Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

i can not enable antivirus protection [Closed]

Started by ruxandra , Oct 08 2012 01:34 PM

This topic is locked

#16
ruxandra

Posted 13 October 2012 - 10:16 AM

Member

Topic Starter
Member
20 posts

so..the documents are not opening anymore at starts and te computer is a little more faster but sometimes the internet connection is still not woking until i restart the computer. When I run Diagnose and repair from internet connections it says that cannot connect to www.microsoft.com (in mozilla) and to google.com (explorer)

#17
Essexboy

Posted 13 October 2012 - 10:25 AM

GeekU Moderator

Retired Staff
69,964 posts

Hmm lets reset the internet for you

Download Complete Internet Repair to your desktop

Unzip all the files to their own folder on the desktop
Within the folder double click CIntRep
The programme will then run
Select the items I have highlighted
Press go
Let me know if it is able to conduct the repair, there is a log at the bottom

Posted Image

#18
ruxandra

Posted 16 October 2012 - 10:47 AM

Member

Topic Starter
Member
20 posts

i've done what you wrote to me (Complete internet repair completed) but i still have internet probleme. mozilla and iexplorer don't connect to internet but in the same time i've done a "ping" in cmd :for all 3 pings I've received a quick answer!

#19
Essexboy

Posted 16 October 2012 - 11:07 AM

GeekU Moderator

Retired Staff
69,964 posts

Is GData working properly now ?

Download Windows Repair (all in one) from this site

Install the programme then run

Posted Image

Go to step 3 and allow it to run SFC
Posted Image

On the start repairs tab click start
Posted Image

Select the following items and tick restart system when finished
Posted Image

#20
ruxandra

Posted 16 October 2012 - 11:11 AM

Member

Topic Starter
Member
20 posts

yes, gdata is working properly

i will do what you said and i'll come back in a couple of days

thank you

#21
Essexboy

Posted 16 October 2012 - 11:12 AM

GeekU Moderator

Retired Staff
69,964 posts

Not a problem, as the ping command is being nice and speedy that would suggest a browser problem of some sort.. Lets see what windows repair does

#22
ruxandra

Posted 21 October 2012 - 03:25 AM

Member

Topic Starter
Member
20 posts

i have no internet problems anymore, but the computer is slow...and every 2 days i received this message (I Explorer and mozilla):

Unknown malware found in your browser
(Fingerprint: [85f935c9])

Malicious routines have been disabled.

It is strongly recommended not to enter any passwords in this browser and not to perform any sensitive actions such as online banking until the unidentified malware has been completely removed.

To resolve the issue we recommend removing any malware using the G Data boot CD. If the malware cannot be removed during a BootScan: G Data constantly improves its detection and removal of previously unencountered malware and will be able to provide an update shortly.

Please contact G Data support for more information.

thank you and i'm sorry that every 2 days i'm comming with a new problem but i don't know what to do!

#23
Essexboy

Posted 21 October 2012 - 05:17 AM

GeekU Moderator

Retired Staff
69,964 posts

Not a problem, does GData give a file name or location ?

Lets have a fresh OTL look at the computer

Posted Image

[*]Select All Users
[*]Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT

[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

[/list]

#24
ruxandra

Posted 21 October 2012 - 09:14 AM

Member

Topic Starter
Member
20 posts

no, the entire gdatas message i've pasted it ! one more thing...in my OTL window is not the option "include 64bit scan", only scan all users...

#25
ruxandra

Posted 21 October 2012 - 09:32 AM

Member

Topic Starter
Member
20 posts

And i didn't told you, but for 3-4 weeks my bank konto was the victim of phishing attack. just after i signed-in my online konto, also in the banks window i received more 'Security Questions', after 2 days i received a letter from my bank about the fishing attack (they have my money back:) ). Anyway know i'm afraid to use the online banking...
Otl is still running

#26
ruxandra

Posted 21 October 2012 - 09:44 AM

Member

Topic Starter
Member
20 posts

Here is the OTL.txt :

OTL logfile created on: 10/21/2012 17:17:39 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rux\Downloads
Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.76 Gb Available Physical Memory | 58.70% Memory free
6.16 Gb Paging File | 4.83 Gb Available in Paging File | 78.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78.12 Gb Total Space | 28.13 Gb Free Space | 36.00% Space Free | Partition Type: NTFS
Drive D: | 108.18 Gb Total Space | 44.37 Gb Free Space | 41.01% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: RUX-PC | User Name: Rux | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Processes (SafeList) ==========

PRC - [2012/10/21 17:15:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Rux\Downloads\OTL(1).exe
PRC - [2012/10/13 22:33:15 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/17 05:24:09 | 000,995,352 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
PRC - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/08/30 05:05:55 | 001,584,112 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
PRC - [2012/08/23 15:46:06 | 001,542,680 | ---- | M] (G Data Software AG) -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/06/14 12:31:06 | 000,575,448 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2012/06/04 11:49:40 | 001,899,816 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
PRC - [2012/03/29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
PRC - [2012/02/23 15:10:22 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShow Gold\scsiaccess.exe
PRC - [2012/01/27 05:13:02 | 001,470,968 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
PRC - [2012/01/27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
PRC - [2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/20 13:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 13:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/02/07 15:26:52 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbccoms.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/13 22:33:15 | 002,294,240 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/06/16 06:55:10 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/03/17 22:46:40 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter -- (sprtsvc_dellsupportcenter)
SRV - [2012/10/13 22:33:15 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/11 20:33:51 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/02 12:00:38 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/08/30 05:05:55 | 001,584,112 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2012/08/23 15:46:06 | 001,542,680 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/14 12:31:06 | 000,575,448 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2012/06/04 11:49:40 | 001,899,816 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe -- (GDFwSvc)
SRV - [2012/03/29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2012/02/23 15:10:22 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShow Gold\scsiaccess.exe -- (ScsiAccess)
SRV - [2012/01/27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)
SRV - [2007/09/20 13:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 13:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/11 17:26:38 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/02/07 15:26:52 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbccoms.exe -- (dlbc_device)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/10/12 21:55:26 | 000,093,728 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2012/10/12 21:55:26 | 000,053,664 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\gdwfpcd32.sys -- (gdwfpcd)
DRV - [2012/10/12 21:55:26 | 000,041,888 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\GDBehave.sys -- (GDBehave)
DRV - [2012/10/12 21:35:00 | 000,045,944 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2012/10/08 21:09:58 | 000,053,112 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV - [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/06/14 12:31:38 | 000,070,768 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCTBD.sys -- (PCTBD)
DRV - [2010/08/02 16:19:28 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010/08/02 16:19:26 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010/08/02 16:19:24 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010/08/02 16:19:22 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2009/08/03 04:48:08 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.sys -- (SSPORT)
DRV - [2009/06/16 14:59:00 | 009,768,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/02/16 15:27:13 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/06/02 05:44:02 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2007/10/10 16:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/13 13:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/03/05 09:45:04 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2006/12/20 05:58:26 | 000,097,920 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adusbser.sys -- (adusbser)
DRV - [2006/11/21 03:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/14 16:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/10/20 13:34:16 | 000,037,296 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2005/12/22 16:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/11/16 19:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.ro
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2790392
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ro/
IE - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...q={searchTerms}
IE - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...8A-27F1ABBBFFD1
IE - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\..\SearchScopes\{2F99AC55-281F-4C3F-8455-0964E3569A57}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {906305f7-aafc-45e9-8bbd-941950a84dad}:1.1.11215.1124
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.6.117
FF - prefs.js..keyword.URL: "http://dts.search-re...id=406&sr=0&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012/07/19 23:37:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/13 22:33:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/17 17:25:30 | 000,000,000 | ---D | M]

[2012/05/06 17:49:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rux\AppData\Roaming\Mozilla\Extensions
[2012/10/03 02:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rux\AppData\Roaming\Mozilla\Firefox\Profiles\foerfg0y.default\extensions
[2012/08/30 20:50:49 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Rux\AppData\Roaming\Mozilla\Firefox\Profiles\foerfg0y.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/02/20 11:30:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Rux\AppData\Roaming\Mozilla\Firefox\Profiles\foerfg0y.default\extensions\[email protected]
[2012/10/03 02:59:03 | 000,000,000 | ---D | M] ("TimeLineRemove.Com") -- C:\Users\Rux\AppData\Roaming\Mozilla\Firefox\Profiles\foerfg0y.default\extensions\jid0-YxzrUsJ0WOiOaU89TngAzLcIs18@jetpack
[2010/06/27 23:27:25 | 000,002,384 | ---- | M] () -- C:\Users\Rux\AppData\Roaming\Mozilla\Firefox\Profiles\foerfg0y.default\searchplugins\askcom.xml
[2012/04/29 21:23:02 | 000,002,519 | ---- | M] () -- C:\Users\Rux\AppData\Roaming\Mozilla\Firefox\Profiles\foerfg0y.default\searchplugins\Search_Results.xml
[2012/10/13 22:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/13 22:32:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/10/13 22:32:53 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2011/03/17 21:18:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/10/13 22:33:16 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/08/31 18:38:37 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/29 21:23:02 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/10/13 22:33:14 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Yahoo! UK & Ireland (Enabled)
CHR - default_search_provider: search_url = http://uk.search.yah...p={searchTerms}
CHR - default_search_provider: suggest_url = http://uk-sayt.ff.se...d={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Rux\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Rux\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Rux\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/10/14 18:50:57 | 000,001,692 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 4 more lines...
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-3576319258-3730388377-3009755145-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BD70C58-F99C-4269-9AA0-411D7A51AF1C}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Rux\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Rux\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 360 Days ==========

[2012/10/20 21:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/10/20 21:10:17 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\SUPERAntiSpyware.com
[2012/10/20 19:26:07 | 000,000,000 | ---D | C] -- C:\Users\Rux\Desktop\Poze
[2012/10/19 16:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/10/19 16:43:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/10/19 07:18:00 | 000,000,000 | ---D | C] -- C:\Users\Rux\Desktop\Asigurare
[2012/10/17 17:22:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/10/17 17:22:13 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/10/17 17:22:13 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/10/17 17:22:00 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/10/17 17:22:00 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/10/17 17:22:00 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/10/17 16:38:48 | 000,000,000 | ---D | C] -- C:\Users\Rux\Desktop\New Folder
[2012/10/16 21:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012/10/16 20:51:13 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/10/16 20:50:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2012/10/16 20:29:55 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/10/16 20:29:38 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe
[2012/10/16 19:13:10 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2012/10/16 19:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2012/10/16 19:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2012/10/13 22:32:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/13 18:49:57 | 000,000,000 | ---D | C] -- C:\Users\Rux\Desktop\comintrep
[2012/10/12 21:44:16 | 000,000,000 | ---D | C] -- C:\Users\Rux\Desktop\Stefan
[2012/10/12 21:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2013
[2012/10/12 21:35:00 | 000,045,944 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2012/10/12 21:34:58 | 000,093,728 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2012/10/12 21:34:57 | 000,041,888 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2012/10/12 21:34:50 | 000,053,664 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2012/10/11 19:09:23 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Local\Macromedia
[2012/10/11 19:08:24 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/10/09 23:29:47 | 000,015,600 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GdPhyMem.sys
[2012/10/09 22:47:41 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/10/09 22:44:45 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Local\temp
[2012/10/09 22:37:33 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/09 22:37:33 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/09 22:37:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2012/10/09 22:37:33 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/09 22:37:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/09 22:35:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/10/09 22:15:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/08 06:10:28 | 000,010,792 | ---- | C] (G Data Software AG) -- C:\Windows\System32\GdScrSv.en.dll
[2012/10/07 22:56:00 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\DriverCure
[2012/10/07 22:55:59 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\SpeedyPC Software
[2012/10/07 22:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2012/10/07 22:36:57 | 000,000,000 | ---D | C] -- C:\Program Files\BitLocker
[2012/10/04 17:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/04 17:08:50 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/10/04 17:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/02 12:06:23 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2012/09/02 12:06:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012/09/02 12:00:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012/08/16 11:01:22 | 000,000,000 | ---D | C] -- C:\tmpDownload
[2012/08/13 08:48:49 | 000,000,000 | ---D | C] -- C:\Users\Rux\Desktop\Ruxandra
[2012/08/12 15:33:58 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Local\G DATA
[2012/08/11 18:00:47 | 000,053,112 | ---- | C] (G DATA Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2012/08/11 17:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2012/08/11 17:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\G Data
[2012/08/11 17:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data
[2012/08/11 17:47:26 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Local\Downloaded Installations
[2012/07/20 09:26:30 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2012/07/20 09:20:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/07/19 23:37:13 | 000,070,768 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTBD.sys
[2012/07/19 23:37:12 | 002,267,096 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2012/07/19 23:37:12 | 001,681,368 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2012/07/19 23:37:12 | 000,149,464 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2012/07/19 08:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/07/19 08:15:30 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Local\Threat Expert
[2012/07/19 07:16:10 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\Malwarebytes
[2012/07/19 07:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/18 21:12:48 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012/07/18 21:08:17 | 000,203,088 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012/07/18 21:08:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012/07/18 21:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/07/18 21:07:57 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\TestApp
[2012/07/18 21:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/07/18 20:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\036DFF61000112BF0053707FC2E33D86
[2012/07/18 20:37:20 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\Epeg
[2012/07/18 20:37:20 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\Cotu
[2012/06/01 22:56:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/06/01 22:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/10 19:36:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/05/10 19:36:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/05/02 12:17:12 | 001,070,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2012/04/30 20:56:29 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/04/29 21:24:32 | 000,000,000 | ---D | C] -- C:\USERS\RUX\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SopCast
[2012/04/29 21:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2012/04/29 21:12:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\skin
[2012/04/29 21:12:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\languages
[2012/04/29 21:12:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\codec
[2012/04/29 21:12:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\adv
[2012/02/24 20:28:44 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\JustVoip
[2012/02/23 22:26:27 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Local\Babylon
[2012/02/23 22:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/02/23 22:08:43 | 000,000,000 | ---D | C] -- C:\Windows\PIF
[2012/02/23 15:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Gold
[2012/02/23 15:10:34 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\Netscape
[2012/02/23 15:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\Photodex
[2012/02/23 14:59:23 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\Photodex
[2012/02/23 14:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Photodex
[2012/02/23 14:09:50 | 000,000,000 | ---D | C] -- C:\Users\Rux\Documents\SMP
[2012/02/02 14:25:35 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\Yahoo!
[2012/02/02 14:20:50 | 001,836,568 | ---- | C] (G Data Software AG) -- C:\Windows\System32\GdScrSv.scr
[2011/12/26 21:09:05 | 000,000,000 | ---D | C] -- C:\$AVG
[2011/12/26 17:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2011/12/26 17:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/12/17 15:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2011/12/14 21:07:31 | 000,000,000 | ---D | C] -- C:\Users\Rux\resuscitare
[2011/11/27 15:53:38 | 000,000,000 | ---D | C] -- C:\Users\Rux\doctorat
[2011/11/14 15:47:33 | 000,000,000 | ---D | C] -- C:\USERS\RUX\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\IrfanView
[2011/11/14 15:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2011/11/14 15:44:47 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\IrfanView
[2011/11/06 10:57:11 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/10/28 12:51:20 | 000,000,000 | ---D | C] -- C:\Users\Rux\AppData\Roaming\PrimoPDF
[2011/10/28 12:17:10 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF
[2009/12/06 14:52:44 | 028,868,320 | ---- | C] (Microsoft Corporation) -- C:\Program Files\FileFormatConverters.exe

