Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Explorer Pages Repeating! [Solved]

Started by paukid , Aug 03 2012 04:24 PM

  • This topic is locked This topic is locked

#16
paukid
Posted 12 August 2012 - 08:44 AM

paukid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
hi Gammo
I just wanted to check in to see if there was anything more we could do together in order to get my computer back up and operating :)

I know today is Sunday and perhaps there is no time today but just wanted to check in

I really do appreciate all the help you have given me thus far

thanks so much
Paul
  • 0

Advertisements

#17
Gammo
Posted 12 August 2012 - 11:07 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.





Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#18
paukid
Posted 12 August 2012 - 12:55 PM

paukid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Hi Gammo
Here is the TDSSKILLER log.

the aswMBR log to follow shortly

Paul

14:41:25.0556 2744 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
14:41:25.0775 2744 ============================================================
14:41:25.0775 2744 Current date / time: 2012/08/12 14:41:25.0775
14:41:25.0775 2744 SystemInfo:
14:41:25.0775 2744
14:41:25.0775 2744 OS Version: 5.1.2600 ServicePack: 3.0
14:41:25.0775 2744 Product type: Workstation
14:41:25.0775 2744 ComputerName: PAUKID
14:41:25.0775 2744 UserName: ME
14:41:25.0775 2744 Windows directory: C:\WINDOWS
14:41:25.0775 2744 System windows directory: C:\WINDOWS
14:41:25.0775 2744 Processor architecture: Intel x86
14:41:25.0775 2744 Number of processors: 4
14:41:25.0775 2744 Page size: 0x1000
14:41:25.0775 2744 Boot type: Normal boot
14:41:25.0775 2744 ============================================================
14:41:26.0744 2744 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
14:41:26.0853 2744 ============================================================
14:41:26.0853 2744 \Device\Harddisk0\DR0:
14:41:26.0869 2744 MBR partitions:
14:41:26.0884 2744 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x39A2081C
14:41:26.0884 2744 ============================================================
14:41:26.0916 2744 C: <-> \Device\Harddisk0\DR0\Partition0
14:41:26.0916 2744 ============================================================
14:41:26.0916 2744 Initialize success
14:41:26.0916 2744 ============================================================
14:44:16.0603 1708 ============================================================
14:44:16.0603 1708 Scan started
14:44:16.0603 1708 Mode: Manual; SigCheck; TDLFS;
14:44:16.0603 1708 ============================================================
14:44:16.0900 1708 Aavmker4 (0b27ae82c113d3687024d18459440426) C:\WINDOWS\system32\drivers\Aavmker4.sys
14:44:17.0072 1708 Aavmker4 - ok
14:44:17.0087 1708 Abiosdsk - ok
14:44:17.0103 1708 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:44:17.0587 1708 abp480n5 - ok
14:44:17.0712 1708 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:44:17.0728 1708 ACDaemon - ok
14:44:17.0759 1708 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:44:17.0884 1708 ACPI - ok
14:44:17.0916 1708 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:44:18.0009 1708 ACPIEC - ok
14:44:18.0072 1708 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:44:18.0072 1708 AdobeFlashPlayerUpdateSvc - ok
14:44:18.0103 1708 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:44:18.0197 1708 adpu160m - ok
14:44:18.0228 1708 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:44:18.0306 1708 aec - ok
14:44:18.0337 1708 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:44:18.0369 1708 AFD - ok
14:44:18.0416 1708 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:44:18.0478 1708 agp440 - ok
14:44:18.0509 1708 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:44:18.0603 1708 agpCPQ - ok
14:44:18.0619 1708 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:44:18.0650 1708 Aha154x - ok
14:44:18.0681 1708 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:44:18.0775 1708 aic78u2 - ok
14:44:18.0791 1708 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:44:18.0884 1708 aic78xx - ok
14:44:18.0900 1708 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
14:44:18.0994 1708 Alerter - ok
14:44:19.0025 1708 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
14:44:19.0072 1708 ALG - ok
14:44:19.0087 1708 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
14:44:19.0166 1708 AliIde - ok
14:44:19.0197 1708 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:44:19.0275 1708 alim1541 - ok
14:44:19.0291 1708 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:44:19.0369 1708 amdagp - ok
14:44:19.0384 1708 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
14:44:19.0447 1708 amsint - ok
14:44:19.0478 1708 Angel2 (bca9980dd99ba3e2fb8c1702951aa8ea) C:\WINDOWS\system32\DRIVERS\Angel2.sys
14:44:19.0525 1708 Angel2 - ok
14:44:19.0619 1708 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
14:44:19.0634 1708 AOL ACS - ok
14:44:19.0697 1708 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
14:44:19.0759 1708 AppMgmt - ok
14:44:19.0791 1708 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:44:19.0869 1708 Arp1394 - ok
14:44:19.0884 1708 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
14:44:19.0978 1708 asc - ok
14:44:19.0994 1708 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:44:20.0041 1708 asc3350p - ok
14:44:20.0056 1708 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:44:20.0150 1708 asc3550 - ok
14:44:20.0181 1708 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys
14:44:20.0181 1708 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
14:44:20.0181 1708 Aspi32 - detected UnsignedFile.Multi.Generic (1)
14:44:20.0275 1708 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:44:20.0291 1708 aspnet_state - ok
14:44:20.0322 1708 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\WINDOWS\system32\drivers\aswFsBlk.sys
14:44:20.0337 1708 aswFsBlk - ok
14:44:20.0369 1708 aswFW (b5aaa12631877731a253e44202ffc5bc) C:\WINDOWS\system32\drivers\aswFW.sys
14:44:20.0384 1708 aswFW - ok
14:44:20.0431 1708 aswKbd (088be3ec42010310fe867f874b6fedf2) C:\WINDOWS\system32\drivers\aswKbd.sys
14:44:20.0431 1708 aswKbd - ok
14:44:20.0478 1708 aswMon2 (9e912fe7b41650701ef2b227aca440f3) C:\WINDOWS\system32\drivers\aswMon2.sys
14:44:20.0509 1708 aswMon2 - ok
14:44:20.0541 1708 aswNdis (7b948e3657bea62e437bc46ca6ef6012) C:\WINDOWS\system32\DRIVERS\aswNdis.sys
14:44:20.0556 1708 aswNdis - ok
14:44:20.0572 1708 aswNdis2 (0127263dfc8c4216c085338ce0c047c3) C:\WINDOWS\system32\drivers\aswNdis2.sys
14:44:20.0603 1708 aswNdis2 - ok
14:44:20.0650 1708 aswRdr (982e275d1c5801042fe94209fb0160fb) C:\WINDOWS\system32\drivers\aswRdr.sys
14:44:20.0666 1708 aswRdr - ok
14:44:20.0728 1708 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\WINDOWS\system32\drivers\aswSnx.sys
14:44:20.0775 1708 aswSnx - ok
14:44:20.0837 1708 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\WINDOWS\system32\drivers\aswSP.sys
14:44:20.0869 1708 aswSP - ok
14:44:20.0900 1708 aswTdi (7109a9aa551f37cd168c02368465957e) C:\WINDOWS\system32\drivers\aswTdi.sys
14:44:20.0916 1708 aswTdi - ok
14:44:20.0947 1708 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:44:21.0041 1708 AsyncMac - ok
14:44:21.0072 1708 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:44:21.0150 1708 atapi - ok
14:44:21.0150 1708 Atdisk - ok
14:44:21.0181 1708 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:44:21.0275 1708 Atmarpc - ok
14:44:21.0306 1708 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
14:44:21.0400 1708 AudioSrv - ok
14:44:21.0416 1708 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:44:21.0494 1708 audstub - ok
14:44:21.0587 1708 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:44:21.0603 1708 avast! Antivirus - ok
14:44:21.0650 1708 avast! Firewall (465a17095eb3b9e101429b669f495d01) C:\Program Files\AVAST Software\Avast\afwServ.exe
14:44:21.0666 1708 avast! Firewall - ok
14:44:21.0697 1708 b57w2k (8c0403aa21029804f31d869e6b0adedf) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
14:44:21.0744 1708 b57w2k - ok
14:44:21.0791 1708 BackupStack (50549f57f969a322ff904daf7d86a691) C:\Program Files\JustCloud\BackupStack.exe
14:44:21.0806 1708 BackupStack - ok
14:44:21.0837 1708 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:44:21.0931 1708 Beep - ok
14:44:21.0994 1708 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
14:44:22.0181 1708 BITS - ok
14:44:22.0212 1708 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
14:44:22.0306 1708 Browser - ok
14:44:22.0494 1708 catchme - ok
14:44:22.0525 1708 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:44:22.0603 1708 cbidf - ok
14:44:22.0619 1708 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:44:22.0697 1708 cbidf2k - ok
14:44:22.0712 1708 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:44:22.0806 1708 CCDECODE - ok
14:44:22.0837 1708 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:44:22.0869 1708 cd20xrnt - ok
14:44:22.0884 1708 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:44:22.0978 1708 Cdaudio - ok
14:44:22.0994 1708 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:44:23.0087 1708 Cdfs - ok
14:44:23.0103 1708 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:44:23.0212 1708 Cdrom - ok
14:44:23.0212 1708 Changer - ok
14:44:23.0244 1708 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
14:44:23.0337 1708 CiSvc - ok
14:44:23.0369 1708 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
14:44:23.0447 1708 ClipSrv - ok
14:44:23.0541 1708 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:44:23.0634 1708 clr_optimization_v2.0.50727_32 - ok
14:44:23.0712 1708 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:44:23.0791 1708 clr_optimization_v4.0.30319_32 - ok
14:44:23.0806 1708 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:44:23.0900 1708 CmdIde - ok
14:44:23.0900 1708 COMSysApp - ok
14:44:23.0916 1708 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:44:24.0025 1708 Cpqarray - ok
14:44:24.0056 1708 Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\WINDOWS\system32\CTsvcCDA.exe
14:44:24.0072 1708 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
14:44:24.0072 1708 Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)
14:44:24.0087 1708 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
14:44:24.0181 1708 CryptSvc - ok
14:44:24.0212 1708 CT20XUT.DLL (1fc326524a54e2f07caa851a6c92f864) C:\WINDOWS\system32\CT20XUT.DLL
14:44:24.0244 1708 CT20XUT.DLL - ok
14:44:24.0291 1708 ctac32k (a57a4a823b242aad1e090b86b6f8c5bf) C:\WINDOWS\system32\drivers\ctac32k.sys
14:44:24.0322 1708 ctac32k - ok
14:44:24.0353 1708 ctaud2k (c4aa86490482104c219c040f9e91eda8) C:\WINDOWS\system32\drivers\ctaud2k.sys
14:44:24.0384 1708 ctaud2k - ok
14:44:24.0431 1708 ctdvda2k (3e14e6d3cf3ddb9870925a73e7a87432) C:\WINDOWS\system32\drivers\ctdvda2k.sys
14:44:24.0462 1708 ctdvda2k - ok
14:44:24.0525 1708 CTEXFIFX.DLL (82bd15b057cc7de8dd17c6ddb030f637) C:\WINDOWS\system32\CTEXFIFX.DLL
14:44:24.0603 1708 CTEXFIFX.DLL - ok
14:44:24.0712 1708 CTHWIUT.DLL (41e06b6baf8dbd998745a21ea6f01206) C:\WINDOWS\system32\CTHWIUT.DLL
14:44:24.0712 1708 CTHWIUT.DLL - ok
14:44:24.0744 1708 ctprxy2k (0c57a7246e8fc0815bd6225a2704c9ea) C:\WINDOWS\system32\drivers\ctprxy2k.sys
14:44:24.0744 1708 ctprxy2k - ok
14:44:24.0775 1708 ctsfm2k (6b7c9d1f04b799eb67cc9063f5f754f7) C:\WINDOWS\system32\drivers\ctsfm2k.sys
14:44:24.0791 1708 ctsfm2k - ok
14:44:24.0822 1708 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:44:24.0916 1708 dac2w2k - ok
14:44:24.0931 1708 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:44:25.0009 1708 dac960nt - ok
14:44:25.0056 1708 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
14:44:25.0072 1708 DcomLaunch - ok
14:44:25.0103 1708 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
14:44:25.0197 1708 Dhcp - ok
14:44:25.0228 1708 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:44:25.0306 1708 Disk - ok
14:44:25.0306 1708 dlcq_device - ok
14:44:25.0306 1708 dmadmin - ok
14:44:25.0369 1708 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:44:25.0478 1708 dmboot - ok
14:44:25.0619 1708 DMDefragService (2caad3e488998887861c46b3027d0dc8) C:\Program Files\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
14:44:25.0681 1708 DMDefragService - ok
14:44:25.0806 1708 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:44:25.0900 1708 dmio - ok
14:44:25.0916 1708 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:44:26.0009 1708 dmload - ok
14:44:26.0181 1708 DMRepairService (e4bfebc56896951001f1297bf47d5341) C:\Program Files\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
14:44:26.0244 1708 DMRepairService - ok
14:44:26.0275 1708 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
14:44:26.0353 1708 dmserver - ok
14:44:26.0384 1708 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:44:26.0478 1708 DMusic - ok
14:44:26.0509 1708 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
14:44:26.0541 1708 Dnscache - ok
14:44:26.0556 1708 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
14:44:26.0650 1708 Dot3svc - ok
14:44:26.0681 1708 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:44:26.0775 1708 dpti2o - ok
14:44:26.0806 1708 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:44:26.0884 1708 drmkaud - ok
14:44:26.0900 1708 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:44:26.0994 1708 E100B - ok
14:44:27.0025 1708 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
14:44:27.0119 1708 EapHost - ok
14:44:27.0197 1708 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
14:44:27.0212 1708 ehRecvr - ok
14:44:27.0244 1708 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
14:44:27.0244 1708 ehSched - ok
14:44:27.0291 1708 emupia (4265a86853cd409c26ac2f0ff7dbc1c6) C:\WINDOWS\system32\drivers\emupia2k.sys
14:44:27.0306 1708 emupia - ok
14:44:27.0337 1708 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
14:44:27.0431 1708 ERSvc - ok
14:44:27.0462 1708 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:44:27.0509 1708 Eventlog - ok
14:44:27.0541 1708 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
14:44:27.0572 1708 EventSystem - ok
14:44:27.0869 1708 EyelineService (7728db436eade0cf9d7fc030e3954054) C:\Program Files\NCH Software\Eyeline\eyeline.exe
14:44:27.0916 1708 EyelineService ( UnsignedFile.Multi.Generic ) - warning
14:44:27.0916 1708 EyelineService - detected UnsignedFile.Multi.Generic (1)
14:44:28.0103 1708 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:44:28.0181 1708 Fastfat - ok
14:44:28.0212 1708 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:44:28.0259 1708 FastUserSwitchingCompatibility - ok
14:44:28.0291 1708 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
14:44:28.0400 1708 Fax - ok
14:44:28.0416 1708 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:44:28.0509 1708 Fdc - ok
14:44:28.0525 1708 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:44:28.0619 1708 Fips - ok
14:44:28.0634 1708 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:44:28.0712 1708 Flpydisk - ok
14:44:28.0744 1708 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:44:28.0822 1708 FltMgr - ok
14:44:28.0916 1708 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:44:28.0931 1708 FontCache3.0.0.0 - ok
14:44:28.0947 1708 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:44:29.0009 1708 Fs_Rec - ok
14:44:29.0041 1708 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:44:29.0134 1708 Ftdisk - ok
14:44:29.0166 1708 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:44:29.0259 1708 Gpc - ok
14:44:29.0337 1708 gupdate - ok
14:44:29.0337 1708 gupdatem - ok
14:44:29.0384 1708 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:44:29.0400 1708 gusvc - ok
14:44:29.0478 1708 ha20x2k (e5010dec0f66407735aaf005607ba7ed) C:\WINDOWS\system32\drivers\ha20x2k.sys
14:44:29.0541 1708 ha20x2k - ok
14:44:29.0603 1708 hamachi_oem (c25c70fd4d49391091d9eb8c747f19e6) C:\WINDOWS\system32\DRIVERS\gan_adapter.sys
14:44:29.0603 1708 hamachi_oem ( UnsignedFile.Multi.Generic ) - warning
14:44:29.0603 1708 hamachi_oem - detected UnsignedFile.Multi.Generic (1)
14:44:29.0650 1708 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:44:29.0744 1708 HDAudBus - ok
14:44:29.0791 1708 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:44:29.0884 1708 helpsvc - ok
14:44:29.0900 1708 HidIr (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys
14:44:29.0978 1708 HidIr - ok
14:44:30.0009 1708 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
14:44:30.0087 1708 HidServ - ok
14:44:30.0119 1708 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:44:30.0197 1708 HidUsb - ok
14:44:30.0228 1708 hitmanpro35 (60de0d719dd083a8beb476da616d2811) C:\WINDOWS\system32\drivers\hitmanpro35.sys
14:44:30.0244 1708 hitmanpro35 - ok
14:44:30.0275 1708 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
14:44:30.0369 1708 hkmsvc - ok
14:44:30.0384 1708 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
14:44:30.0462 1708 hpn - ok
14:44:30.0494 1708 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:44:30.0509 1708 HTTP - ok
14:44:30.0556 1708 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
14:44:30.0634 1708 HTTPFilter - ok
14:44:30.0666 1708 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
14:44:30.0744 1708 i2omgmt - ok
14:44:30.0744 1708 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:44:30.0837 1708 i2omp - ok
14:44:30.0869 1708 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:44:30.0962 1708 i8042prt - ok
