Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM Pro blocks access to litecoin-qt.exe


  • Please log in to reply
16 replies to this topic

#1 PTE

PTE

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 03 August 2012 - 01:29 PM

I've been using the Litecoin Wallet application (similar to Bitcoin Wallet) for about a month now.
I usually mine all night and have racked up quite a few litecoins.

Recently my work started to require a VPN and a Network Assesment Client that enforces valid AV etc.
Microsoft Security Essentials' newest version doesn't work so I tried out quite a few AV programs trying to find a free one that is unobtrusive, but finally settled on the older version of MSE that works. (2.1.1116.0) (when I had avira free installed it found my minerd.exe that i was using for litecoin as a generic trojan) I figured that it was a false positive after uploading it to virustotal and seeing the results, but just to be safe i deleted it and found a different copy.

Even more recently I've installed the MBAM Pro realtime resident shield and since then I periodically get warnings that litecoin-qt.exe outgoing and incoming request are being blocked because the endpoints are potentially malicious. I'm starting to worry that there is something on the system. When I run scan with all the tools I know about they don't find anything, however I do a 0x0 process attached to csrss.exe in Process Explorer that I can't identify.

I have noticed outgoing attempts to 212.117.166.171 be blocked
-and-
I have noticed incoming attempts from 195.244.143.91 be blocked as well...
Posted Image

Do I need to worry? Am I infected? Should I cash out and do away with litecoin completely?

Thank You for your help :)

ETA: I didn't even realize this until i was re-reading my post, but apparently the bitcoin wallet is being blocked as well as litecoin wallet. the small screenshot shows bitcoin, but every other time i've written down an IP or noticed that notification it's usually on litecoin-qt

Edited by PTE, 04 August 2012 - 03:57 AM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:18 PM

Posted 08 August 2012 - 08:02 AM

Hi

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply.

:step2:

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the full contents of that document.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

:step5:

The two IP addresses you gave resolve to give the following:

212.117.166.171 - belongs to "root eSolutions", Country: Luxembourg. They sell Dedicated hosting for websites.
195.244.143.91 - belongs to "SIA SmartNet", City: Riga, Country: Latvia.

Are you familiar with those two companies?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 PTE

PTE
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 10 August 2012 - 11:05 PM

I've run all of the tools and collected the logs. Here they are...

