WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93085 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Problem with Trojan.Wind32.Small [Solved]

Started by lukem , May 27 2012 04:21 AM

This topic is locked

48 replies to this topic

#1 lukem

Authentic Member

Authentic Member
50 posts

Posted 27 May 2012 - 04:21 AM

Hi

Please I need help with a trojan named Trojan.Win32.Small.bmpj

My Kaspersky antivirus show me an alert every 30 seconds about object located in:
C:\Users\Gnorro\AppData\Local\{9bdfedbd-95a6-3dea-2142-6b3449bc5010}\U\80000000.@

In this folder I have 2 folders named "L" and "U" and two files named "@" and "n"

I can't delete them manually.

HiJack log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:16:01, on 27/05/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
C:\Windows\System32\svchost.exe
C:\ASUS.SYS\config\DVMExportService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\srvany.exe
C:\Windows\KMService.exe
C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Gnorro\AppData\Local\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing-tray.exe
C:\Users\Gnorro\AppData\Local\Sky Italia\Sky Go Player\NDSPCShowServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe
C:\Users\Public\Documents\AppData\PoApp\PService.exe
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Gnorro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gnorro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gnorro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Gnorro\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Gnorro\Desktop\HiJackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Attivazione_Office_2010] C:\Windows\System32\Attivazione Automatica Office\Setup_1.exe
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gnorro\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [PCShowServer] "C:\Users\Gnorro\AppData\Local\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Tastiera Virtuale - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: C&ontrollo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{20582271-F6AE-4E36-886F-48024D8CAC56}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{63197F6F-7A11-48D5-B8E7-0161239E9EF3}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{e29ac6c2-7037-11de-816d-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{E65A718F-C287-4469-9D2A-C248217DFE90}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD36B4D0-A033-45AC-93E9-C6519D78E284}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{20582271-F6AE-4E36-886F-48024D8CAC56}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{20582271-F6AE-4E36-886F-48024D8CAC56}: NameServer = 176.31.229.24,176.31.229.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: CDMA Device Service - Unknown owner - C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\Gnorro\AppData\Local\PosService\Pos.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\RpcAgentSrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\Gnorro\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Apache Tomcat 6 (Tomcat6) - Apache Software Foundation - C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe
O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

--
End of file - 14803 bytes

Thanks for your help

Advertisements

Register to Remove

#2 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 27 May 2012 - 10:54 AM

Hi lukem,

To make cleaning this machine easier

Please do not uninstall/install any programs unless asked to
It is more difficult when files/programs are appearing in/disappearing from the logs.
Please do not run any scans other than those requested
Please follow all instructions in the order posted
All logs/reports, etc.. must be posted in Notepad. Please ensure that word wrap is unchecked. In notepad click format, uncheck word wrap if it is checked.
Do not attach any logs/reports, etc.. unless specifically requested to do so.
If you have problems with or do not understand the instructions, Please ask before continuing.
Please stay with this thread until given the All Clear. A absence of symptoms does not mean a clean machine.

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it. If asked to download Avast's database please do so.

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

Next

Download OTL to your desktop.

Double click on OTL.exe to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output
Check the boxes beside LOP Check and Purity Check.
In the window under Custom Scans/Fixes copy and paste the following

netsvcs
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lîk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%PROGRAMFILES%\Internet Explorer\*.dat
%APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
%USERPROFILE%\..|smtmp;true;true;true /FP
%temp%\smtmp\*.* /s >
/md5start
iexplore.*
explorer.*
winlogon.*
dll
zx.dll
hlp.dat
consrv.dll
/md5stop
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Please post back with

aswMBR log
mbr.zip (attached}
both OTL logs

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#3 lukem

Authentic Member

Authentic Member
50 posts

Posted 28 May 2012 - 11:49 AM

thanks for your reply and your help

I'm sorry but after posting here I ran Spybot S&D

So i should post a new HiJack log first, is this right?

The first time I run this program i saw an error in a dll file. But then it downloaded avast database files.

However If I run aswMBR.exe, after about 3 minutes the program crashes. See image:

Posted Image

This is the new HiJack log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:52:08, on 28/05/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Users\Gnorro\AppData\Local\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Gnorro\AppData\Local\Sky Italia\Sky Go Player\NDSPCShowServer.exe
C:\Windows\system32\conhost.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing-tray.exe
C:\Users\Public\Documents\AppData\PoApp\PService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\eMule AdunanzA\eMule_AdnzA.exe
E:\Steam\Steam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Gnorro\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Attivazione_Office_2010] C:\Windows\System32\Attivazione Automatica Office\Setup_1.exe
O4 - HKLM\..\Run: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gnorro\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [PCShowServer] "C:\Users\Gnorro\AppData\Local\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-3857534020-3991675840-3102532669-1001\..\Run: [Google Update] "C:\Users\Gnorro\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User '?')
O8 - Extra context menu item: Aggiungi ad Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Tastiera Virtuale - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: C&ontrollo URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Visualizza o nasconde HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{20582271-F6AE-4E36-886F-48024D8CAC56}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{63197F6F-7A11-48D5-B8E7-0161239E9EF3}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{e29ac6c2-7037-11de-816d-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{E65A718F-C287-4469-9D2A-C248217DFE90}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD36B4D0-A033-45AC-93E9-C6519D78E284}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{20582271-F6AE-4E36-886F-48024D8CAC56}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{20582271-F6AE-4E36-886F-48024D8CAC56}: NameServer = 176.31.229.24,176.31.229.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: CDMA Device Service - Unknown owner - C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Pos Service (PowerOffer Service) - PowerOfferService - C:\Users\Gnorro\AppData\Local\PosService\Pos.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\RpcAgentSrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Users\Gnorro\AppData\Local\ServUpdater\ServiceUpd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Apache Tomcat 6 (Tomcat6) - Apache Software Foundation - C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe
O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

--
End of file - 12560 bytes

Thanks

Edited by lukem, 28 May 2012 - 02:52 PM.

#4 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 28 May 2012 - 05:42 PM

Hi lukem, HJT won't show us enough. Please run OTL as previously instructed it will show us more. I can just make out that aswMBR did detect a rootkit but the popup blocked the file name. That's ok just run OTL and post the logs and we will continue.

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#5 lukem

Authentic Member

Authentic Member
50 posts

Posted 29 May 2012 - 01:56 PM

same problem. OTL crashes just after having ran it

Edited by lukem, 29 May 2012 - 01:56 PM.

#6 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 29 May 2012 - 06:00 PM

Hi lukem,

Let's try this one.

Please download DDS and save it to your desktop.

Disable any script blocking protection
Double click dds.scr to run the tool.
When done, DDS.txt will open.An additional log called Attach.txt should appear minimized on the task bar.
Save both reports to your desktop before closing the DDS window.

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#7 lukem

Authentic Member

Authentic Member
50 posts

Posted 30 May 2012 - 03:12 PM

DDS log: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.0.0 Run by Gnorro at 23:08:49 on 2012-05-30 . ============== Running Processes =============== . . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = hxxp://search.findeer.com BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - c:\program files\web assistant\Extension32.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Guida per l'accesso a Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - c:\program files\megaupload\mega manager\MegaIEMn.dll BHO: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll EB: Developer Tools: {1a6fe369-f28c-4ad9-a3e6-2bcb50807cf1} - c:\program files\internet explorer\iedvtool.dll uRun: [Google Update] "c:\users\gnorro\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s uRun: [PCShowServer] "c:\users\gnorro\appdata\local\sky italia\sky go player\PCShowServerPMWrapper.exe" uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2010\avp.exe" mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Attivazione_Office_2010] c:\windows\system32\attivazione automatica office\Setup_1.exe mRun: [TurboV] "c:\program files\asus\turbov\TurboV.exe" mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe mRun: [TaskTray] mRun: [Ai Nap] "c:\program files\asus\ai suite\ainap\AiNap.exe" mRun: [QFan Help] "c:\program files\asus\ai suite\qfan3\QFanHelp.exe" mRun: [Cpu Level Up help] "c:\program files\asus\ai suite\CpuLevelUpHelp.exe" mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [PosService] c:\users\public\documents\appdata\poapp\PLauncher.exe mRun: [Anti-phishing Domain Advisor] "c:\programdata\anti-phishing domain advisor\visicom_antiphishing.exe" mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: Aggiungi ad Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 2010\ie_banner_deny.htm IE: E&sporta in Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab TCP: DhcpNameServer = 62.101.93.101 83.103.25.250 TCP: Interfaces\{20582271-F6AE-4E36-886F-48024D8CAC56} : NameServer = 176.31.229.24,176.31.229.25 TCP: Interfaces\{20582271-F6AE-4E36-886F-48024D8CAC56} : DhcpNameServer = 62.101.93.101 83.103.25.250 TCP: Interfaces\{63197F6F-7A11-48D5-B8E7-0161239E9EF3} : NameServer = 176.31.229.24,176.31.229.25 TCP: Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963} : NameServer = 176.31.229.24,176.31.229.25 TCP: Interfaces\{E65A718F-C287-4469-9D2A-C248217DFE90} : NameServer = 176.31.229.24,176.31.229.25 TCP: Interfaces\{FD36B4D0-A033-45AC-93E9-C6519D78E284} : NameServer = 176.31.229.24,176.31.229.25 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: klogon - c:\windows\system32\klogon.dll AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\users\gnorro\appdata\roaming\mozilla\firefox\profiles\febeprof.gnorro\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: network.proxy.type - 0 FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\battlelog web plugins\1.102.0\npesnlaunch.dll FF - plugin: c:\program files\battlelog web plugins\sonar\0.70.4\npesnsonar.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\programmi\adobe\reader 8.0\reader\browser\nppdf32.dll FF - plugin: c:\programmi\divx\divx web player\npdivx32.dll FF - plugin: c:\programmi\real\realplayer\netscape6\nppl3260.dll FF - plugin: c:\programmi\real\realplayer\netscape6\nprjplug.dll FF - plugin: c:\programmi\real\realplayer\netscape6\nprpjplug.dll FF - plugin: c:\users\gnorro\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\users\gnorro\appdata\local\sky italia\sky go player\npPlayerPlugin.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyD6PHM7i&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 78a9fde6000000000000485b3928984f FF - user.js: extensions.incredibar_i.instlDay - 15487 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.149:46:28 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OyD6PHM7i FF - user.js: extensions.incredibar_i.upn2n - 92261480923448156 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10604 FF - user.js: extensions.incredibar_i.ppd - . ============= SERVICES / DRIVERS =============== . . =============== Created Last 30 ================ . 2012-05-27 10:02:36 3888 ----a-w- c:\windows\system32\drivers\NTHANDLE.SYS 2012-05-27 10:01:33 -------- d-----w- c:\program files\WhoLockMe104 2012-05-27 08:55:21 -------- d-----w- c:\users\gnorro\appdata\local\antiphishing-vmntbcleaner1_0dn 2012-05-27 08:55:20 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor 2012-05-27 08:55:00 -------- d-----w- c:\program files\Toolbar Cleaner 2012-05-27 08:47:22 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-05-27 08:47:22 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-05-27 07:46:36 -------- d-----w- c:\program files\hpmonitor 2012-05-27 07:46:14 -------- d-----w- c:\program files\Web Assistant 2012-05-27 07:45:51 -------- d-----w- c:\program files\Win 32. Trojan . Small Removal Tool 2012-05-27 07:42:25 -------- d-----w- c:\programdata\PC Tools 2012-05-27 07:42:24 -------- d-----w- c:\users\gnorro\appdata\roaming\TestApp 2012-05-26 16:04:54 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-05-25 17:59:42 6737808 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{742e589b-f520-4f12-b489-95ed7a5c3ba6}\mpengine.dll 2012-05-18 20:30:43 -------- d-----w- c:\users\gnorro\appdata\local\ServUpdater 2012-05-18 20:30:43 -------- d-----w- c:\users\gnorro\appdata\local\PosService 2012-05-18 20:30:42 -------- d-----w- c:\users\gnorro\appdata\local\PowerOffer 2012-05-11 18:58:58 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-11 18:58:56 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll 2012-05-11 18:58:56 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll 2012-05-11 18:58:56 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll 2012-05-11 18:58:56 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL 2012-05-11 18:58:48 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-11 18:58:48 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 18:58:47 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 18:58:14 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-11 18:58:13 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-05-05 16:02:22 108368 ----a-r- c:\users\gnorro\appdata\roaming\microsoft\installer\{fec1df97-e716-4cd8-a55b-75c373912d35}\ARPPRODUCTICON.exe 2012-05-05 16:02:22 -------- d-----w- c:\users\gnorro\appdata\local\Sky Italia 2012-05-02 17:37:14 -------- d-----w- c:\users\gnorro\appdata\roaming\Xeo 2012-05-02 17:37:14 -------- d-----w- c:\users\gnorro\appdata\roaming\Hausqyw . ==================== Find3M ==================== . 2012-05-10 09:26:11 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-10 09:26:11 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe . ============= FINISH: 23:10:41,79 =============== Attach log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . . ==== Disk Partitions ========================= . . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 32 Bit HP CIO Components Installer Acoustica CD/DVD Label Maker Acronis Disk Director Suite Adobe AIR Adobe Community Help Adobe Dreamweaver CS5 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Shockwave Player 11.6 AdunanzA Aggiornamento per Microsoft Visual Studio 2008 Professional Edition - ITA (KB972221) Aggiornamento rapido per Microsoft Visual Studio 2008 Professional Edition - ITA (KB971091) Aggiornamento rapido per Microsoft Visual Studio 2008 Professional Edition - ITA (KB973674) AI Suite AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders Anti-phishing Domain Advisor Apache Tomcat 6.0 (remove only) Ask Toolbar Assistente per l'accesso a Windows Live Avidemux 2.5 (32-bit) B109n-z Battlefield 3™ Battlefield 3™ Open Beta Battlelog Web Plugins BitTorrent BufferChm Bulk Rename Utility 2.7.1.2 Call of Duty® 2 Call of Duty: Black Ops Call of Duty: Black Ops - Multiplayer Call of Duty: Modern Warfare 2 Call of Duty: Modern Warfare 2 - Multiplayer Call of Duty: Modern Warfare 3 Call of Duty: Modern Warfare 3 - Dedicated Server Call of Duty: Modern Warfare 3 - Multiplayer Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center HydraVision Full Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CDBurnerXP Centro gestione dispositivi Windows Mobile Cities XL 2012 Compatibilità con le versioni precedenti a Microsoft SQL Server 2005 Cool Edit Pro 2.0 Crystal Reports 2008 Italian Language Pack SP3 Crystal Reports 2008 SP3 Debugging Tools for Windows (x86) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Destinations DeviceDiscovery DivX Setup Driver Genius Professional Edition Dropbox EPU-6 Engine ESN Sonar Express Gate FIFA 11 File di supporto dell'installazione di Microsoft SQL Server (Italiano) File di supporto installazione di Microsoft SQL Server 2008 FileZilla Client 3.5.3 Foxit Reader Fraps Free Countdown Timer 2.5.0 Google Chrome Google Earth Plug-in Google Talk (remove only) Google Update Helper GPBaseService2 Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) Hotfix per Microsoft Visual Web Developer 2010 Express - ITA (KB2548139) Hotfix per Microsoft Visual Web Developer 2010 Express - ITA (KB2635973) Hotfix per Strumenti di sviluppo per Windows Phone Microsoft - ITA (KB2635973) HP Customer Participation Program 13.0 HP Imaging Device Functions 13.0 HP Photosmart Wireless B109n-z All-In-One Driver Software 13.0 Rel .6 HP Print Projects 1.0 HP Smart Web Printing 4.5 HP Solution Center 13.0 HP Update HPPhotoGadget hpPrintProjects HPProductAssistant HPSSupply hpWLPGInstaller HWiNFO32 Version 3.88 IIS 7.5 Express Installazione di Microsoft SQL Server 2008 R2 (Italiano) IrfanView (remove only) IZArc 3.81 Java Auto Updater Java™ 6 Update 24 Java™ 7 Java™ SE Development Kit 6 Update 21 Java™ SE Development Kit 6 Update 22 Java™ SE Development Kit 7 JMicron JMB36X Driver Junk Mail filter update Kaspersky Internet Security 2010 LG USB Modem driver LogMeIn Hamachi Macromedia Dreamweaver 8 Macromedia Extension Manager Macromedia Fireworks MX 2004 Mafia II MarketResearch Medal of Honor ™ MediaMonkey 3.2 Mega Manager Microsoft .NET Compact Framework 2.0 SP2 Microsoft .NET Compact Framework 3.5 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) Microsoft .NET Framework 4 Client Profile ITA Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended - Language Pack (ITA) Microsoft .NET Framework 4 Extended ITA Language Pack Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft ASP.NET MVC 2 - ITA Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools - ITA Microsoft ASP.NET Web Pages Microsoft ASP.NET Web Pages - ITA Microsoft Choice Guard Microsoft Device Emulator versione 3.0 - ITA Microsoft Document Explorer 2008 Microsoft Document Explorer 2008 Language Pack - ITA Microsoft Excel 2010 Microsoft Expression Blend 3 SDK Microsoft Expression Blend 4 Microsoft Expression Blend 4 Add-in for Adobe FXG Import Microsoft Expression Blend SDK for .NET 4 Microsoft Expression Blend SDK for Silverlight 4 Microsoft Expression Blend SDK for Windows Phone 7 Microsoft F# Runtime for Silverlight 4 Microsoft Games for Windows - LIVE Redistributable Microsoft Help Viewer 1.1 Microsoft Help Viewer 1.1 Language Pack - ITA Microsoft IntelliPoint 7.0 Microsoft Office 2003 - Componenti Web Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (Italian) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel 2010 Microsoft Office Excel MUI (Italian) 2007 Microsoft Office Excel MUI (Italian) 2010 Microsoft Office Groove MUI (Italian) 2007 Microsoft Office InfoPath MUI (Italian) 2007 Microsoft Office OneNote MUI (Italian) 2007 Microsoft Office Outlook MUI (Italian) 2007 Microsoft Office PowerPoint MUI (Italian) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2007 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Italian) 2007 Microsoft Office Proof (Italian) 2010 Microsoft Office Proofing (Italian) 2007 Microsoft Office Proofing (Italian) 2010 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (Italian) 2007 Microsoft Office Shared MUI (Italian) 2007 Microsoft Office Shared MUI (Italian) 2010 Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) Microsoft Office Visual Web Developer 2007 Microsoft Office Visual Web Developer MUI (Italian) 2007 Microsoft Office Word 2010 Microsoft Office Word MUI (Italian) 2007 Microsoft Office Word MUI (Italian) 2010 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Silverlight 3 SDK - Italiano Microsoft Silverlight 4 SDK - Italiano Microsoft Silverlight Tools for Visual Studio 2010 Microsoft SQL Server 2005 Microsoft SQL Server 2005 Integration Services Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 R2 Native Client Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server Compact 3.5 Design Tools ITA Microsoft SQL Server Compact 3.5 for Devices ITA Microsoft SQL Server Compact 3.5 ITA Microsoft SQL Server Compact 4.0 ITA Microsoft SQL Server Database Publishing Wizard 1.2 Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server Management Studio Express Microsoft SQL Server Native Client Microsoft SQL Server System CLR Types Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack Microsoft Visual Studio 2008 Professional Edition - ITA Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Express for Windows Phone - ITA Microsoft Visual Studio 2010 Service Pack 1 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ITA Microsoft Visual Studio 2010 Tools per Office Runtime (x86) - Language Pack - ITA Microsoft Visual Studio Web Authoring Component Microsoft Visual Web Developer 2010 Express - ITA Microsoft Web Deploy 2.0 Microsoft Web Platform Installer 3.0 Microsoft WebMatrix Microsoft Windows Phone 7 Developer Resources(IT) Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense Microsoft Windows SDK for Visual Studio 2008 Tools Microsoft Windows SDK for Visual Studio 2008 Win32 Tools Microsoft Word 2010 Microsoft XNA Framework Redistributable 4.0 Microsoft XNA Game Studio 4.0 Microsoft XNA Game Studio 4.0 (ARP entry) Microsoft XNA Game Studio 4.0 (Redists) Microsoft XNA Game Studio 4.0 (Shared Components) Microsoft XNA Game Studio 4.0 (Visual Studio) Microsoft XNA Game Studio 4.0 (XnaLiveProxy) Microsoft XNA Game Studio 4.0 Documentation Microsoft XNA Game Studio 4.0 Language Pack (it-IT) Microsoft XNA Game Studio 4.0 Windows Phone Extensions Microsoft XNA Game Studio Platform Tools Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 MiPony 1.5.3 Mouse Recorder 2.3.3.6 Mozilla Firefox 12.0 (x86 it) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MySQL Connector Net 6.3.7 MySQL Server 5.1 Network Notepad++ Origin Passware Kit Agent 11.1 Passware Kit Enterprise 10.0 PC Probe II PowerOffer 2.0 PS_AIO_06_B109n-z_SW_Min PunkBuster Services R-Studio 4.2 Realtek 8136 8168 8169 Ethernet Driver Realtek High Definition Audio Driver RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition Samsung Kies SAMSUNG USB Driver for Mobile Phones Scan SeaTools for Windows Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB2553090) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2289078) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office Groove 2007 (KB2552997) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2345000) Service Pack 1 per SQL Server 2008 (KB968369) Shop for HP Supplies SiSoftware Sandra Lite 2011.SP3 Skins Sky Go Player Skype Click to Call Skype™ 5.8 SmartWebPrinting SolutionCenter SpeedFan (remove only) SpeedSim Spybot - Search & Destroy Sql Server Customer Experience Improvement Program SQLyog Community 9.0 Beta1 Status Steam Strumenti di sviluppo per Windows Phone Microsoft - ITA Strumenti Web di Microsoft SQL Server Compact 4.0 ITA Strumento di caricamento di Windows Live swMSM System Requirements Lab CYRI TeamViewer 7 Toolbar Cleaner 1.0 Toolbox TortoiseSVN 1.6.12.20536 (32 bit) TrayApp TurboV TVersity Codec Pack 1.7 TVersity Media Server 1.9.7 Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office 2010 (KB2202188) Update for Microsoft Office 2010 (KB2413186) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2523113) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office Outlook 2007 (KB2583910) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition VC Runtimes MSI VC80CRTRedist - 8.0.50727.4053 VideoLightBox VirtualCloneDrive Visual Studio 2005 Tools per Office Second Edition Runtime Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Language Pack - ITA Visual Studio Tools per Office System 3.0 Runtime Language Pack - ITA VLC media player 1.1.11 WarrantyExtension WCF RIA Services V1.0 SP1 Web Assistant 2.0.0.439 Web Deployment Tool WebReg Win7codecs Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Media Player Firefox Plugin Windows Mobile 5.0 SDK R2 for Pocket PC Windows Mobile 5.0 SDK R2 for Smartphone Windows Mobile Device Center Driver Update Windows Mobile Device Updater Component Windows Phone 7 Add-in for Visual Studio 2010 - ITA Windows Phone Emulator - ITA WinMerge 2.12.4 WinRAR archiver WPF Toolkit February 2010 (Version 3.5.50211.1) Xiph.Org Open Codecs 0.85.17777 Zune Zune Language Pack (CHS) Zune Language Pack (CHT) Zune Language Pack (CSY) Zune Language Pack (DAN) Zune Language Pack (DEU) Zune Language Pack (ELL) Zune Language Pack (ESP) Zune Language Pack (FIN) Zune Language Pack (FRA) Zune Language Pack (HUN) Zune Language Pack (IND) Zune Language Pack (ITA) Zune Language Pack (JPN) Zune Language Pack (KOR) Zune Language Pack (MSL) Zune Language Pack (NLD) Zune Language Pack (NOR) Zune Language Pack (PLK) Zune Language Pack (PTB) Zune Language Pack (PTG) Zune Language Pack (RUS) Zune Language Pack (SVE) . ==== End Of File =========================== Thanks

