.0187 2288 dmio - ok
00:42:26.0203 2288 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:42:26.0218 2288 dmload - ok
00:42:26.0250 2288 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:42:26.0250 2288 dmserver - ok
00:42:26.0296 2288 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:42:26.0312 2288 DMusic - ok
00:42:26.0359 2288 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:42:26.0359 2288 Dnscache - ok
00:42:26.0421 2288 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:42:26.0468 2288 Dot3svc - ok
00:42:26.0484 2288 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
00:42:26.0484 2288 dpti2o - ok
00:42:26.0500 2288 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:42:26.0515 2288 drmkaud - ok
00:42:26.0593 2288 [ 6CA101F9AA3D845BA31F6E13C01301A8 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
00:42:26.0609 2288 E100B - ok
00:42:26.0687 2288 [ 8C2B6BBC82AD12CD9A2E73E5DCBBA705 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
00:42:26.0718 2288 eamon - ok
00:42:26.0765 2288 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:42:26.0796 2288 EapHost - ok
00:42:26.0859 2288 [ 5412ED24FFFCA64E2F0168399B86C952 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
00:42:26.0890 2288 ehdrv - ok
00:42:27.0031 2288 [ 63F371F0248E3732A4821F86E6D0E370 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
00:42:27.0093 2288 ehRecvr - ok
00:42:27.0156 2288 [ 16910F8B482919BB6035ED053B691692 ] ehSched C:\WINDOWS\eHome\ehSched.exe
00:42:27.0187 2288 ehSched - ok
00:42:27.0531 2288 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
00:42:27.0546 2288 ekrn - ok
00:42:27.0625 2288 [ CF1108161DFEDD82AE811307A3763E1C ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
00:42:27.0640 2288 epfwtdir - ok
00:42:27.0703 2288 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:42:27.0703 2288 ERSvc - ok
00:42:27.0781 2288 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
00:42:27.0828 2288 Eventlog - ok
00:42:27.0921 2288 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
00:42:28.0000 2288 EventSystem - ok
00:42:28.0093 2288 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:42:28.0140 2288 Fastfat - ok
00:42:28.0218 2288 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:42:28.0265 2288 FastUserSwitchingCompatibility - ok
00:42:28.0296 2288 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
00:42:28.0328 2288 Fdc - ok
00:42:28.0375 2288 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:42:28.0375 2288 Fips - ok
00:42:28.0406 2288 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:42:28.0421 2288 Flpydisk - ok
00:42:28.0468 2288 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:42:28.0531 2288 FltMgr - ok
00:42:28.0578 2288 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:42:28.0609 2288 FontCache3.0.0.0 - ok
00:42:28.0656 2288 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:42:28.0671 2288 Fs_Rec - ok
00:42:28.0718 2288 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:42:28.0750 2288 Ftdisk - ok
00:42:28.0796 2288 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:42:28.0812 2288 GEARAspiWDM - ok
00:42:28.0828 2288 [ B390BC5AA09F333C5D95BE651C073564 ] Gernuwa C:\WINDOWS\system32\drivers\Gernuwa.sys
00:42:28.0828 2288 Gernuwa - ok
00:42:28.0890 2288 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:42:28.0937 2288 Gpc - ok
00:42:28.0984 2288 [ FC80052194D5708254A346568F0E77C0 ] GTNDIS5 C:\WINDOWS\system32\GTNDIS5.SYS
00:42:28.0984 2288 GTNDIS5 - ok
00:42:29.0109 2288 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:42:29.0156 2288 gupdate - ok
00:42:29.0203 2288 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:42:29.0203 2288 gupdatem - ok
00:42:29.0328 2288 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:42:29.0375 2288 gusvc - ok
00:42:29.0453 2288 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:42:29.0468 2288 HDAudBus - ok
00:42:29.0593 2288 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:42:29.0593 2288 helpsvc - ok
00:42:29.0593 2288 HidServ - ok
00:42:29.0656 2288 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:42:29.0671 2288 HidUsb - ok
00:42:29.0718 2288 [ 5350AEF38CA2D8885F47D4455E7EF4EE ] HiPatchService C:\Program Files\Hi-Rez Studios\HiPatchService.exe
00:42:29.0718 2288 HiPatchService - ok
00:42:29.0781 2288 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:42:29.0796 2288 hkmsvc - ok
00:42:29.0828 2288 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
00:42:29.0843 2288 hpn - ok
00:42:29.0921 2288 [ 33DFC0AFA95F9A2C753FF2ADB7D4A21F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
00:42:30.0015 2288 HSFHWBS2 - ok
00:42:30.0296 2288 [ B2DFC168D6F7512FAEA085253C5A37AD ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
00:42:30.0656 2288 HSF_DP - ok
00:42:30.0781 2288 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:42:30.0781 2288 HTTP - ok
00:42:30.0812 2288 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:42:30.0812 2288 HTTPFilter - ok
00:42:30.0843 2288 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
00:42:30.0843 2288 i2omgmt - ok
00:42:30.0875 2288 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
00:42:30.0875 2288 i2omp - ok
00:42:30.0906 2288 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:42:30.0968 2288 i8042prt - ok
00:42:31.0265 2288 [ D95EB1C9B3A5C2F6FDEAB05DD03736FE ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
00:42:31.0578 2288 ialm - ok
00:42:31.0640 2288 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:42:31.0671 2288 IDriverT - ok
00:42:32.0000 2288 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:42:32.0265 2288 idsvc - ok
00:42:32.0296 2288 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:42:32.0343 2288 Imapi - ok
00:42:32.0421 2288 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
00:42:32.0468 2288 ImapiService - ok
00:42:32.0515 2288 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
00:42:32.0531 2288 ini910u - ok
00:42:32.0546 2288 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
00:42:32.0546 2288 IntelIde - ok
00:42:32.0593 2288 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:42:32.0625 2288 intelppm - ok
00:42:32.0671 2288 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:42:32.0718 2288 Ip6Fw - ok
00:42:32.0750 2288 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:42:32.0812 2288 IpFilterDriver - ok
00:42:32.0843 2288 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:42:32.0875 2288 IpInIp - ok
00:42:32.0937 2288 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:42:32.0968 2288 IpNat - ok
00:42:33.0250 2288 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:42:33.0468 2288 iPod Service - ok
00:42:33.0515 2288 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:42:33.0562 2288 IPSec - ok
00:42:33.0578 2288 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:42:33.0609 2288 IRENUM - ok
00:42:33.0640 2288 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:42:33.0656 2288 isapnp - ok
00:42:33.0812 2288 [ 9A337AE3DB478034A7839E753BBFF1AB ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
00:42:33.0859 2288 JavaQuickStarterService - ok
00:42:33.0890 2288 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:42:33.0921 2288 Kbdclass - ok
00:42:33.0953 2288 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:42:34.0000 2288 kbdhid - ok
00:42:34.0078 2288 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:42:34.0125 2288 kmixer - ok
00:42:34.0171 2288 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
00:42:34.0218 2288 KMWDFILTER - ok
00:42:34.0296 2288 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:42:34.0328 2288 KSecDD - ok
00:42:34.0390 2288 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:42:34.0406 2288 lanmanserver - ok
00:42:34.0484 2288 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:42:34.0515 2288 lanmanworkstation - ok
00:42:34.0531 2288 lbrtfdc - ok
00:42:34.0578 2288 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:42:34.0578 2288 LmHosts - ok
00:42:34.0609 2288 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
00:42:34.0609 2288 MBAMProtector - ok
00:42:34.0843 2288 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:42:35.0031 2288 MBAMService - ok
00:42:35.0046 2288 [ 195741AEE20369980796B557358CD774 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
00:42:35.0093 2288 mdmxsdk - ok
00:42:35.0125 2288 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:42:35.0140 2288 Messenger - ok
00:42:35.0171 2288 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
00:42:35.0203 2288 MHN - ok
00:42:35.0218 2288 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
00:42:35.0250 2288 MHNDRV - ok
00:42:35.0281 2288 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:42:35.0281 2288 mnmdd - ok
00:42:35.0328 2288 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:42:35.0343 2288 mnmsrvc - ok
00:42:35.0375 2288 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:42:35.0406 2288 Modem - ok
00:42:35.0468 2288 [ A77205D70D14D153342D357DE5A4E770 ] MotioninJoyXFilter C:\WINDOWS\system32\DRIVERS\MijXfilt.sys
00:42:35.0531 2288 MotioninJoyXFilter - ok
00:42:35.0578 2288 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:42:35.0609 2288 Mouclass - ok
00:42:35.0625 2288 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:42:35.0656 2288 mouhid - ok
00:42:35.0718 2288 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:42:35.0734 2288 MountMgr - ok
00:42:35.0812 2288 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:42:35.0875 2288 MozillaMaintenance - ok
00:42:35.0906 2288 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
00:42:35.0906 2288 mraid35x - ok
00:42:35.0968 2288 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:42:36.0015 2288 MRxDAV - ok
00:42:36.0187 2288 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:42:36.0312 2288 MRxSmb - ok
00:42:36.0343 2288 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:42:36.0359 2288 MSDTC - ok
00:42:36.0375 2288 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:42:36.0375 2288 Msfs - ok
00:42:36.0375 2288 MSIServer - ok
00:42:36.0406 2288 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:42:36.0437 2288 MSKSSRV - ok
00:42:36.0453 2288 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:42:36.0468 2288 MSPCLOCK - ok
00:42:36.0484 2288 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:42:36.0500 2288 MSPQM - ok
