Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Infected with something called WhiteSmoke US New Community Toolbar


  • Please log in to reply
11 replies to this topic

#1 mag00

mag00

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 21 October 2012 - 05:33 AM

Upon opening Firefox, I noticed a toolbar that I hadn't had before called White Smoke. I tried uninstalling the regular way but the software does not show up on the list of programs. This is how I figured something was fishy about it. Please help.

Edited by hamluis, 21 October 2012 - 08:07 AM.
Moved to Am I Infected from Vista - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:23 PM

Posted 21 October 2012 - 10:00 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 mag00

mag00
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 21 October 2012 - 06:07 PM

Thank you for your reply. Here are the requested logs:

11:58:12.0194 2652 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
11:58:12.0587 2652 ============================================================
11:58:12.0587 2652 Current date / time: 2012/10/21 11:58:12.0587
11:58:12.0587 2652 SystemInfo:
11:58:12.0587 2652
11:58:12.0588 2652 OS Version: 6.0.6002 ServicePack: 2.0
11:58:12.0588 2652 Product type: Workstation
11:58:12.0588 2652 ComputerName: BRANDY-PC
11:58:12.0588 2652 UserName: Brandy
11:58:12.0588 2652 Windows directory: C:\Windows
11:58:12.0588 2652 System windows directory: C:\Windows
11:58:12.0588 2652 Processor architecture: Intel x86
11:58:12.0588 2652 Number of processors: 2
11:58:12.0588 2652 Page size: 0x1000
11:58:12.0588 2652 Boot type: Normal boot
11:58:12.0588 2652 ============================================================
11:58:15.0040 2652 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:58:15.0043 2652 ============================================================
11:58:15.0043 2652 \Device\Harddisk0\DR0:
11:58:15.0043 2652 MBR partitions:
11:58:15.0043 2652 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
11:58:15.0043 2652 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B448CA2
11:58:15.0043 2652 ============================================================
11:58:15.0123 2652 C: <-> \Device\Harddisk0\DR0\Partition2
11:58:15.0189 2652 D: <-> \Device\Harddisk0\DR0\Partition1
11:58:15.0189 2652 ============================================================
11:58:15.0190 2652 Initialize success
11:58:15.0190 2652 ============================================================
11:58:36.0667 5864 ============================================================
11:58:36.0667 5864 Scan started
11:58:36.0667 5864 Mode: Manual; TDLFS;
11:58:36.0667 5864 ============================================================
11:58:39.0901 5864 ================ Scan system memory ========================
11:58:39.0901 5864 System memory - ok
11:58:39.0902 5864 ================ Scan services =============================
11:58:41.0092 5864 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
11:58:41.0119 5864 ACPI - ok
11:58:41.0276 5864 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:58:41.0388 5864 AdobeFlashPlayerUpdateSvc - ok
11:58:41.0533 5864 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:58:41.0597 5864 adp94xx - ok
11:58:41.0626 5864 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:58:41.0726 5864 adpahci - ok
11:58:41.0777 5864 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
11:58:41.0797 5864 adpu160m - ok
11:58:41.0855 5864 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:58:42.0113 5864 adpu320 - ok
11:58:42.0168 5864 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:58:42.0169 5864 AeLookupSvc - ok
11:58:42.0249 5864 [ 97210CDE1BA95053CAD83D0FBB7C6A89 ] AERTFilters C:\Windows\system32\AERTSrv.exe
11:58:42.0250 5864 AERTFilters - ok
11:58:42.0394 5864 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
11:58:42.0463 5864 AFD - ok
11:58:42.0591 5864 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:58:42.0645 5864 agp440 - ok
11:58:42.0686 5864 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
11:58:42.0746 5864 aic78xx - ok
11:58:42.0780 5864 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
11:58:42.0781 5864 ALG - ok
11:58:42.0873 5864 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
11:58:42.0890 5864 aliide - ok
11:58:42.0991 5864 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:58:43.0008 5864 amdagp - ok
11:58:43.0057 5864 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
11:58:43.0074 5864 amdide - ok
11:58:43.0132 5864 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
11:58:43.0507 5864 AmdK7 - ok
11:58:43.0573 5864 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:58:43.0596 5864 AmdK8 - ok
11:58:43.0711 5864 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
11:58:43.0712 5864 Appinfo - ok
11:58:44.0197 5864 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:58:44.0199 5864 Apple Mobile Device - ok
11:58:44.0261 5864 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
11:58:44.0301 5864 arc - ok
11:58:44.0416 5864 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:58:44.0439 5864 arcsas - ok
11:58:44.0481 5864 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:58:44.0497 5864 AsyncMac - ok
11:58:44.0538 5864 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
11:58:44.0587 5864 atapi - ok
11:58:44.0855 5864 [ 44FA26470D4C8123CCF71F4200B782D3 ] athrusb C:\Windows\system32\DRIVERS\athrusb.sys
11:58:45.0156 5864 athrusb - ok
11:58:45.0314 5864 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:58:45.0318 5864 AudioEndpointBuilder - ok
11:58:45.0480 5864 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:58:45.0483 5864 Audiosrv - ok
11:58:45.0743 5864 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
11:58:45.0757 5864 BBSvc - ok
11:58:45.0812 5864 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
11:58:45.0853 5864 BBUpdate - ok
11:58:45.0978 5864 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
11:58:46.0003 5864 Beep - ok
11:58:46.0164 5864 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
11:58:46.0188 5864 BFE - ok
11:58:46.0426 5864 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
11:58:46.0661 5864 BITS - ok
11:58:46.0707 5864 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
11:58:46.0740 5864 blbdrive - ok
11:58:46.0869 5864 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:58:46.0886 5864 Bonjour Service - ok
11:58:46.0928 5864 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:58:46.0931 5864 bowser - ok
11:58:47.0027 5864 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
11:58:47.0049 5864 BrFiltLo - ok
11:58:47.0071 5864 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
11:58:47.0083 5864 BrFiltUp - ok
11:58:47.0106 5864 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
11:58:47.0108 5864 Browser - ok
11:58:47.0166 5864 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
11:58:47.0183 5864 Brserid - ok
11:58:47.0206 5864 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
11:58:47.0254 5864 BrSerWdm - ok
11:58:47.0276 5864 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
11:58:47.0299 5864 BrUsbMdm - ok
11:58:47.0331 5864 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
11:58:47.0344 5864 BrUsbSer - ok
11:58:47.0402 5864 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:58:47.0446 5864 BTHMODEM - ok
11:58:47.0633 5864 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
11:58:47.0635 5864 ccEvtMgr - ok
11:58:47.0719 5864 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
11:58:47.0721 5864 ccSetMgr - ok
11:58:47.0784 5864 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:58:47.0824 5864 cdfs - ok
11:58:47.0868 5864 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:58:48.0043 5864 cdrom - ok
11:58:48.0107 5864 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
11:58:48.0109 5864 CertPropSvc - ok
11:58:48.0174 5864 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
11:58:48.0198 5864 circlass - ok
11:58:48.0257 5864 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
11:58:48.0308 5864 CLFS - ok
11:58:48.0442 5864 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:58:48.0574 5864 clr_optimization_v2.0.50727_32 - ok
11:58:49.0073 5864 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:58:49.0075 5864 clr_optimization_v4.0.30319_32 - ok
11:58:49.0126 5864 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:58:49.0159 5864 cmdide - ok
11:58:49.0200 5864 [ 4FC0A44DA7603229E1A9454126A59EFD ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:58:49.0263 5864 Compbatt - ok
11:58:49.0271 5864 COMSysApp - ok
11:58:49.0398 5864 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:58:49.0405 5864 crcdisk - ok
11:58:49.0429 5864 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
11:58:49.0498 5864 Crusoe - ok
11:58:49.0623 5864 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:58:49.0625 5864 CryptSvc - ok
11:58:49.0773 5864 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:58:49.0822 5864 DcomLaunch - ok
11:58:49.0855 5864 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:58:49.0873 5864 DfsC - ok
11:58:50.0213 5864 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
11:58:50.0564 5864 DFSR - ok
11:58:50.0779 5864 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
11:58:50.0807 5864 Dhcp - ok
11:58:50.0870 5864 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
11:58:50.0890 5864 disk - ok
11:58:50.0959 5864 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:58:50.0961 5864 Dnscache - ok
11:58:51.0009 5864 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:58:51.0011 5864 dot3svc - ok
11:58:51.0092 5864 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
11:58:51.0094 5864 DPS - ok
11:58:51.0161 5864 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:58:51.0183 5864 drmkaud - ok
11:58:51.0258 5864 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:58:51.0311 5864 DXGKrnl - ok
11:58:51.0399 5864 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
11:58:51.0491 5864 e1express - ok
11:58:51.0588 5864 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
11:58:51.0628 5864 E1G60 - ok
11:58:51.0680 5864 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
11:58:51.0682 5864 EapHost - ok
11:58:51.0753 5864 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
11:58:51.0816 5864 Ecache - ok
11:58:51.0951 5864 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
11:58:52.0052 5864 eeCtrl - ok
11:58:52.0194 5864 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:58:52.0291 5864 elxstor - ok
11:58:52.0489 5864 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
11:58:52.0500 5864 EMDMgmt - ok
11:58:52.0571 5864 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
11:58:52.0575 5864 EraserUtilRebootDrv - ok
11:58:52.0622 5864 [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:58:52.0639 5864 ErrDev - ok
11:58:52.0748 5864 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
11:58:52.0751 5864 EventSystem - ok
11:58:52.0839 5864 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
11:58:52.0862 5864 exfat - ok
11:58:52.0902 5864 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:58:52.0910 5864 fastfat - ok
11:58:52.0975 5864 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:58:52.0988 5864 fdc - ok
11:58:53.0045 5864 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
11:58:53.0046 5864 fdPHost - ok
11:58:53.0072 5864 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
11:58:53.0074 5864 FDResPub - ok
11:58:53.0170 5864 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:58:53.0171 5864 FileInfo - ok
11:58:53.0368 5864 [ 47B91551FE7489A323BAF4904CAD757A ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
11:58:53.0369 5864 FileMonitor - ok
11:58:53.0387 5864 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:58:53.0404 5864 Filetrace - ok
11:58:53.0485 5864 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:58:53.0508 5864 flpydisk - ok
11:58:53.0572 5864 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:58:53.0577 5864 FltMgr - ok
11:58:53.0691 5864 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
11:58:53.0844 5864 FontCache - ok
11:58:53.0993 5864 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:58:54.0023 5864 FontCache3.0.0.0 - ok
11:58:54.0071 5864 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:58:54.0085 5864 Fs_Rec - ok
11:58:54.0147 5864 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:58:54.0181 5864 gagp30kx - ok
11:58:54.0272 5864 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:58:54.0296 5864 GEARAspiWDM - ok
11:58:54.0462 5864 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
11:58:54.0544 5864 gpsvc - ok
11:58:54.0822 5864 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:58:54.0823 5864 gupdate - ok
11:58:54.0871 5864 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:58:54.0872 5864 gupdatem - ok
11:58:55.0051 5864 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:58:55.0150 5864 HDAudBus - ok
11:58:55.0201 5864 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:58:55.0217 5864 HidBth - ok
11:58:55.0250 5864 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
11:58:55.0290 5864 HidIr - ok
11:58:55.0383 5864 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
11:58:55.0384 5864 hidserv - ok
11:58:55.0442 5864 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:58:55.0455 5864 HidUsb - ok
11:58:55.0545 5864 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:58:55.0547 5864 hkmsvc - ok
11:58:55.0595 5864 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
11:58:55.0630 5864 HpCISSs - ok
11:58:55.0767 5864 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:58:55.0935 5864 HTTP - ok
11:58:55.0969 5864 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
11:58:55.0982 5864 i2omp - ok
11:58:56.0046 5864 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:58:56.0424 5864 i8042prt - ok
11:58:56.0503 5864 [ F79525634B192F5A18DE503568F94EF3 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:58:56.0508 5864 IAANTMON - ok
11:58:56.0557 5864 [ 707C1692214B1C290271067197F075F6 ] iaStor C:\Windows\system32\drivers\iastor.sys
11:58:56.0559 5864 iaStor - ok
11:58:56.0584 5864 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
11:58:56.0620 5864 iaStorV - ok
11:58:56.0846 5864 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:58:57.0151 5864 idsvc - ok
11:58:58.0399 5864 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
11:59:01.0236 5864 igfx - ok
11:59:01.0294 5864 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:59:01.0469 5864 iirsp - ok
11:59:01.0671 5864 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
11:59:01.0715 5864 IKEEXT - ok
11:59:01.0838 5864 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
11:59:01.0843 5864 IMFservice - ok
11:59:02.0197 5864 [ 9B89F2E3D705651DEC1F01033B9D6B24 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:59:03.0036 5864 IntcAzAudAddService - ok
11:59:03.0092 5864 [ 8DAB99684CFE8B4DDD5D6D0C5D55FDAC ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
11:59:03.0104 5864 IntcHdmiAddService - ok
11:59:03.0187 5864 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
11:59:03.0207 5864 intelide - ok
11:59:03.0284 5864 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:59:03.0285 5864 intelppm - ok
11:59:03.0391 5864 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:59:03.0394 5864 IPBusEnum - ok
11:59:03.0419 5864 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:59:03.0440 5864 IpFilterDriver - ok
11:59:03.0513 5864 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:59:03.0531 5864 iphlpsvc - ok
11:59:03.0541 5864 IpInIp - ok
11:59:03.0593 5864 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
11:59:03.0614 5864 IPMIDRV - ok
11:59:03.0643 5864 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
11:59:03.0665 5864 IPNAT - ok
11:59:03.0972 5864 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:59:04.0084 5864 iPod Service - ok
11:59:04.0106 5864 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:59:04.0132 5864 IRENUM - ok
11:59:04.0165 5864 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:59:04.0193 5864 isapnp - ok
11:59:04.0264 5864 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:59:04.0265 5864 iScsiPrt - ok
11:59:04.0313 5864 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
11:59:04.0339 5864 iteatapi - ok
11:59:04.0356 5864 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
11:59:04.0364 5864 iteraid - ok
11:59:04.0402 5864 [ B07084095F8C03AADB9811C9DF14B5E4 ] JRAID C:\Windows\system32\drivers\jraid.sys
11:59:04.0433 5864 JRAID - ok
11:59:04.0462 5864 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:59:04.0491 5864 kbdclass - ok
11:59:04.0551 5864 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:59:04.0559 5864 kbdhid - ok
11:59:04.0572 5864 kdxxgd - ok
11:59:04.0627 5864 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
11:59:04.0629 5864 KeyIso - ok
11:59:04.0818 5864 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:59:04.0865 5864 KSecDD - ok
11:59:04.0962 5864 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:59:04.0982 5864 KtmRm - ok
11:59:05.0019 5864 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
11:59:05.0023 5864 LanmanServer - ok
11:59:05.0110 5864 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:59:05.0114 5864 LanmanWorkstation - ok
11:59:05.0531 5864 [ 6ABE9ECAAB7DD0CC6F46EC830E0FE8FC ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
11:59:05.0555 5864 LiveUpdate - ok
11:59:05.0664 5864 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:59:05.0666 5864 lltdio - ok
11:59:05.0732 5864 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:59:05.0778 5864 lltdsvc - ok
11:59:05.0805 5864 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:59:05.0821 5864 lmhosts - ok
11:59:05.0923 5864 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:59:05.0955 5864 LSI_FC - ok
11:59:05.0982 5864 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:59:05.0995 5864 LSI_SAS - ok
11:59:06.0013 5864 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:59:06.0026 5864 LSI_SCSI - ok
11:59:06.0048 5864 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
11:59:06.0051 5864 luafv - ok
11:59:06.0107 5864 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
11:59:06.0119 5864 mcdbus - ok
11:59:06.0151 5864 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
11:59:06.0160 5864 megasas - ok
11:59:06.0240 5864 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
11:59:06.0263 5864 MegaSR - ok
11:59:06.0300 5864 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
11:59:06.0304 5864 MMCSS - ok
11:59:06.0348 5864 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
11:59:06.0379 5864 Modem - ok
11:59:06.0445 5864 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:59:06.0446 5864 monitor - ok
11:59:06.0472 5864 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:59:06.0493 5864 mouclass - ok
11:59:06.0506 5864 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:59:06.0514 5864 mouhid - ok
11:59:06.0523 5864 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
11:59:06.0525 5864 MountMgr - ok
11:59:06.0588 5864 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:59:06.0625 5864 MozillaMaintenance - ok
11:59:06.0644 5864 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
11:59:06.0679 5864 mpio - ok
11:59:06.0703 5864 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:59:06.0705 5864 mpsdrv - ok
11:59:06.0752 5864 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
11:59:06.0759 5864 MpsSvc - ok
11:59:06.0804 5864 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
11:59:06.0813 5864 Mraid35x - ok
11:59:06.0858 5864 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:59:06.0867 5864 MRxDAV - ok
11:59:06.0915 5864 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:59:06.0918 5864 mrxsmb - ok
11:59:07.0023 5864 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:59:07.0039 5864 mrxsmb10 - ok
11:59:07.0062 5864 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:59:07.0065 5864 mrxsmb20 - ok
11:59:07.0106 5864 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
11:59:07.0119 5864 msahci - ok
11:59:07.0161 5864 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:59:07.0199 5864 msdsm - ok
11:59:07.0231 5864 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
11:59:07.0260 5864 MSDTC - ok
11:59:07.0359 5864 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:59:07.0360 5864 Msfs - ok
11:59:07.0384 5864 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:59:07.0386 5864 msisadrv - ok
11:59:07.0431 5864 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:59:07.0457 5864 MSiSCSI - ok
11:59:07.0466 5864 msiserver - ok
11:59:07.0587 5864 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:59:07.0627 5864 MSKSSRV - ok
11:59:07.0665 5864 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:59:07.0684 5864 MSPCLOCK - ok
11:59:07.0708 5864 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:59:07.0724 5864 MSPQM - ok
11:59:07.0800 5864 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:59:07.0816 5864 MsRPC - ok
11:59:07.0856 5864 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:59:07.0857 5864 mssmbios - ok
11:59:07.0903 5864 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:59:07.0938 5864 MSTEE - ok
11:59:08.0033 5864 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
11:59:08.0054 5864 Mup - ok
11:59:08.0102 5864 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
11:59:08.0109 5864 napagent - ok
11:59:08.0153 5864 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:59:08.0157 5864 NativeWifiP - ok