========== Files - Modified Within 360 Days ==========

[2012/10/21 17:35:24 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A9DBD632-500B-4C93-8C4B-977756834674}.job
[2012/10/21 17:32:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/21 17:10:53 | 000,834,056 | ---- | M] () -- C:\Windows\System32\sig.bin
[2012/10/21 17:10:53 | 000,045,155 | ---- | M] () -- C:\Windows\System32\nmp.map
[2012/10/21 17:05:08 | 000,031,681 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/10/21 17:05:08 | 000,031,681 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/10/21 17:05:07 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/21 17:05:05 | 000,003,552 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/21 17:05:05 | 000,003,552 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/21 17:04:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/21 17:04:56 | 3219,173,376 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/21 11:55:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/20 21:16:31 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/10/20 21:16:31 | 000,001,955 | ---- | M] () -- C:\Users\Rux\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/20 19:28:39 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/20 19:28:39 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/20 09:32:39 | 000,162,823 | ---- | M] () -- C:\Users\Rux\Desktop\IMG_3770.JPG
[2012/10/17 17:25:32 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/10/17 17:21:38 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012/10/17 17:21:36 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/10/17 17:21:36 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/10/17 17:21:36 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/10/17 17:21:36 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/10/17 17:21:36 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/10/16 20:58:26 | 002,195,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/10/16 20:56:52 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/10/16 20:55:52 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/10/16 19:13:05 | 000,002,068 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/10/14 18:50:57 | 000,001,692 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/10/13 18:49:09 | 000,650,870 | ---- | M] () -- C:\Users\Rux\Desktop\comintrep.exe
[2012/10/12 21:55:26 | 000,093,728 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2012/10/12 21:55:26 | 000,053,664 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2012/10/12 21:55:26 | 000,041,888 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2012/10/12 21:35:00 | 000,045,944 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2012/10/12 18:39:49 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.bak
[2012/10/11 20:33:43 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/10/11 20:33:43 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/10/09 23:29:47 | 000,015,600 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GdPhyMem.sys
[2012/10/08 21:09:58 | 000,053,112 | ---- | M] (G DATA Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2012/09/25 14:47:24 | 000,010,792 | ---- | M] (G Data Software AG) -- C:\Windows\System32\GdScrSv.en.dll
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/02 14:28:21 | 000,003,584 | ---- | M] () -- C:\Users\Rux\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/12 20:02:33 | 277,343,645 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/12 08:41:57 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/08/11 19:59:31 | 000,002,268 | ---- | M] () -- C:\FixitRegBackup.reg
[2012/07/20 09:27:21 | 001,942,839 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012/07/19 08:29:15 | 000,003,836 | ---- | M] () -- C:\Windows\System32\.crusader
[2012/06/14 12:31:38 | 000,070,768 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTBD.sys
[2012/06/14 12:31:22 | 002,267,096 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2012/06/14 12:31:22 | 001,681,368 | ---- | M] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2012/06/14 12:31:22 | 000,149,464 | ---- | M] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2012/06/14 12:31:00 | 000,767,960 | ---- | M] () -- C:\Windows\BDTSupport.dll
[2012/06/14 11:03:42 | 000,003,488 | ---- | M] () -- C:\Windows\UDB.zip
[2012/06/14 11:03:42 | 000,000,882 | ---- | M] () -- C:\Windows\RegSDImport.xml
[2012/06/14 11:03:42 | 000,000,879 | ---- | M] () -- C:\Windows\RegISSImport.xml
[2012/06/14 11:03:42 | 000,000,131 | ---- | M] () -- C:\Windows\IDB.zip
[2012/05/31 12:25:14 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/05/25 05:37:24 | 001,836,568 | ---- | M] (G Data Software AG) -- C:\Windows\System32\GdScrSv.scr
[2012/05/11 11:14:20 | 000,203,088 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012/05/02 12:17:12 | 001,070,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2012/02/23 22:26:41 | 000,000,474 | ---- | M] () -- C:\user.js
[2012/02/07 18:00:25 | 000,274,277 | ---- | M] () -- C:\Users\Rux\Documents\2.JPG
[2012/01/26 21:07:55 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/01/11 09:44:11 | 000,100,446 | ---- | M] () -- C:\Users\Rux\Documents\cc_20120111_084401.reg
[2011/11/30 21:57:53 | 001,023,604 | ---- | M] () -- C:\Users\Rux\Documents\IMAG0912.jpg
[2011/11/30 21:55:28 | 000,739,378 | ---- | M] () -- C:\Users\Rux\Documents\IMAG0906.jpg
[2011/11/30 21:55:04 | 001,115,643 | ---- | M] () -- C:\Users\Rux\Documents\IMAG0502.jpg
[2011/11/22 19:09:42 | 000,017,408 | ---- | M] () -- C:\Users\Rux\AppData\Local\WebpageIcons.db
[2011/11/14 15:47:33 | 000,000,807 | ---- | M] () -- C:\Users\Rux\Desktop\IrfanView.lnk

========== Files Created - No Company Name ==========

[2012/10/20 21:16:31 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/10/20 21:16:31 | 000,001,955 | ---- | C] () -- C:\Users\Rux\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/20 09:27:39 | 000,162,823 | ---- | C] () -- C:\Users\Rux\Desktop\IMG_3770.JPG
[2012/10/17 17:25:31 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/10/17 17:25:30 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/10/16 20:43:47 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe
[2012/10/16 19:13:05 | 000,002,068 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/10/13 18:49:08 | 000,650,870 | ---- | C] () -- C:\Users\Rux\Desktop\comintrep.exe
[2012/10/11 19:08:25 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/09 22:37:33 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/09 22:37:33 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/09 22:37:33 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/09 22:37:33 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/09 22:37:33 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/05 06:46:06 | 000,031,681 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012/10/04 18:34:02 | 000,031,681 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2012/10/04 18:33:47 | 3219,173,376 | -HS- | C] () -- C:\hiberfil.sys
[2012/09/02 12:08:55 | 000,001,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
[2012/09/02 12:08:02 | 000,000,964 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
[2012/09/02 12:07:35 | 000,001,293 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk
[2012/09/02 12:05:25 | 000,001,057 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
[2012/09/02 12:02:50 | 000,001,268 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
[2012/09/02 12:02:06 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
[2012/08/12 20:02:02 | 277,343,645 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/08/12 11:57:13 | 000,834,056 | ---- | C] () -- C:\Windows\System32\sig.bin
[2012/08/12 11:57:13 | 000,045,155 | ---- | C] () -- C:\Windows\System32\nmp.map
[2012/08/11 19:59:31 | 000,002,268 | ---- | C] () -- C:\FixitRegBackup.reg
[2012/08/02 21:14:51 | 000,003,584 | ---- | C] () -- C:\Users\Rux\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/20 09:26:57 | 001,942,839 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2012/07/19 23:37:13 | 000,767,960 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2012/07/19 23:37:12 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2012/07/19 23:37:12 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2012/07/19 23:37:12 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2012/07/19 23:37:12 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2012/07/19 08:29:15 | 000,003,836 | ---- | C] () -- C:\Windows\System32\.crusader
[2012/02/23 22:26:34 | 000,000,474 | ---- | C] () -- C:\user.js
[2012/02/07 18:00:12 | 000,274,277 | ---- | C] () -- C:\Users\Rux\Documents\2.JPG
[2012/01/26 21:07:55 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/01/26 21:07:55 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/01/11 09:44:07 | 000,100,446 | ---- | C] () -- C:\Users\Rux\Documents\cc_20120111_084401.reg
[2011/11/30 21:57:43 | 001,023,604 | ---- | C] () -- C:\Users\Rux\Documents\IMAG0912.jpg
[2011/11/30 21:55:21 | 000,739,378 | ---- | C] () -- C:\Users\Rux\Documents\IMAG0906.jpg
[2011/11/30 21:54:53 | 001,115,643 | ---- | C] () -- C:\Users\Rux\Documents\IMAG0502.jpg
[2011/11/22 19:09:39 | 000,017,408 | ---- | C] () -- C:\Users\Rux\AppData\Local\WebpageIcons.db
[2011/11/14 15:47:33 | 000,000,807 | ---- | C] () -- C:\Users\Rux\Desktop\IrfanView.lnk
[2011/10/28 12:17:12 | 000,180,624 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2011/06/24 14:09:38 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/06/24 14:09:38 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/06/24 14:09:35 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/06/24 14:09:35 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/06/24 14:09:35 | 000,073,216 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/05/24 17:58:15 | 000,003,584 | ---- | C] () -- C:\Windows\System32\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/17 23:11:56 | 000,000,251 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/03/11 06:46:38 | 000,162,304 | ---- | C] () -- C:\Program Files\UNWISE.EXE

========== ZeroAccess Check ==========

[2006/11/02 14:53:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/11/06 14:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\system32\wbem\fastprox.dll -- [2009/03/03 06:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\Windows\system32\wbem\wbemess.dll -- [2006/11/02 11:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Base Services ==========
SRV - [2006/11/02 11:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2006/11/02 11:46:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2006/11/02 11:44:49 | 000,058,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2007/09/12 20:21:10 | 000,750,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2006/11/02 11:46:02 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2009/06/15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2008/04/19 10:13:07 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2006/11/02 11:46:02 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2006/11/02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/03/03 06:19:41 | 000,549,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2007/09/12 20:20:12 | 000,204,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/06/20 19:51:48 | 000,083,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2006/11/02 11:46:04 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2006/11/02 11:46:05 | 000,025,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2007/09/12 20:19:33 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/06/19 05:25:22 | 000,361,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2006/11/02 11:46:13 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2006/11/02 11:46:05 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2006/11/02 11:46:11 | 000,273,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2006/11/02 11:46:11 | 000,235,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2006/11/02 11:46:11 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2006/11/02 11:46:12 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2008/06/20 20:14:48 | 000,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2006/11/02 11:45:46 | 000,124,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2009/06/15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2006/11/02 14:32:28 | 000,560,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2006/11/02 11:46:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2006/11/02 11:46:12 | 000,234,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/03/03 06:19:41 | 000,549,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2006/11/02 11:46:12 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2009/06/15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2006/11/02 14:33:02 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2006/11/02 11:46:13 | 000,121,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2006/11/02 11:46:13 | 000,245,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2007/07/11 17:30:33 | 002,605,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2008/06/20 20:14:48 | 000,595,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2006/11/02 11:46:13 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2006/11/02 11:46:13 | 000,245,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2006/11/02 11:46:12 | 000,152,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2006/11/02 11:45:51 | 000,924,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2006/11/02 11:46:02 | 000,310,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2006/11/02 11:46:02 | 000,310,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2006/11/02 14:33:55 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2007/07/11 17:26:38 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/02 11:46:13 | 000,989,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2007/07/11 17:30:05 | 000,396,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2006/11/02 14:32:34 | 000,451,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2006/11/02 11:45:26 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2006/11/02 11:46:14 | 000,161,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2009/08/07 04:23:45 | 001,929,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2006/11/02 11:46:04 | 000,146,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/11 21:32:59 | 000,502,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/10 14:16:11 | 000,156,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >
[2008/05/08 07:03:22 | 000,303,616 | ---- | M] ( ) -- C:\SetACL.exe
[2004/06/12 01:33:28 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\subinacl.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\erdnt\cache\explorer.exe
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/06/20 19:56:20 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/06/20 19:56:20 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe

< MD5 for: SERVICES >
[2006/09/18 23:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 23:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services

< MD5 for: SERVICES.CFG >
[2012/07/27 22:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.EXE >
[2006/11/02 11:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\erdnt\cache\services.exe
[2006/11/02 11:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\System32\services.exe
[2006/11/02 11:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2008/09/19 19:02:42 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=088EB52906C5C50C41F09668B0EE5512 -- C:\Windows\System32\ro-RO\services.exe.mui
[2008/09/19 19:02:42 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=088EB52906C5C50C41F09668B0EE5512 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_ro-ro_ae7f51437b9455c4\services.exe.mui
[2006/11/02 14:39:23 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 14:39:23 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
[2011/03/17 21:14:36 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=16B97328203A9C79EA6A8AF28FA33CF6 -- C:\Windows\System32\lt-LT\services.exe.mui
[2011/03/17 21:14:36 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=16B97328203A9C79EA6A8AF28FA33CF6 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_lt-lt_ddcbd607cae8af00\services.exe.mui

< MD5 for: SERVICES.LNK >
[2006/11/02 14:52:39 | 000,001,688 | ---- | M] () MD5=FCDB193E85408D9C5EDBCFCBFABFD677 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2006/11/02 14:52:39 | 000,001,688 | ---- | M] () MD5=FCDB193E85408D9C5EDBCFCBFABFD677 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2006/09/18 23:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 23:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.mof
[2006/09/18 23:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 14:39:59 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 23:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 14:39:59 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 23:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6000.16386_none_cd2d20a848cfd40f\services.msc
[2006/09/18 23:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SERVICES.PNG >
[2011/10/06 02:23:28 | 000,001,509 | ---- | M] () MD5=F4EC3ABEAE15FA9BB42D721E9D543F44 -- C:\Program Files\Dell Support Center\Images\icons\png\24_24\services.png

< MD5 for: SERVICES.RDB >
[2010/05/20 23:34:38 | 000,262,144 | ---- | M] () MD5=00D8C85E07B0D69A27816B54E56EF85B -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
[2010/05/20 23:28:42 | 005,505,024 | ---- | M] () MD5=20999743CA8D1F7132B0BFCE952F2295 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb

< MD5 for: SVCHOST.EXE >
[2006/11/02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\erdnt\cache\svchost.exe
[2006/11/02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\System32\svchost.exe
[2006/11/02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\erdnt\cache\userinit.exe
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\erdnt\cache\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

< MD5 for: WINSOCK.DLL >
[2006/11/02 09:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL
[2006/11/02 09:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6000.16386_none_fbd6b71e75a2c6c8\WINSOCK.DLL
[2006/11/02 09:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINSOCK.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 204 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >

#27
Essexboy

Posted 21 October 2012 - 02:31 PM

GeekU Moderator

Retired Staff
69,964 posts

Hmm that would suggest a zeus type infection, I have seen no sign of that but I will now dig deeper

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application
Then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Get the report by selecting Reports
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

THEN

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.
Posted Image

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

Click NO
In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
Now click the Scan button.
Once the scan is complete, you may receive another notice about rootkit activity.
Click OK.
GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
Save it where you can easily find it, such as your desktop.