00:42:36.0531 2288 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:42:36.0531 2288 mssmbios - ok
00:42:36.0593 2288 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:42:36.0640 2288 Mup - ok
00:42:36.0671 2288 [ E1CDF20697D992CF83FF86DD04DF1285 ] mxnic C:\WINDOWS\system32\DRIVERS\mxnic.sys
00:42:36.0703 2288 mxnic - ok
00:42:36.0812 2288 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:42:36.0906 2288 napagent - ok
00:42:37.0000 2288 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:42:37.0046 2288 NDIS - ok
00:42:37.0093 2288 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:42:37.0140 2288 NdisTapi - ok
00:42:37.0171 2288 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:42:37.0187 2288 Ndisuio - ok
00:42:37.0250 2288 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:42:37.0296 2288 NdisWan - ok
00:42:37.0343 2288 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:42:37.0359 2288 NDProxy - ok
00:42:37.0375 2288 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:42:37.0390 2288 NetBIOS - ok
00:42:37.0453 2288 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:42:37.0515 2288 NetBT - ok
00:42:37.0593 2288 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
00:42:37.0625 2288 NetDDE - ok
00:42:37.0656 2288 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:42:37.0671 2288 NetDDEdsdm - ok
00:42:37.0703 2288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:42:37.0703 2288 Netlogon - ok
00:42:37.0781 2288 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
00:42:37.0828 2288 Netman - ok
00:42:37.0921 2288 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:42:37.0968 2288 NetTcpPortSharing - ok
00:42:38.0015 2288 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:42:38.0015 2288 NIC1394 - ok
00:42:38.0140 2288 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
00:42:38.0203 2288 Nla - ok
00:42:38.0234 2288 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
00:42:38.0281 2288 nm - ok
00:42:38.0312 2288 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:42:38.0312 2288 Npfs - ok
00:42:38.0328 2288 npggsvc - ok
00:42:38.0500 2288 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:42:38.0671 2288 Ntfs - ok
00:42:38.0687 2288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:42:38.0687 2288 NtLmSsp - ok
00:42:38.0859 2288 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:42:38.0984 2288 NtmsSvc - ok
00:42:39.0031 2288 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:42:39.0031 2288 Null - ok
00:42:42.0828 2288 [ FA71C176A81E06E34919C518483462CF ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:42:46.0734 2288 nv - ok
00:42:46.0812 2288 [ 509A761CA604AC15AB2B7E264FE620EF ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
00:42:46.0828 2288 NVHDA - ok
00:42:46.0921 2288 [ ED65B00595D8DA3B3C9F0AC4B99FB828 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
00:42:46.0968 2288 NVSvc - ok
00:42:47.0421 2288 [ 40BFB291B0F79E14F99508583A1787E4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:42:47.0796 2288 nvUpdatusService - ok
00:42:47.0843 2288 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:42:47.0875 2288 NwlnkFlt - ok
00:42:47.0890 2288 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:42:47.0921 2288 NwlnkFwd - ok
00:42:48.0171 2288 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:42:48.0296 2288 odserv - ok
00:42:48.0359 2288 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:42:48.0390 2288 ohci1394 - ok
00:42:48.0468 2288 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:42:48.0515 2288 ose - ok
00:42:48.0546 2288 [ C90018BAFDC7098619A4A95B046B30F3 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
00:42:48.0593 2288 P3 - ok
00:42:48.0625 2288 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:42:48.0671 2288 Parport - ok
00:42:48.0671 2288 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:42:48.0687 2288 PartMgr - ok
00:42:48.0734 2288 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:42:48.0734 2288 ParVdm - ok
00:42:48.0781 2288 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:42:48.0812 2288 PCI - ok
00:42:48.0828 2288 [ E86C9BBBB961F46EC1DD7C0448B04C98 ] Pci7200Sx C:\WINDOWS\system32\DRIVERS\Pci7200Sx.sys
00:42:48.0859 2288 Pci7200Sx - ok
00:42:48.0859 2288 PCIDump - ok
00:42:48.0906 2288 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:42:48.0921 2288 PCIIde - ok
00:42:48.0968 2288 [ 40AA056287E351965D232EDB0D32F9C8 ] PciSx C:\WINDOWS\System32\drivers\PciSx.SYS
00:42:48.0984 2288 PciSx - ok
00:42:49.0031 2288 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:42:49.0078 2288 Pcmcia - ok
00:42:49.0078 2288 PDCOMP - ok
00:42:49.0078 2288 PDFRAME - ok
00:42:49.0093 2288 PDRELI - ok
00:42:49.0093 2288 PDRFRAME - ok
00:42:49.0109 2288 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
00:42:49.0125 2288 perc2 - ok
00:42:49.0140 2288 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
00:42:49.0140 2288 perc2hib - ok
00:42:49.0203 2288 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
00:42:49.0203 2288 PlugPlay - ok
00:42:49.0265 2288 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
00:42:49.0296 2288 PnkBstrA - ok
00:42:49.0296 2288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:42:49.0296 2288 PolicyAgent - ok
00:42:49.0359 2288 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:42:49.0406 2288 PptpMiniport - ok
00:42:49.0500 2288 [ 33D7285F12D934268A34206DFC4AD1B3 ] PrismXL C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
00:42:49.0562 2288 PrismXL - ok
00:42:49.0593 2288 Profos - ok
00:42:49.0593 2288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:42:49.0593 2288 ProtectedStorage - ok
00:42:49.0625 2288 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:42:49.0703 2288 PSched - ok
00:42:49.0718 2288 [ 30C867C08B13E66710E3210C8938E902 ] pspdisp C:\WINDOWS\system32\DRIVERS\pspdisp.sys
00:42:49.0718 2288 pspdisp - ok
00:42:49.0734 2288 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:42:49.0765 2288 Ptilink - ok
00:42:49.0765 2288 PxHelp20 - ok
00:42:49.0828 2288 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
00:42:49.0828 2288 ql1080 - ok
00:42:49.0859 2288 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
00:42:49.0859 2288 Ql10wnt - ok
00:42:49.0890 2288 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
00:42:49.0906 2288 ql12160 - ok
00:42:49.0921 2288 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
00:42:49.0937 2288 ql1240 - ok
00:42:49.0953 2288 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
00:42:49.0968 2288 ql1280 - ok
00:42:50.0000 2288 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:42:50.0015 2288 RasAcd - ok
00:42:50.0078 2288 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:42:50.0109 2288 RasAuto - ok
00:42:50.0156 2288 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:42:50.0187 2288 Rasl2tp - ok
00:42:50.0281 2288 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:42:50.0296 2288 RasMan - ok
00:42:50.0312 2288 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:42:50.0343 2288 RasPppoe - ok
00:42:50.0359 2288 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:42:50.0390 2288 Raspti - ok
00:42:50.0468 2288 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:42:50.0515 2288 Rdbss - ok
00:42:50.0531 2288 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:42:50.0546 2288 RDPCDD - ok
00:42:50.0609 2288 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:42:50.0703 2288 rdpdr - ok
00:42:50.0781 2288 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:42:50.0812 2288 RDPWD - ok
00:42:50.0890 2288 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:42:50.0937 2288 RDSessMgr - ok
00:42:50.0984 2288 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:42:51.0015 2288 redbook - ok
00:42:51.0062 2288 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:42:51.0078 2288 RemoteAccess - ok
00:42:51.0125 2288 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:42:51.0140 2288 RemoteRegistry - ok
00:42:51.0171 2288 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
00:42:51.0187 2288 RpcLocator - ok
00:42:51.0328 2288 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:42:51.0328 2288 RpcSs - ok
00:42:51.0390 2288 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:42:51.0421 2288 RSVP - ok
00:42:51.0453 2288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
00:42:51.0453 2288 SamSs - ok
00:42:51.0500 2288 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:42:51.0531 2288 SCardSvr - ok
00:42:51.0609 2288 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:42:51.0671 2288 Schedule - ok
00:42:51.0703 2288 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:42:51.0750 2288 Secdrv - ok
00:42:51.0765 2288 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:42:51.0765 2288 seclogon - ok
00:42:51.0796 2288 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
00:42:51.0796 2288 SENS - ok
00:42:51.0828 2288 [ 1C0ECA17DF3C43CF42583E7CEF8D6FC1 ] sensorsview C:\WINDOWS\system32\drivers\sensorsview.sys
00:42:51.0859 2288 sensorsview - ok
00:42:51.0921 2288 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:42:51.0937 2288 Serenum - ok
00:42:51.0984 2288 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:42:52.0046 2288 Serial - ok
00:42:52.0078 2288 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:42:52.0078 2288 Sfloppy - ok
00:42:52.0140 2288 [ CECDD7CB5DB385775790D30FA10F0507 ] sfng32 C:\WINDOWS\system32\drivers\sfng32.sys
00:42:52.0156 2288 sfng32 - ok
00:42:52.0281 2288 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:42:52.0359 2288 SharedAccess - ok
00:42:52.0421 2288 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:42:52.0421 2288 ShellHWDetection - ok
00:42:52.0437 2288 Simbad - ok
00:42:52.0484 2288 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
00:42:52.0500 2288 sisagp - ok
00:42:52.0546 2288 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
00:42:52.0546 2288 Sparrow - ok
00:42:52.0578 2288 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:42:52.0609 2288 splitter - ok
00:42:52.0671 2288 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:42:52.0687 2288 Spooler - ok
00:42:52.0734 2288 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:42:52.0781 2288 sr - ok
00:42:52.0875 2288 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
00:42:52.0937 2288 srservice - ok
00:42:53.0078 2288 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:42:53.0203 2288 Srv - ok