14:44:31.0056 1708 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:44:31.0056 1708 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:44:31.0056 1708 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:44:31.0150 1708 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:44:31.0197 1708 idsvc - ok
14:44:31.0244 1708 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:44:31.0306 1708 Imapi - ok
14:44:31.0337 1708 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
14:44:31.0431 1708 ImapiService - ok
14:44:31.0462 1708 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:44:31.0556 1708 ini910u - ok
14:44:31.0587 1708 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:44:31.0666 1708 IntelIde - ok
14:44:31.0697 1708 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:44:31.0775 1708 intelppm - ok
14:44:31.0791 1708 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:44:31.0869 1708 Ip6Fw - ok
14:44:31.0884 1708 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:44:31.0962 1708 IpFilterDriver - ok
14:44:31.0994 1708 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:44:32.0072 1708 IpInIp - ok
14:44:32.0087 1708 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:44:32.0181 1708 IpNat - ok
14:44:32.0197 1708 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:44:32.0275 1708 IPSec - ok
14:44:32.0306 1708 IrBus (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys
14:44:32.0353 1708 IrBus - ok
14:44:32.0369 1708 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:44:32.0400 1708 IRENUM - ok
14:44:32.0431 1708 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:44:32.0525 1708 isapnp - ok
14:44:32.0634 1708 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
14:44:32.0650 1708 JavaQuickStarterService - ok
14:44:32.0666 1708 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:44:32.0759 1708 Kbdclass - ok
14:44:32.0775 1708 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:44:32.0853 1708 kbdhid - ok
14:44:32.0884 1708 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:44:32.0962 1708 kmixer - ok
14:44:32.0994 1708 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:44:33.0025 1708 KSecDD - ok
14:44:33.0056 1708 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
14:44:33.0103 1708 lanmanserver - ok
14:44:33.0134 1708 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
14:44:33.0181 1708 lanmanworkstation - ok
14:44:33.0181 1708 lbrtfdc - ok
14:44:33.0259 1708 LBTServ (a0f7dc0080e4f97dc97de08b699e231b) C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
14:44:33.0275 1708 LBTServ - ok
14:44:33.0322 1708 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
14:44:33.0337 1708 LHidFilt - ok
14:44:33.0353 1708 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
14:44:33.0431 1708 LmHosts - ok
14:44:33.0462 1708 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
14:44:33.0462 1708 LMouFilt - ok
14:44:33.0494 1708 LUsbFilt (144011d14bd35f4e36136ae057b1aadd) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
14:44:33.0509 1708 LUsbFilt - ok
14:44:33.0556 1708 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
14:44:33.0572 1708 MBAMProtector - ok
14:44:33.0634 1708 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:44:33.0650 1708 MBAMService - ok
14:44:33.0697 1708 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
14:44:33.0712 1708 McrdSvc - ok
14:44:33.0791 1708 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
14:44:33.0822 1708 MDM - ok
14:44:33.0931 1708 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
14:44:34.0025 1708 Messenger - ok
14:44:34.0056 1708 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
14:44:34.0072 1708 MHN ( UnsignedFile.Multi.Generic ) - warning
14:44:34.0072 1708 MHN - detected UnsignedFile.Multi.Generic (1)
14:44:34.0103 1708 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
14:44:34.0119 1708 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
14:44:34.0119 1708 MHNDRV - detected UnsignedFile.Multi.Generic (1)
14:44:34.0119 1708 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:44:34.0212 1708 mnmdd - ok
14:44:34.0244 1708 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
14:44:34.0322 1708 mnmsrvc - ok
14:44:34.0353 1708 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:44:34.0431 1708 Modem - ok
14:44:34.0462 1708 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:44:34.0556 1708 Mouclass - ok
14:44:34.0572 1708 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:44:34.0650 1708 mouhid - ok
14:44:34.0681 1708 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:44:34.0775 1708 MountMgr - ok
14:44:34.0791 1708 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:44:34.0869 1708 mraid35x - ok
14:44:34.0900 1708 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:44:34.0978 1708 MRxDAV - ok
14:44:35.0025 1708 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:44:35.0056 1708 MRxSmb - ok
14:44:35.0103 1708 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
14:44:35.0181 1708 MSDTC - ok
14:44:35.0197 1708 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:44:35.0291 1708 Msfs - ok
14:44:35.0291 1708 MSIServer - ok
14:44:35.0322 1708 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:44:35.0400 1708 MSKSSRV - ok
14:44:35.0416 1708 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:44:35.0494 1708 MSPCLOCK - ok
14:44:35.0509 1708 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:44:35.0603 1708 MSPQM - ok
14:44:35.0619 1708 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:44:35.0697 1708 mssmbios - ok
14:44:35.0712 1708 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:44:35.0775 1708 MSTEE - ok
14:44:35.0822 1708 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:44:35.0822 1708 Mup - ok
14:44:35.0869 1708 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:44:35.0962 1708 NABTSFEC - ok
14:44:36.0009 1708 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
14:44:36.0103 1708 napagent - ok
14:44:36.0119 1708 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:44:36.0212 1708 NDIS - ok
14:44:36.0244 1708 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:44:36.0322 1708 NdisIP - ok
14:44:36.0353 1708 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:44:36.0369 1708 NdisTapi - ok
14:44:36.0384 1708 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:44:36.0462 1708 Ndisuio - ok
14:44:36.0494 1708 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:44:36.0572 1708 NdisWan - ok
14:44:36.0603 1708 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:44:36.0634 1708 NDProxy - ok
14:44:36.0666 1708 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:44:36.0744 1708 NetBIOS - ok
14:44:36.0775 1708 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:44:36.0869 1708 NetBT - ok
14:44:36.0900 1708 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:44:36.0994 1708 NetDDE - ok
14:44:36.0994 1708 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:44:37.0072 1708 NetDDEdsdm - ok
14:44:37.0103 1708 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:44:37.0181 1708 Netlogon - ok
14:44:37.0212 1708 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
14:44:37.0306 1708 Netman - ok
14:44:37.0416 1708 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:44:37.0447 1708 NetTcpPortSharing - ok
14:44:37.0478 1708 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:44:37.0556 1708 NIC1394 - ok
14:44:37.0587 1708 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
14:44:37.0603 1708 Nla - ok
14:44:37.0619 1708 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
14:44:37.0697 1708 nm - ok
14:44:37.0791 1708 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Program Files\CDBurnerXP\NMSAccessU.exe
14:44:37.0806 1708 NMSAccess - ok
14:44:37.0822 1708 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:44:37.0900 1708 Npfs - ok
14:44:37.0962 1708 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:44:38.0056 1708 Ntfs - ok
14:44:38.0087 1708 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:44:38.0166 1708 NtLmSsp - ok
14:44:38.0212 1708 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
14:44:38.0322 1708 NtmsSvc - ok
14:44:38.0337 1708 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:44:38.0416 1708 Null - ok
14:44:39.0025 1708 nv (7b5a17bd54bb9142843dbe99a1caaed8) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:44:39.0619 1708 nv - ok
14:44:39.0759 1708 nvatabus (5fc626bb14b8e0c6d781448372211e74) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
14:44:39.0791 1708 nvatabus - ok
14:44:39.0822 1708 nvgts (8eb82606fcd8c5d039ada33bd46fe7f8) C:\WINDOWS\system32\DRIVERS\nvgts.sys
14:44:39.0837 1708 nvgts - ok
14:44:39.0853 1708 nvraid (9a2655781b2130a1c76da0fbbcf42235) C:\WINDOWS\system32\DRIVERS\nvraid.sys
14:44:39.0884 1708 nvraid - ok
14:44:39.0931 1708 nvrd32 (6b1b4e25277a99a6b515cf124d6060e0) C:\WINDOWS\system32\DRIVERS\nvrd32.sys
14:44:39.0947 1708 nvrd32 - ok
14:44:39.0978 1708 NVSvc (5150b108ea88831e1c599603d8b89621) C:\WINDOWS\system32\nvsvc32.exe
14:44:40.0009 1708 NVSvc - ok
14:44:40.0134 1708 nvUpdatusService (83e8ab7bb3c8956c53fec071c94f0bbb) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:44:40.0212 1708 nvUpdatusService - ok
14:44:40.0337 1708 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:44:40.0431 1708 NwlnkFlt - ok
14:44:40.0447 1708 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:44:40.0541 1708 NwlnkFwd - ok
14:44:40.0572 1708 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:44:40.0666 1708 ohci1394 - ok
14:44:40.0775 1708 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:44:40.0806 1708 ose - ok
14:44:41.0056 1708 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:44:41.0244 1708 osppsvc - ok
14:44:41.0416 1708 ossrv (b0a7d75c6be3dd5ca4e87f8f20a48601) C:\WINDOWS\system32\drivers\ctoss2k.sys
14:44:41.0431 1708 ossrv - ok
14:44:41.0478 1708 ousb2hub (2fadd6e3aeaff1a6b84b8d304c395bd5) C:\WINDOWS\system32\DRIVERS\ousb2hub.sys
14:44:41.0494 1708 ousb2hub ( UnsignedFile.Multi.Generic ) - warning
14:44:41.0494 1708 ousb2hub - detected UnsignedFile.Multi.Generic (1)
14:44:41.0525 1708 ousbehci (961414dacb73858b0a2e9075ab2d1ea8) C:\WINDOWS\system32\Drivers\ousbehci.sys
14:44:41.0556 1708 ousbehci ( UnsignedFile.Multi.Generic ) - warning
14:44:41.0556 1708 ousbehci - detected UnsignedFile.Multi.Generic (1)
14:44:41.0572 1708 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
14:44:41.0666 1708 Parport - ok
14:44:41.0697 1708 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:44:41.0759 1708 PartMgr - ok
14:44:41.0775 1708 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:44:41.0853 1708 ParVdm - ok
14:44:41.0884 1708 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:44:41.0962 1708 PCI - ok
14:44:41.0962 1708 PCIDump - ok
14:44:41.0994 1708 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:44:42.0072 1708 PCIIde - ok
14:44:42.0103 1708 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:44:42.0197 1708 Pcmcia - ok
14:44:42.0228 1708 PCTDMDefrag (03c45d2a632226bf52eadccbf3181a31) C:\WINDOWS\system32\drivers\PCTDMDefrag.sys
14:44:42.0244 1708 PCTDMDefrag - ok
14:44:42.0291 1708 PCTDSMon (863469f15364c65dc71e58df7bdbc192) C:\WINDOWS\system32\drivers\PCTDSMon.sys
14:44:42.0306 1708 PCTDSMon - ok
14:44:42.0400 1708 PCToolsSSDMonitorSvc (97571ef24b653ddc0538c59bcd989ae1) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
14:44:42.0447 1708 PCToolsSSDMonitorSvc - ok
14:44:42.0447 1708 PDCOMP - ok
14:44:42.0447 1708 PDFRAME - ok
14:44:42.0447 1708 PDRELI - ok
14:44:42.0447 1708 PDRFRAME - ok
14:44:42.0462 1708 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
14:44:42.0541 1708 perc2 - ok
14:44:42.0572 1708 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:44:42.0650 1708 perc2hib - ok
14:44:42.0697 1708 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:44:42.0712 1708 PlugPlay - ok
14:44:42.0744 1708 PnkBstrA (205e1b699fd3f2f9b036eea2ec30c620) C:\WINDOWS\system32\PnkBstrA.exe
14:44:42.0759 1708 PnkBstrA - ok
14:44:42.0791 1708 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:44:42.0869 1708 PolicyAgent - ok
14:44:42.0900 1708 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:44:42.0978 1708 PptpMiniport - ok
14:44:42.0978 1708 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:44:43.0056 1708 ProtectedStorage - ok
14:44:43.0087 1708 ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
14:44:43.0134 1708 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
14:44:43.0134 1708 ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
14:44:43.0150 1708 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:44:43.0244 1708 PSched - ok
14:44:43.0275 1708 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:44:43.0353 1708 Ptilink - ok
14:44:43.0384 1708 PuranDefrag (0d89c528b28323e79a7cd2f8de4f5b8a) C:\WINDOWS\system32\PuranDefragS.exe
14:44:43.0400 1708 PuranDefrag ( UnsignedFile.Multi.Generic ) - warning
14:44:43.0400 1708 PuranDefrag - detected UnsignedFile.Multi.Generic (1)
14:44:43.0447 1708 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:44:43.0447 1708 PxHelp20 - ok
14:44:43.0478 1708 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:44:43.0572 1708 ql1080 - ok
14:44:43.0587 1708 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:44:43.0681 1708 Ql10wnt - ok
14:44:43.0697 1708 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:44:43.0775 1708 ql12160 - ok
14:44:43.0791 1708 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:44:43.0869 1708 ql1240 - ok
14:44:43.0884 1708 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:44:43.0978 1708 ql1280 - ok
14:44:44.0009 1708 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:44:44.0087 1708 RasAcd - ok
14:44:44.0134 1708 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
14:44:44.0212 1708 RasAuto - ok
14:44:44.0228 1708 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:44:44.0306 1708 Rasl2tp - ok
14:44:44.0337 1708 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
14:44:44.0431 1708 RasMan - ok
14:44:44.0462 1708 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:44:44.0541 1708 RasPppoe - ok
14:44:44.0556 1708 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:44:44.0634 1708 Raspti - ok
14:44:44.0666 1708 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:44:44.0759 1708 Rdbss - ok
14:44:44.0775 1708 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:44:44.0853 1708 RDPCDD - ok
14:44:44.0900 1708 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:44:44.0978 1708 rdpdr - ok
14:44:45.0009 1708 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
14:44:45.0041 1708 RDPWD - ok
14:44:45.0072 1708 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
14:44:45.0166 1708 RDSessMgr - ok
14:44:45.0197 1708 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:44:45.0259 1708 redbook - ok
14:44:45.0291 1708 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
14:44:45.0384 1708 RemoteAccess - ok
14:44:45.0416 1708 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
14:44:45.0494 1708 RemoteRegistry - ok
14:44:45.0525 1708 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
14:44:45.0603 1708 RpcLocator - ok
14:44:45.0650 1708 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
14:44:45.0666 1708 RpcSs - ok
14:44:45.0697 1708 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
14:44:45.0791 1708 RSVP - ok
14:44:45.0806 1708 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:44:45.0884 1708 SamSs - ok
14:44:45.0916 1708 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
14:44:46.0025 1708 SCardSvr - ok
14:44:46.0056 1708 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
14:44:46.0150 1708 Schedule - ok
14:44:46.0181 1708 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:44:46.0212 1708 Secdrv - ok
14:44:46.0244 1708 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
14:44:46.0337 1708 seclogon - ok
14:44:46.0369 1708 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
14:44:46.0447 1708 SENS - ok
14:44:46.0478 1708 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:44:46.0556 1708 serenum - ok
14:44:46.0603 1708 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
14:44:46.0681 1708 Serial - ok
14:44:46.0697 1708 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:44:46.0775 1708 Sfloppy - ok
14:44:46.0806 1708 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
14:44:46.0916 1708 SharedAccess - ok
14:44:46.0962 1708 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:44:46.0978 1708 ShellHWDetection - ok
14:44:46.0978 1708 Simbad - ok
14:44:47.0009 1708 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:44:47.0087 1708 sisagp - ok
14:44:47.0119 1708 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:44:47.0197 1708 SLIP - ok
14:44:47.0228 1708 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:44:47.0259 1708 Sparrow - ok
14:44:47.0275 1708 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:44:47.0369 1708 splitter - ok
14:44:47.0400 1708 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:44:47.0416 1708 Spooler - ok
14:44:47.0431 1708 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:44:47.0478 1708 sr - ok
14:44:47.0509 1708 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
14:44:47.0556 1708 srservice - ok
14:44:47.0587 1708 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:44:47.0619 1708 Srv - ok
14:44:47.0634 1708 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
14:44:47.0681 1708 SSDPSRV - ok
14:44:47.0712 1708 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
14:44:47.0728 1708 StarOpen ( UnsignedFile.Multi.Generic ) - warning
14:44:47.0728 1708 StarOpen - detected UnsignedFile.Multi.Generic (1)
14:44:47.0759 1708 stdriver (659c5615bc56737049ad5b03ae59467d) C:\WINDOWS\system32\DRIVERS\stdriverx86.sys