1.) TDSSKiller


20:13:11.0388 9896 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
20:13:11.0754 9896 ============================================================
20:13:11.0754 9896 Current date / time: 2012/08/10 20:13:11.0754
20:13:11.0754 9896 SystemInfo:
20:13:11.0754 9896
20:13:11.0754 9896 OS Version: 6.1.7601 ServicePack: 1.0
20:13:11.0754 9896 Product type: Workstation
20:13:11.0754 9896 ComputerName: MYPC
20:13:11.0754 9896 UserName: MYUSERNAME1
20:13:11.0754 9896 Windows directory: C:\Windows
20:13:11.0754 9896 System windows directory: C:\Windows
20:13:11.0754 9896 Running under WOW64
20:13:11.0754 9896 Processor architecture: Intel x64
20:13:11.0754 9896 Number of processors: 8
20:13:11.0754 9896 Page size: 0x1000
20:13:11.0754 9896 Boot type: Normal boot
20:13:11.0754 9896 ============================================================
20:13:11.0988 9896 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:13:11.0989 9896 Drive \Device\Harddisk1\DR1 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:13:11.0992 9896 ============================================================
20:13:11.0992 9896 \Device\Harddisk0\DR0:
20:13:11.0992 9896 MBR partitions:
20:13:11.0992 9896 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800
20:13:11.0992 9896 \Device\Harddisk1\DR1:
20:13:11.0993 9896 MBR partitions:
20:13:11.0993 9896 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A856800
20:13:11.0993 9896 ============================================================
20:13:11.0994 9896 C: <-> \Device\Harddisk0\DR0\Partition0
20:13:12.0005 9896 D: <-> \Device\Harddisk1\DR1\Partition0
20:13:12.0005 9896 ============================================================
20:13:12.0005 9896 Initialize success
20:13:12.0005 9896 ============================================================
20:13:28.0385 1456 ============================================================
20:13:28.0385 1456 Scan started
20:13:28.0385 1456 Mode: Manual; SigCheck; TDLFS;
20:13:28.0385 1456 ============================================================
20:13:28.0581 1456 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:13:28.0613 1456 1394ohci - ok
20:13:28.0628 1456 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:13:28.0643 1456 ACPI - ok
20:13:28.0645 1456 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:13:28.0665 1456 AcpiPmi - ok
20:13:28.0673 1456 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:13:28.0688 1456 AdobeARMservice - ok
20:13:28.0718 1456 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:13:28.0758 1456 AdobeFlashPlayerUpdateSvc - ok
20:13:28.0776 1456 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:13:28.0793 1456 adp94xx - ok
20:13:28.0811 1456 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:13:28.0825 1456 adpahci - ok
20:13:28.0832 1456 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:13:28.0846 1456 adpu320 - ok
20:13:28.0851 1456 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:13:28.0906 1456 AeLookupSvc - ok
20:13:28.0923 1456 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:13:28.0940 1456 AFD - ok
20:13:28.0944 1456 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:13:28.0954 1456 agp440 - ok
20:13:28.0959 1456 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:13:28.0975 1456 ALG - ok
20:13:28.0977 1456 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:13:28.0985 1456 aliide - ok
20:13:28.0998 1456 ALSysIO - ok
20:13:29.0000 1456 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:13:29.0009 1456 amdide - ok
20:13:29.0014 1456 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:13:29.0025 1456 AmdK8 - ok
20:13:29.0028 1456 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:13:29.0039 1456 AmdPPM - ok
20:13:29.0044 1456 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:13:29.0054 1456 amdsata - ok
20:13:29.0063 1456 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:13:29.0077 1456 amdsbs - ok
20:13:29.0079 1456 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:13:29.0088 1456 amdxata - ok
20:13:29.0092 1456 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:13:29.0155 1456 AppID - ok
20:13:29.0158 1456 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:13:29.0183 1456 AppIDSvc - ok
20:13:29.0187 1456 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:13:29.0213 1456 Appinfo - ok
20:13:29.0220 1456 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:13:29.0244 1456 Apple Mobile Device - ok
20:13:29.0253 1456 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
20:13:29.0271 1456 AppMgmt - ok
20:13:29.0275 1456 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:13:29.0286 1456 arc - ok
20:13:29.0290 1456 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:13:29.0301 1456 arcsas - ok
20:13:29.0336 1456 asComSvc (6e3f4538b33bc19259e99be1826286a3) C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
20:13:29.0431 1456 asComSvc - ok
20:13:29.0439 1456 ASDiskUnlocker (c6c1fba3b599f2bfeab467dc9e66aa5e) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
20:13:29.0474 1456 ASDiskUnlocker - ok
20:13:29.0476 1456 ASFLTDrv.sys (2921131f9a111fd6c6d2c5e1e5b6b75c) C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys
20:13:29.0484 1456 ASFLTDrv.sys - ok
20:13:29.0515 1456 asHmComSvc (a63173897ea1a73a75d0e65036de5b15) C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
20:13:29.0852 1456 asHmComSvc - ok
20:13:29.0875 1456 AsIO (fef9dd9ea587f8886ade43c1befbdafe) C:\Windows\syswow64\drivers\AsIO.sys
20:13:29.0882 1456 AsIO - ok
20:13:29.0914 1456 asmthub3 (6d9c024aa8f24065a6dbeab1f431d854) C:\Windows\system32\DRIVERS\asmthub3.sys
20:13:29.0929 1456 asmthub3 - ok
20:13:29.0941 1456 asmtxhci (ecad22f15d8f17cc04f24e9a6fb00f2f) C:\Windows\system32\DRIVERS\asmtxhci.sys
20:13:29.0959 1456 asmtxhci - ok
20:13:29.0973 1456 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:13:29.0983 1456 aspnet_state - ok
20:13:30.0002 1456 AsSysCtrlService (5c31dfb196cb3a488a041881634d86d2) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
20:13:30.0038 1456 AsSysCtrlService - ok
20:13:30.0062 1456 AsUpIO (1392b92179b07b672720763d9b1028a5) C:\Windows\syswow64\drivers\AsUpIO.sys
20:13:30.0070 1456 AsUpIO - ok
20:13:30.0075 1456 ASUSFILTER (a5e4cdb420540095d1293c874b5f89aa) C:\Windows\syswow64\drivers\ASUSFILTER.sys
20:13:30.0085 1456 ASUSFILTER - ok
20:13:30.0116 1456 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:13:30.0137 1456 AsyncMac - ok
20:13:30.0140 1456 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:13:30.0149 1456 atapi - ok
20:13:30.0152 1456 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys
20:13:30.0162 1456 AthBTPort - ok
20:13:30.0167 1456 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\system32\Drivers\AthDfu.sys
20:13:30.0177 1456 ATHDFU - ok
20:13:30.0186 1456 AtherosSvc (21753130331188c4b474e1d3b396e629) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:13:30.0197 1456 AtherosSvc - ok
20:13:30.0221 1456 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:13:30.0253 1456 AudioEndpointBuilder - ok
20:13:30.0256 1456 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:13:30.0285 1456 AudioSrv - ok
20:13:30.0295 1456 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:13:30.0315 1456 AxInstSV - ok
20:13:30.0334 1456 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:13:30.0349 1456 b06bdrv - ok
20:13:30.0358 1456 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:13:30.0371 1456 b57nd60a - ok
20:13:30.0377 1456 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:13:30.0392 1456 BDESVC - ok
20:13:30.0395 1456 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:13:30.0415 1456 Beep - ok
20:13:30.0441 1456 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:13:30.0473 1456 BFE - ok
20:13:30.0715 1456 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
20:13:30.0748 1456 BITS - ok
20:13:30.0756 1456 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:13:30.0767 1456 blbdrive - ok
20:13:30.0782 1456 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
20:13:30.0809 1456 Bonjour Service - ok
20:13:30.0814 1456 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:13:30.0826 1456 bowser - ok
20:13:30.0828 1456 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:13:30.0840 1456 BrFiltLo - ok
20:13:30.0841 1456 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:13:30.0853 1456 BrFiltUp - ok
20:13:30.0859 1456 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:13:30.0886 1456 Browser - ok
20:13:30.0896 1456 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:13:30.0910 1456 Brserid - ok
20:13:30.0913 1456 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:13:30.0924 1456 BrSerWdm - ok
20:13:30.0926 1456 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:13:30.0936 1456 BrUsbMdm - ok
20:13:30.0939 1456 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:13:30.0949 1456 BrUsbSer - ok
20:13:30.0959 1456 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\Windows\system32\drivers\btath_a2dp.sys