11:59:08.0367 5864 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121020.007\NAVENG.SYS
11:59:08.0368 5864 NAVENG - ok
11:59:08.0705 5864 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121020.007\NAVEX15.SYS
11:59:08.0715 5864 NAVEX15 - ok
11:59:08.0831 5864 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:59:08.0897 5864 NDIS - ok
11:59:08.0981 5864 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:59:09.0015 5864 NdisTapi - ok
11:59:09.0039 5864 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:59:09.0041 5864 Ndisuio - ok
11:59:09.0093 5864 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:59:09.0242 5864 NdisWan - ok
11:59:09.0286 5864 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:59:09.0323 5864 NDProxy - ok
11:59:09.0367 5864 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:59:09.0369 5864 NetBIOS - ok
11:59:09.0414 5864 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
11:59:09.0420 5864 netbt - ok
11:59:09.0441 5864 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
11:59:09.0444 5864 Netlogon - ok
11:59:09.0486 5864 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
11:59:09.0496 5864 Netman - ok
11:59:09.0572 5864 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
11:59:09.0579 5864 netprofm - ok
11:59:09.0640 5864 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:59:09.0654 5864 NetTcpPortSharing - ok
11:59:09.0714 5864 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:59:09.0723 5864 nfrd960 - ok
11:59:09.0757 5864 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:59:09.0760 5864 NlaSvc - ok
11:59:09.0805 5864 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:59:09.0807 5864 Npfs - ok
11:59:09.0821 5864 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
11:59:09.0824 5864 nsi - ok
11:59:09.0848 5864 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:59:09.0872 5864 nsiproxy - ok
11:59:09.0998 5864 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:59:10.0125 5864 Ntfs - ok
11:59:10.0141 5864 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
11:59:10.0149 5864 ntrigdigi - ok
11:59:10.0164 5864 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
11:59:10.0166 5864 Null - ok
11:59:10.0182 5864 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:59:10.0195 5864 nvraid - ok
11:59:10.0207 5864 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:59:10.0216 5864 nvstor - ok
11:59:10.0235 5864 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:59:10.0245 5864 nv_agp - ok
11:59:10.0253 5864 NwlnkFlt - ok
11:59:10.0260 5864 NwlnkFwd - ok
11:59:10.0291 5864 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:59:10.0301 5864 ohci1394 - ok
11:59:10.0398 5864 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
11:59:10.0422 5864 p2pimsvc - ok
11:59:10.0434 5864 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
11:59:10.0439 5864 p2psvc - ok
11:59:10.0472 5864 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
11:59:10.0497 5864 Parport - ok
11:59:10.0560 5864 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:59:10.0563 5864 partmgr - ok
11:59:10.0578 5864 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
11:59:10.0585 5864 Parvdm - ok
11:59:10.0711 5864 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
11:59:10.0714 5864 PcaSvc - ok
11:59:10.0842 5864 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
11:59:10.0859 5864 pci - ok
11:59:10.0892 5864 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
11:59:10.0903 5864 pciide - ok
11:59:10.0938 5864 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:59:10.0973 5864 pcmcia - ok
11:59:11.0037 5864 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:59:11.0089 5864 PEAUTH - ok
11:59:11.0326 5864 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
11:59:11.0418 5864 pla - ok
11:59:11.0495 5864 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:59:11.0509 5864 PlugPlay - ok
11:59:11.0546 5864 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
11:59:11.0554 5864 PNRPAutoReg - ok
11:59:11.0590 5864 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
11:59:11.0598 5864 PNRPsvc - ok
11:59:11.0645 5864 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:59:11.0662 5864 PolicyAgent - ok
11:59:11.0696 5864 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:59:11.0709 5864 PptpMiniport - ok
11:59:11.0756 5864 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
11:59:11.0770 5864 Processor - ok
11:59:11.0858 5864 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
11:59:11.0861 5864 ProfSvc - ok
11:59:11.0890 5864 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:59:11.0892 5864 ProtectedStorage - ok
11:59:12.0023 5864 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
11:59:12.0043 5864 PSched - ok
11:59:12.0071 5864 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
11:59:12.0073 5864 PxHelp20 - ok
11:59:12.0129 5864 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:59:12.0239 5864 ql2300 - ok
11:59:12.0260 5864 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:59:12.0269 5864 ql40xx - ok
11:59:12.0291 5864 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
11:59:12.0297 5864 QWAVE - ok
11:59:12.0366 5864 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:59:12.0367 5864 QWAVEdrv - ok
11:59:12.0599 5864 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
11:59:12.0717 5864 R300 - ok
11:59:12.0742 5864 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:59:12.0743 5864 RasAcd - ok
11:59:12.0798 5864 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
11:59:12.0800 5864 RasAuto - ok
11:59:12.0860 5864 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:59:12.0875 5864 Rasl2tp - ok
11:59:12.0965 5864 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
11:59:12.0985 5864 RasMan - ok
11:59:13.0024 5864 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:59:13.0033 5864 RasPppoe - ok
11:59:13.0097 5864 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:59:13.0106 5864 RasSstp - ok
11:59:13.0150 5864 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:59:13.0156 5864 rdbss - ok
11:59:13.0191 5864 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:59:13.0193 5864 RDPCDD - ok
11:59:13.0223 5864 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
11:59:13.0237 5864 rdpdr - ok
11:59:13.0245 5864 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:59:13.0246 5864 RDPENCDD - ok
11:59:13.0324 5864 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:59:13.0346 5864 RDPWD - ok
11:59:13.0443 5864 [ CDAB5EEF978C31E6CF58EDBFB4485B8F ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys
11:59:13.0455 5864 RegFilter - ok
11:59:13.0572 5864 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:59:13.0575 5864 RemoteAccess - ok
11:59:13.0616 5864 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:59:13.0619 5864 RemoteRegistry - ok
11:59:13.0689 5864 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
11:59:13.0693 5864 RpcLocator - ok
11:59:13.0809 5864 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
11:59:13.0815 5864 RpcSs - ok
11:59:13.0942 5864 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:59:13.0944 5864 rspndr - ok
11:59:14.0018 5864 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
11:59:14.0045 5864 RTL8169 - ok
11:59:14.0082 5864 [ 7F8D15EE000577BE703537849D4F9397 ] RtNdPt60 C:\Windows\system32\DRIVERS\RtNdPt60.sys
11:59:14.0083 5864 RtNdPt60 - ok
11:59:14.0105 5864 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
11:59:14.0108 5864 SamSs - ok
11:59:14.0144 5864 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:59:14.0157 5864 sbp2port - ok
11:59:14.0220 5864 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:59:14.0225 5864 SCardSvr - ok
11:59:14.0323 5864 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
11:59:14.0332 5864 Schedule - ok
11:59:14.0360 5864 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:59:14.0361 5864 SCPolicySvc - ok
11:59:14.0403 5864 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:59:14.0406 5864 SDRSVC - ok
11:59:14.0430 5864 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:59:14.0431 5864 secdrv - ok
11:59:14.0451 5864 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
11:59:14.0454 5864 seclogon - ok
11:59:14.0585 5864 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
11:59:14.0591 5864 SENS - ok
11:59:14.0640 5864 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:59:14.0647 5864 Serenum - ok
11:59:14.0665 5864 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:59:14.0675 5864 Serial - ok
11:59:14.0700 5864 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:59:14.0781 5864 sermouse - ok
11:59:14.0897 5864 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
11:59:14.0900 5864 SessionEnv - ok
11:59:14.0923 5864 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:59:14.0929 5864 sffdisk - ok
11:59:14.0951 5864 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:59:14.0959 5864 sffp_mmc - ok
11:59:14.0976 5864 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:59:14.0986 5864 sffp_sd - ok
11:59:15.0039 5864 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:59:15.0047 5864 sfloppy - ok
11:59:15.0091 5864 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:59:15.0095 5864 SharedAccess - ok
11:59:15.0143 5864 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:59:15.0146 5864 ShellHWDetection - ok
11:59:15.0177 5864 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:59:15.0206 5864 sisagp - ok
11:59:15.0241 5864 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
11:59:15.0249 5864 SiSRaid2 - ok
11:59:15.0267 5864 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:59:15.0276 5864 SiSRaid4 - ok
11:59:15.0420 5864 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
11:59:15.0479 5864 slsvc - ok
11:59:15.0549 5864 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
11:59:15.0552 5864 SLUINotify - ok
11:59:15.0605 5864 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:59:15.0607 5864 Smb - ok
11:59:15.0835 5864 [ 8317AD0C7E640411C746D5664EB7957A ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
11:59:15.0902 5864 SmcService - ok
11:59:16.0217 5864 [ 95293A76341B1DB125EE125474657728 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
11:59:16.0271 5864 SNAC - ok
11:59:16.0316 5864 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:59:16.0319 5864 SNMPTRAP - ok
11:59:16.0379 5864 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
11:59:16.0387 5864 SPBBCDrv - ok
11:59:16.0415 5864 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
11:59:16.0416 5864 spldr - ok
11:59:16.0465 5864 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
11:59:16.0468 5864 Spooler - ok
11:59:16.0763 5864 sprtsvc_dellsupportcenter - ok
11:59:16.0845 5864 [ B36F8D6A02FF2B3A53E250A629782F29 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS
11:59:16.0886 5864 SRTSP - ok
11:59:16.0916 5864 [ E99BD98AC171A29FC1BA9376BE87AE73 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS
11:59:16.0933 5864 SRTSPL - ok
11:59:16.0956 5864 [ 1AF34729898063E9B7DF8D149D767E07 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS
11:59:16.0966 5864 SRTSPX - ok
11:59:17.0047 5864 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:59:17.0080 5864 srv - ok
11:59:17.0131 5864 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:59:17.0151 5864 srv2 - ok
11:59:17.0186 5864 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:59:17.0189 5864 srvnet - ok
11:59:17.0217 5864 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:59:17.0221 5864 SSDPSRV - ok
11:59:17.0289 5864 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:59:17.0293 5864 SstpSvc - ok
11:59:17.0352 5864 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
11:59:17.0359 5864 stisvc - ok
11:59:17.0408 5864 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
11:59:17.0428 5864 stllssvr - ok
11:59:17.0498 5864 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:59:17.0528 5864 swenum - ok
11:59:17.0583 5864 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
11:59:17.0589 5864 swprv - ok
11:59:17.0680 5864 [ 4402CF4959A30CB6A008099ABA8F22A9 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
11:59:17.0692 5864 Symantec AntiVirus - ok
11:59:17.0717 5864 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
11:59:17.0726 5864 Symc8xx - ok
11:59:17.0776 5864 [ E42A34E6F5CA71A84D4C2DE620AAD13D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
11:59:17.0851 5864 SymEvent - ok
11:59:17.0893 5864 [ 394B2368212114D538316812AF60FDDD ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
11:59:17.0895 5864 SYMREDRV - ok
11:59:17.0925 5864 [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
11:59:17.0929 5864 SYMTDI - ok
11:59:17.0970 5864 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
11:59:18.0027 5864 Sym_hi - ok
11:59:18.0049 5864 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
11:59:18.0059 5864 Sym_u3 - ok
11:59:18.0300 5864 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
11:59:18.0310 5864 SysMain - ok
11:59:18.0350 5864 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:59:18.0352 5864 TabletInputService - ok
11:59:18.0397 5864 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:59:18.0402 5864 TapiSrv - ok
11:59:18.0432 5864 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
11:59:18.0435 5864 TBS - ok
11:59:18.0544 5864 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:59:18.0687 5864 Tcpip - ok
11:59:18.0766 5864 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
11:59:18.0773 5864 Tcpip6 - ok
11:59:18.0860 5864 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:59:18.0888 5864 tcpipreg - ok
11:59:18.0933 5864 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:59:18.0945 5864 TDPIPE - ok
11:59:18.0972 5864 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:59:18.0984 5864 TDTCP - ok
11:59:19.0026 5864 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:59:19.0034 5864 tdx - ok
11:59:19.0076 5864 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:59:19.0085 5864 TermDD - ok
11:59:19.0132 5864 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
11:59:19.0169 5864 TermService - ok
11:59:19.0182 5864 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
11:59:19.0186 5864 Themes - ok
11:59:19.0199 5864 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
11:59:19.0201 5864 THREADORDER - ok
11:59:19.0236 5864 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
11:59:19.0239 5864 TrkWks - ok
11:59:19.0290 5864 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:59:19.0291 5864 TrustedInstaller - ok
11:59:19.0348 5864 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:59:19.0359 5864 tssecsrv - ok
11:59:19.0386 5864 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
11:59:19.0415 5864 tunmp - ok
11:59:19.0453 5864 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:59:19.0454 5864 tunnel - ok
11:59:19.0482 5864 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:59:19.0491 5864 uagp35 - ok
11:59:19.0563 5864 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:59:19.0578 5864 udfs - ok
11:59:19.0625 5864 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:59:19.0629 5864 UI0Detect - ok
11:59:19.0667 5864 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:59:19.0706 5864 uliagpkx - ok
11:59:19.0732 5864 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
11:59:19.0806 5864 uliahci - ok
11:59:19.0839 5864 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
11:59:19.0853 5864 UlSata - ok
11:59:19.0882 5864 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
11:59:19.0896 5864 ulsata2 - ok
11:59:19.0920 5864 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:59:19.0930 5864 umbus - ok
11:59:19.0957 5864 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
11:59:19.0964 5864 upnphost - ok
11:59:19.0989 5864 [ 87F9BCFEC6409C5672722607017FD57B ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys
11:59:19.0990 5864 UrlFilter - ok
11:59:20.0050 5864 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
11:59:20.0060 5864 USBAAPL - ok
11:59:20.0095 5864 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:59:20.0129 5864 usbccgp - ok
11:59:20.0155 5864 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:59:20.0171 5864 usbcir - ok
11:59:20.0196 5864 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:59:20.0300 5864 usbehci - ok
11:59:20.0349 5864 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:59:20.0361 5864 usbhub - ok
11:59:20.0379 5864 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:59:20.0387 5864 usbohci - ok
11:59:20.0418 5864 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:59:20.0446 5864 usbprint - ok
11:59:20.0484 5864 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:59:20.0493 5864 USBSTOR - ok
11:59:20.0510 5864 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:59:20.0517 5864 usbuhci - ok
11:59:20.0554 5864 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
11:59:20.0556 5864 UxSms - ok
11:59:20.0637 5864 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
11:59:20.0656 5864 vds - ok
11:59:20.0690 5864 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:59:20.0722 5864 vga - ok
11:59:20.0754 5864 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
11:59:20.0756 5864 VgaSave - ok
11:59:20.0777 5864 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:59:20.0786 5864 viaagp - ok
11:59:20.0801 5864 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
11:59:20.0809 5864 ViaC7 - ok
11:59:20.0842 5864 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
11:59:20.0872 5864 viaide - ok
11:59:20.0908 5864 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:59:20.0910 5864 volmgr - ok
11:59:21.0055 5864 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:59:21.0105 5864 volmgrx - ok
11:59:21.0175 5864 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:59:21.0179 5864 volsnap - ok
11:59:21.0237 5864 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:59:21.0251 5864 vsmraid - ok
11:59:21.0433 5864 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
11:59:21.0466 5864 VSS - ok
11:59:21.0513 5864 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
11:59:21.0519 5864 W32Time - ok
11:59:21.0567 5864 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:59:21.0581 5864 WacomPen - ok
11:59:21.0606 5864 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
11:59:21.0608 5864 Wanarp - ok
11:59:21.0612 5864 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:59:21.0613 5864 Wanarpv6 - ok
11:59:21.0646 5864 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:59:21.0652 5864 wcncsvc - ok
11:59:21.0694 5864 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:59:21.0697 5864 WcsPlugInService - ok
11:59:21.0745 5864 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
11:59:21.0776 5864 Wd - ok
11:59:21.0857 5864 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:59:21.0900 5864 Wdf01000 - ok
11:59:21.0932 5864 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:59:21.0937 5864 WdiServiceHost - ok
11:59:21.0991 5864 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:59:21.0993 5864 WdiSystemHost - ok
11:59:22.0114 5864 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
11:59:22.0123 5864 WebClient - ok
11:59:22.0193 5864 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:59:22.0197 5864 Wecsvc - ok
11:59:22.0290 5864 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:59:22.0295 5864 wercplsupport - ok
11:59:22.0413 5864 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
11:59:22.0417 5864 WerSvc - ok
11:59:22.0508 5864 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:59:22.0512 5864 WinDefend - ok
11:59:22.0521 5864 WinHttpAutoProxySvc - ok
11:59:22.0593 5864 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:59:22.0595 5864 Winmgmt - ok
11:59:22.0735 5864 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
11:59:22.0816 5864 WinRM - ok
11:59:22.0952 5864 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:59:22.0991 5864 Wlansvc - ok
11:59:23.0170 5864 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:59:23.0236 5864 wlidsvc - ok
11:59:23.0298 5864 [ 48CA581C12022AC60FE82E2B96FBF5D4 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:59:23.0308 5864 WmiAcpi - ok
11:59:23.0371 5864 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:59:23.0372 5864 wmiApSrv - ok
11:59:23.0549 5864 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:59:23.0581 5864 WMPNetworkSvc - ok
11:59:23.0600 5864 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:59:23.0604 5864 WPCSvc - ok
11:59:23.0696 5864 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:59:23.0700 5864 WPDBusEnum - ok
11:59:23.0828 5864 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
11:59:23.0867 5864 WpdUsb - ok
11:59:24.0178 5864 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:59:24.0203 5864 WPFFontCache_v0400 - ok
11:59:24.0227 5864 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:59:24.0237 5864 ws2ifsl - ok
11:59:24.0291 5864 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
11:59:24.0295 5864 wscsvc - ok
11:59:24.0398 5864 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:59:24.0427 5864 WSDPrintDevice - ok
11:59:24.0473 5864 [ 65D1FF8AAFF4A7D8F787A290E5087816 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
11:59:24.0483 5864 WSDScan - ok
11:59:24.0489 5864 WSearch - ok
11:59:24.0760 5864 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:59:24.0845 5864 wuauserv - ok
11:59:24.0871 5864 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:59:24.0884 5864 WUDFRd - ok
11:59:24.0920 5864 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:59:24.0923 5864 wudfsvc - ok