14:44:47.0775 1708 stdriver - ok
14:44:47.0853 1708 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
14:44:47.0947 1708 STHDA - ok
14:44:47.0994 1708 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
14:44:48.0103 1708 stisvc - ok
14:44:48.0150 1708 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:44:48.0228 1708 streamip - ok
14:44:48.0244 1708 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:44:48.0337 1708 swenum - ok
14:44:48.0369 1708 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:44:48.0431 1708 swmidi - ok
14:44:48.0447 1708 SwPrv - ok
14:44:48.0462 1708 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
14:44:48.0541 1708 symc810 - ok
14:44:48.0556 1708 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:44:48.0634 1708 symc8xx - ok
14:44:48.0634 1708 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:44:48.0728 1708 sym_hi - ok
14:44:48.0744 1708 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:44:48.0822 1708 sym_u3 - ok
14:44:48.0853 1708 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:44:48.0947 1708 sysaudio - ok
14:44:48.0978 1708 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
14:44:49.0072 1708 SysmonLog - ok
14:44:49.0103 1708 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
14:44:49.0181 1708 TapiSrv - ok
14:44:49.0228 1708 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:44:49.0259 1708 Tcpip - ok
14:44:49.0306 1708 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:44:49.0384 1708 TDPIPE - ok
14:44:49.0400 1708 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:44:49.0462 1708 TDTCP - ok
14:44:49.0494 1708 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:44:49.0572 1708 TermDD - ok
14:44:49.0619 1708 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
14:44:49.0712 1708 TermService - ok
14:44:49.0744 1708 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:44:49.0759 1708 Themes - ok
14:44:49.0806 1708 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
14:44:49.0853 1708 TlntSvr - ok
14:44:49.0884 1708 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
14:44:49.0962 1708 TosIde - ok
14:44:49.0994 1708 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
14:44:50.0087 1708 TrkWks - ok
14:44:50.0119 1708 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:44:50.0197 1708 Udfs - ok
14:44:50.0212 1708 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
14:44:50.0259 1708 ultra - ok
14:44:50.0306 1708 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:44:50.0400 1708 Update - ok
14:44:50.0431 1708 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
14:44:50.0494 1708 upnphost - ok
14:44:50.0494 1708 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
14:44:50.0587 1708 UPS - ok
14:44:50.0603 1708 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
14:44:50.0681 1708 usbaudio - ok
14:44:50.0712 1708 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:44:50.0791 1708 usbccgp - ok
14:44:50.0806 1708 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:44:50.0900 1708 usbehci - ok
14:44:50.0916 1708 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:44:50.0978 1708 usbhub - ok
14:44:50.0994 1708 USBMULCD - ok
14:44:51.0009 1708 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:44:51.0087 1708 usbohci - ok
14:44:51.0119 1708 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:44:51.0197 1708 usbprint - ok
14:44:51.0244 1708 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:44:51.0337 1708 usbscan - ok
14:44:51.0353 1708 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:44:51.0431 1708 USBSTOR - ok
14:44:51.0462 1708 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:44:51.0525 1708 usbuhci - ok
14:44:51.0556 1708 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
14:44:51.0634 1708 usbvideo - ok
14:44:51.0666 1708 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:44:51.0744 1708 VgaSave - ok
14:44:51.0775 1708 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:44:51.0837 1708 viaagp - ok
14:44:51.0869 1708 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
14:44:51.0947 1708 ViaIde - ok
14:44:51.0978 1708 VMUVC (e7ee8ea1772425a7345d7ec6ac6d9b60) C:\WINDOWS\system32\Drivers\VMUVC.sys
14:44:52.0009 1708 VMUVC - ok
14:44:52.0025 1708 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:44:52.0119 1708 VolSnap - ok
14:44:52.0150 1708 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
14:44:52.0212 1708 VSS - ok
14:44:52.0244 1708 vvftUVC (d3ee7cc6b0c29083a874db9d890bceb5) C:\WINDOWS\system32\drivers\vvftUVC.sys
14:44:52.0291 1708 vvftUVC - ok
14:44:52.0353 1708 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
14:44:52.0431 1708 w32time - ok
14:44:52.0447 1708 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:44:52.0541 1708 Wanarp - ok
14:44:52.0572 1708 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
14:44:52.0572 1708 wanatw - ok
14:44:52.0587 1708 WANMiniportService (eb9a99ab5d17b1727034ff191e6448d7) C:\WINDOWS\wanmpsvc.exe
14:44:53.0056 1708 WANMiniportService ( UnsignedFile.Multi.Generic ) - warning
14:44:53.0056 1708 WANMiniportService - detected UnsignedFile.Multi.Generic (1)
14:44:53.0103 1708 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:44:53.0134 1708 Wdf01000 - ok
14:44:53.0134 1708 WDICA - ok
14:44:53.0150 1708 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:44:53.0244 1708 wdmaud - ok
14:44:53.0275 1708 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
14:44:53.0353 1708 WebClient - ok
14:44:53.0416 1708 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:44:53.0494 1708 winmgmt - ok
14:44:53.0572 1708 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
14:44:53.0650 1708 WinRM - ok
14:44:53.0853 1708 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:44:53.0931 1708 wlidsvc - ok
14:44:53.0978 1708 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe
14:44:54.0009 1708 WLSetupSvc ( UnsignedFile.Multi.Generic ) - warning
14:44:54.0009 1708 WLSetupSvc - detected UnsignedFile.Multi.Generic (1)
14:44:54.0150 1708 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll
14:44:54.0181 1708 WmdmPmSN - ok
14:44:54.0228 1708 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
14:44:54.0259 1708 Wmi - ok
14:44:54.0322 1708 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:44:54.0416 1708 WmiApSrv - ok
14:44:54.0509 1708 WMPNetworkSvc (6bab4dc65515a098505f8b3d01fb6fe5) C:\Program Files\Windows Media Player\WMPNetwk.exe
14:44:54.0556 1708 WMPNetworkSvc - ok
14:44:54.0712 1708 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:44:54.0759 1708 WPFFontCache_v0400 - ok
14:44:54.0869 1708 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:44:54.0947 1708 WS2IFSL - ok
14:44:54.0978 1708 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
14:44:55.0056 1708 wscsvc - ok
14:44:55.0087 1708 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:44:55.0150 1708 WSTCODEC - ok
14:44:55.0181 1708 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
14:44:55.0291 1708 wuauserv - ok
14:44:55.0322 1708 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:44:55.0337 1708 WudfPf - ok
14:44:55.0369 1708 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:44:55.0400 1708 WudfRd - ok
14:44:55.0416 1708 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:44:55.0447 1708 WudfSvc - ok
14:44:55.0494 1708 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
14:44:55.0572 1708 WZCSVC - ok
14:44:55.0619 1708 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
14:44:55.0759 1708 xmlprov - ok
14:44:55.0759 1708 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
14:44:56.0087 1708 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:44:56.0087 1708 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:44:56.0103 1708 Boot (0x1200) (ba3bb36f8a0a0930d807502f2f9086e2) \Device\Harddisk0\DR0\Partition0
14:44:56.0103 1708 \Device\Harddisk0\DR0\Partition0 - ok
14:44:56.0103 1708 ============================================================
14:44:56.0103 1708 Scan finished
14:44:56.0103 1708 ============================================================
14:44:56.0212 4020 Detected object count: 15
14:44:56.0212 4020 Actual detected object count: 15
14:46:04.0275 4020 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0275 4020 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0275 4020 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0275 4020 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0275 4020 EyelineService ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0275 4020 EyelineService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0275 4020 hamachi_oem ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0275 4020 hamachi_oem ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0275 4020 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0275 4020 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0275 4020 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0275 4020 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0275 4020 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0275 4020 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0291 4020 ousb2hub ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0291 4020 ousb2hub ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0291 4020 ousbehci ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0291 4020 ousbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0291 4020 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0291 4020 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0291 4020 PuranDefrag ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0291 4020 PuranDefrag ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0291 4020 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0291 4020 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0291 4020 WANMiniportService ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0291 4020 WANMiniportService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0291 4020 WLSetupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:46:04.0291 4020 WLSetupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:46:04.0291 4020 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:46:04.0291 4020 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
14:46:14.0744 5352 ============================================================
14:46:14.0744 5352 Scan started
14:46:14.0744 5352 Mode: Manual; SigCheck; TDLFS;
14:46:14.0744 5352 ============================================================
14:46:14.0916 5352 Aavmker4 (0b27ae82c113d3687024d18459440426) C:\WINDOWS\system32\drivers\Aavmker4.sys
14:46:14.0947 5352 Aavmker4 - ok
14:46:14.0962 5352 Abiosdsk - ok
14:46:14.0978 5352 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:46:15.0041 5352 abp480n5 - ok
14:46:15.0150 5352 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:46:15.0166 5352 ACDaemon - ok
14:46:15.0197 5352 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:46:15.0291 5352 ACPI - ok
14:46:15.0322 5352 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
14:46:15.0400 5352 ACPIEC - ok
14:46:15.0462 5352 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:46:15.0478 5352 AdobeFlashPlayerUpdateSvc - ok
14:46:15.0509 5352 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:46:15.0587 5352 adpu160m - ok
14:46:15.0619 5352 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:46:15.0681 5352 aec - ok
14:46:15.0744 5352 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:46:15.0759 5352 AFD - ok
14:46:15.0775 5352 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
14:46:15.0869 5352 agp440 - ok
14:46:15.0900 5352 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:46:15.0978 5352 agpCPQ - ok
14:46:15.0994 5352 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:46:16.0041 5352 Aha154x - ok
14:46:16.0056 5352 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:46:16.0119 5352 aic78u2 - ok
14:46:16.0134 5352 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:46:16.0212 5352 aic78xx - ok
14:46:16.0244 5352 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
14:46:16.0306 5352 Alerter - ok
14:46:16.0322 5352 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
14:46:16.0369 5352 ALG - ok
14:46:16.0384 5352 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
14:46:16.0478 5352 AliIde - ok
14:46:16.0494 5352 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:46:16.0572 5352 alim1541 - ok
14:46:16.0587 5352 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:46:16.0666 5352 amdagp - ok
14:46:16.0681 5352 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
14:46:16.0744 5352 amsint - ok
14:46:16.0775 5352 Angel2 (bca9980dd99ba3e2fb8c1702951aa8ea) C:\WINDOWS\system32\DRIVERS\Angel2.sys
14:46:16.0806 5352 Angel2 - ok
14:46:16.0916 5352 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
14:46:16.0931 5352 AOL ACS - ok
14:46:16.0962 5352 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
14:46:17.0025 5352 AppMgmt - ok
14:46:17.0056 5352 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:46:17.0134 5352 Arp1394 - ok
14:46:17.0150 5352 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
14:46:17.0244 5352 asc - ok
14:46:17.0259 5352 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:46:17.0306 5352 asc3350p - ok
14:46:17.0306 5352 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:46:17.0384 5352 asc3550 - ok
14:46:17.0416 5352 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys
14:46:17.0431 5352 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
14:46:17.0431 5352 Aspi32 - detected UnsignedFile.Multi.Generic (1)
14:46:17.0509 5352 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:46:17.0525 5352 aspnet_state - ok
14:46:17.0556 5352 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\WINDOWS\system32\drivers\aswFsBlk.sys
14:46:17.0556 5352 aswFsBlk - ok
14:46:17.0603 5352 aswFW (b5aaa12631877731a253e44202ffc5bc) C:\WINDOWS\system32\drivers\aswFW.sys
14:46:17.0619 5352 aswFW - ok
14:46:17.0650 5352 aswKbd (088be3ec42010310fe867f874b6fedf2) C:\WINDOWS\system32\drivers\aswKbd.sys
14:46:17.0666 5352 aswKbd - ok
14:46:17.0712 5352 aswMon2 (9e912fe7b41650701ef2b227aca440f3) C:\WINDOWS\system32\drivers\aswMon2.sys
14:46:17.0728 5352 aswMon2 - ok
14:46:17.0759 5352 aswNdis (7b948e3657bea62e437bc46ca6ef6012) C:\WINDOWS\system32\DRIVERS\aswNdis.sys
14:46:17.0775 5352 aswNdis - ok
14:46:17.0791 5352 aswNdis2 (0127263dfc8c4216c085338ce0c047c3) C:\WINDOWS\system32\drivers\aswNdis2.sys
14:46:17.0806 5352 aswNdis2 - ok
14:46:17.0822 5352 aswRdr (982e275d1c5801042fe94209fb0160fb) C:\WINDOWS\system32\drivers\aswRdr.sys
14:46:17.0837 5352 aswRdr - ok
14:46:17.0884 5352 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\WINDOWS\system32\drivers\aswSnx.sys
14:46:17.0916 5352 aswSnx - ok
14:46:17.0978 5352 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\WINDOWS\system32\drivers\aswSP.sys
14:46:17.0994 5352 aswSP - ok
14:46:18.0025 5352 aswTdi (7109a9aa551f37cd168c02368465957e) C:\WINDOWS\system32\drivers\aswTdi.sys
14:46:18.0041 5352 aswTdi - ok
14:46:18.0072 5352 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:46:18.0150 5352 AsyncMac - ok
14:46:18.0181 5352 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:46:18.0259 5352 atapi - ok
14:46:18.0259 5352 Atdisk - ok
14:46:18.0291 5352 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:46:18.0369 5352 Atmarpc - ok
14:46:18.0416 5352 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
14:46:18.0478 5352 AudioSrv - ok
14:46:18.0509 5352 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:46:18.0587 5352 audstub - ok
14:46:18.0666 5352 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:46:18.0666 5352 avast! Antivirus - ok
14:46:18.0712 5352 avast! Firewall (465a17095eb3b9e101429b669f495d01) C:\Program Files\AVAST Software\Avast\afwServ.exe
14:46:18.0728 5352 avast! Firewall - ok
14:46:18.0759 5352 b57w2k (8c0403aa21029804f31d869e6b0adedf) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
14:46:18.0791 5352 b57w2k - ok
14:46:18.0837 5352 BackupStack (50549f57f969a322ff904daf7d86a691) C:\Program Files\JustCloud\BackupStack.exe
14:46:18.0853 5352 BackupStack - ok
14:46:18.0884 5352 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:46:18.0962 5352 Beep - ok
14:46:18.0994 5352 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
14:46:19.0087 5352 BITS - ok
14:46:19.0119 5352 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
14:46:19.0197 5352 Browser - ok
14:46:19.0384 5352 catchme - ok
14:46:19.0416 5352 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:46:19.0478 5352 cbidf - ok
14:46:19.0494 5352 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:46:19.0556 5352 cbidf2k - ok
14:46:19.0587 5352 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:46:19.0681 5352 CCDECODE - ok
14:46:19.0697 5352 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:46:19.0728 5352 cd20xrnt - ok
14:46:19.0759 5352 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:46:19.0837 5352 Cdaudio - ok
14:46:19.0853 5352 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:46:19.0947 5352 Cdfs - ok
14:46:19.0978 5352 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:46:20.0056 5352 Cdrom - ok
14:46:20.0056 5352 Changer - ok
14:46:20.0087 5352 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
14:46:20.0166 5352 CiSvc - ok
14:46:20.0197 5352 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
14:46:20.0259 5352 ClipSrv - ok
14:46:20.0369 5352 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:46:20.0384 5352 clr_optimization_v2.0.50727_32 - ok
14:46:20.0447 5352 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:46:20.0462 5352 clr_optimization_v4.0.30319_32 - ok