Post the contents of GMER.txt in your next reply.

#28
ruxandra

Posted 23 October 2012 - 09:59 AM

Member

Topic Starter
Member
20 posts

17:53:43.0658 7320 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:53:44.0438 7320 ============================================================
17:53:44.0438 7320 Current date / time: 2012/10/23 17:53:44.0438
17:53:44.0438 7320 SystemInfo:
17:53:44.0438 7320
17:53:44.0438 7320 OS Version: 6.0.6000 ServicePack: 0.0
17:53:44.0438 7320 Product type: Workstation
17:53:44.0438 7320 ComputerName: RUX-PC
17:53:44.0438 7320 UserName: Rux
17:53:44.0438 7320 Windows directory: C:\Windows
17:53:44.0438 7320 System windows directory: C:\Windows
17:53:44.0438 7320 Processor architecture: Intel x86
17:53:44.0438 7320 Number of processors: 2
17:53:44.0438 7320 Page size: 0x1000
17:53:44.0438 7320 Boot type: Normal boot
17:53:44.0438 7320 ============================================================
17:53:53.0252 7320 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:53:53.0252 7320 ============================================================
17:53:53.0252 7320 \Device\Harddisk0\DR0:
17:53:53.0252 7320 MBR partitions:
17:53:53.0252 7320 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9C40000
17:53:53.0252 7320 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0xD85E000
17:53:53.0252 7320 ============================================================
17:53:53.0267 7320 C: <-> \Device\Harddisk0\DR0\Partition1
17:53:53.0345 7320 D: <-> \Device\Harddisk0\DR0\Partition2
17:53:53.0345 7320 ============================================================
17:53:53.0345 7320 Initialize success
17:53:53.0345 7320 ============================================================
17:55:20.0627 7216 ============================================================
17:55:20.0627 7216 Scan started
17:55:20.0627 7216 Mode: Manual; TDLFS;
17:55:20.0627 7216 ============================================================
17:55:21.0766 7216 ================ Scan system memory ========================
17:55:21.0766 7216 System memory - ok
17:55:21.0766 7216 ================ Scan services =============================
17:55:21.0969 7216 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
17:55:21.0969 7216 ACPI - ok
17:55:22.0031 7216 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\Windows\system32\drivers\adfs.sys
17:55:22.0031 7216 adfs - ok
17:55:22.0156 7216 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:55:22.0156 7216 AdobeARMservice - ok
17:55:22.0219 7216 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:55:22.0219 7216 AdobeFlashPlayerUpdateSvc - ok
17:55:24.0059 7216 [ D11C3DEE5AA97020E14E758C57423917 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:55:27.0679 7216 Suspicious file (NoAccess): C:\Windows\system32\drivers\adp94xx.sys. md5: D11C3DEE5AA97020E14E758C57423917
17:55:27.0679 7216 adp94xx ( LockedFile.Multi.Generic ) - warning
17:55:27.0679 7216 adp94xx - detected LockedFile.Multi.Generic (1)
17:55:27.0819 7216 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:55:27.0850 7216 adpahci - ok
17:55:27.0913 7216 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:55:27.0944 7216 adpu160m - ok
17:55:27.0959 7216 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:55:27.0959 7216 adpu320 - ok
17:55:27.0975 7216 [ 4AE9537AC4DF20F857E5DB119EF4B1CA ] adusbser C:\Windows\system32\DRIVERS\adusbser.sys
17:55:27.0975 7216 adusbser - ok
17:55:28.0006 7216 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:55:28.0006 7216 AeLookupSvc - ok
17:55:28.0022 7216 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\system32\aestsrv.exe
17:55:28.0022 7216 AESTFilters - ok
17:55:28.0069 7216 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
17:55:28.0069 7216 AFD - ok
17:55:28.0084 7216 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:55:28.0084 7216 agp440 - ok
17:55:28.0100 7216 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:55:28.0100 7216 aic78xx - ok
17:55:28.0115 7216 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
17:55:28.0115 7216 ALG - ok
17:55:28.0147 7216 [ 3A99CB23A2D326FD532618705D6E3048 ] aliide C:\Windows\system32\drivers\aliide.sys
17:55:28.0162 7216 aliide - ok
17:55:28.0162 7216 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:55:28.0162 7216 amdagp - ok
17:55:28.0178 7216 [ 4333C133DBD71C7D7FE4FB1B83F9EE3E ] amdide C:\Windows\system32\drivers\amdide.sys
17:55:28.0178 7216 amdide - ok
17:55:28.0193 7216 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:55:28.0193 7216 AmdK7 - ok
17:55:28.0193 7216 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:55:28.0193 7216 AmdK8 - ok
17:55:28.0240 7216 [ 19F9B865832FC563ED8EED449CB4FF31 ] Andbus C:\Windows\system32\DRIVERS\lgandbus.sys
17:55:28.0240 7216 Andbus - ok
17:55:28.0240 7216 [ C896B7DCD81862CB51E5C2EBCF0B50CA ] AndDiag C:\Windows\system32\DRIVERS\lganddiag.sys
17:55:28.0240 7216 AndDiag - ok
17:55:28.0271 7216 [ 2D4F4EE70EB5A03CFFAA50E6D6B67BC8 ] AndGps C:\Windows\system32\DRIVERS\lgandgps.sys
17:55:28.0271 7216 AndGps - ok
17:55:28.0287 7216 [ 13947A4E2343D1DAE526FB9B8E7898DC ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem.sys
17:55:28.0287 7216 ANDModem - ok
17:55:28.0303 7216 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
17:55:28.0303 7216 Appinfo - ok
17:55:28.0349 7216 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:55:28.0349 7216 Apple Mobile Device - ok
17:55:28.0365 7216 [ 051E86735B71E8402AEBC1D662F26BA2 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:55:28.0365 7216 AppMgmt - ok
17:55:28.0381 7216 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
17:55:28.0381 7216 arc - ok
17:55:28.0396 7216 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:55:28.0396 7216 arcsas - ok
17:55:28.0412 7216 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:55:28.0412 7216 AsyncMac - ok
17:55:28.0427 7216 [ B35CFCEF838382AB6490B321C87EDF17 ] atapi C:\Windows\system32\DRIVERS\ATAPI.SYS
17:55:28.0427 7216 atapi - ok
17:55:28.0459 7216 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:55:28.0459 7216 AudioEndpointBuilder - ok
17:55:28.0474 7216 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:55:28.0474 7216 Audiosrv - ok
17:55:28.0630 7216 [ C48176DA44D0298A7075D3C5CF8C3D8D ] AVKProxy C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
17:55:28.0646 7216 AVKProxy - ok
17:55:28.0802 7216 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
17:55:28.0802 7216 AVKService - ok
17:55:28.0864 7216 [ 6BBEF99B9A4DA3568ECCF32FCB10C6FE ] AVKWCtl C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
17:55:28.0880 7216 AVKWCtl - ok
17:55:28.0911 7216 [ 7BD70AEED0D975285A1B20BD012EBF4E ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
17:55:28.0911 7216 BCM42RLY - ok
17:55:28.0958 7216 [ FA6707A346CD122407F3B0BAD1C47639 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
17:55:28.0958 7216 BCM43XX - ok
17:55:28.0989 7216 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
17:55:28.0989 7216 bcm4sbxp - ok
17:55:29.0020 7216 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
17:55:29.0020 7216 Beep - ok
17:55:29.0083 7216 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
17:55:29.0083 7216 BFE - ok
17:55:29.0129 7216 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
17:55:29.0145 7216 BITS - ok
17:55:29.0145 7216 blbdrive - ok
17:55:29.0176 7216 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:55:29.0176 7216 bowser - ok
17:55:29.0192 7216 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:55:29.0192 7216 BrFiltLo - ok
17:55:29.0207 7216 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:55:29.0207 7216 BrFiltUp - ok
17:55:29.0223 7216 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
17:55:29.0223 7216 Browser - ok
17:55:29.0348 7216 [ CE37210C345F6C8B019625A1FBC8A011 ] Browser Defender Update Service C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
17:55:29.0363 7216 Browser Defender Update Service - ok
17:55:29.0379 7216 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:55:29.0379 7216 Brserid - ok
17:55:29.0395 7216 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:55:29.0395 7216 BrSerWdm - ok
17:55:29.0410 7216 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:55:29.0410 7216 BrUsbMdm - ok
17:55:29.0426 7216 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:55:29.0426 7216 BrUsbSer - ok
17:55:29.0457 7216 [ CF97C2D6A011EE9403B42191B5F95BA8 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:55:29.0457 7216 BthEnum - ok
17:55:29.0473 7216 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:55:29.0473 7216 BTHMODEM - ok
17:55:29.0488 7216 [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:55:29.0488 7216 BthPan - ok
17:55:29.0504 7216 [ B4CE8000AAB30A9AB16CD0FB3DB4D7CF ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:55:29.0504 7216 BTHPORT - ok
17:55:29.0535 7216 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
17:55:29.0535 7216 BthServ - ok
17:55:29.0535 7216 [ 9A4DDC8544C1459AA2A118A8858DADE3 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:55:29.0535 7216 BTHUSB - ok
17:55:29.0566 7216 [ 24B6F65F80EBE0111E7807769AE3D6C0 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
17:55:29.0566 7216 btusbflt - ok
17:55:29.0597 7216 catchme - ok
17:55:29.0629 7216 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:55:29.0644 7216 cdfs - ok
17:55:29.0675 7216 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:55:29.0675 7216 cdrom - ok
17:55:29.0691 7216 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
17:55:29.0691 7216 CertPropSvc - ok
17:55:29.0707 7216 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
17:55:29.0707 7216 circlass - ok
17:55:29.0738 7216 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
17:55:29.0738 7216 CLFS - ok
17:55:29.0785 7216 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:55:29.0785 7216 clr_optimization_v2.0.50727_32 - ok
17:55:29.0800 7216 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:55:29.0816 7216 CmBatt - ok
17:55:29.0831 7216 [ DFB94A6FC3A26972B0461AB5F1D8272B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:55:29.0831 7216 cmdide - ok
17:55:29.0863 7216 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:55:29.0863 7216 Compbatt - ok
17:55:29.0863 7216 COMSysApp - ok
17:55:29.0878 7216 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:55:29.0878 7216 crcdisk - ok
17:55:29.0894 7216 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:55:29.0894 7216 Crusoe - ok
17:55:29.0941 7216 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:55:29.0941 7216 CryptSvc - ok
17:55:29.0956 7216 [ EE95A5F89766F199557E5900CE6B2D7D ] CSC C:\Windows\system32\drivers\csc.sys
17:55:29.0972 7216 CSC - ok
17:55:29.0987 7216 [ 68131A9A8E3F0AB5136BF386F02A3FC7 ] CscService C:\Windows\System32\cscsvc.dll
17:55:30.0003 7216 CscService - ok
17:55:30.0034 7216 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
17:55:30.0034 7216 DcomLaunch - ok
17:55:30.0065 7216 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:55:30.0065 7216 DfsC - ok
17:55:30.0143 7216 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
17:55:30.0206 7216 DFSR - ok
17:55:30.0237 7216 [ 7F19DBA1A467B838CCB23124A2C55568 ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
17:55:30.0237 7216 DgiVecp - ok
17:55:30.0253 7216 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:55:30.0253 7216 Dhcp - ok
17:55:30.0253 7216 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
17:55:30.0268 7216 disk - ok
17:55:30.0268 7216 dlbc_device - ok
17:55:30.0284 7216 [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:55:30.0284 7216 Dnscache - ok
17:55:30.0315 7216 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
17:55:30.0315 7216 dot3svc - ok
17:55:30.0346 7216 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:55:30.0346 7216 Dot4 - ok
17:55:30.0362 7216 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:55:30.0362 7216 Dot4Print - ok
17:55:30.0377 7216 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:55:30.0377 7216 dot4usb - ok
17:55:30.0409 7216 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
17:55:30.0409 7216 DPS - ok
17:55:30.0440 7216 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:55:30.0440 7216 drmkaud - ok
17:55:30.0455 7216 [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:55:30.0471 7216 DXGKrnl - ok
17:55:30.0502 7216 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:55:30.0502 7216 E1G60 - ok
17:55:30.0518 7216 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
17:55:30.0518 7216 EapHost - ok
17:55:30.0549 7216 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
17:55:30.0549 7216 Ecache - ok
17:55:30.0596 7216 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:55:30.0596 7216 ehRecvr - ok
17:55:30.0611 7216 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
17:55:30.0611 7216 ehSched - ok
17:55:30.0627 7216 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
17:55:30.0627 7216 ehstart - ok
17:55:30.0643 7216 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:55:30.0658 7216 elxstor - ok
17:55:30.0705 7216 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:55:30.0736 7216 EMDMgmt - ok
17:55:30.0799 7216 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
17:55:30.0799 7216 EventSystem - ok
17:55:30.0814 7216 ewusbnet - ok
17:55:30.0861 7216 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:55:30.0861 7216 fastfat - ok
17:55:30.0877 7216 [ 93F75490B02033DF8EDF4D7089C7E1D8 ] Fax C:\Windows\system32\fxssvc.exe
17:55:30.0939 7216 Fax - ok
17:55:30.0955 7216 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:55:30.0955 7216 fdc - ok
17:55:30.0955 7216 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
17:55:30.0970 7216 fdPHost - ok
17:55:30.0986 7216 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:55:30.0986 7216 FDResPub - ok
17:55:31.0001 7216 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:55:31.0001 7216 FileInfo - ok
17:55:31.0017 7216 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:55:31.0017 7216 Filetrace - ok
17:55:31.0079 7216 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:55:31.0095 7216 FLEXnet Licensing Service - ok
17:55:31.0111 7216 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:55:31.0111 7216 flpydisk - ok
17:55:31.0126 7216 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:55:31.0126 7216 FltMgr - ok
17:55:31.0173 7216 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:55:31.0173 7216 FontCache3.0.0.0 - ok
17:55:31.0204 7216 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:55:31.0204 7216 Fs_Rec - ok
17:55:31.0220 7216 [ 06A1CF72FBE3B50035FBFF428C8D84B4 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:55:31.0220 7216 fvevol - ok
17:55:31.0235 7216 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:55:31.0251 7216 gagp30kx - ok
17:55:31.0298 7216 [ 1F0A3452B77638FF4106CF914B3DAB3D ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
17:55:31.0298 7216 GDBehave - ok
17:55:31.0391 7216 [ EB4D63C618555024DAC54F619859AD92 ] GDFwSvc C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
17:55:31.0407 7216 GDFwSvc - ok
17:55:31.0423 7216 [ 724070D41BC6471DAEDDB6C6A75C8CD3 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
17:55:31.0438 7216 GDMnIcpt - ok
17:55:31.0469 7216 [ 9433BA5D6E52CF35BA5660DFD1100CCD ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
17:55:31.0469 7216 GDPkIcpt - ok
17:55:31.0532 7216 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
17:55:31.0532 7216 GDScan - ok
17:55:31.0547 7216 [ 0EBC9CEBF9FC3E256E6D196FB3DE61E9 ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd32.sys
17:55:31.0563 7216 gdwfpcd - ok
17:55:31.0579 7216 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:55:31.0594 7216 GEARAspiWDM - ok
17:55:31.0625 7216 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
17:55:31.0641 7216 gpsvc - ok
17:55:31.0735 7216 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:55:31.0750 7216 gupdate - ok
17:55:31.0750 7216 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:55:31.0750 7216 gupdatem - ok
17:55:31.0797 7216 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:55:31.0797 7216 gusvc - ok