00:42:53.0265 2288 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:42:53.0265 2288 SSDPSRV - ok
00:42:53.0296 2288 Steam Client Service - ok
00:42:53.0609 2288 [ E459A674C2FCCFBC69BFD86800791A5D ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
00:42:53.0625 2288 STHDA - ok
00:42:53.0734 2288 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:42:53.0828 2288 stisvc - ok
00:42:53.0875 2288 [ 86CA1A5C15A5A98D5533945FB1120B05 ] SunkFilt C:\WINDOWS\System32\Drivers\sunkfilt.sys
00:42:53.0875 2288 SunkFilt - ok
00:42:53.0921 2288 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:42:53.0937 2288 swenum - ok
00:42:54.0000 2288 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:42:54.0062 2288 swmidi - ok
00:42:54.0062 2288 SwPrv - ok
00:42:54.0109 2288 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
00:42:54.0125 2288 symc810 - ok
00:42:54.0140 2288 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
00:42:54.0156 2288 symc8xx - ok
00:42:54.0156 2288 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
00:42:54.0171 2288 sym_hi - ok
00:42:54.0187 2288 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
00:42:54.0203 2288 sym_u3 - ok
00:42:54.0250 2288 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:42:54.0296 2288 sysaudio - ok
00:42:54.0359 2288 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:42:54.0390 2288 SysmonLog - ok
00:42:54.0484 2288 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:42:54.0546 2288 TapiSrv - ok
00:42:54.0687 2288 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:42:54.0828 2288 Tcpip - ok
00:42:54.0859 2288 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:42:54.0859 2288 TDPIPE - ok
00:42:54.0890 2288 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:42:54.0890 2288 TDTCP - ok
00:42:54.0937 2288 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:42:55.0015 2288 TermDD - ok
00:42:55.0125 2288 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
00:42:55.0187 2288 TermService - ok
00:42:55.0250 2288 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
00:42:55.0250 2288 Themes - ok
00:42:55.0312 2288 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
00:42:55.0343 2288 TlntSvr - ok
00:42:55.0468 2288 [ 81768F0E47D7597A64F7AD5AD5A08B31 ] tmcfw C:\WINDOWS\system32\DRIVERS\TM_CFW.sys
00:42:55.0500 2288 tmcfw - ok
00:42:55.0546 2288 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
00:42:55.0546 2288 TosIde - ok
00:42:55.0609 2288 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:42:55.0625 2288 TrkWks - ok
00:42:55.0625 2288 Trufos - ok
00:42:55.0671 2288 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:42:55.0703 2288 Udfs - ok
00:42:55.0718 2288 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
00:42:55.0734 2288 ultra - ok
00:42:55.0765 2288 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
00:42:55.0781 2288 UMWdf - ok
00:42:55.0921 2288 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:42:56.0078 2288 Update - ok
00:42:56.0140 2288 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:42:56.0203 2288 upnphost - ok
00:42:56.0218 2288 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
00:42:56.0218 2288 UPS - ok
00:42:56.0265 2288 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:42:56.0328 2288 USBAAPL - ok
00:42:56.0359 2288 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:42:56.0390 2288 usbehci - ok
00:42:56.0468 2288 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:42:56.0500 2288 usbhub - ok
00:42:56.0531 2288 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:42:56.0578 2288 usbscan - ok
00:42:56.0625 2288 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:42:56.0656 2288 USBSTOR - ok
00:42:56.0703 2288 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:42:56.0734 2288 usbuhci - ok
00:42:56.0750 2288 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:42:56.0765 2288 VgaSave - ok
00:42:56.0781 2288 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
00:42:56.0796 2288 viaagp - ok
00:42:56.0812 2288 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
00:42:56.0812 2288 ViaIde - ok
00:42:56.0828 2288 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:42:56.0843 2288 VolSnap - ok
00:42:56.0984 2288 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
00:42:57.0078 2288 VSS - ok
00:42:57.0140 2288 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
00:42:57.0187 2288 W32Time - ok
00:42:57.0218 2288 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:42:57.0265 2288 Wanarp - ok
00:42:57.0312 2288 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
00:42:57.0328 2288 wanatw - ok
00:42:57.0484 2288 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
00:42:57.0640 2288 Wdf01000 - ok
00:42:57.0640 2288 WDICA - ok
00:42:57.0703 2288 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:42:57.0750 2288 wdmaud - ok
00:42:57.0812 2288 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:42:57.0828 2288 WebClient - ok
00:42:58.0000 2288 [ 2DC7C0B6175A0A8ED84A4F70199C93B5 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
00:42:58.0234 2288 winachsf - ok
00:42:58.0328 2288 [ 94E4312D546048BF31604A8B2AD13FC0 ] WinDriver6 C:\WINDOWS\system32\drivers\windrvr6.sys
00:42:58.0390 2288 WinDriver6 - ok
00:42:58.0531 2288 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:42:58.0562 2288 winmgmt - ok
00:42:58.0625 2288 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
00:42:58.0640 2288 WinRing0_1_2_0 - ok
00:42:58.0687 2288 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
00:42:58.0703 2288 WinUSB - ok
00:42:58.0734 2288 [ 6EAA72FD9EF993EC1FA9A06DE65105DA ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
00:42:58.0734 2288 WmdmPmSN - ok
00:42:58.0937 2288 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:42:59.0125 2288 Wmi - ok
00:42:59.0171 2288 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:42:59.0218 2288 WmiApSrv - ok
00:42:59.0296 2288 [ E8C30EF9BBC6DDB71F0F77FA3A96515F ] WMP54GSSVC C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
00:42:59.0312 2288 WMP54GSSVC - ok
00:42:59.0671 2288 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:42:59.0921 2288 WPFFontCache_v0400 - ok
00:42:59.0968 2288 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:42:59.0968 2288 WS2IFSL - ok
00:43:00.0031 2288 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:43:00.0046 2288 wscsvc - ok
00:43:00.0062 2288 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:43:00.0062 2288 wuauserv - ok
00:43:00.0109 2288 [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:43:00.0140 2288 WudfPf - ok
00:43:00.0187 2288 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:43:00.0218 2288 WudfRd - ok
00:43:00.0265 2288 [ 575A4190D989F64732119E4114045A4F ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:43:00.0281 2288 WudfSvc - ok
00:43:00.0468 2288 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:43:00.0625 2288 WZCSVC - ok
00:43:00.0687 2288 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:43:00.0718 2288 xmlprov - ok
00:43:00.0765 2288 [ EE9144207EE0211EB5656BA6808AC4A0 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
00:43:00.0812 2288 xusb21 - ok
00:43:00.0828 2288 ================ Scan global ===============================
00:43:00.0875 2288 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
00:43:01.0015 2288 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:43:01.0187 2288 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:43:01.0250 2288 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
00:43:01.0250 2288 [Global] - ok
00:43:01.0250 2288 ================ Scan MBR ==================================
00:43:01.0281 2288 [ B20939CD98B7710036274839082AE757 ] \Device\Harddisk0\DR0
00:43:01.0484 2288 \Device\Harddisk0\DR0 - ok
00:43:01.0500 2288 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR7
00:43:03.0578 2288 \Device\Harddisk5\DR7 - ok
00:43:03.0578 2288 ================ Scan VBR ==================================
00:43:03.0578 2288 [ A4C4D1D05860E01BD91D4FF191803C57 ] \Device\Harddisk0\DR0\Partition1
00:43:03.0593 2288 \Device\Harddisk0\DR0\Partition1 - ok
00:43:03.0593 2288 [ 01BEB4BBD7964702A4B3C968D0B0DE2C ] \Device\Harddisk0\DR0\Partition2
00:43:03.0593 2288 \Device\Harddisk0\DR0\Partition2 - ok
00:43:03.0593 2288 [ 0115A34A2A1C7E6058FF6190AF7F0844 ] \Device\Harddisk5\DR7\Partition1
00:43:03.0593 2288 \Device\Harddisk5\DR7\Partition1 - ok
00:43:03.0593 2288 ============================================================
00:43:03.0593 2288 Scan finished
00:43:03.0593 2288 ============================================================
00:43:03.0609 3052 Detected object count: 0
00:43:03.0609 3052 Actual detected object count: 0
00:43:53.0359 2896 ============================================================
00:43:53.0359 2896 Scan started
00:43:53.0359 2896 Mode: Manual; SigCheck; TDLFS;
00:43:53.0359 2896 ============================================================
00:43:53.0500 2896 ================ Scan system memory ========================
00:43:53.0500 2896 System memory - ok
00:43:53.0500 2896 ================ Scan services =============================
00:43:53.0859 2896 Abiosdsk - ok
00:43:53.0890 2896 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
00:43:56.0937 2896 abp480n5 - ok
00:43:57.0031 2896 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:43:57.0187 2896 ACPI - ok
00:43:57.0218 2896 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:43:57.0343 2896 ACPIEC - ok
00:43:57.0375 2896 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
00:43:57.0531 2896 adpu160m - ok
00:43:57.0593 2896 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:43:57.0734 2896 aec - ok
00:43:57.0781 2896 [ 2C5C22990156A1063E19AD162191DC1D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
00:43:57.0796 2896 AegisP ( UnsignedFile.Multi.Generic ) - warning
00:43:57.0796 2896 AegisP - detected UnsignedFile.Multi.Generic (1)
00:43:57.0875 2896 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:43:57.0937 2896 AFD - ok
00:43:58.0000 2896 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
00:43:58.0156 2896 agp440 - ok
00:43:58.0171 2896 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
00:43:58.0312 2896 agpCPQ - ok
00:43:58.0328 2896 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
00:43:58.0390 2896 Aha154x - ok
00:43:58.0421 2896 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