#8 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 30 May 2012 - 05:36 PM

Hi lukem,

See if you can create a System Restore point.

Click the start button,
right click Computer and click properties
Click on the System Protection
Check to make sure that you have System Protection turned on for a listed disk that you want to create a restore point for, then select it.
Click on the Create button
Type in a description for the restore point
click on the Create button

Next

Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs
Right click on ComboFix.exe, click Run as Administrator & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Please post back with the combofix log.

Thanks

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#9 lukem

Authentic Member

Authentic Member
50 posts

Posted 31 May 2012 - 01:40 PM

ComboFix 12-05-31.02 - Gnorro 31/05/2012 21:01:19.1.8 - x86 Eseguito da: c:\users\Gnorro\Desktop\ComboFix.exe * Creato nuovo punto di ripristino . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Web Assistant\ExTEnsion32.dll c:\programdata\Microsoft\corecon\1.0\1033\NonSDKAddonLangVer.dll c:\programdata\Microsoft\corecon\1.0\1033\SDKAddonLangVer.dll c:\programdata\Microsoft\corecon\1.0\1040\NonSDKAddonLangVer.dll c:\programdata\Microsoft\corecon\1.0\1040\SDKAddonLangVer.dll c:\programdata\Microsoft\corecon\1.0\addons\NonSDKAddonVer.dll c:\programdata\Microsoft\corecon\1.0\addons\SDKAddonVer.dll c:\programdata\Microsoft\corecon\1.0\SDKFilesVer.dll c:\users\Gnorro\AppData\Local\assembly\tmp c:\users\Gnorro\AppData\Local\Temp\61e4dc9e-b0a3-4e40-99a9-4cd9049f7d99\CliSecureRT.dll c:\windows\system32\Attivazione Automatica Office c:\windows\system32\Attivazione Automatica Office\KMS.exe c:\windows\system32\Attivazione Automatica Office\ospp.vbs c:\windows\system32\Attivazione Automatica Office\osppc.dll c:\windows\system32\Attivazione Automatica Office\ospprearm.exe c:\windows\system32\Attivazione Automatica Office\Setup_0.exe c:\windows\system32\Attivazione Automatica Office\Setup_1.exe c:\windows\system32\Attivazione Automatica Office\slerror.xml c:\windows\system32\Attivazione Automatica Office\StartX.exe c:\windows\system32\system32 c:\windows\system32\system32\3DAudio.ax c:\windows\system32\system32\avrt.dll c:\windows\system32\system32\cis-2.4.dll c:\windows\system32\system32\issacapi_bs-2.3.dll c:\windows\system32\system32\issacapi_pe-2.3.dll c:\windows\system32\system32\issacapi_se-2.3.dll c:\windows\system32\system32\MACXMLProto.dll c:\windows\system32\system32\MaDRM.dll c:\windows\system32\system32\MaJGUILib.dll c:\windows\system32\system32\MAMACExtract.dll c:\windows\system32\system32\MASetupCleaner.exe c:\windows\system32\system32\MaXMLProto.dll c:\windows\system32\system32\mfplat.dll c:\windows\system32\system32\MK_Lyric.dll c:\windows\system32\system32\MSCLib.dll c:\windows\system32\system32\MSFLib.dll c:\windows\system32\system32\MSLUR71.dll c:\windows\system32\system32\msvcp60.dll c:\windows\system32\system32\MTTELECHIP.dll c:\windows\system32\system32\MTXSYNCICON.dll c:\windows\system32\system32\muzaf1.dll c:\windows\system32\system32\muzapp.dll c:\windows\system32\system32\muzapp.exe c:\windows\system32\system32\muzdecode.ax c:\windows\system32\system32\muzeffect.ax c:\windows\system32\system32\muzmp4sp.ax c:\windows\system32\system32\muzmpgsp.ax c:\windows\system32\system32\muzoggsp.ax c:\windows\system32\system32\muzwmts.dll c:\windows\system32\system32\psapi.dll F:\install.exe . . ((((((((((((((((((((((((( Files Creati Da 2012-04-28 al 2012-05-31 ))))))))))))))))))))))))))))))))))) . . 2012-05-31 19:29 . 2012-05-31 19:32 -------- d-----w- c:\users\Gnorro\AppData\Local\temp 2012-05-31 19:29 . 2012-05-31 19:29 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp 2012-05-27 10:02 . 2012-05-27 10:03 3888 ----a-w- c:\windows\system32\drivers\NTHANDLE.SYS 2012-05-27 10:01 . 2012-05-27 10:01 -------- d-----w- c:\program files\WhoLockMe104 2012-05-27 08:55 . 2012-05-27 08:55 -------- d-----w- c:\users\Gnorro\AppData\Local\antiphishing-vmntbcleaner1_0dn 2012-05-27 08:55 . 2012-05-27 08:55 -------- d-----w- c:\programdata\Anti-phishing Domain Advisor 2012-05-27 08:55 . 2012-05-27 08:55 -------- d-----w- c:\program files\Toolbar Cleaner 2012-05-27 08:47 . 2012-05-27 09:24 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-05-27 08:47 . 2012-05-27 08:51 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-05-27 07:46 . 2012-05-27 09:37 -------- d-----w- c:\program files\hpmonitor 2012-05-27 07:46 . 2012-05-27 07:46 447 ----a-w- C:\user.js 2012-05-27 07:46 . 2012-05-31 19:29 -------- d-----w- c:\program files\Web Assistant 2012-05-27 07:45 . 2012-05-27 08:43 -------- d-----w- c:\program files\Win 32. Trojan . Small Removal Tool 2012-05-27 07:42 . 2012-05-27 07:42 -------- d-----w- c:\programdata\PC Tools 2012-05-27 07:42 . 2012-05-27 07:42 -------- d-----w- c:\users\Gnorro\AppData\Roaming\TestApp 2012-05-26 16:04 . 2012-05-26 16:04 -------- d-sh--w- c:\windows\system32\%APPDATA% 2012-05-25 17:59 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{742E589B-F520-4F12-B489-95ED7A5C3BA6}\mpengine.dll 2012-05-18 20:30 . 2012-05-19 08:00 -------- d-----w- c:\users\Gnorro\AppData\Local\ServUpdater 2012-05-18 20:30 . 2012-05-18 20:31 -------- d-----w- c:\users\Gnorro\AppData\Local\PosService 2012-05-18 20:30 . 2012-05-18 20:30 -------- d-----w- c:\users\Gnorro\AppData\Local\PowerOffer 2012-05-11 18:58 . 2012-03-30 10:23 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-11 18:58 . 2012-03-31 04:30 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-11 18:58 . 2012-03-31 04:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 18:58 . 2012-03-31 04:29 989184 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-11 18:58 . 2012-03-31 04:29 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-11 18:58 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-11 18:58 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 18:58 . 2012-03-31 02:36 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 18:58 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-11 18:58 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-05-05 16:02 . 2012-05-05 16:02 108368 ----a-r- c:\users\Gnorro\AppData\Roaming\Microsoft\Installer\{FEC1DF97-E716-4CD8-A55B-75C373912D35}\ARPPRODUCTICON.exe 2012-05-05 16:02 . 2012-05-05 16:02 -------- d-----w- c:\users\Gnorro\AppData\Local\Sky Italia 2012-05-02 17:37 . 2012-05-03 20:56 -------- d-----w- c:\users\Gnorro\AppData\Roaming\Xeo 2012-05-02 17:37 . 2012-05-03 19:23 -------- d-----w- c:\users\Gnorro\AppData\Roaming\Hausqyw . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-10 09:26 . 2012-03-31 22:05 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-10 09:26 . 2011-05-16 20:14 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-29 12:08 . 2011-10-04 18:58 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-05-26 13:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 07:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Gnorro\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Gnorro\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Gnorro\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\users\Gnorro\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-03-31 21416] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2012-02-22 943504] "PCShowServer"="c:\users\Gnorro\AppData\Local\Sky Italia\Sky Go Player\PCShowServerPMWrapper.exe" [2012-04-17 525680] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" [2009-05-25 5391872] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-06-30 36864] "Ai Nap"="c:\program files\ASUS\AI Suite\AiNap\AiNap.exe" [2010-03-10 1439360] "QFan Help"="c:\program files\ASUS\AI Suite\QFan3\QFanHelp.exe" [2010-01-13 611968] "Cpu Level Up help"="c:\program files\ASUS\AI Suite\CpuLevelUpHelp.exe" [2009-12-28 887936] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 343168] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-01-24 500208] "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296] "PosService"="c:\users\Public\Documents\AppData\PoApp\PLauncher.exe" [2011-12-03 218624] "Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-07-05 217256] "avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2010-09-20 311680] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Gnorro^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] path=c:\users\Gnorro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk backup=c:\windows\pss\Dropbox.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-12-15 19:38 136176 ----atw- c:\users\Gnorro\AppData\Local\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk] 2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2007-05-08 14:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] 2012-02-22 05:57 943504 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] 2012-03-31 12:48 21416 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2012-02-22 05:57 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] 2010-03-30 09:16 1820040 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mega Manager] 2010-11-03 10:00 2113024 ----a-w- c:\program files\Megaupload\Mega Manager\MegaManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2009-05-22 16:22 7514656 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2011-12-05 21:46 343168 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2011-05-04 11:59 252136 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive] 2011-03-07 13:33 89456 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center] 2007-05-31 07:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management] 2007-05-31 07:21 648072 ----a-w- c:\windows\WindowsMobile\wmdcBase.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher] 2011-08-05 10:29 159456 ----a-w- c:\program files\Zune\ZuneLauncher.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Servizio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-18 136176] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 ServUpdater;Serv Updater;c:\users\Gnorro\AppData\Local\ServUpdater\ServiceUpd.exe [2011-12-02 156160] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-10 257696] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184] R3 gupdatem;Servizio Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-18 136176] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-29 129976] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\RpcAgentSrv.exe [2009-08-10 93848] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-20 1343400] R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 268512] R3 yukonw7;Driver miniport NDIS6.2 per controller Ethernet Marvell Yukon;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] R4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336] R4 MSSQLServerADHelper100;Servizio SQL Server Active Directory Helper;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-21 47128] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936] S0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-12-15 33808] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-19 436792] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2009-05-15 21008] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-12-06 163328] S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112] S2 CDMA Device Service;CDMA Device Service;c:\program files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe [2011-08-02 63488] S2 DvmMDES;DeviceVM Meta Data Export Service;c:\asus.sys\config\DVMExportService.exe [2009-02-18 294912] S2 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2011-09-22 21624] S2 KMService;KMService;c:\windows\system32\srvany.exe [2010-09-24 8192] S2 MsDepSvc;Web Deployment Agent Service;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-04-01 67400] S2 MsDtsServer;SQL Server Integration Services;c:\program files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2005-10-14 199384] S2 PowerOffer Service;Pos Service;c:\users\Gnorro\AppData\Local\PosService\Pos.exe [2011-12-02 164864] S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S2 Tomcat6;Apache Tomcat 6;c:\program files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe [2010-07-19 61440] S2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-05-08 185856] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-12-06 9067008] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-12-06 264192] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-10-17 85520] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-04-12 45464] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-05-16 19472] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048] . . --- Altri Servizi/Drivers In Memoria --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 HPService REG_MULTI_SZ HPSLPSVC hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . Contenuto della cartella 'Scheduled Tasks' . 2012-05-31 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 09:26] . 2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-18 10:36] . 2012-05-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-18 10:36] . 2012-05-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3857534020-3991675840-3102532669-1001Core.job - c:\users\Gnorro\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-15 19:38] . 2012-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3857534020-3991675840-3102532669-1001UA.job - c:\users\Gnorro\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-15 19:38] . . ------- Scansione supplementare ------- . uStart Page = about:blank mStart Page = hxxp://search.findeer.com IE: Aggiungi ad Anti-Banner IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 62.101.93.101 83.103.25.250 TCP: Interfaces\{20582271-F6AE-4E36-886F-48024D8CAC56}: NameServer = 176.31.229.24,176.31.229.25 TCP: Interfaces\{63197F6F-7A11-48D5-B8E7-0161239E9EF3}: NameServer = 176.31.229.24,176.31.229.25 TCP: Interfaces\{e29ac6c2-7037-11de-816d-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25 TCP: Interfaces\{E65A718F-C287-4469-9D2A-C248217DFE90}: NameServer = 176.31.229.24,176.31.229.25 TCP: Interfaces\{FD36B4D0-A033-45AC-93E9-C6519D78E284}: NameServer = 176.31.229.24,176.31.229.25 FF - ProfilePath - c:\users\Gnorro\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Gnorro\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: network.proxy.type - 0 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyD6PHM7i&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 78a9fde6000000000000485b3928984f FF - user.js: extensions.incredibar_i.instlDay - 15487 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.149:46 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OyD6PHM7i FF - user.js: extensions.incredibar_i.upn2n - 92261480923448156 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10604 FF - user.js: extensions.incredibar_i.ppd - . - - - - CHIAVI ORFANE RIMOSSE - - - - . BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - (no file) HKLM-Run-Attivazione_Office_2010 - c:\windows\System32\Attivazione Automatica Office\Setup_1.exe HKLM-Run-TaskTray - (no file) MSConfigStartUp-ATICustomerCare - c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe MSConfigStartUp-DAEMON Tools Pro Agent - c:\program files\DAEMON Tools Pro\DTAgent.exe MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe MSConfigStartUp-Google Media Scanner - c:\program files\Google\Google Media Server\GoogleMediaScanner.exe AddRemove-Battlelog Web Plugins - c:\program files\Battlelog Web Plugins\uninstall.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-12_Symbian_USB_Download_Driver - c:\program files\Samsung\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\Samsung\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe AddRemove-26_VIA_driver2 - c:\program files\Samsung\USB Drivers\26_VIA_driver2\Uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MsDepSvc] "ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msftesql] "ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe\" -s:MSSQL.1 -f:MSSQLSERVER" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL" . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- Dlls caricate dai processi in esecuzione --------------------- . - - - - - - - > 'Explorer.exe'(5552) c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.dll c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll c:\program files\TortoiseSVN\bin\TortoiseStub.dll c:\program files\TortoiseSVN\bin\TortoiseSVN.dll c:\program files\TortoiseSVN\bin\intl3_tsvn.dll c:\users\Gnorro\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\prloader.dll c:\progra~1\SPYBOT~1\SDHelper.dll . ------------------------ Altri processi in esecuzione ------------------------ . c:\windows\system32\atieclxx.exe c:\windows\KMService.exe c:\windows\system32\conhost.exe c:\windows\system32\taskhost.exe c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe c:\program files\MySQL\MySQL Server 5.1\bin\mysqld.exe c:\windows\system32\PnkBstrA.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\windows\system32\conhost.exe c:\windows\system32\conhost.exe c:\program files\TortoiseSVN\bin\TSVNCache.exe c:\users\Public\Documents\AppData\PoApp\PService.exe c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing-tray.exe c:\users\Gnorro\AppData\Local\Sky Italia\Sky Go Player\NDSPCShowServer.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Mozilla Firefox\firefox.exe c:\program files\Mozilla Firefox\plugin-container.exe c:\windows\system32\NOTEPAD.EXE c:\windows\system32\DllHost.exe . ************************************************************************** . Ora fine scansione: 2012-05-31 21:40:30 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2012-05-31 19:40 . Pre-Run: 184.939.491.328 byte disponibili Post-Run: 184.837.226.496 byte disponibili . - - End Of File - - 2FE35FF9A0EA194DABE8E3C6D54E7DA6

#10 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 31 May 2012 - 03:51 PM

Hi lukem, How's the computer? Try running aswMBR again and post the log. Thanks

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

Advertisements

Register to Remove

#11 lukem

Authentic Member

Authentic Member
50 posts

Posted 31 May 2012 - 04:12 PM

aswMBR crashes again after some minutes

I noticed that when I open firefox and search something directly in the url bar (not in the search bar) it opens always a new tab with url:
http://urlseek20.vmn.net/search.php

thanks

#12 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 31 May 2012 - 05:56 PM

Hi

Let's see if we can get aswMBR to run. We'll use a different program to help us.

Do not do a scan with this tool, only install it for now.

Download and save to your desktop Malwarebytes Anti-Malware

Double Click mbam-setup.exe to install the application.

Make sure both Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware are unchecked, then click Finish.

We'll update it later.

Move the copy of aswMBR that you have from the desktop to this folder:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon

Next

Press the Windows key and the R key at the same time. This should open the run box. In the run box copy and paste the following line (don't miss the first " mark)

C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\mbam-chameleon.exe" /o

A black DOS prompt will appear with a prompt to press any key to continue, please do.

Run aswMBR.exe by doubleclicking on it.

Press Scan

Please post the log.

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#13 lukem

Authentic Member

Authentic Member
50 posts

Posted 02 June 2012 - 02:04 AM

Hi
same problem, it crashes.

I made a screen print just before crash. I see some errors:

Posted Image

Thanks

#14 oldman960

Forum God

Retired Classroom Teacher
14,770 posts

Posted 02 June 2012 - 05:55 AM

Hi lukem,

Please download DeFogger to your desktop.

Double click DeFogger to run the tool.

The application window will appear
Click the Disable button to disable your CD Emulation drivers
Click Yes to continue
A 'Finished!' message will appear
Click OK
DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

Next

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#15 lukem

Authentic Member

Authentic Member
50 posts

Posted 02 June 2012 - 07:01 AM

Thanks Cure is not present, so I selected Continue. NO action taken, so no reboot needed. This is the log: 14:57:00.0634 2692 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16 14:57:00.0970 2692 ============================================================ 14:57:00.0970 2692 Current date / time: 2012/06/02 14:57:00.0970 14:57:00.0970 2692 SystemInfo: 14:57:00.0970 2692 14:57:00.0970 2692 OS Version: 6.1.7601 ServicePack: 1.0 14:57:00.0970 2692 Product type: Workstation 14:57:00.0970 2692 ComputerName: GNORRO-PC 14:57:00.0971 2692 UserName: Gnorro 14:57:00.0971 2692 Windows directory: C:\Windows 14:57:00.0971 2692 System windows directory: C:\Windows 14:57:00.0971 2692 Processor architecture: Intel x86 14:57:00.0971 2692 Number of processors: 8 14:57:00.0971 2692 Page size: 0x1000 14:57:00.0971 2692 Boot type: Normal boot 14:57:00.0971 2692 ============================================================ 14:57:02.0963 2692 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 14:57:02.0964 2692 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 14:57:02.0968 2692 ============================================================ 14:57:02.0968 2692 \Device\Harddisk0\DR0: 14:57:02.0969 2692 MBR partitions: 14:57:02.0969 2692 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 14:57:02.0969 2692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32830, BlocksNum 0x1EC212C0 14:57:02.0982 2692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1EC53B2F, BlocksNum 0x27C1311 14:57:02.0991 2692 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x21414E7F, BlocksNum 0x18F6FA11 14:57:02.0991 2692 \Device\Harddisk1\DR1: 14:57:02.0991 2692 MBR partitions: 14:57:02.0991 2692 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800 14:57:02.0991 2692 ============================================================ 14:57:03.0017 2692 C: <-> \Device\Harddisk0\DR0\Partition1 14:57:03.0039 2692 E: <-> \Device\Harddisk0\DR0\Partition3 14:57:03.0066 2692 D: <-> \Device\Harddisk0\DR0\Partition2 14:57:03.0078 2692 F: <-> \Device\Harddisk1\DR1\Partition0 14:57:03.0078 2692 ============================================================ 14:57:03.0078 2692 Initialize success 14:57:03.0078 2692 ============================================================ 14:57:21.0952 5372 ============================================================ 14:57:21.0952 5372 Scan started 14:57:21.0952 5372 Mode: Manual; SigCheck; TDLFS; 14:57:21.0952 5372 ============================================================ 14:57:24.0033 5372 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 14:57:24.0339 5372 1394ohci - ok 14:57:24.0388 5372 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 14:57:24.0426 5372 ACPI - ok 14:57:24.0451 5372 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 14:57:24.0503 5372 AcpiPmi - ok 14:57:24.0612 5372 AcronisOSSReinstallSvc (e2769e2699af88ca3c57289a8a32ed19) C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe 14:57:24.0688 5372 AcronisOSSReinstallSvc - ok 14:57:24.0804 5372 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:57:24.0862 5372 AdobeFlashPlayerUpdateSvc - ok 14:57:24.0907 5372 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 14:57:24.0941 5372 adp94xx - ok 14:57:24.0960 5372 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 14:57:24.0991 5372 adpahci - ok 14:57:25.0001 5372 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 14:57:25.0030 5372 adpu320 - ok 14:57:25.0050 5372 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 14:57:25.0112 5372 AeLookupSvc - ok 14:57:25.0157 5372 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 14:57:25.0219 5372 AFD - ok 14:57:25.0242 5372 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 14:57:25.0279 5372 agp440 - ok 14:57:25.0308 5372 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 14:57:25.0336 5372 aic78xx - ok 14:57:25.0355 5372 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 14:57:25.0411 5372 ALG - ok 14:57:25.0443 5372 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 14:57:25.0457 5372 aliide - ok 14:57:25.0504 5372 AMD External Events Utility (ec98ca8298f67926fa50876348534b1d) C:\Windows\system32\atiesrxx.exe 14:57:25.0601 5372 AMD External Events Utility - ok 14:57:25.0631 5372 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 14:57:25.0645 5372 amdagp - ok 14:57:25.0647 5372 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 14:57:25.0660 5372 amdide - ok 14:57:25.0680 5372 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 14:57:25.0734 5372 AmdK8 - ok 14:57:25.0955 5372 amdkmdag (65b44179cf184b08e86097bffbf03f24) C:\Windows\system32\DRIVERS\atikmdag.sys 14:57:26.0150 5372 amdkmdag - ok 14:57:26.0212 5372 amdkmdap (5e1c65524ff1713711ce27879d813384) C:\Windows\system32\DRIVERS\atikmpag.sys 14:57:26.0265 5372 amdkmdap - ok 14:57:26.0287 5372 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 14:57:26.0326 5372 AmdPPM - ok 14:57:26.0363 5372 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 14:57:26.0381 5372 amdsata - ok 14:57:26.0402 5372 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 14:57:26.0430 5372 amdsbs - ok 14:57:26.0441 5372 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 14:57:26.0459 5372 amdxata - ok 14:57:26.0511 5372 AppHostSvc (d1af38fbac0dc7e6d796b0ed01707ee0) C:\Windows\system32\inetsrv\apphostsvc.dll 14:57:26.0574 5372 AppHostSvc - ok 14:57:26.0606 5372 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 14:57:26.0674 5372 AppID - ok 14:57:26.0699 5372 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 14:57:26.0742 5372 AppIDSvc - ok 14:57:26.0776 5372 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 14:57:26.0809 5372 Appinfo - ok 14:57:26.0838 5372 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 14:57:26.0893 5372 AppMgmt - ok 14:57:26.0903 5372 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 14:57:26.0930 5372 arc - ok 14:57:26.0937 5372 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 14:57:26.0965 5372 arcsas - ok 14:57:27.0003 5372 AsIO (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys 14:57:27.0125 5372 AsIO - ok 14:57:27.0230 5372 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 14:57:27.0283 5372 aspnet_state - ok 14:57:27.0318 5372 AsSysCtrlService (e781164c7d47950e3d218c84b2901cb2) C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe 14:57:27.0378 5372 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - warning 14:57:27.0378 5372 AsSysCtrlService - detected UnsignedFile.Multi.Generic (1) 14:57:27.0390 5372 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 14:57:27.0451 5372 AsyncMac - ok 14:57:27.0567 5372 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 14:57:27.0590 5372 atapi - ok 14:57:27.0675 5372 AtiHDAudioService (7725aecceddf81bd8374c77157e450ea) C:\Windows\system32\drivers\AtihdW73.sys 14:57:27.0701 5372 AtiHDAudioService - ok 14:57:27.0737 5372 AtiHdmiService (36a49b49e982450ac117eda6ab35bdf5) C:\Windows\system32\drivers\AtiHdmi.sys 14:57:27.0764 5372 AtiHdmiService ( UnsignedFile.Multi.Generic ) - warning 14:57:27.0764 5372 AtiHdmiService - detected UnsignedFile.Multi.Generic (1) 14:57:27.0979 5372 atikmdag (65b44179cf184b08e86097bffbf03f24) C:\Windows\system32\DRIVERS\atikmdag.sys 14:57:28.0060 5372 atikmdag - ok 14:57:28.0132 5372 ATITool (0e4bb35c5305099ac82053ac992e3e0e) C:\Windows\system32\DRIVERS\ATITool.sys 14:57:28.0155 5372 ATITool ( UnsignedFile.Multi.Generic ) - warning 14:57:28.0155 5372 ATITool - detected UnsignedFile.Multi.Generic (1) 14:57:28.0196 5372 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 14:57:28.0241 5372 AudioEndpointBuilder - ok 14:57:28.0245 5372 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 14:57:28.0268 5372 Audiosrv - ok 14:57:28.0355 5372 AVP (80b7a5958416e87f1a52d48179881a7f) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe 14:57:28.0389 5372 AVP - ok 14:57:28.0427 5372 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 14:57:28.0499 5372 AxInstSV - ok 14:57:28.0530 5372 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 14:57:28.0588 5372 b06bdrv - ok 14:57:28.0619 5372 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 14:57:28.0649 5372 b57nd60x - ok 14:57:28.0685 5372 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 14:57:28.0787 5372 BDESVC - ok 14:57:28.0801 5372 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 14:57:28.0854 5372 Beep - ok 14:57:29.0253 5372 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 14:57:29.0332 5372 BFE - ok 14:57:29.0364 5372 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll 14:57:29.0413 5372 BITS - ok 14:57:29.0428 5372 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 14:57:29.0461 5372 blbdrive - ok 14:57:29.0569 5372 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 14:57:29.0686 5372 bowser - ok 14:57:29.0725 5372 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 14:57:29.0779 5372 BrFiltLo - ok 14:57:29.0793 5372 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 14:57:29.0848 5372 BrFiltUp - ok 14:57:29.0879 5372 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 14:57:29.0926 5372 BridgeMP - ok 14:57:29.0963 5372 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 14:57:30.0036 5372 Browser - ok 14:57:30.0265 5372 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 14:57:30.0388 5372 Brserid - ok 14:57:30.0400 5372 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 14:57:30.0456 5372 BrSerWdm - ok 14:57:30.0465 5372 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:57:30.0527 5372 BrUsbMdm - ok 14:57:30.0529 5372 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 14:57:30.0591 5372 BrUsbSer - ok 14:57:30.0594 5372 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 14:57:30.0635 5372 BTHMODEM - ok 14:57:30.0662 5372 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 14:57:30.0703 5372 bthserv - ok 14:57:30.0780 5372 catchme - ok 14:57:30.0813 5372 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 14:57:30.0856 5372 cdfs - ok 14:57:30.0973 5372 CDMA Device Service (bb402688e25e6a58188a4fbe8cfb58df) C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe 14:57:30.0985 5372 CDMA Device Service ( UnsignedFile.Multi.Generic ) - warning 14:57:30.0985 5372 CDMA Device Service - detected UnsignedFile.Multi.Generic (1) 14:57:31.0030 5372 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 14:57:31.0059 5372 cdrom - ok 14:57:31.0089 5372 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 14:57:31.0138 5372 CertPropSvc - ok 14:57:31.0174 5372 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 14:57:31.0205 5372 circlass - ok 14:57:31.0228 5372 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 14:57:31.0258 5372 CLFS - ok 14:57:31.0305 5372 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:57:31.0332 5372 clr_optimization_v2.0.50727_32 - ok 14:57:31.0402 5372 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:57:31.0440 5372 clr_optimization_v4.0.30319_32 - ok 14:57:31.0460 5372 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 14:57:31.0488 5372 CmBatt - ok 14:57:31.0519 5372 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 14:57:31.0532 5372 cmdide - ok 14:57:31.0562 5372 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 14:57:31.0596 5372 CNG - ok 14:57:31.0603 5372 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 14:57:31.0634 5372 Compbatt - ok 14:57:31.0661 5372 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 14:57:31.0698 5372 CompositeBus - ok 14:57:31.0720 5372 COMSysApp - ok 14:57:31.0723 5372 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 14:57:31.0751 5372 crcdisk - ok 14:57:31.0799 5372 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 14:57:31.0856 5372 CryptSvc - ok 14:57:31.0900 5372 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 14:57:31.0962 5372 CSC - ok 14:57:32.0000 5372 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll 14:57:32.0039 5372 CscService - ok 14:57:32.0077 5372 dc3d (734bbe7c66e6fd6047a1bd29b9343b30) C:\Windows\system32\DRIVERS\dc3d.sys 14:57:32.0092 5372 dc3d - ok 14:57:32.0109 5372 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 14:57:32.0154 5372 DcomLaunch - ok 14:57:32.0185 5372 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 14:57:32.0234 5372 defragsvc - ok 14:57:32.0262 5372 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 14:57:32.0313 5372 DfsC - ok 14:57:32.0357 5372 dg_ssudbus (919f338fd36f47d860775368d0748780) C:\Windows\system32\DRIVERS\ssudbus.sys 14:57:32.0374 5372 dg_ssudbus - ok 14:57:32.0430 5372 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 14:57:32.0493 5372 Dhcp - ok 14:57:32.0514 5372 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 14:57:32.0556 5372 discache - ok 14:57:32.0585 5372 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 14:57:32.0612 5372 Disk - ok 14:57:32.0640 5372 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 14:57:32.0722 5372 Dnscache - ok 14:57:32.0748 5372 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 14:57:32.0785 5372 dot3svc - ok 14:57:32.0831 5372 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys 14:57:32.0867 5372 Dot4 - ok 14:57:32.0894 5372 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys 14:57:32.0931 5372 Dot4Print - ok 14:57:32.0951 5372 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys 14:57:32.0977 5372 dot4usb - ok 14:57:33.0006 5372 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 14:57:33.0048 5372 DPS - ok 14:57:33.0072 5372 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 14:57:33.0112 5372 drmkaud - ok 14:57:33.0228 5372 DvmMDES (355e50803a28af282a87faa2612b95ce) C:\ASUS.SYS\config\DVMExportService.exe 14:57:33.0264 5372 DvmMDES ( UnsignedFile.Multi.Generic ) - warning 14:57:33.0264 5372 DvmMDES - detected UnsignedFile.Multi.Generic (1) 14:57:33.0316 5372 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 14:57:33.0359 5372 DXGKrnl - ok 14:57:33.0381 5372 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 14:57:33.0429 5372 EapHost - ok 14:57:33.0554 5372 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 14:57:33.0709 5372 ebdrv - ok 14:57:33.0801 5372 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe 14:57:33.0834 5372 EFS - ok 14:57:33.0876 5372 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 14:57:33.0948 5372 ehRecvr - ok 14:57:33.0966 5372 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 14:57:34.0046 5372 ehSched - ok 14:57:34.0067 5372 EIO - ok 14:57:34.0119 5372 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys 14:57:34.0146 5372 ElbyCDIO - ok 14:57:34.0182 5372 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 14:57:34.0219 5372 elxstor - ok 14:57:34.0243 5372 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 14:57:34.0360 5372 ErrDev - ok 14:57:34.0512 5372 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 14:57:34.0565 5372 EventSystem - ok 14:57:34.0600 5372 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 14:57:34.0638 5372 exfat - ok 14:57:34.0653 5372 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 14:57:34.0696 5372 fastfat - ok 14:57:34.0733 5372 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 14:57:34.0824 5372 Fax - ok 14:57:34.0831 5372 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 14:57:34.0859 5372 fdc - ok 14:57:34.0883 5372 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 14:57:34.0941 5372 fdPHost - ok 14:57:34.0954 5372 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 14:57:34.0992 5372 FDResPub - ok 14:57:35.0014 5372 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 14:57:35.0041 5372 FileInfo - ok 14:57:35.0061 5372 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 14:57:35.0099 5372 Filetrace - ok 14:57:35.0111 5372 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 14:57:35.0150 5372 flpydisk - ok 14:57:35.0169 5372 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 14:57:35.0224 5372 FltMgr - ok 14:57:35.0258 5372 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 14:57:35.0325 5372 FontCache - ok 14:57:35.0394 5372 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 14:57:35.0446 5372 FontCache3.0.0.0 - ok 14:57:35.0464 5372 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 14:57:35.0492 5372 FsDepends - ok 14:57:35.0515 5372 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys 14:57:35.0545 5372 Fs_Rec - ok 14:57:35.0589 5372 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 14:57:35.0614 5372 fvevol - ok 14:57:35.0625 5372 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 14:57:35.0663 5372 gagp30kx - ok 14:57:35.0691 5372 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys 14:57:35.0731 5372 giveio ( UnsignedFile.Multi.Generic ) - warning 14:57:35.0731 5372 giveio - detected UnsignedFile.Multi.Generic (1) 14:57:35.0762 5372 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 14:57:35.0813 5372 gpsvc - ok 14:57:35.0925 5372 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 14:57:35.0948 5372 gupdate - ok 14:57:35.0950 5372 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 14:57:35.0960 5372 gupdatem - ok 14:57:35.0991 5372 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys 14:57:36.0012 5372 hamachi - ok 14:57:36.0088 5372 Hamachi2Svc (1e8a0705f9925fad9b2d4f6fc05e1982) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe 14:57:36.0157 5372 Hamachi2Svc - ok 14:57:36.0221 5372 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 14:57:36.0275 5372 hcw85cir - ok 14:57:36.0310 5372 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 14:57:36.0340 5372 HdAudAddService - ok 14:57:36.0376 5372 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys 14:57:36.0409 5372 HDAudBus - ok 14:57:36.0411 5372 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 14:57:36.0462 5372 HidBatt - ok 14:57:36.0469 5372 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 14:57:36.0506 5372 HidBth - ok 14:57:36.0521 5372 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 14:57:36.0572 5372 HidIr - ok 14:57:36.0602 5372 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll 14:57:36.0657 5372 hidserv - ok 14:57:36.0692 5372 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 14:57:36.0717 5372 HidUsb - ok 14:57:36.0745 5372 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 14:57:36.0789 5372 hkmsvc - ok 14:57:36.0801 5372 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 14:57:36.0867 5372 HomeGroupListener - ok 14:57:36.0877 5372 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 14:57:36.0920 5372 HomeGroupProvider - ok 14:57:37.0039 5372 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 14:57:37.0063 5372 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 14:57:37.0064 5372 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 14:57:37.0079 5372 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 14:57:37.0111 5372 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 14:57:37.0111 5372 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 14:57:37.0153 5372 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 14:57:37.0170 5372 HpSAMD - ok 14:57:37.0214 5372 HPSLPSVC (568e44f6dcfa173f3670172b69379891) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 14:57:37.0240 5372 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 14:57:37.0240 5372 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 14:57:37.0303 5372 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 14:57:37.0342 5372 HTTP - ok 14:57:37.0422 5372 HWiNFO32 (79b69cd1dfbdc48ccad4b8b6d4048786) C:\Program Files\HWiNFO32\HWiNFO32.SYS 14:57:37.0445 5372 HWiNFO32 - ok 14:57:37.0468 5372 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 14:57:37.0491 5372 hwpolicy - ok 14:57:37.0521 5372 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 14:57:37.0542 5372 i8042prt - ok 14:57:37.0580 5372 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 14:57:37.0602 5372 iaStorV - ok 14:57:37.0678 5372 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 14:57:37.0725 5372 IDriverT ( UnsignedFile.Multi.Generic ) - warning 14:57:37.0725 5372 IDriverT - detected UnsignedFile.Multi.Generic (1) 14:57:37.0804 5372 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:57:37.0837 5372 idsvc - ok 14:57:37.0908 5372 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 14:57:37.0936 5372 iirsp - ok 14:57:37.0982 5372 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 14:57:38.0025 5372 IKEEXT - ok 14:57:38.0109 5372 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) C:\Windows\system32\drivers\RTKVHDA.sys 14:57:38.0181 5372 IntcAzAudAddService - ok 14:57:38.0263 5372 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 14:57:38.0276 5372 intelide - ok 14:57:38.0292 5372 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 14:57:38.0320 5372 intelppm - ok 14:57:38.0506 5372 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 14:57:38.0556 5372 IPBusEnum - ok 14:57:38.0567 5372 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:57:38.0620 5372 IpFilterDriver - ok 14:57:38.0676 5372 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 14:57:38.0719 5372 iphlpsvc - ok 14:57:38.0741 5372 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 14:57:38.0782 5372 IPMIDRV - ok 14:57:38.0801 5372 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 14:57:38.0851 5372 IPNAT - ok 14:57:38.0860 5372 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 14:57:38.0926 5372 IRENUM - ok 14:57:38.0965 5372 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 14:57:38.0980 5372 isapnp - ok 14:57:39.0013 5372 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 14:57:39.0032 5372 iScsiPrt - ok 14:57:39.0073 5372 JRAID (1f6856a7137d375d5f0b6d2463b7e6e9) C:\Windows\system32\DRIVERS\jraid.sys 14:57:39.0128 5372 JRAID - ok 14:57:39.0161 5372 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 14:57:39.0174 5372 kbdclass - ok 14:57:39.0213 5372 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 14:57:39.0238 5372 kbdhid - ok 14:57:39.0262 5372 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:57:39.0274 5372 KeyIso - ok 14:57:39.0309 5372 kl1 (514e8fcc961241c6cf002f3a1e05de94) C:\Windows\system32\DRIVERS\kl1.sys 14:57:39.0336 5372 kl1 - ok 14:57:39.0341 5372 klbg (f9089982ed97340984e3dd60edd75490) C:\Windows\system32\drivers\klbg.sys 14:57:39.0367 5372 klbg - ok 14:57:39.0408 5372 KLIF (2a98658edc36c35de263d00ccbc80f2d) C:\Windows\system32\DRIVERS\klif.sys 14:57:39.0436 5372 KLIF - ok 14:57:39.0454 5372 KLIM6 (672b4ab554f63738b97f11299012c12e) C:\Windows\system32\DRIVERS\klim6.sys 14:57:39.0477 5372 KLIM6 - ok 14:57:39.0480 5372 klmouflt (0c147d68ca28618477bd6cd094e0bc39) C:\Windows\system32\DRIVERS\klmouflt.sys 14:57:39.0505 5372 klmouflt - ok 14:57:39.0601 5372 KMService (4635935fc972c582632bf45c26bfcb0e) C:\Windows\system32\srvany.exe 14:57:39.0626 5372 KMService ( UnsignedFile.Multi.Generic ) - warning 14:57:39.0626 5372 KMService - detected UnsignedFile.Multi.Generic (1) 14:57:39.0651 5372 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 14:57:39.0669 5372 KSecDD - ok 14:57:39.0681 5372 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 14:57:39.0707 5372 KSecPkg - ok 14:57:39.0737 5372 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 14:57:39.0826 5372 KtmRm - ok 14:57:39.0887 5372 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll 14:57:39.0937 5372 LanmanServer - ok 14:57:39.0964 5372 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 14:57:40.0013 5372 LanmanWorkstation - ok 14:57:40.0035 5372 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 14:57:40.0074 5372 lltdio - ok 14:57:40.0100 5372 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 14:57:40.0140 5372 lltdsvc - ok 14:57:40.0151 5372 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 14:57:40.0193 5372 lmhosts - ok 14:57:40.0217 5372 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 14:57:40.0246 5372 LSI_FC - ok 14:57:40.0250 5372 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 14:57:40.0278 5372 LSI_SAS - ok 14:57:40.0283 5372 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 14:57:40.0311 5372 LSI_SAS2 - ok 14:57:40.0316 5372 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 14:57:40.0357 5372 LSI_SCSI - ok 14:57:40.0365 5372 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 14:57:40.0407 5372 luafv - ok 14:57:40.0497 5372 Macromedia Licensing Service (d5ba9b816afef5292fe13c9a6267b6ab) C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe 14:57:40.0579 5372 Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - warning 14:57:40.0579 5372 Macromedia Licensing Service - detected UnsignedFile.Multi.Generic (1) 14:57:40.0603 5372 mbamchameleon (5dc35c6ecff38c91db3511c63d0000d9) C:\Windows\system32\drivers\mbamchameleon.sys 14:57:40.0628 5372 mbamchameleon - ok 14:57:40.0683 5372 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 14:57:40.0735 5372 Mcx2Svc - ok 14:57:40.0749 5372 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 14:57:40.0776 5372 megasas - ok 14:57:40.0810 5372 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 14:57:40.0855 5372 MegaSR - ok 14:57:40.0874 5372 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 14:57:40.0919 5372 MMCSS - ok 14:57:40.0922 5372 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 14:57:40.0988 5372 Modem - ok 14:57:41.0022 5372 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 14:57:41.0060 5372 monitor - ok 14:57:41.0095 5372 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 14:57:41.0108 5372 mouclass - ok 14:57:41.0138 5372 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 14:57:41.0172 5372 mouhid - ok 14:57:41.0197 5372 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 14:57:41.0219 5372 mountmgr - ok 14:57:41.0261 5372 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 14:57:41.0297 5372 MozillaMaintenance - ok 14:57:41.0319 5372 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 14:57:41.0337 5372 mpio - ok 14:57:41.0349 5372 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 14:57:41.0393 5372 mpsdrv - ok 14:57:41.0459 5372 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 14:57:41.0501 5372 MpsSvc - ok 14:57:41.0531 5372 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 14:57:41.0556 5372 MRxDAV - ok 14:57:41.0602 5372 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:57:41.0648 5372 mrxsmb - ok 14:57:41.0673 5372 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:57:41.0690 5372 mrxsmb10 - ok 14:57:41.0705 5372 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:57:41.0774 5372 mrxsmb20 - ok 14:57:41.0807 5372 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 14:57:41.0827 5372 msahci - ok 14:57:41.0920 5372 MsDepSvc (aaac4b494de45836121a40aec980b631) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe 14:57:41.0950 5372 MsDepSvc - ok 14:57:41.0971 5372 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 14:57:41.0989 5372 msdsm - ok 14:57:42.0013 5372 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 14:57:42.0045 5372 MSDTC - ok 14:57:42.0156 5372 MsDtsServer (8b6be9a0c37a741f8a7ec604d6dce9a7) C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe 14:57:42.0196 5372 MsDtsServer - ok 14:57:42.0210 5372 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 14:57:42.0236 5372 Msfs - ok 14:57:42.0316 5372 msftesql (64149160ccbae488d61abe3f46e8a95f) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe 14:57:42.0331 5372 msftesql - ok 14:57:42.0341 5372 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 14:57:42.0388 5372 mshidkmdf - ok 14:57:42.0429 5372 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 14:57:42.0442 5372 msisadrv - ok 14:57:42.0472 5372 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 14:57:42.0521 5372 MSiSCSI - ok 14:57:42.0523 5372 msiserver - ok 14:57:42.0547 5372 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 14:57:42.0587 5372 MSKSSRV - ok 14:57:42.0608 5372 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 14:57:42.0658 5372 MSPCLOCK - ok 14:57:42.0661 5372 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 14:57:42.0695 5372 MSPQM - ok 14:57:42.0708 5372 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 14:57:42.0733 5372 MsRPC - ok 14:57:42.0757 5372 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 14:57:42.0769 5372 mssmbios - ok 14:57:42.0806 5372 MSSQL$SQLEXPRESS - ok 14:57:42.0838 5372 MSSQLSERVER - ok 14:57:42.0885 5372 MSSQLServerADHelper (adaf062116b4e6d96e44d26486a87af6) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 14:57:42.0904 5372 MSSQLServerADHelper - ok 14:57:42.0974 5372 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 14:57:42.0990 5372 MSSQLServerADHelper100 - ok 14:57:43.0022 5372 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 14:57:43.0056 5372 MSTEE - ok 14:57:43.0190 5372 msvsmon90 (e514d0493c272aecbac7c6c1dac635d1) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe 14:57:43.0299 5372 msvsmon90 - ok 14:57:43.0373 5372 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 14:57:43.0410 5372 MTConfig - ok 14:57:43.0444 5372 MTsensor (cbe71c122434805cb73ffb6619f60598) C:\Windows\system32\DRIVERS\ASACPI.sys 14:57:43.0462 5372 MTsensor - ok 14:57:43.0470 5372 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 14:57:43.0509 5372 Mup - ok 14:57:43.0569 5372 MySQL - ok 14:57:43.0603 5372 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 14:57:43.0644 5372 napagent - ok 14:57:43.0696 5372 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 14:57:43.0751 5372 NativeWifiP - ok 14:57:43.0789 5372 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 14:57:43.0820 5372 NDIS - ok 14:57:43.0831 5372 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 14:57:43.0882 5372 NdisCap - ok 14:57:43.0913 5372 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 14:57:43.0978 5372 NdisTapi - ok 14:57:44.0006 5372 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 14:57:44.0037 5372 Ndisuio - ok 14:57:44.0054 5372 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 14:57:44.0124 5372 NdisWan - ok 14:57:44.0158 5372 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 14:57:44.0227 5372 NDProxy - ok 14:57:44.0279 5372 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\Windows\system32\HPZinw12.dll 14:57:44.0310 5372 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 14:57:44.0310 5372 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 14:57:44.0333 5372 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 14:57:44.0375 5372 NetBIOS - ok 14:57:44.0402 5372 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 14:57:44.0435 5372 NetBT - ok 14:57:44.0457 5372 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:57:44.0477 5372 Netlogon - ok 14:57:44.0507 5372 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 14:57:44.0561 5372 Netman - ok 14:57:44.0868 5372 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 14:57:44.0904 5372 NetMsmqActivator - ok 14:57:44.0907 5372 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 14:57:44.0920 5372 NetPipeActivator - ok 14:57:44.0947 5372 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 14:57:44.0990 5372 netprofm - ok 14:57:44.0993 5372 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 14:57:45.0003 5372 NetTcpActivator - ok 14:57:45.0005 5372 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 14:57:45.0016 5372 NetTcpPortSharing - ok 14:57:45.0029 5372 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 14:57:45.0058 5372 nfrd960 - ok 14:57:45.0090 5372 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 14:57:45.0132 5372 NlaSvc - ok 14:57:45.0148 5372 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 14:57:45.0183 5372 Npfs - ok 14:57:45.0187 5372 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 14:57:45.0228 5372 nsi - ok 14:57:45.0240 5372 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 14:57:45.0283 5372 nsiproxy - ok 14:57:45.0332 5372 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 14:57:45.0374 5372 Ntfs - ok 14:57:45.0424 5372 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 14:57:45.0463 5372 Null - ok 14:57:45.0483 5372 nvlddmkm - ok 14:57:45.0520 5372 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 14:57:45.0538 5372 nvraid - ok 14:57:45.0566 5372 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 14:57:45.0586 5372 nvstor - ok 14:57:45.0606 5372 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 14:57:45.0621 5372 nv_agp - ok 14:57:45.0714 5372 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 14:57:45.0757 5372 odserv - ok 14:57:45.0780 5372 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 14:57:45.0818 5372 ohci1394 - ok 14:57:45.0860 5372 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:57:45.0883 5372 ose - ok 14:57:46.0044 5372 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 14:57:46.0164 5372 osppsvc - ok 14:57:46.0227 5372 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 14:57:46.0313 5372 p2pimsvc - ok 14:57:46.0331 5372 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 14:57:46.0373 5372 p2psvc - ok 14:57:46.0408 5372 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 14:57:46.0439 5372 Parport - ok 14:57:46.0460 5372 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys 14:57:46.0481 5372 partmgr - ok 14:57:46.0488 5372 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 14:57:46.0526 5372 Parvdm - ok 14:57:46.0546 5372 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 14:57:46.0609 5372 PcaSvc - ok 14:57:46.0640 5372 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 14:57:46.0655 5372 pci - ok 14:57:46.0674 5372 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 14:57:46.0687 5372 pciide - ok 14:57:46.0698 5372 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 14:57:46.0729 5372 pcmcia - ok 14:57:46.0740 5372 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 14:57:46.0767 5372 pcw - ok 14:57:46.0785 5372 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 14:57:46.0848 5372 PEAUTH - ok 14:57:46.0897 5372 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 14:57:46.0964 5372 PeerDistSvc - ok 14:57:47.0023 5372 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 14:57:47.0105 5372 pla - ok 14:57:47.0193 5372 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 14:57:47.0263 5372 PlugPlay - ok 14:57:47.0311 5372 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\Windows\system32\HPZipm12.dll 14:57:47.0329 5372 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 14:57:47.0329 5372 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 14:57:47.0366 5372 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe 14:57:47.0389 5372 PnkBstrA - ok 14:57:47.0405 5372 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 14:57:47.0436 5372 PNRPAutoReg - ok 14:57:47.0450 5372 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 14:57:47.0464 5372 PNRPsvc - ok 14:57:47.0527 5372 Point32 (858d5d8dbe432b358ca2f9d534169ca1) C:\Windows\system32\DRIVERS\point32k.sys 14:57:47.0543 5372 Point32 - ok 14:57:47.0575 5372 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 14:57:47.0639 5372 PolicyAgent - ok 14:57:47.0656 5372 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 14:57:47.0690 5372 Power - ok 14:57:47.0788 5372 PowerOffer Service (487835c60ac8362019115b22fe24fed9) C:\Users\Gnorro\AppData\Local\PosService\Pos.exe 14:57:47.0834 5372 PowerOffer Service ( UnsignedFile.Multi.Generic ) - warning 14:57:47.0834 5372 PowerOffer Service - detected UnsignedFile.Multi.Generic (1) 14:57:47.0858 5372 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 14:57:47.0896 5372 PptpMiniport - ok 14:57:47.0911 5372 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 14:57:47.0945 5372 Processor - ok 14:57:47.0985 5372 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 14:57:48.0018 5372 ProfSvc - ok 14:57:48.0045 5372 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:57:48.0057 5372 ProtectedStorage - ok 14:57:48.0076 5372 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 14:57:48.0115 5372 Psched - ok 14:57:48.0151 5372 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 14:57:48.0210 5372 ql2300 - ok 14:57:48.0257 5372 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 14:57:48.0300 5372 ql40xx - ok 14:57:48.0317 5372 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 14:57:48.0363 5372 QWAVE - ok 14:57:48.0381 5372 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 14:57:48.0411 5372 QWAVEdrv - ok 14:57:48.0479 5372 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll 14:57:48.0514 5372 RapiMgr - ok 14:57:48.0520 5372 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 14:57:48.0574 5372 RasAcd - ok 14:57:48.0613 5372 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:57:48.0649 5372 RasAgileVpn - ok 14:57:48.0664 5372 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 14:57:48.0703 5372 RasAuto - ok 14:57:48.0714 5372 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:57:48.0753 5372 Rasl2tp - ok 14:57:48.0791 5372 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 14:57:48.0833 5372 RasMan - ok 14:57:48.0838 5372 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 14:57:48.0875 5372 RasPppoe - ok 14:57:48.0883 5372 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 14:57:48.0929 5372 RasSstp - ok 14:57:48.0954 5372 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 14:57:48.0990 5372 rdbss - ok 14:57:48.0998 5372 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 14:57:49.0050 5372 rdpbus - ok 14:57:49.0090 5372 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:57:49.0147 5372 RDPCDD - ok 14:57:49.0182 5372 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 14:57:49.0242 5372 RDPDR - ok 14:57:49.0261 5372 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 14:57:49.0297 5372 RDPENCDD - ok 14:57:49.0300 5372 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 14:57:49.0342 5372 RDPREFMP - ok 14:57:49.0372 5372 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 14:57:49.0411 5372 RdpVideoMiniport - ok 14:57:49.0440 5372 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys 14:57:49.0485 5372 RDPWD - ok 14:57:49.0512 5372 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 14:57:49.0536 5372 rdyboost - ok 14:57:49.0668 5372 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 14:57:49.0776 5372 RemoteAccess - ok 14:57:49.0820 5372 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 14:57:49.0863 5372 RemoteRegistry - ok 14:57:49.0958 5372 RivaTuner32 (c0c8909be3ecc9df8089112bf9be954e) C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys 14:57:49.0987 5372 RivaTuner32 ( UnsignedFile.Multi.Generic ) - warning 14:57:49.0987 5372 RivaTuner32 - detected UnsignedFile.Multi.Generic (1) 14:57:50.0012 5372 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 14:57:50.0051 5372 RpcEptMapper - ok 14:57:50.0062 5372 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 14:57:50.0102 5372 RpcLocator - ok 14:57:50.0134 5372 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 14:57:50.0167 5372 RpcSs - ok 14:57:50.0200 5372 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\Windows\system32\DRIVERS\RsFx0103.sys 14:57:50.0217 5372 RsFx0103 - ok 14:57:50.0250 5372 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 14:57:50.0301 5372 rspndr - ok 14:57:50.0341 5372 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys 14:57:50.0360 5372 RTL8167 - ok 14:57:50.0392 5372 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 14:57:50.0458 5372 s3cap - ok 14:57:50.0484 5372 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:57:50.0496 5372 SamSs - ok 14:57:50.0549 5372 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\WNt500x86\Sandra.sys 14:57:50.0571 5372 SANDRA - ok 14:57:50.0603 5372 SandraAgentSrv (df7d83053f32dd52b7cc079eb3342c24) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\RpcAgentSrv.exe 14:57:50.0636 5372 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning 14:57:50.0636 5372 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1) 14:57:50.0676 5372 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\DRIVERS\sbp2port.sys 14:57:50.0693 5372 sbp2port - ok 14:57:50.0781 5372 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 14:57:50.0838 5372 SBSDWSCService - ok 14:57:50.0904 5372 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 14:57:50.0956 5372 SCardSvr - ok 14:57:50.0999 5372 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 14:57:51.0045 5372 scfilter - ok 14:57:51.0091 5372 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 14:57:51.0135 5372 Schedule - ok 14:57:51.0161 5372 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 14:57:51.0191 5372 SCPolicySvc - ok 14:57:51.0197 5372 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 14:57:51.0265 5372 SDRSVC - ok 14:57:51.0281 5372 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 14:57:51.0318 5372 secdrv - ok 14:57:51.0341 5372 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 14:57:51.0383 5372 seclogon - ok 14:57:51.0400 5372 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll 14:57:51.0439 5372 SENS - ok 14:57:51.0455 5372 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 14:57:51.0534 5372 SensrSvc - ok 14:57:51.0549 5372 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 14:57:51.0576 5372 Serenum - ok 14:57:51.0589 5372 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 14:57:51.0613 5372 Serial - ok 14:57:51.0649 5372 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 14:57:51.0679 5372 sermouse - ok 14:57:51.0786 5372 ServUpdater (b61b8621e3d5c56b8b3f62e31a5ea6f5) C:\Users\Gnorro\AppData\Local\ServUpdater\ServiceUpd.exe 14:57:51.0819 5372 ServUpdater ( UnsignedFile.Multi.Generic ) - warning 14:57:51.0819 5372 ServUpdater - detected UnsignedFile.Multi.Generic (1) 14:57:51.0869 5372 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 14:57:51.0908 5372 SessionEnv - ok 14:57:51.0937 5372 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 14:57:51.0960 5372 sffdisk - ok 14:57:51.0969 5372 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 14:57:51.0985 5372 sffp_mmc - ok 14:57:51.0998 5372 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 14:57:52.0038 5372 sffp_sd - ok 14:57:52.0057 5372 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 14:57:52.0080 5372 sfloppy - ok 14:57:52.0129 5372 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 14:57:52.0198 5372 SharedAccess - ok 14:57:52.0243 5372 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 14:57:52.0278 5372 ShellHWDetection - ok 14:57:52.0316 5372 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 14:57:52.0329 5372 sisagp - ok 14:57:52.0347 5372 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 14:57:52.0371 5372 SiSRaid2 - ok 14:57:52.0381 5372 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 14:57:52.0405 5372 SiSRaid4 - ok 14:57:52.0459 5372 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe 14:57:52.0495 5372 SkypeUpdate - ok 14:57:52.0511 5372 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 14:57:52.0555 5372 Smb - ok 14:57:52.0604 5372 snapman (e78c98378a071ce4d48a7c514fa98fa1) C:\Windows\system32\DRIVERS\snapman.sys 14:57:52.0629 5372 snapman - ok 14:57:52.0657 5372 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 14:57:52.0673 5372 SNMPTRAP - ok 14:57:52.0698 5372 speedfan (9f70cd5edcc4efc48ae21e04fb03be9d) C:\Windows\system32\speedfan.sys 14:57:52.0723 5372 speedfan - ok 14:57:52.0739 5372 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 14:57:52.0762 5372 spldr - ok 14:57:52.0802 5372 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 14:57:52.0847 5372 Spooler - ok 14:57:52.0928 5372 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 14:57:52.0983 5372 sppsvc - ok 14:57:53.0059 5372 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 14:57:53.0091 5372 sppuinotify - ok 14:57:53.0138 5372 sptd (a199171385be17973fd800fa91f8f78a) C:\Windows\System32\Drivers\sptd.sys 14:57:53.0166 5372 sptd - ok 14:57:53.0260 5372 SQLAgent$SQLEXPRESS (a687b5b326afcfcf182c4931d1ff9771) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 14:57:53.0289 5372 SQLAgent$SQLEXPRESS - ok 14:57:53.0377 5372 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 14:57:53.0394 5372 SQLBrowser - ok 14:57:53.0475 5372 SQLSERVERAGENT (7847ef1db2e289be82cbc70cf4d98ff8) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE 14:57:53.0516 5372 SQLSERVERAGENT - ok 14:57:53.0535 5372 SQLWriter (637a0f23f9012358e92e6f99835494d1) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 14:57:53.0550 5372 SQLWriter - ok 14:57:53.0636 5372 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 14:57:53.0689 5372 srv - ok 14:57:53.0729 5372 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 14:57:53.0756 5372 srv2 - ok 14:57:53.0772 5372 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 14:57:53.0792 5372 srvnet - ok 14:57:53.0816 5372 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 14:57:53.0869 5372 SSDPSRV - ok 14:57:53.0879 5372 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 14:57:53.0940 5372 SstpSvc - ok 14:57:53.0978 5372 ssudmdm (8f299012ef58246f1c98de7b7e48dbf0) C:\Windows\system32\DRIVERS\ssudmdm.sys 14:57:53.0995 5372 ssudmdm - ok 14:57:54.0067 5372 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 14:57:54.0088 5372 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning 14:57:54.0088 5372 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1) 14:57:54.0115 5372 Steam Client Service - ok 14:57:54.0138 5372 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 14:57:54.0162 5372 stexstor - ok 14:57:54.0191 5372 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys 14:57:54.0248 5372 StillCam - ok 14:57:54.0292 5372 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 14:57:54.0352 5372 StiSvc - ok 14:57:54.0385 5372 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 14:57:54.0402 5372 storflt - ok 14:57:54.0426 5372 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 14:57:54.0442 5372 storvsc - ok 14:57:54.0460 5372 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 14:57:54.0473 5372 swenum - ok 14:57:54.0492 5372 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 14:57:54.0540 5372 swprv - ok 14:57:54.0545 5372 Synth3dVsc - ok 14:57:54.0592 5372 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 14:57:54.0636 5372 SysMain - ok 14:57:54.0662 5372 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 14:57:54.0693 5372 TabletInputService - ok 14:57:54.0710 5372 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 14:57:54.0760 5372 TapiSrv - ok 14:57:54.0788 5372 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 14:57:54.0827 5372 TBS - ok 14:57:54.0899 5372 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys 14:57:54.0950 5372 Tcpip - ok 14:57:55.0301 5372 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys 14:57:55.0324 5372 TCPIP6 - ok 14:57:55.0406 5372 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 14:57:55.0440 5372 tcpipreg - ok 14:57:55.0474 5372 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 14:57:55.0498 5372 TDPIPE - ok 14:57:55.0532 5372 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys 14:57:55.0549 5372 TDTCP - ok 14:57:55.0579 5372 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 14:57:55.0620 5372 tdx - ok 14:57:55.0775 5372 TeamViewer7 (33966a658ff37e0c65d46e59f37e2380) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe 14:57:55.0850 5372 TeamViewer7 - ok 14:57:55.0931 5372 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 14:57:55.0944 5372 TermDD - ok 14:57:55.0978 5372 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 14:57:56.0016 5372 TermService - ok 14:57:56.0036 5372 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 14:57:56.0094 5372 Themes - ok 14:57:56.0125 5372 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 14:57:56.0164 5372 THREADORDER - ok 14:57:56.0215 5372 Tomcat6 (fab13554e86325f5cc1041e7537dc8f2) C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe 14:57:56.0226 5372 Tomcat6 ( UnsignedFile.Multi.Generic ) - warning 14:57:56.0226 5372 Tomcat6 - detected UnsignedFile.Multi.Generic (1) 14:57:56.0245 5372 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 14:57:56.0295 5372 TrkWks - ok 14:57:56.0335 5372 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 14:57:56.0376 5372 TrustedInstaller - ok 14:57:56.0392 5372 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:57:56.0437 5372 tssecsrv - ok 14:57:56.0476 5372 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 14:57:56.0524 5372 TsUsbFlt - ok 14:57:56.0526 5372 tsusbhub - ok 14:57:56.0567 5372 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 14:57:56.0605 5372 tunnel - ok 14:57:56.0731 5372 TVersityMediaServer (06bccb3bf0d06adccc4ebc8ef682dd59) C:\ProgramData\TVersity\Media Server\MediaServer.exe 14:57:56.0779 5372 TVersityMediaServer - ok 14:57:56.0835 5372 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 14:57:56.0859 5372 uagp35 - ok 14:57:56.0887 5372 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 14:57:56.0932 5372 udfs - ok 14:57:56.0964 5372 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 14:57:57.0001 5372 UI0Detect - ok 14:57:57.0042 5372 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 14:57:57.0056 5372 uliagpkx - ok 14:57:57.0092 5372 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 14:57:57.0133 5372 umbus - ok 14:57:57.0170 5372 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 14:57:57.0236 5372 UmPass - ok 14:57:57.0287 5372 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll 14:57:57.0345 5372 UmRdpService - ok 14:57:57.0369 5372 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 14:57:57.0427 5372 upnphost - ok 14:57:57.0457 5372 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 14:57:57.0539 5372 usbccgp - ok 14:57:57.0577 5372 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 14:57:57.0603 5372 usbcir - ok 14:57:57.0617 5372 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys 14:57:57.0635 5372 usbehci - ok 14:57:57.0658 5372 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 14:57:57.0698 5372 usbhub - ok 14:57:57.0719 5372 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys 14:57:57.0737 5372 usbohci - ok 14:57:57.0761 5372 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 14:57:57.0786 5372 usbprint - ok 14:57:57.0809 5372 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 14:57:57.0843 5372 usbscan - ok 14:57:57.0868 5372 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:57:57.0919 5372 USBSTOR - ok 14:57:57.0944 5372 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 14:57:57.0961 5372 usbuhci - ok 14:57:57.0978 5372 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 14:57:58.0019 5372 UxSms - ok 14:57:58.0043 5372 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:57:58.0062 5372 VaultSvc - ok 14:57:58.0099 5372 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\Windows\system32\DRIVERS\VClone.sys 14:57:58.0137 5372 VClone - ok 14:57:58.0181 5372 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 14:57:58.0203 5372 vdrvroot - ok 14:57:58.0237 5372 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 14:57:58.0273 5372 vds - ok 14:57:58.0304 5372 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 14:57:58.0356 5372 vga - ok 14:57:58.0359 5372 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 14:57:58.0393 5372 VgaSave - ok 14:57:58.0400 5372 VGPU - ok 14:57:58.0434 5372 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 14:57:58.0452 5372 vhdmp - ok 14:57:58.0489 5372 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 14:57:58.0502 5372 viaagp - ok 14:57:58.0509 5372 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 14:57:58.0542 5372 ViaC7 - ok 14:57:58.0563 5372 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 14:57:58.0575 5372 viaide - ok 14:57:58.0607 5372 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 14:57:58.0625 5372 vmbus - ok 14:57:58.0644 5372 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 14:57:58.0692 5372 VMBusHID - ok 14:57:58.0740 5372 vmm (c01604eaea9c89035cff58cdb322476c) C:\Windows\system32\Drivers\vmm.sys 14:57:58.0761 5372 vmm - ok 14:57:58.0782 5372 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 14:57:58.0795 5372 volmgr - ok 14:57:58.0834 5372 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 14:57:58.0881 5372 volmgrx - ok 14:57:58.0911 5372 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 14:57:58.0930 5372 volsnap - ok 14:57:58.0948 5372 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 14:57:58.0974 5372 vsmraid - ok 14:57:59.0059 5372 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 14:57:59.0124 5372 VSS - ok 14:57:59.0135 5372 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 14:57:59.0171 5372 vwifibus - ok 14:57:59.0188 5372 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 14:57:59.0230 5372 W32Time - ok 14:57:59.0300 5372 W3SVC (57c8c20bfa5bef6bd851ebac67a8ced0) C:\Windows\system32\inetsrv\iisw3adm.dll 14:57:59.0364 5372 W3SVC - ok 14:57:59.0377 5372 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 14:57:59.0401 5372 WacomPen - ok 14:57:59.0439 5372 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 14:57:59.0480 5372 WANARP - ok 14:57:59.0481 5372 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 14:57:59.0502 5372 Wanarpv6 - ok 14:57:59.0506 5372 WAS (57c8c20bfa5bef6bd851ebac67a8ced0) C:\Windows\system32\inetsrv\iisw3adm.dll 14:57:59.0521 5372 WAS - ok 14:57:59.0585 5372 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 14:57:59.0639 5372 WatAdminSvc - ok 14:57:59.0894 5372 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 14:57:59.0979 5372 wbengine - ok 14:58:00.0010 5372 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 14:58:00.0048 5372 WbioSrvc - ok 14:58:00.0121 5372 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll 14:58:00.0146 5372 WcesComm - ok 14:58:00.0177 5372 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 14:58:00.0206 5372 wcncsvc - ok 14:58:00.0272 5372 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 14:58:00.0431 5372 WcsPlugInService - ok 14:58:00.0511 5372 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 14:58:00.0540 5372 Wd - ok 14:58:00.0567 5372 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 14:58:00.0615 5372 Wdf01000 - ok 14:58:00.0637 5372 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 14:58:00.0722 5372 WdiServiceHost - ok 14:58:00.0723 5372 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 14:58:00.0738 5372 WdiSystemHost - ok 14:58:00.0808 5372 Web Assistant Updater (efb3074bdbabe0a137d89d8e58f02392) C:\Program Files\Web Assistant\ExtensionUpdaterService.exe 14:58:00.0850 5372 Web Assistant Updater ( UnsignedFile.Multi.Generic ) - warning 14:58:00.0850 5372 Web Assistant Updater - detected UnsignedFile.Multi.Generic (1) 14:58:00.0883 5372 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 14:58:00.0928 5372 WebClient - ok 14:58:00.0963 5372 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 14:58:01.0017 5372 Wecsvc - ok 14:58:01.0041 5372 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 14:58:01.0097 5372 wercplsupport - ok 14:58:01.0124 5372 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 14:58:01.0163 5372 WerSvc - ok 14:58:01.0200 5372 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 14:58:01.0234 5372 WfpLwf - ok 14:58:01.0244 5372 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 14:58:01.0268 5372 WIMMount - ok 14:58:01.0311 5372 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 14:58:01.0361 5372 WinDefend - ok 14:58:01.0367 5372 WinHttpAutoProxySvc - ok 14:58:01.0406 5372 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 14:58:01.0476 5372 Winmgmt - ok 14:58:01.0520 5372 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 14:58:01.0582 5372 WinRM - ok 14:58:01.0646 5372 WINUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.SYS 14:58:01.0717 5372 WINUSB - ok 14:58:01.0750 5372 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 14:58:01.0794 5372 Wlansvc - ok 14:58:01.0821 5372 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 14:58:01.0833 5372 WmiAcpi - ok 14:58:01.0867 5372 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 14:58:01.0910 5372 wmiApSrv - ok 14:58:02.0003 5372 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 14:58:02.0101 5372 WMPNetworkSvc - ok 14:58:02.0175 5372 WMZuneComm (017695393afffed8de58abd1b085be6d) C:\Program Files\Zune\WMZuneComm.exe 14:58:02.0210 5372 WMZuneComm - ok 14:58:02.0270 5372 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 14:58:02.0325 5372 WPCSvc - ok 14:58:02.0351 5372 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 14:58:02.0458 5372 WPDBusEnum - ok 14:58:02.0502 5372 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 14:58:02.0550 5372 ws2ifsl - ok 14:58:02.0579 5372 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll 14:58:02.0612 5372 wscsvc - ok 14:58:02.0614 5372 WSearch - ok 14:58:02.0700 5372 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 14:58:02.0777 5372 wuauserv - ok 14:58:02.0854 5372 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 14:58:02.0896 5372 WudfPf - ok 14:58:02.0916 5372 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:58:02.0947 5372 WUDFRd - ok 14:58:02.0991 5372 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 14:58:03.0023 5372 wudfsvc - ok 14:58:03.0042 5372 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 14:58:03.0085 5372 WwanSvc - ok 14:58:03.0112 5372 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys 14:58:03.0155 5372 yukonw7 - ok 14:58:03.0598 5372 ZuneNetworkSvc (1076df9ade4e13ea3bf39d2165aeb903) C:\Program Files\Zune\ZuneNss.exe 14:58:03.0737 5372 ZuneNetworkSvc - ok 14:58:03.0791 5372 ZuneWlanCfgSvc (de1cdb333a402b279f04d627122fa08e) C:\Program Files\Zune\ZuneWlanCfgSvc.exe 14:58:03.0810 5372 ZuneWlanCfgSvc - ok 14:58:03.0844 5372 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 14:58:04.0541 5372 \Device\Harddisk0\DR0 - ok 14:58:04.0543 5372 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 14:58:04.0598 5372 \Device\Harddisk1\DR1 - ok 14:58:04.0609 5372 Boot (0x1200) (33d96c70b8b218399f9d0a5e62a5b73e) \Device\Harddisk0\DR0\Partition0 14:58:04.0610 5372 \Device\Harddisk0\DR0\Partition0 - ok 14:58:04.0615 5372 Boot (0x1200) (455e388105ea7ff3379459aea1ff41f0) \Device\Harddisk0\DR0\Partition1 14:58:04.0616 5372 \Device\Harddisk0\DR0\Partition1 - ok 14:58:04.0618 5372 Boot (0x1200) (68ce9007ce5b5c9090855935f8a5ca51) \Device\Harddisk0\DR0\Partition2 14:58:04.0619 5372 \Device\Harddisk0\DR0\Partition2 - ok 14:58:04.0638 5372 Boot (0x1200) (e2778e3e22e482b44dfd4fcf8d5ee480) \Device\Harddisk0\DR0\Partition3 14:58:04.0639 5372 \Device\Harddisk0\DR0\Partition3 - ok 14:58:04.0641 5372 Boot (0x1200) (f313f96fca32b3b396ed5d5f6fac89ac) \Device\Harddisk1\DR1\Partition0 14:58:04.0642 5372 \Device\Harddisk1\DR1\Partition0 - ok 14:58:04.0642 5372 ============================================================ 14:58:04.0642 5372 Scan finished 14:58:04.0642 5372 ============================================================ 14:58:04.0648 3660 Detected object count: 21 14:58:04.0648 3660 Actual detected object count: 21 14:58:56.0834 3660 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0834 3660 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0835 3660 AtiHdmiService ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0835 3660 AtiHdmiService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0835 3660 ATITool ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0835 3660 ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0836 3660 CDMA Device Service ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0836 3660 CDMA Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0837 3660 DvmMDES ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0837 3660 DvmMDES ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0838 3660 giveio ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0838 3660 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0838 3660 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0838 3660 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0839 3660 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0839 3660 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0840 3660 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0840 3660 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0840 3660 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0840 3660 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0841 3660 KMService ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0841 3660 KMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0842 3660 Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0842 3660 Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0843 3660 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0843 3660 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0843 3660 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0843 3660 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0844 3660 PowerOffer Service ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0844 3660 PowerOffer Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0845 3660 RivaTuner32 ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0845 3660 RivaTuner32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0845 3660 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0845 3660 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0846 3660 ServUpdater ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0846 3660 ServUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0848 3660 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0848 3660 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0849 3660 Tomcat6 ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0849 3660 Tomcat6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:58:56.0851 3660 Web Assistant Updater ( UnsignedFile.Multi.Generic ) - skipped by user 14:58:56.0851 3660 Web Assistant Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:59:18.0401 3504 ============================================================ 14:59:18.0401 3504 Scan started 14:59:18.0401 3504 Mode: Manual; SigCheck; TDLFS; 14:59:18.0401 3504 ============================================================ 14:59:19.0110 3504 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 14:59:19.0196 3504 1394ohci - ok 14:59:19.0231 3504 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 14:59:19.0264 3504 ACPI - ok 14:59:19.0302 3504 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 14:59:19.0342 3504 AcpiPmi - ok 14:59:19.0466 3504 AcronisOSSReinstallSvc (e2769e2699af88ca3c57289a8a32ed19) C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe 14:59:19.0515 3504 AcronisOSSReinstallSvc - ok 14:59:19.0597 3504 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:59:19.0642 3504 AdobeFlashPlayerUpdateSvc - ok 14:59:19.0674 3504 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 14:59:19.0705 3504 adp94xx - ok 14:59:19.0718 3504 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 14:59:19.0748 3504 adpahci - ok 14:59:19.0760 3504 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 14:59:19.0788 3504 adpu320 - ok 14:59:19.0809 3504 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 14:59:19.0850 3504 AeLookupSvc - ok 14:59:19.0882 3504 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 14:59:19.0928 3504 AFD - ok 14:59:19.0951 3504 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 14:59:19.0983 3504 agp440 - ok 14:59:19.0992 3504 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 14:59:20.0019 3504 aic78xx - ok 14:59:20.0031 3504 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 14:59:20.0071 3504 ALG - ok 14:59:20.0103 3504 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 14:59:20.0114 3504 aliide - ok 14:59:20.0138 3504 AMD External Events Utility (ec98ca8298f67926fa50876348534b1d) C:\Windows\system32\atiesrxx.exe 14:59:20.0197 3504 AMD External Events Utility - ok 14:59:20.0215 3504 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 14:59:20.0227 3504 amdagp - ok 14:59:20.0229 3504 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 14:59:20.0241 3504 amdide - ok 14:59:20.0269 3504 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 14:59:20.0311 3504 AmdK8 - ok 14:59:20.0514 3504 amdkmdag (65b44179cf184b08e86097bffbf03f24) C:\Windows\system32\DRIVERS\atikmdag.sys 14:59:20.0620 3504 amdkmdag - ok 14:59:20.0681 3504 amdkmdap (5e1c65524ff1713711ce27879d813384) C:\Windows\system32\DRIVERS\atikmpag.sys 14:59:20.0730 3504 amdkmdap - ok 14:59:20.0738 3504 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 14:59:20.0766 3504 AmdPPM - ok 14:59:20.0789 3504 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 14:59:20.0805 3504 amdsata - ok 14:59:20.0819 3504 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 14:59:20.0848 3504 amdsbs - ok 14:59:20.0859 3504 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 14:59:20.0875 3504 amdxata - ok 14:59:20.0909 3504 AppHostSvc (d1af38fbac0dc7e6d796b0ed01707ee0) C:\Windows\system32\inetsrv\apphostsvc.dll 14:59:20.0953 3504 AppHostSvc - ok 14:59:20.0974 3504 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 14:59:21.0026 3504 AppID - ok 14:59:21.0059 3504 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 14:59:21.0095 3504 AppIDSvc - ok 14:59:21.0119 3504 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 14:59:21.0148 3504 Appinfo - ok 14:59:21.0164 3504 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 14:59:21.0265 3504 AppMgmt - ok 14:59:21.0285 3504 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 14:59:21.0313 3504 arc - ok 14:59:21.0321 3504 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 14:59:21.0349 3504 arcsas - ok 14:59:21.0370 3504 AsIO (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys 14:59:21.0391 3504 AsIO - ok 14:59:21.0473 3504 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 14:59:21.0494 3504 aspnet_state - ok 14:59:21.0545 3504 AsSysCtrlService (e781164c7d47950e3d218c84b2901cb2) C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe 14:59:21.0559 3504 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - warning 14:59:21.0559 3504 AsSysCtrlService - detected UnsignedFile.Multi.Generic (1) 14:59:21.0566 3504 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 14:59:21.0616 3504 AsyncMac - ok 14:59:21.0642 3504 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 14:59:21.0653 3504 atapi - ok 14:59:21.0684 3504 AtiHDAudioService (7725aecceddf81bd8374c77157e450ea) C:\Windows\system32\drivers\AtihdW73.sys 14:59:21.0715 3504 AtiHDAudioService - ok 14:59:21.0760 3504 AtiHdmiService (36a49b49e982450ac117eda6ab35bdf5) C:\Windows\system32\drivers\AtiHdmi.sys 14:59:21.0805 3504 AtiHdmiService ( UnsignedFile.Multi.Generic ) - warning 14:59:21.0805 3504 AtiHdmiService - detected UnsignedFile.Multi.Generic (1) 14:59:22.0120 3504 atikmdag (65b44179cf184b08e86097bffbf03f24) C:\Windows\system32\DRIVERS\atikmdag.sys 14:59:22.0202 3504 atikmdag - ok 14:59:22.0275 3504 ATITool (0e4bb35c5305099ac82053ac992e3e0e) C:\Windows\system32\DRIVERS\ATITool.sys 14:59:22.0291 3504 ATITool ( UnsignedFile.Multi.Generic ) - warning 14:59:22.0292 3504 ATITool - detected UnsignedFile.Multi.Generic (1) 14:59:22.0331 3504 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 14:59:22.0363 3504 AudioEndpointBuilder - ok 14:59:22.0366 3504 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 14:59:22.0389 3504 Audiosrv - ok 14:59:22.0457 3504 AVP (80b7a5958416e87f1a52d48179881a7f) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe 14:59:22.0492 3504 AVP - ok 14:59:22.0625 3504 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 14:59:22.0683 3504 AxInstSV - ok 14:59:22.0706 3504 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 14:59:22.0751 3504 b06bdrv - ok 14:59:22.0762 3504 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 14:59:22.0790 3504 b57nd60x - ok 14:59:22.0803 3504 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 14:59:22.0846 3504 BDESVC - ok 14:59:22.0853 3504 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 14:59:22.0889 3504 Beep - ok 14:59:22.0920 3504 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 14:59:22.0952 3504 BFE - ok 14:59:22.0973 3504 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll 14:59:23.0007 3504 BITS - ok 14:59:23.0013 3504 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 14:59:23.0041 3504 blbdrive - ok 14:59:23.0066 3504 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 14:59:23.0109 3504 bowser - ok 14:59:23.0112 3504 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 14:59:23.0152 3504 BrFiltLo - ok 14:59:23.0162 3504 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 14:59:23.0190 3504 BrFiltUp - ok 14:59:23.0200 3504 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 14:59:23.0238 3504 BridgeMP - ok 14:59:23.0259 3504 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 14:59:23.0289 3504 Browser - ok 14:59:23.0304 3504 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 14:59:23.0348 3504 Brserid - ok 14:59:23.0361 3504 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 14:59:23.0390 3504 BrSerWdm - ok 14:59:23.0392 3504 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:59:23.0420 3504 BrUsbMdm - ok 14:59:23.0422 3504 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 14:59:23.0475 3504 BrUsbSer - ok 14:59:23.0508 3504 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 14:59:23.0537 3504 BTHMODEM - ok 14:59:23.0557 3504 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 14:59:23.0594 3504 bthserv - ok 14:59:23.0675 3504 catchme - ok 14:59:23.0705 3504 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 14:59:23.0764 3504 cdfs - ok 14:59:23.0851 3504 CDMA Device Service (bb402688e25e6a58188a4fbe8cfb58df) C:\Program Files\Samsung\USB Drivers\26_VIA_driver2\x86\VIAService.exe 14:59:23.0862 3504 CDMA Device Service ( UnsignedFile.Multi.Generic ) - warning 14:59:23.0862 3504 CDMA Device Service - detected UnsignedFile.Multi.Generic (1) 14:59:23.0892 3504 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 14:59:23.0941 3504 cdrom - ok 14:59:23.0984 3504 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 14:59:24.0048 3504 CertPropSvc - ok 14:59:24.0085 3504 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 14:59:24.0125 3504 circlass - ok 14:59:24.0164 3504 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 14:59:24.0194 3504 CLFS - ok 14:59:24.0233 3504 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:59:24.0259 3504 clr_optimization_v2.0.50727_32 - ok 14:59:24.0313 3504 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:59:24.0334 3504 clr_optimization_v4.0.30319_32 - ok 14:59:24.0346 3504 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 14:59:24.0388 3504 CmBatt - ok 14:59:24.0413 3504 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 14:59:24.0425 3504 cmdide - ok 14:59:24.0456 3504 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 14:59:24.0479 3504 CNG - ok 14:59:24.0498 3504 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 14:59:24.0525 3504 Compbatt - ok 14:59:24.0547 3504 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 14:59:24.0586 3504 CompositeBus - ok 14:59:24.0588 3504 COMSysApp - ok 14:59:24.0592 3504 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 14:59:24.0619 3504 crcdisk - ok 14:59:24.0660 3504 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 14:59:24.0694 3504 CryptSvc - ok 14:59:24.0720 3504 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 14:59:24.0766 3504 CSC - ok 14:59:24.0820 3504 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll 14:59:24.0844 3504 CscService - ok 14:59:24.0863 3504 dc3d (734bbe7c66e6fd6047a1bd29b9343b30) C:\Windows\system32\DRIVERS\dc3d.sys 14:59:24.0877 3504 dc3d - ok 14:59:24.0896 3504 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 14:59:24.0929 3504 DcomLaunch - ok 14:59:24.0955 3504 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 14:59:25.0007 3504 defragsvc - ok 14:59:25.0049 3504 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 14:59:25.0078 3504 DfsC - ok 14:59:25.0110 3504 dg_ssudbus (919f338fd36f47d860775368d0748780) C:\Windows\system32\DRIVERS\ssudbus.sys 14:59:25.0125 3504 dg_ssudbus - ok 14:59:25.0141 3504 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 14:59:25.0172 3504 Dhcp - ok 14:59:25.0191 3504 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 14:59:25.0230 3504 discache - ok 14:59:25.0237 3504 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 14:59:25.0281 3504 Disk - ok 14:59:25.0301 3504 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 14:59:25.0417 3504 Dnscache - ok 14:59:25.0451 3504 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 14:59:25.0481 3504 dot3svc - ok 14:59:25.0509 3504 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys 14:59:25.0541 3504 Dot4 - ok 14:59:25.0564 3504 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys 14:59:25.0580 3504 Dot4Print - ok 14:59:25.0588 3504 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys 14:59:25.0612 3504 dot4usb - ok 14:59:25.0643 3504 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 14:59:25.0673 3504 DPS - ok 14:59:25.0692 3504 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 14:59:25.0718 3504 drmkaud - ok 14:59:25.0798 3504 DvmMDES (355e50803a28af282a87faa2612b95ce) C:\ASUS.SYS\config\DVMExportService.exe 14:59:25.0817 3504 DvmMDES ( UnsignedFile.Multi.Generic ) - warning 14:59:25.0817 3504 DvmMDES - detected UnsignedFile.Multi.Generic (1) 14:59:25.0860 3504 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 14:59:25.0888 3504 DXGKrnl - ok 14:59:25.0909 3504 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 14:59:25.0947 3504 EapHost - ok 14:59:26.0023 3504 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 14:59:26.0090 3504 ebdrv - ok 14:59:26.0162 3504 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe 14:59:26.0184 3504 EFS - ok 14:59:26.0229 3504 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 14:59:26.0277 3504 ehRecvr - ok 14:59:26.0294 3504 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 14:59:26.0334 3504 ehSched - ok 14:59:26.0370 3504 EIO - ok 14:59:26.0397 3504 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys 14:59:26.0412 3504 ElbyCDIO - ok 14:59:26.0436 3504 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 14:59:26.0467 3504 elxstor - ok 14:59:26.0486 3504 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 14:59:26.0499 3504 ErrDev - ok 14:59:26.0523 3504 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 14:59:26.0563 3504 EventSystem - ok 14:59:26.0595 3504 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 14:59:26.0633 3504 exfat - ok 14:59:26.0648 3504 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 14:59:26.0686 3504 fastfat - ok 14:59:26.0721 3504 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 14:59:26.0768 3504 Fax - ok 14:59:26.0801 3504 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 14:59:26.0829 3504 fdc - ok 14:59:26.0863 3504 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 14:59:26.0900 3504 fdPHost - ok 14:59:26.0934 3504 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 14:59:26.0971 3504 FDResPub - ok 14:59:26.0976 3504 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 14:59:27.0023 3504 FileInfo - ok 14:59:27.0032 3504 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 14:59:27.0083 3504 Filetrace - ok 14:59:27.0119 3504 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 14:59:27.0161 3504 flpydisk - ok 14:59:27.0182 3504 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 14:59:27.0234 3504 FltMgr - ok 14:59:27.0278 3504 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 14:59:27.0344 3504 FontCache - ok 14:59:27.0399 3504 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 14:59:27.0424 3504 FontCache3.0.0.0 - ok 14:59:27.0443 3504 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 14:59:27.0471 3504 FsDepends - ok 14:59:27.0495 3504 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys 14:59:27.0524 3504 Fs_Rec - ok 14:59:27.0552 3504 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 14:59:27.0577 3504 fvevol - ok 14:59:27.0581 3504 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 14:59:27.0609 3504 gagp30kx - ok 14:59:27.0633 3504 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys 14:59:27.0652 3504 giveio ( UnsignedFile.Multi.Generic ) - warning 14:59:27.0652 3504 giveio - detected UnsignedFile.Multi.Generic (1) 14:59:27.0893 3504 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 14:59:27.0932 3504 gpsvc - ok 14:59:28.0013 3504 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 14:59:28.0034 3504 gupdate - ok 14:59:28.0036 3504 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 14:59:28.0047 3504 gupdatem - ok 14:59:28.0071 3504 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys 14:59:28.0092 3504 hamachi - ok 14:59:28.0151 3504 Hamachi2Svc (1e8a0705f9925fad9b2d4f6fc05e1982) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe 14:59:28.0184 3504 Hamachi2Svc - ok 14:59:28.0242 3504 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 14:59:28.0286 3504 hcw85cir - ok 14:59:28.0323 3504 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 14:59:28.0341 3504 HdAudAddService - ok 14:59:28.0364 3504 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys 14:59:28.0382 3504 HDAudBus - ok 14:59:28.0385 3504 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 14:59:28.0412 3504 HidBatt - ok 14:59:28.0424 3504 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 14:59:28.0453 3504 HidBth - ok 14:59:28.0459 3504 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 14:59:28.0488 3504 HidIr - ok 14:59:28.0507 3504 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll 14:59:28.0545 3504 hidserv - ok 14:59:28.0564 3504 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 14:59:28.0579 3504 HidUsb - ok 14:59:28.0608 3504 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 14:59:28.0638 3504 hkmsvc - ok 14:59:28.0647 3504 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 14:59:28.0697 3504 HomeGroupListener - ok 14:59:28.0707 3504 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 14:59:28.0728 3504 HomeGroupProvider - ok 14:59:28.0844 3504 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 14:59:28.0878 3504 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning 14:59:28.0878 3504 hpqcxs08 - detected UnsignedFile.Multi.Generic (1) 14:59:28.0901 3504 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll 14:59:28.0920 3504 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning 14:59:28.0920 3504 hpqddsvc - detected UnsignedFile.Multi.Generic (1) 14:59:28.0958 3504 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 14:59:28.0974 3504 HpSAMD - ok 14:59:29.0006 3504 HPSLPSVC (568e44f6dcfa173f3670172b69379891) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL 14:59:29.0029 3504 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 14:59:29.0029 3504 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 14:59:29.0075 3504 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 14:59:29.0110 3504 HTTP - ok 14:59:29.0169 3504 HWiNFO32 (79b69cd1dfbdc48ccad4b8b6d4048786) C:\Program Files\HWiNFO32\HWiNFO32.SYS 14:59:29.0191 3504 HWiNFO32 - ok 14:59:29.0215 3504 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 14:59:29.0235 3504 hwpolicy - ok 14:59:29.0268 3504 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 14:59:29.0281 3504 i8042prt - ok 14:59:29.0309 3504 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 14:59:29.0328 3504 iaStorV - ok 14:59:29.0383 3504 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 14:59:29.0407 3504 IDriverT ( UnsignedFile.Multi.Generic ) - warning 14:59:29.0407 3504 IDriverT - detected UnsignedFile.Multi.Generic (1) 14:59:29.0482 3504 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:59:29.0509 3504 idsvc - ok 14:59:29.0563 3504 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 14:59:29.0591 3504 iirsp - ok 14:59:29.0628 3504 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 14:59:29.0663 3504 IKEEXT - ok 14:59:29.0736 3504 IntcAzAudAddService (8b27c21412ae4404eb0acfe1d98579ec) C:\Windows\system32\drivers\RTKVHDA.sys 14:59:29.0784 3504 IntcAzAudAddService - ok 14:59:29.0876 3504 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 14:59:29.0888 3504 intelide - ok 14:59:29.0898 3504 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 14:59:29.0926 3504 intelppm - ok 14:59:29.0938 3504 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 14:59:29.0976 3504 IPBusEnum - ok 14:59:29.0981 3504 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:59:30.0018 3504 IpFilterDriver - ok 14:59:30.0055 3504 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 14:59:30.0089 3504 iphlpsvc - ok 14:59:30.0113 3504 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 14:59:30.0129 3504 IPMIDRV - ok 14:59:30.0140 3504 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 14:59:30.0178 3504 IPNAT - ok 14:59:30.0199 3504 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 14:59:30.0240 3504 IRENUM - ok 14:59:30.0272 3504 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 14:59:30.0285 3504 isapnp - ok 14:59:30.0293 3504 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 14:59:30.0310 3504 iScsiPrt - ok 14:59:30.0337 3504 JRAID (1f6856a7137d375d5f0b6d2463b7e6e9) C:\Windows\system32\DRIVERS\jraid.sys 14:59:30.0362 3504 JRAID - ok 14:59:30.0391 3504 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 14:59:30.0403 3504 kbdclass - ok 14:59:30.0426 3504 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys 14:59:30.0442 3504 kbdhid - ok 14:59:30.0467 3504 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:59:30.0479 3504 KeyIso - ok 14:59:30.0514 3504 kl1 (514e8fcc961241c6cf002f3a1e05de94) C:\Windows\system32\DRIVERS\kl1.sys 14:59:30.0538 3504 kl1 - ok 14:59:30.0555 3504 klbg (f9089982ed97340984e3dd60edd75490) C:\Windows\system32\drivers\klbg.sys 14:59:30.0579 3504 klbg - ok 14:59:30.0605 3504 KLIF (2a98658edc36c35de263d00ccbc80f2d) C:\Windows\system32\DRIVERS\klif.sys 14:59:30.0631 3504 KLIF - ok 14:59:30.0652 3504 KLIM6 (672b4ab554f63738b97f11299012c12e) C:\Windows\system32\DRIVERS\klim6.sys 14:59:30.0674 3504 KLIM6 - ok 14:59:30.0683 3504 klmouflt (0c147d68ca28618477bd6cd094e0bc39) C:\Windows\system32\DRIVERS\klmouflt.sys 14:59:30.0706 3504 klmouflt - ok 14:59:30.0723 3504 KMService (4635935fc972c582632bf45c26bfcb0e) C:\Windows\system32\srvany.exe 14:59:30.0743 3504 KMService ( UnsignedFile.Multi.Generic ) - warning 14:59:30.0743 3504 KMService - detected UnsignedFile.Multi.Generic (1) 14:59:30.0757 3504 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 14:59:30.0773 3504 KSecDD - ok 14:59:30.0786 3504 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 14:59:30.0803 3504 KSecPkg - ok 14:59:30.0826 3504 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 14:59:30.0866 3504 KtmRm - ok 14:59:30.0901 3504 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll 14:59:30.0932 3504 LanmanServer - ok 14:59:30.0953 3504 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 14:59:30.0984 3504 LanmanWorkstation - ok 14:59:31.0000 3504 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 14:59:31.0038 3504 lltdio - ok 14:59:31.0065 3504 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 14:59:31.0103 3504 lltdsvc - ok 14:59:31.0123 3504 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 14:59:31.0160 3504 lmhosts - ok 14:59:31.0198 3504 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 14:59:31.0226 3504 LSI_FC - ok 14:59:31.0237 3504 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 14:59:31.0265 3504 LSI_SAS - ok 14:59:31.0301 3504 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 14:59:31.0342 3504 LSI_SAS2 - ok 14:59:31.0349 3504 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 14:59:31.0376 3504 LSI_SCSI - ok 14:59:31.0407 3504 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 14:59:31.0460 3504 luafv - ok 14:59:31.0544 3504 Macromedia Licensing Service (d5ba9b816afef5292fe13c9a6267b6ab) C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe 14:59:31.0572 3504 Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - warning 14:59:31.0572 3504 Macromedia Licensing Service - detected UnsignedFile.Multi.Generic (1) 14:59:31.0592 3504 mbamchameleon (5dc35c6ecff38c91db3511c63d0000d9) C:\Windows\system32\drivers\mbamchameleon.sys 14:59:31.0607 3504 mbamchameleon - ok 14:59:31.0637 3504 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 14:59:31.0659 3504 Mcx2Svc - ok 14:59:31.0671 3504 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 14:59:31.0699 3504 megasas - ok 14:59:31.0744 3504 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 14:59:31.0773 3504 MegaSR - ok 14:59:31.0788 3504 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 14:59:31.0826 3504 MMCSS - ok 14:59:31.0830 3504 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 14:59:31.0867 3504 Modem - ok 14:59:31.0895 3504 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 14:59:31.0931 3504 monitor - ok 14:59:31.0959 3504 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 14:59:31.0971 3504 mouclass - ok 14:59:31.0977 3504 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 14:59:31.0991 3504 mouhid - ok 14:59:32.0011 3504 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 14:59:32.0031 3504 mountmgr - ok 14:59:32.0042 3504 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 14:59:32.0076 3504 MozillaMaintenance - ok 14:59:32.0100 3504 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 14:59:32.0116 3504 mpio - ok 14:59:32.0122 3504 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 14:59:32.0158 3504 mpsdrv - ok 14:59:32.0197 3504 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 14:59:32.0231 3504 MpsSvc - ok 14:59:32.0270 3504 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 14:59:32.0316 3504 MRxDAV - ok 14:59:32.0350 3504 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:59:32.0388 3504 mrxsmb - ok 14:59:32.0412 3504 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:59:32.0425 3504 mrxsmb10 - ok 14:59:32.0436 3504 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:59:32.0464 3504 mrxsmb20 - ok 14:59:32.0488 3504 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 14:59:32.0500 3504 msahci - ok 14:59:32.0576 3504 MsDepSvc (aaac4b494de45836121a40aec980b631) C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe 14:59:32.0599 3504 MsDepSvc - ok 14:59:32.0634 3504 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 14:59:32.0650 3504 msdsm - ok 14:59:32.0685 3504 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 14:59:32.0723 3504 MSDTC - ok 14:59:32.0812 3504 MsDtsServer (8b6be9a0c37a741f8a7ec604d6dce9a7) C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe 14:59:32.0852 3504 MsDtsServer - ok 14:59:32.0925 3504 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 14:59:32.0954 3504 Msfs - ok 14:59:33.0029 3504 msftesql (64149160ccbae488d61abe3f46e8a95f) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe 14:59:33.0067 3504 msftesql - ok 14:59:33.0079 3504 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 14:59:33.0142 3504 mshidkmdf - ok 14:59:33.0179 3504 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 14:59:33.0190 3504 msisadrv - ok 14:59:33.0202 3504 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 14:59:33.0264 3504 MSiSCSI - ok 14:59:33.0266 3504 msiserver - ok 14:59:33.0277 3504 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 14:59:33.0310 3504 MSKSSRV - ok 14:59:33.0313 3504 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 14:59:33.0346 3504 MSPCLOCK - ok 14:59:33.0349 3504 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 14:59:33.0381 3504 MSPQM - ok 14:59:33.0397 3504 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 14:59:33.0421 3504 MsRPC - ok 14:59:33.0429 3504 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 14:59:33.0442 3504 mssmbios - ok 14:59:33.0478 3504 MSSQL$SQLEXPRESS - ok 14:59:33.0493 3504 MSSQLSERVER - ok 14:59:33.0540 3504 MSSQLServerADHelper (adaf062116b4e6d96e44d26486a87af6) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 14:59:33.0552 3504 MSSQLServerADHelper - ok 14:59:33.0612 3504 MSSQLServerADHelper100 (f1761c8fb2b25a32c6d63e36bb88c3ae) C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 14:59:33.0627 3504 MSSQLServerADHelper100 - ok 14:59:33.0652 3504 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 14:59:33.0685 3504 MSTEE - ok 14:59:33.0817 3504 msvsmon90 (e514d0493c272aecbac7c6c1dac635d1) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe 14:59:33.0865 3504 msvsmon90 - ok 14:59:33.0928 3504 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 14:59:33.0970 3504 MTConfig - ok 14:59:33.0999 3504 MTsensor (cbe71c122434805cb73ffb6619f60598) C:\Windows\system32\DRIVERS\ASACPI.sys 14:59:34.0009 3504 MTsensor - ok 14:59:34.0016 3504 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 14:59:34.0039 3504 Mup - ok 14:59:34.0082 3504 MySQL - ok 14:59:34.0116 3504 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 14:59:34.0171 3504 napagent - ok 14:59:34.0184 3504 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 14:59:34.0227 3504 NativeWifiP - ok 14:59:34.0252 3504 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 14:59:34.0280 3504 NDIS - ok 14:59:34.0286 3504 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 14:59:34.0336 3504 NdisCap - ok 14:59:34.0343 3504 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 14:59:34.0379 3504 NdisTapi - ok 14:59:34.0403 3504 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 14:59:34.0432 3504 Ndisuio - ok 14:59:34.0460 3504 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 14:59:34.0489 3504 NdisWan - ok 14:59:34.0513 3504 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 14:59:34.0542 3504 NDProxy - ok 14:59:34.0568 3504 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\Windows\system32\HPZinw12.dll 14:59:34.0586 3504 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 14:59:34.0586 3504 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 14:59:34.0597 3504 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 14:59:34.0630 3504 NetBIOS - ok 14:59:34.0657 3504 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 14:59:34.0687 3504 NetBT - ok 14:59:34.0713 3504 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:59:34.0731 3504 Netlogon - ok 14:59:34.0773 3504 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 14:59:34.0838 3504 Netman - ok 14:59:34.0929 3504 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 14:59:34.0952 3504 NetMsmqActivator - ok 14:59:34.0954 3504 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 14:59:34.0965 3504 NetPipeActivator - ok 14:59:34.0985 3504 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 14:59:35.0047 3504 netprofm - ok 14:59:35.0049 3504 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 14:59:35.0059 3504 NetTcpActivator - ok 14:59:35.0061 3504 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 14:59:35.0070 3504 NetTcpPortSharing - ok 14:59:35.0102 3504 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 14:59:35.0129 3504 nfrd960 - ok 14:59:35.0162 3504 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 14:59:35.0194 3504 NlaSvc - ok 14:59:35.0220 3504 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 14:59:35.0253 3504 Npfs - ok 14:59:35.0285 3504 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 14:59:35.0337 3504 nsi - ok 14:59:35.0370 3504 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 14:59:35.0416 3504 nsiproxy - ok 14:59:35.0463 3504 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 14:59:35.0492 3504 Ntfs - ok 14:59:35.0538 3504 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 14:59:35.0575 3504 Null - ok 14:59:35.0577 3504 nvlddmkm - ok 14:59:35.0609 3504 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 14:59:35.0625 3504 nvraid - ok 14:59:35.0655 3504 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 14:59:35.0672 3504 nvstor - ok 14:59:35.0695 3504 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 14:59:35.0708 3504 nv_agp - ok 14:59:35.0788 3504 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 14:59:35.0840 3504 odserv - ok 14:59:35.0861 3504 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 14:59:35.0877 3504 ohci1394 - ok 14:59:35.0916 3504 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:59:35.0936 3504 ose - ok 14:59:36.0085 3504 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 14:59:36.0157 3504 osppsvc - ok 14:59:36.0215 3504 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 14:59:36.0262 3504 p2pimsvc - ok 14:59:36.0278 3504 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 14:59:36.0308 3504 p2psvc - ok 14:59:36.0339 3504 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 14:59:36.0367 3504 Parport - ok 14:59:36.0399 3504 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys 14:59:36.0419 3504 partmgr - ok 14:59:36.0427 3504 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 14:59:36.0459 3504 Parvdm - ok 14:59:36.0476 3504 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 14:59:36.0547 3504 PcaSvc - ok 14:59:36.0588 3504 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 14:59:36.0603 3504 pci - ok 14:59:36.0622 3504 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 14:59:36.0633 3504 pciide - ok 14:59:36.0646 3504 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 14:59:36.0674 3504 pcmcia - ok 14:59:36.0688 3504 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 14:59:36.0730 3504 pcw - ok 14:59:36.0774 3504 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 14:59:36.0815 3504 PEAUTH - ok 14:59:36.0845 3504 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 14:59:36.0894 3504 PeerDistSvc - ok 14:59:36.0956 3504 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 14:59:36.0997 3504 pla - ok 14:59:37.0067 3504 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 14:59:37.0122 3504 PlugPlay - ok 14:59:37.0150 3504 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\Windows\system32\HPZipm12.dll 14:59:37.0168 3504 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 14:59:37.0168 3504 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 14:59:37.0188 3504 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe 14:59:37.0212 3504 PnkBstrA - ok 14:59:37.0228 3504 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 14:59:37.0256 3504 PNRPAutoReg - ok 14:59:37.0272 3504 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 14:59:37.0286 3504 PNRPsvc - ok 14:59:37.0311 3504 Point32 (858d5d8dbe432b358ca2f9d534169ca1) C:\Windows\system32\DRIVERS\point32k.sys 14:59:37.0325 3504 Point32 - ok 14:59:37.0367 3504 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 14:59:37.0407 3504 PolicyAgent - ok 14:59:37.0437 3504 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 14:59:37.0468 3504 Power - ok 14:59:37.0529 3504 PowerOffer Service (487835c60ac8362019115b22fe24fed9) C:\Users\Gnorro\AppData\Local\PosService\Pos.exe 14:59:37.0541 3504 PowerOffer Service ( UnsignedFile.Multi.Generic ) - warning 14:59:37.0541 3504 PowerOffer Service - detected UnsignedFile.Multi.Generic (1) 14:59:37.0564 3504 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 14:59:37.0602 3504 PptpMiniport - ok 14:59:37.0625 3504 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 14:59:37.0653 3504 Processor - ok 14:59:37.0683 3504 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 14:59:37.0728 3504 ProfSvc - ok 14:59:37.0776 3504 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:59:37.0788 3504 ProtectedStorage - ok 14:59:37.0799 3504 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 14:59:37.0834 3504 Psched - ok 14:59:37.0875 3504 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 14:59:37.0916 3504 ql2300 - ok 14:59:38.0132 3504 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 14:59:38.0160 3504 ql40xx - ok 14:59:38.0191 3504 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 14:59:38.0223 3504 QWAVE - ok 14:59:38.0229 3504 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 14:59:38.0258 3504 QWAVEdrv - ok 14:59:38.0326 3504 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll 14:59:38.0348 3504 RapiMgr - ok 14:59:38.0359 3504 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 14:59:38.0396 3504 RasAcd - ok 14:59:38.0432 3504 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:59:38.0472 3504 RasAgileVpn - ok 14:59:38.0495 3504 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 14:59:38.0534 3504 RasAuto - ok 14:59:38.0554 3504 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:59:38.0591 3504 Rasl2tp - ok 14:59:38.0622 3504 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 14:59:38.0655 3504 RasMan - ok 14:59:38.0667 3504 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 14:59:38.0704 3504 RasPppoe - ok 14:59:38.0739 3504 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 14:59:38.0775 3504 RasSstp - ok 14:59:38.0801 3504 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 14:59:38.0832 3504 rdbss - ok 14:59:38.0837 3504 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 14:59:38.0877 3504 rdpbus - ok 14:59:38.0904 3504 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:59:38.0933 3504 RDPCDD - ok 14:59:38.0946 3504 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 14:59:38.0994 3504 RDPDR - ok 14:59:39.0000 3504 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 14:59:39.0032 3504 RDPENCDD - ok 14:59:39.0035 3504 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 14:59:39.0067 3504 RDPREFMP - ok 14:59:39.0078 3504 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 14:59:39.0101 3504 RdpVideoMiniport - ok 14:59:39.0128 3504 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys 14:59:39.0148 3504 RDPWD - ok 14:59:39.0177 3504 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 14:59:39.0198 3504 rdyboost - ok 14:59:39.0217 3504 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 14:59:39.0254 3504 RemoteAccess - ok 14:59:39.0276 3504 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 14:59:39.0316 3504 RemoteRegistry - ok 14:59:39.0372 3504 RivaTuner32 (c0c8909be3ecc9df8089112bf9be954e) C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys 14:59:39.0386 3504 RivaTuner32 ( UnsignedFile.Multi.Generic ) - warning 14:59:39.0386 3504 RivaTuner32 - detected UnsignedFile.Multi.Generic (1) 14:59:39.0394 3504 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 14:59:39.0435 3504 RpcEptMapper - ok 14:59:39.0443 3504 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 14:59:39.0484 3504 RpcLocator - ok 14:59:39.0514 3504 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 14:59:39.0547 3504 RpcSs - ok 14:59:39.0573 3504 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\Windows\system32\DRIVERS\RsFx0103.sys 14:59:39.0588 3504 RsFx0103 - ok 14:59:39.0607 3504 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 14:59:39.0649 3504 rspndr - ok 14:59:39.0681 3504 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys 14:59:39.0698 3504 RTL8167 - ok 14:59:39.0723 3504 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 14:59:39.0769 3504 s3cap - ok 14:59:39.0791 3504 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:59:39.0802 3504 SamSs - ok 14:59:39.0847 3504 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\WNt500x86\Sandra.sys 14:59:39.0882 3504 SANDRA - ok 14:59:39.0902 3504 SandraAgentSrv (df7d83053f32dd52b7cc079eb3342c24) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP3\RpcAgentSrv.exe 14:59:39.0920 3504 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning 14:59:39.0920 3504 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1) 14:59:39.0941 3504 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\DRIVERS\sbp2port.sys 14:59:39.0985 3504 sbp2port - ok 14:59:40.0080 3504 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 14:59:40.0142 3504 SBSDWSCService - ok 14:59:40.0386 3504 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 14:59:40.0426 3504 SCardSvr - ok 14:59:40.0447 3504 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 14:59:40.0476 3504 scfilter - ok 14:59:40.0514 3504 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 14:59:40.0550 3504 Schedule - ok 14:59:40.0575 3504 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 14:59:40.0605 3504 SCPolicySvc - ok 14:59:40.0612 3504 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 14:59:40.0657 3504 SDRSVC - ok 14:59:40.0671 3504 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 14:59:40.0708 3504 secdrv - ok 14:59:40.0714 3504 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 14:59:40.0752 3504 seclogon - ok 14:59:40.0757 3504 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll 14:59:40.0796 3504 SENS - ok 14:59:40.0811 3504 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 14:59:40.0853 3504 SensrSvc - ok 14:59:40.0855 3504 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 14:59:40.0883 3504 Serenum - ok 14:59:40.0896 3504 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 14:59:40.0920 3504 Serial - ok 14:59:40.0939 3504 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 14:59:40.0952 3504 sermouse - ok 14:59:41.0021 3504 ServUpdater (b61b8621e3d5c56b8b3f62e31a5ea6f5) C:\Users\Gnorro\AppData\Local\ServUpdater\ServiceUpd.exe 14:59:41.0033 3504 ServUpdater ( UnsignedFile.Multi.Generic ) - warning 14:59:41.0033 3504 ServUpdater - detected UnsignedFile.Multi.Generic (1) 14:59:41.0059 3504 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 14:59:41.0090 3504 SessionEnv - ok 14:59:41.0119 3504 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 14:59:41.0134 3504 sffdisk - ok 14:59:41.0137 3504 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 14:59:41.0152 3504 sffp_mmc - ok 14:59:41.0171 3504 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 14:59:41.0210 3504 sffp_sd - ok 14:59:41.0230 3504 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 14:59:41.0254 3504 sfloppy - ok 14:59:41.0278 3504 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 14:59:41.0317 3504 SharedAccess - ok 14:59:41.0359 3504 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 14:59:41.0393 3504 ShellHWDetection - ok 14:59:41.0414 3504 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 14:59:41.0427 3504 sisagp - ok 14:59:41.0438 3504 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 14:59:41.0461 3504 SiSRaid2 - ok 14:59:41.0488 3504 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 14:59:41.0511 3504 SiSRaid4 - ok 14:59:41.0557 3504 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe 14:59:41.0601 3504 SkypeUpdate - ok 14:59:41.0610 3504 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 14:59:41.0645 3504 Smb - ok 14:59:41.0686 3504 snapman (e78c98378a071ce4d48a7c514fa98fa1) C:\Windows\system32\DRIVERS\snapman.sys 14:59:41.0710 3504 snapman - ok 14:59:41.0731 3504 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 14:59:41.0752 3504 SNMPTRAP - ok 14:59:41.0816 3504 speedfan (9f70cd5edcc4efc48ae21e04fb03be9d) C:\Windows\system32\speedfan.sys 14:59:41.0844 3504 speedfan - ok 14:59:41.0862 3504 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 14:59:41.0886 3504 spldr - ok 14:59:41.0918 3504 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 14:59:41.0971 3504 Spooler - ok 14:59:42.0056 3504 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 14:59:42.0111 3504 sppsvc - ok 14:59:42.0216 3504 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 14:59:42.0247 3504 sppuinotify - ok 14:59:42.0312 3504 sptd (a199171385be17973fd800fa91f8f78a) C:\Windows\System32\Drivers\sptd.sys 14:59:42.0339 3504 sptd - ok 14:59:42.0432 3504 SQLAgent$SQLEXPRESS (a687b5b326afcfcf182c4931d1ff9771) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 14:59:42.0450 3504 SQLAgent$SQLEXPRESS - ok 14:59:42.0492 3504 SQLBrowser (b54b48f6d92423440c264e91225c5ff1) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 14:59:42.0509 3504 SQLBrowser - ok 14:59:42.0558 3504 SQLSERVERAGENT (7847ef1db2e289be82cbc70cf4d98ff8) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE 14:59:42.0576 3504 SQLSERVERAGENT - ok 14:59:42.0595 3504 SQLWriter (637a0f23f9012358e92e6f99835494d1) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 14:59:42.0611 3504 SQLWriter - ok 14:59:42.0676 3504 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 14:59:42.0784 3504 srv - ok 14:59:42.0827 3504 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 14:59:42.0845 3504 srv2 - ok 14:59:42.0854 3504 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 14:59:42.0871 3504 srvnet - ok 14:59:42.0889 3504 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 14:59:42.0928 3504 SSDPSRV - ok 14:59:42.0936 3504 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 14:59:42.0973 3504 SstpSvc - ok 14:59:43.0001 3504 ssudmdm (8f299012ef58246f1c98de7b7e48dbf0) C:\Windows\system32\DRIVERS\ssudmdm.sys 14:59:43.0017 3504 ssudmdm - ok 14:59:43.0084 3504 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 14:59:43.0119 3504 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning 14:59:43.0119 3504 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1) 14:59:43.0180 3504 Steam Client Service - ok 14:59:43.0287 3504 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 14:59:43.0310 3504 stexstor - ok 14:59:43.0406 3504 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys 14:59:43.0437 3504 StillCam - ok 14:59:43.0484 3504 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 14:59:43.0604 3504 StiSvc - ok 14:59:43.0633 3504 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 14:59:43.0649 3504 storflt - ok 14:59:43.0680 3504 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 14:59:43.0697 3504 storvsc - ok 14:59:43.0725 3504 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 14:59:43.0737 3504 swenum - ok 14:59:43.0757 3504 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 14:59:43.0797 3504 swprv - ok 14:59:43.0800 3504 Synth3dVsc - ok 14:59:43.0849 3504 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 14:59:43.0882 3504 SysMain - ok 14:59:43.0910 3504 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 14:59:43.0936 3504 TabletInputService - ok 14:59:43.0950 3504 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 14:59:43.0982 3504 TapiSrv - ok 14:59:43.0995 3504 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 14:59:44.0033 3504 TBS - ok 14:59:44.0108 3504 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys 14:59:44.0140 3504 Tcpip - ok 14:59:44.0205 3504 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys 14:59:44.0229 3504 TCPIP6 - ok 14:59:44.0279 3504 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 14:59:44.0308 3504 tcpipreg - ok 14:59:44.0334 3504 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 14:59:44.0354 3504 TDPIPE - ok 14:59:44.0381 3504 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys 14:59:44.0397 3504 TDTCP - ok 14:59:44.0420 3504 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 14:59:44.0469 3504 tdx - ok 14:59:44.0601 3504 TeamViewer7 (33966a658ff37e0c65d46e59f37e2380) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe 14:59:44.0651 3504 TeamViewer7 - ok 14:59:44.0714 3504 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 14:59:44.0726 3504 TermDD - ok 14:59:44.0761 3504 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 14:59:44.0798 3504 TermService - ok 14:59:44.0819 3504 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 14:59:44.0849 3504 Themes - ok 14:59:44.0867 3504 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 14:59:44.0905 3504 THREADORDER - ok 14:59:44.0956 3504 Tomcat6 (fab13554e86325f5cc1041e7537dc8f2) C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe 14:59:44.0970 3504 Tomcat6 ( UnsignedFile.Multi.Generic ) - warning 14:59:44.0970 3504 Tomcat6 - detected UnsignedFile.Multi.Generic (1) 14:59:44.0978 3504 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 14:59:45.0019 3504 TrkWks - ok 14:59:45.0060 3504 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 14:59:45.0090 3504 TrustedInstaller - ok 14:59:45.0100 3504 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:59:45.0129 3504 tssecsrv - ok 14:59:45.0159 3504 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 14:59:45.0203 3504 TsUsbFlt - ok 14:59:45.0205 3504 tsusbhub - ok 14:59:45.0234 3504 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 14:59:45.0264 3504 tunnel - ok 14:59:45.0322 3504 TVersityMediaServer (06bccb3bf0d06adccc4ebc8ef682dd59) C:\ProgramData\TVersity\Media Server\MediaServer.exe 14:59:45.0354 3504 TVersityMediaServer - ok 14:59:45.0418 3504 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 14:59:45.0441 3504 uagp35 - ok 14:59:45.0470 3504 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 14:59:45.0501 3504 udfs - ok 14:59:45.0522 3504 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 14:59:45.0537 3504 UI0Detect - ok 14:59:45.0559 3504 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 14:59:45.0571 3504 uliagpkx - ok 14:59:45.0601 3504 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 14:59:45.0640 3504 umbus - ok 14:59:45.0646 3504 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 14:59:45.0669 3504 UmPass - ok 14:59:45.0704 3504 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll 14:59:45.0726 3504 UmRdpService - ok 14:59:45.0744 3504 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 14:59:45.0783 3504 upnphost - ok 14:59:45.0807 3504 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 14:59:45.0937 3504 usbccgp - ok 14:59:45.0969 3504 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 14:59:46.0012 3504 usbcir - ok 14:59:46.0026 3504 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys 14:59:46.0043 3504 usbehci - ok 14:59:46.0060 3504 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 14:59:46.0077 3504 usbhub - ok 14:59:46.0111 3504 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys 14:59:46.0134 3504 usbohci - ok 14:59:46.0162 3504 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 14:59:46.0188 3504 usbprint - ok 14:59:46.0210 3504 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 14:59:46.0233 3504 usbscan - ok 14:59:46.0259 3504 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:59:46.0299 3504 USBSTOR - ok 14:59:46.0319 3504 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 14:59:46.0335 3504 usbuhci - ok 14:59:46.0353 3504 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 14:59:46.0390 3504 UxSms - ok 14:59:46.0418 3504 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe 14:59:46.0430 3504 VaultSvc - ok 14:59:46.0441 3504 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\Windows\system32\DRIVERS\VClone.sys 14:59:46.0460 3504 VClone - ok 14:59:46.0497 3504 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 14:59:46.0509 3504 vdrvroot - ok 14:59:46.0545 3504 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 14:59:46.0578 3504 vds - ok 14:59:46.0596 3504 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 14:59:46.0621 3504 vga - ok 14:59:46.0624 3504 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 14:59:46.0657 3504 VgaSave - ok 14:59:46.0659 3504 VGPU - ok 14:59:46.0692 3504 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 14:59:46.0708 3504 vhdmp - ok 14:59:46.0714 3504 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 14:59:46.0726 3504 viaagp - ok 14:59:46.0734 3504 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 14:59:46.0758 3504 ViaC7 - ok 14:59:46.0780 3504 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 14:59:46.0792 3504 viaide - ok 14:59:46.0824 3504 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 14:59:46.0841 3504 vmbus - ok 14:59:46.0861 3504 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 14:59:46.0876 3504 VMBusHID - ok 14:59:46.0907 3504 vmm (c01604eaea9c89035cff58cdb322476c) C:\Windows\system32\Drivers\vmm.sys 14:59:46.0927 3504 vmm - ok 14:59:46.0949 3504 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 14:59:46.0961 3504 volmgr - ok 14:59:46.0985 3504 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 14:59:47.0012 3504 volmgrx - ok 14:59:47.0037 3504 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 14:59:47.0054 3504 volsnap - ok 14:59:47.0066 3504 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 14:59:47.0090 3504 vsmraid - ok 14:59:47.0132 3504 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 14:59:47.0169 3504 VSS - ok 14:59:47.0185 3504 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 14:59:47.0210 3504 vwifibus - ok 14:59:47.0231 3504 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 14:59:47.0271 3504 W32Time - ok 14:59:47.0316 3504 W3SVC (57c8c20bfa5bef6bd851ebac67a8ced0) C:\Windows\system32\inetsrv\iisw3adm.dll 14:59:47.0361 3504 W3SVC - ok 14:59:47.0370 3504 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 14:59:47.0393 3504 WacomPen - ok 14:59:47.0422 3504 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 14:59:47.0451 3504 WANARP - ok 14:59:47.0452 3504 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 14:59:47.0472 3504 Wanarpv6 - ok 14:59:47.0476 3504 WAS (57c8c20bfa5bef6bd851ebac67a8ced0) C:\Windows\system32\inetsrv\iisw3adm.dll 14:59:47.0490 3504 WAS - ok 14:59:47.0548 3504 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 14:59:47.0584 3504 WatAdminSvc - ok 14:59:47.0682 3504 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 14:59:47.0741 3504 wbengine - ok 14:59:47.0769 3504 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 14:59:47.0813 3504 WbioSrvc - ok 14:59:47.0879 3504 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll 14:59:47.0908 3504 WcesComm - ok 14:59:47.0968 3504 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 14:59:48.0009 3504 wcncsvc - ok 14:59:48.0037 3504 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 14:59:48.0080 3504 WcsPlugInService - ok 14:59:48.0145 3504 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 14:59:48.0168 3504 Wd - ok 14:59:48.0184 3504 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 14:59:48.0211 3504 Wdf01000 - ok 14:59:48.0254 3504 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 14:59:48.0309 3504 WdiServiceHost - ok 14:59:48.0311 3504 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 14:59:48.0325 3504 WdiSystemHost - ok 14:59:48.0487 3504 Web Assistant Updater (efb3074bdbabe0a137d89d8e58f02392) C:\Program Files\Web Assistant\ExtensionUpdaterService.exe 14:59:48.0532 3504 Web Assistant Updater ( UnsignedFile.Multi.Generic ) - warning 14:59:48.0532 3504 Web Assistant Updater - detected UnsignedFile.Multi.Generic (1) 14:59:48.0567 3504 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 14:59:48.0593 3504 WebClient - ok 14:59:48.0605 3504 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 14:59:48.0644 3504 Wecsvc - ok 14:59:48.0657 3504 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 14:59:48.0694 3504 wercplsupport - ok 14:59:48.0700 3504 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 14:59:48.0738 3504 WerSvc - ok 14:59:48.0775 3504 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 14:59:48.0808 3504 WfpLwf - ok 14:59:48.0819 3504 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 14:59:48.0842 3504 WIMMount - ok 14:59:48.0886 3504 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 14:59:48.0921 3504 WinDefend - ok 14:59:48.0925 3504 WinHttpAutoProxySvc - ok 14:59:48.0964 3504 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 14:59:49.0043 3504 Winmgmt - ok 14:59:49.0097 3504 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 14:59:49.0138 3504 WinRM - ok 14:59:49.0171 3504 WINUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.SYS 14:59:49.0222 3504 WINUSB - ok 14:59:49.0276 3504 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 14:59:49.0312 3504 Wlansvc - ok 14:59:49.0337 3504 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 14:59:49.0350 3504 WmiAcpi - ok 14:59:49.0400 3504 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 14:59:49.0447 3504 wmiApSrv - ok 14:59:49.0551 3504 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 14:59:49.0631 3504 WMPNetworkSvc - ok 14:59:49.0699 3504 WMZuneComm (017695393afffed8de58abd1b085be6d) C:\Program Files\Zune\WMZuneComm.exe 14:59:49.0722 3504 WMZuneComm - ok 14:59:49.0803 3504 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 14:59:49.0847 3504 WPCSvc - ok 14:59:49.0893 3504 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 14:59:49.0937 3504 WPDBusEnum - ok 14:59:49.0997 3504 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 14:59:50.0038 3504 ws2ifsl - ok 14:59:50.0054 3504 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll 14:59:50.0084 3504 wscsvc - ok 14:59:50.0086 3504 WSearch - ok 14:59:50.0153 3504 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 14:59:50.0198 3504 wuauserv - ok 14:59:50.0279 3504 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 14:59:50.0309 3504 WudfPf - ok 14:59:50.0341 3504 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:59:50.0384 3504 WUDFRd - ok 14:59:50.0416 3504 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 14:59:50.0447 3504 wudfsvc - ok 14:59:50.0467 3504 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 14:59:50.0499 3504 WwanSvc - ok 14:59:50.0521 3504 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys 14:59:50.0563 3504 yukonw7 - ok 14:59:50.0756 3504 ZuneNetworkSvc (1076df9ade4e13ea3bf39d2165aeb903) C:\Program Files\Zune\ZuneNss.exe 14:59:50.0840 3504 ZuneNetworkSvc - ok 14:59:50.0866 3504 ZuneWlanCfgSvc (de1cdb333a402b279f04d627122fa08e) C:\Program Files\Zune\ZuneWlanCfgSvc.exe 14:59:50.0883 3504 ZuneWlanCfgSvc - ok 14:59:50.0903 3504 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 14:59:51.0267 3504 \Device\Harddisk0\DR0 - ok 14:59:51.0269 3504 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 14:59:51.0293 3504 \Device\Harddisk1\DR1 - ok 14:59:51.0310 3504 Boot (0x1200) (33d96c70b8b218399f9d0a5e62a5b73e) \Device\Harddisk0\DR0\Partition0 14:59:51.0311 3504 \Device\Harddisk0\DR0\Partition0 - ok 14:59:51.0316 3504 Boot (0x1200) (455e388105ea7ff3379459aea1ff41f0) \Device\Harddisk0\DR0\Partition1 14:59:51.0318 3504 \Device\Harddisk0\DR0\Partition1 - ok 14:59:51.0319 3504 Boot (0x1200) (68ce9007ce5b5c9090855935f8a5ca51) \Device\Harddisk0\DR0\Partition2 14:59:51.0320 3504 \Device\Harddisk0\DR0\Partition2 - ok 14:59:51.0339 3504 Boot (0x1200) (e2778e3e22e482b44dfd4fcf8d5ee480) \Device\Harddisk0\DR0\Partition3 14:59:51.0359 3504 \Device\Harddisk0\DR0\Partition3 - ok 14:59:51.0360 3504 Boot (0x1200) (f313f96fca32b3b396ed5d5f6fac89ac) \Device\Harddisk1\DR1\Partition0 14:59:51.0361 3504 \Device\Harddisk1\DR1\Partition0 - ok 14:59:51.0361 3504 ============================================================ 14:59:51.0361 3504 Scan finished 14:59:51.0361 3504 ============================================================ 14:59:51.0367 5420 Detected object count: 21 14:59:51.0367 5420 Actual detected object count: 21 15:00:42.0008 5420 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0008 5420 AsSysCtrlService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0009 5420 AtiHdmiService ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0009 5420 AtiHdmiService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0010 5420 ATITool ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0010 5420 ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0011 5420 CDMA Device Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0011 5420 CDMA Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0011 5420 DvmMDES ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0012 5420 DvmMDES ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0012 5420 giveio ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0012 5420 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0013 5420 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0013 5420 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0014 5420 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0014 5420 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0014 5420 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0014 5420 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0015 5420 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0015 5420 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0016 5420 KMService ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0016 5420 KMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0016 5420 Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0017 5420 Macromedia Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0017 5420 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0017 5420 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0018 5420 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0018 5420 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0019 5420 PowerOffer Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0019 5420 PowerOffer Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0019 5420 RivaTuner32 ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0019 5420 RivaTuner32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0020 5420 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0020 5420 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0021 5420 ServUpdater ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0021 5420 ServUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0021 5420 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0021 5420 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0022 5420 Tomcat6 ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0022 5420 Tomcat6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:00:42.0023 5420 Web Assistant Updater ( UnsignedFile.Multi.Generic ) - skipped by user 15:00:42.0023 5420 Web Assistant Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip

Body Background

skin color theme