20:13:30.0976 1456 BTATH_A2DP - ok
20:13:30.0979 1456 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys
20:13:30.0987 1456 BTATH_BUS - ok
20:13:30.0995 1456 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:13:31.0008 1456 BTATH_HCRP - ok
20:13:31.0012 1456 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:13:31.0021 1456 BTATH_LWFLT - ok
20:13:31.0027 1456 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys
20:13:31.0039 1456 BTATH_RCP - ok
20:13:31.0049 1456 BtFilter (aa0f5afcf077c5246589b32eceeae566) C:\Windows\system32\DRIVERS\btfilter.sys
20:13:31.0064 1456 BtFilter - ok
20:13:31.0068 1456 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:13:31.0079 1456 BthEnum - ok
20:13:31.0083 1456 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:13:31.0098 1456 BTHMODEM - ok
20:13:31.0103 1456 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:13:31.0115 1456 BthPan - ok
20:13:31.0134 1456 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
20:13:31.0151 1456 BTHPORT - ok
20:13:31.0156 1456 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:13:31.0183 1456 bthserv - ok
20:13:31.0188 1456 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:13:31.0200 1456 BTHUSB - ok
20:13:31.0205 1456 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:13:31.0228 1456 cdfs - ok
20:13:31.0238 1456 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:13:31.0256 1456 cdrom - ok
20:13:31.0261 1456 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:13:31.0291 1456 CertPropSvc - ok
20:13:31.0294 1456 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:13:31.0306 1456 circlass - ok
20:13:31.0320 1456 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:13:31.0339 1456 CLFS - ok
20:13:31.0349 1456 CLHNServiceForPowerDVD (10afbbf2593d7f1676aaa79b6f0b6aac) C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
20:13:31.0366 1456 CLHNServiceForPowerDVD - ok
20:13:31.0375 1456 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:13:31.0391 1456 clr_optimization_v2.0.50727_32 - ok
20:13:31.0399 1456 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:13:31.0411 1456 clr_optimization_v2.0.50727_64 - ok
20:13:31.0426 1456 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:13:31.0437 1456 clr_optimization_v4.0.30319_32 - ok
20:13:31.0446 1456 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:13:31.0457 1456 clr_optimization_v4.0.30319_64 - ok
20:13:31.0464 1456 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:13:31.0474 1456 CmBatt - ok
20:13:31.0477 1456 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:13:31.0486 1456 cmdide - ok
20:13:31.0499 1456 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
20:13:31.0519 1456 CNG - ok
20:13:31.0522 1456 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:13:31.0531 1456 Compbatt - ok
20:13:31.0534 1456 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:13:31.0546 1456 CompositeBus - ok
20:13:31.0548 1456 COMSysApp - ok
20:13:31.0551 1456 cpuz135 (c08063f052308b6f5882482615387f30) C:\Windows\system32\drivers\cpuz135_x64.sys
20:13:31.0560 1456 cpuz135 - ok
20:13:31.0562 1456 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:13:31.0571 1456 crcdisk - ok
20:13:31.0579 1456 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
20:13:31.0596 1456 CryptSvc - ok
20:13:31.0612 1456 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:13:31.0640 1456 CSC - ok
20:13:31.0661 1456 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
20:13:31.0682 1456 CscService - ok
20:13:31.0694 1456 CyberLink PowerDVD 11.0 Monitor Service (286eb2bdf9b10810336b13b8935d24ac) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
20:13:34.0925 1456 CyberLink PowerDVD 11.0 Monitor Service - ok
20:13:34.0934 1456 CyberLink PowerDVD 11.0 Service (884034f529f88bb35c1e93df5c5e96fe) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
20:13:34.0973 1456 CyberLink PowerDVD 11.0 Service - ok
20:13:34.0991 1456 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:13:35.0023 1456 DcomLaunch - ok
20:13:35.0031 1456 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:13:35.0060 1456 defragsvc - ok
20:13:35.0072 1456 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:13:35.0094 1456 DfsC - ok
20:13:35.0109 1456 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:13:35.0137 1456 Dhcp - ok
20:13:35.0140 1456 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:13:35.0161 1456 discache - ok
20:13:35.0166 1456 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:13:35.0178 1456 Disk - ok
20:13:35.0185 1456 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:13:35.0202 1456 Dnscache - ok
20:13:35.0210 1456 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:13:35.0238 1456 dot3svc - ok
20:13:35.0246 1456 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:13:35.0272 1456 DPS - ok
20:13:35.0274 1456 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:13:35.0285 1456 drmkaud - ok
20:13:35.0316 1456 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:13:35.0335 1456 DXGKrnl - ok
20:13:35.0345 1456 e1cexpress (6bafd9819d9fec2edbaebc8493c711a4) C:\Windows\system32\DRIVERS\e1c62x64.sys
20:13:35.0357 1456 e1cexpress - ok
20:13:35.0364 1456 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:13:35.0391 1456 EapHost - ok
20:13:35.0472 1456 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:13:35.0517 1456 ebdrv - ok
20:13:35.0554 1456 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:13:35.0566 1456 EFS - ok
20:13:35.0590 1456 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:13:35.0616 1456 ehRecvr - ok
20:13:35.0622 1456 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:13:35.0641 1456 ehSched - ok
20:13:35.0648 1456 ElbyCDFL - ok
20:13:35.0651 1456 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
20:13:35.0661 1456 ElbyCDIO - ok
20:13:35.0677 1456 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:13:35.0694 1456 elxstor - ok
20:13:35.0696 1456 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:13:35.0706 1456 ErrDev - ok
20:13:35.0724 1456 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:13:35.0755 1456 EventSystem - ok
20:13:35.0763 1456 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:13:35.0787 1456 exfat - ok
20:13:35.0795 1456 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:13:35.0818 1456 fastfat - ok
20:13:35.0841 1456 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:13:35.0874 1456 Fax - ok
20:13:35.0877 1456 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:13:35.0889 1456 fdc - ok
20:13:35.0891 1456 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:13:35.0916 1456 fdPHost - ok
20:13:36.0206 1456 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:13:36.0231 1456 FDResPub - ok
20:13:36.0235 1456 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:13:36.0246 1456 FileInfo - ok
20:13:36.0249 1456 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:13:36.0273 1456 Filetrace - ok
20:13:36.0275 1456 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:13:36.0285 1456 flpydisk - ok
20:13:36.0296 1456 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:13:36.0311 1456 FltMgr - ok
20:13:36.0341 1456 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:13:36.0367 1456 FontCache - ok
20:13:36.0372 1456 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:13:36.0382 1456 FontCache3.0.0.0 - ok
20:13:36.0390 1456 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:13:36.0400 1456 FsDepends - ok
20:13:36.0403 1456 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
20:13:36.0412 1456 Fs_Rec - ok
20:13:36.0420 1456 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:13:36.0434 1456 fvevol - ok
20:13:36.0438 1456 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:13:36.0448 1456 gagp30kx - ok
20:13:36.0451 1456 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:13:36.0459 1456 GEARAspiWDM - ok
20:13:36.0482 1456 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:13:36.0516 1456 gpsvc - ok
20:13:36.0525 1456 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:13:36.0544 1456 gupdate - ok
20:13:36.0545 1456 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:13:36.0564 1456 gupdatem - ok
20:13:36.0570 1456 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:13:36.0594 1456 gusvc - ok
20:13:36.0597 1456 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:13:36.0607 1456 hcw85cir - ok
20:13:36.0616 1456 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:13:36.0629 1456 HDAudBus - ok
20:13:36.0632 1456 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:13:36.0643 1456 HidBatt - ok
20:13:36.0648 1456 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:13:36.0661 1456 HidBth - ok
20:13:36.0665 1456 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:13:36.0678 1456 HidIr - ok
20:13:36.0680 1456 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
20:13:36.0706 1456 hidserv - ok
20:13:36.0709 1456 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:13:36.0720 1456 HidUsb - ok