00:43:58.0609 2896 aic78u2 - ok
00:43:58.0625 2896 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
00:43:58.0781 2896 aic78xx - ok
00:43:58.0812 2896 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:43:58.0953 2896 Alerter - ok
00:43:58.0984 2896 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
00:43:59.0125 2896 ALG - ok
00:43:59.0140 2896 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
00:43:59.0281 2896 AliIde - ok
00:43:59.0296 2896 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
00:43:59.0421 2896 alim1541 - ok
00:43:59.0468 2896 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
00:43:59.0609 2896 amdagp - ok
00:43:59.0625 2896 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
00:43:59.0703 2896 amsint - ok
00:43:59.0859 2896 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:43:59.0875 2896 Apple Mobile Device - ok
00:43:59.0968 2896 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:44:00.0109 2896 AppMgmt - ok
00:44:00.0156 2896 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:44:00.0296 2896 Arp1394 - ok
00:44:00.0312 2896 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
00:44:00.0484 2896 asc - ok
00:44:00.0515 2896 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
00:44:00.0578 2896 asc3350p - ok
00:44:00.0593 2896 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
00:44:00.0750 2896 asc3550 - ok
00:44:00.0781 2896 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
00:44:00.0812 2896 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
00:44:00.0812 2896 ASCTRM - detected UnsignedFile.Multi.Generic (1)
00:44:00.0937 2896 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:44:00.0953 2896 aspnet_state - ok
00:44:00.0984 2896 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:44:01.0109 2896 AsyncMac - ok
00:44:01.0171 2896 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:44:01.0312 2896 atapi - ok
00:44:01.0312 2896 Atdisk - ok
00:44:01.0359 2896 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:44:01.0500 2896 Atmarpc - ok
00:44:01.0546 2896 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:44:01.0703 2896 AudioSrv - ok
00:44:01.0734 2896 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:44:01.0890 2896 audstub - ok
00:44:01.0921 2896 [ C7DFD42D1906BB6F3AB7368A638C706A ] awecho C:\WINDOWS\system32\drivers\awechomd.sys
00:44:02.0296 2896 awecho - ok
00:44:02.0437 2896 [ 6118CE3AEA5DB6C34872B934002E1AB6 ] awhost32 C:\Program Files\Symantec\pcAnywhere\awhost32.exe
00:44:02.0453 2896 awhost32 - ok
00:44:02.0468 2896 [ FCD631B75D01FECB673D52BFE87774AC ] awlegacy C:\WINDOWS\System32\Drivers\awlegacy.sys
00:44:02.0500 2896 awlegacy - ok
00:44:02.0500 2896 [ BE23B51D1AF7AB948F883F864454393D ] AW_HOST C:\WINDOWS\system32\drivers\aw_host5.sys
00:44:02.0515 2896 AW_HOST - ok
00:44:02.0562 2896 [ 438179ABE9B7A922A21B8D6369FF52FF ] BCM42RLY C:\WINDOWS\System32\BCM42RLY.SYS
00:44:02.0578 2896 BCM42RLY ( UnsignedFile.Multi.Generic ) - warning
00:44:02.0578 2896 BCM42RLY - detected UnsignedFile.Multi.Generic (1)
00:44:02.0718 2896 [ 38CA1443660D0F5F06887C6A2E692AEB ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
00:44:02.0843 2896 BCM43XX - ok
00:44:02.0890 2896 BDVEDISK - ok
00:44:02.0921 2896 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:44:03.0078 2896 Beep - ok
00:44:03.0250 2896 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
00:44:03.0468 2896 BITS - ok
00:44:03.0625 2896 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:44:03.0718 2896 Bonjour Service - ok
00:44:03.0765 2896 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
00:44:03.0843 2896 Browser - ok
00:44:04.0000 2896 catchme - ok
00:44:04.0015 2896 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
00:44:04.0187 2896 cbidf - ok
00:44:04.0187 2896 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:44:04.0343 2896 cbidf2k - ok
00:44:04.0359 2896 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
00:44:04.0437 2896 cd20xrnt - ok
00:44:04.0468 2896 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:44:04.0625 2896 Cdaudio - ok
00:44:04.0687 2896 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:44:04.0828 2896 Cdfs - ok
00:44:04.0843 2896 [ C3E76B0C05EBF7261ABFB08D9E75822E ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
00:44:04.0859 2896 Cdr4_xp - ok
00:44:04.0875 2896 [ 17590DFE29E02842A6E3A463E443D1B9 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
00:44:04.0890 2896 Cdralw2k - ok
00:44:04.0906 2896 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:44:05.0062 2896 Cdrom - ok
00:44:05.0062 2896 Changer - ok
00:44:05.0093 2896 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:44:05.0218 2896 CiSvc - ok
00:44:05.0250 2896 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:44:05.0390 2896 ClipSrv - ok
00:44:05.0484 2896 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:44:05.0500 2896 clr_optimization_v2.0.50727_32 - ok
00:44:05.0562 2896 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:44:05.0593 2896 clr_optimization_v4.0.30319_32 - ok
00:44:05.0625 2896 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
00:44:05.0812 2896 CmdIde - ok
00:44:05.0812 2896 COMSysApp - ok
00:44:05.0828 2896 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
00:44:05.0984 2896 Cpqarray - ok
00:44:06.0031 2896 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:44:06.0156 2896 CryptSvc - ok
00:44:06.0218 2896 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
00:44:06.0375 2896 dac2w2k - ok
00:44:06.0390 2896 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
00:44:06.0562 2896 dac960nt - ok
00:44:06.0718 2896 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:44:06.0843 2896 DcomLaunch - ok
00:44:06.0921 2896 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files\Common Files\Desura\desura_service.exe
00:44:06.0937 2896 Desura Install Service - ok
00:44:07.0015 2896 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:44:07.0156 2896 Dhcp - ok
00:44:07.0203 2896 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:44:07.0359 2896 Disk - ok
00:44:07.0359 2896 dmadmin - ok
00:44:07.0625 2896 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:44:07.0984 2896 dmboot - ok
00:44:08.0031 2896 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:44:08.0187 2896 dmio - ok
00:44:08.0203 2896 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:44:08.0359 2896 dmload - ok
00:44:08.0406 2896 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:44:08.0531 2896 dmserver - ok
00:44:08.0578 2896 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:44:08.0734 2896 DMusic - ok
00:44:08.0765 2896 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:44:08.0859 2896 Dnscache - ok
00:44:08.0921 2896 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:44:09.0062 2896 Dot3svc - ok
00:44:09.0093 2896 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
00:44:09.0250 2896 dpti2o - ok
00:44:09.0265 2896 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:44:09.0421 2896 drmkaud - ok
00:44:09.0484 2896 [ 6CA101F9AA3D845BA31F6E13C01301A8 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
00:44:09.0515 2896 E100B ( UnsignedFile.Multi.Generic ) - warning
00:44:09.0515 2896 E100B - detected UnsignedFile.Multi.Generic (1)
00:44:09.0578 2896 [ 8C2B6BBC82AD12CD9A2E73E5DCBBA705 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
00:44:09.0609 2896 eamon - ok
00:44:09.0656 2896 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:44:09.0781 2896 EapHost - ok
00:44:09.0859 2896 [ 5412ED24FFFCA64E2F0168399B86C952 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
00:44:09.0875 2896 ehdrv - ok
00:44:10.0015 2896 [ 63F371F0248E3732A4821F86E6D0E370 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
00:44:10.0109 2896 ehRecvr - ok
00:44:10.0171 2896 [ 16910F8B482919BB6035ED053B691692 ] ehSched C:\WINDOWS\eHome\ehSched.exe
00:44:10.0218 2896 ehSched - ok
00:44:10.0562 2896 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
00:44:10.0828 2896 ekrn - ok
00:44:10.0890 2896 [ CF1108161DFEDD82AE811307A3763E1C ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
00:44:10.0906 2896 epfwtdir - ok
00:44:11.0000 2896 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:44:11.0156 2896 ERSvc - ok
00:44:11.0218 2896 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
00:44:11.0265 2896 Eventlog - ok
00:44:11.0359 2896 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
00:44:11.0421 2896 EventSystem - ok
00:44:11.0500 2896 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:44:11.0625 2896 Fastfat - ok
00:44:11.0718 2896 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:44:11.0781 2896 FastUserSwitchingCompatibility - ok
00:44:11.0812 2896 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
00:44:11.0953 2896 Fdc - ok
00:44:12.0000 2896 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:44:12.0156 2896 Fips - ok
00:44:12.0171 2896 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:44:12.0296 2896 Flpydisk - ok
00:44:12.0375 2896 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:44:12.0515 2896 FltMgr - ok
00:44:12.0578 2896 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:44:12.0593 2896 FontCache3.0.0.0 - ok
00:44:12.0640 2896 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:44:12.0812 2896 Fs_Rec - ok
00:44:12.0859 2896 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:44:13.0015 2896 Ftdisk - ok
00:44:13.0062 2896 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:44:13.0078 2896 GEARAspiWDM - ok
00:44:13.0109 2896 [ B390BC5AA09F333C5D95BE651C073564 ] Gernuwa C:\WINDOWS\system32\drivers\Gernuwa.sys
00:44:13.0125 2896 Gernuwa - ok
00:44:13.0187 2896 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:44:13.0312 2896 Gpc - ok
00:44:13.0343 2896 [ FC80052194D5708254A346568F0E77C0 ] GTNDIS5 C:\WINDOWS\system32\GTNDIS5.SYS
00:44:13.0375 2896 GTNDIS5 ( UnsignedFile.Multi.Generic ) - warning
00:44:13.0375 2896 GTNDIS5 - detected UnsignedFile.Multi.Generic (1)
00:44:13.0484 2896 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:44:13.0500 2896 gupdate - ok
00:44:13.0546 2896 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:44:13.0562 2896 gupdatem - ok
00:44:13.0671 2896 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:44:13.0687 2896 gusvc - ok
00:44:13.0781 2896 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:44:13.0906 2896 HDAudBus - ok