14:46:20.0478 5352 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:46:20.0572 5352 CmdIde - ok
14:46:20.0572 5352 COMSysApp - ok
14:46:20.0587 5352 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:46:20.0666 5352 Cpqarray - ok
14:46:20.0712 5352 Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\WINDOWS\system32\CTsvcCDA.exe
14:46:20.0728 5352 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
14:46:20.0728 5352 Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)
14:46:20.0759 5352 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
14:46:20.0837 5352 CryptSvc - ok
14:46:20.0884 5352 CT20XUT.DLL (1fc326524a54e2f07caa851a6c92f864) C:\WINDOWS\system32\CT20XUT.DLL
14:46:20.0900 5352 CT20XUT.DLL - ok
14:46:20.0947 5352 ctac32k (a57a4a823b242aad1e090b86b6f8c5bf) C:\WINDOWS\system32\drivers\ctac32k.sys
14:46:20.0962 5352 ctac32k - ok
14:46:21.0009 5352 ctaud2k (c4aa86490482104c219c040f9e91eda8) C:\WINDOWS\system32\drivers\ctaud2k.sys
14:46:21.0025 5352 ctaud2k - ok
14:46:21.0087 5352 ctdvda2k (3e14e6d3cf3ddb9870925a73e7a87432) C:\WINDOWS\system32\drivers\ctdvda2k.sys
14:46:21.0103 5352 ctdvda2k - ok
14:46:21.0166 5352 CTEXFIFX.DLL (82bd15b057cc7de8dd17c6ddb030f637) C:\WINDOWS\system32\CTEXFIFX.DLL
14:46:21.0197 5352 CTEXFIFX.DLL - ok
14:46:21.0306 5352 CTHWIUT.DLL (41e06b6baf8dbd998745a21ea6f01206) C:\WINDOWS\system32\CTHWIUT.DLL
14:46:21.0322 5352 CTHWIUT.DLL - ok
14:46:21.0337 5352 ctprxy2k (0c57a7246e8fc0815bd6225a2704c9ea) C:\WINDOWS\system32\drivers\ctprxy2k.sys
14:46:21.0353 5352 ctprxy2k - ok
14:46:21.0384 5352 ctsfm2k (6b7c9d1f04b799eb67cc9063f5f754f7) C:\WINDOWS\system32\drivers\ctsfm2k.sys
14:46:21.0384 5352 ctsfm2k - ok
14:46:21.0416 5352 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:46:21.0494 5352 dac2w2k - ok
14:46:21.0525 5352 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:46:21.0603 5352 dac960nt - ok
14:46:21.0634 5352 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
14:46:21.0666 5352 DcomLaunch - ok
14:46:21.0697 5352 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
14:46:21.0775 5352 Dhcp - ok
14:46:21.0822 5352 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:46:21.0900 5352 Disk - ok
14:46:21.0900 5352 dlcq_device - ok
14:46:21.0900 5352 dmadmin - ok
14:46:21.0962 5352 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
14:46:22.0041 5352 dmboot - ok
14:46:22.0166 5352 DMDefragService (2caad3e488998887861c46b3027d0dc8) C:\Program Files\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
14:46:22.0197 5352 DMDefragService - ok
14:46:22.0337 5352 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
14:46:22.0431 5352 dmio - ok
14:46:22.0447 5352 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:46:22.0541 5352 dmload - ok
14:46:22.0697 5352 DMRepairService (e4bfebc56896951001f1297bf47d5341) C:\Program Files\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
14:46:22.0728 5352 DMRepairService - ok
14:46:22.0759 5352 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
14:46:22.0837 5352 dmserver - ok
14:46:22.0869 5352 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:46:22.0947 5352 DMusic - ok
14:46:22.0978 5352 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
14:46:22.0994 5352 Dnscache - ok
14:46:23.0041 5352 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
14:46:23.0103 5352 Dot3svc - ok
14:46:23.0134 5352 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:46:23.0228 5352 dpti2o - ok
14:46:23.0244 5352 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:46:23.0322 5352 drmkaud - ok
14:46:23.0337 5352 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:46:23.0416 5352 E100B - ok
14:46:23.0431 5352 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
14:46:23.0509 5352 EapHost - ok
14:46:23.0572 5352 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
14:46:23.0587 5352 ehRecvr - ok
14:46:23.0619 5352 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
14:46:23.0650 5352 ehSched - ok
14:46:23.0681 5352 emupia (4265a86853cd409c26ac2f0ff7dbc1c6) C:\WINDOWS\system32\drivers\emupia2k.sys
14:46:23.0681 5352 emupia - ok
14:46:23.0728 5352 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
14:46:23.0791 5352 ERSvc - ok
14:46:23.0837 5352 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:46:23.0853 5352 Eventlog - ok
14:46:23.0900 5352 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
14:46:23.0931 5352 EventSystem - ok
14:46:24.0228 5352 EyelineService (7728db436eade0cf9d7fc030e3954054) C:\Program Files\NCH Software\Eyeline\eyeline.exe
14:46:24.0291 5352 EyelineService ( UnsignedFile.Multi.Generic ) - warning
14:46:24.0291 5352 EyelineService - detected UnsignedFile.Multi.Generic (1)
14:46:24.0447 5352 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:46:24.0509 5352 Fastfat - ok
14:46:24.0556 5352 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:46:24.0572 5352 FastUserSwitchingCompatibility - ok
14:46:24.0619 5352 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
14:46:24.0712 5352 Fax - ok
14:46:24.0728 5352 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
14:46:24.0806 5352 Fdc - ok
14:46:24.0822 5352 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
14:46:24.0900 5352 Fips - ok
14:46:24.0916 5352 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:46:24.0994 5352 Flpydisk - ok
14:46:25.0025 5352 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:46:25.0103 5352 FltMgr - ok
14:46:25.0197 5352 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:46:25.0197 5352 FontCache3.0.0.0 - ok
14:46:25.0228 5352 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:46:25.0291 5352 Fs_Rec - ok
14:46:25.0306 5352 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:46:25.0384 5352 Ftdisk - ok
14:46:25.0416 5352 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:46:25.0478 5352 Gpc - ok
14:46:25.0572 5352 gupdate - ok
14:46:25.0572 5352 gupdatem - ok
14:46:25.0603 5352 gusvc (751c1d2ca2abf4a9f5a6b8d7d45b907c) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:46:25.0619 5352 gusvc - ok
14:46:25.0697 5352 ha20x2k (e5010dec0f66407735aaf005607ba7ed) C:\WINDOWS\system32\drivers\ha20x2k.sys
14:46:25.0728 5352 ha20x2k - ok
14:46:25.0791 5352 hamachi_oem (c25c70fd4d49391091d9eb8c747f19e6) C:\WINDOWS\system32\DRIVERS\gan_adapter.sys
14:46:25.0806 5352 hamachi_oem ( UnsignedFile.Multi.Generic ) - warning
14:46:25.0806 5352 hamachi_oem - detected UnsignedFile.Multi.Generic (1)
14:46:25.0837 5352 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:46:25.0931 5352 HDAudBus - ok
14:46:25.0978 5352 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:46:26.0056 5352 helpsvc - ok
14:46:26.0072 5352 HidIr (bb1a6fb7d35a91e599973fa74a619056) C:\WINDOWS\system32\DRIVERS\hidir.sys
14:46:26.0150 5352 HidIr - ok
14:46:26.0181 5352 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
14:46:26.0259 5352 HidServ - ok
14:46:26.0275 5352 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:46:26.0353 5352 HidUsb - ok
14:46:26.0369 5352 hitmanpro35 (60de0d719dd083a8beb476da616d2811) C:\WINDOWS\system32\drivers\hitmanpro35.sys
14:46:26.0384 5352 hitmanpro35 - ok
14:46:26.0431 5352 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
14:46:26.0494 5352 hkmsvc - ok
14:46:26.0525 5352 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
14:46:26.0603 5352 hpn - ok
14:46:26.0634 5352 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:46:26.0650 5352 HTTP - ok
14:46:26.0681 5352 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
14:46:26.0759 5352 HTTPFilter - ok
14:46:26.0775 5352 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
14:46:26.0853 5352 i2omgmt - ok
14:46:26.0853 5352 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:46:26.0931 5352 i2omp - ok
14:46:26.0962 5352 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:46:27.0041 5352 i8042prt - ok
14:46:27.0150 5352 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:46:27.0166 5352 IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:46:27.0166 5352 IDriverT - detected UnsignedFile.Multi.Generic (1)
14:46:27.0275 5352 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:46:27.0306 5352 idsvc - ok
14:46:27.0337 5352 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:46:27.0431 5352 Imapi - ok
14:46:27.0462 5352 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
14:46:27.0541 5352 ImapiService - ok
14:46:27.0572 5352 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:46:27.0650 5352 ini910u - ok
14:46:27.0697 5352 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
14:46:27.0759 5352 IntelIde - ok
14:46:27.0791 5352 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:46:27.0853 5352 intelppm - ok
14:46:27.0869 5352 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:46:27.0947 5352 Ip6Fw - ok
14:46:27.0962 5352 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:46:28.0041 5352 IpFilterDriver - ok
14:46:28.0056 5352 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:46:28.0134 5352 IpInIp - ok
14:46:28.0150 5352 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:46:28.0228 5352 IpNat - ok
14:46:28.0244 5352 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:46:28.0322 5352 IPSec - ok
14:46:28.0353 5352 IrBus (b43b36b382aea10861f7c7a37f9d4ae2) C:\WINDOWS\system32\DRIVERS\IrBus.sys
14:46:28.0384 5352 IrBus - ok
14:46:28.0400 5352 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:46:28.0447 5352 IRENUM - ok
14:46:28.0462 5352 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:46:28.0556 5352 isapnp - ok
14:46:28.0666 5352 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
14:46:28.0681 5352 JavaQuickStarterService - ok
14:46:28.0697 5352 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:46:28.0775 5352 Kbdclass - ok
14:46:28.0806 5352 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:46:28.0884 5352 kbdhid - ok
14:46:28.0916 5352 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:46:28.0994 5352 kmixer - ok
14:46:29.0025 5352 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:46:29.0041 5352 KSecDD - ok
14:46:29.0087 5352 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
14:46:29.0103 5352 lanmanserver - ok
14:46:29.0134 5352 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
14:46:29.0150 5352 lanmanworkstation - ok
14:46:29.0150 5352 lbrtfdc - ok
14:46:29.0244 5352 LBTServ (a0f7dc0080e4f97dc97de08b699e231b) C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
14:46:29.0244 5352 LBTServ - ok
14:46:29.0275 5352 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
14:46:29.0291 5352 LHidFilt - ok
14:46:29.0306 5352 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
14:46:29.0384 5352 LmHosts - ok
14:46:29.0400 5352 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
14:46:29.0416 5352 LMouFilt - ok
14:46:29.0447 5352 LUsbFilt (144011d14bd35f4e36136ae057b1aadd) C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
14:46:29.0462 5352 LUsbFilt - ok
14:46:29.0494 5352 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
14:46:29.0509 5352 MBAMProtector - ok
14:46:29.0572 5352 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:46:29.0587 5352 MBAMService - ok
14:46:29.0666 5352 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
14:46:29.0681 5352 McrdSvc - ok
14:46:29.0759 5352 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
14:46:29.0775 5352 MDM - ok
14:46:29.0869 5352 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
14:46:29.0947 5352 Messenger - ok
14:46:29.0978 5352 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
14:46:29.0978 5352 MHN ( UnsignedFile.Multi.Generic ) - warning
14:46:29.0978 5352 MHN - detected UnsignedFile.Multi.Generic (1)
14:46:30.0025 5352 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
14:46:30.0041 5352 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
14:46:30.0041 5352 MHNDRV - detected UnsignedFile.Multi.Generic (1)
14:46:30.0056 5352 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:46:30.0150 5352 mnmdd - ok
14:46:30.0181 5352 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
14:46:30.0259 5352 mnmsrvc - ok
14:46:30.0275 5352 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
14:46:30.0353 5352 Modem - ok
14:46:30.0384 5352 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:46:30.0478 5352 Mouclass - ok
14:46:30.0494 5352 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:46:30.0572 5352 mouhid - ok
14:46:30.0603 5352 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:46:30.0681 5352 MountMgr - ok
14:46:30.0697 5352 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:46:30.0775 5352 mraid35x - ok
14:46:30.0806 5352 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:46:30.0900 5352 MRxDAV - ok
14:46:30.0947 5352 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:46:30.0962 5352 MRxSmb - ok
14:46:31.0009 5352 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
14:46:31.0087 5352 MSDTC - ok
14:46:31.0103 5352 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:46:31.0181 5352 Msfs - ok
14:46:31.0181 5352 MSIServer - ok
14:46:31.0228 5352 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:46:31.0291 5352 MSKSSRV - ok
14:46:31.0306 5352 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:46:31.0384 5352 MSPCLOCK - ok
14:46:31.0400 5352 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:46:31.0478 5352 MSPQM - ok
14:46:31.0509 5352 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:46:31.0572 5352 mssmbios - ok
14:46:31.0587 5352 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:46:31.0666 5352 MSTEE - ok
14:46:31.0697 5352 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:46:31.0712 5352 Mup - ok
14:46:31.0759 5352 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:46:31.0822 5352 NABTSFEC - ok
14:46:31.0869 5352 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
14:46:31.0947 5352 napagent - ok
14:46:31.0994 5352 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:46:32.0056 5352 NDIS - ok
14:46:32.0072 5352 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:46:32.0150 5352 NdisIP - ok
14:46:32.0166 5352 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:46:32.0181 5352 NdisTapi - ok
14:46:32.0228 5352 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:46:32.0291 5352 Ndisuio - ok
14:46:32.0322 5352 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:46:32.0400 5352 NdisWan - ok
14:46:32.0431 5352 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:46:32.0447 5352 NDProxy - ok
14:46:32.0478 5352 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:46:32.0541 5352 NetBIOS - ok
14:46:32.0572 5352 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:46:32.0650 5352 NetBT - ok
14:46:32.0697 5352 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:46:32.0759 5352 NetDDE - ok
14:46:32.0775 5352 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
14:46:32.0837 5352 NetDDEdsdm - ok
14:46:32.0884 5352 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:46:32.0962 5352 Netlogon - ok
14:46:32.0994 5352 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
14:46:33.0072 5352 Netman - ok
14:46:33.0181 5352 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:46:33.0181 5352 NetTcpPortSharing - ok
14:46:33.0212 5352 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:46:33.0291 5352 NIC1394 - ok
14:46:33.0337 5352 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
14:46:33.0353 5352 Nla - ok
14:46:33.0369 5352 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
14:46:33.0447 5352 nm - ok
14:46:33.0541 5352 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Program Files\CDBurnerXP\NMSAccessU.exe
14:46:33.0541 5352 NMSAccess - ok
14:46:33.0556 5352 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:46:33.0634 5352 Npfs - ok
14:46:33.0681 5352 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:46:33.0759 5352 Ntfs - ok
14:46:33.0791 5352 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:46:33.0869 5352 NtLmSsp - ok
14:46:33.0947 5352 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
14:46:34.0025 5352 NtmsSvc - ok
14:46:34.0041 5352 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:46:34.0119 5352 Null - ok
14:46:34.0728 5352 nv (7b5a17bd54bb9142843dbe99a1caaed8) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:46:35.0041 5352 nv - ok
14:46:35.0212 5352 nvatabus (5fc626bb14b8e0c6d781448372211e74) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
14:46:35.0212 5352 nvatabus - ok
14:46:35.0259 5352 nvgts (8eb82606fcd8c5d039ada33bd46fe7f8) C:\WINDOWS\system32\DRIVERS\nvgts.sys
14:46:35.0275 5352 nvgts - ok
14:46:35.0291 5352 nvraid (9a2655781b2130a1c76da0fbbcf42235) C:\WINDOWS\system32\DRIVERS\nvraid.sys
14:46:35.0306 5352 nvraid - ok
14:46:35.0353 5352 nvrd32 (6b1b4e25277a99a6b515cf124d6060e0) C:\WINDOWS\system32\DRIVERS\nvrd32.sys
14:46:35.0369 5352 nvrd32 - ok
14:46:35.0400 5352 NVSvc (5150b108ea88831e1c599603d8b89621) C:\WINDOWS\system32\nvsvc32.exe
14:46:35.0416 5352 NVSvc - ok
14:46:35.0556 5352 nvUpdatusService (83e8ab7bb3c8956c53fec071c94f0bbb) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:46:35.0587 5352 nvUpdatusService - ok
14:46:35.0728 5352 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:46:35.0806 5352 NwlnkFlt - ok
14:46:35.0822 5352 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:46:35.0884 5352 NwlnkFwd - ok
14:46:35.0931 5352 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:46:35.0994 5352 ohci1394 - ok
14:46:36.0087 5352 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:46:36.0103 5352 ose - ok
14:46:36.0337 5352 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:46:36.0447 5352 osppsvc - ok
14:46:36.0587 5352 ossrv (b0a7d75c6be3dd5ca4e87f8f20a48601) C:\WINDOWS\system32\drivers\ctoss2k.sys