11:59:24.0983 5864 ================ Scan global ===============================
11:59:25.0015 5864 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
11:59:25.0170 5864 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:59:25.0213 5864 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
11:59:25.0291 5864 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
11:59:25.0317 5864 [Global] - ok
11:59:25.0320 5864 ================ Scan MBR ==================================
11:59:25.0345 5864 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
11:59:26.0557 5864 \Device\Harddisk0\DR0 - ok
11:59:26.0558 5864 ================ Scan VBR ==================================
11:59:26.0587 5864 [ 5522E8D14BC53505C21F847DAF6B3000 ] \Device\Harddisk0\DR0\Partition1
11:59:26.0591 5864 \Device\Harddisk0\DR0\Partition1 - ok
11:59:26.0612 5864 [ F4112499AC916849EC983F5BED1F5C43 ] \Device\Harddisk0\DR0\Partition2
11:59:26.0614 5864 \Device\Harddisk0\DR0\Partition2 - ok
11:59:26.0618 5864 ============================================================
11:59:26.0618 5864 Scan finished
11:59:26.0618 5864 ============================================================
11:59:26.0636 3420 Detected object count: 0
11:59:26.0636 3420 Actual detected object count: 0
12:00:31.0226 5776 ============================================================
12:00:31.0226 5776 Scan started
12:00:31.0226 5776 Mode: Manual; TDLFS;
12:00:31.0226 5776 ============================================================
12:00:41.0337 5776 ================ Scan system memory ========================
12:00:41.0337 5776 System memory - ok
12:00:41.0338 5776 ================ Scan services =============================
12:00:41.0995 5776 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
12:00:41.0998 5776 ACPI - ok
12:00:42.0088 5776 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:00:42.0090 5776 AdobeFlashPlayerUpdateSvc - ok
12:00:42.0144 5776 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:00:42.0148 5776 adp94xx - ok
12:00:42.0181 5776 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:00:42.0184 5776 adpahci - ok
12:00:42.0205 5776 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:00:42.0207 5776 adpu160m - ok
12:00:42.0258 5776 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:00:42.0260 5776 adpu320 - ok
12:00:42.0304 5776 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:00:42.0305 5776 AeLookupSvc - ok
12:00:42.0336 5776 [ 97210CDE1BA95053CAD83D0FBB7C6A89 ] AERTFilters C:\Windows\system32\AERTSrv.exe
12:00:42.0337 5776 AERTFilters - ok
12:00:42.0384 5776 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
12:00:42.0387 5776 AFD - ok
12:00:42.0412 5776 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:00:42.0412 5776 agp440 - ok
12:00:42.0448 5776 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:00:42.0449 5776 aic78xx - ok
12:00:42.0475 5776 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
12:00:42.0476 5776 ALG - ok
12:00:42.0500 5776 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
12:00:42.0500 5776 aliide - ok
12:00:42.0528 5776 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:00:42.0529 5776 amdagp - ok
12:00:42.0552 5776 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
12:00:42.0553 5776 amdide - ok
12:00:42.0578 5776 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:00:42.0578 5776 AmdK7 - ok
12:00:42.0594 5776 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:00:42.0594 5776 AmdK8 - ok
12:00:42.0623 5776 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
12:00:42.0624 5776 Appinfo - ok
12:00:42.0776 5776 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:00:42.0777 5776 Apple Mobile Device - ok
12:00:42.0799 5776 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
12:00:42.0800 5776 arc - ok
12:00:42.0822 5776 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:00:42.0823 5776 arcsas - ok
12:00:42.0854 5776 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:00:42.0855 5776 AsyncMac - ok
12:00:42.0883 5776 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys
12:00:42.0884 5776 atapi - ok
12:00:42.0960 5776 [ 44FA26470D4C8123CCF71F4200B782D3 ] athrusb C:\Windows\system32\DRIVERS\athrusb.sys
12:00:42.0968 5776 athrusb - ok
12:00:43.0026 5776 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:00:43.0031 5776 AudioEndpointBuilder - ok
12:00:43.0040 5776 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:00:43.0043 5776 Audiosrv - ok
12:00:43.0181 5776 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
12:00:43.0184 5776 BBSvc - ok
12:00:43.0225 5776 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
12:00:43.0228 5776 BBUpdate - ok
12:00:43.0291 5776 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
12:00:43.0292 5776 Beep - ok
12:00:43.0460 5776 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
12:00:43.0463 5776 BFE - ok
12:00:43.0540 5776 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
12:00:43.0552 5776 BITS - ok
12:00:43.0587 5776 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:00:43.0588 5776 blbdrive - ok
12:00:43.0665 5776 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:00:43.0670 5776 Bonjour Service - ok
12:00:43.0708 5776 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:00:43.0709 5776 bowser - ok
12:00:43.0733 5776 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:00:43.0733 5776 BrFiltLo - ok
12:00:43.0751 5776 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:00:43.0752 5776 BrFiltUp - ok
12:00:43.0777 5776 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
12:00:43.0779 5776 Browser - ok
12:00:43.0805 5776 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
12:00:43.0805 5776 Brserid - ok
12:00:43.0827 5776 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:00:43.0828 5776 BrSerWdm - ok
12:00:43.0848 5776 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:00:43.0848 5776 BrUsbMdm - ok
12:00:43.0861 5776 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:00:43.0861 5776 BrUsbSer - ok
12:00:43.0882 5776 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:00:43.0883 5776 BTHMODEM - ok
12:00:43.0954 5776 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
12:00:43.0955 5776 ccEvtMgr - ok
12:00:43.0961 5776 [ F3E5C6CEEC35C3F65221100B00AFB5F9 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
12:00:43.0962 5776 ccSetMgr - ok
12:00:43.0981 5776 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:00:43.0982 5776 cdfs - ok
12:00:44.0040 5776 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:00:44.0042 5776 cdrom - ok
12:00:44.0104 5776 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
12:00:44.0105 5776 CertPropSvc - ok
12:00:44.0130 5776 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
12:00:44.0131 5776 circlass - ok
12:00:44.0337 5776 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
12:00:44.0339 5776 CLFS - ok
12:00:44.0539 5776 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:00:44.0541 5776 clr_optimization_v2.0.50727_32 - ok
12:00:44.0687 5776 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:00:44.0688 5776 clr_optimization_v4.0.30319_32 - ok
12:00:44.0731 5776 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:00:44.0732 5776 cmdide - ok
12:00:44.0856 5776 [ 4FC0A44DA7603229E1A9454126A59EFD ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:00:44.0857 5776 Compbatt - ok
12:00:44.0868 5776 COMSysApp - ok
12:00:44.0904 5776 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:00:44.0904 5776 crcdisk - ok
12:00:44.0926 5776 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:00:44.0927 5776 Crusoe - ok
12:00:44.0969 5776 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:00:44.0970 5776 CryptSvc - ok
12:00:45.0027 5776 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:00:45.0032 5776 DcomLaunch - ok
12:00:45.0052 5776 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:00:45.0053 5776 DfsC - ok
12:00:45.0172 5776 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
12:00:45.0186 5776 DFSR - ok
12:00:45.0253 5776 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:00:45.0256 5776 Dhcp - ok
12:00:45.0326 5776 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
12:00:45.0327 5776 disk - ok
12:00:45.0406 5776 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:00:45.0408 5776 Dnscache - ok
12:00:45.0458 5776 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:00:45.0460 5776 dot3svc - ok
12:00:45.0499 5776 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
12:00:45.0501 5776 DPS - ok
12:00:45.0534 5776 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:00:45.0535 5776 drmkaud - ok
12:00:45.0606 5776 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:00:45.0610 5776 DXGKrnl - ok
12:00:45.0680 5776 [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
12:00:45.0682 5776 e1express - ok
12:00:45.0703 5776 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:00:45.0704 5776 E1G60 - ok
12:00:45.0737 5776 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
12:00:45.0738 5776 EapHost - ok
12:00:45.0802 5776 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
12:00:45.0803 5776 Ecache - ok
12:00:45.0855 5776 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:00:45.0857 5776 eeCtrl - ok
12:00:45.0941 5776 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:00:45.0943 5776 elxstor - ok
12:00:46.0010 5776 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:00:46.0018 5776 EMDMgmt - ok
12:00:46.0069 5776 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:00:46.0071 5776 EraserUtilRebootDrv - ok
12:00:46.0137 5776 [ F2A80DE2D1B7116052C09CB4D4CA1416 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:00:46.0138 5776 ErrDev - ok
12:00:46.0197 5776 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
12:00:46.0200 5776 EventSystem - ok
12:00:46.0246 5776 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
12:00:46.0247 5776 exfat - ok
12:00:46.0302 5776 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:00:46.0303 5776 fastfat - ok
12:00:46.0448 5776 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:00:46.0449 5776 fdc - ok
12:00:46.0543 5776 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
12:00:46.0545 5776 fdPHost - ok
12:00:46.0562 5776 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:00:46.0564 5776 FDResPub - ok
12:00:46.0585 5776 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:00:46.0586 5776 FileInfo - ok
12:00:46.0766 5776 [ 47B91551FE7489A323BAF4904CAD757A ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
12:00:46.0767 5776 FileMonitor - ok
12:00:46.0810 5776 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:00:46.0811 5776 Filetrace - ok
12:00:46.0867 5776 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:00:46.0868 5776 flpydisk - ok
12:00:46.0941 5776 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:00:46.0943 5776 FltMgr - ok
12:00:47.0027 5776 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
12:00:47.0033 5776 FontCache - ok
12:00:47.0109 5776 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:00:47.0109 5776 FontCache3.0.0.0 - ok
12:00:47.0136 5776 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:00:47.0137 5776 Fs_Rec - ok
12:00:47.0171 5776 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:00:47.0172 5776 gagp30kx - ok
12:00:47.0220 5776 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:00:47.0221 5776 GEARAspiWDM - ok
12:00:47.0279 5776 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
12:00:47.0284 5776 gpsvc - ok
12:00:47.0533 5776 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:00:47.0534 5776 gupdate - ok
12:00:47.0545 5776 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:00:47.0546 5776 gupdatem - ok
12:00:47.0599 5776 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:00:47.0604 5776 HDAudBus - ok
12:00:47.0625 5776 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:00:47.0626 5776 HidBth - ok
12:00:47.0649 5776 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:00:47.0649 5776 HidIr - ok
12:00:47.0690 5776 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
12:00:47.0692 5776 hidserv - ok
12:00:47.0724 5776 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:00:47.0725 5776 HidUsb - ok
12:00:47.0752 5776 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:00:47.0755 5776 hkmsvc - ok
12:00:47.0786 5776 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:00:47.0787 5776 HpCISSs - ok
12:00:47.0905 5776 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:00:47.0909 5776 HTTP - ok
12:00:47.0934 5776 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:00:47.0936 5776 i2omp - ok
12:00:47.0954 5776 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:00:47.0955 5776 i8042prt - ok
12:00:48.0051 5776 [ F79525634B192F5A18DE503568F94EF3 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:00:48.0053 5776 IAANTMON - ok
12:00:48.0124 5776 [ 707C1692214B1C290271067197F075F6 ] iaStor C:\Windows\system32\drivers\iastor.sys
12:00:48.0127 5776 iaStor - ok
12:00:48.0158 5776 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:00:48.0161 5776 iaStorV - ok
12:00:48.0295 5776 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:00:48.0302 5776 idsvc - ok
12:00:48.0659 5776 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
12:00:48.0714 5776 igfx - ok
12:00:48.0741 5776 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:00:48.0742 5776 iirsp - ok
12:00:48.0790 5776 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
12:00:48.0794 5776 IKEEXT - ok
12:00:48.0874 5776 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
12:00:48.0880 5776 IMFservice - ok
12:00:48.0981 5776 [ 9B89F2E3D705651DEC1F01033B9D6B24 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:00:49.0001 5776 IntcAzAudAddService - ok
12:00:49.0028 5776 [ 8DAB99684CFE8B4DDD5D6D0C5D55FDAC ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
12:00:49.0029 5776 IntcHdmiAddService - ok
12:00:49.0056 5776 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
12:00:49.0057 5776 intelide - ok
12:00:49.0086 5776 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:00:49.0086 5776 intelppm - ok
12:00:49.0135 5776 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:00:49.0137 5776 IPBusEnum - ok
12:00:49.0163 5776 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:00:49.0164 5776 IpFilterDriver - ok
12:00:49.0200 5776 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:00:49.0202 5776 iphlpsvc - ok
12:00:49.0214 5776 IpInIp - ok
12:00:49.0237 5776 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:00:49.0238 5776 IPMIDRV - ok
12:00:49.0270 5776 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:00:49.0272 5776 IPNAT - ok
12:00:49.0437 5776 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:00:49.0443 5776 iPod Service - ok
12:00:49.0459 5776 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:00:49.0459 5776 IRENUM - ok
12:00:49.0484 5776 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:00:49.0485 5776 isapnp - ok
12:00:49.0527 5776 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:00:49.0529 5776 iScsiPrt - ok
12:00:49.0549 5776 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:00:49.0550 5776 iteatapi - ok
12:00:49.0576 5776 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:00:49.0577 5776 iteraid - ok
12:00:49.0605 5776 [ B07084095F8C03AADB9811C9DF14B5E4 ] JRAID C:\Windows\system32\drivers\jraid.sys
12:00:49.0606 5776 JRAID - ok
12:00:49.0631 5776 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:00:49.0632 5776 kbdclass - ok
12:00:49.0679 5776 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:00:49.0680 5776 kbdhid - ok
12:00:49.0693 5776 kdxxgd - ok
12:00:49.0764 5776 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
12:00:49.0771 5776 KeyIso - ok
12:00:50.0066 5776 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:00:50.0068 5776 KSecDD - ok
12:00:50.0107 5776 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:00:50.0111 5776 KtmRm - ok
12:00:50.0147 5776 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
12:00:50.0150 5776 LanmanServer - ok
12:00:50.0213 5776 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:00:50.0217 5776 LanmanWorkstation - ok
12:00:50.0395 5776 [ 6ABE9ECAAB7DD0CC6F46EC830E0FE8FC ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
12:00:50.0419 5776 LiveUpdate - ok
12:00:50.0455 5776 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:00:50.0456 5776 lltdio - ok
12:00:50.0502 5776 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:00:50.0505 5776 lltdsvc - ok
12:00:50.0592 5776 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:00:50.0594 5776 lmhosts - ok
12:00:50.0643 5776 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:00:50.0644 5776 LSI_FC - ok
12:00:50.0676 5776 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:00:50.0677 5776 LSI_SAS - ok
12:00:50.0708 5776 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:00:50.0709 5776 LSI_SCSI - ok
12:00:50.0726 5776 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
12:00:50.0727 5776 luafv - ok
12:00:50.0922 5776 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
12:00:50.0924 5776 mcdbus - ok
12:00:50.0962 5776 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
12:00:50.0963 5776 megasas - ok
12:00:51.0092 5776 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
12:00:51.0096 5776 MegaSR - ok
12:00:51.0158 5776 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
12:00:51.0163 5776 MMCSS - ok
12:00:51.0210 5776 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
12:00:51.0211 5776 Modem - ok
12:00:51.0289 5776 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:00:51.0290 5776 monitor - ok
12:00:51.0330 5776 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:00:51.0330 5776 mouclass - ok
12:00:51.0400 5776 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:00:51.0402 5776 mouhid - ok
12:00:51.0676 5776 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:00:51.0684 5776 MountMgr - ok
12:00:51.0810 5776 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:00:51.0811 5776 MozillaMaintenance - ok
12:00:51.0846 5776 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
12:00:51.0847 5776 mpio - ok
12:00:51.0882 5776 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:00:51.0885 5776 mpsdrv - ok
12:00:52.0220 5776 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
12:00:52.0228 5776 MpsSvc - ok
12:00:52.0282 5776 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:00:52.0283 5776 Mraid35x - ok
12:00:52.0344 5776 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:00:52.0346 5776 MRxDAV - ok
12:00:52.0393 5776 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:00:52.0394 5776 mrxsmb - ok
12:00:52.0459 5776 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:00:52.0462 5776 mrxsmb10 - ok
12:00:52.0490 5776 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:00:52.0492 5776 mrxsmb20 - ok
12:00:52.0517 5776 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys
12:00:52.0518 5776 msahci - ok
12:00:52.0564 5776 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:00:52.0565 5776 msdsm - ok
12:00:52.0610 5776 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
12:00:52.0614 5776 MSDTC - ok
12:00:52.0686 5776 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:00:52.0687 5776 Msfs - ok
12:00:52.0712 5776 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:00:52.0713 5776 msisadrv - ok
12:00:52.0750 5776 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:00:52.0753 5776 MSiSCSI - ok
12:00:52.0760 5776 msiserver - ok
12:00:52.0781 5776 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:00:52.0782 5776 MSKSSRV - ok
12:00:52.0801 5776 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:00:52.0802 5776 MSPCLOCK - ok
12:00:52.0828 5776 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:00:52.0829 5776 MSPQM - ok
12:00:52.0894 5776 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:00:52.0896 5776 MsRPC - ok
12:00:52.0933 5776 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:00:52.0934 5776 mssmbios - ok
12:00:52.0956 5776 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:00:52.0957 5776 MSTEE - ok
12:00:53.0001 5776 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
12:00:53.0003 5776 Mup - ok
12:00:53.0080 5776 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
12:00:53.0085 5776 napagent - ok
12:00:53.0216 5776 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:00:53.0218 5776 NativeWifiP - ok
12:00:53.0403 5776 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121020.007\NAVENG.SYS
12:00:53.0404 5776 NAVENG - ok
12:00:53.0572 5776 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121020.007\NAVEX15.SYS
12:00:53.0586 5776 NAVEX15 - ok
12:00:53.0746 5776 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:00:53.0752 5776 NDIS - ok
12:00:53.0793 5776 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:00:53.0794 5776 NdisTapi - ok
12:00:53.0842 5776 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:00:53.0843 5776 Ndisuio - ok
12:00:53.0879 5776 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:00:53.0882 5776 NdisWan - ok
12:00:53.0964 5776 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:00:53.0965 5776 NDProxy - ok
12:00:54.0004 5776 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:00:54.0004 5776 NetBIOS - ok
12:00:54.0066 5776 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:00:54.0068 5776 netbt - ok
12:00:54.0103 5776 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
12:00:54.0105 5776 Netlogon - ok
12:00:54.0188 5776 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
12:00:54.0192 5776 Netman - ok
12:00:54.0250 5776 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