20:13:36.0726 1456 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:13:36.0755 1456 hkmsvc - ok
20:13:36.0763 1456 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:13:36.0781 1456 HomeGroupListener - ok
20:13:36.0787 1456 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:13:36.0804 1456 HomeGroupProvider - ok
20:13:36.0808 1456 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:13:36.0817 1456 HpSAMD - ok
20:13:36.0838 1456 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:13:36.0869 1456 HTTP - ok
20:13:36.0871 1456 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:13:36.0879 1456 hwpolicy - ok
20:13:36.0884 1456 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:13:36.0897 1456 i8042prt - ok
20:13:36.0913 1456 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\DRIVERS\iaStor.sys
20:13:36.0944 1456 iaStor - ok
20:13:36.0950 1456 IAStorDataMgrSvc (d41861e56e7552c13674d7f147a02464) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:13:36.0960 1456 IAStorDataMgrSvc - ok
20:13:36.0974 1456 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:13:36.0998 1456 iaStorV - ok
20:13:37.0001 1456 ICCWDT (c1010add3ddae1196ed21057af7b2aae) C:\Windows\system32\DRIVERS\ICCWDT.sys
20:13:37.0010 1456 ICCWDT - ok
20:13:37.0038 1456 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:13:37.0059 1456 idsvc - ok
20:13:37.0375 1456 igfx (e15a809273ea164a7479d2fa64d18988) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:13:37.0489 1456 igfx - ok
20:13:37.0517 1456 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:13:37.0527 1456 iirsp - ok
20:13:37.0557 1456 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:13:37.0593 1456 IKEEXT - ok
20:13:37.0669 1456 IntcAzAudAddService (589b94a9b73a0e819ff873743a480834) C:\Windows\system32\drivers\RTKVHD64.sys
20:13:37.0698 1456 IntcAzAudAddService - ok
20:13:37.0738 1456 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:13:37.0752 1456 IntcDAud - ok
20:13:37.0772 1456 Intel® Capability Licensing Service Interface (832ce330dd987227b7dea8c03f22aefa) C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:13:38.0242 1456 Intel® Capability Licensing Service Interface - ok
20:13:38.0245 1456 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:13:38.0254 1456 intelide - ok
20:13:38.0258 1456 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:13:38.0268 1456 intelppm - ok
20:13:38.0272 1456 Intel® PROSet Monitoring Service (068ec06f3b6dd7b81b365d8fd2ce27e6) C:\Windows\system32\IProsetMonitor.exe
20:13:38.0285 1456 Intel® PROSet Monitoring Service - ok
20:13:38.0289 1456 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:13:38.0317 1456 IPBusEnum - ok
20:13:38.0322 1456 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:13:38.0344 1456 IpFilterDriver - ok
20:13:38.0361 1456 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:13:38.0394 1456 iphlpsvc - ok
20:13:38.0398 1456 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:13:38.0409 1456 IPMIDRV - ok
20:13:38.0414 1456 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:13:38.0438 1456 IPNAT - ok
20:13:38.0466 1456 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
20:13:38.0505 1456 iPod Service - ok
20:13:38.0508 1456 iprip (11fe7637a49b67d9b1f895b2ad4d982f) C:\Windows\System32\iprip.dll
20:13:38.0523 1456 iprip - ok
20:13:38.0525 1456 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:13:38.0538 1456 IRENUM - ok
20:13:38.0539 1456 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:13:38.0549 1456 isapnp - ok
20:13:38.0559 1456 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:13:38.0573 1456 iScsiPrt - ok
20:13:38.0584 1456 jhi_service (c44b44e24b929631d9d7368f5b2b40cf) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:13:38.0611 1456 jhi_service - ok
20:13:39.0018 1456 JRAID (a577f5db30f70eca9708c07c2eacbd9d) C:\Windows\system32\DRIVERS\jraid.sys
20:13:39.0035 1456 JRAID - ok
20:13:39.0038 1456 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
20:13:39.0050 1456 kbdclass - ok
20:13:39.0053 1456 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
20:13:39.0065 1456 kbdhid - ok
20:13:39.0068 1456 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:13:39.0079 1456 KeyIso - ok
20:13:39.0084 1456 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
20:13:39.0096 1456 KSecDD - ok
20:13:39.0102 1456 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
20:13:39.0116 1456 KSecPkg - ok
20:13:39.0118 1456 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:13:39.0139 1456 ksthunk - ok
20:13:39.0152 1456 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:13:39.0181 1456 KtmRm - ok
20:13:39.0191 1456 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
20:13:39.0220 1456 LanmanServer - ok
20:13:39.0225 1456 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:13:39.0253 1456 LanmanWorkstation - ok
20:13:39.0257 1456 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:13:39.0279 1456 lltdio - ok
20:13:39.0291 1456 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:13:39.0321 1456 lltdsvc - ok
20:13:39.0323 1456 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:13:39.0348 1456 lmhosts - ok
20:13:39.0354 1456 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:13:39.0365 1456 LSI_FC - ok
20:13:39.0371 1456 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:13:39.0382 1456 LSI_SAS - ok
20:13:39.0386 1456 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:13:39.0396 1456 LSI_SAS2 - ok
20:13:39.0403 1456 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:13:39.0413 1456 LSI_SCSI - ok
20:13:39.0420 1456 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:13:39.0445 1456 luafv - ok
20:13:39.0449 1456 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
20:13:39.0458 1456 MBAMProtector - ok
20:13:39.0479 1456 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:13:39.0516 1456 MBAMService - ok
20:13:39.0521 1456 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:13:39.0537 1456 Mcx2Svc - ok
20:13:39.0539 1456 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:13:39.0549 1456 megasas - ok
20:13:39.0557 1456 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:13:39.0572 1456 MegaSR - ok
20:13:39.0577 1456 MEIx64 (6b01b7414a105b9e51652089a03027cf) C:\Windows\system32\DRIVERS\HECIx64.sys
20:13:39.0588 1456 MEIx64 - ok
20:13:39.0596 1456 Microsoft SharePoint Workspace Audit Service - ok
20:13:39.0601 1456 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:13:39.0625 1456 MMCSS - ok
20:13:39.0628 1456 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:13:39.0650 1456 Modem - ok
20:13:39.0652 1456 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:13:39.0663 1456 monitor - ok
20:13:39.0667 1456 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
20:13:39.0679 1456 mouclass - ok
20:13:39.0682 1456 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:13:39.0693 1456 mouhid - ok
20:13:39.0709 1456 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:13:39.0720 1456 mountmgr - ok
20:13:39.0727 1456 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
20:13:39.0744 1456 MpFilter - ok
20:13:39.0750 1456 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:13:39.0762 1456 mpio - ok
20:13:39.0765 1456 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
20:13:39.0775 1456 MpNWMon - ok
20:13:39.0780 1456 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:13:39.0802 1456 mpsdrv - ok
20:13:39.0830 1456 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:13:39.0865 1456 MpsSvc - ok
20:13:39.0871 1456 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:13:39.0887 1456 MRxDAV - ok
20:13:39.0895 1456 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:13:39.0909 1456 mrxsmb - ok
20:13:39.0919 1456 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:13:39.0933 1456 mrxsmb10 - ok
20:13:39.0938 1456 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:13:39.0950 1456 mrxsmb20 - ok
20:13:39.0953 1456 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:13:39.0963 1456 msahci - ok
20:13:39.0969 1456 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:13:39.0981 1456 msdsm - ok
20:13:39.0988 1456 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:13:40.0006 1456 MSDTC - ok
20:13:40.0010 1456 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:13:40.0030 1456 Msfs - ok
20:13:40.0032 1456 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:13:40.0053 1456 mshidkmdf - ok
20:13:40.0055 1456 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:13:40.0063 1456 msisadrv - ok
20:13:40.0069 1456 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:13:40.0097 1456 MSiSCSI - ok
20:13:40.0098 1456 msiserver - ok
20:13:40.0101 1456 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:13:40.0122 1456 MSKSSRV - ok
20:13:40.0128 1456 MsMpSvc (157e9e498206a3366baa7e4697bdd947) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
20:13:40.0137 1456 MsMpSvc - ok
20:13:40.0139 1456 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:13:40.0159 1456 MSPCLOCK - ok
