RootKit [Solved]
Started by
soggywaffles
, May 03 2012 01:18 AM
This topic is locked
#46
Posted 22 May 2012 - 11:52 PM
maliprog
-
- Malware Removal
-
- 6,172 posts
Trusted Helper
#47
Posted 23 May 2012 - 01:25 AM
maliprog
-
- Malware Removal
-
- 6,172 posts
Trusted Helper
We will try to import parameters manually. After that we will try to run BAT file again.
Before we continue can you please uninstall Spybot Search and Destroy. Sometimes it messes with our fixes.
Before we continue can you please uninstall Spybot Search and Destroy. Sometimes it messes with our fixes.
- Please download
Parameters.zip 4.49KB
107 downloads
Unzip it, run it like before and allow to merge.
- Please reboot and tell me if you rebooted.
- Please right-click the batch file you downloaded in previous post and select "Run as Administrator".
Post the content of the log it makes and tell me if you ran it as administrator.
#48
Posted 23 May 2012 - 04:24 AM
maliprog
-
- Malware Removal
-
- 6,172 posts
Trusted Helper
One more question I forget to ask in last post...
Do you have, best to your knowledge , a security program or encrypting program that might encrypt the log of IP configuration on your system?
Do you have, best to your knowledge , a security program or encrypting program that might encrypt the log of IP configuration on your system?
#49
Posted 23 May 2012 - 12:04 PM
soggywaffles
- Topic Starter
-
- Member
-
- 45 posts
Member
I'm not sure if I have a program that would do that to my IP. After I ran that newest file then I restarted and my computer said "Failed to connect to a windows service....". Also it could not find any internet connections. I ran the reset batch file as an administrator and the log file came up as "Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107 The system cannot find the file specified." When you say merge, am I supposed to drag the .reg files over the batch file and open them at the same time?
#50
Posted 23 May 2012 - 12:21 PM
maliprog
-
- Malware Removal
-
- 6,172 posts
Trusted Helper
When you say merge, am I supposed to drag the .reg files over the batch file and open them at the same time?
NO. You should double click .reg file and then run .bat file as administrator. Two separate process. Did you do it like this (one by one)?
Let's see where we stand with your system right now. Maybe there is still something left on your system that prevent us from doing network repair.
Step 1
- Run OTL.
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open notepad window. OTL.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.
Please run Combofix one more time as you did before. Post log after the scan here for me.
Step 3
Run TDSSKiller one more time and post log after the scan
Step 4
Please don't forget to include these items in your reply:
- New OTL scan log
- Combofix log
- TDSSKiller log
#51
Posted 23 May 2012 - 06:51 PM
soggywaffles
- Topic Starter
-
- Member
-
- 45 posts
Member
O
TL logfile created on: 23/05/2012 6:48:06 PM - Run 7
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Owner\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy
2.89 Gb Total Physical Memory | 2.08 Gb Available Physical Memory | 72.04% Memory free
5.78 Gb Paging File | 4.91 Gb Available in Paging File | 84.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119.14 Gb Total Space | 18.94 Gb Free Space | 15.90% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\cbfdbf9ed05f520f449102c086841ac4\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8e47bcd69923f39c010b285d0681b795\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\cdc38572fd6c34cb3033fb419eff3639\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\c06a0517281bb4a9c7fcaeb58d38cd63\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll ()
MOD - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
========== Win32 Services (SafeList) ==========
SRV - (zpnodecollector) -- %systemroot%\system32\atikmdag.dll File not found
SRV - (z800bus) -- %systemroot%\system32\HPFXBULK.dll File not found
SRV - (WmaCDriverV32) -- %systemroot%\system32\odserv.dll File not found
SRV - (WLAN_USB) -- %systemroot%\system32\audstub.dll File not found
SRV - (wintab32) -- %systemroot%\system32\sr_watchdog.dll File not found
SRV - (websenserealtimeanalyzer) -- %systemroot%\system32\PBADRV.dll File not found
SRV - (W55U01) -- %systemroot%\system32\fsbwsys.dll File not found
SRV - (umxfwhlp) -- %systemroot%\system32\sshrmd.dll File not found
SRV - (TMBMServer) -- %systemroot%\system32\USBDeviceService.dll File not found
SRV - (SRS_SSCFilter) -- %systemroot%\system32\NTIDrvr.dll File not found
SRV - (snoopfreesvc) -- %systemroot%\system32\wpdusb.dll File not found
SRV - (s117unic) -- %systemroot%\system32\smservaz.dll File not found
SRV - (puscsrvc) -- %systemroot%\system32\W8335XP.dll File not found
SRV - (pepifilter) -- %systemroot%\system32\FETNDIS.dll File not found
SRV - (pdscheduler) -- %systemroot%\system32\starwindservice.dll File not found
SRV - (OpcEnum) -- C:\Windows\system32\OpcEnum.exe File not found
SRV - (NWHOST) -- %systemroot%\system32\PhilCam8116_XP.dll File not found
SRV - (naveng) -- %systemroot%\system32\PGPdisk.dll File not found
SRV - (MSFWHLPR) -- %systemroot%\system32\kservice.dll File not found
SRV - (mcp) -- %systemroot%\system32\tvtpktfilter.dll File not found
SRV - (MASPINT) -- %systemroot%\system32\tbhsd.dll File not found
SRV - (LHidFilt) -- %systemroot%\system32\vgasave.dll File not found
SRV - (hibernation) -- %systemroot%\system32\nipsvc.dll File not found
SRV - (GVCplDrv) -- %systemroot%\system32\GTWModem.dll File not found
SRV - (GoBack2K) -- %systemroot%\system32\tsscoreservice.dll File not found
SRV - (djsnetcn) -- %systemroot%\system32\w810obex.dll File not found
SRV - (CX88ENC) -- %systemroot%\system32\cfosspeed.dll File not found
SRV - (CTDevice_Srv) -- %systemroot%\system32\w200bus.dll File not found
SRV - (CTAudSvcService) -- %systemroot%\system32\marvinbus.dll File not found
SRV - (cqmgstor) -- %systemroot%\system32\VRcore.dll File not found
SRV - (backupexecnotificationserver) -- %systemroot%\system32\roxupnpserver.dll File not found
SRV - (aswmon2) -- %systemroot%\system32\eskerlicensecontrol.dll File not found
SRV - (armoucfltr) -- %systemroot%\system32\hsvcmod.dll File not found
SRV - (alertservice) -- %systemroot%\system32\asp.net_2.0.50727.dll File not found
SRV - (acnusvc) -- %systemroot%\system32\marvinbus.dll File not found
SRV - (ac97intc) -- %systemroot%\system32\WBHWDOCT.dll File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WDSmartWareBackgroundService) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
========== Driver Services (SafeList) ==========
DRV - (mcdbus) -- system32\DRIVERS\mcdbus.sys File not found
DRV - (cpuz132) -- C:\Users\Owner\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (catchme) -- C:\Users\Owner\AppData\Local\Temp\catchme.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (XilinxPC4Driver) -- C:\Windows\System32\drivers\xpc4drvr.sys (Xilinx, Inc.)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (e1yexpress) Intel® -- C:\Windows\System32\drivers\e1y6032.sys (Intel Corporation)
DRV - (netw5v32) Intel® -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (dmodusb) -- C:\Windows\System32\drivers\dmodusb.sys (Windows ® Codename Longhorn DDK provider)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://vbx.my-web-search.com/?hp=df
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 0A B2 5A D9 E9 CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=BBLN&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/27 20:30:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/10 01:18:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/07 02:20:10 | 000,000,000 | ---D | M]
[2010/03/12 03:09:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2012/01/08 23:24:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\fsbo4cgu.default\extensions
[2010/10/02 01:35:05 | 000,001,832 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fsbo4cgu.default\searchplugins\bing.xml
[2011/03/26 11:10:09 | 000,001,581 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fsbo4cgu.default\searchplugins\web-search.xml
[2012/04/11 18:55:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/11 18:55:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/03/27 20:30:37 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/01/08 23:24:19 | 000,377,600 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FSBO4CGU.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2012/01/10 01:18:24 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/11 18:55:01 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/03 04:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2011/10/03 02:55:07 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/13 14:22:42 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: vshare plugin = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/05/07 15:32:12 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [fklogger.exe] C:\Program Files\FKRMonitor\fklogger.exe ()
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/05/13 16:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2012/05/13 16:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2012/05/09 20:55:11 | 000,000,000 | ---D | C] -- C:\Avenger
[2012/05/08 18:14:02 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/05/08 17:54:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/07 20:43:52 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/07 15:40:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/05/07 15:30:47 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/05/07 15:30:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\temp
[2012/05/07 15:09:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\New folder
[2012/05/05 20:26:55 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2012/05/05 19:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Xirrus
[2012/05/05 19:58:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xirrus
[2012/05/05 19:57:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Xirrus
[2012/05/05 14:45:11 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/05/05 02:17:46 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller.exe
[2012/05/04 01:03:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/05/04 01:01:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/05/04 01:01:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/05/04 01:01:48 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/04 01:01:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/04 00:59:49 | 004,483,323 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/05/02 00:55:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\XBMC
[2012/05/02 00:54:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
[2012/05/02 00:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\XBMC
[2012/04/26 00:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/26 00:49:48 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/04/26 00:49:47 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
========== Files - Modified Within 30 Days ==========
[2012/05/23 18:48:25 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/23 18:48:25 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/23 18:47:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/23 12:57:02 | 2327,760,896 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/23 12:46:24 | 000,004,594 | ---- | M] () -- C:\Users\Owner\Desktop\Parameters.zip
[2012/05/23 02:30:36 | 000,133,502 | ---- | M] () -- C:\Users\Owner\Desktop\Parameters.reg
[2012/05/22 13:38:44 | 000,000,173 | ---- | M] () -- C:\Users\Owner\Desktop\reset.zip
[2012/05/22 13:38:38 | 000,000,900 | ---- | M] () -- C:\Users\Owner\Desktop\Catalog5.zip
[2012/05/21 08:30:40 | 000,000,061 | ---- | M] () -- C:\Users\Owner\Desktop\reset.bat
[2012/05/20 02:35:26 | 000,006,064 | ---- | M] () -- C:\Users\Owner\Desktop\Catalog5.reg
[2012/05/19 01:09:34 | 000,396,041 | ---- | M] () -- C:\Users\Owner\Desktop\MiniToolBox.exe
[2012/05/18 04:07:52 | 000,061,440 | ---- | M] ( ) -- C:\Users\Owner\Desktop\VEW.exe
[2012/05/17 01:16:02 | 000,650,240 | ---- | M] () -- C:\Users\Owner\Desktop\MicrosoftFixit50199.msi
[2012/05/13 18:06:12 | 000,000,042 | ---- | M] () -- C:\repairs_running.dat
[2012/05/13 16:57:07 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/05/13 16:49:32 | 004,484,304 | ---- | M] () -- C:\Users\Owner\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2012/05/09 14:25:04 | 000,337,575 | ---- | M] () -- C:\Users\Owner\Desktop\FSS.exe
[2012/05/08 18:29:55 | 000,000,560 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.zip
[2012/05/08 18:24:44 | 000,000,544 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.rar
[2012/05/08 18:17:06 | 000,000,512 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/05/08 17:50:40 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/05/07 20:42:24 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/07 15:32:12 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/05/07 15:20:14 | 000,013,152 | ---- | M] () -- C:\bootsqm.dat
[2012/05/05 20:01:24 | 000,632,462 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/05 20:01:24 | 000,110,410 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/05 19:58:57 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
[2012/05/05 19:58:57 | 000,001,202 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Xirrus Wi-Fi Inspector.lnk
[2012/05/05 02:57:12 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/05 02:23:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2100668513-2013100433-1882734447-1000UA.job
[2012/05/05 02:18:20 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller.exe
[2012/05/04 20:36:08 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2100668513-2013100433-1882734447-1000Core.job
[2012/05/04 01:00:08 | 004,483,323 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/04/26 09:56:45 | 000,002,503 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
========== Files Created - No Company Name ==========
[2012/05/23 12:48:53 | 000,133,502 | ---- | C] () -- C:\Users\Owner\Desktop\Parameters.reg
[2012/05/23 12:48:45 | 000,004,594 | ---- | C] () -- C:\Users\Owner\Desktop\Parameters.zip
[2012/05/22 13:43:12 | 000,000,061 | ---- | C] () -- C:\Users\Owner\Desktop\reset.bat
[2012/05/22 13:41:53 | 000,006,064 | ---- | C] () -- C:\Users\Owner\Desktop\Catalog5.reg
[2012/05/22 13:41:39 | 000,000,900 | ---- | C] () -- C:\Users\Owner\Desktop\Catalog5.zip
[2012/05/22 13:41:39 | 000,000,173 | ---- | C] () -- C:\Users\Owner\Desktop\reset.zip
[2012/05/19 01:52:49 | 000,396,041 | ---- | C] () -- C:\Users\Owner\Desktop\MiniToolBox.exe
[2012/05/18 04:12:04 | 000,061,440 | ---- | C] ( ) -- C:\Users\Owner\Desktop\VEW.exe
[2012/05/17 01:21:50 | 000,650,240 | ---- | C] () -- C:\Users\Owner\Desktop\MicrosoftFixit50199.msi
[2012/05/13 18:05:51 | 000,000,042 | ---- | C] () -- C:\repairs_running.dat
[2012/05/13 16:57:07 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/05/13 16:54:48 | 004,484,304 | ---- | C] () -- C:\Users\Owner\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2012/05/09 20:53:36 | 000,731,136 | ---- | C] () -- C:\Users\Owner\Desktop\avenger.exe
[2012/05/09 14:26:56 | 000,337,575 | ---- | C] () -- C:\Users\Owner\Desktop\FSS.exe
[2012/05/08 18:29:55 | 000,000,560 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.zip
[2012/05/08 18:24:44 | 000,000,544 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.rar
[2012/05/08 18:17:06 | 000,000,512 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/05/07 15:20:14 | 000,013,152 | ---- | C] () -- C:\bootsqm.dat
[2012/05/05 19:58:57 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
[2012/05/05 19:58:57 | 000,001,202 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Xirrus Wi-Fi Inspector.lnk
[2012/05/04 01:01:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/04 01:01:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/04 01:01:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/04 01:01:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/04 01:01:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/04/14 03:34:41 | 000,000,093 | ---- | C] () -- C:\Windows\wininit.ini
[2012/04/08 23:17:13 | 000,000,258 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/12/10 14:17:32 | 000,000,038 | ---- | C] () -- C:\ProgramData\ukm10t.uc
[2011/11/25 19:16:19 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2011/03/20 04:16:53 | 000,000,179 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\default.rss
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
========== LOP Check ==========
[2011/02/01 01:31:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Canon
[2012/03/05 00:49:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Digilent
[2012/05/23 12:48:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dropbox
[2010/10/21 03:20:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FKRMonitor
[2011/12/04 00:16:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FK_Monitor
[2010/08/15 15:09:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FreeAudioPack
[2011/10/18 21:59:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Logic Minimizer
[2011/06/28 01:59:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2010/06/17 08:30:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Research In Motion
[2011/12/09 18:37:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ShurikSoft
[2012/05/04 00:17:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Spotify
[2012/04/15 08:04:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2010/03/12 03:08:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Western Digital
[2012/05/02 00:55:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\XBMC
[2012/03/05 00:54:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Xilinx
[2012/05/05 19:57:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Xirrus
[2012/05/23 12:47:59 | 000,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
TL logfile created on: 23/05/2012 6:48:06 PM - Run 7
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Owner\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy
2.89 Gb Total Physical Memory | 2.08 Gb Available Physical Memory | 72.04% Memory free
5.78 Gb Paging File | 4.91 Gb Available in Paging File | 84.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119.14 Gb Total Space | 18.94 Gb Free Space | 15.90% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\cbfdbf9ed05f520f449102c086841ac4\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8e47bcd69923f39c010b285d0681b795\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\cdc38572fd6c34cb3033fb419eff3639\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\c06a0517281bb4a9c7fcaeb58d38cd63\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll ()
MOD - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
========== Win32 Services (SafeList) ==========
SRV - (zpnodecollector) -- %systemroot%\system32\atikmdag.dll File not found
SRV - (z800bus) -- %systemroot%\system32\HPFXBULK.dll File not found
SRV - (WmaCDriverV32) -- %systemroot%\system32\odserv.dll File not found
SRV - (WLAN_USB) -- %systemroot%\system32\audstub.dll File not found
SRV - (wintab32) -- %systemroot%\system32\sr_watchdog.dll File not found
SRV - (websenserealtimeanalyzer) -- %systemroot%\system32\PBADRV.dll File not found
SRV - (W55U01) -- %systemroot%\system32\fsbwsys.dll File not found
SRV - (umxfwhlp) -- %systemroot%\system32\sshrmd.dll File not found
SRV - (TMBMServer) -- %systemroot%\system32\USBDeviceService.dll File not found
SRV - (SRS_SSCFilter) -- %systemroot%\system32\NTIDrvr.dll File not found
SRV - (snoopfreesvc) -- %systemroot%\system32\wpdusb.dll File not found
SRV - (s117unic) -- %systemroot%\system32\smservaz.dll File not found
SRV - (puscsrvc) -- %systemroot%\system32\W8335XP.dll File not found
SRV - (pepifilter) -- %systemroot%\system32\FETNDIS.dll File not found
SRV - (pdscheduler) -- %systemroot%\system32\starwindservice.dll File not found
SRV - (OpcEnum) -- C:\Windows\system32\OpcEnum.exe File not found
SRV - (NWHOST) -- %systemroot%\system32\PhilCam8116_XP.dll File not found
SRV - (naveng) -- %systemroot%\system32\PGPdisk.dll File not found
SRV - (MSFWHLPR) -- %systemroot%\system32\kservice.dll File not found
SRV - (mcp) -- %systemroot%\system32\tvtpktfilter.dll File not found
SRV - (MASPINT) -- %systemroot%\system32\tbhsd.dll File not found
SRV - (LHidFilt) -- %systemroot%\system32\vgasave.dll File not found
SRV - (hibernation) -- %systemroot%\system32\nipsvc.dll File not found
SRV - (GVCplDrv) -- %systemroot%\system32\GTWModem.dll File not found
SRV - (GoBack2K) -- %systemroot%\system32\tsscoreservice.dll File not found
SRV - (djsnetcn) -- %systemroot%\system32\w810obex.dll File not found
SRV - (CX88ENC) -- %systemroot%\system32\cfosspeed.dll File not found
SRV - (CTDevice_Srv) -- %systemroot%\system32\w200bus.dll File not found
SRV - (CTAudSvcService) -- %systemroot%\system32\marvinbus.dll File not found
SRV - (cqmgstor) -- %systemroot%\system32\VRcore.dll File not found
SRV - (backupexecnotificationserver) -- %systemroot%\system32\roxupnpserver.dll File not found
SRV - (aswmon2) -- %systemroot%\system32\eskerlicensecontrol.dll File not found
SRV - (armoucfltr) -- %systemroot%\system32\hsvcmod.dll File not found
SRV - (alertservice) -- %systemroot%\system32\asp.net_2.0.50727.dll File not found
SRV - (acnusvc) -- %systemroot%\system32\marvinbus.dll File not found
SRV - (ac97intc) -- %systemroot%\system32\WBHWDOCT.dll File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WDSmartWareBackgroundService) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
========== Driver Services (SafeList) ==========
DRV - (mcdbus) -- system32\DRIVERS\mcdbus.sys File not found
DRV - (cpuz132) -- C:\Users\Owner\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (catchme) -- C:\Users\Owner\AppData\Local\Temp\catchme.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (XilinxPC4Driver) -- C:\Windows\System32\drivers\xpc4drvr.sys (Xilinx, Inc.)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (e1yexpress) Intel® -- C:\Windows\System32\drivers\e1y6032.sys (Intel Corporation)
DRV - (netw5v32) Intel® -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (dmodusb) -- C:\Windows\System32\drivers\dmodusb.sys (Windows ® Codename Longhorn DDK provider)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://vbx.my-web-search.com/?hp=df