00:44:14.0062 2896 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:44:14.0203 2896 helpsvc - ok
00:44:14.0203 2896 HidServ - ok
00:44:14.0234 2896 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:44:14.0390 2896 HidUsb - ok
00:44:14.0421 2896 [ 5350AEF38CA2D8885F47D4455E7EF4EE ] HiPatchService C:\Program Files\Hi-Rez Studios\HiPatchService.exe
00:44:14.0421 2896 HiPatchService ( UnsignedFile.Multi.Generic ) - warning
00:44:14.0421 2896 HiPatchService - detected UnsignedFile.Multi.Generic (1)
00:44:14.0468 2896 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:44:14.0609 2896 hkmsvc - ok
00:44:14.0640 2896 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
00:44:14.0796 2896 hpn - ok
00:44:14.0890 2896 [ 33DFC0AFA95F9A2C753FF2ADB7D4A21F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
00:44:14.0890 2896 HSFHWBS2 ( UnsignedFile.Multi.Generic ) - warning
00:44:14.0890 2896 HSFHWBS2 - detected UnsignedFile.Multi.Generic (1)
00:44:15.0140 2896 [ B2DFC168D6F7512FAEA085253C5A37AD ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
00:44:15.0390 2896 HSF_DP ( UnsignedFile.Multi.Generic ) - warning
00:44:15.0390 2896 HSF_DP - detected UnsignedFile.Multi.Generic (1)
00:44:15.0500 2896 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:44:15.0546 2896 HTTP - ok
00:44:15.0578 2896 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:44:15.0718 2896 HTTPFilter - ok
00:44:15.0750 2896 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
00:44:15.0890 2896 i2omgmt - ok
00:44:15.0921 2896 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
00:44:16.0078 2896 i2omp - ok
00:44:16.0109 2896 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:44:16.0234 2896 i8042prt - ok
00:44:16.0546 2896 [ D95EB1C9B3A5C2F6FDEAB05DD03736FE ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
00:44:16.0796 2896 ialm ( UnsignedFile.Multi.Generic ) - warning
00:44:16.0796 2896 ialm - detected UnsignedFile.Multi.Generic (1)
00:44:16.0875 2896 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:44:16.0890 2896 IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:44:16.0890 2896 IDriverT - detected UnsignedFile.Multi.Generic (1)
00:44:17.0203 2896 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:44:17.0453 2896 idsvc - ok
00:44:17.0484 2896 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:44:17.0609 2896 Imapi - ok
00:44:17.0703 2896 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
00:44:17.0859 2896 ImapiService - ok
00:44:17.0890 2896 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
00:44:18.0093 2896 ini910u - ok
00:44:18.0093 2896 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
00:44:18.0234 2896 IntelIde - ok
00:44:18.0281 2896 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:44:18.0406 2896 intelppm - ok
00:44:18.0437 2896 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:44:18.0578 2896 Ip6Fw - ok
00:44:18.0609 2896 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:44:18.0765 2896 IpFilterDriver - ok
00:44:18.0781 2896 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:44:18.0921 2896 IpInIp - ok
00:44:19.0000 2896 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:44:19.0125 2896 IpNat - ok
00:44:19.0406 2896 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:44:19.0578 2896 iPod Service - ok
00:44:19.0625 2896 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:44:19.0781 2896 IPSec - ok
00:44:19.0796 2896 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:44:19.0937 2896 IRENUM - ok
00:44:20.0000 2896 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:44:20.0125 2896 isapnp - ok
00:44:20.0250 2896 [ 9A337AE3DB478034A7839E753BBFF1AB ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
00:44:20.0265 2896 JavaQuickStarterService - ok
00:44:20.0296 2896 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:44:20.0437 2896 Kbdclass - ok
00:44:20.0468 2896 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:44:20.0625 2896 kbdhid - ok
00:44:20.0687 2896 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:44:20.0828 2896 kmixer - ok
00:44:20.0875 2896 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
00:44:20.0953 2896 KMWDFILTER - ok
00:44:21.0015 2896 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:44:21.0093 2896 KSecDD - ok
00:44:21.0140 2896 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:44:21.0187 2896 lanmanserver - ok
00:44:21.0265 2896 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:44:21.0312 2896 lanmanworkstation - ok
00:44:21.0328 2896 lbrtfdc - ok
00:44:21.0375 2896 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:44:21.0515 2896 LmHosts - ok
00:44:21.0546 2896 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
00:44:21.0578 2896 MBAMProtector - ok
00:44:21.0781 2896 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
00:44:21.0953 2896 MBAMService - ok
00:44:21.0968 2896 [ 195741AEE20369980796B557358CD774 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
00:44:22.0046 2896 mdmxsdk - ok
00:44:22.0062 2896 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:44:22.0203 2896 Messenger - ok
00:44:22.0250 2896 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
00:44:22.0250 2896 MHN ( UnsignedFile.Multi.Generic ) - warning
00:44:22.0250 2896 MHN - detected UnsignedFile.Multi.Generic (1)
00:44:22.0281 2896 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
00:44:22.0281 2896 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
00:44:22.0281 2896 MHNDRV - detected UnsignedFile.Multi.Generic (1)
00:44:22.0312 2896 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:44:22.0484 2896 mnmdd - ok
00:44:22.0515 2896 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:44:22.0640 2896 mnmsrvc - ok
00:44:22.0687 2896 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:44:22.0812 2896 Modem - ok
00:44:22.0890 2896 [ A77205D70D14D153342D357DE5A4E770 ] MotioninJoyXFilter C:\WINDOWS\system32\DRIVERS\MijXfilt.sys
00:44:22.0906 2896 MotioninJoyXFilter - ok
00:44:22.0953 2896 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:44:23.0093 2896 Mouclass - ok
00:44:23.0109 2896 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:44:23.0296 2896 mouhid - ok
00:44:23.0343 2896 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:44:23.0484 2896 MountMgr - ok
00:44:23.0609 2896 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:44:23.0656 2896 MozillaMaintenance - ok
00:44:23.0671 2896 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
00:44:23.0828 2896 mraid35x - ok
00:44:23.0890 2896 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:44:24.0031 2896 MRxDAV - ok
00:44:24.0203 2896 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:44:24.0343 2896 MRxSmb - ok
00:44:24.0500 2896 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:44:24.0625 2896 MSDTC - ok
00:44:24.0640 2896 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:44:24.0781 2896 Msfs - ok
00:44:24.0781 2896 MSIServer - ok
00:44:24.0796 2896 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:44:24.0937 2896 MSKSSRV - ok
00:44:24.0953 2896 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:44:25.0078 2896 MSPCLOCK - ok
00:44:25.0078 2896 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:44:25.0218 2896 MSPQM - ok
00:44:25.0234 2896 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:44:25.0375 2896 mssmbios - ok
00:44:25.0531 2896 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:44:25.0593 2896 Mup - ok
00:44:25.0625 2896 [ E1CDF20697D992CF83FF86DD04DF1285 ] mxnic C:\WINDOWS\system32\DRIVERS\mxnic.sys
00:44:25.0781 2896 mxnic - ok
00:44:25.0890 2896 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:44:26.0046 2896 napagent - ok
00:44:26.0140 2896 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:44:26.0281 2896 NDIS - ok
00:44:26.0312 2896 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:44:26.0468 2896 NdisTapi - ok
00:44:26.0484 2896 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:44:26.0625 2896 Ndisuio - ok
00:44:26.0656 2896 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:44:26.0781 2896 NdisWan - ok
00:44:26.0843 2896 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:44:26.0890 2896 NDProxy - ok
00:44:26.0921 2896 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:44:27.0078 2896 NetBIOS - ok
00:44:27.0140 2896 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:44:27.0296 2896 NetBT - ok
00:44:27.0343 2896 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
00:44:27.0578 2896 NetDDE - ok
00:44:27.0609 2896 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:44:27.0734 2896 NetDDEdsdm - ok
00:44:27.0781 2896 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:44:27.0906 2896 Netlogon - ok
00:44:27.0984 2896 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
00:44:28.0109 2896 Netman - ok
00:44:28.0171 2896 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:44:28.0203 2896 NetTcpPortSharing - ok
00:44:28.0234 2896 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:44:28.0437 2896 NIC1394 - ok
00:44:28.0578 2896 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
00:44:28.0609 2896 Nla - ok
00:44:28.0656 2896 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
00:44:28.0812 2896 nm - ok
00:44:28.0843 2896 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:44:28.0968 2896 Npfs - ok
00:44:28.0968 2896 npggsvc - ok
00:44:29.0156 2896 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:44:29.0406 2896 Ntfs - ok
00:44:29.0500 2896 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:44:29.0625 2896 NtLmSsp - ok
00:44:29.0796 2896 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:44:30.0000 2896 NtmsSvc - ok
00:44:30.0046 2896 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:44:30.0218 2896 Null - ok
00:44:34.0859 2896 [ FA71C176A81E06E34919C518483462CF ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:44:39.0000 2896 nv ( UnsignedFile.Multi.Generic ) - warning
00:44:39.0000 2896 nv - detected UnsignedFile.Multi.Generic (1)
00:44:39.0093 2896 [ 509A761CA604AC15AB2B7E264FE620EF ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
00:44:39.0109 2896 NVHDA - ok
00:44:39.0187 2896 [ ED65B00595D8DA3B3C9F0AC4B99FB828 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
00:44:39.0218 2896 NVSvc - ok
00:44:39.0796 2896 [ 40BFB291B0F79E14F99508583A1787E4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:44:40.0125 2896 nvUpdatusService - ok