17:55:31.0828 7216 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:55:31.0828 7216 HdAudAddService - ok
17:55:31.0859 7216 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:55:31.0859 7216 HDAudBus - ok
17:55:31.0875 7216 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:55:31.0875 7216 HidBth - ok
17:55:31.0906 7216 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:55:31.0906 7216 HidIr - ok
17:55:31.0937 7216 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll
17:55:31.0953 7216 hidserv - ok
17:55:31.0969 7216 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:55:31.0969 7216 HidUsb - ok
17:55:31.0984 7216 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
17:55:31.0984 7216 hkmsvc - ok
17:55:32.0015 7216 [ 005C774402CEE9B625DD1E07A7ADE383 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
17:55:32.0015 7216 HookCentre - ok
17:55:32.0031 7216 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:55:32.0031 7216 HpCISSs - ok
17:55:32.0078 7216 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:55:32.0078 7216 HSFHWAZL - ok
17:55:32.0125 7216 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:55:32.0140 7216 HSF_DPV - ok
17:55:32.0187 7216 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:55:32.0187 7216 HTTP - ok
17:55:32.0203 7216 hwdatacard - ok
17:55:32.0203 7216 hwusbfake - ok
17:55:32.0218 7216 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:55:32.0218 7216 i2omp - ok
17:55:32.0249 7216 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:55:32.0249 7216 i8042prt - ok
17:55:32.0265 7216 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:55:32.0265 7216 iaStorV - ok
17:55:32.0327 7216 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:55:32.0374 7216 idsvc - ok
17:55:32.0390 7216 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:55:32.0390 7216 iirsp - ok
17:55:32.0437 7216 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
17:55:32.0468 7216 IKEEXT - ok
17:55:32.0499 7216 [ 988981C840084F480BA9E3319CEBDE1B ] intelide C:\Windows\system32\drivers\intelide.sys
17:55:32.0499 7216 intelide - ok
17:55:32.0499 7216 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:55:32.0499 7216 intelppm - ok
17:55:32.0530 7216 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:55:32.0530 7216 IPBusEnum - ok
17:55:32.0546 7216 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:55:32.0546 7216 IpFilterDriver - ok
17:55:32.0577 7216 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:55:32.0577 7216 iphlpsvc - ok
17:55:32.0577 7216 IpInIp - ok
17:55:32.0593 7216 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:55:32.0593 7216 IPMIDRV - ok
17:55:32.0608 7216 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:55:32.0608 7216 IPNAT - ok
17:55:32.0639 7216 [ 3A6D4D8ABACF64292D060C9E06D2050D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:55:32.0655 7216 iPod Service - ok
17:55:32.0686 7216 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:55:32.0686 7216 IRENUM - ok
17:55:32.0686 7216 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:55:32.0686 7216 isapnp - ok
17:55:32.0702 7216 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:55:32.0702 7216 iScsiPrt - ok
17:55:32.0749 7216 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:55:32.0749 7216 iteatapi - ok
17:55:32.0811 7216 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:55:32.0811 7216 iteraid - ok
17:55:32.0842 7216 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:55:32.0842 7216 kbdclass - ok
17:55:32.0873 7216 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:55:32.0873 7216 kbdhid - ok
17:55:32.0889 7216 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
17:55:32.0889 7216 KeyIso - ok
17:55:32.0936 7216 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
17:55:33.0029 7216 KMWDFILTER - ok
17:55:33.0139 7216 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:55:33.0154 7216 KSecDD - ok
17:55:33.0185 7216 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
17:55:33.0185 7216 KtmRm - ok
17:55:33.0217 7216 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\System32\srvsvc.dll
17:55:33.0217 7216 LanmanServer - ok
17:55:33.0248 7216 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:55:33.0248 7216 LanmanWorkstation - ok
17:55:33.0279 7216 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:55:33.0279 7216 lltdio - ok
17:55:33.0295 7216 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:55:33.0295 7216 lltdsvc - ok
17:55:33.0310 7216 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:55:33.0310 7216 lmhosts - ok
17:55:33.0326 7216 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:55:33.0326 7216 LSI_FC - ok
17:55:33.0341 7216 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:55:33.0341 7216 LSI_SAS - ok
17:55:33.0341 7216 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:55:33.0341 7216 LSI_SCSI - ok
17:55:33.0373 7216 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
17:55:33.0373 7216 luafv - ok
17:55:33.0388 7216 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:55:33.0404 7216 MBAMProtector - ok
17:55:33.0435 7216 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:55:33.0435 7216 MBAMScheduler - ok
17:55:33.0482 7216 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:55:33.0482 7216 MBAMService - ok
17:55:33.0529 7216 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:55:33.0544 7216 Mcx2Svc - ok
17:55:33.0560 7216 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
17:55:33.0575 7216 megasas - ok
17:55:33.0591 7216 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
17:55:33.0591 7216 MMCSS - ok
17:55:33.0607 7216 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
17:55:33.0607 7216 Modem - ok
17:55:33.0622 7216 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:55:33.0622 7216 monitor - ok
17:55:33.0638 7216 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:55:33.0653 7216 mouclass - ok
17:55:33.0669 7216 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:55:33.0669 7216 mouhid - ok
17:55:33.0685 7216 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:55:33.0685 7216 MountMgr - ok
17:55:33.0763 7216 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:55:33.0763 7216 MozillaMaintenance - ok
17:55:33.0778 7216 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
17:55:33.0794 7216 mpio - ok
17:55:33.0809 7216 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:55:33.0809 7216 mpsdrv - ok
17:55:33.0856 7216 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
17:55:33.0872 7216 MpsSvc - ok
17:55:33.0872 7216 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:55:33.0887 7216 Mraid35x - ok
17:55:33.0903 7216 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:55:33.0903 7216 MRxDAV - ok
17:55:33.0934 7216 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:55:33.0934 7216 mrxsmb - ok
17:55:33.0965 7216 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:55:33.0965 7216 mrxsmb10 - ok
17:55:33.0981 7216 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:55:33.0997 7216 mrxsmb20 - ok
17:55:34.0012 7216 [ F0EC3A4E0693A34B148723B4DA31668C ] msahci C:\Windows\system32\drivers\msahci.sys
17:55:34.0012 7216 msahci - ok
17:55:34.0043 7216 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:55:34.0043 7216 msdsm - ok
17:55:34.0059 7216 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
17:55:34.0075 7216 MSDTC - ok
17:55:34.0075 7216 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:55:34.0075 7216 Msfs - ok
17:55:34.0090 7216 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:55:34.0090 7216 msisadrv - ok
17:55:34.0121 7216 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:55:34.0121 7216 MSiSCSI - ok
17:55:34.0121 7216 msiserver - ok
17:55:34.0137 7216 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:55:34.0137 7216 MSKSSRV - ok
17:55:34.0153 7216 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:55:34.0153 7216 MSPCLOCK - ok
17:55:34.0168 7216 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:55:34.0168 7216 MSPQM - ok
17:55:34.0168 7216 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:55:34.0184 7216 MsRPC - ok
17:55:34.0199 7216 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:55:34.0199 7216 mssmbios - ok
17:55:34.0199 7216 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:55:34.0199 7216 MSTEE - ok
17:55:34.0215 7216 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
17:55:34.0215 7216 Mup - ok
17:55:34.0231 7216 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
17:55:34.0231 7216 napagent - ok
17:55:34.0262 7216 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:55:34.0262 7216 NativeWifiP - ok
17:55:34.0293 7216 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:55:34.0309 7216 NDIS - ok
17:55:34.0340 7216 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:55:34.0340 7216 NdisTapi - ok
17:55:34.0355 7216 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:55:34.0355 7216 Ndisuio - ok
17:55:34.0371 7216 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:55:34.0371 7216 NdisWan - ok
17:55:34.0402 7216 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:55:34.0402 7216 NDProxy - ok
17:55:34.0418 7216 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:55:34.0433 7216 NetBIOS - ok
17:55:34.0465 7216 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:55:34.0465 7216 netbt - ok
17:55:34.0496 7216 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
17:55:34.0496 7216 Netlogon - ok
17:55:34.0543 7216 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
17:55:34.0558 7216 Netman - ok
17:55:34.0589 7216 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
17:55:34.0589 7216 netprofm - ok
17:55:34.0636 7216 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:55:34.0636 7216 NetTcpPortSharing - ok
17:55:34.0652 7216 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:55:34.0652 7216 nfrd960 - ok
17:55:34.0667 7216 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
17:55:34.0667 7216 NlaSvc - ok
17:55:34.0683 7216 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:55:34.0683 7216 Npfs - ok
17:55:34.0699 7216 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
17:55:34.0714 7216 nsi - ok
17:55:34.0730 7216 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:55:34.0730 7216 nsiproxy - ok
17:55:34.0761 7216 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:55:34.0823 7216 Ntfs - ok
17:55:34.0839 7216 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:55:34.0839 7216 ntrigdigi - ok
17:55:34.0855 7216 [ 20623A75F3C6C1076EBBA64DD8C4BC02 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
17:55:34.0855 7216 NuidFltr - ok
17:55:34.0855 7216 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
17:55:34.0870 7216 Null - ok
17:55:35.0182 7216 [ 8FE5350FA6A9F0B6633AEE811C468954 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:55:35.0245 7216 nvlddmkm - ok
17:55:35.0260 7216 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:55:35.0260 7216 nvraid - ok
17:55:35.0276 7216 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:55:35.0276 7216 nvstor - ok
17:55:35.0307 7216 [ DED8F2C0070478F13C37F7BD849B83FA ] nvsvc C:\Windows\system32\nvvsvc.exe
17:55:35.0307 7216 nvsvc - ok
17:55:35.0323 7216 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:55:35.0338 7216 nv_agp - ok
17:55:35.0338 7216 NwlnkFlt - ok
17:55:35.0338 7216 NwlnkFwd - ok
17:55:35.0354 7216 [ 19CAC780B858822055F46C58A111723C ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
17:55:35.0354 7216 OEM02Dev - ok
17:55:35.0369 7216 [ 86326062A90494BDD79CE383511D7D69 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
17:55:35.0369 7216 OEM02Vfx - ok
17:55:35.0385 7216 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:55:35.0385 7216 ohci1394 - ok
17:55:35.0416 7216 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:55:35.0416 7216 ose - ok
17:55:35.0463 7216 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:55:35.0494 7216 p2pimsvc - ok
17:55:35.0510 7216 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
17:55:35.0525 7216 p2psvc - ok
17:55:35.0541 7216 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
17:55:35.0541 7216 Parport - ok
17:55:35.0541 7216 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:55:35.0541 7216 partmgr - ok
17:55:35.0557 7216 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:55:35.0557 7216 Parvdm - ok
17:55:35.0572 7216 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:55:35.0572 7216 PcaSvc - ok
17:55:35.0572 7216 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
17:55:35.0572 7216 pci - ok
17:55:35.0603 7216 [ 20B869152448F80AC49CF10264E91F5E ] pciide C:\Windows\system32\drivers\pciide.sys
17:55:35.0603 7216 pciide - ok
17:55:35.0635 7216 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:55:35.0635 7216 pcmcia - ok
17:55:35.0681 7216 [ C6F3106F935DC7A93D131DAE8744F805 ] PCTBD C:\Windows\system32\Drivers\PCTBD.sys
17:55:35.0681 7216 PCTBD - ok
17:55:35.0697 7216 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:55:35.0728 7216 PEAUTH - ok
17:55:35.0791 7216 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
17:55:35.0822 7216 pla - ok
17:55:35.0853 7216 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:55:35.0869 7216 PlugPlay - ok
17:55:35.0884 7216 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:55:35.0884 7216 PNRPAutoReg - ok
17:55:35.0915 7216 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:55:35.0931 7216 PNRPsvc - ok
17:55:36.0009 7216 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:55:36.0009 7216 PolicyAgent - ok
17:55:36.0040 7216 [ 6C359AC71D7B550A0D41F9DB4563CE05 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:55:36.0040 7216 PptpMiniport - ok
17:55:36.0040 7216 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
17:55:36.0056 7216 Processor - ok
17:55:36.0056 7216 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
17:55:36.0071 7216 ProfSvc - ok
17:55:36.0071 7216 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:55:36.0071 7216 ProtectedStorage - ok
17:55:36.0087 7216 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:55:36.0087 7216 PSched - ok
17:55:36.0134 7216 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:55:36.0149 7216 ql2300 - ok
17:55:36.0165 7216 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:55:36.0165 7216 ql40xx - ok
17:55:36.0196 7216 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
17:55:36.0196 7216 QWAVE - ok
17:55:36.0212 7216 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:55:36.0212 7216 QWAVEdrv - ok
17:55:36.0243 7216 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:55:36.0259 7216 RapiMgr - ok
17:55:36.0259 7216 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:55:36.0259 7216 RasAcd - ok
17:55:36.0274 7216 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
17:55:36.0290 7216 RasAuto - ok
17:55:36.0290 7216 [ 88587DD843E2059848995B407B67F6CF ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:55:36.0290 7216 Rasl2tp - ok
17:55:36.0305 7216 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
17:55:36.0305 7216 RasMan - ok
17:55:36.0321 7216 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:55:36.0321 7216 RasPppoe - ok
17:55:36.0337 7216 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:55:36.0337 7216 rdbss - ok
17:55:36.0352 7216 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:55:36.0368 7216 RDPCDD - ok
17:55:36.0399 7216 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
17:55:36.0399 7216 rdpdr - ok
17:55:36.0415 7216 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:55:36.0415 7216 RDPENCDD - ok
17:55:36.0446 7216 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:55:36.0446 7216 RDPWD - ok
17:55:36.0461 7216 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
17:55:36.0461 7216 RemoteAccess - ok
17:55:36.0493 7216 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:55:36.0493 7216 RemoteRegistry - ok
17:55:36.0524 7216 [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:55:36.0524 7216 RFCOMM - ok
17:55:36.0539 7216 [ 7A6648B61661B1421FFAB762E391E33F ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
17:55:36.0555 7216 rimmptsk - ok
17:55:36.0571 7216 [ D0A35B7670AA3558EAAB483F64446496 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:55:36.0571 7216 rimsptsk - ok