12:00:54.0255 5776 netprofm - ok
12:00:54.0317 5776 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:00:54.0319 5776 NetTcpPortSharing - ok
12:00:54.0359 5776 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:00:54.0360 5776 nfrd960 - ok
12:00:54.0399 5776 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:00:54.0402 5776 NlaSvc - ok
12:00:54.0450 5776 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:00:54.0450 5776 Npfs - ok
12:00:54.0466 5776 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
12:00:54.0468 5776 nsi - ok
12:00:54.0501 5776 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:00:54.0502 5776 nsiproxy - ok
12:00:54.0639 5776 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:00:54.0652 5776 Ntfs - ok
12:00:54.0685 5776 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:00:54.0686 5776 ntrigdigi - ok
12:00:54.0718 5776 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
12:00:54.0718 5776 Null - ok
12:00:54.0744 5776 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:00:54.0745 5776 nvraid - ok
12:00:54.0769 5776 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:00:54.0769 5776 nvstor - ok
12:00:54.0805 5776 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:00:54.0806 5776 nv_agp - ok
12:00:54.0812 5776 NwlnkFlt - ok
12:00:54.0822 5776 NwlnkFwd - ok
12:00:54.0861 5776 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:00:54.0862 5776 ohci1394 - ok
12:00:54.0974 5776 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:00:54.0981 5776 p2pimsvc - ok
12:00:55.0058 5776 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
12:00:55.0067 5776 p2psvc - ok
12:00:55.0126 5776 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
12:00:55.0127 5776 Parport - ok
12:00:55.0180 5776 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:00:55.0181 5776 partmgr - ok
12:00:55.0198 5776 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
12:00:55.0199 5776 Parvdm - ok
12:00:55.0231 5776 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
12:00:55.0234 5776 PcaSvc - ok
12:00:55.0310 5776 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
12:00:55.0311 5776 pci - ok
12:00:55.0362 5776 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
12:00:55.0363 5776 pciide - ok
12:00:55.0418 5776 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:00:55.0420 5776 pcmcia - ok
12:00:55.0531 5776 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:00:55.0538 5776 PEAUTH - ok
12:00:55.0719 5776 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
12:00:55.0733 5776 pla - ok
12:00:55.0806 5776 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:00:55.0810 5776 PlugPlay - ok
12:00:56.0040 5776 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:00:56.0047 5776 PNRPAutoReg - ok
12:00:56.0082 5776 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:00:56.0088 5776 PNRPsvc - ok
12:00:56.0221 5776 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:00:56.0225 5776 PolicyAgent - ok
12:00:56.0258 5776 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:00:56.0259 5776 PptpMiniport - ok
12:00:56.0309 5776 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
12:00:56.0310 5776 Processor - ok
12:00:56.0377 5776 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
12:00:56.0381 5776 ProfSvc - ok
12:00:56.0401 5776 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:00:56.0403 5776 ProtectedStorage - ok
12:00:56.0451 5776 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:00:56.0452 5776 PSched - ok
12:00:56.0467 5776 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
12:00:56.0468 5776 PxHelp20 - ok
12:00:56.0714 5776 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:00:56.0725 5776 ql2300 - ok
12:00:56.0755 5776 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:00:56.0756 5776 ql40xx - ok
12:00:56.0795 5776 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
12:00:56.0800 5776 QWAVE - ok
12:00:56.0836 5776 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:00:56.0837 5776 QWAVEdrv - ok
12:00:57.0046 5776 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
12:00:57.0065 5776 R300 - ok
12:00:57.0087 5776 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:00:57.0089 5776 RasAcd - ok
12:00:57.0126 5776 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
12:00:57.0130 5776 RasAuto - ok
12:00:57.0157 5776 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:00:57.0159 5776 Rasl2tp - ok
12:00:57.0268 5776 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
12:00:57.0272 5776 RasMan - ok
12:00:57.0327 5776 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:00:57.0328 5776 RasPppoe - ok
12:00:57.0384 5776 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:00:57.0385 5776 RasSstp - ok
12:00:57.0477 5776 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:00:57.0479 5776 rdbss - ok
12:00:57.0528 5776 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:00:57.0529 5776 RDPCDD - ok
12:00:57.0567 5776 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:00:57.0570 5776 rdpdr - ok
12:00:57.0581 5776 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:00:57.0584 5776 RDPENCDD - ok
12:00:57.0657 5776 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:00:57.0659 5776 RDPWD - ok
12:00:57.0779 5776 [ CDAB5EEF978C31E6CF58EDBFB4485B8F ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys
12:00:57.0780 5776 RegFilter - ok
12:00:57.0817 5776 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:00:57.0820 5776 RemoteAccess - ok
12:00:57.0886 5776 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:00:57.0890 5776 RemoteRegistry - ok
12:00:57.0918 5776 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:00:57.0920 5776 RpcLocator - ok
12:00:58.0037 5776 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
12:00:58.0043 5776 RpcSs - ok
12:00:58.0120 5776 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:00:58.0121 5776 rspndr - ok
12:00:58.0196 5776 [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
12:00:58.0199 5776 RTL8169 - ok
12:00:58.0252 5776 [ 7F8D15EE000577BE703537849D4F9397 ] RtNdPt60 C:\Windows\system32\DRIVERS\RtNdPt60.sys
12:00:58.0252 5776 RtNdPt60 - ok
12:00:58.0276 5776 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
12:00:58.0278 5776 SamSs - ok
12:00:58.0343 5776 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:00:58.0344 5776 sbp2port - ok
12:00:58.0406 5776 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:00:58.0410 5776 SCardSvr - ok
12:00:58.0569 5776 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
12:00:58.0578 5776 Schedule - ok
12:00:58.0605 5776 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:00:58.0606 5776 SCPolicySvc - ok
12:00:58.0639 5776 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:00:58.0644 5776 SDRSVC - ok
12:00:58.0658 5776 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:00:58.0659 5776 secdrv - ok
12:00:58.0679 5776 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
12:00:58.0693 5776 seclogon - ok
12:00:58.0788 5776 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
12:00:58.0792 5776 SENS - ok
12:00:58.0835 5776 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:00:58.0835 5776 Serenum - ok
12:00:58.0851 5776 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:00:58.0853 5776 Serial - ok
12:00:58.0879 5776 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:00:58.0880 5776 sermouse - ok
12:00:58.0926 5776 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
12:00:58.0930 5776 SessionEnv - ok
12:00:58.0959 5776 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:00:58.0960 5776 sffdisk - ok
12:00:58.0996 5776 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:00:58.0997 5776 sffp_mmc - ok
12:00:59.0013 5776 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:00:59.0013 5776 sffp_sd - ok
12:00:59.0034 5776 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:00:59.0035 5776 sfloppy - ok
12:00:59.0096 5776 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:00:59.0100 5776 SharedAccess - ok
12:00:59.0221 5776 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:00:59.0225 5776 ShellHWDetection - ok
12:00:59.0264 5776 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:00:59.0265 5776 sisagp - ok
12:00:59.0286 5776 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:00:59.0287 5776 SiSRaid2 - ok
12:00:59.0312 5776 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:00:59.0313 5776 SiSRaid4 - ok
12:00:59.0646 5776 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
12:00:59.0673 5776 slsvc - ok
12:00:59.0728 5776 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:00:59.0730 5776 SLUINotify - ok
12:00:59.0783 5776 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:00:59.0784 5776 Smb - ok
12:01:00.0265 5776 [ 8317AD0C7E640411C746D5664EB7957A ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
12:01:00.0280 5776 SmcService - ok
12:01:00.0428 5776 [ 95293A76341B1DB125EE125474657728 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
12:01:00.0430 5776 SNAC - ok
12:01:00.0461 5776 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:01:00.0464 5776 SNMPTRAP - ok
12:01:00.0588 5776 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
12:01:00.0591 5776 SPBBCDrv - ok
12:01:00.0610 5776 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
12:01:00.0610 5776 spldr - ok
12:01:00.0668 5776 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
12:01:00.0671 5776 Spooler - ok
12:01:00.0784 5776 sprtsvc_dellsupportcenter - ok
12:01:00.0878 5776 [ B36F8D6A02FF2B3A53E250A629782F29 ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS
12:01:00.0882 5776 SRTSP - ok
12:01:00.0985 5776 [ E99BD98AC171A29FC1BA9376BE87AE73 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS
12:01:00.0987 5776 SRTSPL - ok
12:01:01.0009 5776 [ 1AF34729898063E9B7DF8D149D767E07 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS
12:01:01.0010 5776 SRTSPX - ok
12:01:01.0101 5776 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:01:01.0103 5776 srv - ok
12:01:01.0158 5776 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:01:01.0160 5776 srv2 - ok
12:01:01.0206 5776 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:01:01.0208 5776 srvnet - ok
12:01:01.0292 5776 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:01:01.0300 5776 SSDPSRV - ok
12:01:01.0318 5776 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:01:01.0322 5776 SstpSvc - ok
12:01:01.0433 5776 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
12:01:01.0439 5776 stisvc - ok
12:01:01.0570 5776 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
12:01:01.0572 5776 stllssvr - ok
12:01:01.0602 5776 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:01:01.0603 5776 swenum - ok
12:01:01.0671 5776 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
12:01:01.0677 5776 swprv - ok
12:01:01.0906 5776 [ 4402CF4959A30CB6A008099ABA8F22A9 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
12:01:01.0919 5776 Symantec AntiVirus - ok
12:01:01.0996 5776 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:01:01.0997 5776 Symc8xx - ok
12:01:02.0063 5776 [ E42A34E6F5CA71A84D4C2DE620AAD13D ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
12:01:02.0065 5776 SymEvent - ok
12:01:02.0130 5776 [ 394B2368212114D538316812AF60FDDD ] SYMREDRV C:\Windows\System32\Drivers\SYMREDRV.SYS
12:01:02.0130 5776 SYMREDRV - ok
12:01:02.0161 5776 [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI C:\Windows\System32\Drivers\SYMTDI.SYS
12:01:02.0162 5776 SYMTDI - ok
12:01:02.0223 5776 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:01:02.0224 5776 Sym_hi - ok
12:01:02.0245 5776 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:01:02.0246 5776 Sym_u3 - ok
12:01:02.0384 5776 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
12:01:02.0391 5776 SysMain - ok
12:01:02.0462 5776 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:01:02.0465 5776 TabletInputService - ok
12:01:02.0525 5776 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:01:02.0535 5776 TapiSrv - ok
12:01:02.0586 5776 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
12:01:02.0589 5776 TBS - ok
12:01:02.0746 5776 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:01:02.0754 5776 Tcpip - ok
12:01:02.0878 5776 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:01:02.0890 5776 Tcpip6 - ok
12:01:02.0955 5776 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:01:02.0955 5776 tcpipreg - ok
12:01:02.0994 5776 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:01:02.0996 5776 TDPIPE - ok
12:01:03.0017 5776 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:01:03.0018 5776 TDTCP - ok
12:01:03.0063 5776 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:01:03.0064 5776 tdx - ok
12:01:03.0113 5776 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:01:03.0114 5776 TermDD - ok
12:01:03.0170 5776 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
12:01:03.0176 5776 TermService - ok
12:01:03.0235 5776 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
12:01:03.0239 5776 Themes - ok
12:01:03.0265 5776 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
12:01:03.0268 5776 THREADORDER - ok
12:01:03.0323 5776 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
12:01:03.0327 5776 TrkWks - ok
12:01:03.0402 5776 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:01:03.0402 5776 TrustedInstaller - ok
12:01:03.0435 5776 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:01:03.0436 5776 tssecsrv - ok
12:01:03.0456 5776 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:01:03.0456 5776 tunmp - ok
12:01:03.0490 5776 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:01:03.0491 5776 tunnel - ok
12:01:03.0511 5776 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:01:03.0512 5776 uagp35 - ok
12:01:03.0600 5776 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:01:03.0602 5776 udfs - ok
12:01:03.0678 5776 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:01:03.0682 5776 UI0Detect - ok
12:01:03.0762 5776 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:01:03.0763 5776 uliagpkx - ok
12:01:03.0810 5776 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:01:03.0812 5776 uliahci - ok
12:01:03.0859 5776 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:01:03.0861 5776 UlSata - ok
12:01:03.0879 5776 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:01:03.0881 5776 ulsata2 - ok
12:01:03.0898 5776 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:01:03.0899 5776 umbus - ok
12:01:03.0960 5776 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
12:01:03.0964 5776 upnphost - ok
12:01:03.0984 5776 [ 87F9BCFEC6409C5672722607017FD57B ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys
12:01:03.0984 5776 UrlFilter - ok
12:01:04.0053 5776 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
12:01:04.0054 5776 USBAAPL - ok
12:01:04.0099 5776 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:01:04.0100 5776 usbccgp - ok
12:01:04.0142 5776 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:01:04.0143 5776 usbcir - ok
12:01:04.0178 5776 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:01:04.0180 5776 usbehci - ok
12:01:04.0244 5776 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:01:04.0246 5776 usbhub - ok
12:01:04.0266 5776 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:01:04.0267 5776 usbohci - ok
12:01:04.0296 5776 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:01:04.0297 5776 usbprint - ok
12:01:04.0379 5776 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:01:04.0380 5776 USBSTOR - ok
12:01:04.0397 5776 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:01:04.0398 5776 usbuhci - ok
12:01:04.0449 5776 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
12:01:04.0452 5776 UxSms - ok
12:01:04.0540 5776 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
12:01:04.0547 5776 vds - ok
12:01:04.0594 5776 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:01:04.0594 5776 vga - ok
12:01:04.0608 5776 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:01:04.0610 5776 VgaSave - ok
12:01:04.0664 5776 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:01:04.0664 5776 viaagp - ok
12:01:04.0679 5776 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:01:04.0680 5776 ViaC7 - ok
12:01:04.0721 5776 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
12:01:04.0721 5776 viaide - ok
12:01:04.0753 5776 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:01:04.0754 5776 volmgr - ok
12:01:04.0942 5776 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:01:04.0946 5776 volmgrx - ok
12:01:05.0020 5776 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:01:05.0022 5776 volsnap - ok
12:01:05.0066 5776 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:01:05.0067 5776 vsmraid - ok
12:01:05.0194 5776 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
12:01:05.0203 5776 VSS - ok
12:01:05.0285 5776 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
12:01:05.0291 5776 W32Time - ok
12:01:05.0354 5776 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:01:05.0355 5776 WacomPen - ok
12:01:05.0393 5776 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:01:05.0394 5776 Wanarp - ok
12:01:05.0408 5776 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:01:05.0410 5776 Wanarpv6 - ok
12:01:05.0488 5776 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:01:05.0494 5776 wcncsvc - ok
12:01:05.0531 5776 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:01:05.0534 5776 WcsPlugInService - ok
12:01:05.0574 5776 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
12:01:05.0575 5776 Wd - ok
12:01:05.0653 5776 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:01:05.0659 5776 Wdf01000 - ok
12:01:05.0828 5776 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:01:05.0831 5776 WdiServiceHost - ok
12:01:05.0875 5776 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:01:05.0880 5776 WdiSystemHost - ok
12:01:05.0949 5776 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
12:01:05.0955 5776 WebClient - ok
12:01:06.0048 5776 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:01:06.0054 5776 Wecsvc - ok
12:01:06.0118 5776 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:01:06.0123 5776 wercplsupport - ok
12:01:06.0208 5776 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
12:01:06.0213 5776 WerSvc - ok
12:01:06.0298 5776 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:01:06.0301 5776 WinDefend - ok
12:01:06.0324 5776 WinHttpAutoProxySvc - ok
12:01:06.0492 5776 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:01:06.0494 5776 Winmgmt - ok
12:01:06.0679 5776 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
12:01:06.0694 5776 WinRM - ok
12:01:06.0892 5776 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:01:06.0902 5776 Wlansvc - ok
12:01:07.0447 5776 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:01:07.0460 5776 wlidsvc - ok
12:01:07.0492 5776 [ 48CA581C12022AC60FE82E2B96FBF5D4 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:01:07.0493 5776 WmiAcpi - ok
12:01:07.0561 5776 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:01:07.0563 5776 wmiApSrv - ok
12:01:07.0722 5776 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:01:07.0729 5776 WMPNetworkSvc - ok
12:01:07.0815 5776 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:01:07.0822 5776 WPCSvc - ok
12:01:08.0158 5776 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:01:08.0163 5776 WPDBusEnum - ok
12:01:08.0198 5776 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:01:08.0199 5776 WpdUsb - ok
12:01:08.0474 5776 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:01:08.0479 5776 WPFFontCache_v0400 - ok
12:01:08.0540 5776 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:01:08.0541 5776 ws2ifsl - ok
12:01:08.0601 5776 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
12:01:08.0605 5776 wscsvc - ok
12:01:08.0653 5776 [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:01:08.0653 5776 WSDPrintDevice - ok
12:01:08.0702 5776 [ 65D1FF8AAFF4A7D8F787A290E5087816 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
12:01:08.0702 5776 WSDScan - ok
12:01:08.0714 5776 WSearch - ok
12:01:09.0224 5776 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:01:09.0247 5776 wuauserv - ok
12:01:09.0291 5776 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:01:09.0292 5776 WUDFRd - ok
12:01:09.0323 5776 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:01:09.0330 5776 wudfsvc - ok
12:01:09.0376 5776 ================ Scan global ===============================
12:01:09.0427 5776 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
12:01:09.0513 5776 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:01:09.0541 5776 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
12:01:09.0644 5776 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
12:01:09.0649 5776 [Global] - ok
12:01:09.0650 5776 ================ Scan MBR ==================================
12:01:09.0665 5776 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
12:01:10.0979 5776 \Device\Harddisk0\DR0 - ok
12:01:10.0984 5776 ================ Scan VBR ==================================
12:01:11.0023 5776 [ 5522E8D14BC53505C21F847DAF6B3000 ] \Device\Harddisk0\DR0\Partition1
12:01:11.0039 5776 \Device\Harddisk0\DR0\Partition1 - ok
12:01:11.0056 5776 [ F4112499AC916849EC983F5BED1F5C43 ] \Device\Harddisk0\DR0\Partition2
12:01:11.0066 5776 \Device\Harddisk0\DR0\Partition2 - ok
12:01:11.0070 5776 ============================================================
12:01:11.0070 5776 Scan finished
12:01:11.0070 5776 ============================================================
12:01:11.0111 5928 Detected object count: 0
12:01:11.0112 5928 Actual detected object count: 0







aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-21 12:22:12
-----------------------------
12:22:12.806 OS Version: Windows 6.0.6002 Service Pack 2
12:22:12.806 Number of processors: 2 586 0x170A
12:22:12.807 ComputerName: BRANDY-PC UserName: Brandy
12:22:15.188 Initialize success
12:22:28.335 AVAST engine defs: 12102100
12:22:32.735 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:22:32.739 Disk 0 Vendor: ST325031 4.AD Size: 238418MB BusType: 3
12:22:32.780 Disk 0 MBR read successfully
12:22:32.785 Disk 0 MBR scan
12:22:32.820 Disk 0 Windows VISTA default MBR code
12:22:32.828 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
12:22:32.853 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
12:22:32.878 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 223377 MB offset 30801920
12:22:32.945 Disk 0 scanning sectors +488279202
12:22:33.193 Disk 0 scanning C:\Windows\system32\drivers
12:23:08.972 Service scanning
12:23:46.202 Modules scanning
12:24:33.035 Disk 0 trace - called modules:
12:24:33.389 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
12:24:33.394 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x869545b0]
12:24:33.399 3 CLASSPNP.SYS[8aba98b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85940028]
12:24:34.181 AVAST engine scan C:\Windows
12:24:55.089 AVAST engine scan C:\Windows\system32
12:32:10.306 AVAST engine scan C:\Windows\system32\drivers
12:32:51.223 AVAST engine scan C:\Users\Brandy
13:08:43.303 AVAST engine scan C:\ProgramData
13:18:01.295 Scan finished successfully
13:20:03.516 Disk 0 MBR has been saved successfully to "C:\Users\Brandy\Desktop\MBR.dat"
13:20:03.540 The log file has been saved successfully to "C:\Users\Brandy\Desktop\aswMBR.txt"
13:21:01.817 Disk 0 MBR has been saved successfully to "C:\Users\Brandy\Desktop\MBR.dat"
13:21:01.828 The log file has been saved successfully to "C:\Users\Brandy\Desktop\aswMBR.txt"