00:44:40.0156 2896 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:44:40.0312 2896 NwlnkFlt - ok
00:44:40.0328 2896 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:44:40.0484 2896 NwlnkFwd - ok
00:44:40.0828 2896 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:44:40.0937 2896 odserv - ok
00:44:41.0000 2896 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:44:41.0156 2896 ohci1394 - ok
00:44:41.0234 2896 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:44:41.0250 2896 ose - ok
00:44:41.0296 2896 [ C90018BAFDC7098619A4A95B046B30F3 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
00:44:41.0437 2896 P3 - ok
00:44:41.0484 2896 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:44:41.0656 2896 Parport - ok
00:44:41.0703 2896 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:44:41.0859 2896 PartMgr - ok
00:44:41.0890 2896 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:44:42.0046 2896 ParVdm - ok
00:44:42.0078 2896 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:44:42.0218 2896 PCI - ok
00:44:42.0234 2896 [ E86C9BBBB961F46EC1DD7C0448B04C98 ] Pci7200Sx C:\WINDOWS\system32\DRIVERS\Pci7200Sx.sys
00:44:42.0250 2896 Pci7200Sx ( UnsignedFile.Multi.Generic ) - warning
00:44:42.0250 2896 Pci7200Sx - detected UnsignedFile.Multi.Generic (1)
00:44:42.0250 2896 PCIDump - ok
00:44:42.0296 2896 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:44:42.0437 2896 PCIIde - ok
00:44:42.0484 2896 [ 40AA056287E351965D232EDB0D32F9C8 ] PciSx C:\WINDOWS\System32\drivers\PciSx.SYS
00:44:42.0546 2896 PciSx ( UnsignedFile.Multi.Generic ) - warning
00:44:42.0546 2896 PciSx - detected UnsignedFile.Multi.Generic (1)
00:44:42.0640 2896 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:44:42.0828 2896 Pcmcia - ok
00:44:42.0828 2896 PDCOMP - ok
00:44:42.0843 2896 PDFRAME - ok
00:44:42.0843 2896 PDRELI - ok
00:44:42.0843 2896 PDRFRAME - ok
00:44:42.0859 2896 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
00:44:43.0031 2896 perc2 - ok
00:44:43.0046 2896 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
00:44:43.0203 2896 perc2hib - ok
00:44:43.0250 2896 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
00:44:43.0281 2896 PlugPlay - ok
00:44:43.0343 2896 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
00:44:43.0359 2896 PnkBstrA - ok
00:44:43.0375 2896 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:44:43.0500 2896 PolicyAgent - ok
00:44:43.0593 2896 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:44:43.0765 2896 PptpMiniport - ok
00:44:43.0875 2896 [ 33D7285F12D934268A34206DFC4AD1B3 ] PrismXL C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
00:44:43.0890 2896 PrismXL ( UnsignedFile.Multi.Generic ) - warning
00:44:43.0890 2896 PrismXL - detected UnsignedFile.Multi.Generic (1)
00:44:43.0906 2896 Profos - ok
00:44:43.0937 2896 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:44:44.0062 2896 ProtectedStorage - ok
00:44:44.0093 2896 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:44:44.0234 2896 PSched - ok
00:44:44.0250 2896 [ 30C867C08B13E66710E3210C8938E902 ] pspdisp C:\WINDOWS\system32\DRIVERS\pspdisp.sys
00:44:44.0265 2896 pspdisp ( UnsignedFile.Multi.Generic ) - warning
00:44:44.0265 2896 pspdisp - detected UnsignedFile.Multi.Generic (1)
00:44:44.0296 2896 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:44:44.0437 2896 Ptilink - ok
00:44:44.0453 2896 PxHelp20 - ok
00:44:44.0515 2896 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
00:44:44.0750 2896 ql1080 - ok
00:44:44.0765 2896 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
00:44:44.0921 2896 Ql10wnt - ok
00:44:44.0937 2896 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
00:44:45.0093 2896 ql12160 - ok
00:44:45.0109 2896 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
00:44:45.0250 2896 ql1240 - ok
00:44:45.0281 2896 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
00:44:45.0406 2896 ql1280 - ok
00:44:45.0437 2896 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:44:45.0562 2896 RasAcd - ok
00:44:45.0671 2896 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:44:45.0812 2896 RasAuto - ok
00:44:45.0843 2896 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:44:45.0968 2896 Rasl2tp - ok
00:44:46.0062 2896 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:44:46.0187 2896 RasMan - ok
00:44:46.0203 2896 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:44:46.0343 2896 RasPppoe - ok
00:44:46.0359 2896 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:44:46.0500 2896 Raspti - ok
00:44:46.0640 2896 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:44:46.0796 2896 Rdbss - ok
00:44:46.0828 2896 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:44:46.0984 2896 RDPCDD - ok
00:44:47.0062 2896 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:44:47.0187 2896 rdpdr - ok
00:44:47.0265 2896 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:44:47.0312 2896 RDPWD - ok
00:44:47.0375 2896 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:44:47.0515 2896 RDSessMgr - ok
00:44:47.0625 2896 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:44:47.0796 2896 redbook - ok
00:44:47.0828 2896 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:44:47.0968 2896 RemoteAccess - ok
00:44:48.0015 2896 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:44:48.0140 2896 RemoteRegistry - ok
00:44:48.0187 2896 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
00:44:48.0328 2896 RpcLocator - ok
00:44:48.0468 2896 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:44:48.0625 2896 RpcSs - ok
00:44:48.0718 2896 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:44:48.0890 2896 RSVP - ok
00:44:48.0921 2896 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
00:44:49.0046 2896 SamSs - ok
00:44:49.0093 2896 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:44:49.0234 2896 SCardSvr - ok
00:44:49.0328 2896 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:44:49.0468 2896 Schedule - ok
00:44:49.0500 2896 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:44:49.0734 2896 Secdrv - ok
00:44:49.0765 2896 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:44:49.0890 2896 seclogon - ok
00:44:49.0906 2896 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
00:44:50.0062 2896 SENS - ok
00:44:50.0093 2896 [ 1C0ECA17DF3C43CF42583E7CEF8D6FC1 ] sensorsview C:\WINDOWS\system32\drivers\sensorsview.sys
00:44:50.0109 2896 sensorsview ( UnsignedFile.Multi.Generic ) - warning
00:44:50.0109 2896 sensorsview - detected UnsignedFile.Multi.Generic (1)
00:44:50.0156 2896 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:44:50.0296 2896 Serenum - ok
00:44:50.0343 2896 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:44:50.0500 2896 Serial - ok
00:44:50.0578 2896 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:44:50.0765 2896 Sfloppy - ok
00:44:50.0812 2896 [ CECDD7CB5DB385775790D30FA10F0507 ] sfng32 C:\WINDOWS\system32\drivers\sfng32.sys
00:44:50.0812 2896 sfng32 ( UnsignedFile.Multi.Generic ) - warning
00:44:50.0812 2896 sfng32 - detected UnsignedFile.Multi.Generic (1)
00:44:50.0953 2896 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:44:51.0156 2896 SharedAccess - ok
00:44:51.0203 2896 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:44:51.0234 2896 ShellHWDetection - ok
00:44:51.0234 2896 Simbad - ok
00:44:51.0296 2896 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
00:44:51.0437 2896 sisagp - ok
00:44:51.0468 2896 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
00:44:51.0531 2896 Sparrow - ok
00:44:51.0640 2896 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:44:51.0796 2896 splitter - ok
00:44:51.0843 2896 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:44:51.0906 2896 Spooler - ok
00:44:51.0953 2896 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:44:52.0109 2896 sr - ok
00:44:52.0187 2896 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
00:44:52.0312 2896 srservice - ok
00:44:52.0437 2896 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:44:52.0562 2896 Srv - ok
00:44:52.0609 2896 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:44:52.0750 2896 SSDPSRV - ok
00:44:52.0765 2896 Steam Client Service - ok
00:44:53.0093 2896 [ E459A674C2FCCFBC69BFD86800791A5D ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
00:44:53.0328 2896 STHDA ( UnsignedFile.Multi.Generic ) - warning
00:44:53.0328 2896 STHDA - detected UnsignedFile.Multi.Generic (1)
00:44:53.0468 2896 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:44:53.0671 2896 stisvc - ok
00:44:53.0734 2896 [ 86CA1A5C15A5A98D5533945FB1120B05 ] SunkFilt C:\WINDOWS\System32\Drivers\sunkfilt.sys
00:44:53.0734 2896 SunkFilt ( UnsignedFile.Multi.Generic ) - warning
00:44:53.0734 2896 SunkFilt - detected UnsignedFile.Multi.Generic (1)
00:44:53.0781 2896 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:44:53.0937 2896 swenum - ok
00:44:53.0984 2896 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:44:54.0125 2896 swmidi - ok
00:44:54.0125 2896 SwPrv - ok
00:44:54.0171 2896 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
00:44:54.0343 2896 symc810 - ok
00:44:54.0359 2896 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
00:44:54.0515 2896 symc8xx - ok
00:44:54.0531 2896 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
00:44:54.0687 2896 sym_hi - ok
00:44:54.0703 2896 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
00:44:54.0828 2896 sym_u3 - ok
00:44:54.0875 2896 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:44:55.0015 2896 sysaudio - ok
00:44:55.0078 2896 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:44:55.0218 2896 SysmonLog - ok
00:44:55.0296 2896 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:44:55.0437 2896 TapiSrv - ok
00:44:55.0578 2896 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:44:55.0687 2896 Tcpip - ok
00:44:55.0718 2896 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:44:55.0843 2896 TDPIPE - ok
00:44:55.0859 2896 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:44:55.0984 2896 TDTCP - ok
00:44:56.0031 2896 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:44:56.0156 2896 TermDD - ok
00:44:56.0281 2896 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
00:44:56.0421 2896 TermService - ok
00:44:56.0484 2896 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
00:44:56.0500 2896 Themes - ok
00:44:56.0562 2896 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