17:55:36.0586 7216 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
17:55:36.0586 7216 rismxdp - ok
17:55:36.0602 7216 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
17:55:36.0602 7216 RpcLocator - ok
17:55:36.0633 7216 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\System32\rpcss.dll
17:55:36.0633 7216 RpcSs - ok
17:55:36.0649 7216 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:55:36.0649 7216 rspndr - ok
17:55:36.0649 7216 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
17:55:36.0649 7216 SamSs - ok
17:55:36.0680 7216 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:55:36.0680 7216 sbp2port - ok
17:55:36.0711 7216 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:55:36.0711 7216 SCardSvr - ok
17:55:36.0836 7216 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
17:55:36.0851 7216 Schedule - ok
17:55:36.0851 7216 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:55:36.0851 7216 SCPolicySvc - ok
17:55:36.0914 7216 [ 958E956E119EB7B9ABA142AFED1B5FF4 ] ScsiAccess C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe
17:55:36.0914 7216 ScsiAccess - ok
17:55:36.0945 7216 [ 7B3973CC28B8AA3E9E2E5D53E720E2C9 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:55:36.0945 7216 sdbus - ok
17:55:36.0961 7216 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:55:36.0961 7216 SDRSVC - ok
17:55:36.0961 7216 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:55:36.0961 7216 secdrv - ok
17:55:36.0992 7216 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
17:55:36.0992 7216 seclogon - ok
17:55:37.0007 7216 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\system32\sens.dll
17:55:37.0007 7216 SENS - ok
17:55:37.0023 7216 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:55:37.0039 7216 Serenum - ok
17:55:37.0054 7216 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
17:55:37.0054 7216 Serial - ok
17:55:37.0070 7216 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:55:37.0070 7216 sermouse - ok
17:55:37.0101 7216 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
17:55:37.0101 7216 SessionEnv - ok
17:55:37.0132 7216 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:55:37.0148 7216 sffdisk - ok
17:55:37.0163 7216 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:55:37.0163 7216 sffp_mmc - ok
17:55:37.0179 7216 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:55:37.0179 7216 sffp_sd - ok
17:55:37.0179 7216 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:55:37.0179 7216 sfloppy - ok
17:55:37.0226 7216 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:55:37.0226 7216 SharedAccess - ok
17:55:37.0257 7216 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:55:37.0273 7216 ShellHWDetection - ok
17:55:37.0288 7216 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:55:37.0288 7216 sisagp - ok
17:55:37.0319 7216 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:55:37.0319 7216 SiSRaid2 - ok
17:55:37.0335 7216 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:55:37.0335 7216 SiSRaid4 - ok
17:55:37.0491 7216 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:55:37.0522 7216 Skype C2C Service - ok
17:55:37.0600 7216 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:55:37.0616 7216 SkypeUpdate - ok
17:55:37.0694 7216 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
17:55:37.0803 7216 slsvc - ok
17:55:37.0819 7216 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:55:37.0819 7216 SLUINotify - ok
17:55:37.0834 7216 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:55:37.0834 7216 Smb - ok
17:55:37.0865 7216 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:55:37.0865 7216 SNMPTRAP - ok
17:55:37.0897 7216 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
17:55:37.0897 7216 spldr - ok
17:55:37.0912 7216 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
17:55:37.0928 7216 Spooler - ok
17:55:37.0943 7216 sprtsvc_dellsupportcenter - ok
17:55:38.0006 7216 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
17:55:38.0006 7216 srv - ok
17:55:38.0068 7216 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:55:38.0084 7216 srv2 - ok
17:55:38.0131 7216 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:55:38.0131 7216 srvnet - ok
17:55:38.0162 7216 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:55:38.0162 7216 SSDPSRV - ok
17:55:38.0193 7216 [ 5F77725EC309DE1242D8EFC8E9259A9F ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
17:55:38.0193 7216 SSPORT - ok
17:55:38.0224 7216 [ 7E6DD4B34ACD36AF6C711D2BDE91B040 ] STacSV C:\Windows\system32\STacSV.exe
17:55:38.0224 7216 STacSV - ok
17:55:38.0271 7216 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
17:55:38.0271 7216 STHDA - ok
17:55:38.0302 7216 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
17:55:38.0302 7216 stisvc - ok
17:55:38.0318 7216 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:55:38.0318 7216 swenum - ok
17:55:38.0333 7216 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
17:55:38.0349 7216 swprv - ok
17:55:38.0349 7216 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:55:38.0365 7216 Symc8xx - ok
17:55:38.0365 7216 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:55:38.0365 7216 Sym_hi - ok
17:55:38.0380 7216 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:55:38.0380 7216 Sym_u3 - ok
17:55:38.0411 7216 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
17:55:38.0411 7216 SysMain - ok
17:55:38.0458 7216 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:55:38.0458 7216 TabletInputService - ok
17:55:38.0474 7216 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:55:38.0489 7216 TapiSrv - ok
17:55:38.0505 7216 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
17:55:38.0505 7216 TBS - ok
17:55:38.0552 7216 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:55:38.0567 7216 Tcpip - ok
17:55:38.0583 7216 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:55:38.0599 7216 Tcpip6 - ok
17:55:38.0614 7216 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:55:38.0614 7216 tcpipreg - ok
17:55:38.0630 7216 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:55:38.0630 7216 TDPIPE - ok
17:55:38.0661 7216 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:55:38.0661 7216 TDTCP - ok
17:55:38.0677 7216 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:55:38.0677 7216 tdx - ok
17:55:38.0708 7216 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:55:38.0708 7216 TermDD - ok
17:55:38.0723 7216 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
17:55:38.0739 7216 TermService - ok
17:55:38.0755 7216 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
17:55:38.0755 7216 Themes - ok
17:55:38.0770 7216 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
17:55:38.0770 7216 THREADORDER - ok
17:55:38.0770 7216 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
17:55:38.0786 7216 TrkWks - ok
17:55:38.0817 7216 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:55:38.0817 7216 TrustedInstaller - ok
17:55:38.0833 7216 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:55:38.0833 7216 tssecsrv - ok
17:55:38.0833 7216 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:55:38.0833 7216 tunmp - ok
17:55:38.0864 7216 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:55:38.0864 7216 tunnel - ok
17:55:38.0879 7216 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:55:38.0895 7216 uagp35 - ok
17:55:38.0911 7216 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:55:38.0911 7216 udfs - ok
17:55:38.0926 7216 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:55:38.0926 7216 UI0Detect - ok
17:55:38.0942 7216 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:55:38.0942 7216 uliagpkx - ok
17:55:38.0957 7216 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:55:38.0957 7216 uliahci - ok
17:55:38.0973 7216 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:55:38.0973 7216 UlSata - ok
17:55:39.0004 7216 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:55:39.0004 7216 ulsata2 - ok
17:55:39.0020 7216 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:55:39.0020 7216 umbus - ok
17:55:39.0035 7216 [ CFBB746C889B9223D2AC268CF283A93E ] UmRdpService C:\Windows\System32\umrdp.dll
17:55:39.0051 7216 UmRdpService - ok
17:55:39.0067 7216 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
17:55:39.0067 7216 upnphost - ok
17:55:39.0113 7216 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:55:39.0113 7216 USBAAPL - ok
17:55:39.0113 7216 usbbus - ok
17:55:39.0145 7216 [ B0BA9CAFFE9B0555EC0317F30CB79CD2 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:55:39.0145 7216 usbccgp - ok
17:55:39.0176 7216 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:55:39.0176 7216 usbcir - ok
17:55:39.0191 7216 [ C9FCD05B0A80EA08C2768E5A279B14DE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:55:39.0191 7216 usbehci - ok
17:55:39.0207 7216 [ 5E44F7D957F7560DA06BFE6B84B58A35 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:55:39.0207 7216 usbhub - ok
17:55:39.0223 7216 USBModem - ok
17:55:39.0223 7216 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:55:39.0223 7216 usbohci - ok
17:55:39.0254 7216 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:55:39.0254 7216 usbprint - ok
17:55:39.0269 7216 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:55:39.0269 7216 usbscan - ok
17:55:39.0285 7216 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:55:39.0301 7216 USBSTOR - ok
17:55:39.0301 7216 [ D864735B0BFCB65440960A0B7CC1A38D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:55:39.0301 7216 usbuhci - ok
17:55:39.0332 7216 [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:55:39.0347 7216 usbvideo - ok
17:55:39.0363 7216 [ DB4721908DAA0383EE82FFE430AEBAE1 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
17:55:39.0379 7216 usb_rndisx - ok
17:55:39.0394 7216 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
17:55:39.0394 7216 UxSms - ok
17:55:39.0425 7216 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
17:55:39.0425 7216 VClone - ok
17:55:39.0503 7216 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
17:55:39.0566 7216 vds - ok
17:55:39.0581 7216 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:55:39.0581 7216 vga - ok
17:55:39.0597 7216 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
17:55:39.0597 7216 VgaSave - ok
17:55:39.0613 7216 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:55:39.0613 7216 viaagp - ok
17:55:39.0613 7216 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:55:39.0628 7216 ViaC7 - ok
17:55:39.0644 7216 [ 58C8D5AC5C3EEF40E7E704A5CED7987D ] viaide C:\Windows\system32\drivers\viaide.sys
17:55:39.0644 7216 viaide - ok
17:55:39.0659 7216 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:55:39.0659 7216 volmgr - ok
17:55:39.0675 7216 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:55:39.0675 7216 volmgrx - ok
17:55:39.0706 7216 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:55:39.0722 7216 volsnap - ok
17:55:39.0737 7216 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:55:39.0737 7216 vsmraid - ok
17:55:40.0143 7216 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
17:55:40.0143 7216 VSS - ok
17:55:40.0190 7216 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
17:55:40.0190 7216 W32Time - ok
17:55:40.0221 7216 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:55:40.0237 7216 WacomPen - ok
17:55:40.0268 7216 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:55:40.0268 7216 Wanarp - ok
17:55:40.0268 7216 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:55:40.0268 7216 Wanarpv6 - ok
17:55:40.0361 7216 [ 6D2F099D4CE88777E46CB1808C87B132 ] wbengine C:\Windows\system32\wbengine.exe
17:55:40.0377 7216 wbengine - ok
17:55:40.0408 7216 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:55:40.0408 7216 WcesComm - ok
17:55:40.0439 7216 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:55:40.0455 7216 wcncsvc - ok
17:55:40.0471 7216 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:55:40.0486 7216 WcsPlugInService - ok
17:55:40.0502 7216 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
17:55:40.0502 7216 Wd - ok
17:55:40.0533 7216 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:55:40.0533 7216 Wdf01000 - ok
17:55:40.0549 7216 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:55:40.0549 7216 WdiServiceHost - ok
17:55:40.0549 7216 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:55:40.0564 7216 WdiSystemHost - ok
17:55:40.0595 7216 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
17:55:40.0611 7216 WebClient - ok
17:55:40.0611 7216 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
17:55:40.0627 7216 Wecsvc - ok
17:55:40.0642 7216 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:55:40.0642 7216 wercplsupport - ok
17:55:40.0658 7216 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
17:55:40.0658 7216 WerSvc - ok
17:55:40.0673 7216 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:55:40.0705 7216 winachsf - ok
17:55:40.0783 7216 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:55:40.0798 7216 WinDefend - ok
17:55:40.0798 7216 WinHttpAutoProxySvc - ok
17:55:40.0845 7216 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:55:40.0861 7216 Winmgmt - ok
17:55:40.0907 7216 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
17:55:40.0907 7216 WinRM - ok
17:55:40.0970 7216 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:55:40.0985 7216 Wlansvc - ok
17:55:40.0985 7216 wltrysvc - ok
17:55:41.0001 7216 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:55:41.0001 7216 WmiAcpi - ok
17:55:41.0017 7216 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:55:41.0017 7216 wmiApSrv - ok
17:55:41.0063 7216 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:55:41.0095 7216 WMPNetworkSvc - ok
17:55:41.0126 7216 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:55:41.0126 7216 WPCSvc - ok
17:55:41.0157 7216 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:55:41.0157 7216 WPDBusEnum - ok
17:55:41.0188 7216 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:55:41.0188 7216 WpdUsb - ok
17:55:41.0204 7216 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:55:41.0204 7216 ws2ifsl - ok
17:55:41.0219 7216 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
17:55:41.0235 7216 wscsvc - ok
17:55:41.0235 7216 WSearch - ok
17:55:41.0329 7216 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
17:55:41.0375 7216 wuauserv - ok
17:55:41.0391 7216 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:55:41.0391 7216 WUDFRd - ok
17:55:41.0422 7216 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:55:41.0422 7216 wudfsvc - ok
17:55:41.0453 7216 ================ Scan global ===============================
17:55:41.0734 7216 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
17:55:41.0859 7216 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
17:55:41.0890 7216 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
17:55:41.0937 7216 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
17:55:41.0937 7216 [Global] - ok
17:55:41.0937 7216 ================ Scan MBR ==================================
17:55:41.0953 7216 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:55:42.0187 7216 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:55:42.0187 7216 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:55:42.0187 7216 ================ Scan VBR ==================================
17:55:42.0187 7216 [ 822F69B6616F21134B32766345421165 ] \Device\Harddisk0\DR0\Partition1
17:55:42.0187 7216 \Device\Harddisk0\DR0\Partition1 - ok
17:55:42.0202 7216 [ 156FE18C0DC7394761F68751AA41C82A ] \Device\Harddisk0\DR0\Partition2
17:55:42.0218 7216 \Device\Harddisk0\DR0\Partition2 - ok
17:55:42.0218 7216 ============================================================
17:55:42.0218 7216 Scan finished
17:55:42.0218 7216 ============================================================
17:55:42.0218 7176 Detected object count: 2
17:55:42.0218 7176 Actual detected object count: 2
17:56:22.0247 7176 adp94xx ( LockedFile.Multi.Generic ) - skipped by user
17:56:22.0247 7176 adp94xx ( LockedFile.Multi.Generic ) - User select action: Skip