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 59 0A B2 5A D9 E9 CB 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=BBLN&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/27 20:30:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/10 01:18:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/07 02:20:10 | 000,000,000 | ---D | M]
[2010/03/12 03:09:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2012/01/08 23:24:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\fsbo4cgu.default\extensions
[2010/10/02 01:35:05 | 000,001,832 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fsbo4cgu.default\searchplugins\bing.xml
[2011/03/26 11:10:09 | 000,001,581 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fsbo4cgu.default\searchplugins\web-search.xml
[2012/04/11 18:55:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/11 18:55:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/03/27 20:30:37 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/01/08 23:24:19 | 000,377,600 | ---- | M] () (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FSBO4CGU.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2012/01/10 01:18:24 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/11 18:55:01 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/03 04:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll
[2011/10/03 02:55:07 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/13 14:22:42 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll
CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: vshare plugin = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/05/07 15:32:12 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [fklogger.exe] C:\Program Files\FKRMonitor\fklogger.exe ()
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/05/13 16:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2012/05/13 16:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2012/05/09 20:55:11 | 000,000,000 | ---D | C] -- C:\Avenger
[2012/05/08 18:14:02 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/05/08 17:54:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/07 20:43:52 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/07 15:40:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/05/07 15:30:47 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/05/07 15:30:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\temp
[2012/05/07 15:09:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\New folder
[2012/05/05 20:26:55 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2012/05/05 19:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Xirrus
[2012/05/05 19:58:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xirrus
[2012/05/05 19:57:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Xirrus
[2012/05/05 14:45:11 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/05/05 02:17:46 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller.exe
[2012/05/04 01:03:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/05/04 01:01:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/05/04 01:01:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/05/04 01:01:48 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/04 01:01:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/04 00:59:49 | 004,483,323 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/05/02 00:55:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\XBMC
[2012/05/02 00:54:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
[2012/05/02 00:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\XBMC
[2012/04/26 00:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/26 00:49:48 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/04/26 00:49:47 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
========== Files - Modified Within 30 Days ==========
[2012/05/23 18:48:25 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/23 18:48:25 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/23 18:47:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/23 12:57:02 | 2327,760,896 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/23 12:46:24 | 000,004,594 | ---- | M] () -- C:\Users\Owner\Desktop\Parameters.zip
[2012/05/23 02:30:36 | 000,133,502 | ---- | M] () -- C:\Users\Owner\Desktop\Parameters.reg
[2012/05/22 13:38:44 | 000,000,173 | ---- | M] () -- C:\Users\Owner\Desktop\reset.zip
[2012/05/22 13:38:38 | 000,000,900 | ---- | M] () -- C:\Users\Owner\Desktop\Catalog5.zip
[2012/05/21 08:30:40 | 000,000,061 | ---- | M] () -- C:\Users\Owner\Desktop\reset.bat
[2012/05/20 02:35:26 | 000,006,064 | ---- | M] () -- C:\Users\Owner\Desktop\Catalog5.reg
[2012/05/19 01:09:34 | 000,396,041 | ---- | M] () -- C:\Users\Owner\Desktop\MiniToolBox.exe
[2012/05/18 04:07:52 | 000,061,440 | ---- | M] ( ) -- C:\Users\Owner\Desktop\VEW.exe
[2012/05/17 01:16:02 | 000,650,240 | ---- | M] () -- C:\Users\Owner\Desktop\MicrosoftFixit50199.msi
[2012/05/13 18:06:12 | 000,000,042 | ---- | M] () -- C:\repairs_running.dat
[2012/05/13 16:57:07 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/05/13 16:49:32 | 004,484,304 | ---- | M] () -- C:\Users\Owner\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2012/05/09 14:25:04 | 000,337,575 | ---- | M] () -- C:\Users\Owner\Desktop\FSS.exe
[2012/05/08 18:29:55 | 000,000,560 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.zip
[2012/05/08 18:24:44 | 000,000,544 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.rar
[2012/05/08 18:17:06 | 000,000,512 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/05/08 17:50:40 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/05/07 20:42:24 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/05/07 15:32:12 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/05/07 15:20:14 | 000,013,152 | ---- | M] () -- C:\bootsqm.dat
[2012/05/05 20:01:24 | 000,632,462 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/05 20:01:24 | 000,110,410 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/05 19:58:57 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
[2012/05/05 19:58:57 | 000,001,202 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Xirrus Wi-Fi Inspector.lnk
[2012/05/05 02:57:12 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/05 02:23:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2100668513-2013100433-1882734447-1000UA.job
[2012/05/05 02:18:20 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller.exe
[2012/05/04 20:36:08 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2100668513-2013100433-1882734447-1000Core.job
[2012/05/04 01:00:08 | 004,483,323 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/04/26 09:56:45 | 000,002,503 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
========== Files Created - No Company Name ==========
[2012/05/23 12:48:53 | 000,133,502 | ---- | C] () -- C:\Users\Owner\Desktop\Parameters.reg
[2012/05/23 12:48:45 | 000,004,594 | ---- | C] () -- C:\Users\Owner\Desktop\Parameters.zip
[2012/05/22 13:43:12 | 000,000,061 | ---- | C] () -- C:\Users\Owner\Desktop\reset.bat
[2012/05/22 13:41:53 | 000,006,064 | ---- | C] () -- C:\Users\Owner\Desktop\Catalog5.reg
[2012/05/22 13:41:39 | 000,000,900 | ---- | C] () -- C:\Users\Owner\Desktop\Catalog5.zip
[2012/05/22 13:41:39 | 000,000,173 | ---- | C] () -- C:\Users\Owner\Desktop\reset.zip
[2012/05/19 01:52:49 | 000,396,041 | ---- | C] () -- C:\Users\Owner\Desktop\MiniToolBox.exe
[2012/05/18 04:12:04 | 000,061,440 | ---- | C] ( ) -- C:\Users\Owner\Desktop\VEW.exe
[2012/05/17 01:21:50 | 000,650,240 | ---- | C] () -- C:\Users\Owner\Desktop\MicrosoftFixit50199.msi
[2012/05/13 18:05:51 | 000,000,042 | ---- | C] () -- C:\repairs_running.dat
[2012/05/13 16:57:07 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/05/13 16:54:48 | 004,484,304 | ---- | C] () -- C:\Users\Owner\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2012/05/09 20:53:36 | 000,731,136 | ---- | C] () -- C:\Users\Owner\Desktop\avenger.exe
[2012/05/09 14:26:56 | 000,337,575 | ---- | C] () -- C:\Users\Owner\Desktop\FSS.exe
[2012/05/08 18:29:55 | 000,000,560 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.zip
[2012/05/08 18:24:44 | 000,000,544 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.rar
[2012/05/08 18:17:06 | 000,000,512 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/05/07 15:20:14 | 000,013,152 | ---- | C] () -- C:\bootsqm.dat
[2012/05/05 19:58:57 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
[2012/05/05 19:58:57 | 000,001,202 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Xirrus Wi-Fi Inspector.lnk
[2012/05/04 01:01:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/04 01:01:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/04 01:01:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/04 01:01:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/04 01:01:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/04/14 03:34:41 | 000,000,093 | ---- | C] () -- C:\Windows\wininit.ini
[2012/04/08 23:17:13 | 000,000,258 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/12/10 14:17:32 | 000,000,038 | ---- | C] () -- C:\ProgramData\ukm10t.uc
[2011/11/25 19:16:19 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2011/03/20 04:16:53 | 000,000,179 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\default.rss
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010/08/25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
========== LOP Check ==========
[2011/02/01 01:31:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Canon
[2012/03/05 00:49:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Digilent
[2012/05/23 12:48:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dropbox
[2010/10/21 03:20:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FKRMonitor
[2011/12/04 00:16:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FK_Monitor
[2010/08/15 15:09:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FreeAudioPack
[2011/10/18 21:59:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Logic Minimizer
[2011/06/28 01:59:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2010/06/17 08:30:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Research In Motion
[2011/12/09 18:37:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ShurikSoft
[2012/05/04 00:17:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Spotify
[2012/04/15 08:04:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2010/03/12 03:08:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Western Digital
[2012/05/02 00:55:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\XBMC
[2012/03/05 00:54:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Xilinx
[2012/05/05 19:57:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Xirrus
[2012/05/23 12:47:59 | 000,032,550 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
#52
Posted 23 May 2012 - 06:52 PM
soggywaffles
- Topic Starter
-
- Member
-
- 45 posts
Member
ComboFix 12-05-23.05 - Owner 23/05/2012 19:26:43.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2960.1885 [GMT -5:00]
Running from: e:\computer\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-04-24 to 2012-05-24 )))))))))))))))))))))))))))))))
.
.
2012-05-24 00:35 . 2012-05-24 00:35 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-05-24 00:35 . 2012-05-24 00:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-13 21:57 . 2012-05-13 21:57 -------- d-----w- c:\program files\Tweaking.com
2012-05-08 22:54 . 2012-05-08 22:54 -------- d-----w- C:\_OTL
2012-05-07 20:30 . 2012-05-24 00:39 -------- d-----w- c:\users\Owner\AppData\Local\temp
2012-05-06 01:26 . 2012-05-13 23:06 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
2012-05-06 00:58 . 2012-05-06 00:58 -------- d-----w- c:\program files\Xirrus
2012-05-06 00:57 . 2012-05-06 00:57 -------- d-----w- c:\users\Owner\AppData\Roaming\Xirrus
2012-05-05 19:45 . 2012-05-09 19:38 -------- d-----w- C:\TDSSKiller_Quarantine
2012-05-04 17:47 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4750100C-816B-4A2E-969E-015232876F5B}\mpengine.dll
2012-05-04 06:33 . 2009-07-13 23:12 74240 ----a-w- c:\windows\system32\drivers\tdx.sys
2012-05-02 05:55 . 2012-05-02 05:55 -------- d-----w- c:\users\Owner\AppData\Roaming\XBMC
2012-05-02 05:55 . 2010-05-26 16:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-05-02 05:55 . 2010-05-26 16:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-05-02 05:53 . 2012-05-02 05:54 -------- d-----w- c:\program files\XBMC
2012-04-26 05:49 . 2012-04-26 05:49 -------- d-----w- c:\program files\iPod
2012-04-26 05:49 . 2012-04-26 05:54 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-13 22:13 . 2011-06-16 17:20 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-11 23:55 . 2010-12-11 06:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 20:56 . 2012-04-02 05:32 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-28 01:39 . 2012-03-28 01:39 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-28 01:39 . 2011-05-18 17:59 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-06 05:59 . 2012-04-11 16:53 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-06 05:59 . 2012-04-11 16:53 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-01 05:53 . 2012-04-11 16:54 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:49 . 2012-04-11 16:54 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 05:45 . 2012-04-11 16:54 158720 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 05:40 . 2012-04-11 16:54 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-28 01:18 . 2012-04-11 17:11 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11 . 2012-04-11 17:11 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11 . 2012-04-11 17:11 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03 . 2012-04-11 17:11 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-01-10 06:18 . 2011-03-24 02:57 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-05_08.17.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-13 23:12 . 2012-05-13 22:13 74240 c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys
- 2009-07-13 23:12 . 2009-07-13 23:12 74240 c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys
+ 2012-05-13 22:11 . 2012-05-13 22:11 74240 c:\windows\winsxs\Temp\PendingRenames\54c072695531cd01261b0000680f780f.tdx.sys
+ 2012-05-13 22:13 . 2012-05-13 22:13 74240 c:\windows\winsxs\Temp\PendingRenames\1fd51a935531cd0198230000680f780f.tdx.sys
+ 2010-03-12 07:08 . 2012-05-23 18:01 45600 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2012-05-24 00:41 39854 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-03-08 20:03 . 2012-05-24 00:41 12450 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2100668513-2013100433-1882734447-1000_UserData.bin
+ 2011-05-17 23:35 . 2012-05-14 08:43 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
- 2011-05-17 23:35 . 2011-05-01 22:52 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
+ 2009-07-14 04:50 . 2012-05-17 05:21 86016 c:\windows\System32\DriverStore\infpub.dat
- 2009-07-14 04:50 . 2012-04-26 05:44 86016 c:\windows\System32\DriverStore\infpub.dat
+ 2012-02-15 16:01 . 2012-02-15 16:01 43520 c:\windows\System32\drivers\usbaapl.sys
+ 2009-07-14 04:34 . 2012-05-06 01:29 78720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:34 . 2012-05-03 06:04 78720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-05-06 00:58 . 2012-05-06 00:58 14534 c:\windows\Installer\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}\SystemFoldermsiexec.exe
+ 2010-04-28 08:04 . 2012-05-19 06:59 6100 c:\windows\System32\wdi\ERCQueuedResolutions.dat
+ 2010-09-13 17:19 . 2012-05-19 06:09 2030 c:\windows\System32\wdi\{88d4896f-f553-446a-9c75-9dec124ff8b7}.bin
+ 2012-05-06 00:59 . 2012-05-06 00:59 102400 c:\windows\winsxs\x86_microsoft.vc80.debugopenmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_64bcaee736878917\vcompd.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 102912 c:\windows\winsxs\x86_microsoft.vc80.debugmfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e9870308fd3b9210\mfcm80ud.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 114688 c:\windows\winsxs\x86_microsoft.vc80.debugmfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e9870308fd3b9210\mfcm80d.dll
+ 2011-06-16 17:20 . 2012-05-13 22:13 338944 c:\windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys
- 2011-06-16 17:20 . 2011-04-25 02:35 338944 c:\windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys
+ 2012-05-13 22:12 . 2012-05-13 22:12 338944 c:\windows\winsxs\Temp\PendingRenames\defa92735531cd01eb1c0000680f780f.afd.sys
+ 2012-05-13 22:13 . 2012-05-13 22:13 338944 c:\windows\winsxs\Temp\PendingRenames\9c44fe925531cd0193230000680f780f.afd.sys
+ 2010-03-13 19:52 . 2012-05-23 23:47 403442 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-02-27 01:59 . 2012-05-23 22:53 413256 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:05 . 2012-05-06 01:01 632462 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2012-05-05 08:03 632462 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2012-05-06 01:01 110410 c:\windows\System32\perfc009.dat
- 2009-07-14 02:05 . 2012-05-05 08:03 110410 c:\windows\System32\perfc009.dat
- 2009-07-14 04:50 . 2012-04-26 05:44 143360 c:\windows\System32\DriverStore\infstrng.dat
+ 2009-07-14 04:50 . 2012-05-17 05:21 143360 c:\windows\System32\DriverStore\infstrng.dat
- 2010-02-26 23:59 . 2012-05-05 07:28 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-02-26 23:59 . 2012-05-07 20:26 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-02-27 01:07 . 2012-05-05 07:54 606208 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-27 01:07 . 2012-05-09 19:32 606208 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:47 . 2012-05-05 07:56 390336 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:47 . 2012-05-23 17:56 390336 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-05-06 00:58 . 2012-05-06 00:58 292878 c:\windows\Installer\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}\xirruswifiinspectorguide.exe
+ 2012-05-06 00:58 . 2012-05-06 00:58 101104 c:\windows\Installer\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}\Xirrus_v1.exe
+ 2012-05-06 00:59 . 2012-05-06 00:59 2408448 c:\windows\winsxs\x86_microsoft.vc80.debugmfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e9870308fd3b9210\mfc80ud.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 2404352 c:\windows\winsxs\x86_microsoft.vc80.debugmfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e9870308fd3b9210\mfc80d.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 1175552 c:\windows\winsxs\x86_microsoft.vc80.debugcrt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e4a70117006762dd\msvcr80d.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 1036288 c:\windows\winsxs\x86_microsoft.vc80.debugcrt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e4a70117006762dd\msvcp80d.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 1015808 c:\windows\winsxs\x86_microsoft.vc80.debugcrt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e4a70117006762dd\msvcm80d.dll
+ 2012-02-15 16:01 . 2012-02-15 16:01 4547944 c:\windows\System32\usbaaplrc.dll
- 2009-07-14 02:03 . 2012-05-04 17:57 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:03 . 2012-05-13 22:17 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2010-02-27 01:07 . 2012-05-05 07:54 4456448 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-27 01:07 . 2012-05-09 19:32 4456448 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:34 . 2012-05-02 21:44 3802445 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:34 . 2012-05-06 01:20 3802445 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-04-03 07:23 . 2012-05-17 06:18 2035248 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2100668513-2013100433-1882734447-1000-12288.dat
+ 2009-07-14 04:41 . 2012-05-09 19:32 16187392 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2012-05-05 07:54 16187392 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-23 23:50 . 2012-05-14 08:39 59277616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2100668513-2013100433-1882734447-1000-8192.dat
- 2011-03-23 23:50 . 2012-05-05 07:56 59277616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2100668513-2013100433-1882734447-1000-8192.dat
+ 2012-05-06 00:57 . 2012-05-06 00:57 10356224 c:\windows\Installer\21e794.msi
+ 2011-05-20 17:57 . 2012-05-06 00:59 148609197 c:\windows\winsxs\ManifestCache\a786a517e28d5687_blobs.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fklogger.exe"="c:\program files\FKRMonitor\fklogger.exe" [2010-02-19 514560]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-11-20 623960]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-04-04 981680]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 170520]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-28 253600]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 dmodusb;dmodusb;c:\windows\system32\DRIVERS\dmodusb.sys [2009-05-11 26240]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-28 1343400]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 110592]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
snoopfreesvc
armoucfltr
ac97intc
GoBack2K
pdscheduler
alertservice
TMBMServer
puscsrvc
zpnodecollector
WLAN_USB
SRS_SSCFilter
acnusvc
MtxDma0
MASPINT
aswmon2
MSFWHLPR
NWHOST
wintab32
hibernation
naveng
mcp
z800bus
s117unic
NdisFilt
GVCplDrv
CX88ENC
LHidFilt
cqmgstor
pepifilter
CTDevice_Srv
backupexecnotificationserver
WmaCDriverV32
websenserealtimeanalyzer
umxfwhlp
W55U01
djsnetcn
CTAudSvcService
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-28 01:39]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2100668513-2013100433-1882734447-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-29 05:04]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2100668513-2013100433-1882734447-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-29 05:04]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://vbx.my-web-search.com/?hp=df
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fsbo4cgu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=BABTDF&PC=BBLN&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1080)
c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WUDFHost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Completion time: 2012-05-23 19:45:14 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-24 00:45
ComboFix2.txt 2012-05-07 20:42
ComboFix3.txt 2012-05-05 08:29
.