ESET List of Found objects:

C:\$Recycle.Bin\S-1-5-21-2560799118-932392253-3571486070-1000\$RRDNQA7.exe Win32/InstallMate application cleaned by deleting - quarantined
C:\Users\Brandy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28018ZM0\agent_setup[1].exe Win32/InstallMate application cleaned by deleting - quarantined
C:\Users\Brandy\AppData\Local\Temp\mia2A5A.tmp\data\OFFLINE\E7A3BB8C\FE573A24\Launcher.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Brandy\AppData\Local\Temp\mia2A5A.tmp\data\OFFLINE\E7A3BB8C\FE573A24\rbmonitor.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Brandy\AppData\Local\Temp\mia2A5A.tmp\data\OFFLINE\E7A3BB8C\FE573A24\rbnotifier.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Brandy\AppData\Local\Temp\mia2A5A.tmp\data\OFFLINE\E7A3BB8C\FE573A24\rb_move_serial.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Brandy\AppData\Local\Temp\mia2A5A.tmp\data\OFFLINE\E7A3BB8C\FE573A24\rb_ubm.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Brandy\AppData\Local\Temp\mia2A5A.tmp\data\OFFLINE\E7A3BB8C\FE573A24\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Users\Brandy\Downloads\imf-setup.exe a variant of Win32/ELEX application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:23 PM