14:46:36.0603 5352 ossrv - ok
14:46:36.0650 5352 ousb2hub (2fadd6e3aeaff1a6b84b8d304c395bd5) C:\WINDOWS\system32\DRIVERS\ousb2hub.sys
14:46:36.0650 5352 ousb2hub ( UnsignedFile.Multi.Generic ) - warning
14:46:36.0650 5352 ousb2hub - detected UnsignedFile.Multi.Generic (1)
14:46:36.0697 5352 ousbehci (961414dacb73858b0a2e9075ab2d1ea8) C:\WINDOWS\system32\Drivers\ousbehci.sys
14:46:36.0697 5352 ousbehci ( UnsignedFile.Multi.Generic ) - warning
14:46:36.0697 5352 ousbehci - detected UnsignedFile.Multi.Generic (1)
14:46:36.0728 5352 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
14:46:36.0806 5352 Parport - ok
14:46:36.0806 5352 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:46:36.0884 5352 PartMgr - ok
14:46:36.0900 5352 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
14:46:36.0978 5352 ParVdm - ok
14:46:37.0009 5352 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
14:46:37.0087 5352 PCI - ok
14:46:37.0087 5352 PCIDump - ok
14:46:37.0119 5352 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:46:37.0197 5352 PCIIde - ok
14:46:37.0212 5352 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:46:37.0291 5352 Pcmcia - ok
14:46:37.0337 5352 PCTDMDefrag (03c45d2a632226bf52eadccbf3181a31) C:\WINDOWS\system32\drivers\PCTDMDefrag.sys
14:46:37.0337 5352 PCTDMDefrag - ok
14:46:37.0384 5352 PCTDSMon (863469f15364c65dc71e58df7bdbc192) C:\WINDOWS\system32\drivers\PCTDSMon.sys
14:46:37.0400 5352 PCTDSMon - ok
14:46:37.0509 5352 PCToolsSSDMonitorSvc (97571ef24b653ddc0538c59bcd989ae1) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
14:46:37.0525 5352 PCToolsSSDMonitorSvc - ok
14:46:37.0525 5352 PDCOMP - ok
14:46:37.0541 5352 PDFRAME - ok
14:46:37.0541 5352 PDRELI - ok
14:46:37.0541 5352 PDRFRAME - ok
14:46:37.0587 5352 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
14:46:37.0650 5352 perc2 - ok
14:46:37.0666 5352 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:46:37.0744 5352 perc2hib - ok
14:46:37.0791 5352 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
14:46:37.0806 5352 PlugPlay - ok
14:46:37.0837 5352 PnkBstrA (205e1b699fd3f2f9b036eea2ec30c620) C:\WINDOWS\system32\PnkBstrA.exe
14:46:37.0853 5352 PnkBstrA - ok
14:46:37.0884 5352 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:46:37.0947 5352 PolicyAgent - ok
14:46:37.0994 5352 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:46:38.0072 5352 PptpMiniport - ok
14:46:38.0072 5352 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:46:38.0134 5352 ProtectedStorage - ok
14:46:38.0181 5352 ProtexisLicensing (64e413ba0c529aa40c3924bbcc4153db) C:\WINDOWS\system32\PSIService.exe
14:46:38.0197 5352 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - warning
14:46:38.0197 5352 ProtexisLicensing - detected UnsignedFile.Multi.Generic (1)
14:46:38.0212 5352 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:46:38.0291 5352 PSched - ok
14:46:38.0306 5352 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:46:38.0369 5352 Ptilink - ok
14:46:38.0400 5352 PuranDefrag (0d89c528b28323e79a7cd2f8de4f5b8a) C:\WINDOWS\system32\PuranDefragS.exe
14:46:38.0416 5352 PuranDefrag ( UnsignedFile.Multi.Generic ) - warning
14:46:38.0416 5352 PuranDefrag - detected UnsignedFile.Multi.Generic (1)
14:46:38.0462 5352 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:46:38.0462 5352 PxHelp20 - ok
14:46:38.0494 5352 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:46:38.0556 5352 ql1080 - ok
14:46:38.0587 5352 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:46:38.0650 5352 Ql10wnt - ok
14:46:38.0666 5352 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:46:38.0744 5352 ql12160 - ok
14:46:38.0744 5352 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:46:38.0822 5352 ql1240 - ok
14:46:38.0837 5352 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:46:38.0916 5352 ql1280 - ok
14:46:38.0947 5352 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:46:39.0009 5352 RasAcd - ok
14:46:39.0041 5352 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
14:46:39.0119 5352 RasAuto - ok
14:46:39.0134 5352 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:46:39.0212 5352 Rasl2tp - ok
14:46:39.0259 5352 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
14:46:39.0337 5352 RasMan - ok
14:46:39.0353 5352 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:46:39.0416 5352 RasPppoe - ok
14:46:39.0431 5352 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:46:39.0509 5352 Raspti - ok
14:46:39.0541 5352 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:46:39.0619 5352 Rdbss - ok
14:46:39.0634 5352 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:46:39.0697 5352 RDPCDD - ok
14:46:39.0744 5352 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:46:39.0822 5352 rdpdr - ok
14:46:39.0869 5352 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
14:46:39.0884 5352 RDPWD - ok
14:46:39.0931 5352 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
14:46:40.0009 5352 RDSessMgr - ok
14:46:40.0041 5352 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:46:40.0119 5352 redbook - ok
14:46:40.0150 5352 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
14:46:40.0212 5352 RemoteAccess - ok
14:46:40.0244 5352 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
14:46:40.0322 5352 RemoteRegistry - ok
14:46:40.0353 5352 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
14:46:40.0431 5352 RpcLocator - ok
14:46:40.0478 5352 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
14:46:40.0494 5352 RpcSs - ok
14:46:40.0525 5352 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
14:46:40.0603 5352 RSVP - ok
14:46:40.0634 5352 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
14:46:40.0712 5352 SamSs - ok
14:46:40.0744 5352 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
14:46:40.0822 5352 SCardSvr - ok
14:46:40.0853 5352 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
14:46:40.0947 5352 Schedule - ok
14:46:40.0978 5352 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:46:41.0009 5352 Secdrv - ok
14:46:41.0025 5352 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
14:46:41.0103 5352 seclogon - ok
14:46:41.0134 5352 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
14:46:41.0197 5352 SENS - ok
14:46:41.0244 5352 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:46:41.0306 5352 serenum - ok
14:46:41.0337 5352 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
14:46:41.0416 5352 Serial - ok
14:46:41.0431 5352 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:46:41.0494 5352 Sfloppy - ok
14:46:41.0556 5352 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
14:46:41.0634 5352 SharedAccess - ok
14:46:41.0666 5352 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:46:41.0681 5352 ShellHWDetection - ok
14:46:41.0697 5352 Simbad - ok
14:46:41.0728 5352 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:46:41.0806 5352 sisagp - ok
14:46:41.0837 5352 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:46:41.0900 5352 SLIP - ok
14:46:41.0931 5352 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:46:41.0962 5352 Sparrow - ok
14:46:41.0978 5352 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:46:42.0056 5352 splitter - ok
14:46:42.0087 5352 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
14:46:42.0103 5352 Spooler - ok
14:46:42.0119 5352 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
14:46:42.0150 5352 sr - ok
14:46:42.0197 5352 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
14:46:42.0244 5352 srservice - ok
14:46:42.0291 5352 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:46:42.0322 5352 Srv - ok
14:46:42.0353 5352 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
14:46:42.0400 5352 SSDPSRV - ok
14:46:42.0431 5352 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
14:46:42.0431 5352 StarOpen ( UnsignedFile.Multi.Generic ) - warning
14:46:42.0431 5352 StarOpen - detected UnsignedFile.Multi.Generic (1)
14:46:42.0462 5352 stdriver (659c5615bc56737049ad5b03ae59467d) C:\WINDOWS\system32\DRIVERS\stdriverx86.sys
14:46:42.0478 5352 stdriver - ok
14:46:42.0556 5352 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
14:46:42.0587 5352 STHDA - ok
14:46:42.0634 5352 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
14:46:42.0712 5352 stisvc - ok
14:46:42.0775 5352 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:46:42.0837 5352 streamip - ok
14:46:42.0853 5352 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:46:42.0931 5352 swenum - ok
14:46:42.0947 5352 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:46:43.0025 5352 swmidi - ok
14:46:43.0025 5352 SwPrv - ok
14:46:43.0056 5352 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
14:46:43.0119 5352 symc810 - ok
14:46:43.0134 5352 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:46:43.0212 5352 symc8xx - ok
14:46:43.0228 5352 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:46:43.0291 5352 sym_hi - ok
14:46:43.0306 5352 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:46:43.0369 5352 sym_u3 - ok
14:46:43.0416 5352 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:46:43.0494 5352 sysaudio - ok
14:46:43.0525 5352 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
14:46:43.0603 5352 SysmonLog - ok
14:46:43.0634 5352 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
14:46:43.0712 5352 TapiSrv - ok
14:46:43.0759 5352 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:46:43.0791 5352 Tcpip - ok
14:46:43.0822 5352 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:46:43.0884 5352 TDPIPE - ok
14:46:43.0900 5352 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:46:43.0978 5352 TDTCP - ok
14:46:44.0009 5352 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:46:44.0072 5352 TermDD - ok
14:46:44.0119 5352 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
14:46:44.0197 5352 TermService - ok
14:46:44.0228 5352 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
14:46:44.0259 5352 Themes - ok
14:46:44.0291 5352 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
14:46:44.0337 5352 TlntSvr - ok
14:46:44.0353 5352 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
14:46:44.0431 5352 TosIde - ok
14:46:44.0462 5352 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
14:46:44.0541 5352 TrkWks - ok
14:46:44.0572 5352 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:46:44.0634 5352 Udfs - ok
14:46:44.0681 5352 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
14:46:44.0712 5352 ultra - ok
14:46:44.0759 5352 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:46:44.0837 5352 Update - ok
14:46:44.0884 5352 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
14:46:44.0931 5352 upnphost - ok
14:46:44.0947 5352 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
14:46:45.0025 5352 UPS - ok
14:46:45.0056 5352 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
14:46:45.0134 5352 usbaudio - ok
14:46:45.0150 5352 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:46:45.0228 5352 usbccgp - ok
14:46:45.0259 5352 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:46:45.0322 5352 usbehci - ok
14:46:45.0337 5352 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:46:45.0416 5352 usbhub - ok
14:46:45.0416 5352 USBMULCD - ok
14:46:45.0447 5352 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:46:45.0525 5352 usbohci - ok
14:46:45.0541 5352 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:46:45.0603 5352 usbprint - ok
14:46:45.0634 5352 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:46:45.0712 5352 usbscan - ok
14:46:45.0744 5352 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:46:45.0806 5352 USBSTOR - ok
14:46:45.0837 5352 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:46:45.0916 5352 usbuhci - ok
14:46:45.0931 5352 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
14:46:46.0009 5352 usbvideo - ok
14:46:46.0041 5352 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:46:46.0119 5352 VgaSave - ok
14:46:46.0134 5352 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:46:46.0197 5352 viaagp - ok
14:46:46.0228 5352 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
14:46:46.0306 5352 ViaIde - ok
14:46:46.0337 5352 VMUVC (e7ee8ea1772425a7345d7ec6ac6d9b60) C:\WINDOWS\system32\Drivers\VMUVC.sys
14:46:46.0353 5352 VMUVC - ok
14:46:46.0384 5352 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
14:46:46.0462 5352 VolSnap - ok
14:46:46.0509 5352 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
14:46:46.0556 5352 VSS - ok
14:46:46.0587 5352 vvftUVC (d3ee7cc6b0c29083a874db9d890bceb5) C:\WINDOWS\system32\drivers\vvftUVC.sys
14:46:46.0619 5352 vvftUVC - ok
14:46:46.0634 5352 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
14:46:46.0712 5352 w32time - ok
14:46:46.0744 5352 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:46:46.0806 5352 Wanarp - ok
14:46:46.0853 5352 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
14:46:46.0869 5352 wanatw - ok
14:46:46.0884 5352 WANMiniportService (eb9a99ab5d17b1727034ff191e6448d7) C:\WINDOWS\wanmpsvc.exe
14:46:46.0884 5352 WANMiniportService ( UnsignedFile.Multi.Generic ) - warning
14:46:46.0884 5352 WANMiniportService - detected UnsignedFile.Multi.Generic (1)
14:46:46.0931 5352 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:46:46.0962 5352 Wdf01000 - ok
14:46:46.0962 5352 WDICA - ok
14:46:46.0978 5352 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:46:47.0056 5352 wdmaud - ok
14:46:47.0103 5352 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
14:46:47.0181 5352 WebClient - ok
14:46:47.0228 5352 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
14:46:47.0306 5352 winmgmt - ok
14:46:47.0384 5352 WinRM (18f347402da544a780949b8fdf83351b) C:\WINDOWS\system32\WsmSvc.dll
14:46:47.0416 5352 WinRM - ok
14:46:47.0587 5352 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:46:47.0634 5352 wlidsvc - ok
14:46:47.0728 5352 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe
14:46:47.0728 5352 WLSetupSvc ( UnsignedFile.Multi.Generic ) - warning
14:46:47.0728 5352 WLSetupSvc - detected UnsignedFile.Multi.Generic (1)
14:46:47.0869 5352 WmdmPmSN (051b1bdecd6dee18c771b5d5ec7f044d) C:\WINDOWS\system32\MsPMSNSv.dll
14:46:47.0884 5352 WmdmPmSN - ok
14:46:47.0947 5352 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
14:46:47.0962 5352 Wmi - ok
14:46:48.0041 5352 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:46:48.0119 5352 WmiApSrv - ok
14:46:48.0197 5352 WMPNetworkSvc (6bab4dc65515a098505f8b3d01fb6fe5) C:\Program Files\Windows Media Player\WMPNetwk.exe
14:46:48.0228 5352 WMPNetworkSvc - ok
14:46:48.0369 5352 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:46:48.0400 5352 WPFFontCache_v0400 - ok
14:46:48.0494 5352 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:46:48.0572 5352 WS2IFSL - ok
14:46:48.0619 5352 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
14:46:48.0697 5352 wscsvc - ok
14:46:48.0728 5352 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:46:48.0791 5352 WSTCODEC - ok
14:46:48.0822 5352 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
14:46:48.0900 5352 wuauserv - ok
14:46:48.0947 5352 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:46:48.0962 5352 WudfPf - ok
14:46:48.0978 5352 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:46:48.0994 5352 WudfRd - ok
14:46:48.0994 5352 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
14:46:49.0025 5352 WudfSvc - ok
14:46:49.0072 5352 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
14:46:49.0150 5352 WZCSVC - ok
14:46:49.0181 5352 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
14:46:49.0275 5352 xmlprov - ok
14:46:49.0275 5352 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
14:46:49.0619 5352 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:46:49.0619 5352 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:46:49.0619 5352 Boot (0x1200) (ba3bb36f8a0a0930d807502f2f9086e2) \Device\Harddisk0\DR0\Partition0
14:46:49.0619 5352 \Device\Harddisk0\DR0\Partition0 - ok
14:46:49.0619 5352 ============================================================
14:46:49.0619 5352 Scan finished
14:46:49.0619 5352 ============================================================
14:46:49.0619 2396 Detected object count: 15
14:46:49.0619 2396 Actual detected object count: 15
14:47:14.0009 2396 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 EyelineService ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 EyelineService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 hamachi_oem ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 hamachi_oem ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 ousb2hub ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 ousb2hub ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 ousbehci ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 ousbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 ProtexisLicensing ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0009 2396 PuranDefrag ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0009 2396 PuranDefrag ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0025 2396 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0025 2396 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0025 2396 WANMiniportService ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0025 2396 WANMiniportService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0025 2396 WLSetupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:14.0025 2396 WLSetupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:14.0025 2396 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:47:14.0025 2396 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
  • 0