Pre-Run: 20,295,380,992 bytes free
Post-Run: 19,975,327,744 bytes free
.
- - End Of File - - 9CC132CB9C5BEE39EA15847DCB8FBBD6
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2960.1885 [GMT -5:00]
Running from: e:\computer\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-04-24 to 2012-05-24 )))))))))))))))))))))))))))))))
.
.
2012-05-24 00:35 . 2012-05-24 00:35 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-05-24 00:35 . 2012-05-24 00:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-13 21:57 . 2012-05-13 21:57 -------- d-----w- c:\program files\Tweaking.com
2012-05-08 22:54 . 2012-05-08 22:54 -------- d-----w- C:\_OTL
2012-05-07 20:30 . 2012-05-24 00:39 -------- d-----w- c:\users\Owner\AppData\Local\temp
2012-05-06 01:26 . 2012-05-13 23:06 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
2012-05-06 00:58 . 2012-05-06 00:58 -------- d-----w- c:\program files\Xirrus
2012-05-06 00:57 . 2012-05-06 00:57 -------- d-----w- c:\users\Owner\AppData\Roaming\Xirrus
2012-05-05 19:45 . 2012-05-09 19:38 -------- d-----w- C:\TDSSKiller_Quarantine
2012-05-04 17:47 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4750100C-816B-4A2E-969E-015232876F5B}\mpengine.dll
2012-05-04 06:33 . 2009-07-13 23:12 74240 ----a-w- c:\windows\system32\drivers\tdx.sys
2012-05-02 05:55 . 2012-05-02 05:55 -------- d-----w- c:\users\Owner\AppData\Roaming\XBMC
2012-05-02 05:55 . 2010-05-26 16:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-05-02 05:55 . 2010-05-26 16:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-05-02 05:53 . 2012-05-02 05:54 -------- d-----w- c:\program files\XBMC
2012-04-26 05:49 . 2012-04-26 05:49 -------- d-----w- c:\program files\iPod
2012-04-26 05:49 . 2012-04-26 05:54 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-13 22:13 . 2011-06-16 17:20 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2012-04-11 23:55 . 2010-12-11 06:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 20:56 . 2012-04-02 05:32 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-28 01:39 . 2012-03-28 01:39 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-28 01:39 . 2011-05-18 17:59 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-06 05:59 . 2012-04-11 16:53 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-06 05:59 . 2012-04-11 16:53 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-01 05:53 . 2012-04-11 16:54 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-03-01 05:49 . 2012-04-11 16:54 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-03-01 05:45 . 2012-04-11 16:54 158720 ----a-w- c:\windows\system32\imagehlp.dll
2012-03-01 05:40 . 2012-04-11 16:54 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-28 01:18 . 2012-04-11 17:11 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11 . 2012-04-11 17:11 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11 . 2012-04-11 17:11 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03 . 2012-04-11 17:11 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-01-10 06:18 . 2011-03-24 02:57 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-05-05_08.17.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-13 23:12 . 2012-05-13 22:13 74240 c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys
- 2009-07-13 23:12 . 2009-07-13 23:12 74240 c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys
+ 2012-05-13 22:11 . 2012-05-13 22:11 74240 c:\windows\winsxs\Temp\PendingRenames\54c072695531cd01261b0000680f780f.tdx.sys
+ 2012-05-13 22:13 . 2012-05-13 22:13 74240 c:\windows\winsxs\Temp\PendingRenames\1fd51a935531cd0198230000680f780f.tdx.sys
+ 2010-03-12 07:08 . 2012-05-23 18:01 45600 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2012-05-24 00:41 39854 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-03-08 20:03 . 2012-05-24 00:41 12450 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2100668513-2013100433-1882734447-1000_UserData.bin
+ 2011-05-17 23:35 . 2012-05-14 08:43 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
- 2011-05-17 23:35 . 2011-05-01 22:52 67584 c:\windows\System32\LogFiles\Srt\bootstat.dat
+ 2009-07-14 04:50 . 2012-05-17 05:21 86016 c:\windows\System32\DriverStore\infpub.dat
- 2009-07-14 04:50 . 2012-04-26 05:44 86016 c:\windows\System32\DriverStore\infpub.dat
+ 2012-02-15 16:01 . 2012-02-15 16:01 43520 c:\windows\System32\drivers\usbaapl.sys
+ 2009-07-14 04:34 . 2012-05-06 01:29 78720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:34 . 2012-05-03 06:04 78720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-05-06 00:58 . 2012-05-06 00:58 14534 c:\windows\Installer\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}\SystemFoldermsiexec.exe
+ 2010-04-28 08:04 . 2012-05-19 06:59 6100 c:\windows\System32\wdi\ERCQueuedResolutions.dat
+ 2010-09-13 17:19 . 2012-05-19 06:09 2030 c:\windows\System32\wdi\{88d4896f-f553-446a-9c75-9dec124ff8b7}.bin
+ 2012-05-06 00:59 . 2012-05-06 00:59 102400 c:\windows\winsxs\x86_microsoft.vc80.debugopenmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_64bcaee736878917\vcompd.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 102912 c:\windows\winsxs\x86_microsoft.vc80.debugmfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e9870308fd3b9210\mfcm80ud.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 114688 c:\windows\winsxs\x86_microsoft.vc80.debugmfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e9870308fd3b9210\mfcm80d.dll
+ 2011-06-16 17:20 . 2012-05-13 22:13 338944 c:\windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys
- 2011-06-16 17:20 . 2011-04-25 02:35 338944 c:\windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys
+ 2012-05-13 22:12 . 2012-05-13 22:12 338944 c:\windows\winsxs\Temp\PendingRenames\defa92735531cd01eb1c0000680f780f.afd.sys
+ 2012-05-13 22:13 . 2012-05-13 22:13 338944 c:\windows\winsxs\Temp\PendingRenames\9c44fe925531cd0193230000680f780f.afd.sys
+ 2010-03-13 19:52 . 2012-05-23 23:47 403442 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2010-02-27 01:59 . 2012-05-23 22:53 413256 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2009-07-14 02:05 . 2012-05-06 01:01 632462 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2012-05-05 08:03 632462 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2012-05-06 01:01 110410 c:\windows\System32\perfc009.dat
- 2009-07-14 02:05 . 2012-05-05 08:03 110410 c:\windows\System32\perfc009.dat
- 2009-07-14 04:50 . 2012-04-26 05:44 143360 c:\windows\System32\DriverStore\infstrng.dat
+ 2009-07-14 04:50 . 2012-05-17 05:21 143360 c:\windows\System32\DriverStore\infstrng.dat
- 2010-02-26 23:59 . 2012-05-05 07:28 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2010-02-26 23:59 . 2012-05-07 20:26 262144 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2010-02-27 01:07 . 2012-05-05 07:54 606208 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-27 01:07 . 2012-05-09 19:32 606208 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:47 . 2012-05-05 07:56 390336 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:47 . 2012-05-23 17:56 390336 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-05-06 00:58 . 2012-05-06 00:58 292878 c:\windows\Installer\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}\xirruswifiinspectorguide.exe
+ 2012-05-06 00:58 . 2012-05-06 00:58 101104 c:\windows\Installer\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}\Xirrus_v1.exe
+ 2012-05-06 00:59 . 2012-05-06 00:59 2408448 c:\windows\winsxs\x86_microsoft.vc80.debugmfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e9870308fd3b9210\mfc80ud.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 2404352 c:\windows\winsxs\x86_microsoft.vc80.debugmfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e9870308fd3b9210\mfc80d.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 1175552 c:\windows\winsxs\x86_microsoft.vc80.debugcrt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e4a70117006762dd\msvcr80d.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 1036288 c:\windows\winsxs\x86_microsoft.vc80.debugcrt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e4a70117006762dd\msvcp80d.dll
+ 2012-05-06 00:59 . 2012-05-06 00:59 1015808 c:\windows\winsxs\x86_microsoft.vc80.debugcrt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_e4a70117006762dd\msvcm80d.dll
+ 2012-02-15 16:01 . 2012-02-15 16:01 4547944 c:\windows\System32\usbaaplrc.dll
- 2009-07-14 02:03 . 2012-05-04 17:57 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:03 . 2012-05-13 22:17 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat
- 2010-02-27 01:07 . 2012-05-05 07:54 4456448 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-27 01:07 . 2012-05-09 19:32 4456448 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:34 . 2012-05-02 21:44 3802445 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:34 . 2012-05-06 01:20 3802445 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-04-03 07:23 . 2012-05-17 06:18 2035248 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2100668513-2013100433-1882734447-1000-12288.dat
+ 2009-07-14 04:41 . 2012-05-09 19:32 16187392 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2012-05-05 07:54 16187392 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-03-23 23:50 . 2012-05-14 08:39 59277616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2100668513-2013100433-1882734447-1000-8192.dat
- 2011-03-23 23:50 . 2012-05-05 07:56 59277616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2100668513-2013100433-1882734447-1000-8192.dat
+ 2012-05-06 00:57 . 2012-05-06 00:57 10356224 c:\windows\Installer\21e794.msi
+ 2011-05-20 17:57 . 2012-05-06 00:59 148609197 c:\windows\winsxs\ManifestCache\a786a517e28d5687_blobs.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"fklogger.exe"="c:\program files\FKRMonitor\fklogger.exe" [2010-02-19 514560]
"MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-11-20 623960]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2012-04-04 981680]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 170520]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-28 253600]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 dmodusb;dmodusb;c:\windows\system32\DRIVERS\dmodusb.sys [2009-05-11 26240]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-28 1343400]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 110592]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
snoopfreesvc
armoucfltr
ac97intc
GoBack2K
pdscheduler
alertservice
TMBMServer
puscsrvc
zpnodecollector
WLAN_USB
SRS_SSCFilter
acnusvc
MtxDma0
MASPINT
aswmon2
MSFWHLPR
NWHOST
wintab32
hibernation
naveng
mcp
z800bus
s117unic
NdisFilt
GVCplDrv
CX88ENC
LHidFilt
cqmgstor
pepifilter
CTDevice_Srv
backupexecnotificationserver
WmaCDriverV32
websenserealtimeanalyzer
umxfwhlp
W55U01
djsnetcn
CTAudSvcService
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-28 01:39]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2100668513-2013100433-1882734447-1000Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-29 05:04]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2100668513-2013100433-1882734447-1000UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-29 05:04]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://vbx.my-web-search.com/?hp=df
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fsbo4cgu.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=BABTDF&PC=BBLN&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1080)
c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WUDFHost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Completion time: 2012-05-23 19:45:14 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-24 00:45
ComboFix2.txt 2012-05-07 20:42
ComboFix3.txt 2012-05-05 08:29
.
Pre-Run: 20,295,380,992 bytes free
Post-Run: 19,975,327,744 bytes free
.