20:13:40.0161 1456 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:13:40.0181 1456 MSPQM - ok
20:13:40.0194 1456 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:13:40.0210 1456 MsRPC - ok
20:13:40.0213 1456 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:13:40.0224 1456 mssmbios - ok
20:13:40.0226 1456 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:13:40.0246 1456 MSTEE - ok
20:13:40.0247 1456 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:13:40.0258 1456 MTConfig - ok
20:13:40.0262 1456 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:13:40.0273 1456 Mup - ok
20:13:40.0290 1456 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:13:40.0321 1456 napagent - ok
20:13:40.0332 1456 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:13:40.0349 1456 NativeWifiP - ok
20:13:40.0372 1456 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
20:13:40.0408 1456 NAUpdate - ok
20:13:40.0413 1456 NBVol (daca803a8d732fe5eeaa024ec342f81d) C:\Windows\system32\DRIVERS\NBVol.sys
20:13:40.0423 1456 NBVol - ok
20:13:40.0425 1456 NBVolUp (6208f622e9e35860dfb0753dff56f0c0) C:\Windows\system32\DRIVERS\NBVolUp.sys
20:13:40.0433 1456 NBVolUp - ok
20:13:40.0463 1456 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:13:40.0488 1456 NDIS - ok
20:13:40.0491 1456 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:13:40.0513 1456 NdisCap - ok
20:13:40.0515 1456 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:13:40.0537 1456 NdisTapi - ok
20:13:40.0541 1456 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:13:40.0562 1456 Ndisuio - ok
20:13:40.0569 1456 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:13:40.0593 1456 NdisWan - ok
20:13:40.0596 1456 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:13:40.0618 1456 NDProxy - ok
20:13:40.0622 1456 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:13:40.0644 1456 NetBIOS - ok
20:13:40.0654 1456 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:13:40.0680 1456 NetBT - ok
20:13:40.0683 1456 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:13:40.0695 1456 Netlogon - ok
20:13:40.0708 1456 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:13:40.0737 1456 Netman - ok
20:13:40.0752 1456 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:13:40.0766 1456 NetMsmqActivator - ok
20:13:40.0768 1456 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:13:40.0782 1456 NetPipeActivator - ok
20:13:40.0800 1456 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:13:40.0830 1456 netprofm - ok
20:13:40.0832 1456 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:13:40.0846 1456 NetTcpActivator - ok
20:13:40.0847 1456 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:13:40.0861 1456 NetTcpPortSharing - ok
20:13:40.0871 1456 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:13:40.0882 1456 nfrd960 - ok
20:13:40.0886 1456 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:13:40.0895 1456 NisDrv - ok
20:13:40.0907 1456 NisSrv (566ddd5d82520da01d75f81428ac4c38) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
20:13:40.0925 1456 NisSrv - ok
20:13:40.0937 1456 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:13:40.0966 1456 NlaSvc - ok
20:13:40.0969 1456 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
20:13:40.0978 1456 NPF - ok
20:13:40.0982 1456 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:13:41.0004 1456 Npfs - ok
20:13:41.0007 1456 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:13:41.0032 1456 nsi - ok
20:13:41.0034 1456 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:13:41.0055 1456 nsiproxy - ok
20:13:41.0102 1456 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:13:41.0129 1456 Ntfs - ok
20:13:41.0141 1456 ntk_PowerDVD (7420b2e1f65642129b6e23bd42f752aa) C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
20:13:41.0152 1456 ntk_PowerDVD - ok
20:13:41.0184 1456 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:13:41.0205 1456 Null - ok
20:13:41.0211 1456 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
20:13:41.0224 1456 NVHDA - ok
20:13:41.0883 1456 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:13:41.0999 1456 nvlddmkm - ok
20:13:42.0034 1456 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:13:42.0046 1456 nvraid - ok
20:13:42.0054 1456 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:13:42.0066 1456 nvstor - ok
20:13:42.0091 1456 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
20:13:42.0145 1456 nvsvc - ok
20:13:42.0181 1456 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:13:42.0226 1456 nvUpdatusService - ok
20:13:42.0262 1456 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:13:42.0275 1456 nv_agp - ok
20:13:42.0280 1456 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:13:42.0293 1456 ohci1394 - ok
20:13:42.0302 1456 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:13:42.0324 1456 ose64 - ok
20:13:42.0484 1456 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:13:42.0602 1456 osppsvc - ok
20:13:42.0636 1456 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:13:42.0656 1456 p2pimsvc - ok
20:13:42.0671 1456 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:13:42.0691 1456 p2psvc - ok
20:13:42.0702 1456 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:13:42.0714 1456 Parport - ok
20:13:42.0719 1456 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
20:13:42.0730 1456 partmgr - ok
20:13:42.0737 1456 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:13:42.0757 1456 PcaSvc - ok
20:13:42.0764 1456 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:13:42.0777 1456 pci - ok
20:13:42.0779 1456 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:13:42.0787 1456 pciide - ok
20:13:42.0795 1456 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:13:42.0807 1456 pcmcia - ok
20:13:42.0812 1456 pcouffin (899e41a057038cb5be892fe428bdc576) C:\Windows\system32\Drivers\pcouffin.sys
20:13:42.0830 1456 pcouffin ( UnsignedFile.Multi.Generic ) - warning
20:13:42.0830 1456 pcouffin - detected UnsignedFile.Multi.Generic (1)
20:13:42.0834 1456 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:13:42.0844 1456 pcw - ok
20:13:42.0866 1456 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:13:42.0893 1456 PEAUTH - ok
20:13:42.0928 1456 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
20:13:42.0954 1456 PeerDistSvc - ok
20:13:42.0982 1456 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:13:42.0996 1456 PerfHost - ok
20:13:43.0071 1456 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:13:43.0108 1456 pla - ok
20:13:43.0120 1456 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:13:43.0140 1456 PlugPlay - ok
20:13:43.0144 1456 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:13:43.0158 1456 PNRPAutoReg - ok
20:13:43.0171 1456 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:13:43.0189 1456 PNRPsvc - ok
20:13:43.0197 1456 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
20:13:43.0207 1456 Point64 - ok
20:13:43.0221 1456 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:13:43.0251 1456 PolicyAgent - ok
20:13:43.0260 1456 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:13:43.0288 1456 Power - ok
20:13:43.0295 1456 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:13:43.0317 1456 PptpMiniport - ok
20:13:43.0322 1456 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:13:43.0333 1456 Processor - ok
20:13:43.0334 1456 PROCEXP151 - ok
20:13:43.0343 1456 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
20:13:43.0360 1456 ProfSvc - ok
20:13:43.0362 1456 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:13:43.0374 1456 ProtectedStorage - ok
20:13:43.0380 1456 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:13:43.0402 1456 Psched - ok
20:13:43.0450 1456 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:13:43.0478 1456 ql2300 - ok
20:13:43.0516 1456 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:13:43.0530 1456 ql40xx - ok
20:13:43.0538 1456 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:13:43.0559 1456 QWAVE - ok
20:13:43.0561 1456 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:13:43.0575 1456 QWAVEdrv - ok
20:13:43.0577 1456 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:13:43.0599 1456 RasAcd - ok
20:13:43.0602 1456 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:13:43.0625 1456 RasAgileVpn - ok
20:13:43.0633 1456 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:13:43.0660 1456 RasAuto - ok
20:13:43.0667 1456 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:13:43.0690 1456 Rasl2tp - ok
20:13:43.0702 1456 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:13:43.0733 1456 RasMan - ok
20:13:43.0740 1456 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:13:43.0762 1456 RasPppoe - ok
20:13:43.0767 1456 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:13:43.0791 1456 RasSstp - ok
20:13:43.0801 1456 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:13:43.0827 1456 rdbss - ok
20:13:43.0829 1456 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:13:43.0841 1456 rdpbus - ok