#19
paukid
Posted 12 August 2012 - 01:08 PM

paukid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
hi Gammo

Just an FYI. There we 15 infections identified when I ran the TDSSKILLER but there was no option to CURE so I just skipped as you said.

aswMBR still running but I will post shortly

Paul
  • 0

#20
paukid
Posted 12 August 2012 - 01:15 PM

paukid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Hi Gammo

Here is the aswMBR log

Paul

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-12 14:52:49
-----------------------------
14:52:49.197 OS Version: Windows 5.1.2600 Service Pack 3
14:52:49.197 Number of processors: 4 586 0xF07
14:52:49.197 ComputerName: PAUKID UserName: ME
14:52:50.369 Initialize success
14:52:50.541 AVAST engine defs: 12081200
14:53:11.306 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0
14:53:11.306 Disk 0 Vendor: ST350064 3.AD Size: 476940MB BusType: 8
14:53:11.306 Disk 0 MBR read successfully
14:53:11.306 Disk 0 MBR scan
14:53:11.322 Disk 0 unknown MBR code
14:53:11.322 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
14:53:11.322 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 472129 MB offset 96390
14:53:11.384 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 4753 MB offset 967032675
14:53:11.384 Disk 0 scanning sectors +976768065
14:53:11.431 Disk 0 scanning C:\WINDOWS\system32\drivers
14:53:19.134 Service scanning
14:53:32.384 Modules scanning
14:53:51.103 Disk 0 trace - called modules:
14:53:51.119 ntkrnlpa.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll nvgts.sys
14:53:51.119 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b255ab8]
14:53:51.119 3 CLASSPNP.SYS[b80c8fd7] -> nt!IofCallDriver -> \Device\Scsi\nvgts1Port2Path0Target0Lun0[0x8b265030]
14:53:51.962 AVAST engine scan C:\WINDOWS
14:54:03.541 AVAST engine scan C:\WINDOWS\system32
14:56:15.791 AVAST engine scan C:\WINDOWS\system32\drivers
14:56:40.556 AVAST engine scan C:\Documents and Settings\ME
15:07:24.369 AVAST engine scan C:\Documents and Settings\All Users
15:12:01.228 Scan finished successfully
15:14:06.103 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\ME\Desktop\MBR.dat"
15:14:06.103 The log file has been saved successfully to "C:\Documents and Settings\ME\Desktop\aswMBR.txt"
  • 0

#21
Gammo
Posted 13 August 2012 - 04:55 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
I'm not so sure malware is causing your PC problems.

Please run a new Quick Scan with OTL and post the resulting log file in your next reply.
Also run a new ComboFix and post the contents of that log file in your next reply as well. :thumbsup:
  • 0

#22
paukid
Posted 13 August 2012 - 05:56 AM

paukid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Hi Gammo
here is the OTL log

Combo fix to follow
Paul

OTL logfile created on: 8/13/2012 7:47:30 AM - Run 3
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\ME\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 73.27% Memory free
6.79 Gb Paging File | 6.19 Gb Available in Paging File | 91.20% Paging File free
Paging file location(s): C:\pagefile.sys 4300 7000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 461.06 Gb Total Space | 232.87 Gb Free Space | 50.51% Space Free | Partition Type: NTFS
Drive E: | 3.43 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: PAUKID | User Name: ME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/09 18:13:13 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ME\My Documents\Downloads\OTL.exe
PRC - [2012/08/06 05:57:44 | 000,031,808 | ---- | M] (Just Develop It) -- C:\Program Files\JustCloud\BackupStack.exe
PRC - [2012/07/12 16:52:04 | 001,289,732 | ---- | M] (NCH Software) -- C:\Program Files\NCH Software\Eyeline\eyeline.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/03 12:21:27 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/08/20 10:24:08 | 016,883,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\Install\IE8-WindowsXP-x86-ENU.exe
PRC - [2009/07/10 15:03:24 | 001,113,696 | ---- | M] (Microsoft Corporation) -- c:\8b6da3ff2f7a1958c31b47c3\update\iesetup.exe
PRC - [2009/07/10 15:03:24 | 001,113,696 | ---- | M] (Microsoft Corporation) -- c:\2bcd160d4bbb5014202bd0b5\update\iesetup.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/26 17:33:00 | 000,135,168 | ---- | M] (Vimicro Corporation) -- C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/07/27 08:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2003/08/27 12:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/13 02:15:04 | 001,793,024 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12081300\algo.dll
MOD - [2012/08/12 04:06:15 | 001,793,024 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12081200\algo.dll
MOD - [2012/08/11 13:43:37 | 001,792,512 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12081101\algo.dll
MOD - [2012/06/13 21:20:43 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/06/13 21:20:35 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/06/13 21:17:31 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/06/13 21:17:20 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/06/13 21:15:38 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/06/13 21:15:35 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/06/13 21:15:34 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/05/22 21:49:28 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll
MOD - [2012/05/22 21:47:13 | 000,679,936 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll
MOD - [2012/05/22 21:47:10 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/22 21:25:28 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/22 21:24:09 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/22 21:24:02 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/05/15 06:18:00 | 001,570,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2012/05/15 06:18:00 | 000,357,184 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2011/11/03 11:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/04/18 09:58:58 | 000,904,704 | ---- | M] () -- C:\Program Files\JustCloud\x86\System.Data.SQLite.dll
MOD - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2006/10/20 01:34:18 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\dlcqdrpp.dll
MOD - [2006/06/15 06:28:24 | 000,012,288 | ---- | M] () -- C:\Program Files\Dell PC Fax\dlctrstr.dll
MOD - [2006/06/15 06:04:32 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\DLPRMON.DLL
MOD - [2006/06/15 06:01:58 | 000,032,768 | ---- | M] () -- C:\Program Files\Dell PC Fax\ipcmt.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/08/06 05:57:44 | 000,031,808 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\JustCloud\BackupStack.exe -- (BackupStack)
SRV - [2012/08/03 08:51:47 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/12 16:52:04 | 001,289,732 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files\NCH Software\Eyeline\eyeline.exe -- (EyelineService)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/03 12:21:27 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/05/15 06:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011/12/12 13:17:04 | 001,030,112 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe -- (DMRepairService)
SRV - [2011/12/12 13:16:54 | 001,038,304 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe -- (DMDefragService)
SRV - [2011/12/12 13:16:40 | 000,793,056 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2008/05/02 03:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2006/11/03 15:44:28 | 000,537,480 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\system32\dlcqcoms.exe -- (dlcq_device)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2003/08/27 12:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\CM106.sys -- (USBMULCD)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ME\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\ME\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012/07/12 16:53:37 | 000,037,656 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stdriverx86.sys -- (stdriver)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 12:21:53 | 000,202,928 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012/07/03 12:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 12:21:53 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/07/03 12:21:52 | 000,113,776 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012/07/03 12:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/12/12 13:17:34 | 000,128,120 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCTDSMon.sys -- (PCTDSMon)
DRV - [2011/12/12 13:17:28 | 000,108,864 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCTDMDefrag.sys -- (PCTDMDefrag)
DRV - [2011/05/27 11:12:33 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV - [2011/05/10 07:40:58 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/03/11 14:13:10 | 000,252,032 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC)
DRV - [2008/11/12 16:59:08 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/11/12 16:59:06 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/07/15 18:12:38 | 001,173,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2008/07/15 18:11:14 | 000,092,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2008/07/15 18:10:28 | 000,157,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2008/07/15 18:09:44 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2008/07/15 18:08:36 | 000,127,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2008/07/15 18:08:08 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2008/07/15 18:07:18 | 000,527,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2008/07/15 18:06:46 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2008/07/15 17:23:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2008/07/15 17:23:22 | 000,170,520 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2008/07/15 17:22:46 | 001,323,544 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2008/07/01 11:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 14:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2008/02/29 04:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/02/29 04:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 04:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2006/10/19 11:20:06 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gan_adapter.sys -- (hamachi_oem)
DRV - [2006/08/03 06:40:40 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2006/07/27 08:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/09 08:25:00 | 000,143,872 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/02/04 23:09:06 | 000,380,800 | ---- | M] (Lumanate, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Angel2.sys -- (Angel2)
DRV - [2005/09/29 08:34:58 | 000,056,960 | ---- | M] (OrangeWare Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ousb2hub.sys -- (ousb2hub)
DRV - [2005/09/29 08:34:50 | 000,045,824 | ---- | M] (OrangeWare Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ousbehci.sys -- (ousbehci)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [1999/09/10 07:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070104
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6070104
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AA 7A DE 67 BB 6E CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{52B7FCF5-B7BE-4ADC-938D-30E29AA867E6}: "URL" = http://search.yahoo....0831,6901,0,8,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.search.selectedEngine: "AIM Search"
FF - prefs.js..keyword.URL: "http://slirsredirect...ir=2706&query="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/06/01 10:11:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/24 08:09:33 | 000,000,000 | ---D | M]