- - End Of File - - 9CC132CB9C5BEE39EA15847DCB8FBBD6
#53
Posted 23 May 2012 - 06:53 PM
soggywaffles
- Topic Starter
-
- Member
-
- 45 posts
Member
19:11:46.0335 0888 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
19:11:46.0351 0888 ============================================================
19:11:46.0351 0888 Current date / time: 2012/05/23 19:11:46.0351
19:11:46.0351 0888 SystemInfo:
19:11:46.0351 0888
19:11:46.0351 0888 OS Version: 6.1.7600 ServicePack: 0.0
19:11:46.0351 0888 Product type: Workstation
19:11:46.0351 0888 ComputerName: OWNER-PC
19:11:46.0351 0888 UserName: Owner
19:11:46.0351 0888 Windows directory: C:\Windows
19:11:46.0351 0888 System windows directory: C:\Windows
19:11:46.0351 0888 Processor architecture: Intel x86
19:11:46.0351 0888 Number of processors: 2
19:11:46.0351 0888 Page size: 0x1000
19:11:46.0351 0888 Boot type: Normal boot
19:11:46.0351 0888 ============================================================
19:11:46.0725 0888 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:11:46.0725 0888 Drive \Device\Harddisk1\DR2 - Size: 0xEB800000 (3.68 Gb), SectorSize: 0x200, Cylinders: 0x1E0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:11:46.0741 0888 ============================================================
19:11:46.0741 0888 \Device\Harddisk0\DR0:
19:11:46.0741 0888 MBR partitions:
19:11:46.0741 0888 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:11:46.0741 0888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
19:11:46.0741 0888 \Device\Harddisk1\DR2:
19:11:46.0741 0888 MBR partitions:
19:11:46.0741 0888 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x75A000
19:11:46.0741 0888 ============================================================
19:11:46.0741 0888 C: <-> \Device\Harddisk0\DR0\Partition1
19:11:46.0741 0888 ============================================================
19:11:46.0741 0888 Initialize success
19:11:46.0741 0888 ============================================================
19:11:51.0780 2248 ============================================================
19:11:51.0780 2248 Scan started
19:11:51.0780 2248 Mode: Manual;
19:11:51.0780 2248 ============================================================
19:11:52.0466 2248 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
19:11:52.0466 2248 1394ohci - ok
19:11:52.0482 2248 ac97intc - ok
19:11:52.0497 2248 acnusvc - ok
19:11:52.0513 2248 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
19:11:52.0513 2248 ACPI - ok
19:11:52.0529 2248 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
19:11:52.0529 2248 AcpiPmi - ok
19:11:52.0560 2248 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:11:52.0560 2248 AdobeFlashPlayerUpdateSvc - ok
19:11:52.0575 2248 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:11:52.0591 2248 adp94xx - ok
19:11:52.0607 2248 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:11:52.0607 2248 adpahci - ok
19:11:52.0622 2248 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:11:52.0622 2248 adpu320 - ok
19:11:52.0638 2248 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:11:52.0653 2248 AeLookupSvc - ok
19:11:52.0669 2248 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
19:11:52.0669 2248 AFD - ok
19:11:52.0685 2248 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
19:11:52.0685 2248 agp440 - ok
19:11:52.0700 2248 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:11:52.0700 2248 aic78xx - ok
19:11:52.0716 2248 alertservice - ok
19:11:52.0731 2248 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:11:52.0731 2248 ALG - ok
19:11:52.0731 2248 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
19:11:52.0731 2248 aliide - ok
19:11:52.0747 2248 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
19:11:52.0747 2248 amdagp - ok
19:11:52.0763 2248 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
19:11:52.0763 2248 amdide - ok
19:11:52.0778 2248 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:11:52.0778 2248 AmdK8 - ok
19:11:52.0794 2248 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:11:52.0794 2248 AmdPPM - ok
19:11:52.0794 2248 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
19:11:52.0794 2248 amdsata - ok
19:11:52.0809 2248 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:11:52.0825 2248 amdsbs - ok
19:11:52.0825 2248 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
19:11:52.0825 2248 amdxata - ok
19:11:52.0841 2248 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
19:11:52.0841 2248 AppID - ok
19:11:52.0856 2248 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:11:52.0856 2248 AppIDSvc - ok
19:11:52.0872 2248 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
19:11:52.0872 2248 Appinfo - ok
19:11:52.0887 2248 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:11:52.0887 2248 Apple Mobile Device - ok
19:11:52.0919 2248 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:11:52.0919 2248 arc - ok
19:11:52.0919 2248 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:11:52.0919 2248 arcsas - ok
19:11:52.0934 2248 armoucfltr - ok
19:11:52.0950 2248 aswmon2 - ok
19:11:52.0965 2248 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:11:52.0965 2248 AsyncMac - ok
19:11:52.0981 2248 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
19:11:52.0981 2248 atapi - ok
19:11:52.0997 2248 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
19:11:53.0012 2248 AudioEndpointBuilder - ok
19:11:53.0012 2248 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
19:11:53.0028 2248 Audiosrv - ok
19:11:53.0028 2248 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
19:11:53.0043 2248 AxInstSV - ok
19:11:53.0059 2248 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:11:53.0075 2248 b06bdrv - ok
19:11:53.0090 2248 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:11:53.0090 2248 b57nd60x - ok
19:11:53.0106 2248 backupexecnotificationserver - ok
19:11:53.0137 2248 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
19:11:53.0137 2248 BBSvc - ok
19:11:53.0153 2248 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:11:53.0153 2248 BDESVC - ok
19:11:53.0168 2248 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:11:53.0168 2248 Beep - ok
19:11:53.0184 2248 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
19:11:53.0199 2248 BFE - ok
19:11:53.0215 2248 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll
19:11:53.0231 2248 BITS - ok
19:11:53.0246 2248 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:11:53.0246 2248 blbdrive - ok
19:11:53.0262 2248 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:11:53.0277 2248 Bonjour Service - ok
19:11:53.0293 2248 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
19:11:53.0293 2248 bowser - ok
19:11:53.0293 2248 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:11:53.0293 2248 BrFiltLo - ok
19:11:53.0309 2248 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:11:53.0309 2248 BrFiltUp - ok
19:11:53.0324 2248 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
19:11:53.0324 2248 BridgeMP - ok
19:11:53.0340 2248 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
19:11:53.0340 2248 Browser - ok
19:11:53.0371 2248 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:11:53.0371 2248 Brserid - ok
19:11:53.0387 2248 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:11:53.0387 2248 BrSerWdm - ok
19:11:53.0402 2248 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:11:53.0402 2248 BrUsbMdm - ok
19:11:53.0402 2248 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:11:53.0402 2248 BrUsbSer - ok
19:11:53.0418 2248 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:11:53.0418 2248 BTHMODEM - ok
19:11:53.0433 2248 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:11:53.0449 2248 bthserv - ok
19:11:53.0465 2248 catchme - ok
19:11:53.0465 2248 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:11:53.0480 2248 cdfs - ok
19:11:53.0496 2248 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
19:11:53.0496 2248 cdrom - ok
19:11:53.0496 2248 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
19:11:53.0511 2248 CertPropSvc - ok
19:11:53.0511 2248 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:11:53.0511 2248 circlass - ok
19:11:53.0543 2248 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:11:53.0543 2248 CLFS - ok
19:11:53.0558 2248 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:53.0558 2248 clr_optimization_v2.0.50727_32 - ok
19:11:53.0574 2248 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:11:53.0574 2248 clr_optimization_v4.0.30319_32 - ok
19:11:53.0589 2248 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:11:53.0589 2248 CmBatt - ok
19:11:53.0605 2248 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
19:11:53.0605 2248 cmdide - ok
19:11:53.0621 2248 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
19:11:53.0636 2248 CNG - ok
19:11:53.0652 2248 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:11:53.0652 2248 Compbatt - ok
19:11:53.0667 2248 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:11:53.0667 2248 CompositeBus - ok
19:11:53.0667 2248 COMSysApp - ok
19:11:53.0699 2248 cpuz132 - ok
19:11:53.0699 2248 cqmgstor - ok
19:11:53.0714 2248 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:11:53.0714 2248 crcdisk - ok
19:11:53.0730 2248 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
19:11:53.0730 2248 CryptSvc - ok
19:11:53.0745 2248 CTAudSvcService - ok
19:11:53.0761 2248 CTDevice_Srv - ok
19:11:53.0777 2248 CX88ENC - ok
19:11:53.0808 2248 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
19:11:53.0808 2248 DcomLaunch - ok
19:11:53.0823 2248 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:11:53.0823 2248 defragsvc - ok
19:11:53.0839 2248 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
19:11:53.0855 2248 DfsC - ok
19:11:53.0870 2248 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
19:11:53.0870 2248 Dhcp - ok
19:11:53.0886 2248 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:11:53.0886 2248 discache - ok
19:11:53.0901 2248 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:11:53.0901 2248 Disk - ok
19:11:53.0917 2248 djsnetcn - ok
19:11:53.0933 2248 dmodusb (c075bb113693fa7b00cb25bfd1d824c7) C:\Windows\system32\DRIVERS\dmodusb.sys
19:11:53.0933 2248 dmodusb - ok
19:11:53.0948 2248 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
19:11:53.0948 2248 Dnscache - ok
19:11:53.0964 2248 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
19:11:53.0964 2248 dot3svc - ok
19:11:53.0979 2248 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
19:11:53.0979 2248 DPS - ok
19:11:53.0995 2248 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:11:53.0995 2248 drmkaud - ok
19:11:54.0042 2248 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
19:11:54.0042 2248 DXGKrnl - ok
19:11:54.0057 2248 e1yexpress (8eef52ad831471e323ee7364a8656d35) C:\Windows\system32\DRIVERS\e1y6032.sys
19:11:54.0073 2248 e1yexpress - ok
19:11:54.0073 2248 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:11:54.0089 2248 EapHost - ok
19:11:54.0198 2248 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:11:54.0229 2248 ebdrv - ok
19:11:54.0260 2248 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
19:11:54.0260 2248 EFS - ok
19:11:54.0291 2248 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe
19:11:54.0307 2248 ehRecvr - ok
19:11:54.0307 2248 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
19:11:54.0307 2248 ehSched - ok
19:11:54.0338 2248 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:11:54.0354 2248 elxstor - ok
19:11:54.0354 2248 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
19:11:54.0354 2248 ErrDev - ok
19:11:54.0385 2248 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:11:54.0401 2248 EventSystem - ok
19:11:54.0416 2248 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:11:54.0416 2248 exfat - ok
19:11:54.0432 2248 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:11:54.0432 2248 fastfat - ok
19:11:54.0463 2248 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
19:11:54.0479 2248 Fax - ok
19:11:54.0479 2248 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:11:54.0479 2248 fdc - ok
19:11:54.0494 2248 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:11:54.0494 2248 fdPHost - ok
19:11:54.0510 2248 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:11:54.0510 2248 FDResPub - ok
19:11:54.0525 2248 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:11:54.0525 2248 FileInfo - ok
19:11:54.0541 2248 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:11:54.0541 2248 Filetrace - ok
19:11:54.0557 2248 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:11:54.0557 2248 flpydisk - ok
19:11:54.0572 2248 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:11:54.0572 2248 FltMgr - ok
19:11:54.0603 2248 FontCache (7fe4995528a7529a761875151ee3d512) C:\Windows\system32\FntCache.dll
19:11:54.0619 2248 FontCache - ok
19:11:54.0635 2248 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:11:54.0635 2248 FontCache3.0.0.0 - ok
19:11:54.0635 2248 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:11:54.0650 2248 FsDepends - ok
19:11:54.0666 2248 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys
19:11:54.0666 2248 Fs_Rec - ok
19:11:54.0681 2248 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
19:11:54.0681 2248 fvevol - ok
19:11:54.0697 2248 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:11:54.0697 2248 gagp30kx - ok
19:11:54.0713 2248 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:11:54.0713 2248 GEARAspiWDM - ok
19:11:54.0728 2248 GoBack2K - ok
19:11:54.0759 2248 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
19:11:54.0759 2248 gpsvc - ok
19:11:54.0775 2248 GVCplDrv - ok
19:11:54.0775 2248 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:11:54.0775 2248 hcw85cir - ok
19:11:54.0791 2248 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
19:11:54.0806 2248 HdAudAddService - ok
19:11:54.0806 2248 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:11:54.0806 2248 HDAudBus - ok
19:11:54.0822 2248 hibernation - ok
19:11:54.0822 2248 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:11:54.0822 2248 HidBatt - ok
19:11:54.0837 2248 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:11:54.0837 2248 HidBth - ok
19:11:54.0837 2248 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:11:54.0837 2248 HidIr - ok
19:11:54.0853 2248 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
19:11:54.0853 2248 hidserv - ok
19:11:54.0853 2248 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
19:11:54.0853 2248 HidUsb - ok
19:11:54.0869 2248 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
19:11:54.0869 2248 hkmsvc - ok
19:11:54.0884 2248 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
19:11:54.0884 2248 HomeGroupListener - ok
19:11:54.0900 2248 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
19:11:54.0900 2248 HomeGroupProvider - ok
19:11:54.0900 2248 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:11:54.0900 2248 HpSAMD - ok
19:11:54.0931 2248 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
19:11:54.0931 2248 HTTP - ok
19:11:54.0947 2248 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
19:11:54.0947 2248 hwpolicy - ok
19:11:54.0947 2248 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
19:11:54.0947 2248 i8042prt - ok
19:11:54.0978 2248 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
19:11:54.0978 2248 iaStorV - ok
19:11:55.0009 2248 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:11:55.0025 2248 idsvc - ok
19:11:55.0337 2248 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:11:55.0446 2248 igfx - ok
19:11:55.0493 2248 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:11:55.0493 2248 iirsp - ok
19:11:55.0508 2248 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
19:11:55.0524 2248 IKEEXT - ok
19:11:55.0539 2248 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
19:11:55.0539 2248 intelide - ok
19:11:55.0539 2248 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:11:55.0539 2248 intelppm - ok
19:11:55.0555 2248 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:11:55.0555 2248 IPBusEnum - ok
19:11:55.0555 2248 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:11:55.0555 2248 IpFilterDriver - ok
19:11:55.0586 2248 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
19:11:55.0586 2248 iphlpsvc - ok
19:11:55.0602 2248 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:11:55.0602 2248 IPMIDRV - ok
19:11:55.0602 2248 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:11:55.0602 2248 IPNAT - ok
19:11:55.0649 2248 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
19:11:55.0649 2248 iPod Service - ok
19:11:55.0664 2248 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:11:55.0664 2248 IRENUM - ok
19:11:55.0664 2248 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
19:11:55.0664 2248 isapnp - ok
19:11:55.0680 2248 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
19:11:55.0680 2248 iScsiPrt - ok
19:11:55.0680 2248 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:11:55.0695 2248 kbdclass - ok
19:11:55.0695 2248 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
19:11:55.0695 2248 kbdhid - ok
19:11:55.0695 2248 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:11:55.0711 2248 KeyIso - ok
19:11:55.0711 2248 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
19:11:55.0711 2248 KSecDD - ok
19:11:55.0727 2248 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
19:11:55.0727 2248 KSecPkg - ok
19:11:55.0742 2248 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:11:55.0742 2248 KtmRm - ok
19:11:55.0758 2248 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\System32\srvsvc.dll
19:11:55.0773 2248 LanmanServer - ok
19:11:55.0773 2248 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
19:11:55.0773 2248 LanmanWorkstation - ok
19:11:55.0789 2248 LHidFilt - ok
19:11:55.0789 2248 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:11:55.0789 2248 lltdio - ok
19:11:55.0805 2248 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:11:55.0805 2248 lltdsvc - ok
19:11:55.0820 2248 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:11:55.0820 2248 lmhosts - ok
19:11:55.0836 2248 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:11:55.0836 2248 LSI_FC - ok
19:11:55.0836 2248 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:11:55.0836 2248 LSI_SAS - ok
19:11:55.0851 2248 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:11:55.0851 2248 LSI_SAS2 - ok
19:11:55.0851 2248 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:11:55.0851 2248 LSI_SCSI - ok
19:11:55.0867 2248 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:11:55.0867 2248 luafv - ok
19:11:55.0867 2248 MASPINT - ok
19:11:55.0883 2248 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
19:11:55.0883 2248 MBAMProtector - ok
19:11:55.0914 2248 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:11:55.0914 2248 MBAMService - ok
19:11:55.0929 2248 mcdbus - ok
19:11:55.0929 2248 mcp - ok
19:11:55.0945 2248 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
19:11:55.0945 2248 Mcx2Svc - ok
19:11:55.0945 2248 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:11:55.0945 2248 megasas - ok
19:11:55.0961 2248 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:11:55.0976 2248 MegaSR - ok
19:11:55.0976 2248 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:11:55.0976 2248 Microsoft Office Groove Audit Service - ok
19:11:55.0992 2248 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:11:55.0992 2248 MMCSS - ok
19:11:55.0992 2248 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:11:55.0992 2248 Modem - ok
19:11:56.0007 2248 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:11:56.0007 2248 monitor - ok
19:11:56.0007 2248 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:11:56.0007 2248 mouclass - ok
19:11:56.0023 2248 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:11:56.0023 2248 mouhid - ok
19:11:56.0023 2248 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
19:11:56.0023 2248 mountmgr - ok
19:11:56.0039 2248 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
19:11:56.0039 2248 mpio - ok
19:11:56.0039 2248 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:11:56.0054 2248 mpsdrv - ok
19:11:56.0070 2248 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
19:11:56.0070 2248 MpsSvc - ok
19:11:56.0085 2248 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