Posted 21 October 2012 - 06:10 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 mag00

mag00
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 21 October 2012 - 09:42 PM

Here are the logs you requested. Somewhere during this stage, I noticed I no longer saw the whitesmoke toolbar in Firefox. Does this mean it's all gone?



Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.21.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Brandy :: BRANDY-PC [administrator]

10/21/2012 5:29:24 PM
mbam-log-2012-10-21 (17-29-24).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 357582
Time elapsed: 2 hour(s), 12 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)






MiniToolBox by Farbar Version: 23-07-2012
Ran by Brandy (administrator) on 21-10-2012 at 17:12:34
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR5007UG Wireless Network Adapter = Wireless Network Connection 3 (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Brandy-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Atheros AR5007UG Wireless Network Adapter #3
Physical Address. . . . . . . . . : 00-21-79-C2-1F-01
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9457:10e:961e:c13b%16(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.67(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, October 21, 2012 11:53:54 AM
Lease Expires . . . . . . . . . . : Monday, October 22, 2012 11:53:54 AM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 335552889
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-B6-B7-C5-00-24-E8-0B-FC-FC
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-24-E8-0B-FC-FC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{4E59DCA2-F626-40BC-9BE5-4E1472F8EB21}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1008:582:3f57:febc(Preferred)
Link-local IPv6 Address . . . . . : fe80::1008:582:3f57:febc%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:4001:800::1003
74.125.224.32
74.125.224.33
74.125.224.34
74.125.224.35
74.125.224.36
74.125.224.37
74.125.224.38
74.125.224.39
74.125.224.40
74.125.224.41
74.125.224.46



Pinging google.com [74.125.224.136] with 32 bytes of data:

Reply from 74.125.224.136: bytes=32 time=13ms TTL=54

Reply from 74.125.224.136: bytes=32 time=12ms TTL=54



Ping statistics for 74.125.224.136:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 12ms, Maximum = 13ms, Average = 12ms

Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=67ms TTL=49

Reply from 98.138.253.109: bytes=32 time=66ms TTL=48



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 66ms, Maximum = 67ms, Average = 66ms

Server: home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
16 ...00 21 79 c2 1f 01 ...... Atheros AR5007UG Wireless Network Adapter #3
11 ...00 24 e8 0b fc fc ...... Realtek PCIe GBE Family Controller
1 ........................... Software Loopback Interface 1
15 ...00 00 00 00 00 00 00 e0 isatap.{4E59DCA2-F626-40BC-9BE5-4E1472F8EB21}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
32 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.67 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.67 281
192.168.1.67 255.255.255.255 On-link 192.168.1.67 281
192.168.1.255 255.255.255.255 On-link 192.168.1.67 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.67 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.67 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:4137:9e76:1008:582:3f57:febc/128
On-link
16 281 fe80::/64 On-link
10 266 fe80::/64 On-link
10 266 fe80::1008:582:3f57:febc/128
On-link
16 281 fe80::9457:10e:961e:c13b/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
16 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/21/2012 00:19:41 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen3 in File: C:\Users\Brandy\AppData\LocalLow\Sun\Java\DEPLOYMENT\cache\6.0\41\2c4dca69-11cfd934 by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (10/21/2012 00:19:17 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen3 in File: C:\Users\Brandy\AppData\LocalLow\Sun\Java\DEPLOYMENT\cache\6.0\36\718c85e4-2fa8529a by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (10/21/2012 00:18:53 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Brandy\AppData\Local\Temp\jar_cache6439927302876554831.tmp by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (10/21/2012 11:54:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/21/2012 11:50:44 AM) (Source: IMFservice) (User: )
Description: The handle is invalid

Error: (10/21/2012 11:45:49 AM) (Source: SescLU) (User: )
Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (10/21/2012 03:48:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5632

Error: (10/21/2012 03:48:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5632

Error: (10/21/2012 03:48:31 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/21/2012 03:48:30 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4618


System errors:
=============
Error: (10/21/2012 11:55:23 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/21/2012 11:54:57 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (10/21/2012 11:54:36 AM) (Source: Service Control Manager) (User: )
Description: kdxxgd

Error: (10/21/2012 11:54:36 AM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (10/19/2012 01:28:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Definition Update for Windows Defender - KB915597 (Definition 1.139.124.0){1D9EE362-7370-4F17-A8A0-AACA097D03C5}200

Error: (10/18/2012 04:32:19 PM) (Source: Service Control Manager) (User: )
Description: kdxxgd

Error: (10/18/2012 04:32:19 PM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%2

Error: (10/18/2012 04:32:05 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (10/18/2012 04:31:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/18/2012 04:27:04 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (10/21/2012 00:19:41 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Maljava!gen3 in File: C:\Users\Brandy\AppData\LocalLow\Sun\Java\DEPLOYMENT\cache\6.0\41\2c4dca69-11cfd934 by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (10/21/2012 00:19:17 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Maljava!gen3 in File: C:\Users\Brandy\AppData\LocalLow\Sun\Java\DEPLOYMENT\cache\6.0\36\718c85e4-2fa8529a by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (10/21/2012 00:18:53 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Trojan.Maljava!gen23 in File: C:\Users\Brandy\AppData\Local\Temp\jar_cache6439927302876554831.tmp by: Auto-Protect scan. Action: Cleaned by Deletion. Action Description: The file was deleted successfully.

Error: (10/21/2012 11:54:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/21/2012 11:50:44 AM) (Source: IMFservice)(User: )
Description: The handle is invalid

Error: (10/21/2012 11:45:49 AM) (Source: SescLU)(User: )
Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (10/21/2012 03:48:31 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5632

Error: (10/21/2012 03:48:31 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5632

Error: (10/21/2012 03:48:31 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/21/2012 03:48:30 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4618


=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Amazon Kindle
Amazon Send to Kindle (Version: 1.0.0.192)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Ares 2.1.6 (Version: 2.1.6-Build#3040)
Bing Bar (Version: 7.1.391.0)
Bonjour (Version: 3.0.0.10)
Business Tools Launcher (Version: 1.00.0000)
calibre (Version: 0.9.2)
Canon MG5200 series MP Drivers
CCleaner (Version: 3.16)
Codec (Version: 1.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 3.2.6032.55)
DivX Setup (Version: 2.6.1.8)
ESET Online Scanner v3
Google Chrome (Version: 22.0.1229.94)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
iCloud (Version: 1.1.0.40)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
IObit Malware Fighter (Version: 1.0)
iPod for Windows 2005-03-23 (Version: 3.8.0)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 37 (Version: 6.0.370)
Junk Mail filter update (Version: 15.4.3502.0922)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.99)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Reader
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Firefox 16.0.1 (x86 en-US) (Version: 16.0.1)
Mozilla Maintenance Service (Version: 16.0.1)
MSVCRT (Version: 15.4.2862.0708)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Personal Entertainment Launcher (Version: 1.00.0000)
PowerDVD DX (Version: 8.2.5024)
Product Support Launcher (Version: 1.00.0000)
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (Version: 1.00)
Realtek High Definition Audio Driver
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator BDAV Plugin (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Segoe UI (Version: 15.4.2271.0615)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
Symantec Endpoint Protection (Version: 11.0.6200.754)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Windows Essentials Media Codec Pack 3.0 (Version: 3.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 3036.26 MB
Available physical RAM: 1165.84 MB
Total Pagefile: 6286.79 MB
Available Pagefile: 4089.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.21 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:218.14 GB) (Free:32.71 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:10.31 GB) NTFS

========================= Users: ========================================

User accounts for \\BRANDY-PC

Administrator Brandy Guest

========================= Restore Points ==================================

10-10-2012 23:32:13 Windows Update
11-10-2012 05:44:52 Windows Update
12-10-2012 01:37:12 Scheduled Checkpoint
14-10-2012 05:12:55 Installed calibre
14-10-2012 08:19:23 Windows Update
15-10-2012 01:50:41 Scheduled Checkpoint
16-10-2012 07:07:29 Scheduled Checkpoint
17-10-2012 12:57:47 Scheduled Checkpoint
18-10-2012 23:36:26 Windows Update
21-10-2012 10:37:10 Removed Bing Bar
21-10-2012 19:00:50 Installed Java™ 6 Update 37

**** End of log ****




Farbar Service Scanner Version: 19-10-2012
Ran by Brandy (administrator) on 21-10-2012 at 17:18:24
Running from "C:\Users\Brandy\Desktop"
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-09 14:30] - [2012-06-01 17:02] - 0133120 ____A (Microsoft Corporation) F1E8C34892336D33EDDCDFE44E474F64

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 19:33] - [2008-01-20 19:33] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****





# AdwCleaner v2.005 - Logfile created 10/21/2012 at 17:25:18
# Updated 14/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# User : Brandy - BRANDY-PC
# Boot Mode : Normal
# Running from : C:\Users\Brandy\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Premium
File Deleted : C:\Users\Brandy\AppData\Roaming\Mozilla\Firefox\Profiles\dpxczzxm.default\searchplugins\Conduit.xml
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Users\Brandy\AppData\Local\Temp\CT3244149
Folder Deleted : C:\Users\Brandy\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Brandy\AppData\Roaming\Mozilla\Firefox\Profiles\dpxczzxm.default\CT3244149
Folder Deleted : C:\Users\Brandy\AppData\Roaming\Mozilla\Firefox\Profiles\dpxczzxm.default\extensions\{462be121-2b54-4218-bf00-b9bf8135b23f}
Folder Deleted : C:\Users\Brandy\AppData\Roaming\Mozilla\Firefox\Profiles\dpxczzxm.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Brandy\AppData\Roaming\Mozilla\Firefox\Profiles\dpxczzxm.default\prefs.js