[2012/08/11 10:58:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ME\Application Data\Mozilla\Firefox\Profiles\85m9xln3.default\extensions
[2012/08/04 20:53:16 | 000,000,000 | ---D | M] (ShopToWin17) -- C:\Documents and Settings\ME\Application Data\Mozilla\Firefox\Profiles\85m9xln3.default\extensions\{6cfa2c5b-274f-4d68-a6e4-bfb31acd5ee4}
[2008/04/22 20:17:49 | 000,000,000 | ---D | M] (AIM Toolbar) -- C:\Documents and Settings\ME\Application Data\Mozilla\Firefox\Profiles\85m9xln3.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2007/06/01 10:11:46 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MOZILLA\FIREFOX EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylo...0000019b91b4c90
CHR - Extension: Entanglement = C:\Documents and Settings\ME\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\ME\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Poppit = C:\Documents and Settings\ME\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\ME\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2012/08/10 18:17:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1171741720\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Reg Error: Key error.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (Reg Error: Key error.)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/...UI.cab55579.cab (Reg Error: Key error.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.m...ash/swflash.cab (MetaStreamCtl Class)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/...dy.cab55579.cab (MSN Games – Buddy Invite)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/...at.cab55579.cab (MSN Games – Game Chat)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1203786165421 (MUWebControl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} http://zone.msn.com/...of.cab55579.cab (ZPA_WheelOfFortune Object)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/...tz.cab99160.cab (MSN Games – Hearts)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/...he.cab79352.cab (MSN Games – Texas Holdem Poker)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/...xy.cab55579.cab (MSN Games – Game Communicator)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} http://zone.msn.com/...rp.cab56961.cab (ChessControl Class)
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} http://zone.msn.com/...PA.cab55579.cab (CheckersZPA Object)
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} http://zone.msn.com/...on.cab64162.cab (MSN Games – Backgammon)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89AF5929-1A46-4276-B83E-F8527C5CA95C}: DhcpNameServer = 167.206.254.1 167.206.254.2
O18 - Protocol\Handler\mhtml - No CLSID value found
O18 - Protocol\Handler\wlmailhtml - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logitech\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\ME\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ME\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 06:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:\??\C: *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/13 03:00:18 | 000,000,000 | ---D | C] -- C:\8b6da3ff2f7a1958c31b47c3
[2012/08/12 10:58:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/08/12 07:31:29 | 000,000,000 | ---D | C] -- C:\2bcd160d4bbb5014202bd0b5
[2012/08/11 23:24:02 | 000,000,000 | ---D | C] -- C:\b08ca74b157e46d627
[2012/08/11 11:03:06 | 000,000,000 | ---D | C] -- C:\a2847cc943714156f6ac29
[2012/08/10 18:45:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ME\Desktop\geeks
[2012/08/10 18:07:35 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/08/10 18:05:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/08/10 18:05:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/08/10 18:05:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/08/10 18:05:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/08/10 18:01:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/10 12:30:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/10 03:00:16 | 000,000,000 | ---D | C] -- C:\f8569b408a79588482
[2012/08/09 03:00:13 | 000,000,000 | ---D | C] -- C:\747afd3070833fb001ebf5d04f
[2012/08/08 18:19:46 | 000,000,000 | ---D | C] -- C:\7d3cb50f9af876c8e9d870d39ca2
[2012/08/07 22:01:30 | 000,000,000 | ---D | C] -- C:\1c34bbd4805baba3a112f91957
[2012/08/07 03:00:14 | 000,000,000 | ---D | C] -- C:\ae947c7caf017d408e28d726c47234
[2012/08/06 18:18:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ME\SyncFolder
[2012/08/06 18:15:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ME\Start Menu\Programs\JustCloud
[2012/08/06 18:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\JustCloud
[2012/08/06 07:33:22 | 000,000,000 | ---D | C] -- C:\7acdaa2495b90f76693344
[2012/08/05 12:31:19 | 000,000,000 | ---D | C] -- C:\2b259c5d11c8500b0318563e
[2012/08/05 11:48:01 | 000,000,000 | ---D | C] -- C:\e481a584ec95bb35b9a599c13a
[2012/08/05 08:25:06 | 000,000,000 | ---D | C] -- C:\06a69f3f19f7f9150bfd3f3648be5e
[2012/08/05 08:07:38 | 000,000,000 | ---D | C] -- C:\e561c0d8b11805ce14d6153eccd2
[2012/08/05 06:00:15 | 000,000,000 | ---D | C] -- C:\62395aec449060b9e2086d
[2012/08/04 22:40:00 | 000,000,000 | ---D | C] -- C:\14fe568a6b3dcf1d5816c7d4ee
[2012/08/04 21:56:37 | 000,000,000 | ---D | C] -- C:\a80f5c3737434fc907
[2012/08/04 21:41:07 | 000,000,000 | ---D | C] -- C:\8e7e3f5f9291050dd87355c042aacb
[2012/08/04 18:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ME\Application Data\MSNInstaller
[2012/07/14 18:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ME\Desktop\PCGS
[2007/01/14 18:43:50 | 000,089,680 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\ME\MSSSerif120.fon

========== Files - Modified Within 30 Days ==========

[2012/08/13 07:54:00 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/13 07:51:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/13 07:48:00 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/08/13 06:07:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/13 06:07:19 | 000,000,874 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/12 15:14:06 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\ME\Desktop\MBR.dat
[2012/08/12 12:57:54 | 000,001,265 | ---- | M] () -- C:\Documents and Settings\ME\My Documents\Shop-8-12-12.rtf
[2012/08/12 11:24:19 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\ME\Desktop\WordPad.lnk
[2012/08/12 07:27:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/12 07:27:46 | 2950,008,832 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/12 00:14:12 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2012/08/12 00:14:12 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2012/08/12 00:14:12 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000004-00001102-00000005-10031102}.rfx
[2012/08/11 19:29:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/08/10 18:17:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/08/10 18:07:41 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2012/08/10 18:04:01 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\ME\Desktop\Shortcut to ComboFix.exe.lnk
[2012/08/05 06:17:41 | 000,008,354 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012/08/05 06:00:13 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/08/03 20:52:59 | 000,248,832 | ---- | M] () -- C:\Documents and Settings\ME\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/01 22:34:29 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\debutShakeIcon.job
[2012/07/31 12:33:00 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\prismShakeIcon.job
[2012/07/25 17:21:52 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\ME\Desktop\Microsoft Word 2010.lnk
[2012/07/20 19:43:09 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\ME\Desktop\RAGE.url
[2012/07/19 16:52:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\eyelineSevenDays.job
[2012/07/15 19:52:02 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\SoundTapReminder.job

========== Files Created - No Company Name ==========

[2012/08/12 15:14:06 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\ME\Desktop\MBR.dat
[2012/08/12 11:30:18 | 000,001,265 | ---- | C] () -- C:\Documents and Settings\ME\My Documents\Shop-8-12-12.rtf
[2012/08/12 11:24:19 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\ME\Desktop\WordPad.lnk
[2012/08/10 18:05:17 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/08/10 18:05:17 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/08/10 18:05:17 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/08/10 18:05:17 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/08/10 18:05:17 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/08/10 18:04:01 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\ME\Desktop\Shortcut to ComboFix.exe.lnk
[2012/08/04 22:38:18 | 2950,008,832 | -HS- | C] () -- C:\hiberfil.sys
[2012/08/01 22:34:28 | 000,000,262 | ---- | C] () -- C:\WINDOWS\tasks\debutShakeIcon.job
[2012/07/28 12:33:22 | 000,000,262 | ---- | C] () -- C:\WINDOWS\tasks\prismShakeIcon.job
[2012/07/20 19:43:09 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\ME\Desktop\RAGE.url
[2012/07/12 16:53:37 | 000,037,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\stdriverx86.sys
[2012/07/07 19:37:55 | 000,140,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2012/07/07 19:37:54 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\ME\Application Data\PnkBstrK.sys
[2012/07/07 19:37:23 | 000,298,016 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012/07/07 19:37:16 | 003,130,440 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_blr.exe
[2012/07/07 19:37:16 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012/05/03 19:49:04 | 000,082,227 | ---- | C] () -- C:\Documents and Settings\ME\Application Data\mv.db
[2012/05/03 19:49:04 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\ME\Application Data\settings.ini
[2012/03/02 21:24:33 | 009,342,976 | ---- | C] () -- C:\Documents and Settings\ME\s-1-5-21-1359408678-2099340390-3988896321-1006.rrr
[2012/03/02 19:27:22 | 000,037,344 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2012/02/15 03:30:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/27 09:00:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2012/01/26 20:27:27 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2012/01/26 20:27:27 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2012/01/26 20:27:27 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2012/01/26 20:27:27 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2012/01/26 20:27:27 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2012/01/26 20:27:27 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2012/01/26 20:27:27 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2012/01/26 20:27:27 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2012/01/26 20:27:27 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2012/01/26 20:27:27 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2012/01/26 20:27:27 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2012/01/26 20:27:27 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2012/01/26 20:27:27 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2012/01/26 20:27:27 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2012/01/26 20:27:27 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2012/01/26 20:27:27 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2012/01/26 20:26:00 | 000,000,079 | ---- | C] () -- C:\WINDOWS\ENX625.ini
[2011/09/12 19:28:34 | 000,000,173 | ---- | C] () -- C:\WINDOWS\CmdFile.INI
[2011/05/27 09:59:45 | 000,017,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/05/21 06:01:00 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2010/10/18 20:56:00 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/10/14 02:36:44 | 000,179,263 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/09/26 11:45:01 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\ME\Application Data\setup_ldm.iss
[2007/11/23 17:24:53 | 000,001,362 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/13 02:18:17 | 000,248,832 | ---- | C] () -- C:\Documents and Settings\ME\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/13 01:30:57 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\ME\Local Settings\Application Data\fusioncache.dat

========== LOP Check ==========

[2008/12/01 06:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2010/05/30 11:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/05/27 12:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2007/01/14 17:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/08/20 09:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2011/07/02 13:29:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2007/05/07 00:45:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2007/05/07 00:05:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2010/11/28 13:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Mender
[2012/03/11 20:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2012/03/18 11:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Logs
[2012/03/11 20:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2012/01/26 20:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2011/05/27 11:10:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2012/03/11 19:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2008/10/25 14:59:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/01/09 20:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2010/05/03 18:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/11/07 20:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/09/12 23:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\acccore
[2008/04/26 09:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Aim
[2010/10/24 00:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Auslogics
[2012/02/03 21:06:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Canon
[2010/04/17 12:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\CNC_Generals_World
[2010/04/18 19:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Command & Conquer 3 Kane's Wrath
[2010/04/16 16:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Command & Conquer 3 Tiberium Wars
[2010/09/04 16:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Command and Conquer 4
[2012/03/24 08:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\DDMSettings
[2012/01/27 05:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Epson
[2009/03/28 16:45:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\gnupg
[2007/01/14 18:43:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Leadertech
[2012/05/23 20:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Media Player Lite
[2012/08/04 18:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\MSNInstaller
[2012/03/11 19:25:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Origin
[2012/03/02 19:25:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Product_PT
[2011/11/12 12:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Product_RM
[2011/11/12 22:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Registry Mechanic
[2008/05/24 11:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\SmartDraw
[2010/10/30 20:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Uniblue
[2008/08/09 06:32:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ME\Application Data\Windows Search
[2012/08/13 07:48:00 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012/08/01 22:34:29 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\debutShakeIcon.job
[2012/07/19 16:52:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\eyelineSevenDays.job
[2012/07/31 12:33:00 | 000,000,262 | ---- | M] () -- C:\WINDOWS\Tasks\prismShakeIcon.job
[2012/07/15 19:52:02 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\SoundTapReminder.job