19:11:56.0101 2248 MRxDAV - ok
19:11:56.0117 2248 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:11:56.0117 2248 mrxsmb - ok
19:11:56.0132 2248 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:11:56.0132 2248 mrxsmb10 - ok
19:11:56.0132 2248 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:11:56.0148 2248 mrxsmb20 - ok
19:11:56.0148 2248 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
19:11:56.0148 2248 msahci - ok
19:11:56.0163 2248 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
19:11:56.0163 2248 msdsm - ok
19:11:56.0163 2248 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:11:56.0163 2248 MSDTC - ok
19:11:56.0179 2248 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:11:56.0179 2248 Msfs - ok
19:11:56.0195 2248 MSFWHLPR - ok
19:11:56.0195 2248 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:11:56.0195 2248 mshidkmdf - ok
19:11:56.0195 2248 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
19:11:56.0210 2248 msisadrv - ok
19:11:56.0210 2248 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:11:56.0210 2248 MSiSCSI - ok
19:11:56.0226 2248 msiserver - ok
19:11:56.0226 2248 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:11:56.0226 2248 MSKSSRV - ok
19:11:56.0226 2248 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:11:56.0241 2248 MSPCLOCK - ok
19:11:56.0241 2248 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:11:56.0241 2248 MSPQM - ok
19:11:56.0257 2248 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:11:56.0257 2248 MsRPC - ok
19:11:56.0257 2248 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
19:11:56.0257 2248 mssmbios - ok
19:11:56.0273 2248 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:11:56.0273 2248 MSTEE - ok
19:11:56.0273 2248 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:11:56.0273 2248 MTConfig - ok
19:11:56.0288 2248 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:11:56.0288 2248 Mup - ok
19:11:56.0304 2248 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
19:11:56.0304 2248 napagent - ok
19:11:56.0319 2248 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:11:56.0319 2248 NativeWifiP - ok
19:11:56.0335 2248 naveng - ok
19:11:56.0366 2248 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
19:11:56.0366 2248 NDIS - ok
19:11:56.0366 2248 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:11:56.0366 2248 NdisCap - ok
19:11:56.0382 2248 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:11:56.0382 2248 NdisTapi - ok
19:11:56.0382 2248 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
19:11:56.0382 2248 Ndisuio - ok
19:11:56.0397 2248 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
19:11:56.0397 2248 NdisWan - ok
19:11:56.0413 2248 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
19:11:56.0413 2248 NDProxy - ok
19:11:56.0444 2248 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
19:11:56.0444 2248 Nero BackItUp Scheduler 4.0 - ok
19:11:56.0460 2248 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:11:56.0460 2248 NetBIOS - ok
19:11:56.0475 2248 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
19:11:56.0475 2248 NetBT - ok
19:11:56.0475 2248 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:11:56.0475 2248 Netlogon - ok
19:11:56.0491 2248 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:11:56.0491 2248 Netman - ok
19:11:56.0522 2248 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:11:56.0522 2248 netprofm - ok
19:11:56.0522 2248 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:11:56.0538 2248 NetTcpPortSharing - ok
19:11:56.0709 2248 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
19:11:56.0787 2248 netw5v32 - ok
19:11:56.0850 2248 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:11:56.0865 2248 nfrd960 - ok
19:11:56.0897 2248 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
19:11:56.0897 2248 NlaSvc - ok
19:11:56.0928 2248 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:11:56.0928 2248 Npfs - ok
19:11:56.0943 2248 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:11:56.0943 2248 nsi - ok
19:11:56.0975 2248 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:11:56.0975 2248 nsiproxy - ok
19:11:57.0068 2248 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
19:11:57.0099 2248 Ntfs - ok
19:11:57.0162 2248 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:11:57.0162 2248 Null - ok
19:11:57.0177 2248 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
19:11:57.0193 2248 nvraid - ok
19:11:57.0224 2248 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
19:11:57.0224 2248 nvstor - ok
19:11:57.0240 2248 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
19:11:57.0255 2248 nv_agp - ok
19:11:57.0271 2248 NWHOST - ok
19:11:57.0302 2248 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:11:57.0302 2248 odserv - ok
19:11:57.0318 2248 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
19:11:57.0318 2248 ohci1394 - ok
19:11:57.0333 2248 OpcEnum - ok
19:11:57.0349 2248 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:11:57.0349 2248 ose - ok
19:11:57.0380 2248 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:11:57.0396 2248 p2pimsvc - ok
19:11:57.0411 2248 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:11:57.0427 2248 p2psvc - ok
19:11:57.0443 2248 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:11:57.0443 2248 Parport - ok
19:11:57.0458 2248 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
19:11:57.0458 2248 partmgr - ok
19:11:57.0474 2248 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:11:57.0474 2248 Parvdm - ok
19:11:57.0489 2248 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:11:57.0489 2248 PcaSvc - ok
19:11:57.0505 2248 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
19:11:57.0521 2248 pci - ok
19:11:57.0536 2248 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
19:11:57.0536 2248 pciide - ok
19:11:57.0552 2248 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:11:57.0552 2248 pcmcia - ok
19:11:57.0567 2248 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:11:57.0567 2248 pcw - ok
19:11:57.0583 2248 pdscheduler - ok
19:11:57.0614 2248 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:11:57.0630 2248 PEAUTH - ok
19:11:57.0645 2248 pepifilter - ok
19:11:57.0723 2248 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
19:11:57.0755 2248 pla - ok
19:11:57.0801 2248 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
19:11:57.0801 2248 PlugPlay - ok
19:11:57.0817 2248 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:11:57.0817 2248 PNRPAutoReg - ok
19:11:57.0848 2248 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:11:57.0848 2248 PNRPsvc - ok
19:11:57.0879 2248 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
19:11:57.0895 2248 PolicyAgent - ok
19:11:57.0911 2248 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
19:11:57.0911 2248 Power - ok
19:11:57.0926 2248 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:11:57.0926 2248 PptpMiniport - ok
19:11:57.0942 2248 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:11:57.0942 2248 Processor - ok
19:11:57.0957 2248 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
19:11:57.0957 2248 ProfSvc - ok
19:11:57.0973 2248 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:11:57.0973 2248 ProtectedStorage - ok
19:11:57.0989 2248 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:11:57.0989 2248 Psched - ok
19:11:58.0004 2248 puscsrvc - ok
19:11:58.0067 2248 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:11:58.0082 2248 ql2300 - ok
19:11:58.0113 2248 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:11:58.0113 2248 ql40xx - ok
19:11:58.0129 2248 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:11:58.0145 2248 QWAVE - ok
19:11:58.0160 2248 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:11:58.0160 2248 QWAVEdrv - ok
19:11:58.0176 2248 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:11:58.0176 2248 RasAcd - ok
19:11:58.0176 2248 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:11:58.0176 2248 RasAgileVpn - ok
19:11:58.0191 2248 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:11:58.0207 2248 RasAuto - ok
19:11:58.0223 2248 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:11:58.0223 2248 Rasl2tp - ok
19:11:58.0238 2248 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
19:11:58.0238 2248 RasMan - ok
19:11:58.0254 2248 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:11:58.0254 2248 RasPppoe - ok
19:11:58.0269 2248 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:11:58.0269 2248 RasSstp - ok
19:11:58.0285 2248 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
19:11:58.0285 2248 rdbss - ok
19:11:58.0301 2248 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:11:58.0301 2248 rdpbus - ok
19:11:58.0316 2248 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:11:58.0316 2248 RDPCDD - ok
19:11:58.0332 2248 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:11:58.0332 2248 RDPENCDD - ok
19:11:58.0347 2248 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:11:58.0347 2248 RDPREFMP - ok
19:11:58.0363 2248 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys
19:11:58.0363 2248 RDPWD - ok
19:11:58.0379 2248 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
19:11:58.0394 2248 rdyboost - ok
19:11:58.0394 2248 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:11:58.0410 2248 RemoteAccess - ok
19:11:58.0410 2248 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:11:58.0425 2248 RemoteRegistry - ok
19:11:58.0425 2248 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
19:11:58.0441 2248 RimUsb - ok
19:11:58.0441 2248 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
19:11:58.0441 2248 RimVSerPort - ok
19:11:58.0457 2248 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
19:11:58.0457 2248 ROOTMODEM - ok
19:11:58.0472 2248 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:11:58.0472 2248 RpcEptMapper - ok
19:11:58.0488 2248 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:11:58.0488 2248 RpcLocator - ok
19:11:58.0519 2248 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\System32\rpcss.dll
19:11:58.0519 2248 RpcSs - ok
19:11:58.0535 2248 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:11:58.0535 2248 rspndr - ok
19:11:58.0550 2248 s117unic - ok
19:11:58.0550 2248 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:11:58.0550 2248 SamSs - ok
19:11:58.0566 2248 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
19:11:58.0566 2248 sbp2port - ok
19:11:58.0581 2248 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:11:58.0597 2248 SCardSvr - ok
19:11:58.0597 2248 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
19:11:58.0613 2248 scfilter - ok
19:11:58.0644 2248 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
19:11:58.0644 2248 Schedule - ok
19:11:58.0659 2248 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
19:11:58.0659 2248 SCPolicySvc - ok
19:11:58.0691 2248 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
19:11:58.0691 2248 sdbus - ok
19:11:58.0706 2248 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
19:11:58.0706 2248 SDRSVC - ok
19:11:58.0722 2248 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
19:11:58.0722 2248 SeaPort - ok
19:11:58.0737 2248 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:11:58.0737 2248 secdrv - ok
19:11:58.0753 2248 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:11:58.0753 2248 seclogon - ok
19:11:58.0769 2248 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
19:11:58.0769 2248 SENS - ok
19:11:58.0784 2248 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
19:11:58.0784 2248 SensrSvc - ok
19:11:58.0800 2248 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:11:58.0800 2248 Serenum - ok
19:11:58.0815 2248 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:11:58.0815 2248 Serial - ok
19:11:58.0831 2248 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:11:58.0831 2248 sermouse - ok
19:11:58.0847 2248 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
19:11:58.0862 2248 SessionEnv - ok
19:11:58.0862 2248 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
19:11:58.0862 2248 sffdisk - ok
19:11:58.0878 2248 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:11:58.0878 2248 sffp_mmc - ok
19:11:58.0893 2248 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:11:58.0893 2248 sffp_sd - ok
19:11:58.0909 2248 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:11:58.0909 2248 sfloppy - ok
19:11:58.0925 2248 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:11:58.0925 2248 SharedAccess - ok
19:11:58.0956 2248 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
19:11:58.0956 2248 ShellHWDetection - ok
19:11:58.0971 2248 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
19:11:58.0971 2248 sisagp - ok
19:11:58.0987 2248 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:11:58.0987 2248 SiSRaid2 - ok
19:11:59.0003 2248 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:11:59.0003 2248 SiSRaid4 - ok
19:11:59.0018 2248 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:11:59.0018 2248 Smb - ok
19:11:59.0034 2248 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:11:59.0049 2248 SNMPTRAP - ok
19:11:59.0065 2248 snoopfreesvc - ok
19:11:59.0065 2248 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:11:59.0065 2248 spldr - ok
19:11:59.0096 2248 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
19:11:59.0096 2248 Spooler - ok
19:11:59.0205 2248 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
19:11:59.0252 2248 sppsvc - ok
19:11:59.0283 2248 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
19:11:59.0283 2248 sppuinotify - ok
19:11:59.0299 2248 SRS_SSCFilter - ok
19:11:59.0330 2248 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
19:11:59.0330 2248 srv - ok
19:11:59.0346 2248 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
19:11:59.0346 2248 srv2 - ok
19:11:59.0361 2248 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
19:11:59.0377 2248 srvnet - ok
19:11:59.0393 2248 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:11:59.0393 2248 SSDPSRV - ok
19:11:59.0408 2248 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:11:59.0408 2248 SstpSvc - ok
19:11:59.0424 2248 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:11:59.0424 2248 stexstor - ok
19:11:59.0439 2248 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
19:11:59.0455 2248 StiSvc - ok
19:11:59.0471 2248 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
19:11:59.0471 2248 swenum - ok
19:11:59.0486 2248 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:11:59.0486 2248 swprv - ok
19:11:59.0533 2248 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
19:11:59.0564 2248 SysMain - ok
19:11:59.0564 2248 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
19:11:59.0580 2248 TabletInputService - ok
19:11:59.0595 2248 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
19:11:59.0595 2248 TapiSrv - ok
19:11:59.0611 2248 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:11:59.0611 2248 TBS - ok
19:11:59.0673 2248 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
19:11:59.0689 2248 Tcpip - ok
19:11:59.0767 2248 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
19:11:59.0783 2248 TCPIP6 - ok
19:11:59.0814 2248 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
19:11:59.0814 2248 tcpipreg - ok
19:11:59.0829 2248 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
19:11:59.0845 2248 TDPIPE - ok
19:11:59.0845 2248 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys
19:11:59.0845 2248 TDTCP - ok
19:11:59.0861 2248 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
19:11:59.0861 2248 tdx - ok
19:11:59.0876 2248 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
19:11:59.0876 2248 TermDD - ok
19:11:59.0907 2248 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
19:11:59.0923 2248 TermService - ok
19:11:59.0923 2248 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:11:59.0939 2248 Themes - ok
19:11:59.0939 2248 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:11:59.0939 2248 THREADORDER - ok
19:11:59.0954 2248 TMBMServer - ok
19:11:59.0970 2248 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:11:59.0970 2248 TrkWks - ok
19:11:59.0985 2248 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
19:11:59.0985 2248 TrustedInstaller - ok
19:12:00.0017 2248 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:12:00.0017 2248 tssecsrv - ok
19:12:00.0032 2248 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
19:12:00.0032 2248 tunnel - ok
19:12:00.0048 2248 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:12:00.0048 2248 uagp35 - ok
19:12:00.0063 2248 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
19:12:00.0063 2248 udfs - ok
19:12:00.0095 2248 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:12:00.0095 2248 UI0Detect - ok
19:12:00.0110 2248 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:12:00.0110 2248 uliagpkx - ok
19:12:00.0126 2248 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
19:12:00.0126 2248 umbus - ok
19:12:00.0126 2248 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:12:00.0141 2248 UmPass - ok
19:12:00.0141 2248 umxfwhlp - ok
19:12:00.0157 2248 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:12:00.0173 2248 upnphost - ok
19:12:00.0188 2248 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
19:12:00.0188 2248 USBAAPL - ok
19:12:00.0204 2248 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
19:12:00.0204 2248 usbccgp - ok
19:12:00.0219 2248 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
19:12:00.0219 2248 usbcir - ok
19:12:00.0235 2248 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
19:12:00.0235 2248 usbehci - ok
19:12:00.0251 2248 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
19:12:00.0251 2248 usbhub - ok
19:12:00.0266 2248 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
19:12:00.0266 2248 usbohci - ok
19:12:00.0282 2248 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:12:00.0282 2248 usbprint - ok
19:12:00.0297 2248 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:12:00.0297 2248 USBSTOR - ok
19:12:00.0313 2248 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys
19:12:00.0313 2248 usbuhci - ok
19:12:00.0329 2248 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:12:00.0329 2248 UxSms - ok
19:12:00.0344 2248 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:12:00.0344 2248 VaultSvc - ok
19:12:00.0360 2248 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:12:00.0360 2248 vdrvroot - ok
19:12:00.0375 2248 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
19:12:00.0391 2248 vds - ok
19:12:00.0407 2248 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:12:00.0407 2248 vga - ok
19:12:00.0407 2248 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:12:00.0407 2248 VgaSave - ok
19:12:00.0422 2248 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
19:12:00.0438 2248 vhdmp - ok
19:12:00.0438 2248 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
19:12:00.0453 2248 viaagp - ok
19:12:00.0453 2248 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:12:00.0453 2248 ViaC7 - ok
19:12:00.0469 2248 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
19:12:00.0469 2248 viaide - ok
19:12:00.0485 2248 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
19:12:00.0485 2248 volmgr - ok
19:12:00.0500 2248 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:12:00.0516 2248 volmgrx - ok
19:12:00.0531 2248 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
19:12:00.0531 2248 volsnap - ok
19:12:00.0547 2248 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:12:00.0547 2248 vsmraid - ok
19:12:00.0578 2248 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
19:12:00.0594 2248 VSS - ok
19:12:00.0609 2248 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:12:00.0609 2248 vwifibus - ok
19:12:00.0625 2248 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:12:00.0625 2248 W32Time - ok
19:12:00.0641 2248 W55U01 - ok
19:12:00.0641 2248 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:12:00.0641 2248 WacomPen - ok
19:12:00.0656 2248 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:12:00.0656 2248 WANARP - ok
19:12:00.0656 2248 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:12:00.0656 2248 Wanarpv6 - ok
19:12:00.0719 2248 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
19:12:00.0734 2248 WatAdminSvc - ok