17:56:22.0247 7176 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:56:22.0247 7176 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
17:59:02.0005 4344 ============================================================
17:59:02.0005 4344 Scan started
17:59:02.0005 4344 Mode: Manual; SigCheck; TDLFS;
17:59:02.0005 4344 ============================================================
17:59:02.0613 4344 ================ Scan system memory ========================
17:59:02.0613 4344 System memory - ok
17:59:02.0613 4344 ================ Scan services =============================
17:59:02.0754 4344 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
17:59:02.0847 4344 ACPI - ok
17:59:02.0878 4344 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\Windows\system32\drivers\adfs.sys
17:59:02.0878 4344 adfs - ok
17:59:02.0972 4344 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:59:02.0988 4344 AdobeARMservice - ok
17:59:03.0034 4344 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:59:03.0050 4344 AdobeFlashPlayerUpdateSvc - ok
17:59:04.0828 4344 [ D11C3DEE5AA97020E14E758C57423917 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:59:06.0638 4344 Suspicious file (NoAccess): C:\Windows\system32\drivers\adp94xx.sys. md5: D11C3DEE5AA97020E14E758C57423917
17:59:06.0654 4344 adp94xx ( LockedFile.Multi.Generic ) - warning
17:59:06.0654 4344 adp94xx - detected LockedFile.Multi.Generic (1)
17:59:06.0732 4344 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:59:06.0747 4344 adpahci - ok
17:59:06.0825 4344 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:59:06.0841 4344 adpu160m - ok
17:59:06.0919 4344 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:59:06.0934 4344 adpu320 - ok
17:59:06.0997 4344 [ 4AE9537AC4DF20F857E5DB119EF4B1CA ] adusbser C:\Windows\system32\DRIVERS\adusbser.sys
17:59:07.0059 4344 adusbser - ok
17:59:07.0075 4344 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:59:07.0215 4344 AeLookupSvc - ok
17:59:07.0246 4344 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\system32\aestsrv.exe
17:59:07.0262 4344 AESTFilters - ok
17:59:07.0293 4344 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
17:59:07.0434 4344 AFD - ok
17:59:07.0465 4344 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:59:07.0465 4344 agp440 - ok
17:59:07.0512 4344 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:59:07.0527 4344 aic78xx - ok
17:59:07.0543 4344 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
17:59:07.0574 4344 ALG - ok
17:59:07.0590 4344 [ 3A99CB23A2D326FD532618705D6E3048 ] aliide C:\Windows\system32\drivers\aliide.sys
17:59:07.0605 4344 aliide - ok
17:59:07.0621 4344 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:59:07.0636 4344 amdagp - ok
17:59:07.0636 4344 [ 4333C133DBD71C7D7FE4FB1B83F9EE3E ] amdide C:\Windows\system32\drivers\amdide.sys
17:59:07.0652 4344 amdide - ok
17:59:07.0668 4344 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:59:07.0714 4344 AmdK7 - ok
17:59:07.0714 4344 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:59:07.0761 4344 AmdK8 - ok
17:59:07.0792 4344 [ 19F9B865832FC563ED8EED449CB4FF31 ] Andbus C:\Windows\system32\DRIVERS\lgandbus.sys
17:59:07.0855 4344 Andbus - ok
17:59:07.0886 4344 [ C896B7DCD81862CB51E5C2EBCF0B50CA ] AndDiag C:\Windows\system32\DRIVERS\lganddiag.sys
17:59:07.0886 4344 AndDiag - ok
17:59:07.0933 4344 [ 2D4F4EE70EB5A03CFFAA50E6D6B67BC8 ] AndGps C:\Windows\system32\DRIVERS\lgandgps.sys
17:59:07.0995 4344 AndGps - ok
17:59:08.0042 4344 [ 13947A4E2343D1DAE526FB9B8E7898DC ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem.sys
17:59:08.0058 4344 ANDModem - ok
17:59:08.0089 4344 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
17:59:08.0136 4344 Appinfo - ok
17:59:08.0338 4344 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:59:08.0354 4344 Apple Mobile Device - ok
17:59:08.0401 4344 [ 051E86735B71E8402AEBC1D662F26BA2 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:59:08.0432 4344 AppMgmt - ok
17:59:08.0463 4344 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
17:59:08.0463 4344 arc - ok
17:59:08.0479 4344 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:59:08.0494 4344 arcsas - ok
17:59:08.0510 4344 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:59:08.0557 4344 AsyncMac - ok
17:59:08.0588 4344 [ B35CFCEF838382AB6490B321C87EDF17 ] atapi C:\Windows\system32\DRIVERS\ATAPI.SYS
17:59:08.0604 4344 atapi - ok
17:59:08.0682 4344 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:59:08.0728 4344 AudioEndpointBuilder - ok
17:59:08.0791 4344 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:59:08.0822 4344 Audiosrv - ok
17:59:09.0259 4344 [ C48176DA44D0298A7075D3C5CF8C3D8D ] AVKProxy C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
17:59:09.0306 4344 AVKProxy - ok
17:59:09.0524 4344 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
17:59:09.0540 4344 AVKService - ok
17:59:09.0664 4344 [ 6BBEF99B9A4DA3568ECCF32FCB10C6FE ] AVKWCtl C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
17:59:09.0758 4344 AVKWCtl - ok
17:59:09.0789 4344 [ 7BD70AEED0D975285A1B20BD012EBF4E ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
17:59:09.0805 4344 BCM42RLY - ok
17:59:09.0992 4344 [ FA6707A346CD122407F3B0BAD1C47639 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
17:59:10.0023 4344 BCM43XX - ok
17:59:10.0054 4344 [ CD4646067CC7DCBA1907FA0ACF7E3966 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
17:59:10.0101 4344 bcm4sbxp - ok
17:59:10.0148 4344 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
17:59:10.0195 4344 Beep - ok
17:59:10.0242 4344 [ 98EBDFFB824A7C265337D68DD480E45C ] BFE C:\Windows\System32\bfe.dll
17:59:10.0288 4344 BFE - ok
17:59:10.0413 4344 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
17:59:10.0476 4344 BITS - ok
17:59:10.0491 4344 blbdrive - ok
17:59:10.0507 4344 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:59:10.0554 4344 bowser - ok
17:59:10.0569 4344 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:59:10.0616 4344 BrFiltLo - ok
17:59:10.0632 4344 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:59:10.0663 4344 BrFiltUp - ok
17:59:10.0694 4344 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
17:59:10.0741 4344 Browser - ok
17:59:10.0944 4344 [ CE37210C345F6C8B019625A1FBC8A011 ] Browser Defender Update Service C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
17:59:10.0959 4344 Browser Defender Update Service - ok
17:59:10.0990 4344 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:59:11.0037 4344 Brserid - ok
17:59:11.0053 4344 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:59:11.0115 4344 BrSerWdm - ok
17:59:11.0131 4344 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:59:11.0178 4344 BrUsbMdm - ok
17:59:11.0209 4344 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:59:11.0256 4344 BrUsbSer - ok
17:59:11.0287 4344 [ CF97C2D6A011EE9403B42191B5F95BA8 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:59:11.0318 4344 BthEnum - ok
17:59:11.0334 4344 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:59:11.0412 4344 BTHMODEM - ok
17:59:11.0443 4344 [ B8C3D9DDF85FD197C3E5F849FEF71144 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:59:11.0474 4344 BthPan - ok
17:59:11.0490 4344 [ B4CE8000AAB30A9AB16CD0FB3DB4D7CF ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:59:11.0521 4344 BTHPORT - ok
17:59:11.0536 4344 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
17:59:11.0568 4344 BthServ - ok
17:59:11.0583 4344 [ 9A4DDC8544C1459AA2A118A8858DADE3 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:59:11.0614 4344 BTHUSB - ok
17:59:11.0646 4344 [ 24B6F65F80EBE0111E7807769AE3D6C0 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
17:59:11.0646 4344 btusbflt - ok
17:59:11.0646 4344 catchme - ok
17:59:11.0677 4344 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:59:11.0739 4344 cdfs - ok
17:59:11.0755 4344 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:59:11.0817 4344 cdrom - ok
17:59:11.0848 4344 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
17:59:11.0911 4344 CertPropSvc - ok
17:59:11.0926 4344 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
17:59:11.0973 4344 circlass - ok
17:59:12.0036 4344 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
17:59:12.0036 4344 CLFS - ok
17:59:12.0145 4344 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:59:12.0160 4344 clr_optimization_v2.0.50727_32 - ok
17:59:12.0176 4344 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:59:12.0238 4344 CmBatt - ok
17:59:12.0270 4344 [ DFB94A6FC3A26972B0461AB5F1D8272B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:59:12.0285 4344 cmdide - ok
17:59:12.0316 4344 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:59:12.0316 4344 Compbatt - ok
17:59:12.0316 4344 COMSysApp - ok
17:59:12.0332 4344 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:59:12.0348 4344 crcdisk - ok
17:59:12.0363 4344 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:59:12.0410 4344 Crusoe - ok
17:59:12.0441 4344 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:59:12.0488 4344 CryptSvc - ok
17:59:12.0566 4344 [ EE95A5F89766F199557E5900CE6B2D7D ] CSC C:\Windows\system32\drivers\csc.sys
17:59:12.0613 4344 CSC - ok
17:59:12.0644 4344 [ 68131A9A8E3F0AB5136BF386F02A3FC7 ] CscService C:\Windows\System32\cscsvc.dll
17:59:12.0691 4344 CscService - ok
17:59:12.0753 4344 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
17:59:12.0800 4344 DcomLaunch - ok
17:59:12.0847 4344 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:59:12.0894 4344 DfsC - ok
17:59:13.0159 4344 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
17:59:13.0330 4344 DFSR - ok
17:59:13.0377 4344 [ 7F19DBA1A467B838CCB23124A2C55568 ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
17:59:13.0377 4344 DgiVecp ( UnsignedFile.Multi.Generic ) - warning
17:59:13.0377 4344 DgiVecp - detected UnsignedFile.Multi.Generic (1)
17:59:13.0424 4344 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:59:13.0502 4344 Dhcp - ok
17:59:13.0518 4344 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
17:59:13.0533 4344 disk - ok
17:59:13.0533 4344 dlbc_device - ok
17:59:13.0564 4344 [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:59:13.0580 4344 Dnscache - ok
17:59:13.0580 4344 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
17:59:13.0642 4344 dot3svc - ok
17:59:13.0674 4344 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:59:13.0720 4344 Dot4 - ok
17:59:13.0752 4344 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:59:13.0798 4344 Dot4Print - ok
17:59:13.0814 4344 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:59:13.0861 4344 dot4usb - ok
17:59:13.0986 4344 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
17:59:14.0032 4344 DPS - ok
17:59:14.0064 4344 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:59:14.0110 4344 drmkaud - ok
17:59:14.0220 4344 [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:59:14.0282 4344 DXGKrnl - ok
17:59:14.0313 4344 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:59:14.0360 4344 E1G60 - ok
17:59:14.0391 4344 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
17:59:14.0454 4344 EapHost - ok
17:59:14.0469 4344 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
17:59:14.0485 4344 Ecache - ok
17:59:14.0578 4344 [ B4580122B0A7B263B6EE9ACBA69C8013 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:59:14.0610 4344 ehRecvr - ok
17:59:14.0625 4344 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
17:59:14.0641 4344 ehSched - ok
17:59:14.0641 4344 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
17:59:14.0672 4344 ehstart - ok
17:59:14.0703 4344 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:59:14.0719 4344 elxstor - ok
17:59:14.0750 4344 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:59:14.0781 4344 EMDMgmt - ok
17:59:14.0859 4344 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
17:59:14.0906 4344 EventSystem - ok
17:59:14.0906 4344 ewusbnet - ok
17:59:14.0922 4344 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:59:14.0968 4344 fastfat - ok
17:59:15.0062 4344 [ 93F75490B02033DF8EDF4D7089C7E1D8 ] Fax C:\Windows\system32\fxssvc.exe
17:59:15.0109 4344 Fax - ok
17:59:15.0140 4344 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:59:15.0171 4344 fdc - ok
17:59:15.0187 4344 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
17:59:15.0234 4344 fdPHost - ok
17:59:15.0249 4344 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
17:59:15.0296 4344 FDResPub - ok
17:59:15.0327 4344 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:59:15.0327 4344 FileInfo - ok
17:59:15.0343 4344 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:59:15.0390 4344 Filetrace - ok
17:59:15.0436 4344 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:59:15.0468 4344 FLEXnet Licensing Service - ok
17:59:15.0483 4344 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:59:15.0514 4344 flpydisk - ok
17:59:15.0546 4344 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:59:15.0561 4344 FltMgr - ok
17:59:15.0702 4344 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:59:15.0717 4344 FontCache3.0.0.0 - ok
17:59:15.0748 4344 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:59:15.0795 4344 Fs_Rec - ok
17:59:15.0826 4344 [ 06A1CF72FBE3B50035FBFF428C8D84B4 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:59:15.0826 4344 fvevol - ok
17:59:15.0858 4344 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:59:15.0873 4344 gagp30kx - ok
17:59:15.0889 4344 [ 1F0A3452B77638FF4106CF914B3DAB3D ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
17:59:15.0904 4344 GDBehave - ok
17:59:16.0185 4344 [ EB4D63C618555024DAC54F619859AD92 ] GDFwSvc C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
17:59:16.0232 4344 GDFwSvc - ok
17:59:16.0263 4344 [ 724070D41BC6471DAEDDB6C6A75C8CD3 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
17:59:16.0279 4344 GDMnIcpt - ok
17:59:16.0294 4344 [ 9433BA5D6E52CF35BA5660DFD1100CCD ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
17:59:16.0310 4344 GDPkIcpt - ok
17:59:16.0357 4344 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
17:59:16.0372 4344 GDScan - ok
17:59:16.0388 4344 [ 0EBC9CEBF9FC3E256E6D196FB3DE61E9 ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd32.sys
17:59:16.0404 4344 gdwfpcd - ok
17:59:16.0419 4344 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:59:16.0435 4344 GEARAspiWDM - ok
17:59:16.0466 4344 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
17:59:16.0544 4344 gpsvc - ok
17:59:16.0622 4344 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:59:16.0638 4344 gupdate - ok
17:59:16.0638 4344 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:59:16.0638 4344 gupdatem - ok
17:59:16.0684 4344 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:59:16.0700 4344 gusvc - ok
17:59:16.0716 4344 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:59:16.0762 4344 HdAudAddService - ok
17:59:16.0794 4344 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:59:16.0825 4344 HDAudBus - ok
17:59:16.0840 4344 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:59:16.0887 4344 HidBth - ok
17:59:16.0903 4344 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
17:59:16.0965 4344 HidIr - ok
17:59:16.0996 4344 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll
17:59:17.0043 4344 hidserv - ok
17:59:17.0059 4344 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:59:17.0090 4344 HidUsb - ok
17:59:17.0106 4344 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
17:59:17.0168 4344 hkmsvc - ok
17:59:17.0199 4344 [ 005C774402CEE9B625DD1E07A7ADE383 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
17:59:17.0199 4344 HookCentre - ok
17:59:17.0230 4344 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:59:17.0230 4344 HpCISSs - ok
17:59:17.0262 4344 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
17:59:17.0293 4344 HSFHWAZL - ok
17:59:17.0340 4344 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
17:59:17.0386 4344 HSF_DPV - ok
17:59:17.0433 4344 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:59:17.0511 4344 HTTP - ok
17:59:17.0511 4344 hwdatacard - ok
17:59:17.0511 4344 hwusbfake - ok