00:44:56.0703 2896 TlntSvr - ok
00:44:56.0828 2896 [ 81768F0E47D7597A64F7AD5AD5A08B31 ] tmcfw C:\WINDOWS\system32\DRIVERS\TM_CFW.sys
00:44:56.0921 2896 tmcfw - ok
00:44:56.0953 2896 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
00:44:57.0125 2896 TosIde - ok
00:44:57.0187 2896 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:44:57.0312 2896 TrkWks - ok
00:44:57.0312 2896 Trufos - ok
00:44:57.0375 2896 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:44:57.0515 2896 Udfs - ok
00:44:57.0546 2896 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
00:44:57.0796 2896 ultra - ok
00:44:57.0843 2896 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
00:44:57.0921 2896 UMWdf - ok
00:44:58.0078 2896 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:44:58.0359 2896 Update - ok
00:44:58.0437 2896 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:44:58.0578 2896 upnphost - ok
00:44:58.0578 2896 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
00:44:58.0718 2896 UPS - ok
00:44:58.0765 2896 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:44:58.0812 2896 USBAAPL - ok
00:44:58.0859 2896 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:44:59.0000 2896 usbehci - ok
00:44:59.0062 2896 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:44:59.0234 2896 usbhub - ok
00:44:59.0265 2896 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:44:59.0390 2896 usbscan - ok
00:44:59.0421 2896 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:44:59.0562 2896 USBSTOR - ok
00:44:59.0609 2896 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:44:59.0750 2896 usbuhci - ok
00:44:59.0781 2896 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:44:59.0906 2896 VgaSave - ok
00:44:59.0937 2896 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
00:45:00.0062 2896 viaagp - ok
00:45:00.0062 2896 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
00:45:00.0218 2896 ViaIde - ok
00:45:00.0250 2896 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:45:00.0390 2896 VolSnap - ok
00:45:00.0500 2896 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
00:45:00.0640 2896 VSS - ok
00:45:00.0718 2896 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
00:45:00.0843 2896 W32Time - ok
00:45:00.0875 2896 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:45:01.0015 2896 Wanarp - ok
00:45:01.0046 2896 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
00:45:01.0078 2896 wanatw ( UnsignedFile.Multi.Generic ) - warning
00:45:01.0078 2896 wanatw - detected UnsignedFile.Multi.Generic (1)
00:45:01.0250 2896 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
00:45:01.0359 2896 Wdf01000 - ok
00:45:01.0359 2896 WDICA - ok
00:45:01.0421 2896 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:45:01.0562 2896 wdmaud - ok
00:45:01.0625 2896 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:45:01.0750 2896 WebClient - ok
00:45:01.0906 2896 [ 2DC7C0B6175A0A8ED84A4F70199C93B5 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
00:45:02.0125 2896 winachsf ( UnsignedFile.Multi.Generic ) - warning
00:45:02.0125 2896 winachsf - detected UnsignedFile.Multi.Generic (1)
00:45:02.0203 2896 [ 94E4312D546048BF31604A8B2AD13FC0 ] WinDriver6 C:\WINDOWS\system32\drivers\windrvr6.sys
00:45:02.0234 2896 WinDriver6 ( UnsignedFile.Multi.Generic ) - warning
00:45:02.0234 2896 WinDriver6 - detected UnsignedFile.Multi.Generic (1)
00:45:02.0359 2896 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:45:02.0609 2896 winmgmt - ok
00:45:02.0671 2896 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
00:45:02.0703 2896 WinRing0_1_2_0 - ok
00:45:02.0750 2896 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
00:45:02.0765 2896 WinUSB - ok
00:45:02.0812 2896 [ 6EAA72FD9EF993EC1FA9A06DE65105DA ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
00:45:02.0828 2896 WmdmPmSN - ok
00:45:03.0046 2896 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:45:03.0218 2896 Wmi - ok
00:45:03.0296 2896 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:45:03.0437 2896 WmiApSrv - ok
00:45:03.0515 2896 [ E8C30EF9BBC6DDB71F0F77FA3A96515F ] WMP54GSSVC C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
00:45:03.0546 2896 WMP54GSSVC ( UnsignedFile.Multi.Generic ) - warning
00:45:03.0546 2896 WMP54GSSVC - detected UnsignedFile.Multi.Generic (1)
00:45:03.0906 2896 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:45:04.0093 2896 WPFFontCache_v0400 - ok
00:45:04.0156 2896 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:45:04.0328 2896 WS2IFSL - ok
00:45:04.0375 2896 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:45:04.0515 2896 wscsvc - ok
00:45:04.0531 2896 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:45:04.0671 2896 wuauserv - ok
00:45:04.0718 2896 [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:45:04.0781 2896 WudfPf - ok
00:45:04.0828 2896 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:45:04.0859 2896 WudfRd - ok
00:45:04.0906 2896 [ 575A4190D989F64732119E4114045A4F ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:45:04.0953 2896 WudfSvc - ok
00:45:05.0125 2896 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:45:05.0343 2896 WZCSVC - ok
00:45:05.0406 2896 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:45:05.0531 2896 xmlprov - ok
00:45:05.0578 2896 [ EE9144207EE0211EB5656BA6808AC4A0 ] xusb21 C:\WINDOWS\system32\DRIVERS\xusb21.sys
00:45:05.0593 2896 xusb21 - ok
00:45:05.0609 2896 ================ Scan global ===============================
00:45:05.0656 2896 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
00:45:05.0765 2896 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:45:05.0875 2896 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:45:05.0921 2896 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
00:45:05.0921 2896 [Global] - ok
00:45:05.0921 2896 ================ Scan MBR ==================================
00:45:05.0968 2896 [ B20939CD98B7710036274839082AE757 ] \Device\Harddisk0\DR0
00:45:06.0250 2896 \Device\Harddisk0\DR0 - ok
00:45:06.0250 2896 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR7
00:45:08.0562 2896 \Device\Harddisk5\DR7 - ok
00:45:08.0562 2896 ================ Scan VBR ==================================
00:45:08.0562 2896 [ A4C4D1D05860E01BD91D4FF191803C57 ] \Device\Harddisk0\DR0\Partition1
00:45:08.0562 2896 \Device\Harddisk0\DR0\Partition1 - ok
00:45:08.0578 2896 [ 01BEB4BBD7964702A4B3C968D0B0DE2C ] \Device\Harddisk0\DR0\Partition2
00:45:08.0578 2896 \Device\Harddisk0\DR0\Partition2 - ok
00:45:08.0578 2896 [ 0115A34A2A1C7E6058FF6190AF7F0844 ] \Device\Harddisk5\DR7\Partition1
00:45:08.0578 2896 \Device\Harddisk5\DR7\Partition1 - ok
00:45:08.0578 2896 ============================================================
00:45:08.0578 2896 Scan finished
00:45:08.0578 2896 ============================================================
00:45:08.0687 2592 Detected object count: 25
00:45:08.0687 2592 Actual detected object count: 25
00:45:37.0859 2592 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0859 2592 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0859 2592 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0859 2592 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0875 2592 BCM42RLY ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0875 2592 BCM42RLY ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0875 2592 E100B ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0875 2592 E100B ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0875 2592 GTNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0875 2592 GTNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0875 2592 HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0875 2592 HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0875 2592 HSFHWBS2 ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0875 2592 HSFHWBS2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0875 2592 HSF_DP ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0875 2592 HSF_DP ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0875 2592 ialm ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0875 2592 ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0890 2592 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0890 2592 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0890 2592 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0890 2592 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0890 2592 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0890 2592 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0890 2592 nv ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0890 2592 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0890 2592 Pci7200Sx ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0890 2592 Pci7200Sx ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0890 2592 PciSx ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0890 2592 PciSx ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0890 2592 PrismXL ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0890 2592 PrismXL ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0890 2592 pspdisp ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0890 2592 pspdisp ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0906 2592 sensorsview ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0906 2592 sensorsview ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0906 2592 sfng32 ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0906 2592 sfng32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0906 2592 STHDA ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0906 2592 STHDA ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0906 2592 SunkFilt ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0906 2592 SunkFilt ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0906 2592 wanatw ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0906 2592 wanatw ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0906 2592 winachsf ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0906 2592 winachsf ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0906 2592 WinDriver6 ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0906 2592 WinDriver6 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:37.0921 2592 WMP54GSSVC ( UnsignedFile.Multi.Generic ) - skipped by user
00:45:37.0921 2592 WMP54GSSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:45:41.0750 2696 Deinitialize success