Deleted : user_pref("CT3244149.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3244149.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3244149.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3244149.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3244149.FirstTime", "true");
Deleted : user_pref("CT3244149.FirstTimeFF3", "true");
Deleted : user_pref("CT3244149.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT324[...]
Deleted : user_pref("CT3244149.UserID", "UN75462956833150958");
Deleted : user_pref("CT3244149.UserId", "8e37b989-9f3c-eb6a-60aa-2bdc0b68c5c5");
Deleted : user_pref("CT3244149.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3244149.autoDisableScopes", -1);
Deleted : user_pref("CT3244149.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3244149.defaultSearch", "true");
Deleted : user_pref("CT3244149.embeddedsData", "[{\"appId\":\"129895725399351616\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3244149.enableAlerts", "always");
Deleted : user_pref("CT3244149.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3244149.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3244149.first_time_search", "1");
Deleted : user_pref("CT3244149.fixPageNotFoundError", "true");
Deleted : user_pref("CT3244149.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3244149.fixUrls", true);
Deleted : user_pref("CT3244149.hxxp___api15_starwebnet_com.pid2", "3fe47cde4c0cc409");
Deleted : user_pref("CT3244149.hxxp___api20_starwebnet_com.pid2", "3fe47cde4c0cc409");
Deleted : user_pref("CT3244149.hxxp___api28_starwebnet_com.pid2", "3fe47cde4c0cc409");
Deleted : user_pref("CT3244149.hxxp___api30_starwebnet_com.pid2", "3fe47cde4c0cc409");
Deleted : user_pref("CT3244149.hxxp___api32_starwebnet_com.pid2", "3fe47cde4c0cc409");
Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_cache", "[\"c822c1b63853ed273b89[...]
Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_defaultGui", "{\"gui\":[{\"type\[...]
Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_settings", "{\"initUrl\":\"hxxp:[...]
Deleted : user_pref("CT3244149.installId", "166");
Deleted : user_pref("CT3244149.installType", "conduitnsisintegration");
Deleted : user_pref("CT3244149.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3244149.isNewTabEnabled", true);
Deleted : user_pref("CT3244149.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3244149.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3244149.keyword", true);
Deleted : user_pref("CT3244149.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Deleted : user_pref("CT3244149.openThankYouPage", "false");
Deleted : user_pref("CT3244149.openUninstallPage", "true");
Deleted : user_pref("CT3244149.search.searchAppId", "129895725399351616");
Deleted : user_pref("CT3244149.search.searchCount", "0");
Deleted : user_pref("CT3244149.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3244149.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3244149.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3244149.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3244149.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT3244149.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1350814103185");
Deleted : user_pref("CT3244149.serviceLayer_services_appsMetadata_lastUpdate", "1350845171863");
Deleted : user_pref("CT3244149.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1350814104097");
Deleted : user_pref("CT3244149.serviceLayer_services_login_10.10.27.6_lastUpdate", "1350845045018");
Deleted : user_pref("CT3244149.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1350814104142");
Deleted : user_pref("CT3244149.serviceLayer_services_searchAPI_lastUpdate", "1350814103132");
Deleted : user_pref("CT3244149.serviceLayer_services_serviceMap_lastUpdate", "1350814102562");
Deleted : user_pref("CT3244149.serviceLayer_services_toolbarContextMenu_lastUpdate", "1350814103682");
Deleted : user_pref("CT3244149.serviceLayer_services_toolbarSettings_lastUpdate", "1350845171862");
Deleted : user_pref("CT3244149.serviceLayer_services_translation_lastUpdate", "1350814103097");
Deleted : user_pref("CT3244149.settingsINI", true);
Deleted : user_pref("CT3244149.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3244149.smartbar.CTID", "CT3244149");
Deleted : user_pref("CT3244149.smartbar.Uninstall", "0");
Deleted : user_pref("CT3244149.smartbar.homepage", true);
Deleted : user_pref("CT3244149.smartbar.toolbarName", "WhiteSmoke US New ");
Deleted : user_pref("CT3244149.toolbarBornServerTime", "21-10-2012");
Deleted : user_pref("CT3244149.toolbarCurrentServerTime", "21-10-2012");
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=1[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3244149[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3244149");
Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke US New Customized Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=13");
Deleted : user_pref("extensions.5083cb3575358.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3244149&SearchSource=2&q=[...]

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Brandy\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [8212 octets] - [21/10/2012 17:25:18]

########## EOF - C:\AdwCleaner[S1].txt - [8272 octets] ##########






Junkware Removal Tool (JRT) by Thisisu
Version: 1.9.0 (10.21.2012)
OS: Windows Vista ™ Home Basic x86
Ran by Brandy on Sun 10/21/2012 at 17:34:33.34
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders:

Failed to delete: [FOLDER-LOCKED!] "C:\ProgramData\premium"



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 10/21/2012 at 18:18:17.82
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:23 PM

Posted 21 October 2012 - 11:50 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 mag00

mag00
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 22 October 2012 - 12:54 AM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/21/2012 10:51:32 PM in x86 mode.
Windows Version: Windows Vista ™ Home Basic Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\ProgramData\Premium\Codec\Codec.exe (PID: 3372) [AU-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 10/21/2012 10:51:53 PM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)





"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ccApp" "Symantec User Session" "Symantec Corporation" "c:\program files\common files\symantec shared\ccapp.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IObit Malware Fighter" "IObit Malware Fighter" "IObit" "c:\program files\iobit\iobit malware fighter\imf.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\windows\rthdvcpl.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Microsoft Office.lnk" "Microsoft Office XP component" "Microsoft Corporation" "c:\program files\microsoft office\office10\osa.exe"
"C:\Users\Brandy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "MagicDisc.lnk" "MagicISO Virtual CD/DVD Manager" "MagicISO, Inc." "c:\program files\magicdisc\magicdisc.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ApplePhotoStreams" "ApplePhotoStreams.exe" "Apple Inc." "c:\program files\common files\apple\internet services\applephotostreams.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\brandy\appdata\local\google\update\googleupdate.exe"
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files\common files\apple\internet services\ubd.exe"
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll"
+ "mso-offdap" "Microsoft Office XP Web Components" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\10\owc10.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
+ "wlpg" "Windows Live Album Download Protocol Handler" "Microsoft Corporation" "c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "IObit Malware Fighter" "BlueBirdShellExt Module" "IObit" "c:\program files\iobit\iobit malware fighter\imfshellext.dll"
+ "LDVPMenu" "Symantec AntiVirus" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\vpshell2.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "STKContextMenu" "Send to Kindle Context Menu dll" "Amazon.com, Inc." "c:\program files\amazon\sendtokindle\stkcontextmenu_192.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "IObit Malware Fighter" "BlueBirdShellExt Module" "IObit" "c:\program files\iobit\iobit malware fighter\imfshellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "IObit Malware Fighter" "BlueBirdShellExt Module" "IObit" "c:\program files\iobit\iobit malware fighter\imfshellext.dll"
+ "LDVPMenu" "Symantec AntiVirus" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\vpshell2.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files\microsoft\bingbar\7.1.391.0\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files\windows live\writer\writerbrowserextension.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2560799118-932392253-3571486070-1000Core" "Google Installer" "Google Inc." "c:\users\brandy\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2560799118-932392253-3571486070-1000UA" "Google Installer" "Google Inc." "c:\users\brandy\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Signature Update" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters" "Andrea filters APO access service (32-bit)" "Andrea Electronics Corporation" "c:\windows\system32\aertsrv.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files\microsoft\bingbar\7.1.391.0\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation." "c:\program files\microsoft\bingbar\7.1.391.0\seaport.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "ccEvtMgr" "Event propagation and logging service" "Symantec Corporation" "c:\program files\common files\symantec shared\ccsvchst.exe"
+ "ccSetMgr" "Settings storage and management service" "Symantec Corporation" "c:\program files\common files\symantec shared\ccsvchst.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "IMFservice" "IObit Malware Fighter Service" "IObit" "c:\program files\iobit\iobit malware fighter\imfsrv.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LiveUpdate" "LiveUpdate Core Engine" "Symantec Corporation" "c:\program files\symantec\liveupdate\lucomserver_3_3.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "SmcService" "Provides communication with the Symantec Endpoint Protection Manager. It also provides network threat protection and application and device control for the client." "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\smc.exe"
+ "sprtsvc_dellsupportcenter" "SupportSoft Sprocket Service" "" "File not found: C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "Symantec AntiVirus" "Provides virus-scanning for Symantec Endpoint Protection." "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\rtvscan.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "athrusb" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrusb.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "FileMonitor" "File Filter driver of IMF" "IObit" "c:\program files\iobit\iobit malware fighter\drivers\wlh_x86\filemonitor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd32.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "kdxxgd" "" "" "File not found: System32\drivers\iqwsnkv.sys"
+ "mcdbus" "MagicISO SCSI Host Controller" "MagicISO, Inc." "c:\windows\system32\drivers\mcdbus.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\symantec\definitions\virusdefs\20121020.007\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\symantec\definitions\virusdefs\20121020.007\navex15.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "RegFilter" "Registry Filter" "IObit.com" "c:\program files\iobit\iobit malware fighter\drivers\wlh_x86\regfilter.sys"
+ "RTL8169" "Realtek 8136/8168/8169 NDIS6 32-bit Driver " "Realtek " "c:\windows\system32\drivers\rtlh86.sys"
+ "RtNdPt60" "Realtek NDIS Protocol Driver" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\rtndpt60.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SPBBCDrv" "SPBBC Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\spbbc\spbbcdrv.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\srtsp.sys"
+ "SRTSPL" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\srtspl.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\srtspx.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SYMREDRV" "Redirector Filter Driver" "Symantec Corporation" "c:\windows\system32\drivers\symredrv.sys"
+ "SYMTDI" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\symtdi.sys"
+ "UrlFilter" "URL Filter" "IObit.com" "c:\program files\iobit\iobit malware fighter\drivers\wlh_x86\urlfilter.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
+ "VIDC.FFDS" "" "" "File not found: ff_vfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AsyncEx" "" "" "c:\program files\ares\asyncex.ax"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\essentials codec pack\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files\essentials codec pack\vsfilter.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\divxdech264.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\essentials codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files\essentials codec pack\ffdshow\ffdshow.ax"
+ "File Source (MP3)" "" "" "c:\program files\ares\mp3source.ax"
+ "FLV Source" "FLV Splitter" "Gabest" "c:\program files\essentials codec pack\flvsplitter.ax"
+ "FLV Splitter" "FLV Splitter" "Gabest" "c:\program files\essentials codec pack\flvsplitter.ax"
+ "FLV4 Video Decoder" "FLV Splitter" "Gabest" "c:\program files\essentials codec pack\flvsplitter.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files\essentials codec pack\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files\essentials codec pack\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files\essentials codec pack\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files\essentials codec pack\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files\essentials codec pack\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files\essentials codec pack\haali\splitter.ax"
+ "MPEG Video Decoder (Gabest)" "MPEG-1/2 Decoder Filter for DirectShow" "Gabest" "c:\program files\essentials codec pack\mpeg2decfilter.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files\essentials codec pack\realmediasplitter.ax"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files\essentials codec pack\realmediasplitter.ax"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files\essentials codec pack\realmediasplitter.ax"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files\essentials codec pack\realmediasplitter.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic Cinemaster® Audio Decoder 4.2" "SonicHDAudio" "Sonic Solutions" "c:\program files\common files\sonic shared\cinemasteraudio.dll"
+ "Sonic Cinemaster® VideoDecoder 4.1" "CinemasterVideo" "Sonic Solutions" "c:\program files\common files\sonic shared\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files\common files\sonic shared\sonichddemuxer.dll"
+ "Sonic HD Nav" "SonicHDNav" "" "c:\program files\common files\sonic shared\sonichdnav.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor3_2" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm3_2.dll"
+ "Canon BJ Language Monitor MG5200 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmae.dll"
+ "stkMonitor" "Send to Kindle Port Monitor dll" "Amazon.com, Inc." "c:\windows\system32\stkmonitor.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "SnacNp" "Symantec SNAC Network Provider" "Symantec Corporation" "c:\program files\symantec\symantec endpoint protection\snacnp.dll"
"C:\Users\Brandy\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Calendar" "Browse the days of the calendar." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\Gadget.xml"
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Notes" "Capture ideas, notes, and reminders in a quick and easy way." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Notes.Gadget\en-US\Gadget.xml"
+ "Weather" "See what the weather looks like around the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\Gadget.xml"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:23 PM

Posted 22 October 2012 - 10:09 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 mag00

mag00
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 22 October 2012 - 07:18 PM

Thank you so much!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:23 PM

Posted 22 October 2012 - 07:19 PM

You're welcome :)

#11 Cauthon

Cauthon

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 08 March 2013 - 10:18 AM

I don't have to ask if I am infected, I can see the bleeping toolbar. I am running a Dell XPS with an I7 processor, and Windows 7.

 

I have looked over the extensive list of work that the

mag00

member did, which was apparently successful in the end. Do you recommend I start in the same place, or based on those results could I skip some of the steps?  I already have Avast installed; I like Avast, because a few years ago I had a close encounter with something that said it was Windows security or some such and promised to fix all my problems for $58, and I downloaded Avast and installed it even though the problem was already there, and it swept it clean. Two of my friends said they had to hire a professional cleaner to get rid of that. I have tried the Windows uninstall function and it seemed to think it had the job done, but the toolbar is still right there, and some strange popup ads are popping up. Avast is running as usual but I have not told it to scan. I just opened it to check, and it says real time shields (shields! shields!) is on, but it says there is a 2013 update, so I will get that. I also run CrapCleaner at least once most days, and that generally helps, but I do not expect it to fix stuff like this. OTOH, for a while, whenever I used a USB memory and asked for permission to remove it, the demon in the machine said it was in use, no matter how closed all the programs were; since I have been using Ccleaner, I do not have that problem.

 

Thanks for helping me worry about the #!??# problem.

 

Still looking forward



#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:23 PM

Posted 08 March 2013 - 10:34 AM

Cauthon

Create a new topic.

 

Thanks.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users