19:12:00.0812 2248 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
19:12:00.0828 2248 wbengine - ok
19:12:00.0843 2248 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:12:00.0843 2248 WbioSrvc - ok
19:12:00.0859 2248 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll
19:12:00.0875 2248 wcncsvc - ok
19:12:00.0875 2248 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:12:00.0890 2248 WcsPlugInService - ok
19:12:00.0906 2248 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:12:00.0906 2248 Wd - ok
19:12:00.0906 2248 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
19:12:00.0921 2248 WDC_SAM - ok
19:12:00.0937 2248 WDDMService (7d1e301e2eeaf6d3730887de933413e6) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
19:12:00.0937 2248 WDDMService - ok
19:12:00.0968 2248 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:12:00.0984 2248 Wdf01000 - ok
19:12:00.0999 2248 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:12:00.0999 2248 WdiServiceHost - ok
19:12:01.0015 2248 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:12:01.0015 2248 WdiSystemHost - ok
19:12:01.0031 2248 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
19:12:01.0031 2248 WDSmartWareBackgroundService - ok
19:12:01.0062 2248 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll
19:12:01.0062 2248 WebClient - ok
19:12:01.0077 2248 websenserealtimeanalyzer - ok
19:12:01.0109 2248 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:12:01.0109 2248 Wecsvc - ok
19:12:01.0140 2248 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:12:01.0140 2248 wercplsupport - ok
19:12:01.0155 2248 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:12:01.0155 2248 WerSvc - ok
19:12:01.0171 2248 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:12:01.0171 2248 WfpLwf - ok
19:12:01.0187 2248 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:12:01.0187 2248 WIMMount - ok
19:12:01.0233 2248 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:12:01.0249 2248 WinDefend - ok
19:12:01.0249 2248 WinHttpAutoProxySvc - ok
19:12:01.0280 2248 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:12:01.0280 2248 Winmgmt - ok
19:12:01.0358 2248 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
19:12:01.0389 2248 WinRM - ok
19:12:01.0405 2248 wintab32 - ok
19:12:01.0436 2248 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUSB.sys
19:12:01.0436 2248 WinUsb - ok
19:12:01.0483 2248 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:12:01.0499 2248 Wlansvc - ok
19:12:01.0514 2248 WLAN_USB - ok
19:12:01.0623 2248 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:12:01.0655 2248 wlidsvc - ok
19:12:01.0701 2248 WmaCDriverV32 - ok
19:12:01.0717 2248 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:12:01.0717 2248 WmiAcpi - ok
19:12:01.0748 2248 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:12:01.0748 2248 wmiApSrv - ok
19:12:01.0811 2248 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:12:01.0842 2248 WMPNetworkSvc - ok
19:12:01.0889 2248 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:12:01.0904 2248 WPCSvc - ok
19:12:01.0904 2248 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
19:12:01.0920 2248 WPDBusEnum - ok
19:12:01.0935 2248 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:12:01.0935 2248 ws2ifsl - ok
19:12:01.0951 2248 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\system32\wscsvc.dll
19:12:01.0951 2248 wscsvc - ok
19:12:01.0967 2248 WSearch - ok
19:12:02.0076 2248 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
19:12:02.0123 2248 wuauserv - ok
19:12:02.0185 2248 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
19:12:02.0185 2248 WudfPf - ok
19:12:02.0201 2248 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:12:02.0201 2248 WUDFRd - ok
19:12:02.0216 2248 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
19:12:02.0232 2248 wudfsvc - ok
19:12:02.0247 2248 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:12:02.0247 2248 WwanSvc - ok
19:12:02.0263 2248 XilinxPC4Driver (6104f397127feeccce16bd16cd3843a6) C:\Windows\System32\drivers\xpc4drvr.sys
19:12:02.0263 2248 XilinxPC4Driver - ok
19:12:02.0279 2248 z800bus - ok
19:12:02.0294 2248 zpnodecollector - ok
19:12:02.0325 2248 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:12:02.0325 2248 \Device\Harddisk0\DR0 - ok
19:12:02.0341 2248 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
19:12:02.0419 2248 \Device\Harddisk1\DR2 - ok
19:12:02.0435 2248 Boot (0x1200) (32dd58855755ee2ca18a8c61cc51637b) \Device\Harddisk0\DR0\Partition0
19:12:02.0435 2248 \Device\Harddisk0\DR0\Partition0 - ok
19:12:02.0435 2248 Boot (0x1200) (8f0738f899459fa9d708b4aaf70a8d14) \Device\Harddisk0\DR0\Partition1
19:12:02.0435 2248 \Device\Harddisk0\DR0\Partition1 - ok
19:12:02.0450 2248 Boot (0x1200) (6c8eeb9621c1451f9c0839fbe9e96142) \Device\Harddisk1\DR2\Partition0
19:12:02.0450 2248 \Device\Harddisk1\DR2\Partition0 - ok
19:12:02.0450 2248 ============================================================
19:12:02.0450 2248 Scan finished
19:12:02.0450 2248 ============================================================
19:12:02.0481 3224 Detected object count: 0
19:12:02.0481 3224 Actual detected object count: 0
19:11:46.0351 0888 ============================================================
19:11:46.0351 0888 Current date / time: 2012/05/23 19:11:46.0351
19:11:46.0351 0888 SystemInfo:
19:11:46.0351 0888
19:11:46.0351 0888 OS Version: 6.1.7600 ServicePack: 0.0
19:11:46.0351 0888 Product type: Workstation
19:11:46.0351 0888 ComputerName: OWNER-PC
19:11:46.0351 0888 UserName: Owner
19:11:46.0351 0888 Windows directory: C:\Windows
19:11:46.0351 0888 System windows directory: C:\Windows
19:11:46.0351 0888 Processor architecture: Intel x86
19:11:46.0351 0888 Number of processors: 2
19:11:46.0351 0888 Page size: 0x1000
19:11:46.0351 0888 Boot type: Normal boot
19:11:46.0351 0888 ============================================================
19:11:46.0725 0888 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:11:46.0725 0888 Drive \Device\Harddisk1\DR2 - Size: 0xEB800000 (3.68 Gb), SectorSize: 0x200, Cylinders: 0x1E0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:11:46.0741 0888 ============================================================
19:11:46.0741 0888 \Device\Harddisk0\DR0:
19:11:46.0741 0888 MBR partitions:
19:11:46.0741 0888 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:11:46.0741 0888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
19:11:46.0741 0888 \Device\Harddisk1\DR2:
19:11:46.0741 0888 MBR partitions:
19:11:46.0741 0888 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x75A000
19:11:46.0741 0888 ============================================================
19:11:46.0741 0888 C: <-> \Device\Harddisk0\DR0\Partition1
19:11:46.0741 0888 ============================================================
19:11:46.0741 0888 Initialize success
19:11:46.0741 0888 ============================================================
19:11:51.0780 2248 ============================================================
19:11:51.0780 2248 Scan started
19:11:51.0780 2248 Mode: Manual;
19:11:51.0780 2248 ============================================================
19:11:52.0466 2248 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
19:11:52.0466 2248 1394ohci - ok
19:11:52.0482 2248 ac97intc - ok
19:11:52.0497 2248 acnusvc - ok
19:11:52.0513 2248 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
19:11:52.0513 2248 ACPI - ok
19:11:52.0529 2248 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
19:11:52.0529 2248 AcpiPmi - ok
19:11:52.0560 2248 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:11:52.0560 2248 AdobeFlashPlayerUpdateSvc - ok
19:11:52.0575 2248 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:11:52.0591 2248 adp94xx - ok
19:11:52.0607 2248 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:11:52.0607 2248 adpahci - ok
19:11:52.0622 2248 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:11:52.0622 2248 adpu320 - ok
19:11:52.0638 2248 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:11:52.0653 2248 AeLookupSvc - ok
19:11:52.0669 2248 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
19:11:52.0669 2248 AFD - ok
19:11:52.0685 2248 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
19:11:52.0685 2248 agp440 - ok
19:11:52.0700 2248 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:11:52.0700 2248 aic78xx - ok
19:11:52.0716 2248 alertservice - ok
19:11:52.0731 2248 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:11:52.0731 2248 ALG - ok
19:11:52.0731 2248 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
19:11:52.0731 2248 aliide - ok
19:11:52.0747 2248 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
19:11:52.0747 2248 amdagp - ok
19:11:52.0763 2248 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
19:11:52.0763 2248 amdide - ok
19:11:52.0778 2248 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:11:52.0778 2248 AmdK8 - ok
19:11:52.0794 2248 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:11:52.0794 2248 AmdPPM - ok
19:11:52.0794 2248 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
19:11:52.0794 2248 amdsata - ok
19:11:52.0809 2248 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:11:52.0825 2248 amdsbs - ok
19:11:52.0825 2248 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
19:11:52.0825 2248 amdxata - ok
19:11:52.0841 2248 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
19:11:52.0841 2248 AppID - ok
19:11:52.0856 2248 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:11:52.0856 2248 AppIDSvc - ok
19:11:52.0872 2248 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
19:11:52.0872 2248 Appinfo - ok
19:11:52.0887 2248 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:11:52.0887 2248 Apple Mobile Device - ok
19:11:52.0919 2248 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:11:52.0919 2248 arc - ok
19:11:52.0919 2248 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:11:52.0919 2248 arcsas - ok
19:11:52.0934 2248 armoucfltr - ok
19:11:52.0950 2248 aswmon2 - ok
19:11:52.0965 2248 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:11:52.0965 2248 AsyncMac - ok
19:11:52.0981 2248 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
19:11:52.0981 2248 atapi - ok
19:11:52.0997 2248 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
19:11:53.0012 2248 AudioEndpointBuilder - ok
19:11:53.0012 2248 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
19:11:53.0028 2248 Audiosrv - ok
19:11:53.0028 2248 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
19:11:53.0043 2248 AxInstSV - ok
19:11:53.0059 2248 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:11:53.0075 2248 b06bdrv - ok
19:11:53.0090 2248 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:11:53.0090 2248 b57nd60x - ok
19:11:53.0106 2248 backupexecnotificationserver - ok
19:11:53.0137 2248 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
19:11:53.0137 2248 BBSvc - ok
19:11:53.0153 2248 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:11:53.0153 2248 BDESVC - ok
19:11:53.0168 2248 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:11:53.0168 2248 Beep - ok
19:11:53.0184 2248 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
19:11:53.0199 2248 BFE - ok
19:11:53.0215 2248 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll
19:11:53.0231 2248 BITS - ok
19:11:53.0246 2248 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:11:53.0246 2248 blbdrive - ok
19:11:53.0262 2248 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
19:11:53.0277 2248 Bonjour Service - ok
19:11:53.0293 2248 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
19:11:53.0293 2248 bowser - ok
19:11:53.0293 2248 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:11:53.0293 2248 BrFiltLo - ok
19:11:53.0309 2248 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:11:53.0309 2248 BrFiltUp - ok
19:11:53.0324 2248 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
19:11:53.0324 2248 BridgeMP - ok
19:11:53.0340 2248 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
19:11:53.0340 2248 Browser - ok
19:11:53.0371 2248 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:11:53.0371 2248 Brserid - ok
19:11:53.0387 2248 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:11:53.0387 2248 BrSerWdm - ok
19:11:53.0402 2248 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:11:53.0402 2248 BrUsbMdm - ok
19:11:53.0402 2248 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:11:53.0402 2248 BrUsbSer - ok
19:11:53.0418 2248 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:11:53.0418 2248 BTHMODEM - ok
19:11:53.0433 2248 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:11:53.0449 2248 bthserv - ok
19:11:53.0465 2248 catchme - ok
19:11:53.0465 2248 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:11:53.0480 2248 cdfs - ok
19:11:53.0496 2248 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
19:11:53.0496 2248 cdrom - ok
19:11:53.0496 2248 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
19:11:53.0511 2248 CertPropSvc - ok
19:11:53.0511 2248 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:11:53.0511 2248 circlass - ok
19:11:53.0543 2248 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:11:53.0543 2248 CLFS - ok
19:11:53.0558 2248 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:53.0558 2248 clr_optimization_v2.0.50727_32 - ok
19:11:53.0574 2248 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:11:53.0574 2248 clr_optimization_v4.0.30319_32 - ok
19:11:53.0589 2248 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:11:53.0589 2248 CmBatt - ok
19:11:53.0605 2248 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
19:11:53.0605 2248 cmdide - ok
19:11:53.0621 2248 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
19:11:53.0636 2248 CNG - ok
19:11:53.0652 2248 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:11:53.0652 2248 Compbatt - ok
19:11:53.0667 2248 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:11:53.0667 2248 CompositeBus - ok
19:11:53.0667 2248 COMSysApp - ok
19:11:53.0699 2248 cpuz132 - ok
19:11:53.0699 2248 cqmgstor - ok
19:11:53.0714 2248 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:11:53.0714 2248 crcdisk - ok
19:11:53.0730 2248 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
19:11:53.0730 2248 CryptSvc - ok
19:11:53.0745 2248 CTAudSvcService - ok
19:11:53.0761 2248 CTDevice_Srv - ok
19:11:53.0777 2248 CX88ENC - ok
19:11:53.0808 2248 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
19:11:53.0808 2248 DcomLaunch - ok
19:11:53.0823 2248 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:11:53.0823 2248 defragsvc - ok
19:11:53.0839 2248 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
19:11:53.0855 2248 DfsC - ok
19:11:53.0870 2248 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
19:11:53.0870 2248 Dhcp - ok
19:11:53.0886 2248 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:11:53.0886 2248 discache - ok
19:11:53.0901 2248 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:11:53.0901 2248 Disk - ok
19:11:53.0917 2248 djsnetcn - ok
19:11:53.0933 2248 dmodusb (c075bb113693fa7b00cb25bfd1d824c7) C:\Windows\system32\DRIVERS\dmodusb.sys
19:11:53.0933 2248 dmodusb - ok
19:11:53.0948 2248 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
19:11:53.0948 2248 Dnscache - ok
19:11:53.0964 2248 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
19:11:53.0964 2248 dot3svc - ok
19:11:53.0979 2248 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
19:11:53.0979 2248 DPS - ok
19:11:53.0995 2248 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:11:53.0995 2248 drmkaud - ok
19:11:54.0042 2248 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
19:11:54.0042 2248 DXGKrnl - ok
19:11:54.0057 2248 e1yexpress (8eef52ad831471e323ee7364a8656d35) C:\Windows\system32\DRIVERS\e1y6032.sys
19:11:54.0073 2248 e1yexpress - ok
19:11:54.0073 2248 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:11:54.0089 2248 EapHost - ok
19:11:54.0198 2248 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:11:54.0229 2248 ebdrv - ok
19:11:54.0260 2248 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
19:11:54.0260 2248 EFS - ok
19:11:54.0291 2248 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe
19:11:54.0307 2248 ehRecvr - ok
19:11:54.0307 2248 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
19:11:54.0307 2248 ehSched - ok
19:11:54.0338 2248 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:11:54.0354 2248 elxstor - ok
19:11:54.0354 2248 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
19:11:54.0354 2248 ErrDev - ok
19:11:54.0385 2248 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:11:54.0401 2248 EventSystem - ok
19:11:54.0416 2248 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:11:54.0416 2248 exfat - ok
19:11:54.0432 2248 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:11:54.0432 2248 fastfat - ok
19:11:54.0463 2248 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
19:11:54.0479 2248 Fax - ok
19:11:54.0479 2248 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:11:54.0479 2248 fdc - ok
19:11:54.0494 2248 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:11:54.0494 2248 fdPHost - ok
19:11:54.0510 2248 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:11:54.0510 2248 FDResPub - ok
19:11:54.0525 2248 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:11:54.0525 2248 FileInfo - ok
19:11:54.0541 2248 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:11:54.0541 2248 Filetrace - ok
19:11:54.0557 2248 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:11:54.0557 2248 flpydisk - ok
19:11:54.0572 2248 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:11:54.0572 2248 FltMgr - ok
19:11:54.0603 2248 FontCache (7fe4995528a7529a761875151ee3d512) C:\Windows\system32\FntCache.dll
19:11:54.0619 2248 FontCache - ok
19:11:54.0635 2248 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:11:54.0635 2248 FontCache3.0.0.0 - ok
19:11:54.0635 2248 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:11:54.0650 2248 FsDepends - ok
19:11:54.0666 2248 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys
19:11:54.0666 2248 Fs_Rec - ok
19:11:54.0681 2248 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
19:11:54.0681 2248 fvevol - ok
19:11:54.0697 2248 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:11:54.0697 2248 gagp30kx - ok
19:11:54.0713 2248 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:11:54.0713 2248 GEARAspiWDM - ok
19:11:54.0728 2248 GoBack2K - ok
19:11:54.0759 2248 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
19:11:54.0759 2248 gpsvc - ok
19:11:54.0775 2248 GVCplDrv - ok
19:11:54.0775 2248 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:11:54.0775 2248 hcw85cir - ok
19:11:54.0791 2248 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
19:11:54.0806 2248 HdAudAddService - ok
19:11:54.0806 2248 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:11:54.0806 2248 HDAudBus - ok
19:11:54.0822 2248 hibernation - ok
19:11:54.0822 2248 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:11:54.0822 2248 HidBatt - ok
19:11:54.0837 2248 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:11:54.0837 2248 HidBth - ok
19:11:54.0837 2248 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:11:54.0837 2248 HidIr - ok
19:11:54.0853 2248 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
19:11:54.0853 2248 hidserv - ok
19:11:54.0853 2248 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
19:11:54.0853 2248 HidUsb - ok
19:11:54.0869 2248 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
19:11:54.0869 2248 hkmsvc - ok
19:11:54.0884 2248 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
19:11:54.0884 2248 HomeGroupListener - ok
19:11:54.0900 2248 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
19:11:54.0900 2248 HomeGroupProvider - ok
19:11:54.0900 2248 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:11:54.0900 2248 HpSAMD - ok
19:11:54.0931 2248 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
19:11:54.0931 2248 HTTP - ok
19:11:54.0947 2248 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
19:11:54.0947 2248 hwpolicy - ok
19:11:54.0947 2248 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
19:11:54.0947 2248 i8042prt - ok
19:11:54.0978 2248 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
19:11:54.0978 2248 iaStorV - ok