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 29 August 2012 - 10:17 AM

Greetings SilentAngerX7,

Thank you for trying aswMBR again.

There are a couple suspicious files I would like to follow up on and I have a caution.

Please consider and perform the below.


===================================================


Multiple Antivirus Programs

-------------------

I do not recommend that you have more than one anti virus product installed on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Microsoft Security Essentials or ESET.


===================================================


Virustotal Online Virus Scanner

--------------------

  • Please go to Virustotal
  • Select Choose File
  • Navigate to the following files, one at a time, and double click on it so the file name is populated, then click Scan it!

    C:\WINDOWS\system32\DRIVERS\Pci7200Sx.sys
    C:\WINDOWS\System32\drivers\PciSx.SYS

  • Once completed, highlight the information in the address bar and copy then paste the links in your reply


    Posted Image

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Were you able to remove an antivirus program?
  • VirusTotal links (2)

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 SilentAngerX7

SilentAngerX7
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 29 August 2012 - 11:45 AM

I already had removed MS Security Essentials, ESET wouldn't let me continue the installer without commanding me to remove Avast! my previous anti-virus. I will be uploading the links soon.

UPDATE: OK here are the links:

https://www.virustotal.com/file/20a3db81f44624f2c816864229f13f3020b8ca08220d3458edfd20f7e6c58c4a/analysis/1346273189/


https://www.virustotal.com/file/80952af10db4dd2330ec7baea75226858c6c5d65d2a3a567b338439a5d01503e/analysis/1346273148/

Edited by SilentAngerX7, 29 August 2012 - 03:50 PM.


#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 30 August 2012 - 05:31 PM

Greetings SilentAngerX7,

Those file are clean, thank you for uploading them.

Below are instructions to uninstall Avast. If you have already tried this uninstaller please let me know.

Let's take stock of where we are at now. You have various issues you were dealing with at the outset. What issues are you still experiencing?


===================================================


Removing Avast Antivirus

--------------------

  • Download avast! Uninstall Utility to your desktop
  • Reboot your computer into Safe Mode (Press F8)
  • Double click on the aswclear icon
  • On the avast! Software Uninstall Utility select your version
  • If the folder path is not automatically listed you can select it by clicking on the "..." button and expanding Select folder to get to the avast folder as is detailed below


    Posted Image


    Posted Image

  • Click OK, Uninstall then Yes
  • Once completed you will see "Program was Successfully Removed"
  • Click Yes to restart your computer
  • Retry your ESET step

===================================================


Things I would like to see in your next reply. :thumbsup2:

  • Were you able to uninstall Avira?
  • ESET?
  • What issues still remain?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 SilentAngerX7

SilentAngerX7
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:28 AM

Posted 30 August 2012 - 10:24 PM

Oh no, I already uninstalled Avast! I don't have multiple anti-virus programs, i just meant when I first downloaded and ran the installer for ESET, at THAT time I had Avast! and I uninstalled it and deleted the Program Files folder and removed it from my computer before continuing with ESET.

I mentioned before that the MalwareBytes PRO trial ended, so for a while I haven't had MalwareBytes protection. But while I had it I kept getting those outgoing IP Address messages, and now because I don't have MBAM anymore I don't know if I would have gotten those same popups recently.

One thing for sure that I'm still experiencing is the performance drops, and cursor lag. I have been laying off of video games because I can't stand the performance I've been getting. Also, I don't know if this has anything to do with the virus, but I'll throw this out here anyway. My download speed has gone to pieces. From what I know, we have a 12MB connection, and lately I have been getting 13KBPs-60KBPs. Before this problem I would get a normal 100KBPs-800KBPs connection. And that's pretty much it.

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:28 AM

Posted 31 August 2012 - 08:24 AM

Greetings SilentAngerX7,

I already uninstalled Avast!

OK, good. You mentioned ESET wanted it gone but didn't follow up by saying you uninstalled it. Glad that went well.

If you are behind a firewall then you are already protected against outbound activity. I will be providing information in my final post.

Let's run a couple of scans to see what still exists. Please perform the following.


===================================================


Rerun Malwarebytes

--------------------

Temporarily disable your antivirus program.

  • Please locate your Malwarebytes icon Posted Image and launch the program
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    Posted Image

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • MBAM log
  • ESET log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users