========== Purity Check ==========



< End of report >
  • 0

#23
paukid
Posted 13 August 2012 - 06:10 AM

paukid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Hi

Here is the Combo Fix log

Look forward to your review and next steps

thanks so much
Paul

ComboFix 12-08-10.02 - ME 08/13/2012 7:59.9.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2813.2051 [GMT -4:00]
Running from: c:\documents and settings\ME\My Documents\Downloads\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2012-07-13 to 2012-08-13 )))))))))))))))))))))))))))))))
.
.
2012-08-13 07:00 . 2012-08-13 07:00 -------- d-----w- C:\8b6da3ff2f7a1958c31b47c3
2012-08-12 11:31 . 2012-08-13 03:31 -------- d-----w- C:\2bcd160d4bbb5014202bd0b5
2012-08-12 03:24 . 2012-08-12 03:24 -------- d-----w- C:\b08ca74b157e46d627
2012-08-11 15:03 . 2012-08-11 15:03 -------- d-----w- C:\a2847cc943714156f6ac29
2012-08-10 16:30 . 2012-08-10 16:30 -------- d-----w- C:\_OTL
2012-08-10 07:00 . 2012-08-10 07:00 -------- d-----w- C:\f8569b408a79588482
2012-08-09 07:00 . 2012-08-09 23:00 -------- d-----w- C:\747afd3070833fb001ebf5d04f
2012-08-08 22:19 . 2012-08-08 22:19 -------- d-----w- C:\7d3cb50f9af876c8e9d870d39ca2
2012-08-08 02:01 . 2012-08-08 02:01 -------- d-----w- C:\1c34bbd4805baba3a112f91957
2012-08-07 07:00 . 2012-08-07 07:00 -------- d-----w- C:\ae947c7caf017d408e28d726c47234
2012-08-06 22:18 . 2012-08-06 22:18 -------- d-----w- c:\documents and settings\ME\SyncFolder
2012-08-06 22:15 . 2012-08-06 22:27 -------- d-----w- c:\program files\JustCloud
2012-08-06 11:33 . 2012-08-06 11:33 -------- d-----w- C:\7acdaa2495b90f76693344
2012-08-05 16:31 . 2012-08-05 16:31 -------- d-----w- C:\2b259c5d11c8500b0318563e
2012-08-05 15:48 . 2012-08-05 15:48 -------- d-----w- C:\e481a584ec95bb35b9a599c13a
2012-08-05 12:25 . 2012-08-05 12:25 -------- d-----w- C:\06a69f3f19f7f9150bfd3f3648be5e
2012-08-05 12:07 . 2012-08-05 12:07 -------- d-----w- C:\e561c0d8b11805ce14d6153eccd2
2012-08-05 10:00 . 2012-08-05 10:00 -------- d-----w- C:\62395aec449060b9e2086d
2012-08-05 02:40 . 2012-08-05 02:40 -------- d-----w- C:\14fe568a6b3dcf1d5816c7d4ee
2012-08-05 01:56 . 2012-08-05 01:56 -------- d-----w- C:\a80f5c3737434fc907
2012-08-05 01:41 . 2012-08-05 01:41 -------- d-----w- C:\8e7e3f5f9291050dd87355c042aacb
2012-08-04 22:07 . 2012-08-04 22:07 -------- d-----w- c:\documents and settings\ME\Application Data\MSNInstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 12:51 . 2012-03-31 12:53 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-03 12:51 . 2011-05-15 13:55 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-12 20:53 . 2012-07-12 20:53 37656 ----a-w- c:\windows\system32\drivers\stdriverx86.sys
2012-07-07 23:48 . 2012-07-07 23:37 140480 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-07 23:48 . 2012-07-07 23:37 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-07-07 23:47 . 2012-07-07 23:47 298016 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-07 23:47 . 2012-07-07 23:37 298016 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-07 23:37 . 2012-07-07 23:37 138056 ----a-w- c:\documents and settings\ME\Application Data\PnkBstrK.sys
2012-07-07 23:37 . 2012-07-07 23:37 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-07 23:36 . 2012-07-07 23:37 3130440 ----a-w- c:\windows\system32\pbsvc_blr.exe
2012-07-03 17:46 . 2011-09-13 02:21 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 16:21 . 2011-05-27 16:28 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-02-25 20:26 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-07-03 16:21 . 2011-05-27 16:28 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2011-05-27 16:28 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2011-05-27 16:28 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-07-03 16:21 . 2011-05-27 16:28 202928 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-07-03 16:21 . 2011-05-27 16:28 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-07-03 16:21 . 2011-05-27 16:28 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-07-03 16:21 . 2011-05-27 16:28 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2011-05-27 16:28 113776 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-07-03 16:21 . 2011-05-27 16:28 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-07-03 16:21 . 2010-07-02 21:25 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2011-05-27 16:28 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-13 13:19 . 2005-08-16 10:18 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-06 14:38 . 2012-06-06 14:38 52312 ----a-w- c:\windows\system32\drivers\stdriver32.sys
2012-06-05 15:50 . 2008-07-27 13:34 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2005-08-16 10:18 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2005-08-16 10:18 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2007-06-20 00:37 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2007-06-20 00:37 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2005-08-16 10:40 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2005-08-16 10:40 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2005-08-16 10:40 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2007-06-20 00:37 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2005-08-16 10:40 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2005-08-16 10:40 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 19:19 . 2005-08-16 10:18 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2005-05-26 10:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2007-06-20 00:37 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2005-08-16 10:40 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2005-08-16 10:40 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2008-02-24 12:07 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2008-02-24 12:07 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 19:18 . 2007-07-31 00:18 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2005-08-16 10:18 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-15 15:39 . 2005-08-16 10:18 832512 ----a-w- c:\windows\system32\wininet.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-10_22.17.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-12 11:28 . 2012-08-12 11:28 16384 c:\windows\temp\Perflib_Perfdata_5e4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-05 49152]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 282624]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"HostManager"="c:\program files\Common Files\AOL\1171741720\ee\AOLSoftware.exe" [2010-03-08 41800]
"VMonitorVMUVC"="c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe" [2008-03-26 135168]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="NvMCTray.dll" [2012-05-15 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-05-15 1634112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SetDefaultMIDI"="MIDIDEF.EXE" [2005-11-08 25600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 07:42 72208 ----a-w- c:\program files\Common Files\Logitech\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /k:\??\C: *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^ME^Start Menu^Programs^Startup^Epson all-in-one Registration.lnk]
backup=c:\windows\pss\Epson all-in-one Registration.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
2008-06-03 05:35 50528 ----a-w- c:\program files\AOL 9.1\aol.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
2010-07-13 20:40 70720 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 23:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-09-04 01:43 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHELPER]
2006-12-12 15:46 19456 ----a-w- c:\windows\system32\CtHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
2008-07-11 19:50 19968 ----a-w- c:\windows\system32\Ctxfihlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLCQCATS]
2006-10-16 05:31 106496 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\dlcqtime.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlcqmon.exe]
2006-06-20 17:37 286720 ----a-w- c:\program files\Dell Photo AIO Printer 966\dlcqmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2005-10-05 09:12 94208 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2009-12-03 15:12 976320 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-09-29 20:01 67584 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2006-06-15 10:03 307200 ----a-w- c:\program files\Dell PC Fax\fm3032.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2010-03-08 07:27 41800 ----a-w- c:\program files\Common Files\AOL\1171741720\ee\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 15:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2008-02-29 08:12 76304 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LGDCore]
2009-08-13 22:59 3161608 ----a-w- c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LgDeviceAgent]
2009-08-13 23:02 357384 ----a-w- c:\program files\Logitech\GamePanel Software\LGDevAgt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MemoryCardManager]
2006-06-27 11:34 299008 ----a-w- c:\program files\Dell Photo AIO Printer 966\memcard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-17 03:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-08-05 10:51 1353080 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 17:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBDetector]
2003-04-01 15:33 53248 ----a-w- c:\usbstorage\USBDetector.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
2005-10-14 17:01 122880 ------w- c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wwEngineSvc"=2 (0x2)
"WLSetupSvc"=3 (0x3)
"wlidsvc"=2 (0x2)
"PCToolsSSDMonitorSvc"=2 (0x2)
"gusvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"dlcq_device"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\WINDOWS\\system32\\dlcqcoms.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\1171741720\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Steam\\SteamApps\\paukid\\team fortress 2\\hl2.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\AOL 9.1\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\AOL Desktop 9.6\\waol.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\command and conquer 3 tiberium wars\\CNC3.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\command and conquer 3 tiberium wars\\Support\\EA Help\\Electronic_Arts_Technical_Support.htm"=
"c:\\Program Files\\Steam\\steamapps\\common\\fallout 3 goty\\FalloutLauncher.exe"=
"c:\\Program Files\\Origin Games\\Mass Effect 3\\Binaries\\Win32\\MassEffect3.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\blacklightretribution\\Blacklight Retribution.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\RAGE\\Rage.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [5/27/2011 12:28 PM 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [5/27/2011 12:28 PM 202928]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [5/27/2011 12:28 PM 113776]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2/25/2012 4:26 PM 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5/27/2011 12:28 PM 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5/27/2011 12:28 PM 353688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/27/2011 12:28 PM 21256]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [5/27/2011 12:28 PM 133912]
R2 BackupStack;Computer Backup (JustCloud);c:\program files\JustCloud\BackupStack.exe [8/6/2012 5:57 AM 31808]
R2 EyelineService;Eyeline Video System;c:\program files\NCH Software\Eyeline\eyeline.exe [7/12/2012 4:52 PM 1289732]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5/6/2012 3:46 PM 655944]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [9/26/2009 11:43 AM 45824]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9/12/2011 10:21 PM 22344]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [9/26/2009 11:43 AM 56960]
R3 stdriver;SoundTap Upper Filter Driver v6.04.00;c:\windows\system32\drivers\stdriverx86.sys [7/12/2012 4:53 PM 37656]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [5/3/2012 7:18 PM 252032]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [5/3/2012 7:18 PM 398720]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2/21/2012 10:37 PM 1262400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [3/31/2012 8:53 AM 250056]
S3 DMDefragService;PC Tools Performance Toolkit Defrag Service;c:\program files\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [3/2/2012 7:27 PM 1038304]
S3 DMRepairService;PC Tools Performance Toolkit Repair Service;c:\program files\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [3/2/2012 7:27 PM 1030112]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [10/19/2006 11:20 AM 10664]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro35.sys [5/27/2011 9:59 AM 17480]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000]
S3 PCTDMDefrag;PCTDMDefrag;c:\windows\system32\drivers\PCTDMDefrag.sys [3/2/2012 7:27 PM 108864]
S3 PCTDSMon;PCTDSMon;c:\windows\system32\drivers\PCTDSMon.sys [3/2/2012 7:27 PM 128120]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys --> c:\windows\system32\drivers\CM106.sys [?]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/6/2011 7:43 PM 135664]
S4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/6/2011 7:43 PM 135664]
S4 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [3/2/2012 7:27 PM 793056]
S4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [5/30/2010 9:43 AM 229376]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 94303827
*NewlyCreated* - ASWMBR
*Deregistered* - 94303827
*Deregistered* - aswMBR
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 12:51]
.
2012-08-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]
.
2012-08-13 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-03 16:21]
.
2012-08-02 c:\windows\Tasks\debutShakeIcon.job
- c:\program files\NCH Software\Debut\debut.exe [2012-06-06 14:38]
.
2012-07-19 c:\windows\Tasks\eyelineSevenDays.job
- c:\program files\NCH Software\Eyeline\eyeline.exe [2012-07-12 20:52]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-06 23:43]
.
2012-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-06 23:43]
.
2012-07-31 c:\windows\Tasks\prismShakeIcon.job
- c:\program files\NCH Software\Prism\prism.exe [2012-06-06 14:39]
.
2012-07-15 c:\windows\Tasks\SoundTapReminder.job
- c:\program files\NCH Software\SoundTap\soundtap.exe [2012-07-12 20:53]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 167.206.254.1 167.206.254.2
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-ViewpointMediaPlayer - c:\program files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-13 08:06
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1359408678-2099340390-3988896321-1006\Software\SecuROM\License information*]
"datasecu"=hex:84,d1,5d,e5,09,68,36,33,f6,b0,d7,56,7d,ca,85,cb,e1,b7,21,28,e6,
cb,7d,ba,f8,c0,b5,de,f4,96,d8,e3,99,8a,27,f7,c9,2b,ef,b7,85,79,2d,f5,7f,0f,\
"rkeysecu"=hex:7d,40,10,cb,c7,39,e0,67,0a,69,a8,47,07,da,5b,5c
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1260)
c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
c:\program files\common files\logitech\bluetooth\LBTServ.dll
.
- - - - - - - > 'explorer.exe'(2000)
c:\windows\system32\WININET.dll
c:\program files\NVIDIA Corporation\nView\nview.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-08-13 08:08:21
ComboFix-quarantined-files.txt 2012-08-13 12:08
ComboFix2.txt 2012-08-10 22:19
.
Pre-Run: 250,010,488,832 bytes free
Post-Run: 250,057,060,352 bytes free
.
- - End Of File - - 8EC517569F1D98B828B2888F763EF70C
  • 0

#24
Gammo
Posted 13 August 2012 - 08:02 AM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
To use Virustotal go Here
Posted Image
  • Click the Choose File button in the middle of the screen. This will open a File Upload window.
  • In the File name box, type, or copy and paste the following and click Open: NOTE.. Only one file per scan
  • C:\WINDOWS\system32\drivers\stdriverx86.sys
  • This will put the file in the box on the Virustotal page.
  • Click the Scan it! button and wait for the reply.
  • Copy and paste the Virustotal link(s) (URL) in your next reply





Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
[2012/08/04 20:53:16 | 000,000,000 | ---D | M] (ShopToWin17) -- C:\Documents and Settings\ME\Application Data\Mozilla\Firefox\Profiles\85m9xln3.default\extensions\{6cfa2c5b-274f-4d68-a6e4-bfb31acd5ee4}
[2007/01/14 18:43:50 | 000,089,680 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\ME\MSSSerif120.fon
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done



What malware symptoms is your PC still experiencing?
  • 0

#25
paukid
Posted 13 August 2012 - 11:36 AM

paukid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Hi Gammo
Here is the VirusTotal URL

https://www.virustot...stdriverx86.sys
  • 0

Advertisements

#26
paukid
Posted 13 August 2012 - 11:42 AM

paukid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Here is OTL Log

It said the fix was completed but I still cannot open Explorer or any Microsoft application either with a double left click or with a right click and "OPEN"

I beginning to think that something was removed from my system. Like drivers or something. Is there a way or trying to reload this stuff or have we been trying to do that :) I am not sure

Paul

========== OTL ==========
C:\Documents and Settings\ME\Application Data\Mozilla\Firefox\Profiles\85m9xln3.default\extensions\{6cfa2c5b-274f-4d68-a6e4-bfb31acd5ee4}\chrome\skin folder moved successfully.
C:\Documents and Settings\ME\Application Data\Mozilla\Firefox\Profiles\85m9xln3.default\extensions\{6cfa2c5b-274f-4d68-a6e4-bfb31acd5ee4}\chrome\content\locale folder moved successfully.
C:\Documents and Settings\ME\Application Data\Mozilla\Firefox\Profiles\85m9xln3.default\extensions\{6cfa2c5b-274f-4d68-a6e4-bfb31acd5ee4}\chrome\content folder moved successfully.
C:\Documents and Settings\ME\Application Data\Mozilla\Firefox\Profiles\85m9xln3.default\extensions\{6cfa2c5b-274f-4d68-a6e4-bfb31acd5ee4}\chrome folder moved successfully.
C:\Documents and Settings\ME\Application Data\Mozilla\Firefox\Profiles\85m9xln3.default\extensions\{6cfa2c5b-274f-4d68-a6e4-bfb31acd5ee4} folder moved successfully.
C:\Documents and Settings\ME\MSSSerif120.fon moved successfully.

OTL by OldTimer - Version 3.2.56.0 log created on 08132012_133706
  • 0

#27
Gammo
Posted 13 August 2012 - 12:38 PM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Well I don't see any malicious signs in your logs anymore and the problems you're describing doesn't sound like typical malware problems to me, so I don't think malware is the cause.

I suggest you start a new topic here after following the instructions below.




Your logs appear to be clean now. There is only a bit of cleanup that we will deal with in this post, as well as prevention from future infections.

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
    Posted Image
  • Please follow the prompts to uninstall Combofix.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep a backup of your important files
Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make proper use of your anti-virus and firewall
You should keep your anti-virus and firewall guard enabled at all times, don't shut them off unless there's a specific reason to do so.

Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure nothing has slipped through your protection. Once every two weeks works well for many people. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Keep in mind that anti-virus programs are far from perfect. They don't protect you against every piece of malware that's out there, so don't trust them blindly. If an anti-virus reports a file as 'clean' then it's doesn't necessarily has to mean it is.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep all your software updated
It is important to keep up on system updates from Microsoft by regularly checking their website at: http://windowsupdate.microsoft.com/, as these patch critical security vulnerabilities and help to keep you safe.

It's also important to keep programs up to date so that malware doesn't exploit any old security flaws. FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Java and Adobe Reader are two of the main security vulnerabilities. You can find the latest version of Java here, you will want the Java SE Runtime Environment (JRE) one. You can find the latest version of Adobe Reader here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a couple good free alternatives: Google Chrome and Opera. Both are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these.

The WOT add-on will nicely help to enhance your security, no matter which web browser you use. This add-on tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Some other security programs

It is wise these days to have a few security programs installed and running on your machine except from just an anti-virus and a firewall. I will list some of them.
  • A good anti-spyware program installed on your pc is very important to help remove any spyware that may have gotten on your computer. I highly recommend Malwarebytes' Anti-Malware.
  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites in the future.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be careful
Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to exercise common sense. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully to make sure that you know what you're getting.

Using peer-to-peer programs (eg: LimeWire, BitTorrent, uTorrent, Kazaa) or downloading cracks and keygens is something else to avoid. These are the most common way to get infected. Malware writers use these programs to spread infections as it is the easiest way for them. The majority of infections we see in the Malware Removal forum are due to people using p2p programs to download cracks/keygens/warez. These are not only illegal, but will always contain some form of malware. You have no way of verifying that the things you download are legitimate or that they don't contain malware. Even with an up to date anti-virus and firewall, some of these things will still infect you. It is highly recommend that you uninstall all peer-to-peer programs. It just isn't worth it.

Other common ways of getting infected are dis-reputable sites forcing you to download and install a codec. Or viruses using Instant Messaging programs (Windows Live Messenger, MSN Messenger, AIM) to send a file claiming it to be "photos" from a friend, only for it to turn out to be a virus.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Slow computer?
If your computer begins to slow down in the future for no particular reason, your first step should not be to come to the malware forum. As your computer ages and is used, it's parts wear, files and programs accumulate, and its performance can decrease. To restore your computer's performance to its best possible level, follow the steps in this page written by malware expert Miekiemoes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'll leave this thread open for a couple days in case you come across any lingering problems that need fixing, then I'll close it up. If you need it reopened for any reason just shoot me a PM. It's been a pleasure working with you, now best of luck!

Cheers,
Gammo :cool:
  • 0

#28
paukid
Posted 13 August 2012 - 04:13 PM

paukid

    Member

  • Topic Starter
  • Member
  • PipPip
  • 63 posts
Gammo
thanks so much! You have been great to work with!

I will take your advice and open a new thread to see if this non-malware related issue can be fixed.

I also will take your advice on security measure and in particular start using Google Chrome and download WOT

thanks again for your help!

Paul
  • 0

#29
Gammo
Posted 13 August 2012 - 06:11 PM

Gammo

    Member 2k

  • Malware Removal
  • 2,299 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP