Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

After removing http://www.searchnu.com/406 virus


  • Please log in to reply
12 replies to this topic

#1 GDinerman

GDinerman

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 15 June 2012 - 02:54 PM

My moms computer had a http://www.searchnu.com/406 virus that I removed yesterday along with other trojan virus. I am now able to set Yahoo as a homepage again and the new virus scan does not show any new viruses. The problem is that now she tries to go online to sites like Ancestory.com or MyLife and her keyboard can not type in the information that she wants to search for. The keyboard is making a different noise then it ever did before and it will not type anything. Can some help me?
:busy:

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:36 AM

Posted 16 June 2012 - 06:20 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

Step 1

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 2

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Step 3

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.


Step 4

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 JPC Solutions

JPC Solutions

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:36 PM

Posted 23 August 2012 - 01:36 PM

I have the same default search engine on my machine. I have followed your strict instructions. Here are my logs, as requested.

From checkup.txt


Results of screen317's Security Check version 0.99.46
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Duplicate Cleaner 2.1b
Java DB 10.5.3.0
JavaFX 2.1.1
JavaFX 2.0.2 SDK
Java™ 6 Update 29
Java™ 6 Update 22
Java™ 7 Update 5
Java™ 6 Update 7
Java™ SE Development Kit 6 Update 19
Java™ SE Development Kit 7 Update 2
Java version out of Date!
Adobe Flash Player 11.3.300.271
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (14.0.1)
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````





From FSS.txt


Farbar Service Scanner Version: 06-08-2012
Ran by newnam (administrator) on 23-08-2012 at 10:25:00
Running from "C:\Users\newnam\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****






From Result.txt



MiniToolBox by Farbar Version: 23-07-2012
Ran by newnam (administrator) on 23-08-2012 at 10:41:50
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 adobe.activate.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com

========================= IP Configuration: ================================

Atheros AR5007 802.11b/g WiFi Adapter = Wireless Network Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="VMware Network Adapter VMnet1" address=192.168.111.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.74.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DesigNow-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
Physical Address. . . . . . . . . : 00-24-2B-E5-5B-F6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::601c:b21b:b2af:48a9%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.196(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, August 23, 2012 8:53:30 AM
Lease Expires . . . . . . . . . . : Friday, August 24, 2012 8:53:30 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 218113067
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-67-70-6F-00-24-2B-E5-5B-F6
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-1F-16-66-FC-1A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VMware Network Adapter VMnet1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5d5:5a88:c042:f4c9%26(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.111.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 822104150
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-67-70-6F-00-24-2B-E5-5B-F6
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c558:cc76:23cd:6ef5%27(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.74.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 872435798
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-67-70-6F-00-24-2B-E5-5B-F6
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{01848A6F-CE1F-49D2-ACF0-725E73C3494C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 8:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E651A8DE-9769-4503-BACC-C9361676C11F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{63C9B18A-73CB-4528-8CC3-14463792E4EE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #11
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4007:801::1001
74.125.224.192
74.125.224.193
74.125.224.194
74.125.224.195
74.125.224.196
74.125.224.197
74.125.224.198
74.125.224.199
74.125.224.200
74.125.224.201
74.125.224.206


Pinging google.com [74.125.239.9] with 32 bytes of data:
Reply from 74.125.239.9: bytes=32 time=22ms TTL=56
Reply from 74.125.239.9: bytes=32 time=22ms TTL=56

Ping statistics for 74.125.239.9:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 22ms, Average = 22ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=69ms TTL=53
Reply from 98.138.253.109: bytes=32 time=169ms TTL=53

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 69ms, Maximum = 169ms, Average = 119ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 24 2b e5 5b f6 ......Atheros AR5007 802.11b/g WiFi Adapter
9...00 1f 16 66 fc 1a ......NVIDIA nForce Networking Controller
26...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
27...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #11
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.196 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.196 281
192.168.1.196 255.255.255.255 On-link 192.168.1.196 281
192.168.1.255 255.255.255.255 On-link 192.168.1.196 281
192.168.74.0 255.255.255.0 On-link 192.168.74.1 276
192.168.74.1 255.255.255.255 On-link 192.168.74.1 276
192.168.74.255 255.255.255.255 On-link 192.168.74.1 276
192.168.111.0 255.255.255.0 On-link 192.168.111.1 276
192.168.111.1 255.255.255.255 On-link 192.168.111.1 276
192.168.111.255 255.255.255.255 On-link 192.168.111.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.111.1 276
224.0.0.0 240.0.0.0 On-link 192.168.74.1 276
224.0.0.0 240.0.0.0 On-link 192.168.1.196 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.111.1 276
255.255.255.255 255.255.255.255 On-link 192.168.74.1 276
255.255.255.255 255.255.255.255 On-link 192.168.1.196 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
26 276 fe80::/64 On-link
27 276 fe80::/64 On-link
10 281 fe80::/64 On-link
26 276 fe80::5d5:5a88:c042:f4c9/128
On-link
10 281 fe80::601c:b21b:b2af:48a9/128
On-link
27 276 fe80::c558:cc76:23cd:6ef5/128
On-link
1 306 ff00::/8 On-link
26 276 ff00::/8 On-link
27 276 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\vsocklib.dll [63088] (VMware, Inc.)
Catalog9 12 C:\Windows\system32\vsocklib.dll [63088] (VMware, Inc.)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/23/2012 08:54:38 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2012 08:53:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: sqlservr.exe, version: 2007.100.1600.22, time stamp: 0x4875735e
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e2111c0
Exception code: 0xc06d007e
Fault offset: 0x0000d36f
Faulting process id: 0x7c8
Faulting application start time: 0xsqlservr.exe0
Faulting application path: sqlservr.exe1
Faulting module path: sqlservr.exe2
Report Id: sqlservr.exe3

Error: (08/22/2012 06:54:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2012 06:54:20 PM) (Source: PerfNet) (User: )
Description:

Error: (08/22/2012 06:53:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: sqlservr.exe, version: 2007.100.1600.22, time stamp: 0x4875735e
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e2111c0
Exception code: 0xc06d007e
Fault offset: 0x0000d36f
Faulting process id: 0x22c
Faulting application start time: 0xsqlservr.exe0
Faulting application path: sqlservr.exe1
Faulting module path: sqlservr.exe2
Report Id: sqlservr.exe3

Error: (08/22/2012 05:18:45 PM) (Source: Application Hang) (User: )
Description: The program AfterFX.exe version 9.0.2.42 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2c80

Start Time: 01cd80bda2bc34f0

Termination Time: 146

Application Path: C:\Program Files\Adobe\Adobe After Effects CS4\Support Files\AfterFX.exe

Report Id: 16f83b51-ecb8-11e1-8292-8680a1b0bdcd

Error: (08/22/2012 08:08:03 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/22/2012 08:07:23 AM) (Source: Application Error) (User: )
Description: Faulting application name: sqlservr.exe, version: 2007.100.1600.22, time stamp: 0x4875735e
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e2111c0
Exception code: 0xc06d007e
Fault offset: 0x0000d36f
Faulting process id: 0x7dc
Faulting application start time: 0xsqlservr.exe0
Faulting application path: sqlservr.exe1
Faulting module path: sqlservr.exe2
Report Id: sqlservr.exe3

Error: (08/22/2012 00:44:26 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8fd49161-326c-4e77-9205-c8d3a30cab11}

Error: (08/21/2012 02:32:06 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (08/23/2012 08:55:12 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/23/2012 08:54:34 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Error: (08/23/2012 08:53:59 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue[::]:80

Error: (08/23/2012 08:53:59 AM) (Source: W3SVC) (User: )
Description: The World Wide Web Publishing Service (WWW Service) did not register the URL prefix http://*:80/ for site 1. The site has been disabled. The data field contains the error number.

Error: (08/23/2012 08:53:49 AM) (Source: Service Control Manager) (User: )
Description: The SQL Server (SQLEXPRESS) service failed to start due to the following error:
%%1053

Error: (08/23/2012 08:53:49 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

Error: (08/23/2012 08:53:24 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3

Error: (08/23/2012 08:53:24 AM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (08/23/2012 08:53:17 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (08/23/2012 08:53:02 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!


Microsoft Office Sessions:
=========================
Error: (01/30/2012 08:25:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 261 seconds with 240 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 4.65
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe After Effects CS4 (Version: 9)
Adobe After Effects CS4 Presets (Version: 9)
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe AIR (Version: 3.3.0.3670)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color Video Profiles AE CS4 (Version: 2.0)
Adobe Connect 9 Add-in (Version: 11,2,247,0)
Adobe Default Language CS4 (Version: 2.0)
Adobe Download Assistant (Version: 1.2.1)
Adobe Dreamweaver CS4 (Version: 10.0)
Adobe Dynamiclink Support (Version: 1)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Fonts All (Version: 2.0)
Adobe Help Manager (Version: 4.0.244)
Adobe InDesign CS6 (Version: 8.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe MotionPicture Color Files CS4 (Version: 2.0)
Adobe Output Module (Version: 2.0)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player (Version: 11.0)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe XMP Panels CS4 (Version: 2.0)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 5.2)
Auslogics Disk Defrag (Version: version 3.2)
BackUp Maker v6.2
Camtasia Studio 7 (Version: 7.0.0)
CCleaner (Version: 3.16)
Cisco Connect (Version: 1.3.11006.1)
Cisco EAP-FAST Module (Version: 2.1.6)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
CleanUp!
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.58.0.0)
Connect (Version: 1.0.0.1)
CyberLink DVD Suite (Version: 6.0.2203)
CyberLink PowerDirector (Version: 8.0.2013)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.10)
Dev-C++ 5 beta 9 release (4.9.9.2)
Dropbox (Version: 1.4.7)
Duplicate Cleaner 2.1b (Version: 2.1b)
EMC 11 Content (Version: 1.1.019)
ESU for Microsoft Vista (Version: 1.0.0)
FileZilla Client 3.5.3 (Version: 3.5.3)
Form1 Builder MYSQL
Google Chrome (Version: 21.0.1180.83)
Google Talk (remove only)
Google Update Helper (Version: 1.3.21.115)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.50)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Active Support Library (Version: 3.1.9.1)
HP Customer Experience Enhancements (Version: 5.7.0.2664)
HP Doc Viewer (Version: 1.03.0001)
HP DVD Play 3.7 (Version: 3.7.0.5723)
HP Help and Support (Version: 2.1.1.0)
HP Photo Creations (Version: 1.0.0.${CAB_VERSION})
HP Photosmart Plus B210 series Basic Device Software (Version: 22.50.231.0)
HP Photosmart Plus B210 series Help (Version: 140.0.54.54)
HP Photosmart Plus B210 series Product Improvement Study (Version: 22.50.231.0)
HP Product Detection (Version: 11.14.0001)
HP Quick Launch Buttons 6.40 H2 (Version: 6.40 H2)
HP Total Care Advisor (Version: 2.4.4941.2798)
HP Update (Version: 5.003.001.001)
HP User Guides 0118 (Version: 1.00.0000)
HP Wireless Assistant (Version: 3.00 K2)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
HPDiagnosticAlert (Version: 1.00.0000)
HPNetworkAssistant (Version: 1.1.70)
HPTCSSetup (Version: 1.1.1963.2799)
IIS 7.5 Express (Version: 7.5.1046)
iLivid (Version: 1.92)
ISO Recorder (Version: 3.0.0)
iSpring Free 5 (Version: 5.5.0)
iWisoft Free Video Converter 1.2 (Version: 1.2)
Java Auto Updater (Version: 2.1.6.0)
Java DB 10.5.3.0 (Version: 10.5.3.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 29 (Version: 6.0.290)
Java™ 6 Update 7 (Version: 1.6.0.70)
Java™ 7 Update 5 (Version: 7.0.50)
Java™ SE Development Kit 6 Update 19 (Version: 1.6.0.190)
Java™ SE Development Kit 7 Update 2 (Version: 1.7.0.20)
JavaFX 2.0.2 SDK (Version: 2.0.2)
JavaFX 2.1.1 (Version: 2.1.1)
Jing (Version: 2.4.10231)
Junk Mail filter update (Version: 15.4.3502.0922)
kuler (Version: 2.0)
LAME v3.98.3 for Audacity
McAfee Security Scan Plus (Version: 2.0.181.2)
McAfee SecurityCenter (Version: 11.0.678)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Advertising SDK for Windows Phone - ENU (Version: 5.2.819.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 3 (Version: 3.0.20105.0)
Microsoft ASP.NET Web Pages (Version: 1.0.20105.0)
Microsoft Expression Blend 3 SDK (Version: 1.0.1343.0)
Microsoft Expression Blend 4 (Version: 4.0.30816.0)
Microsoft Expression Blend 4 Add-in for Adobe FXG Import (Version: 1.0.20817.0)
Microsoft Expression Blend SDK for .NET 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Silverlight 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Windows Phone 7 (Version: 2.0.20901.0)
Microsoft Expression Blend SDK for Windows Phone OS 7.1 (Version: 2.0.30816.0)
Microsoft Games for Windows - LIVE (Version: 3.4.54.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Project 2007 Service Pack 3 (SP3)
Microsoft Office Project MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Project Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.60310.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server Compact 3.5 Design Tools ENU (Version: 3.5.5386.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft Visual Basic 2008 Express Edition - ENU
Microsoft Visual Basic 2008 Express Edition - ENU (Version: 9.0.21022)
Microsoft Visual C# 2010 Express - ENU (Version: 10.0.40219)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU (Version: 10.1.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31124)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
Microsoft Web Deploy 2.0 (Version: 2.0.1046)
Microsoft Web Platform Installer 3.0 (Version: 3.0.3)
Microsoft Windows Phone Developer Tools - ENU (Version: 10.0.40219)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (Version: 6.1.5288.17011)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 4.0 Refresh (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 Refresh (ARP entry) (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 Refresh (Redists) (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 Refresh (Shared Components) (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 Refresh (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 Refresh (Visual Studio) (Version: 4.0.30901.0)
Microsoft XNA Game Studio Platform Tools (Version: 1.4.0.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Mikogo 4 (Version: 4.3)
MobileMe Control Panel (Version: 3.1.6.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSDN Library for Microsoft Visual Studio 2008 Express Editions
MSDN Library for Microsoft Visual Studio 2008 Express Editions (Version: 9.0.21022)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetBeans IDE 6.8 (Version: 6.8)
Notepad++ (Version: 5.9.8)
NVIDIA Drivers (Version: 1.5)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
ooVoo (Version: 3.0.7023)
PC Monitor (Version: 2.8.1)
PDF Settings CS5 (Version: 10.0)
PDF Settings CS6 (Version: 11.0)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
Photoshop Camera Raw (Version: 5.0)
PHP Form Magic Demo version
Pixel Bender Toolkit (Version: 1.0)
PVSonyDll (Version: 1.00.0001)
Realtek USB 2.0 Card Reader (Version: 3.0.1.3)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30093)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.1)
Roxio Central (Version: 4.5.0)
Roxio Creator 2009 Ultimate (Version: 1.1.110)
Roxio Disaster Recovery (Version: 1.3.0)
Roxio File Backup (Version: 1.3.0)
Secure Download Manager (Version: 3.0.5)
Sitepal Wizard (Version: 2.0)
SmartSound Quicktracks Plugin (Version: 3.0.3.0)
SnadBoy's Revelation v2 (Version: 2.0.1.100)
Suite Shared Configuration CS4 (Version: 1.0)
Synaptics Pointing Device Driver (Version: 11.1.3.0)
tools-windows (Version: 8.8.2.591240)
UltraVnc (Version: 1.0.9.6.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft Office Project 2007 Help (KB963668)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VBA (2627.01) (Version: 6.03.00.9402)
VC Runtimes MSI (Version: 9.0.21022)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 1.0.1 (Version: 1.0.1)
VmciSockets (Version: 9.1.54.1)
VMware Player (Version: 4.0.2.28060)
Vuze (Version: 4.7)
WCF Data Services SDK for Windows Phone (Version: 4.7.6.0)
WCF RIA Services V1.0 SP1 (Version: 4.1.60114.0)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Windows Phone Emulator - ENU (Version: 10.0.40219)
Windows Phone Intro Video (ENU) (Version: 04.07.0975.00)
Windows Phone SDK 7.1 - ENU (Version: 10.1.40219)
Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU (Version: 10.0.40219)
Windows Phone SDK 7.1 Assemblies (Version: 10.0.40219)
Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0 (Version: 4.0.30901.0)
WinHTTrack Website Copier 3.44-4 (Version: 3.44.4)
WinPcap 4.1.1 (Version: 4.1.0.1753)
WinRAR archiver
WPF Toolkit February 2010 (Version 3.5.50211.1) (Version: 3.5.50211.1)
YouTube Downloader 3.3
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

========================= Devices: ================================

Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 2814.43 MB
Available physical RAM: 1771.04 MB
Total Pagefile: 5628.85 MB
Available Pagefile: 3688.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.34 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:222 GB) (Free:80.4 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10.88 GB) (Free:1.82 GB) NTFS

========================= Users: ========================================

User accounts for \\DESIGNOW-LAPTOP

Administrator Guest newnam

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

22-08-2012 07:44:28 Installed DirectX
22-08-2012 07:46:34 Installed DirectX
22-08-2012 07:56:16 Installed DirectX
22-08-2012 15:11:49 Windows Update
23-08-2012 00:23:49 Windows Update

**** End of log ****





From TDSSKiller.2.8.7.0_23.08.2012_10.59.43_log.txt



10:59:43.0784 3976 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
10:59:44.0947 3976 ============================================================
10:59:44.0947 3976 Current date / time: 2012/08/23 10:59:44.0947
10:59:44.0947 3976 SystemInfo:
10:59:44.0947 3976
10:59:44.0947 3976 OS Version: 6.1.7601 ServicePack: 1.0
10:59:44.0947 3976 Product type: Workstation
10:59:44.0948 3976 ComputerName: DESIGNOW-LAPTOP
10:59:44.0948 3976 UserName: newnam
10:59:44.0948 3976 Windows directory: C:\Windows
10:59:44.0948 3976 System windows directory: C:\Windows
10:59:44.0948 3976 Processor architecture: Intel x86
10:59:44.0948 3976 Number of processors: 2
10:59:44.0948 3976 Page size: 0x1000
10:59:44.0948 3976 Boot type: Normal boot
10:59:44.0948 3976 ============================================================
10:59:46.0694 3976 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:59:46.0711 3976 Drive \Device\Harddisk1\DR1 - Size: 0xF3300000 (3.80 Gb), SectorSize: 0x200, Cylinders: 0x1F0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:59:46.0713 3976 ============================================================
10:59:46.0713 3976 \Device\Harddisk0\DR0:
10:59:46.0713 3976 MBR partitions:
10:59:46.0713 3976 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BC007C1
10:59:46.0713 3976 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BC01000, BlocksNum 0x15C3000
10:59:46.0713 3976 \Device\Harddisk1\DR1:
10:59:46.0714 3976 MBR partitions:
10:59:46.0714 3976 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x8B, StartLBA 0x6F6F42C3, BlocksNum 0x72652074
10:59:46.0714 3976 ============================================================
10:59:46.0737 3976 C: <-> \Device\Harddisk0\DR0\Partition1
10:59:46.0791 3976 D: <-> \Device\Harddisk0\DR0\Partition2
10:59:46.0792 3976 ============================================================
10:59:46.0793 3976 Initialize success
10:59:46.0793 3976 ============================================================
11:00:45.0141 0724 ============================================================
11:00:45.0141 0724 Scan started
11:00:45.0141 0724 Mode: Manual; SigCheck; TDLFS;
11:00:45.0141 0724 ============================================================
11:00:47.0018 0724 ================ Scan system memory ========================
11:00:47.0018 0724 System memory - ok
11:00:47.0023 0724 ================ Scan services =============================
11:00:47.0252 0724 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:00:47.0583 0724 1394ohci - ok
11:00:47.0728 0724 [ 7B6D8E6E768DEC2B7125F2B56254CFF6 ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
11:00:47.0892 0724 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
11:00:48.0006 0724 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:00:48.0035 0724 ACPI - ok
11:00:48.0088 0724 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:00:48.0327 0724 AcpiPmi - ok
11:00:48.0335 0724 adfs - ok
11:00:48.0443 0724 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:00:48.0476 0724 AdobeFlashPlayerUpdateSvc - ok
11:00:48.0535 0724 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:00:48.0601 0724 adp94xx - ok
11:00:48.0632 0724 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:00:48.0663 0724 adpahci - ok
11:00:48.0690 0724 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:00:48.0722 0724 adpu320 - ok
11:00:48.0760 0724 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:00:48.0841 0724 AeLookupSvc - ok
11:00:48.0908 0724 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
11:00:48.0999 0724 AFD - ok
11:00:49.0040 0724 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
11:00:49.0079 0724 agp440 - ok
11:00:49.0117 0724 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
11:00:49.0156 0724 aic78xx - ok
11:00:49.0182 0724 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
11:00:49.0297 0724 ALG - ok
11:00:49.0331 0724 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
11:00:49.0368 0724 aliide - ok
11:00:49.0412 0724 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:00:49.0442 0724 amdagp - ok
11:00:49.0461 0724 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
11:00:49.0494 0724 amdide - ok
11:00:49.0527 0724 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:00:49.0597 0724 AmdK8 - ok
11:00:49.0626 0724 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:00:49.0673 0724 AmdPPM - ok
11:00:49.0722 0724 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:00:49.0939 0724 amdsata - ok
11:00:50.0098 0724 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:00:50.0144 0724 amdsbs - ok
11:00:50.0182 0724 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:00:50.0202 0724 amdxata - ok
11:00:50.0327 0724 [ FB32F046A2578755FA0DA5052C6A9CD3 ] Apache2.2 C:\xampp\apache\bin\httpd.exe
11:00:50.0486 0724 Apache2.2 - ok
11:00:50.0662 0724 [ D1AF38FBAC0DC7E6D796B0ED01707EE0 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
11:00:50.0836 0724 AppHostSvc - ok
11:00:50.0889 0724 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
11:00:51.0237 0724 AppID - ok
11:00:51.0289 0724 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:00:51.0368 0724 AppIDSvc - ok
11:00:51.0407 0724 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
11:00:51.0484 0724 Appinfo - ok
11:00:51.0578 0724 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:00:51.0620 0724 arc - ok
11:00:51.0648 0724 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:00:51.0686 0724 arcsas - ok
11:00:51.0860 0724 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:00:51.0950 0724 aspnet_state - ok
11:00:51.0971 0724 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:00:52.0101 0724 AsyncMac - ok
11:00:52.0139 0724 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
11:00:52.0162 0724 atapi - ok
11:00:52.0239 0724 [ 614A60AEE03A6151FDCBAC295854A9CB ] athr C:\Windows\system32\DRIVERS\athr.sys
11:00:52.0678 0724 athr - ok
11:00:52.0751 0724 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:00:52.0854 0724 AudioEndpointBuilder - ok
11:00:52.0868 0724 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:00:52.0940 0724 Audiosrv - ok
11:00:53.0030 0724 [ 4961850FB000896D6A6B90868DC91A98 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
11:00:53.0183 0724 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:00:53.0183 0724 Autodesk Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:00:53.0236 0724 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:00:53.0312 0724 AxInstSV - ok
11:00:53.0366 0724 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
11:00:53.0474 0724 b06bdrv - ok
11:00:53.0528 0724 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
11:00:53.0562 0724 b57nd60x - ok
11:00:53.0642 0724 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
11:00:53.0740 0724 BDESVC - ok
11:00:53.0764 0724 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
11:00:53.0839 0724 Beep - ok
11:00:53.0910 0724 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
11:00:54.0008 0724 BFE - ok
11:00:54.0048 0724 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
11:00:54.0157 0724 BITS - ok
11:00:54.0202 0724 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:00:54.0299 0724 blbdrive - ok
11:00:54.0341 0724 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:00:54.0415 0724 bowser - ok
11:00:54.0442 0724 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:00:54.0549 0724 BrFiltLo - ok
11:00:54.0576 0724 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:00:54.0642 0724 BrFiltUp - ok
11:00:54.0711 0724 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
11:00:54.0791 0724 Browser - ok
11:00:54.0842 0724 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:00:54.0925 0724 Brserid - ok
11:00:54.0956 0724 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:00:55.0008 0724 BrSerWdm - ok
11:00:55.0037 0724 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:00:55.0081 0724 BrUsbMdm - ok
11:00:55.0109 0724 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:00:55.0190 0724 BrUsbSer - ok
11:00:55.0222 0724 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:00:55.0281 0724 BTHMODEM - ok
11:00:55.0355 0724 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
11:00:55.0462 0724 bthserv - ok
11:00:55.0539 0724 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS
11:00:55.0689 0724 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
11:00:55.0689 0724 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
11:00:55.0854 0724 catchme - ok
11:00:55.0884 0724 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:00:55.0973 0724 cdfs - ok
11:00:56.0038 0724 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
11:00:56.0189 0724 cdrom - ok
11:00:56.0246 0724 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
11:00:56.0313 0724 CertPropSvc - ok
11:00:56.0376 0724 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\Windows\system32\drivers\cfwids.sys
11:00:56.0485 0724 cfwids - ok
11:00:56.0538 0724 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:00:56.0580 0724 circlass - ok
11:00:56.0624 0724 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
11:00:56.0648 0724 CLFS - ok
11:00:56.0748 0724 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:00:56.0784 0724 clr_optimization_v2.0.50727_32 - ok
11:00:56.0851 0724 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:00:57.0015 0724 clr_optimization_v4.0.30319_32 - ok
11:00:57.0061 0724 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:00:57.0122 0724 CmBatt - ok
11:00:57.0153 0724 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:00:57.0174 0724 cmdide - ok
11:00:57.0224 0724 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
11:00:57.0272 0724 CNG - ok
11:00:57.0330 0724 [ 1ADF6F4852E7D7E2E8AC481BDB970586 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
11:00:57.0632 0724 CnxtHdAudService - ok
11:00:57.0728 0724 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
11:00:57.0755 0724 Com4QLBEx - ok
11:00:57.0805 0724 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:00:57.0838 0724 Compbatt - ok
11:00:57.0892 0724 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:00:58.0069 0724 CompositeBus - ok
11:00:58.0091 0724 COMSysApp - ok
11:00:58.0116 0724 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:00:58.0142 0724 crcdisk - ok
11:00:58.0161 0724 Crypkey License - ok
11:00:58.0223 0724 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:00:58.0286 0724 CryptSvc - ok
11:00:58.0345 0724 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
11:00:58.0439 0724 DcomLaunch - ok
11:00:58.0480 0724 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
11:00:58.0590 0724 defragsvc - ok
11:00:58.0628 0724 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:00:58.0688 0724 DfsC - ok
11:00:58.0764 0724 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:00:58.0827 0724 Dhcp - ok
11:00:58.0851 0724 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
11:00:58.0925 0724 discache - ok
11:00:58.0999 0724 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:00:59.0031 0724 Disk - ok
11:00:59.0087 0724 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:00:59.0161 0724 Dnscache - ok
11:00:59.0209 0724 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
11:00:59.0283 0724 dot3svc - ok
11:00:59.0326 0724 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
11:00:59.0404 0724 DPS - ok
11:00:59.0459 0724 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:00:59.0487 0724 drmkaud - ok
11:00:59.0536 0724 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:00:59.0783 0724 DXGKrnl - ok
11:00:59.0839 0724 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
11:00:59.0920 0724 EapHost - ok
11:01:00.0049 0724 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
11:01:00.0219 0724 ebdrv - ok
11:01:00.0258 0724 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
11:01:00.0465 0724 EFS - ok
11:01:00.0566 0724 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:01:00.0758 0724 ehRecvr - ok
11:01:00.0797 0724 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
11:01:00.0887 0724 ehSched - ok
11:01:00.0941 0724 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:01:01.0015 0724 elxstor - ok
11:01:01.0048 0724 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:01:01.0105 0724 ErrDev - ok
11:01:01.0195 0724 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
11:01:01.0276 0724 EventSystem - ok
11:01:01.0295 0724 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
11:01:01.0358 0724 exfat - ok
11:01:01.0380 0724 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:01:01.0476 0724 fastfat - ok
11:01:01.0543 0724 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
11:01:01.0710 0724 Fax - ok
11:01:01.0753 0724 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:01:01.0798 0724 fdc - ok
11:01:01.0830 0724 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
11:01:01.0943 0724 fdPHost - ok
11:01:01.0971 0724 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
11:01:02.0062 0724 FDResPub - ok
11:01:02.0096 0724 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:01:02.0125 0724 FileInfo - ok
11:01:02.0145 0724 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:01:02.0210 0724 Filetrace - ok
11:01:02.0278 0724 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:01:02.0340 0724 FLEXnet Licensing Service - ok
11:01:02.0365 0724 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:01:02.0421 0724 flpydisk - ok
11:01:02.0568 0724 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:01:02.0609 0724 FltMgr - ok
11:01:02.0679 0724 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
11:01:02.0813 0724 FontCache - ok
11:01:02.0904 0724 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:01:02.0957 0724 FontCache3.0.0.0 - ok
11:01:02.0987 0724 FreshIO - ok
11:01:03.0029 0724 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:01:03.0055 0724 FsDepends - ok
11:01:03.0130 0724 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
11:01:03.0323 0724 fssfltr - ok
11:01:03.0522 0724 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
11:01:03.0763 0724 fsssvc - ok
11:01:03.0792 0724 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:01:03.0927 0724 Fs_Rec - ok
11:01:03.0985 0724 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:01:04.0296 0724 fvevol - ok
11:01:04.0391 0724 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:01:04.0442 0724 gagp30kx - ok
11:01:04.0511 0724 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
11:01:04.0676 0724 gpsvc - ok
11:01:04.0790 0724 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:01:04.0808 0724 gupdate - ok
11:01:04.0834 0724 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:01:04.0855 0724 gupdatem - ok
11:01:04.0896 0724 [ 88A6F2571405B3A4ABC4ED2F52136317 ] hcmon C:\Windows\system32\drivers\hcmon.sys
11:01:05.0038 0724 hcmon - ok
11:01:05.0063 0724 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:01:05.0144 0724 hcw85cir - ok
11:01:05.0197 0724 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:01:05.0241 0724 HDAudBus - ok
11:01:05.0271 0724 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:01:05.0318 0724 HidBatt - ok
11:01:05.0349 0724 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:01:05.0404 0724 HidBth - ok
11:01:05.0445 0724 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:01:05.0500 0724 HidIr - ok
11:01:05.0531 0724 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
11:01:05.0639 0724 hidserv - ok
11:01:05.0681 0724 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:01:05.0918 0724 HidUsb - ok
11:01:05.0958 0724 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:01:06.0108 0724 hkmsvc - ok
11:01:06.0155 0724 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:01:06.0249 0724 HomeGroupListener - ok
11:01:06.0306 0724 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:01:06.0368 0724 HomeGroupProvider - ok
11:01:06.0444 0724 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
11:01:06.0479 0724 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
11:01:06.0479 0724 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
11:01:06.0515 0724 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:01:06.0681 0724 HpqKbFiltr - ok
11:01:06.0739 0724 [ 1665C7121A026DF10C903DB9BC5E9D43 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
11:01:06.0770 0724 hpqwmiex - ok
11:01:06.0820 0724 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:01:06.0858 0724 HpSAMD - ok
11:01:06.0920 0724 [ 210388FD8225B02BD83D77628AAE64A9 ] HsfXAudioService C:\Windows\system32\XAudio32.dll
11:01:07.0165 0724 HsfXAudioService - ok
11:01:07.0239 0724 [ 227C3BA25012752BB7450235392C719F ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
11:01:07.0530 0724 HSF_DPV - ok
11:01:07.0572 0724 [ 4DF5C76302DC2F8F3465966C8426A292 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
11:01:07.0891 0724 HSXHWAZL - ok
11:01:07.0974 0724 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:01:08.0145 0724 HTTP - ok
11:01:08.0188 0724 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:01:08.0215 0724 hwpolicy - ok
11:01:08.0271 0724 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:01:08.0352 0724 i8042prt - ok
11:01:08.0416 0724 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:01:08.0721 0724 iaStorV - ok
11:01:08.0805 0724 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:01:08.0861 0724 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:01:08.0861 0724 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:01:08.0946 0724 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:01:09.0130 0724 idsvc - ok
11:01:09.0166 0724 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:01:09.0207 0724 iirsp - ok
11:01:09.0279 0724 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
11:01:09.0384 0724 IKEEXT - ok
11:01:09.0422 0724 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
11:01:09.0445 0724 intelide - ok
11:01:09.0479 0724 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:01:09.0533 0724 intelppm - ok
11:01:09.0582 0724 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:01:09.0662 0724 IPBusEnum - ok
11:01:09.0704 0724 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:01:09.0783 0724 IpFilterDriver - ok
11:01:09.0853 0724 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:01:09.0937 0724 iphlpsvc - ok
11:01:09.0986 0724 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:01:10.0134 0724 IPMIDRV - ok
11:01:10.0170 0724 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:01:10.0258 0724 IPNAT - ok
11:01:10.0291 0724 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:01:10.0361 0724 IRENUM - ok
11:01:10.0385 0724 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:01:10.0416 0724 isapnp - ok
11:01:10.0460 0724 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:01:10.0638 0724 iScsiPrt - ok
11:01:10.0700 0724 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:01:10.0734 0724 kbdclass - ok
11:01:10.0760 0724 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:01:10.0972 0724 kbdhid - ok
11:01:11.0076 0724 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
11:01:11.0124 0724 KeyIso - ok
11:01:11.0173 0724 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:01:11.0207 0724 KSecDD - ok
11:01:11.0233 0724 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:01:11.0257 0724 KSecPkg - ok
11:01:11.0310 0724 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
11:01:11.0428 0724 KtmRm - ok
11:01:11.0460 0724 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
11:01:11.0516 0724 LanmanServer - ok
11:01:11.0557 0724 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:01:11.0633 0724 LanmanWorkstation - ok
11:01:11.0716 0724 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:01:11.0806 0724 lltdio - ok
11:01:11.0843 0724 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:01:11.0925 0724 lltdsvc - ok
11:01:11.0955 0724 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
11:01:12.0010 0724 lmhosts - ok
11:01:12.0096 0724 LMIInfo - ok
11:01:12.0146 0724 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
11:01:12.0347 0724 lmimirr - ok
11:01:12.0363 0724 LMIRfsClientNP - ok
11:01:12.0407 0724 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
11:01:12.0438 0724 LMIRfsDriver - ok
11:01:12.0473 0724 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:01:12.0504 0724 LSI_FC - ok
11:01:12.0519 0724 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:01:12.0551 0724 LSI_SAS - ok
11:01:12.0576 0724 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:01:12.0605 0724 LSI_SAS2 - ok
11:01:12.0620 0724 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:01:12.0645 0724 LSI_SCSI - ok
11:01:12.0668 0724 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
11:01:12.0755 0724 luafv - ok
11:01:12.0868 0724 [ 6C3D154FFF0A97A6C3D9F78D60C41655 ] McAfee SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
11:01:13.0106 0724 McAfee SiteAdvisor Service - ok
11:01:13.0239 0724 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
11:01:13.0281 0724 McComponentHostService - ok
11:01:13.0398 0724 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:01:13.0433 0724 mcmscsvc - ok
11:01:13.0465 0724 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:01:13.0494 0724 McNaiAnn - ok
11:01:13.0515 0724 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:01:13.0536 0724 McNASvc - ok
11:01:13.0610 0724 [ 135AA9E9E7047B7DC1F753205D421A26 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
11:01:13.0653 0724 McODS - ok
11:01:13.0664 0724 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:01:13.0685 0724 McProxy - ok
11:01:13.0752 0724 [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:01:13.0788 0724 McShield - ok
11:01:13.0837 0724 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:01:13.0927 0724 Mcx2Svc - ok
11:01:13.0976 0724 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:01:14.0019 0724 mdmxsdk - ok
11:01:14.0062 0724 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:01:14.0087 0724 megasas - ok
11:01:14.0120 0724 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:01:14.0150 0724 MegaSR - ok
11:01:14.0216 0724 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
11:01:14.0337 0724 mfeapfk - ok
11:01:14.0394 0724 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
11:01:14.0524 0724 mfeavfk - ok
11:01:14.0558 0724 mfeavfk01 - ok
11:01:14.0575 0724 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
11:01:14.0688 0724 mfebopk - ok
11:01:14.0742 0724 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:01:14.0858 0724 mfefire - ok
11:01:14.0916 0724 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
11:01:15.0071 0724 mfefirek - ok
11:01:15.0103 0724 [ D1E998748BA24A731106611D535C6BBF ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
11:01:15.0146 0724 mfehidk - ok
11:01:15.0204 0724 [ AC04A618AEF3DE0FCE91C766F9E069DA ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
11:01:15.0343 0724 mfenlfk - ok
11:01:15.0386 0724 [ F454A13377F0A006D20A8C14A753C432 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
11:01:15.0414 0724 mferkdet - ok
11:01:15.0479 0724 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp C:\Windows\system32\mfevtps.exe
11:01:15.0629 0724 mfevtp - ok
11:01:15.0652 0724 [ F284337AEDB7483DF8A5FA840647E2B0 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
11:01:15.0677 0724 mfewfpk - ok
11:01:15.0749 0724 Microsoft SharePoint Workspace Audit Service - ok
11:01:15.0798 0724 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
11:01:15.0883 0724 MMCSS - ok
11:01:15.0911 0724 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
11:01:15.0998 0724 Modem - ok
11:01:16.0055 0724 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:01:16.0104 0724 monitor - ok
11:01:16.0138 0724 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:01:16.0159 0724 mouclass - ok
11:01:16.0195 0724 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:01:16.0263 0724 mouhid - ok
11:01:16.0299 0724 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:01:16.0319 0724 mountmgr - ok
11:01:16.0415 0724 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:01:16.0557 0724 MozillaMaintenance - ok
11:01:16.0581 0724 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
11:01:16.0787 0724 mpio - ok
11:01:16.0811 0724 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:01:16.0852 0724 mpsdrv - ok
11:01:16.0915 0724 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:01:17.0079 0724 MpsSvc - ok
11:01:17.0121 0724 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:01:17.0357 0724 MRxDAV - ok
11:01:17.0424 0724 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:01:17.0499 0724 mrxsmb - ok
11:01:17.0573 0724 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:01:17.0597 0724 mrxsmb10 - ok
11:01:17.0642 0724 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:01:17.0678 0724 mrxsmb20 - ok
11:01:17.0712 0724 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
11:01:17.0908 0724 msahci - ok
11:01:18.0016 0724 [ 43E89194371EB3709685A62421369001 ] MsDepSvc C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
11:01:18.0035 0724 MsDepSvc - ok
11:01:18.0074 0724 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:01:18.0276 0724 msdsm - ok
11:01:18.0305 0724 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
11:01:18.0354 0724 MSDTC - ok
11:01:18.0434 0724 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:01:18.0494 0724 Msfs - ok
11:01:18.0511 0724 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:01:18.0593 0724 mshidkmdf - ok
11:01:18.0630 0724 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:01:18.0657 0724 msisadrv - ok
11:01:18.0702 0724 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:01:18.0782 0724 MSiSCSI - ok
11:01:18.0788 0724 msiserver - ok
11:01:18.0835 0724 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
11:01:18.0871 0724 MSK80Service - ok
11:01:18.0893 0724 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:01:18.0972 0724 MSKSSRV - ok
11:01:18.0999 0724 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:01:19.0109 0724 MSPCLOCK - ok
11:01:19.0115 0724 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:01:19.0190 0724 MSPQM - ok
11:01:19.0216 0724 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:01:19.0246 0724 MsRPC - ok
11:01:19.0293 0724 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:01:19.0313 0724 mssmbios - ok
11:01:19.0450 0724 MSSQL$SQLEXPRESS - ok
11:01:19.0538 0724 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:01:19.0652 0724 MSTEE - ok
11:01:19.0666 0724 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:01:19.0710 0724 MTConfig - ok
11:01:19.0741 0724 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
11:01:19.0761 0724 Mup - ok
11:01:19.0792 0724 [ 797BDDFB4388C89E513B495CDF11BEF5 ] mv2 C:\Windows\system32\DRIVERS\mv2.sys
11:01:19.0997 0724 mv2 - ok
11:01:20.0048 0724 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
11:01:20.0124 0724 napagent - ok
11:01:20.0168 0724 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:01:20.0233 0724 NativeWifiP - ok
11:01:20.0279 0724 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:01:20.0325 0724 NDIS - ok
11:01:20.0360 0724 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:01:20.0434 0724 NdisCap - ok
11:01:20.0462 0724 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:01:20.0526 0724 NdisTapi - ok
11:01:20.0608 0724 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:01:20.0753 0724 Ndisuio - ok
11:01:20.0800 0724 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:01:21.0039 0724 NdisWan - ok
11:01:21.0134 0724 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:01:21.0277 0724 NDProxy - ok
11:01:21.0372 0724 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:01:21.0476 0724 NetBIOS - ok
11:01:21.0520 0724 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:01:21.0604 0724 NetBT - ok
11:01:21.0628 0724 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
11:01:21.0658 0724 Netlogon - ok
11:01:21.0721 0724 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
11:01:21.0808 0724 Netman - ok
11:01:21.0929 0724 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:21.0981 0724 NetMsmqActivator - ok
11:01:22.0022 0724 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:22.0046 0724 NetPipeActivator - ok
11:01:22.0084 0724 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
11:01:22.0193 0724 netprofm - ok
11:01:22.0204 0724 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:22.0223 0724 NetTcpActivator - ok
11:01:22.0229 0724 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:22.0248 0724 NetTcpPortSharing - ok
11:01:22.0314 0724 [ AE1209EB804DBD04044466652574075E ] NetworkX C:\Windows\system32\ckldrv.sys
11:01:22.0599 0724 NetworkX ( UnsignedFile.Multi.Generic ) - warning
11:01:22.0599 0724 NetworkX - detected UnsignedFile.Multi.Generic (1)
11:01:22.0660 0724 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:01:22.0704 0724 nfrd960 - ok
11:01:22.0744 0724 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:01:22.0822 0724 NlaSvc - ok
11:01:22.0858 0724 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\Windows\system32\drivers\npf.sys
11:01:23.0064 0724 NPF - ok
11:01:23.0081 0724 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:01:23.0157 0724 Npfs - ok
11:01:23.0194 0724 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
11:01:23.0267 0724 nsi - ok
11:01:23.0298 0724 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:01:23.0375 0724 nsiproxy - ok
11:01:23.0446 0724 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:01:23.0545 0724 Ntfs - ok
11:01:23.0572 0724 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
11:01:23.0638 0724 Null - ok
11:01:23.0696 0724 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
11:01:23.0740 0724 NVENETFD - ok
11:01:23.0793 0724 [ B0DD52428BF564F5FC5EE331060BE2A6 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
11:01:23.0928 0724 NVHDA - ok
11:01:24.0217 0724 [ 9DAC05D828E56801FD6CE5FDFCED64AF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:01:24.0816 0724 nvlddmkm - ok
11:01:24.0862 0724 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:01:24.0984 0724 nvraid - ok
11:01:25.0042 0724 [ 0FB6BF3AB170FC5BD403D25E134EAFDE ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
11:01:25.0321 0724 nvsmu - ok
11:01:25.0352 0724 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:01:25.0577 0724 nvstor - ok
11:01:25.0618 0724 [ 51E7F2C26B6ECE61C5241F1F731EAB2B ] nvsvc C:\Windows\system32\nvvsvc.exe
11:01:25.0777 0724 nvsvc - ok
11:01:25.0811 0724 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:01:25.0850 0724 nv_agp - ok
11:01:25.0989 0724 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:01:26.0039 0724 odserv - ok
11:01:26.0076 0724 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:01:26.0139 0724 ohci1394 - ok
11:01:26.0161 0724 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:01:26.0182 0724 ose - ok
11:01:26.0375 0724 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:01:26.0592 0724 osppsvc - ok
11:01:26.0649 0724 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:01:26.0702 0724 p2pimsvc - ok
11:01:26.0746 0724 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
11:01:26.0809 0724 p2psvc - ok
11:01:26.0872 0724 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:01:26.0929 0724 Parport - ok
11:01:26.0980 0724 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:01:27.0000 0724 partmgr - ok
11:01:27.0023 0724 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:01:27.0075 0724 Parvdm - ok
11:01:27.0160 0724 [ 2F4A75D14D3AB5DC4C23566E27BE611E ] PC Monitor C:\Program Files\PC Monitor\PCMonitorSrv.exe
11:01:27.0208 0724 PC Monitor - ok
11:01:27.0231 0724 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:01:27.0270 0724 PcaSvc - ok
11:01:27.0322 0724 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
11:01:27.0471 0724 pci - ok
11:01:27.0488 0724 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
11:01:27.0507 0724 pciide - ok
11:01:27.0550 0724 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:01:27.0594 0724 pcmcia - ok
11:01:27.0619 0724 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
11:01:27.0643 0724 pcw - ok
11:01:27.0685 0724 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:01:27.0767 0724 PEAUTH - ok
11:01:27.0858 0724 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
11:01:27.0968 0724 pla - ok
11:01:28.0017 0724 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:01:28.0129 0724 PlugPlay - ok
11:01:28.0144 0724 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:01:28.0184 0724 PNRPAutoReg - ok
11:01:28.0218 0724 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:01:28.0278 0724 PNRPsvc - ok
11:01:28.0304 0724 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:01:28.0419 0724 PolicyAgent - ok
11:01:28.0471 0724 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
11:01:28.0564 0724 Power - ok
11:01:28.0619 0724 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:01:28.0702 0724 PptpMiniport - ok
11:01:28.0746 0724 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:01:28.0784 0724 Processor - ok
11:01:28.0822 0724 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
11:01:28.0891 0724 ProfSvc - ok
11:01:28.0910 0724 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:01:28.0942 0724 ProtectedStorage - ok
11:01:28.0966 0724 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:01:29.0024 0724 Psched - ok
11:01:29.0060 0724 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
11:01:29.0079 0724 PxHelp20 - ok
11:01:29.0143 0724 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:01:29.0282 0724 ql2300 - ok
11:01:29.0324 0724 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:01:29.0349 0724 ql40xx - ok
11:01:29.0395 0724 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
11:01:29.0451 0724 QWAVE - ok
11:01:29.0482 0724 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:01:29.0511 0724 QWAVEdrv - ok
11:01:29.0534 0724 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:01:29.0607 0724 RasAcd - ok
11:01:29.0658 0724 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:01:29.0752 0724 RasAgileVpn - ok
11:01:29.0781 0724 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
11:01:29.0864 0724 RasAuto - ok
11:01:29.0886 0724 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:01:29.0966 0724 Rasl2tp - ok
11:01:30.0013 0724 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
11:01:30.0185 0724 RasMan - ok
11:01:30.0209 0724 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:01:30.0278 0724 RasPppoe - ok
11:01:30.0300 0724 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:01:30.0360 0724 RasSstp - ok
11:01:30.0405 0724 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:01:30.0462 0724 rdbss - ok
11:01:30.0488 0724 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:01:30.0534 0724 rdpbus - ok
11:01:30.0606 0724 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:01:30.0767 0724 RDPCDD - ok
11:01:30.0810 0724 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:01:30.0871 0724 RDPENCDD - ok
11:01:30.0907 0724 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:01:30.0966 0724 RDPREFMP - ok
11:01:31.0017 0724 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:01:31.0291 0724 RDPWD - ok
11:01:31.0345 0724 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:01:31.0379 0724 rdyboost - ok
11:01:31.0465 0724 [ 0D362785BEF9BDF5A6E1F4628D06716D ] Recovery Service for Windows C:\Program Files\SMINST\BLService.exe
11:01:31.0639 0724 Recovery Service for Windows - ok
11:01:31.0672 0724 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
11:01:31.0741 0724 RemoteAccess - ok
11:01:31.0784 0724 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:01:31.0863 0724 RemoteRegistry - ok
11:01:31.0976 0724 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
11:01:32.0156 0724 RichVideo - ok
11:01:32.0291 0724 [ 8AF842F4C84BDAA882216A01F8825402 ] RoxLiveShare11 C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
11:01:32.0475 0724 RoxLiveShare11 - ok
11:01:32.0534 0724 [ C6394DF3055601B11964B075C811F03C ] RoxMediaDB11 C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
11:01:32.0803 0724 RoxMediaDB11 ( UnsignedFile.Multi.Generic ) - warning
11:01:32.0804 0724 RoxMediaDB11 - detected UnsignedFile.Multi.Generic (1)
11:01:32.0843 0724 [ 3E8DF3DD655CCE064CF952066DDFF248 ] RoxWatch11 C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
11:01:33.0000 0724 RoxWatch11 - ok
11:01:33.0058 0724 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
11:01:33.0216 0724 rpcapd - ok
11:01:33.0265 0724 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:01:33.0346 0724 RpcEptMapper - ok
11:01:33.0395 0724 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
11:01:33.0447 0724 RpcLocator - ok
11:01:33.0491 0724 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
11:01:33.0544 0724 RpcSs - ok
11:01:33.0559 0724 RsFx0102 - ok
11:01:33.0612 0724 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:01:33.0720 0724 rspndr - ok
11:01:33.0814 0724 [ 434DCF7AE4300C876AA40873E3113983 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
11:01:33.0912 0724 RSUSBSTOR - ok
11:01:33.0966 0724 [ 8DAB5975B5C7923D61506A48E251DBAD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
11:01:34.0200 0724 RTSTOR - ok
11:01:34.0230 0724 RtsUIR - ok
11:01:34.0276 0724 [ 0501074A2F29250932E34CA4A844A0F5 ] RxFilter C:\Windows\system32\DRIVERS\RxFilter.sys
11:01:34.0554 0724 RxFilter - ok
11:01:34.0600 0724 [ AAA04CA9A0B26127FC6B7F46A4DF9059 ] SahdIa32 C:\Windows\system32\Drivers\SahdIa32.sys
11:01:34.0712 0724 SahdIa32 - ok
11:01:34.0761 0724 [ 22828C861C0B738AF83235C7603CD1AD ] SaibIa32 C:\Windows\system32\Drivers\SaibIa32.sys
11:01:34.0778 0724 SaibIa32 - ok
11:01:34.0803 0724 [ D65272AB772DBD18832704A79F102FEF ] SaibVd32 C:\Windows\system32\Drivers\SaibVd32.sys
11:01:34.0910 0724 SaibVd32 - ok
11:01:34.0925 0724 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
11:01:34.0955 0724 SamSs - ok
11:01:35.0127 0724 SASDIFSV - ok
11:01:35.0136 0724 SASKUTIL - ok
11:01:35.0193 0724 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:01:35.0421 0724 sbp2port - ok
11:01:35.0453 0724 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:01:35.0493 0724 SCardSvr - ok
11:01:35.0513 0724 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:01:35.0681 0724 scfilter - ok
11:01:35.0750 0724 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
11:01:35.0901 0724 Schedule - ok
11:01:35.0939 0724 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:01:35.0991 0724 SCPolicySvc - ok
11:01:36.0035 0724 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:01:36.0133 0724 SDRSVC - ok
11:01:36.0176 0724 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:01:36.0264 0724 secdrv - ok
11:01:36.0303 0724 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
11:01:36.0413 0724 seclogon - ok
11:01:36.0439 0724 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
11:01:36.0529 0724 SENS - ok
11:01:36.0573 0724 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:01:36.0646 0724 SensrSvc - ok
11:01:36.0666 0724 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:01:36.0697 0724 Serenum - ok
11:01:36.0729 0724 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:01:36.0774 0724 Serial - ok
11:01:36.0808 0724 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:01:36.0848 0724 sermouse - ok
11:01:36.0902 0724 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
11:01:36.0957 0724 SessionEnv - ok
11:01:36.0993 0724 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:01:37.0078 0724 sffdisk - ok
11:01:37.0106 0724 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:01:37.0154 0724 sffp_mmc - ok
11:01:37.0178 0724 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:01:37.0303 0724 sffp_sd - ok
11:01:37.0327 0724 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:01:37.0381 0724 sfloppy - ok
11:01:37.0423 0724 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:01:37.0510 0724 SharedAccess - ok
11:01:37.0559 0724 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:01:37.0644 0724 ShellHWDetection - ok
11:01:37.0694 0724 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:01:37.0725 0724 sisagp - ok
11:01:37.0753 0724 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:01:37.0780 0724 SiSRaid2 - ok
11:01:37.0801 0724 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:01:37.0829 0724 SiSRaid4 - ok
11:01:37.0861 0724 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:01:37.0940 0724 Smb - ok
11:01:38.0023 0724 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:01:38.0062 0724 SNMPTRAP - ok
11:01:38.0083 0724 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
11:01:38.0104 0724 spldr - ok
11:01:38.0165 0724 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
11:01:38.0212 0724 Spooler - ok
11:01:38.0331 0724 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
11:01:38.0494 0724 sppsvc - ok
11:01:38.0536 0724 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:01:38.0597 0724 sppuinotify - ok
11:01:38.0750 0724 [ EB2FD937449B7ACEB39372F875EB8E78 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
11:01:38.0911 0724 SQLAgent$SQLEXPRESS - ok
11:01:39.0022 0724 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:01:39.0290 0724 srv - ok
11:01:39.0318 0724 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:01:39.0345 0724 srv2 - ok
11:01:39.0362 0724 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:01:39.0407 0724 srvnet - ok
11:01:39.0455 0724 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:01:39.0559 0724 SSDPSRV - ok
11:01:39.0592 0724 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:01:39.0649 0724 SstpSvc - ok
11:01:39.0682 0724 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:01:39.0708 0724 stexstor - ok
11:01:39.0730 0724 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:01:39.0778 0724 StillCam - ok
11:01:39.0845 0724 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
11:01:39.0921 0724 StiSvc - ok
11:01:39.0960 0724 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
11:01:39.0988 0724 swenum - ok
11:01:40.0115 0724 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:01:40.0181 0724 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
11:01:40.0182 0724 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
11:01:40.0224 0724 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
11:01:40.0301 0724 swprv - ok
11:01:40.0354 0724 [ 00B19F27858F56181EDB58B71A7C67A0 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:01:40.0487 0724 SynTP - ok
11:01:40.0557 0724 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
11:01:40.0692 0724 SysMain - ok
11:01:40.0732 0724 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:01:40.0763 0724 TabletInputService - ok
11:01:40.0833 0724 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
11:01:40.0879 0724 TapiSrv - ok
11:01:40.0902 0724 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
11:01:40.0979 0724 TBS - ok
11:01:41.0075 0724 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:01:41.0155 0724 Tcpip - ok
11:01:41.0207 0724 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:01:41.0268 0724 TCPIP6 - ok
11:01:41.0319 0724 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:01:41.0552 0724 tcpipreg - ok
11:01:41.0602 0724 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:01:41.0850 0724 TDPIPE - ok
11:01:41.0873 0724 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:01:42.0082 0724 TDTCP - ok
11:01:42.0121 0724 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:01:42.0182 0724 tdx - ok
11:01:42.0225 0724 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:01:42.0407 0724 TermDD - ok
11:01:42.0456 0724 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
11:01:42.0522 0724 TermService - ok
11:01:42.0559 0724 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
11:01:42.0621 0724 Themes - ok
11:01:42.0660 0724 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
11:01:42.0715 0724 THREADORDER - ok
11:01:42.0739 0724 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
11:01:42.0816 0724 TrkWks - ok
11:01:42.0896 0724 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:01:42.0976 0724 TrustedInstaller - ok
11:01:43.0017 0724 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:01:43.0265 0724 tssecsrv - ok
11:01:43.0339 0724 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:01:43.0506 0724 TsUsbFlt - ok
11:01:43.0571 0724 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:01:43.0635 0724 tunnel - ok
11:01:43.0677 0724 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:01:43.0700 0724 uagp35 - ok
11:01:43.0752 0724 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:01:43.0916 0724 udfs - ok
11:01:43.0966 0724 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:01:44.0045 0724 UI0Detect - ok
11:01:44.0080 0724 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:01:44.0124 0724 uliagpkx - ok
11:01:44.0185 0724 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:01:44.0320 0724 umbus - ok
11:01:44.0345 0724 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:01:44.0394 0724 UmPass - ok
11:01:44.0424 0724 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
11:01:44.0492 0724 upnphost - ok
11:01:44.0548 0724 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
11:01:44.0760 0724 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
11:01:44.0760 0724 USBAAPL - detected UnsignedFile.Multi.Generic (1)
11:01:44.0795 0724 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:01:44.0931 0724 usbccgp - ok
11:01:44.0966 0724 USBCCID - ok
11:01:45.0018 0724 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:01:45.0057 0724 usbcir - ok
11:01:45.0094 0724 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:01:45.0310 0724 usbehci - ok
11:01:45.0346 0724 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:01:45.0557 0724 usbhub - ok
11:01:45.0584 0724 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:01:45.0623 0724 usbohci - ok
11:01:45.0664 0724 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:01:45.0694 0724 usbprint - ok
11:01:45.0726 0724 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:01:45.0945 0724 USBSTOR - ok
11:01:45.0966 0724 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:01:46.0194 0724 usbuhci - ok
11:01:46.0260 0724 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:01:46.0507 0724 usbvideo - ok
11:01:46.0622 0724 [ 6DA5BD7F379500C8473BB9EF23FBEB60 ] uvnc_service C:\Program Files\UltraVNC\WinVNC.exe
11:01:46.0745 0724 uvnc_service - ok
11:01:46.0789 0724 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
11:01:46.0854 0724 UxSms - ok
11:01:46.0867 0724 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
11:01:46.0894 0724 VaultSvc - ok
11:01:46.0928 0724 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:01:46.0970 0724 vdrvroot - ok
11:01:47.0018 0724 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
11:01:47.0084 0724 vds - ok
11:01:47.0137 0724 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:01:47.0212 0724 vga - ok
11:01:47.0240 0724 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:01:47.0313 0724 VgaSave - ok
11:01:47.0367 0724 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:01:47.0517 0724 vhdmp - ok
11:01:47.0536 0724 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:01:47.0564 0724 viaagp - ok
11:01:47.0585 0724 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:01:47.0628 0724 ViaC7 - ok
11:01:47.0660 0724 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
11:01:47.0684 0724 viaide - ok
11:01:47.0757 0724 [ 3ACCF0C817A2BB34EFBFB72B57B00252 ] VMAuthdService C:\Program Files\VMware\VMware Player\vmware-authd.exe
11:01:47.0854 0724 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
11:01:47.0854 0724 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
11:01:47.0892 0724 [ 15759158F7531853616B2B43AF962FCB ] vmci C:\Windows\system32\DRIVERS\vmci.sys
11:01:47.0912 0724 vmci - ok
11:01:47.0949 0724 [ E5FA574436B840D071DBFE74300741CE ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
11:01:48.0065 0724 vmkbd - ok
11:01:48.0131 0724 [ C01604EAEA9C89035CFF58CDB322476C ] vmm C:\Windows\system32\Drivers\vmm.sys
11:01:48.0270 0724 vmm - ok
11:01:48.0316 0724 [ 1AFA4AF55CBEA579A4BBE4F90967F720 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:01:48.0352 0724 VMnetAdapter - ok
11:01:48.0396 0724 [ 392964A7BF46986FBD44B24A3BEC2088 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:01:48.0426 0724 VMnetBridge - ok
11:01:48.0484 0724 [ 6F5FE74A4713290E6309B45904403798 ] VMnetDHCP C:\Windows\system32\vmnetdhcp.exe
11:01:48.0638 0724 VMnetDHCP - ok
11:01:48.0661 0724 [ C88E5F414C567FF10343DF18F8C3E3F0 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
11:01:48.0678 0724 VMnetuserif - ok
11:01:48.0764 0724 [ AF76C6D3F5053459E18E4C519FB496C8 ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
11:01:48.0916 0724 VMUSBArbService - ok
11:01:48.0945 0724 [ 5CC206036B6648CD3990D77E5117E1D9 ] VMware NAT Service C:\Windows\system32\vmnat.exe
11:01:49.0102 0724 VMware NAT Service - ok
11:01:49.0138 0724 [ 847909A1FC0C8EB46FF975747D673A7F ] vmx86 C:\Windows\system32\Drivers\vmx86.sys
11:01:49.0338 0724 vmx86 - ok
11:01:49.0382 0724 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:01:49.0402 0724 volmgr - ok
11:01:49.0451 0724 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:01:49.0486 0724 volmgrx - ok
11:01:49.0540 0724 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:01:49.0568 0724 volsnap - ok
11:01:49.0631 0724 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:01:49.0657 0724 vsmraid - ok
11:01:49.0725 0724 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
11:01:49.0937 0724 VSS - ok
11:01:49.0965 0724 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:01:50.0015 0724 vwifibus - ok
11:01:50.0054 0724 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:01:50.0094 0724 vwififlt - ok
11:01:50.0144 0724 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
11:01:50.0278 0724 W32Time - ok
11:01:50.0420 0724 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
11:01:50.0568 0724 W3SVC - ok
11:01:50.0599 0724 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:01:50.0650 0724 WacomPen - ok
11:01:50.0710 0724 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:01:50.0949 0724 WANARP - ok
11:01:50.0995 0724 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:01:51.0217 0724 Wanarpv6 - ok
11:01:51.0278 0724 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
11:01:51.0320 0724 WAS - ok
11:01:51.0407 0724 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:01:51.0599 0724 WatAdminSvc - ok
11:01:51.0668 0724 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
11:01:51.0778 0724 wbengine - ok
11:01:51.0827 0724 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:01:51.0876 0724 WbioSrvc - ok
11:01:51.0923 0724 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:01:52.0069 0724 wcncsvc - ok
11:01:52.0090 0724 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:01:52.0161 0724 WcsPlugInService - ok
11:01:52.0211 0724 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:01:52.0248 0724 Wd - ok
11:01:52.0281 0724 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:01:52.0340 0724 Wdf01000 - ok
11:01:52.0361 0724 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:01:52.0454 0724 WdiServiceHost - ok
11:01:52.0462 0724 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:01:52.0498 0724 WdiSystemHost - ok
11:01:52.0542 0724 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
11:01:52.0669 0724 WebClient - ok
11:01:52.0695 0724 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:01:52.0762 0724 Wecsvc - ok
11:01:52.0772 0724 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:01:52.0826 0724 wercplsupport - ok
11:01:52.0876 0724 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
11:01:52.0956 0724 WerSvc - ok
11:01:53.0038 0724 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:01:53.0125 0724 WfpLwf - ok
11:01:53.0147 0724 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:01:53.0170 0724 WIMMount - ok
11:01:53.0228 0724 [ 8B976D4CA270110111DF4F313DA0E6E8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
11:01:53.0485 0724 winachsf - ok
11:01:53.0576 0724 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:01:53.0717 0724 WinDefend - ok
11:01:53.0747 0724 WinHttpAutoProxySvc - ok
11:01:53.0842 0724 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:01:53.0909 0724 Winmgmt - ok
11:01:54.0012 0724 WinRing0_1_2_0 - ok
11:01:54.0097 0724 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
11:01:54.0216 0724 WinRM - ok
11:01:54.0301 0724 [ A67E5F9A400F3BD1BE3D80613B45F708 ] winusb C:\Windows\system32\DRIVERS\winusb.sys
11:01:54.0458 0724 winusb - ok
11:01:54.0525 0724 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:01:54.0619 0724 Wlansvc - ok
11:01:54.0721 0724 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:01:54.0866 0724 wlcrasvc - ok
11:01:54.0979 0724 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:01:55.0204 0724 wlidsvc - ok
11:01:55.0256 0724 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:01:55.0316 0724 WmiAcpi - ok
11:01:55.0362 0724 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:01:55.0402 0724 wmiApSrv - ok
11:01:55.0512 0724 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:01:55.0647 0724 WMPNetworkSvc - ok
11:01:55.0720 0724 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
11:01:55.0844 0724 WMZuneComm - ok
11:01:55.0893 0724 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:01:55.0969 0724 WPCSvc - ok
11:01:56.0012 0724 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:01:56.0066 0724 WPDBusEnum - ok
11:01:56.0105 0724 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:01:56.0180 0724 ws2ifsl - ok
11:01:56.0224 0724 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
11:01:56.0266 0724 wscsvc - ok
11:01:56.0277 0724 WSearch - ok
11:01:56.0383 0724 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:01:56.0485 0724 wuauserv - ok
11:01:56.0526 0724 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:01:56.0795 0724 WudfPf - ok
11:01:56.0852 0724 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:01:57.0091 0724 WUDFRd - ok
11:01:57.0119 0724 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:01:57.0180 0724 wudfsvc - ok
11:01:57.0236 0724 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:01:57.0302 0724 WwanSvc - ok
11:01:57.0343 0724 [ 894F963BE999BA9DB5AAC3AED55B115D ] XAudio C:\Windows\system32\DRIVERS\XAudio32.sys
11:01:57.0470 0724 XAudio - ok
11:01:57.0715 0724 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
11:01:57.0991 0724 ZuneNetworkSvc - ok
11:01:58.0049 0724 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
11:01:58.0114 0724 ZuneWlanCfgSvc - ok
11:01:58.0165 0724 ================ Scan global ===============================
11:01:58.0211 0724 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
11:01:58.0329 0724 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
11:01:58.0362 0724 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
11:01:58.0403 0724 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
11:01:58.0466 0724 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
11:01:58.0477 0724 [Global] - ok
11:01:58.0478 0724 ================ Scan MBR ==================================
11:01:58.0494 0724 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:01:59.0131 0724 \Device\Harddisk0\DR0 - ok
11:01:59.0140 0724 [ D85F7F1A51BD1A7D4F6465B12F67206B ] \Device\Harddisk1\DR1
11:01:59.0296 0724 \Device\Harddisk1\DR1 - ok
11:01:59.0296 0724 ================ Scan VBR ==================================
11:01:59.0303 0724 [ 7B7543212AF5B830DF32140D54F6655A ] \Device\Harddisk0\DR0\Partition1
11:01:59.0306 0724 \Device\Harddisk0\DR0\Partition1 - ok
11:01:59.0325 0724 [ 4D9FA9A67976F3E15374466E2D2097DB ] \Device\Harddisk0\DR0\Partition2
11:01:59.0328 0724 \Device\Harddisk0\DR0\Partition2 - ok
11:01:59.0336 0724 ============================================================
11:01:59.0336 0724 Scan finished
11:01:59.0336 0724 ============================================================
11:01:59.0363 5096 Detected object count: 9
11:01:59.0363 5096 Actual detected object count: 9
11:05:22.0338 5096 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:22.0338 5096 Autodesk Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:22.0342 5096 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:22.0342 5096 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:22.0347 5096 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:22.0347 5096 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:22.0354 5096 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:22.0354 5096 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:22.0355 5096 NetworkX ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:22.0355 5096 NetworkX ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:22.0359 5096 RoxMediaDB11 ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:22.0359 5096 RoxMediaDB11 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:22.0362 5096 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:22.0363 5096 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:22.0366 5096 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:22.0366 5096 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:05:22.0369 5096 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
11:05:22.0369 5096 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:06:50.0613 5240 Deinitialize success




FYI - this wasn't on my machine a couple of weeks ago. I had some visitors for a brief time, and one of them downloaded something.

Thanks for your help with this!


-JPC Solutions

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:36 AM

Posted 25 August 2012 - 01:19 PM

Hi

Please do the following next:

:step1:

Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/mbam-download.php to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes'
    Anti-Malware
    and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

If requested by MBAM, restart the computer.

The log can also be found here:
C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step2:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step3:

How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:36 AM

Posted 02 September 2012 - 08:39 AM

Hi, are you still with me?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 JPC Solutions

JPC Solutions

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:36 PM

Posted 02 September 2012 - 02:50 PM

Yes. I'm still with you. I didn't realize you'd responded. I just happened to check the post. I'm working on your instructions right now. I'll update shortly.

Thanks,

JPC Solutions

#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:36 AM

Posted 02 September 2012 - 04:39 PM

:thumbup2:

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 JPC Solutions

JPC Solutions

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:36 PM

Posted 03 September 2012 - 02:12 AM

Okay... Here are the results from Malwarebytes...

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.02.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
newnam :: DESIGNOW-LAPTOP [administrator]

9/2/2012 12:45:46 PM
mbam-log-2012-09-02 (12-45-46).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 656143
Time elapsed: 8 hour(s), 38 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCR\gencrawler_gc.GenCrawler (Trojan.Downloader) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Program Files\SnadBoy's Revelation v2\Revelation.exe (HackTool.Snadboy) -> No action taken.
C:\Users\newnam\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.dll (Trojan.Downloader) -> Quarantined and deleted successfully.

(end)


And here are the results from the ESET scan...


C:\$RECYCLE.BIN\S-1-5-21-2970427156-3184078376-3107692595-1000\$RDGRE8M.exe Win32/BundleInstaller.A application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\IObit Toolbar\IE\4.4\iobitToolbarIE.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined

#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:36 AM

Posted 04 September 2012 - 04:54 PM

IMPORTANT NOTE: One or more of the identified infections is a backdoor Trojan.

Backdoor Trojans, Botnets, and IRCBots are very dangerous because they compromise system integrity by making changes that allow it to be used by the attacker for malicious purposes.
They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms.
This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is then sent back to the hacker.
Read Danger: Remote Access Trojans.

You should disconnect the computer from the Internet and from any networked computers until it is cleaned. If your computer was used for online banking, paying bills, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for taxes, email, eBay, paypal and any other online activities.
You should consider them to be compromised and change passwords from a clean computer, not the infected one. If not, an attacker may get the new passwords and transaction information.
Banking and credit card institutions should be notified immediately of the possible security breach. Failure to notify your financial institution and local law enforcement can result in refusal to reimburse funds lost due to fraud or similar criminal activity.
If using a router, you need to reset it with a strong logon/password before connecting again.

Although the infection has been identified and may be removed, your machine has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed.
In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them.
Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:
• Reimaging the system
• Restoring the entire system using a full system backup from before the backdoor infection
• Reformatting and reinstalling the system

Backdoors and What They Mean to You

This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say:

The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).

Help: I Got Hacked. Now What Do I Do?.

We will do our best to clean the computer of any infections seen on the log. However, because of the nature of this Trojan, I cannot offer a total
guarantee that there are no remnants left in the system, or that the computer will be trustworthy.

Many security experts believe that once infected with this type of Trojan, the best course of action is to reformat and reinstall the Operating System.
Making this decision is based on what the computer is used for, and what information can be accessed from it.

Knowing the above, do you wish to proceed with cleaning the malware from the computer?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 JPC Solutions

JPC Solutions

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:36 PM

Posted 04 September 2012 - 09:10 PM

Yes. I do wish to proceed with malware removal. I have way too much on this computer. Software specifically... stuff I can't reload or image. I need to do my best to resolve the issue without a nuke & pave.

Thanks.

#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:36 AM

Posted 07 September 2012 - 05:51 PM

Hi

Sorry for the delay.

:step1:

Going over your logs I noticed that you have Vuze installed.
  • Avoid peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • P2p programs share a directory or set of directories on your computer to the world. Anyone can type in a search, and potentially download something from your computer. This makes the machine an open web server -- massively increasing the attack surface of the machine.
  • To reduce the risk of infection avoid using any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall Vuze, however that choice is up to you.

If you choose to remove these programs, you can do so via:

  • Click the "Windows Orb" button - Posted Image.
  • Click Control Panel then Programs and Features..

If you wish to keep it, please do not use it until your computer is cleaned.


:step2:

C:\Program Files\SnadBoy's Revelation v2\Revelation.exe (HackTool.Snadboy) -> No action taken.

Please tell me why you chose not to remove this?


:step3:

How is the computer running now?
Are you still having problems with the keyboard?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 JPC Solutions

JPC Solutions

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:36 PM

Posted 10 September 2012 - 01:21 AM

I have had Snadboy on my computer for years. It's a hover tool that allows me to hover over asterisks of a cookie password and view the password. I have never had an issue with it in the past. If you think it could be the cause of this, I'll remove it... but it's never been a problem in the 4 years I've had the computer.

#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:36 AM

Posted 10 September 2012 - 04:56 PM

I have had Snadboy on my computer for years. It's a hover tool that allows me to hover over asterisks of a cookie password and view the password. I have never had an issue with it in the past. If you think it could be the cause of this, I'll remove it... but it's never been a problem in the 4 years I've had the computer.


Let's have a closer look at the file:

:step1:

Please visit the online Jotti Virus Scanner Posted Image<--link
  • Browse to the following filepath:


    C:\Program Files\SnadBoy's Revelation v2\Revelation.exe

  • Click on the Posted Image button.
    The scanner will check the file with various AV companies.
  • If Jotti says the file has been scanned before, then click scan again.
  • Copy and paste the results box into a reply to this thread.


:step2:

Please rerun Minitoolbox on your desktop

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


:step3:

Please answer the below questions in my previous post:

How is the computer running now?
Are you still having problems with the keyboard?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users