20:13:43.0843 1456 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:13:43.0862 1456 RDPCDD - ok
20:13:43.0868 1456 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
20:13:43.0883 1456 RDPDR - ok
20:13:43.0885 1456 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:13:43.0905 1456 RDPENCDD - ok
20:13:43.0907 1456 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:13:43.0927 1456 RDPREFMP - ok
20:13:44.0329 1456 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
20:13:44.0340 1456 RdpVideoMiniport - ok
20:13:44.0348 1456 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
20:13:44.0360 1456 RDPWD - ok
20:13:44.0370 1456 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:13:44.0384 1456 rdyboost - ok
20:13:44.0388 1456 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:13:44.0414 1456 RemoteAccess - ok
20:13:44.0422 1456 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:13:44.0449 1456 RemoteRegistry - ok
20:13:44.0456 1456 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:13:44.0470 1456 RFCOMM - ok
20:13:44.0477 1456 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe
20:13:44.0500 1456 rpcapd - ok
20:13:44.0506 1456 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:13:44.0531 1456 RpcEptMapper - ok
20:13:44.0533 1456 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:13:44.0545 1456 RpcLocator - ok
20:13:44.0563 1456 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:13:44.0593 1456 RpcSs - ok
20:13:44.0597 1456 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:13:44.0619 1456 rspndr - ok
20:13:44.0622 1456 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:13:44.0634 1456 SamSs - ok
20:13:44.0639 1456 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:13:44.0650 1456 sbp2port - ok
20:13:44.0658 1456 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:13:44.0688 1456 SCardSvr - ok
20:13:44.0691 1456 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:13:44.0712 1456 scfilter - ok
20:13:44.0749 1456 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:13:44.0793 1456 Schedule - ok
20:13:44.0800 1456 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:13:44.0826 1456 SCPolicySvc - ok
20:13:44.0837 1456 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:13:44.0855 1456 SDRSVC - ok
20:13:44.0860 1456 SeagateDashboardService (16b44d246835eac156f8daf0aa4f530c) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
20:13:44.0870 1456 SeagateDashboardService - ok
20:13:44.0878 1456 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:13:44.0900 1456 secdrv - ok
20:13:44.0903 1456 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:13:44.0929 1456 seclogon - ok
20:13:44.0934 1456 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
20:13:44.0960 1456 SENS - ok
20:13:44.0964 1456 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:13:44.0979 1456 SensrSvc - ok
20:13:44.0981 1456 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:13:44.0990 1456 Serenum - ok
20:13:44.0995 1456 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:13:45.0006 1456 Serial - ok
20:13:45.0009 1456 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:13:45.0019 1456 sermouse - ok
20:13:45.0027 1456 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:13:45.0055 1456 SessionEnv - ok
20:13:45.0057 1456 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:13:45.0068 1456 sffdisk - ok
20:13:45.0070 1456 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:13:45.0081 1456 sffp_mmc - ok
20:13:45.0083 1456 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:13:45.0094 1456 sffp_sd - ok
20:13:45.0096 1456 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:13:45.0107 1456 sfloppy - ok
20:13:45.0121 1456 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:13:45.0151 1456 SharedAccess - ok
20:13:45.0165 1456 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:13:45.0195 1456 ShellHWDetection - ok
20:13:45.0198 1456 simptcp (e9e830d540ededed650f906628468548) C:\Windows\System32\tcpsvcs.exe
20:13:45.0212 1456 simptcp - ok
20:13:45.0217 1456 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:13:45.0227 1456 SiSRaid2 - ok
20:13:45.0232 1456 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:13:45.0242 1456 SiSRaid4 - ok
20:13:45.0248 1456 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:13:45.0271 1456 Smb - ok
20:13:45.0277 1456 SMR250 (27f71f20e87fbf177c82ae924f9317f7) C:\Windows\system32\drivers\SMR250.SYS
20:13:45.0289 1456 SMR250 - ok
20:13:45.0295 1456 SNMP (ca62ae004e98374bf7f082cd765eea02) C:\Windows\System32\snmp.exe
20:13:45.0309 1456 SNMP - ok
20:13:45.0311 1456 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:13:45.0326 1456 SNMPTRAP - ok
20:13:45.0328 1456 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:13:45.0336 1456 spldr - ok
20:13:45.0364 1456 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:13:45.0396 1456 Spooler - ok
20:13:45.0522 1456 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:13:45.0577 1456 sppsvc - ok
20:13:45.0612 1456 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:13:45.0639 1456 sppuinotify - ok
20:13:45.0659 1456 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:13:45.0676 1456 srv - ok
20:13:45.0689 1456 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:13:45.0704 1456 srv2 - ok
20:13:45.0711 1456 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:13:45.0726 1456 srvnet - ok
20:13:45.0734 1456 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:13:45.0763 1456 SSDPSRV - ok
20:13:45.0768 1456 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:13:45.0809 1456 SstpSvc - ok
20:13:45.0813 1456 Steam Client Service - ok
20:13:45.0816 1456 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:13:45.0826 1456 stexstor - ok
20:13:45.0830 1456 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
20:13:45.0841 1456 StillCam - ok
20:13:45.0864 1456 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:13:45.0888 1456 stisvc - ok
20:13:45.0891 1456 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:13:45.0900 1456 swenum - ok
20:13:45.0918 1456 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:13:45.0955 1456 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
20:13:45.0955 1456 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
20:13:45.0973 1456 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:13:46.0004 1456 swprv - ok
20:13:46.0006 1456 Synth3dVsc - ok
20:13:46.0055 1456 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:13:46.0087 1456 SysMain - ok
20:13:46.0119 1456 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:13:46.0138 1456 TabletInputService - ok
20:13:46.0151 1456 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:13:46.0181 1456 TapiSrv - ok
20:13:46.0185 1456 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:13:46.0211 1456 TBS - ok
20:13:46.0265 1456 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
20:13:46.0297 1456 Tcpip - ok
20:13:46.0381 1456 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
20:13:46.0409 1456 TCPIP6 - ok
20:13:46.0439 1456 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:13:46.0462 1456 tcpipreg - ok
20:13:46.0465 1456 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:13:46.0475 1456 TDPIPE - ok
20:13:46.0477 1456 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:13:46.0487 1456 TDTCP - ok
20:13:46.0493 1456 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:13:46.0517 1456 tdx - ok
20:13:46.0593 1456 TeamViewer7 (2bbb318ea9f34fdc508cea4aab98d770) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
20:13:46.0999 1456 TeamViewer7 - ok
20:13:47.0160 1456 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:13:47.0173 1456 TermDD - ok
20:13:47.0196 1456 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:13:47.0230 1456 TermService - ok
20:13:47.0233 1456 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:13:47.0251 1456 Themes - ok
20:13:47.0255 1456 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:13:47.0280 1456 THREADORDER - ok
20:13:47.0286 1456 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:13:47.0313 1456 TrkWks - ok
20:13:47.0323 1456 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:13:47.0351 1456 TrustedInstaller - ok
20:13:47.0355 1456 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:13:47.0376 1456 tssecsrv - ok
20:13:47.0380 1456 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:13:47.0391 1456 TsUsbFlt - ok
20:13:47.0392 1456 tsusbhub - ok
20:13:47.0399 1456 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:13:47.0423 1456 tunnel - ok
20:13:47.0428 1456 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:13:47.0439 1456 uagp35 - ok
20:13:47.0452 1456 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:13:47.0477 1456 udfs - ok
20:13:47.0482 1456 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:13:47.0496 1456 UI0Detect - ok
20:13:47.0501 1456 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:13:47.0511 1456 uliagpkx - ok