17:59:17.0542 4344 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:59:17.0558 4344 i2omp - ok
17:59:17.0574 4344 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:59:17.0620 4344 i8042prt - ok
17:59:17.0652 4344 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:59:17.0667 4344 iaStorV - ok
17:59:17.0714 4344 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:59:17.0761 4344 idsvc - ok
17:59:17.0808 4344 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:59:17.0808 4344 iirsp - ok
17:59:17.0839 4344 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
17:59:17.0901 4344 IKEEXT - ok
17:59:17.0932 4344 [ 988981C840084F480BA9E3319CEBDE1B ] intelide C:\Windows\system32\drivers\intelide.sys
17:59:17.0948 4344 intelide - ok
17:59:17.0964 4344 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:59:18.0010 4344 intelppm - ok
17:59:18.0042 4344 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:59:18.0088 4344 IPBusEnum - ok
17:59:18.0104 4344 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:59:18.0135 4344 IpFilterDriver - ok
17:59:18.0166 4344 [ ECC9AD72CFC4AB41CF6A9BCC11F9FEF6 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:59:18.0213 4344 iphlpsvc - ok
17:59:18.0213 4344 IpInIp - ok
17:59:18.0229 4344 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:59:18.0276 4344 IPMIDRV - ok
17:59:18.0291 4344 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:59:18.0354 4344 IPNAT - ok
17:59:18.0385 4344 [ 3A6D4D8ABACF64292D060C9E06D2050D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:59:18.0432 4344 iPod Service - ok
17:59:18.0447 4344 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:59:18.0478 4344 IRENUM - ok
17:59:18.0494 4344 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:59:18.0494 4344 isapnp - ok
17:59:18.0525 4344 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:59:18.0525 4344 iScsiPrt - ok
17:59:18.0541 4344 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:59:18.0556 4344 iteatapi - ok
17:59:18.0556 4344 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:59:18.0572 4344 iteraid - ok
17:59:18.0588 4344 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:59:18.0603 4344 kbdclass - ok
17:59:18.0619 4344 [ ED61DBC6603F612B7338283EDBACBC4B ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:59:18.0650 4344 kbdhid - ok
17:59:18.0666 4344 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
17:59:18.0712 4344 KeyIso - ok
17:59:18.0744 4344 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
17:59:18.0775 4344 KMWDFILTER - ok
17:59:18.0790 4344 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:59:18.0822 4344 KSecDD - ok
17:59:18.0853 4344 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
17:59:18.0900 4344 KtmRm - ok
17:59:18.0931 4344 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\System32\srvsvc.dll
17:59:18.0962 4344 LanmanServer - ok
17:59:18.0993 4344 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:59:19.0024 4344 LanmanWorkstation - ok
17:59:19.0056 4344 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:59:19.0102 4344 lltdio - ok
17:59:19.0118 4344 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:59:19.0165 4344 lltdsvc - ok
17:59:19.0180 4344 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:59:19.0227 4344 lmhosts - ok
17:59:19.0243 4344 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:59:19.0258 4344 LSI_FC - ok
17:59:19.0258 4344 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:59:19.0274 4344 LSI_SAS - ok
17:59:19.0290 4344 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:59:19.0290 4344 LSI_SCSI - ok
17:59:19.0305 4344 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
17:59:19.0352 4344 luafv - ok
17:59:19.0368 4344 [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:59:19.0383 4344 MBAMProtector - ok
17:59:19.0430 4344 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:59:19.0461 4344 MBAMScheduler - ok
17:59:19.0508 4344 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:59:19.0524 4344 MBAMService - ok
17:59:19.0555 4344 [ E93C1AD58E88A0846EAEE10671C2A8F3 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:59:19.0586 4344 Mcx2Svc - ok
17:59:19.0602 4344 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
17:59:19.0617 4344 megasas - ok
17:59:19.0633 4344 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
17:59:19.0680 4344 MMCSS - ok
17:59:19.0695 4344 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
17:59:19.0742 4344 Modem - ok
17:59:19.0773 4344 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:59:19.0804 4344 monitor - ok
17:59:19.0820 4344 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:59:19.0820 4344 mouclass - ok
17:59:19.0851 4344 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:59:19.0851 4344 mouhid - ok
17:59:19.0867 4344 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:59:19.0882 4344 MountMgr - ok
17:59:19.0929 4344 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:59:19.0945 4344 MozillaMaintenance - ok
17:59:19.0960 4344 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
17:59:19.0960 4344 mpio - ok
17:59:19.0992 4344 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:59:20.0038 4344 mpsdrv - ok
17:59:20.0054 4344 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
17:59:20.0132 4344 MpsSvc - ok
17:59:20.0163 4344 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:59:20.0163 4344 Mraid35x - ok
17:59:20.0210 4344 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:59:20.0241 4344 MRxDAV - ok
17:59:20.0272 4344 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:59:20.0319 4344 mrxsmb - ok
17:59:20.0335 4344 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:59:20.0366 4344 mrxsmb10 - ok
17:59:20.0382 4344 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:59:20.0397 4344 mrxsmb20 - ok
17:59:20.0413 4344 [ F0EC3A4E0693A34B148723B4DA31668C ] msahci C:\Windows\system32\drivers\msahci.sys
17:59:20.0428 4344 msahci - ok
17:59:20.0460 4344 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:59:20.0460 4344 msdsm - ok
17:59:20.0491 4344 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
17:59:20.0506 4344 MSDTC - ok
17:59:20.0522 4344 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:59:20.0569 4344 Msfs - ok
17:59:20.0584 4344 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:59:20.0584 4344 msisadrv - ok
17:59:20.0616 4344 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:59:20.0662 4344 MSiSCSI - ok
17:59:20.0662 4344 msiserver - ok
17:59:20.0694 4344 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:59:20.0740 4344 MSKSSRV - ok
17:59:20.0756 4344 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:59:20.0787 4344 MSPCLOCK - ok
17:59:20.0803 4344 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:59:20.0850 4344 MSPQM - ok
17:59:20.0865 4344 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:59:20.0881 4344 MsRPC - ok
17:59:20.0896 4344 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:59:20.0912 4344 mssmbios - ok
17:59:20.0912 4344 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:59:20.0959 4344 MSTEE - ok
17:59:20.0974 4344 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
17:59:20.0974 4344 Mup - ok
17:59:21.0006 4344 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
17:59:21.0052 4344 napagent - ok
17:59:21.0084 4344 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:59:21.0115 4344 NativeWifiP - ok
17:59:21.0146 4344 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:59:21.0177 4344 NDIS - ok
17:59:21.0208 4344 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:59:21.0240 4344 NdisTapi - ok
17:59:21.0255 4344 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:59:21.0302 4344 Ndisuio - ok
17:59:21.0333 4344 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:59:21.0380 4344 NdisWan - ok
17:59:21.0396 4344 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:59:21.0411 4344 NDProxy - ok
17:59:21.0442 4344 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:59:21.0474 4344 NetBIOS - ok
17:59:21.0505 4344 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:59:21.0536 4344 netbt - ok
17:59:21.0552 4344 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
17:59:21.0567 4344 Netlogon - ok
17:59:21.0598 4344 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
17:59:21.0645 4344 Netman - ok
17:59:21.0676 4344 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
17:59:21.0739 4344 netprofm - ok
17:59:21.0754 4344 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:59:21.0770 4344 NetTcpPortSharing - ok
17:59:21.0786 4344 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:59:21.0786 4344 nfrd960 - ok
17:59:21.0801 4344 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
17:59:21.0848 4344 NlaSvc - ok
17:59:21.0864 4344 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:59:21.0910 4344 Npfs - ok
17:59:21.0942 4344 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
17:59:21.0973 4344 nsi - ok
17:59:21.0988 4344 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:59:22.0020 4344 nsiproxy - ok
17:59:22.0066 4344 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:59:22.0129 4344 Ntfs - ok
17:59:22.0160 4344 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:59:22.0207 4344 ntrigdigi - ok
17:59:22.0222 4344 [ 20623A75F3C6C1076EBBA64DD8C4BC02 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
17:59:22.0238 4344 NuidFltr - ok
17:59:22.0254 4344 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
17:59:22.0285 4344 Null - ok
17:59:22.0519 4344 [ 8FE5350FA6A9F0B6633AEE811C468954 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:59:22.0815 4344 nvlddmkm - ok
17:59:22.0846 4344 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:59:22.0846 4344 nvraid - ok
17:59:22.0878 4344 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:59:22.0878 4344 nvstor - ok
17:59:22.0909 4344 [ DED8F2C0070478F13C37F7BD849B83FA ] nvsvc C:\Windows\system32\nvvsvc.exe
17:59:22.0924 4344 nvsvc - ok
17:59:22.0924 4344 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:59:22.0940 4344 nv_agp - ok
17:59:22.0940 4344 NwlnkFlt - ok
17:59:22.0956 4344 NwlnkFwd - ok
17:59:22.0987 4344 [ 19CAC780B858822055F46C58A111723C ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
17:59:23.0018 4344 OEM02Dev - ok
17:59:23.0034 4344 [ 86326062A90494BDD79CE383511D7D69 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
17:59:23.0049 4344 OEM02Vfx - ok
17:59:23.0049 4344 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:59:23.0096 4344 ohci1394 - ok
17:59:23.0127 4344 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:59:23.0127 4344 ose - ok
17:59:23.0174 4344 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:59:23.0205 4344 p2pimsvc - ok
17:59:23.0236 4344 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
17:59:23.0268 4344 p2psvc - ok
17:59:23.0299 4344 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
17:59:23.0346 4344 Parport - ok
17:59:23.0361 4344 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:59:23.0361 4344 partmgr - ok
17:59:23.0377 4344 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:59:23.0424 4344 Parvdm - ok
17:59:23.0439 4344 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:59:23.0455 4344 PcaSvc - ok
17:59:23.0470 4344 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
17:59:23.0486 4344 pci - ok
17:59:23.0517 4344 [ 20B869152448F80AC49CF10264E91F5E ] pciide C:\Windows\system32\drivers\pciide.sys
17:59:23.0533 4344 pciide - ok
17:59:23.0548 4344 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:59:23.0564 4344 pcmcia - ok
17:59:23.0580 4344 [ C6F3106F935DC7A93D131DAE8744F805 ] PCTBD C:\Windows\system32\Drivers\PCTBD.sys
17:59:23.0595 4344 PCTBD - ok
17:59:23.0626 4344 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:59:23.0704 4344 PEAUTH - ok
17:59:24.0204 4344 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
17:59:24.0328 4344 pla - ok
17:59:24.0547 4344 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:59:24.0562 4344 PlugPlay - ok
17:59:24.0594 4344 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:59:24.0609 4344 PNRPAutoReg - ok
17:59:24.0625 4344 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:59:24.0656 4344 PNRPsvc - ok
17:59:24.0734 4344 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:59:24.0828 4344 PolicyAgent - ok
17:59:24.0859 4344 [ 6C359AC71D7B550A0D41F9DB4563CE05 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:59:24.0906 4344 PptpMiniport - ok
17:59:24.0937 4344 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
17:59:24.0999 4344 Processor - ok
17:59:25.0015 4344 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
17:59:25.0093 4344 ProfSvc - ok
17:59:25.0093 4344 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:59:25.0108 4344 ProtectedStorage - ok
17:59:25.0140 4344 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:59:25.0155 4344 PSched - ok
17:59:25.0389 4344 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:59:25.0452 4344 ql2300 - ok
17:59:25.0483 4344 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:59:25.0514 4344 ql40xx - ok
17:59:25.0545 4344 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
17:59:25.0576 4344 QWAVE - ok
17:59:25.0592 4344 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:59:25.0623 4344 QWAVEdrv - ok
17:59:25.0654 4344 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:59:25.0670 4344 RapiMgr - ok
17:59:25.0686 4344 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:59:25.0732 4344 RasAcd - ok
17:59:25.0748 4344 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
17:59:25.0795 4344 RasAuto - ok
17:59:25.0810 4344 [ 88587DD843E2059848995B407B67F6CF ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:59:25.0888 4344 Rasl2tp - ok
17:59:25.0920 4344 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
17:59:25.0966 4344 RasMan - ok
17:59:25.0982 4344 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:59:26.0029 4344 RasPppoe - ok
17:59:26.0029 4344 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:59:26.0076 4344 rdbss - ok
17:59:26.0091 4344 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:59:26.0122 4344 RDPCDD - ok
17:59:26.0138 4344 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\DRIVERS\rdpdr.sys
17:59:26.0200 4344 rdpdr - ok
17:59:26.0200 4344 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:59:26.0247 4344 RDPENCDD - ok
17:59:26.0263 4344 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:59:26.0325 4344 RDPWD - ok
17:59:26.0356 4344 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
17:59:26.0403 4344 RemoteAccess - ok
17:59:26.0466 4344 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:59:26.0512 4344 RemoteRegistry - ok
17:59:26.0544 4344 [ 7EC90C316177BA3F1BCE92005264B447 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:59:26.0606 4344 RFCOMM - ok
17:59:26.0637 4344 [ 7A6648B61661B1421FFAB762E391E33F ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
17:59:26.0668 4344 rimmptsk - ok
17:59:26.0684 4344 [ D0A35B7670AA3558EAAB483F64446496 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:59:26.0715 4344 rimsptsk - ok
17:59:26.0731 4344 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
17:59:26.0746 4344 rismxdp - ok
17:59:26.0778 4344 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
17:59:26.0793 4344 RpcLocator - ok
17:59:26.0824 4344 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\System32\rpcss.dll
17:59:26.0856 4344 RpcSs - ok
17:59:26.0934 4344 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:59:26.0980 4344 rspndr - ok
17:59:27.0027 4344 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
17:59:27.0043 4344 SamSs - ok
17:59:27.0074 4344 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:59:27.0105 4344 sbp2port - ok
17:59:27.0136 4344 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:59:27.0183 4344 SCardSvr - ok
17:59:27.0230 4344 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
17:59:27.0308 4344 Schedule - ok
17:59:27.0324 4344 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:59:27.0355 4344 SCPolicySvc - ok
17:59:27.0573 4344 [ 958E956E119EB7B9ABA142AFED1B5FF4 ] ScsiAccess C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe
17:59:27.0604 4344 ScsiAccess - ok