19:11:55.0009 2248 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:11:55.0025 2248 idsvc - ok
19:11:55.0337 2248 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:11:55.0446 2248 igfx - ok
19:11:55.0493 2248 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:11:55.0493 2248 iirsp - ok
19:11:55.0508 2248 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
19:11:55.0524 2248 IKEEXT - ok
19:11:55.0539 2248 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
19:11:55.0539 2248 intelide - ok
19:11:55.0539 2248 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:11:55.0539 2248 intelppm - ok
19:11:55.0555 2248 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:11:55.0555 2248 IPBusEnum - ok
19:11:55.0555 2248 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:11:55.0555 2248 IpFilterDriver - ok
19:11:55.0586 2248 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
19:11:55.0586 2248 iphlpsvc - ok
19:11:55.0602 2248 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:11:55.0602 2248 IPMIDRV - ok
19:11:55.0602 2248 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:11:55.0602 2248 IPNAT - ok
19:11:55.0649 2248 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
19:11:55.0649 2248 iPod Service - ok
19:11:55.0664 2248 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:11:55.0664 2248 IRENUM - ok
19:11:55.0664 2248 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
19:11:55.0664 2248 isapnp - ok
19:11:55.0680 2248 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
19:11:55.0680 2248 iScsiPrt - ok
19:11:55.0680 2248 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:11:55.0695 2248 kbdclass - ok
19:11:55.0695 2248 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
19:11:55.0695 2248 kbdhid - ok
19:11:55.0695 2248 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:11:55.0711 2248 KeyIso - ok
19:11:55.0711 2248 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
19:11:55.0711 2248 KSecDD - ok
19:11:55.0727 2248 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
19:11:55.0727 2248 KSecPkg - ok
19:11:55.0742 2248 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:11:55.0742 2248 KtmRm - ok
19:11:55.0758 2248 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\System32\srvsvc.dll
19:11:55.0773 2248 LanmanServer - ok
19:11:55.0773 2248 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
19:11:55.0773 2248 LanmanWorkstation - ok
19:11:55.0789 2248 LHidFilt - ok
19:11:55.0789 2248 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:11:55.0789 2248 lltdio - ok
19:11:55.0805 2248 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:11:55.0805 2248 lltdsvc - ok
19:11:55.0820 2248 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:11:55.0820 2248 lmhosts - ok
19:11:55.0836 2248 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:11:55.0836 2248 LSI_FC - ok
19:11:55.0836 2248 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:11:55.0836 2248 LSI_SAS - ok
19:11:55.0851 2248 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:11:55.0851 2248 LSI_SAS2 - ok
19:11:55.0851 2248 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:11:55.0851 2248 LSI_SCSI - ok
19:11:55.0867 2248 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:11:55.0867 2248 luafv - ok
19:11:55.0867 2248 MASPINT - ok
19:11:55.0883 2248 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
19:11:55.0883 2248 MBAMProtector - ok
19:11:55.0914 2248 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:11:55.0914 2248 MBAMService - ok
19:11:55.0929 2248 mcdbus - ok
19:11:55.0929 2248 mcp - ok
19:11:55.0945 2248 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
19:11:55.0945 2248 Mcx2Svc - ok
19:11:55.0945 2248 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:11:55.0945 2248 megasas - ok
19:11:55.0961 2248 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:11:55.0976 2248 MegaSR - ok
19:11:55.0976 2248 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:11:55.0976 2248 Microsoft Office Groove Audit Service - ok
19:11:55.0992 2248 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:11:55.0992 2248 MMCSS - ok
19:11:55.0992 2248 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:11:55.0992 2248 Modem - ok
19:11:56.0007 2248 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:11:56.0007 2248 monitor - ok
19:11:56.0007 2248 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:11:56.0007 2248 mouclass - ok
19:11:56.0023 2248 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:11:56.0023 2248 mouhid - ok
19:11:56.0023 2248 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
19:11:56.0023 2248 mountmgr - ok
19:11:56.0039 2248 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
19:11:56.0039 2248 mpio - ok
19:11:56.0039 2248 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:11:56.0054 2248 mpsdrv - ok
19:11:56.0070 2248 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
19:11:56.0070 2248 MpsSvc - ok
19:11:56.0085 2248 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
19:11:56.0101 2248 MRxDAV - ok
19:11:56.0117 2248 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:11:56.0117 2248 mrxsmb - ok
19:11:56.0132 2248 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:11:56.0132 2248 mrxsmb10 - ok
19:11:56.0132 2248 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:11:56.0148 2248 mrxsmb20 - ok
19:11:56.0148 2248 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
19:11:56.0148 2248 msahci - ok
19:11:56.0163 2248 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
19:11:56.0163 2248 msdsm - ok
19:11:56.0163 2248 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:11:56.0163 2248 MSDTC - ok
19:11:56.0179 2248 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:11:56.0179 2248 Msfs - ok
19:11:56.0195 2248 MSFWHLPR - ok
19:11:56.0195 2248 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:11:56.0195 2248 mshidkmdf - ok
19:11:56.0195 2248 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
19:11:56.0210 2248 msisadrv - ok
19:11:56.0210 2248 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:11:56.0210 2248 MSiSCSI - ok
19:11:56.0226 2248 msiserver - ok
19:11:56.0226 2248 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:11:56.0226 2248 MSKSSRV - ok
19:11:56.0226 2248 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:11:56.0241 2248 MSPCLOCK - ok
19:11:56.0241 2248 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:11:56.0241 2248 MSPQM - ok
19:11:56.0257 2248 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:11:56.0257 2248 MsRPC - ok
19:11:56.0257 2248 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
19:11:56.0257 2248 mssmbios - ok
19:11:56.0273 2248 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:11:56.0273 2248 MSTEE - ok
19:11:56.0273 2248 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:11:56.0273 2248 MTConfig - ok
19:11:56.0288 2248 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:11:56.0288 2248 Mup - ok
19:11:56.0304 2248 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
19:11:56.0304 2248 napagent - ok
19:11:56.0319 2248 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:11:56.0319 2248 NativeWifiP - ok
19:11:56.0335 2248 naveng - ok
19:11:56.0366 2248 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
19:11:56.0366 2248 NDIS - ok
19:11:56.0366 2248 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:11:56.0366 2248 NdisCap - ok
19:11:56.0382 2248 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:11:56.0382 2248 NdisTapi - ok
19:11:56.0382 2248 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
19:11:56.0382 2248 Ndisuio - ok
19:11:56.0397 2248 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
19:11:56.0397 2248 NdisWan - ok
19:11:56.0413 2248 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
19:11:56.0413 2248 NDProxy - ok
19:11:56.0444 2248 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
19:11:56.0444 2248 Nero BackItUp Scheduler 4.0 - ok
19:11:56.0460 2248 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:11:56.0460 2248 NetBIOS - ok
19:11:56.0475 2248 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
19:11:56.0475 2248 NetBT - ok
19:11:56.0475 2248 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:11:56.0475 2248 Netlogon - ok
19:11:56.0491 2248 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:11:56.0491 2248 Netman - ok
19:11:56.0522 2248 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:11:56.0522 2248 netprofm - ok
19:11:56.0522 2248 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:11:56.0538 2248 NetTcpPortSharing - ok
19:11:56.0709 2248 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
19:11:56.0787 2248 netw5v32 - ok
19:11:56.0850 2248 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:11:56.0865 2248 nfrd960 - ok
19:11:56.0897 2248 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
19:11:56.0897 2248 NlaSvc - ok
19:11:56.0928 2248 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:11:56.0928 2248 Npfs - ok
19:11:56.0943 2248 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:11:56.0943 2248 nsi - ok
19:11:56.0975 2248 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:11:56.0975 2248 nsiproxy - ok
19:11:57.0068 2248 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
19:11:57.0099 2248 Ntfs - ok
19:11:57.0162 2248 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:11:57.0162 2248 Null - ok
19:11:57.0177 2248 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
19:11:57.0193 2248 nvraid - ok
19:11:57.0224 2248 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
19:11:57.0224 2248 nvstor - ok
19:11:57.0240 2248 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
19:11:57.0255 2248 nv_agp - ok
19:11:57.0271 2248 NWHOST - ok
19:11:57.0302 2248 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:11:57.0302 2248 odserv - ok
19:11:57.0318 2248 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
19:11:57.0318 2248 ohci1394 - ok
19:11:57.0333 2248 OpcEnum - ok
19:11:57.0349 2248 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:11:57.0349 2248 ose - ok
19:11:57.0380 2248 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:11:57.0396 2248 p2pimsvc - ok
19:11:57.0411 2248 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:11:57.0427 2248 p2psvc - ok
19:11:57.0443 2248 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:11:57.0443 2248 Parport - ok
19:11:57.0458 2248 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
19:11:57.0458 2248 partmgr - ok
19:11:57.0474 2248 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:11:57.0474 2248 Parvdm - ok
19:11:57.0489 2248 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:11:57.0489 2248 PcaSvc - ok
19:11:57.0505 2248 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
19:11:57.0521 2248 pci - ok
19:11:57.0536 2248 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
19:11:57.0536 2248 pciide - ok
19:11:57.0552 2248 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:11:57.0552 2248 pcmcia - ok
19:11:57.0567 2248 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:11:57.0567 2248 pcw - ok
19:11:57.0583 2248 pdscheduler - ok
19:11:57.0614 2248 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:11:57.0630 2248 PEAUTH - ok
19:11:57.0645 2248 pepifilter - ok
19:11:57.0723 2248 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
19:11:57.0755 2248 pla - ok
19:11:57.0801 2248 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
19:11:57.0801 2248 PlugPlay - ok
19:11:57.0817 2248 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:11:57.0817 2248 PNRPAutoReg - ok
19:11:57.0848 2248 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:11:57.0848 2248 PNRPsvc - ok
19:11:57.0879 2248 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
19:11:57.0895 2248 PolicyAgent - ok
19:11:57.0911 2248 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
19:11:57.0911 2248 Power - ok
19:11:57.0926 2248 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:11:57.0926 2248 PptpMiniport - ok
19:11:57.0942 2248 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:11:57.0942 2248 Processor - ok
19:11:57.0957 2248 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
19:11:57.0957 2248 ProfSvc - ok
19:11:57.0973 2248 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:11:57.0973 2248 ProtectedStorage - ok
19:11:57.0989 2248 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:11:57.0989 2248 Psched - ok
19:11:58.0004 2248 puscsrvc - ok
19:11:58.0067 2248 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:11:58.0082 2248 ql2300 - ok
19:11:58.0113 2248 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:11:58.0113 2248 ql40xx - ok
19:11:58.0129 2248 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:11:58.0145 2248 QWAVE - ok
19:11:58.0160 2248 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:11:58.0160 2248 QWAVEdrv - ok
19:11:58.0176 2248 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:11:58.0176 2248 RasAcd - ok
19:11:58.0176 2248 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:11:58.0176 2248 RasAgileVpn - ok
19:11:58.0191 2248 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:11:58.0207 2248 RasAuto - ok
19:11:58.0223 2248 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:11:58.0223 2248 Rasl2tp - ok
19:11:58.0238 2248 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
19:11:58.0238 2248 RasMan - ok
19:11:58.0254 2248 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:11:58.0254 2248 RasPppoe - ok
19:11:58.0269 2248 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:11:58.0269 2248 RasSstp - ok
19:11:58.0285 2248 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
19:11:58.0285 2248 rdbss - ok
19:11:58.0301 2248 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:11:58.0301 2248 rdpbus - ok
19:11:58.0316 2248 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:11:58.0316 2248 RDPCDD - ok
19:11:58.0332 2248 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:11:58.0332 2248 RDPENCDD - ok
19:11:58.0347 2248 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:11:58.0347 2248 RDPREFMP - ok
19:11:58.0363 2248 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys
19:11:58.0363 2248 RDPWD - ok
19:11:58.0379 2248 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
19:11:58.0394 2248 rdyboost - ok
19:11:58.0394 2248 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:11:58.0410 2248 RemoteAccess - ok
19:11:58.0410 2248 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:11:58.0425 2248 RemoteRegistry - ok
19:11:58.0425 2248 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
19:11:58.0441 2248 RimUsb - ok
19:11:58.0441 2248 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
19:11:58.0441 2248 RimVSerPort - ok
19:11:58.0457 2248 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
19:11:58.0457 2248 ROOTMODEM - ok
19:11:58.0472 2248 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:11:58.0472 2248 RpcEptMapper - ok
19:11:58.0488 2248 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:11:58.0488 2248 RpcLocator - ok
19:11:58.0519 2248 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\System32\rpcss.dll
19:11:58.0519 2248 RpcSs - ok
19:11:58.0535 2248 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:11:58.0535 2248 rspndr - ok
19:11:58.0550 2248 s117unic - ok
19:11:58.0550 2248 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:11:58.0550 2248 SamSs - ok
19:11:58.0566 2248 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
19:11:58.0566 2248 sbp2port - ok
19:11:58.0581 2248 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:11:58.0597 2248 SCardSvr - ok
19:11:58.0597 2248 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
19:11:58.0613 2248 scfilter - ok
19:11:58.0644 2248 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
19:11:58.0644 2248 Schedule - ok
19:11:58.0659 2248 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
19:11:58.0659 2248 SCPolicySvc - ok
19:11:58.0691 2248 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys
19:11:58.0691 2248 sdbus - ok
19:11:58.0706 2248 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
19:11:58.0706 2248 SDRSVC - ok
19:11:58.0722 2248 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
19:11:58.0722 2248 SeaPort - ok
19:11:58.0737 2248 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:11:58.0737 2248 secdrv - ok
19:11:58.0753 2248 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:11:58.0753 2248 seclogon - ok
19:11:58.0769 2248 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
19:11:58.0769 2248 SENS - ok
19:11:58.0784 2248 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
19:11:58.0784 2248 SensrSvc - ok
19:11:58.0800 2248 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:11:58.0800 2248 Serenum - ok
19:11:58.0815 2248 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:11:58.0815 2248 Serial - ok
19:11:58.0831 2248 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:11:58.0831 2248 sermouse - ok
19:11:58.0847 2248 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
19:11:58.0862 2248 SessionEnv - ok
19:11:58.0862 2248 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
19:11:58.0862 2248 sffdisk - ok
19:11:58.0878 2248 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:11:58.0878 2248 sffp_mmc - ok
19:11:58.0893 2248 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:11:58.0893 2248 sffp_sd - ok
19:11:58.0909 2248 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:11:58.0909 2248 sfloppy - ok
19:11:58.0925 2248 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:11:58.0925 2248 SharedAccess - ok
19:11:58.0956 2248 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
19:11:58.0956 2248 ShellHWDetection - ok
19:11:58.0971 2248 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
19:11:58.0971 2248 sisagp - ok
19:11:58.0987 2248 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:11:58.0987 2248 SiSRaid2 - ok
19:11:59.0003 2248 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:11:59.0003 2248 SiSRaid4 - ok
19:11:59.0018 2248 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:11:59.0018 2248 Smb - ok
19:11:59.0034 2248 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:11:59.0049 2248 SNMPTRAP - ok
19:11:59.0065 2248 snoopfreesvc - ok
19:11:59.0065 2248 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:11:59.0065 2248 spldr - ok
19:11:59.0096 2248 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
19:11:59.0096 2248 Spooler - ok
19:11:59.0205 2248 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
19:11:59.0252 2248 sppsvc - ok
19:11:59.0283 2248 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
19:11:59.0283 2248 sppuinotify - ok
19:11:59.0299 2248 SRS_SSCFilter - ok
19:11:59.0330 2248 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
19:11:59.0330 2248 srv - ok
19:11:59.0346 2248 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
19:11:59.0346 2248 srv2 - ok
19:11:59.0361 2248 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
19:11:59.0377 2248 srvnet - ok
19:11:59.0393 2248 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:11:59.0393 2248 SSDPSRV - ok
19:11:59.0408 2248 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:11:59.0408 2248 SstpSvc - ok
19:11:59.0424 2248 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:11:59.0424 2248 stexstor - ok
19:11:59.0439 2248 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
19:11:59.0455 2248 StiSvc - ok
19:11:59.0471 2248 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
19:11:59.0471 2248 swenum - ok
19:11:59.0486 2248 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:11:59.0486 2248 swprv - ok
19:11:59.0533 2248 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
19:11:59.0564 2248 SysMain - ok
19:11:59.0564 2248 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
19:11:59.0580 2248 TabletInputService - ok
19:11:59.0595 2248 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
19:11:59.0595 2248 TapiSrv - ok
19:11:59.0611 2248 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:11:59.0611 2248 TBS - ok
19:11:59.0673 2248 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
19:11:59.0689 2248 Tcpip - ok
19:11:59.0767 2248 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
19:11:59.0783 2248 TCPIP6 - ok
19:11:59.0814 2248 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
19:11:59.0814 2248 tcpipreg - ok
19:11:59.0829 2248 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