17:59:27.0620 4344 [ 7B3973CC28B8AA3E9E2E5D53E720E2C9 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:59:27.0651 4344 sdbus - ok
17:59:27.0667 4344 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:59:27.0698 4344 SDRSVC - ok
17:59:27.0729 4344 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:59:27.0776 4344 secdrv - ok
17:59:27.0776 4344 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
17:59:27.0823 4344 seclogon - ok
17:59:27.0838 4344 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\system32\sens.dll
17:59:27.0885 4344 SENS - ok
17:59:27.0916 4344 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:59:27.0979 4344 Serenum - ok
17:59:27.0994 4344 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
17:59:28.0026 4344 Serial - ok
17:59:28.0041 4344 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:59:28.0072 4344 sermouse - ok
17:59:28.0104 4344 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
17:59:28.0150 4344 SessionEnv - ok
17:59:28.0166 4344 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:59:28.0182 4344 sffdisk - ok
17:59:28.0213 4344 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:59:28.0228 4344 sffp_mmc - ok
17:59:28.0244 4344 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:59:28.0260 4344 sffp_sd - ok
17:59:28.0291 4344 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:59:28.0322 4344 sfloppy - ok
17:59:28.0353 4344 [ 9A82BF4C90B00A63150A606A1E2FD82B ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:59:28.0384 4344 SharedAccess - ok
17:59:28.0416 4344 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:59:28.0447 4344 ShellHWDetection - ok
17:59:28.0462 4344 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:59:28.0478 4344 sisagp - ok
17:59:28.0478 4344 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:59:28.0494 4344 SiSRaid2 - ok
17:59:28.0494 4344 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:59:28.0509 4344 SiSRaid4 - ok
17:59:29.0430 4344 [ 0F97E7A47A52F4A36969F0FC319654C2 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:59:29.0508 4344 Skype C2C Service - ok
17:59:29.0601 4344 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:59:29.0617 4344 SkypeUpdate - ok
17:59:30.0178 4344 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
17:59:30.0334 4344 slsvc - ok
17:59:30.0366 4344 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:59:30.0381 4344 SLUINotify - ok
17:59:30.0397 4344 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:59:30.0428 4344 Smb - ok
17:59:30.0490 4344 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:59:30.0522 4344 SNMPTRAP - ok
17:59:30.0537 4344 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
17:59:30.0553 4344 spldr - ok
17:59:30.0568 4344 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
17:59:30.0584 4344 Spooler - ok
17:59:30.0615 4344 sprtsvc_dellsupportcenter - ok
17:59:30.0646 4344 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
17:59:30.0709 4344 srv - ok
17:59:30.0724 4344 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:59:30.0771 4344 srv2 - ok
17:59:30.0802 4344 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:59:30.0818 4344 srvnet - ok
17:59:30.0865 4344 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:59:30.0912 4344 SSDPSRV - ok
17:59:30.0927 4344 [ 5F77725EC309DE1242D8EFC8E9259A9F ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
17:59:30.0974 4344 SSPORT - ok
17:59:31.0005 4344 [ 7E6DD4B34ACD36AF6C711D2BDE91B040 ] STacSV C:\Windows\system32\STacSV.exe
17:59:31.0021 4344 STacSV - ok
17:59:31.0052 4344 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
17:59:31.0083 4344 STHDA - ok
17:59:31.0114 4344 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
17:59:31.0146 4344 stisvc - ok
17:59:31.0177 4344 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:59:31.0177 4344 swenum - ok
17:59:31.0270 4344 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
17:59:31.0317 4344 swprv - ok
17:59:31.0333 4344 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:59:31.0364 4344 Symc8xx - ok
17:59:31.0380 4344 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:59:31.0395 4344 Sym_hi - ok
17:59:31.0395 4344 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:59:31.0411 4344 Sym_u3 - ok
17:59:31.0442 4344 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
17:59:31.0520 4344 SysMain - ok
17:59:31.0551 4344 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:59:31.0629 4344 TabletInputService - ok
17:59:31.0645 4344 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:59:31.0692 4344 TapiSrv - ok
17:59:31.0723 4344 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
17:59:31.0770 4344 TBS - ok
17:59:31.0816 4344 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:59:31.0879 4344 Tcpip - ok
17:59:31.0926 4344 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:59:31.0957 4344 Tcpip6 - ok
17:59:31.0988 4344 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:59:32.0035 4344 tcpipreg - ok
17:59:32.0050 4344 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:59:32.0097 4344 TDPIPE - ok
17:59:32.0113 4344 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:59:32.0175 4344 TDTCP - ok
17:59:32.0191 4344 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:59:32.0238 4344 tdx - ok
17:59:32.0253 4344 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:59:32.0269 4344 TermDD - ok
17:59:32.0300 4344 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
17:59:32.0347 4344 TermService - ok
17:59:32.0362 4344 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
17:59:32.0378 4344 Themes - ok
17:59:32.0394 4344 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
17:59:32.0440 4344 THREADORDER - ok
17:59:32.0456 4344 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
17:59:32.0518 4344 TrkWks - ok
17:59:32.0550 4344 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:59:32.0565 4344 TrustedInstaller - ok
17:59:32.0581 4344 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:59:32.0628 4344 tssecsrv - ok
17:59:32.0659 4344 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:59:32.0674 4344 tunmp - ok
17:59:32.0706 4344 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:59:32.0721 4344 tunnel - ok
17:59:32.0784 4344 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:59:32.0815 4344 uagp35 - ok
17:59:32.0830 4344 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:59:32.0877 4344 udfs - ok
17:59:32.0893 4344 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:59:32.0940 4344 UI0Detect - ok
17:59:32.0955 4344 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:59:32.0971 4344 uliagpkx - ok
17:59:32.0986 4344 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:59:33.0002 4344 uliahci - ok
17:59:33.0002 4344 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:59:33.0018 4344 UlSata - ok
17:59:33.0033 4344 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:59:33.0033 4344 ulsata2 - ok
17:59:33.0049 4344 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:59:33.0096 4344 umbus - ok
17:59:33.0127 4344 [ CFBB746C889B9223D2AC268CF283A93E ] UmRdpService C:\Windows\System32\umrdp.dll
17:59:33.0174 4344 UmRdpService - ok
17:59:33.0189 4344 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
17:59:33.0236 4344 upnphost - ok
17:59:33.0267 4344 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
17:59:33.0314 4344 USBAAPL - ok
17:59:33.0314 4344 usbbus - ok
17:59:33.0345 4344 [ B0BA9CAFFE9B0555EC0317F30CB79CD2 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:59:33.0392 4344 usbccgp - ok
17:59:33.0408 4344 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:59:33.0454 4344 usbcir - ok
17:59:33.0486 4344 [ C9FCD05B0A80EA08C2768E5A279B14DE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:59:33.0517 4344 usbehci - ok
17:59:33.0532 4344 [ 5E44F7D957F7560DA06BFE6B84B58A35 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:59:33.0564 4344 usbhub - ok
17:59:33.0564 4344 USBModem - ok
17:59:33.0579 4344 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:59:33.0626 4344 usbohci - ok
17:59:33.0642 4344 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:59:33.0688 4344 usbprint - ok
17:59:33.0720 4344 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:59:33.0766 4344 usbscan - ok
17:59:33.0782 4344 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:59:33.0829 4344 USBSTOR - ok
17:59:33.0844 4344 [ D864735B0BFCB65440960A0B7CC1A38D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:59:33.0860 4344 usbuhci - ok
17:59:33.0891 4344 [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:59:33.0938 4344 usbvideo - ok
17:59:33.0985 4344 [ DB4721908DAA0383EE82FFE430AEBAE1 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
17:59:34.0032 4344 usb_rndisx - ok
17:59:34.0047 4344 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
17:59:34.0094 4344 UxSms - ok
17:59:34.0110 4344 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
17:59:34.0141 4344 VClone - ok
17:59:34.0156 4344 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
17:59:34.0188 4344 vds - ok
17:59:34.0219 4344 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:59:34.0266 4344 vga - ok
17:59:34.0281 4344 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
17:59:34.0328 4344 VgaSave - ok
17:59:34.0344 4344 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:59:34.0344 4344 viaagp - ok
17:59:34.0359 4344 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:59:34.0422 4344 ViaC7 - ok
17:59:34.0437 4344 [ 58C8D5AC5C3EEF40E7E704A5CED7987D ] viaide C:\Windows\system32\drivers\viaide.sys
17:59:34.0437 4344 viaide - ok
17:59:34.0468 4344 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:59:34.0468 4344 volmgr - ok
17:59:34.0484 4344 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:59:34.0500 4344 volmgrx - ok
17:59:34.0531 4344 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:59:34.0546 4344 volsnap - ok
17:59:34.0562 4344 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:59:34.0578 4344 vsmraid - ok
17:59:34.0624 4344 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
17:59:34.0656 4344 VSS - ok
17:59:34.0702 4344 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
17:59:34.0749 4344 W32Time - ok
17:59:34.0765 4344 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:59:34.0812 4344 WacomPen - ok
17:59:34.0827 4344 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:59:34.0843 4344 Wanarp - ok
17:59:34.0858 4344 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:59:34.0858 4344 Wanarpv6 - ok
17:59:34.0890 4344 [ 6D2F099D4CE88777E46CB1808C87B132 ] wbengine C:\Windows\system32\wbengine.exe
17:59:34.0905 4344 wbengine - ok
17:59:34.0936 4344 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:59:34.0999 4344 WcesComm - ok
17:59:35.0030 4344 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:59:35.0077 4344 wcncsvc - ok
17:59:35.0092 4344 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:59:35.0139 4344 WcsPlugInService - ok
17:59:35.0155 4344 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
17:59:35.0170 4344 Wd - ok
17:59:35.0202 4344 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:59:35.0233 4344 Wdf01000 - ok
17:59:35.0264 4344 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:59:35.0295 4344 WdiServiceHost - ok
17:59:35.0311 4344 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:59:35.0326 4344 WdiSystemHost - ok
17:59:35.0358 4344 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
17:59:35.0404 4344 WebClient - ok
17:59:35.0420 4344 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
17:59:35.0467 4344 Wecsvc - ok
17:59:35.0482 4344 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:59:35.0529 4344 wercplsupport - ok
17:59:35.0545 4344 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
17:59:35.0576 4344 WerSvc - ok
17:59:35.0607 4344 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
17:59:35.0685 4344 winachsf - ok
17:59:35.0748 4344 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:59:35.0763 4344 WinDefend - ok
17:59:35.0779 4344 WinHttpAutoProxySvc - ok
17:59:35.0841 4344 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:59:35.0888 4344 Winmgmt - ok
17:59:35.0919 4344 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
17:59:35.0997 4344 WinRM - ok
17:59:36.0122 4344 [ 7640ACEA41348BFEF34B76E245501261 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:59:36.0200 4344 Wlansvc - ok
17:59:36.0200 4344 wltrysvc - ok
17:59:36.0247 4344 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:59:36.0278 4344 WmiAcpi - ok
17:59:36.0309 4344 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:59:36.0340 4344 wmiApSrv - ok
17:59:36.0652 4344 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:59:36.0746 4344 WMPNetworkSvc - ok
17:59:36.0793 4344 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:59:36.0824 4344 WPCSvc - ok
17:59:36.0871 4344 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:59:36.0886 4344 WPDBusEnum - ok
17:59:36.0933 4344 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:59:37.0011 4344 WpdUsb - ok
17:59:37.0058 4344 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:59:37.0089 4344 ws2ifsl - ok
17:59:37.0120 4344 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\System32\wscsvc.dll
17:59:37.0152 4344 wscsvc - ok
17:59:37.0152 4344 WSearch - ok
17:59:37.0214 4344 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
17:59:37.0323 4344 wuauserv - ok
17:59:37.0386 4344 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:59:37.0448 4344 WUDFRd - ok
17:59:37.0495 4344 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:59:37.0542 4344 wudfsvc - ok
17:59:37.0557 4344 ================ Scan global ===============================
17:59:37.0588 4344 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
17:59:37.0713 4344 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
17:59:37.0729 4344 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
17:59:37.0807 4344 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
17:59:37.0822 4344 [Global] - ok
17:59:37.0822 4344 ================ Scan MBR ==================================
17:59:37.0838 4344 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:59:39.0788 4344 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:59:39.0788 4344 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:59:39.0788 4344 ================ Scan VBR ==================================
17:59:39.0804 4344 [ 822F69B6616F21134B32766345421165 ] \Device\Harddisk0\DR0\Partition1
17:59:39.0819 4344 \Device\Harddisk0\DR0\Partition1 - ok
17:59:39.0835 4344 [ 156FE18C0DC7394761F68751AA41C82A ] \Device\Harddisk0\DR0\Partition2
17:59:39.0850 4344 \Device\Harddisk0\DR0\Partition2 - ok
17:59:39.0850 4344 ============================================================
17:59:39.0850 4344 Scan finished
17:59:39.0850 4344 ============================================================
17:59:39.0850 6788 Detected object count: 3
17:59:39.0850 6788 Actual detected object count: 3
18:00:33.0702 6788 adp94xx ( LockedFile.Multi.Generic ) - skipped by user
18:00:33.0702 6788 adp94xx ( LockedFile.Multi.Generic ) - User select action: Skip
18:00:33.0702 6788 DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
18:00:33.0702 6788 DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:00:33.0717 6788 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:00:33.0717 6788 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Edited by ruxandra, 23 October 2012 - 10:01 AM.

#29
ruxandra

Posted 23 October 2012 - 10:33 AM

Member

Topic Starter
Member
20 posts

i runned also GMER, but i didn't received any notice that i could saved it...that mean s that it is safe now to use online banking?

#30
Essexboy

Posted 23 October 2012 - 10:58 AM

GeekU Moderator

Retired Staff
69,964 posts

You have the remnants of what looks like an old TDSS infection so we will remove that now

Re-run TDSSKiller with the same parameters as before
When this element is presented select delete :

\Device\Harddisk0\DR0 ( TDSS File System )

Did you press the save button once GMER finished ?

[attachment=61180:GMER_Open.jpg]

Once I look at that log I should be able to determine whether or not there is a Zeus on the system