19:11:59.0845 2248 TDPIPE - ok
19:11:59.0845 2248 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys
19:11:59.0845 2248 TDTCP - ok
19:11:59.0861 2248 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
19:11:59.0861 2248 tdx - ok
19:11:59.0876 2248 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
19:11:59.0876 2248 TermDD - ok
19:11:59.0907 2248 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
19:11:59.0923 2248 TermService - ok
19:11:59.0923 2248 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:11:59.0939 2248 Themes - ok
19:11:59.0939 2248 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:11:59.0939 2248 THREADORDER - ok
19:11:59.0954 2248 TMBMServer - ok
19:11:59.0970 2248 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:11:59.0970 2248 TrkWks - ok
19:11:59.0985 2248 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
19:11:59.0985 2248 TrustedInstaller - ok
19:12:00.0017 2248 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:12:00.0017 2248 tssecsrv - ok
19:12:00.0032 2248 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
19:12:00.0032 2248 tunnel - ok
19:12:00.0048 2248 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:12:00.0048 2248 uagp35 - ok
19:12:00.0063 2248 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
19:12:00.0063 2248 udfs - ok
19:12:00.0095 2248 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:12:00.0095 2248 UI0Detect - ok
19:12:00.0110 2248 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:12:00.0110 2248 uliagpkx - ok
19:12:00.0126 2248 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
19:12:00.0126 2248 umbus - ok
19:12:00.0126 2248 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:12:00.0141 2248 UmPass - ok
19:12:00.0141 2248 umxfwhlp - ok
19:12:00.0157 2248 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:12:00.0173 2248 upnphost - ok
19:12:00.0188 2248 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
19:12:00.0188 2248 USBAAPL - ok
19:12:00.0204 2248 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
19:12:00.0204 2248 usbccgp - ok
19:12:00.0219 2248 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
19:12:00.0219 2248 usbcir - ok
19:12:00.0235 2248 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
19:12:00.0235 2248 usbehci - ok
19:12:00.0251 2248 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
19:12:00.0251 2248 usbhub - ok
19:12:00.0266 2248 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
19:12:00.0266 2248 usbohci - ok
19:12:00.0282 2248 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:12:00.0282 2248 usbprint - ok
19:12:00.0297 2248 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:12:00.0297 2248 USBSTOR - ok
19:12:00.0313 2248 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys
19:12:00.0313 2248 usbuhci - ok
19:12:00.0329 2248 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:12:00.0329 2248 UxSms - ok
19:12:00.0344 2248 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:12:00.0344 2248 VaultSvc - ok
19:12:00.0360 2248 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:12:00.0360 2248 vdrvroot - ok
19:12:00.0375 2248 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
19:12:00.0391 2248 vds - ok
19:12:00.0407 2248 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:12:00.0407 2248 vga - ok
19:12:00.0407 2248 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:12:00.0407 2248 VgaSave - ok
19:12:00.0422 2248 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
19:12:00.0438 2248 vhdmp - ok
19:12:00.0438 2248 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
19:12:00.0453 2248 viaagp - ok
19:12:00.0453 2248 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:12:00.0453 2248 ViaC7 - ok
19:12:00.0469 2248 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
19:12:00.0469 2248 viaide - ok
19:12:00.0485 2248 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
19:12:00.0485 2248 volmgr - ok
19:12:00.0500 2248 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:12:00.0516 2248 volmgrx - ok
19:12:00.0531 2248 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
19:12:00.0531 2248 volsnap - ok
19:12:00.0547 2248 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:12:00.0547 2248 vsmraid - ok
19:12:00.0578 2248 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
19:12:00.0594 2248 VSS - ok
19:12:00.0609 2248 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:12:00.0609 2248 vwifibus - ok
19:12:00.0625 2248 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:12:00.0625 2248 W32Time - ok
19:12:00.0641 2248 W55U01 - ok
19:12:00.0641 2248 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:12:00.0641 2248 WacomPen - ok
19:12:00.0656 2248 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:12:00.0656 2248 WANARP - ok
19:12:00.0656 2248 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:12:00.0656 2248 Wanarpv6 - ok
19:12:00.0719 2248 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
19:12:00.0734 2248 WatAdminSvc - ok
19:12:00.0812 2248 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
19:12:00.0828 2248 wbengine - ok
19:12:00.0843 2248 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:12:00.0843 2248 WbioSrvc - ok
19:12:00.0859 2248 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll
19:12:00.0875 2248 wcncsvc - ok
19:12:00.0875 2248 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:12:00.0890 2248 WcsPlugInService - ok
19:12:00.0906 2248 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:12:00.0906 2248 Wd - ok
19:12:00.0906 2248 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
19:12:00.0921 2248 WDC_SAM - ok
19:12:00.0937 2248 WDDMService (7d1e301e2eeaf6d3730887de933413e6) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
19:12:00.0937 2248 WDDMService - ok
19:12:00.0968 2248 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:12:00.0984 2248 Wdf01000 - ok
19:12:00.0999 2248 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:12:00.0999 2248 WdiServiceHost - ok
19:12:01.0015 2248 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:12:01.0015 2248 WdiSystemHost - ok
19:12:01.0031 2248 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
19:12:01.0031 2248 WDSmartWareBackgroundService - ok
19:12:01.0062 2248 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll
19:12:01.0062 2248 WebClient - ok
19:12:01.0077 2248 websenserealtimeanalyzer - ok
19:12:01.0109 2248 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:12:01.0109 2248 Wecsvc - ok
19:12:01.0140 2248 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:12:01.0140 2248 wercplsupport - ok
19:12:01.0155 2248 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:12:01.0155 2248 WerSvc - ok
19:12:01.0171 2248 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:12:01.0171 2248 WfpLwf - ok
19:12:01.0187 2248 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:12:01.0187 2248 WIMMount - ok
19:12:01.0233 2248 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:12:01.0249 2248 WinDefend - ok
19:12:01.0249 2248 WinHttpAutoProxySvc - ok
19:12:01.0280 2248 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:12:01.0280 2248 Winmgmt - ok
19:12:01.0358 2248 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
19:12:01.0389 2248 WinRM - ok
19:12:01.0405 2248 wintab32 - ok
19:12:01.0436 2248 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUSB.sys
19:12:01.0436 2248 WinUsb - ok
19:12:01.0483 2248 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:12:01.0499 2248 Wlansvc - ok
19:12:01.0514 2248 WLAN_USB - ok
19:12:01.0623 2248 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:12:01.0655 2248 wlidsvc - ok
19:12:01.0701 2248 WmaCDriverV32 - ok
19:12:01.0717 2248 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:12:01.0717 2248 WmiAcpi - ok
19:12:01.0748 2248 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:12:01.0748 2248 wmiApSrv - ok
19:12:01.0811 2248 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:12:01.0842 2248 WMPNetworkSvc - ok
19:12:01.0889 2248 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:12:01.0904 2248 WPCSvc - ok
19:12:01.0904 2248 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
19:12:01.0920 2248 WPDBusEnum - ok
19:12:01.0935 2248 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:12:01.0935 2248 ws2ifsl - ok
19:12:01.0951 2248 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\system32\wscsvc.dll
19:12:01.0951 2248 wscsvc - ok
19:12:01.0967 2248 WSearch - ok
19:12:02.0076 2248 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
19:12:02.0123 2248 wuauserv - ok
19:12:02.0185 2248 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
19:12:02.0185 2248 WudfPf - ok
19:12:02.0201 2248 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:12:02.0201 2248 WUDFRd - ok
19:12:02.0216 2248 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
19:12:02.0232 2248 wudfsvc - ok
19:12:02.0247 2248 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:12:02.0247 2248 WwanSvc - ok
19:12:02.0263 2248 XilinxPC4Driver (6104f397127feeccce16bd16cd3843a6) C:\Windows\System32\drivers\xpc4drvr.sys
19:12:02.0263 2248 XilinxPC4Driver - ok
19:12:02.0279 2248 z800bus - ok
19:12:02.0294 2248 zpnodecollector - ok
19:12:02.0325 2248 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:12:02.0325 2248 \Device\Harddisk0\DR0 - ok
19:12:02.0341 2248 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR2
19:12:02.0419 2248 \Device\Harddisk1\DR2 - ok
19:12:02.0435 2248 Boot (0x1200) (32dd58855755ee2ca18a8c61cc51637b) \Device\Harddisk0\DR0\Partition0
19:12:02.0435 2248 \Device\Harddisk0\DR0\Partition0 - ok
19:12:02.0435 2248 Boot (0x1200) (8f0738f899459fa9d708b4aaf70a8d14) \Device\Harddisk0\DR0\Partition1
19:12:02.0435 2248 \Device\Harddisk0\DR0\Partition1 - ok
19:12:02.0450 2248 Boot (0x1200) (6c8eeb9621c1451f9c0839fbe9e96142) \Device\Harddisk1\DR2\Partition0
19:12:02.0450 2248 \Device\Harddisk1\DR2\Partition0 - ok
19:12:02.0450 2248 ============================================================
19:12:02.0450 2248 Scan finished
19:12:02.0450 2248 ============================================================
19:12:02.0481 3224 Detected object count: 0
19:12:02.0481 3224 Actual detected object count: 0
#54
Posted 24 May 2012 - 12:35 AM
maliprog
-
- Malware Removal
-
- 6,172 posts
Trusted Helper
I see that you are using wireless connection to access network. Could you try to connect your system with cable to network and then do this steps bellow.
If you can't connect it with cable then just do this steps and post log for me.
Step 1
Step 2
NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!
Please close all running programs and Run OTL
Step 3
Download SubInACL.exe from Here
Double click to install it
By default it installs the tool in C:\Program Files\Windows Resource Kits\Tools\
Please allow it to do so.
Now download reset.zip from below
reset.zip 297bytes
132 downloads
Extract reset.cmd from zip file to C:\Program Files\Windows Resource Kits\Tools\.
Right click on it and select Run as administrator
Step 4
Please run Farbar Service Scanner (FSS) as you did last time with all selections enabled and post log
Step 5
Please run MiniToolBox with all option enabled and post log here for me.
Step 6
Please don't forget to include these items in your reply:
If you can't connect it with cable then just do this steps and post log for me.
Step 1
- Go to Start and right click on Network and then click Properties.
- Network and Sharing Center window will appear, after that click Manage network connections.
- Network Connections window will appears. Here you can right click on the network card that you wish to disable IPv6 and click Properties.
- In the Local Area Connection Properties window, untick Internet Protocol Version 6 (TCP/IPv6) and click OK.
Step 2
NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!
Please close all running programs and Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters]
"DisabledComponents"=dword:0fffffff
:Files
reg export "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip" "%userprofile%\Desktop\tcpip.reg" /c
reg export "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinSock2\Parameters" "%userprofile%\Desktop\winsock2.reg" /c
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles
Step 3
Download SubInACL.exe from Here
Double click to install it
By default it installs the tool in C:\Program Files\Windows Resource Kits\Tools\
Please allow it to do so.
Now download reset.zip from below
reset.zip 297bytes
132 downloadsExtract reset.cmd from zip file to C:\Program Files\Windows Resource Kits\Tools\.
Right click on it and select Run as administrator
Step 4
Please run Farbar Service Scanner (FSS) as you did last time with all selections enabled and post log
Step 5
Please run MiniToolBox with all option enabled and post log here for me.
Step 6
Please don't forget to include these items in your reply:
- FSS log
- MiniToolBox log
- OTL fix log
- tcpip.reg and winsock2.reg ZIP file attached to your reply
#55
Posted 28 May 2012 - 12:59 AM
soggywaffles
- Topic Starter
-
- Member
-
- 45 posts
Member
How long does it take the OTL fix to work? It's been running for 30+ minutes and it seems to be stuck on the exporting tcpip.reg in the command prompt.
#56
Posted 28 May 2012 - 03:26 AM
farbar
-
- Expert
-
- 503 posts
Developer
Hello soggywaffles,
While my good colleague maliprog is taking a break I'm going to assist you.
Please disregard the rest of the steps from previous post.
Now we are going for a major fix, a clean reinstall of TCP/IP protocol. I believe this might be the first time that it will be done on a forum on a Windows 7 system. You need to go to the Command Prompt from System Recovery Option not from normal or safe mode.
Please make sure you follow the steps carefully. We concentrate on Local Area connection and not the wireless connection. If in any stage you have questions or doubts please feel free to post before proceeding.
This is how to to enter System Recovery Options:
To enter System Recovery Options from the Advanced Boot Options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt[*]Select Command Prompt
[/list]
**************
While my good colleague maliprog is taking a break I'm going to assist you.
Please disregard the rest of the steps from previous post.
Now we are going for a major fix, a clean reinstall of TCP/IP protocol. I believe this might be the first time that it will be done on a forum on a Windows 7 system. You need to go to the Command Prompt from System Recovery Option not from normal or safe mode.
Please make sure you follow the steps carefully. We concentrate on Local Area connection and not the wireless connection. If in any stage you have questions or doubts please feel free to post before proceeding.
This is how to to enter System Recovery Options:
To enter System Recovery Options from the Advanced Boot Options:
- Restart the computer.
- As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
- Use the arrow keys to select the Repair your computer menu item.
- Choose your language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account and click Next.
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt[*]Select Command Prompt
[/list]
**************
- Boot the computer to System Recovery Options and select "Command Prompt"
- Type the following in the command prompt and press Enter: notepad c:\windows\inf\nettcpip.inf
(note that there is space after notepad) - A file opens in the notepad. Under TCP/IP Primary Install section find the following: Characteristics = 0xA0
- Edit 0xA0 and replace it with 0x80 (replace A with 8)
- Under File menu click Save and close the notepad.
- Close the command prompt window and select "Restart". Let the computer boot normally.
- Type the following in the command prompt and press Enter: notepad c:\windows\inf\nettcpip.inf
- Go to Start ==> Control Panel. Open Network and Sharing Center. From the left pane select "Change adapter Settings". Right-click Local Area Connection, and select Properties.
- On the Networking tab, click Install a popup window opens.
- Select Protocol from the list and then click Add.
- A new window opens, click Have Disk....
- In the browse... box type c:\windows\inf
- Click OK. A new window pops up with options.
- Select Internet Protocol Version 4 (TCP/Ipv4), and then click OK.
- On the Local Area Connection Properties screen select Internet Protocol Version 4 (TCP/Ipv4) and click Uninstall, and then click Yes to the prompt. (you may get notified that a driver is not digitally singed, this is normal).
- Important: It will take some time, wait until it asks to restart.
- Confirm the "Restart" prompt.
- Boot the computer to System Recovery Options and select "Command Prompt"
- Type the following in the command prompt and press Enter: notepad c:\windows\inf\nettcpip.inf
(note that there is space after notepad) - A file opens in the notepad. Under TCP/IP Primary Install section find the following: Characteristics = 0x80
- Edit 0x80 and replace it with 0xA0 (replace 8 with A)
- Under File menu click Save and close the notepad.
- Close the command prompt window and select "Restart". Let the computer boot normally.
- Type the following in the command prompt and press Enter: notepad c:\windows\inf\nettcpip.inf
- Go to Start ==> Control Panel. Open Network and Sharing Center. From the left pane select "Change adapter Settings". Right-click Local Area Connection, and select Properties.
- On the General tab, click Install
- A popup window opens. Select Protocol and click "Add...".
- A new popup window opens. Select Internet Protocol Version 4 (TCP/Ipv4), and then click OK and wait.
- [color=red]Important: Confirm the "Restart" prompt.
- After restart check internet connection while your are (preferably wired) connected to the router/modem. If you have no connection please run Farbar Service Scanner, click scan and save the log as FSS1.txt otherwise the log will be overwritten by the subsequent run of the tool.
- Only if you don't have internet connection at this stage please download and unzip
dhcp.zip 318bytes
81 downloads
Transfer dhcp.reg to the problem computer double-click it and allow to merge.
- Restart the computer, after restart please check internet connection and run Farbar Service Scanner and post the log along with the previous log (FSS1.txt).
#57
Posted 28 May 2012 - 12:26 PM
farbar
-
- Expert
-
- 503 posts
Developer
Before doing the steps in my last post, just to make sure we reinstall everything to its default please reverse the change made in Post #54 as follows:
Download and unzip
enable.zip 300bytes
124 downloads
Transfer enable.reg it to the problem computer, double-click on it and confirm the prompt.
Then redo Step 1, number 4 of Post #54 but this time put a checkmark next to Internet Protocol Version 6 (TCP/IPv6) and click OK.
After doing these two steps please start with the steps in my previous post.
Download and unzip
enable.zip 300bytes
124 downloadsTransfer enable.reg it to the problem computer, double-click on it and confirm the prompt.
Then redo Step 1, number 4 of Post #54 but this time put a checkmark next to Internet Protocol Version 6 (TCP/IPv6) and click OK.
After doing these two steps please start with the steps in my previous post.
#58
Posted 29 May 2012 - 01:59 AM
soggywaffles
- Topic Starter
-
- Member
-
- 45 posts
Member
For the "In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive." I don't have a frst.exe file in my flash drive.
Note: Replace letter e with the drive letter of your flash drive." I don't have a frst.exe file in my flash drive.
#59
Posted 29 May 2012 - 02:10 AM
farbar
-
- Expert
-
- 503 posts
Developer
My bad. I'm sorry, that part is not needed. I edited the post to avoid any confusion. Please only follow the part that is left.
Did you restore the changes as I requested in my last post? If yes please proceed.
Did you restore the changes as I requested in my last post? If yes please proceed.
#60
Posted 29 May 2012 - 02:19 AM
soggywaffles
- Topic Starter
-
- Member
-
- 45 posts
Member
The step "Type the following in the command prompt and press Enter: notepad c:\windows\inf\nettcpip.inf
(note that there is space after notepad)" comes back with "The system cannot find the path specified."
(note that there is space after notepad)" comes back with "The system cannot find the path specified."
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