20:13:47.0515 1456 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
20:13:47.0525 1456 umbus - ok
20:13:47.0527 1456 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:13:47.0537 1456 UmPass - ok
20:13:47.0547 1456 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
20:13:47.0563 1456 UmRdpService - ok
20:13:47.0569 1456 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys
20:13:47.0576 1456 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
20:13:47.0576 1456 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
20:13:47.0589 1456 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:13:47.0619 1456 upnphost - ok
20:13:47.0624 1456 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
20:13:47.0643 1456 USBAAPL64 - ok
20:13:47.0649 1456 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
20:13:47.0664 1456 usbaudio - ok
20:13:47.0672 1456 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:13:47.0683 1456 usbccgp - ok
20:13:47.0689 1456 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:13:47.0702 1456 usbcir - ok
20:13:47.0705 1456 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:13:47.0715 1456 usbehci - ok
20:13:47.0729 1456 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:13:47.0745 1456 usbhub - ok
20:13:47.0747 1456 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:13:47.0756 1456 usbohci - ok
20:13:47.0759 1456 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:13:47.0770 1456 usbprint - ok
20:13:47.0774 1456 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:13:47.0785 1456 USBSTOR - ok
20:13:47.0788 1456 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:13:47.0798 1456 usbuhci - ok
20:13:47.0801 1456 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:13:47.0828 1456 UxSms - ok
20:13:47.0830 1456 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:13:47.0842 1456 VaultSvc - ok
20:13:47.0863 1456 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
20:13:47.0873 1456 VClone - ok
20:13:47.0877 1456 VDiskBus (1d3d716e05caa17122de65d0dba4f6d7) C:\Windows\system32\DRIVERS\VDiskBus64.sys
20:13:47.0887 1456 VDiskBus - ok
20:13:47.0890 1456 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:13:47.0899 1456 vdrvroot - ok
20:13:47.0915 1456 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:13:47.0944 1456 vds - ok
20:13:47.0947 1456 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:13:47.0959 1456 vga - ok
20:13:47.0961 1456 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:13:47.0982 1456 VgaSave - ok
20:13:47.0984 1456 VGPU - ok
20:13:47.0992 1456 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:13:48.0005 1456 vhdmp - ok
20:13:48.0007 1456 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:13:48.0016 1456 viaide - ok
20:13:48.0018 1456 vmci - ok
20:13:48.0020 1456 VMnetAdapter - ok
20:13:48.0025 1456 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:13:48.0036 1456 volmgr - ok
20:13:48.0052 1456 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:13:48.0067 1456 volmgrx - ok
20:13:48.0080 1456 volsnap (df8126bd41180351a093a3ad2fc8903b) C:\Windows\system32\drivers\volsnap.sys
20:13:48.0094 1456 volsnap - ok
20:13:48.0114 1456 vpnagent (1ca935adf4353a6e27c4affa2e2708c5) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
20:13:48.0136 1456 vpnagent - ok
20:13:48.0138 1456 vpnva (e526a69d932538ae8bc96b3f4a5a90b1) C:\Windows\system32\DRIVERS\vpnva64.sys
20:13:48.0147 1456 vpnva - ok
20:13:48.0154 1456 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:13:48.0166 1456 vsmraid - ok
20:13:48.0218 1456 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:13:48.0261 1456 VSS - ok
20:13:48.0296 1456 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
20:13:48.0308 1456 vwifibus - ok
20:13:48.0322 1456 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:13:48.0353 1456 W32Time - ok
20:13:48.0356 1456 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:13:48.0367 1456 WacomPen - ok
20:13:48.0372 1456 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:13:48.0396 1456 WANARP - ok
20:13:48.0397 1456 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:13:48.0420 1456 Wanarpv6 - ok
20:13:48.0464 1456 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:13:48.0584 1456 WatAdminSvc - ok
20:13:48.0622 1456 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:13:48.0659 1456 wbengine - ok
20:13:48.0697 1456 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:13:48.0716 1456 WbioSrvc - ok
20:13:48.0730 1456 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:13:48.0750 1456 wcncsvc - ok
20:13:48.0754 1456 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:13:48.0769 1456 WcsPlugInService - ok
20:13:48.0776 1456 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:13:48.0786 1456 Wd - ok
20:13:48.0807 1456 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:13:48.0824 1456 Wdf01000 - ok
20:13:48.0830 1456 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:13:48.0849 1456 WdiServiceHost - ok
20:13:48.0850 1456 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:13:48.0868 1456 WdiSystemHost - ok
20:13:48.0880 1456 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:13:48.0901 1456 WebClient - ok
20:13:48.0914 1456 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:13:48.0943 1456 Wecsvc - ok
20:13:48.0950 1456 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:13:48.0979 1456 wercplsupport - ok
20:13:48.0984 1456 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:13:49.0011 1456 WerSvc - ok
20:13:49.0020 1456 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:13:49.0041 1456 WfpLwf - ok
20:13:49.0043 1456 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:13:49.0052 1456 WIMMount - ok
20:13:49.0056 1456 WinDefend - ok
20:13:49.0058 1456 WinHttpAutoProxySvc - ok
20:13:49.0072 1456 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:13:49.0100 1456 Winmgmt - ok
20:13:49.0155 1456 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:13:49.0198 1456 WinRM - ok
20:13:49.0226 1456 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:13:49.0242 1456 WinUsb - ok
20:13:49.0271 1456 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:13:49.0298 1456 Wlansvc - ok
20:13:49.0360 1456 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:13:49.0416 1456 wlidsvc - ok
20:13:49.0451 1456 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:13:49.0461 1456 WmiAcpi - ok
20:13:49.0474 1456 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:13:49.0489 1456 wmiApSrv - ok
20:13:49.0493 1456 WMPNetworkSvc - ok
20:13:49.0496 1456 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:13:49.0510 1456 WPCSvc - ok
20:13:49.0518 1456 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:13:49.0536 1456 WPDBusEnum - ok
20:13:49.0841 1456 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:13:49.0862 1456 ws2ifsl - ok
20:13:49.0867 1456 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
20:13:49.0886 1456 wscsvc - ok
20:13:49.0897 1456 WSearch - ok
20:13:49.0966 1456 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
20:13:50.0008 1456 wuauserv - ok
20:13:50.0046 1456 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:13:50.0070 1456 WudfPf - ok
20:13:50.0078 1456 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:13:50.0102 1456 WUDFRd - ok
20:13:50.0107 1456 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:13:50.0133 1456 wudfsvc - ok
20:13:50.0145 1456 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:13:50.0165 1456 WwanSvc - ok
20:13:50.0170 1456 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
20:13:50.0179 1456 xusb21 - ok
20:13:50.0189 1456 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
20:13:50.0278 1456 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
20:13:50.0283 1456 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:13:50.0363 1456 \Device\Harddisk0\DR0 - ok
20:13:50.0364 1456 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
20:13:50.0422 1456 \Device\Harddisk1\DR1 - ok
20:13:50.0425 1456 Boot (0x1200) (bb030efcb770a3eea258c1b3a0ecdd27) \Device\Harddisk0\DR0\Partition0
20:13:50.0426 1456 \Device\Harddisk0\DR0\Partition0 - ok
20:13:50.0427 1456 Boot (0x1200) (fbbfcccc6cac1aa5e3b02e8c391b63b6) \Device\Harddisk1\DR1\Partition0
20:13:50.0428 1456 \Device\Harddisk1\DR1\Partition0 - ok
20:13:50.0428 1456 ============================================================
20:13:50.0428 1456 Scan finished
20:13:50.0428 1456 ============================================================
20:13:50.0431 4664 Detected object count: 3
20:13:50.0431 4664 Actual detected object count: 3
20:14:59.0600 4664 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:59.0600 4664 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:59.0601 4664 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:59.0601 4664 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:14:59.0601 4664 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:59.0601 4664 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:15:01.0408 8000 Deinitialize success



2.) Security Check


Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java™ 6 Update 31
Java™ 7 Update 5
Adobe Reader X (10.1.3)
Mozilla Firefox (9.0.1)
Google Chrome 21.0.1180.60
Google Chrome 21.0.1180.75
Google Chrome VisualElementsManifest.xml..
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
Windows Defender MSMpEng.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 51% Defragment your hard drive soon!
````````````````````End of Log``````````````````````



3.) Farbar

Farbar Service Scanner Version: 06-08-2012
Ran by MYUSERNAME1 (administrator) on 10-08-2012 at 20:18:04
Running from "C:\Users\MYUSERNAME1\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


4.) MiniToolBox


MiniToolBox by Farbar Version: 23-07-2012
Ran by MYUSERNAME1 (administrator) on 10-08-2012 at 20:19:41
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost


127.0.0.1 localhost

========================= IP Configuration: ================================

Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = Local Area Connection 2 (Disconnected)
Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled metric=1 nud=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MYPC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.ca.comcast.net.
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 54-04-A6-2F-50-B1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7ce6:eb1b:7950:436b%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.169.169(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, August 10, 2012 9:00:06 AM
Lease Expires . . . . . . . . . . : Saturday, August 11, 2012 9:00:06 AM
Default Gateway . . . . . . . . . : 192.168.169.254
DHCP Server . . . . . . . . . . . : 192.168.169.254
DHCPv6 IAID . . . . . . . . . . . : 290718886
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-B6-3E-30-54-04-A6-2F-50-B1
DNS Servers . . . . . . . . . . . : 8.8.8.8
4.2.2.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:cd0:b6c:3f57:5656(Preferred)
Link-local IPv6 Address . . . . . : fe80::cd0:b6c:3f57:5656%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.ca.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ca.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: google.com
Addresses: 2001:4860:4001:801::1003
74.125.224.64
74.125.224.65
74.125.224.69
74.125.224.71
74.125.224.78
74.125.224.66
74.125.224.73
74.125.224.67
74.125.224.68
74.125.224.70
74.125.224.72


Pinging google.com [74.125.224.64] with 32 bytes of data:
Reply from 74.125.224.64: bytes=32 time=25ms TTL=54
Reply from 74.125.224.64: bytes=32 time=23ms TTL=54

Ping statistics for 74.125.224.64:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 25ms, Average = 24ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 72.30.38.140
209.191.122.70
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=25ms TTL=52
Reply from 72.30.38.140: bytes=32 time=95ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 25ms, Maximum = 95ms, Average = 60ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms
===========================================================================
Interface List
10...54 04 a6 2f 50 b1 ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.169.254 192.168.169.169 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.169.0 255.255.255.0 On-link 192.168.169.169 266
192.168.169.169 255.255.255.255 On-link 192.168.169.169 266
192.168.169.255 255.255.255.255 On-link 192.168.169.169 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.169.169 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.169.169 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/10/2012 10:59:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/10/2012 09:00:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 09:49:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 09:31:10 PM) (Source: cscan) (User: )
Description: [cscan][error][run] scan failed.

Error: (08/09/2012 09:13:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: sidebar.exe, version: 6.1.7601.17514, time stamp: 0x4ce7a1c7
Faulting module name: RPCRT4.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c96e
Exception code: 0xc0000005
Fault offset: 0x000000000004b848
Faulting process id: 0x%9
Faulting application start time: 0xsidebar.exe0
Faulting application path: sidebar.exe1
Faulting module path: sidebar.exe2
Report Id: sidebar.exe3

Error: (08/09/2012 01:01:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 00:38:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/08/2012 00:33:54 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/07/2012 10:02:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2012 09:43:28 PM) (Source: cscan) (User: )
Description: [cscan][error][run] scan failed.


System errors:
=============
Error: (08/10/2012 09:00:06 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/10/2012 09:00:04 AM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (08/10/2012 08:59:56 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/10/2012 08:59:56 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/09/2012 09:49:14 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/09/2012 09:49:12 PM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (08/09/2012 09:49:08 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/09/2012 09:49:07 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/09/2012 01:01:49 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/09/2012 01:01:38 PM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.


Microsoft Office Sessions:
=========================
Error: (08/10/2012 10:59:55 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/10/2012 09:00:05 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 09:49:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 09:31:10 PM) (Source: cscan)(User: )
Description: [cscan][error][run] scan failed.

Error: (08/09/2012 09:13:51 PM) (Source: Application Error)(User: )
Description: sidebar.exe6.1.7601.175144ce7a1c7RPCRT4.dll6.1.7601.175144ce7c96ec0000005000000000004b848

Error: (08/09/2012 01:01:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/09/2012 00:38:39 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/08/2012 00:33:54 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/07/2012 10:02:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2012 09:43:28 PM) (Source: cscan)(User: )
Description: [cscan][error][run] scan failed.


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Application Verifier (x64) (Version: 4.1.1078)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.1.0)
AutoHotkey 1.0.48.05 (Version: 1.0.48.05)
Bluetooth Win7 Suite (64) (Version: 7.2.0.65)
Bonjour (Version: 3.0.0.10)
Cain & Abel v4.9.43
CCleaner (Version: 3.20)
Cisco AnyConnect VPN Client (Version: 2.5.2001)
CloneCD
CloneDVD 4.1.0.23
CloneDVD2 (Version: 2.9.2.8)
Core Temp 1.0 RC2 (Version: 1.0)
CPUID CPU-Z 1.59
CPUID HWMonitor 1.18
CutePDF Writer 2.8
CyberLink PowerDVD 11 (Version: 11.0.2408.53)
Debugging Tools for Windows (x64) (Version: 6.12.2.633)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Disk Unlocker (Version: 2.0.8)
Dota 2
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Enterasys NAC Assessment Agent (Version: 1.5.4.0)
ESET Online Scanner v3
EVGA OC Scanner 1.8.2
EVGA Precision X 3.0.3 (Version: 3.0.3)
F.lux
Facebook Messenger 2.1.4590.0 (Version: 2.1.4590.0)
Fallout: New Vegas
Fieldrunners
FileZilla Client 3.5.3 (Version: 3.5.3)
Geosense for Windows (Version: 1.2.0.0)
Google Chrome (Version: 21.0.1180.75)
Google Drive (Version: 1.3.3209.2688)
Google Talk (remove only)
Google Talk Plugin (Version: 3.3.3.8675)
Google Update Helper (Version: 1.3.21.115)
High-Definition Video Playback (Version: 11.1.10500.2.65)
Hulu Desktop (Version: 0.9.14)
ImgBurn (Version: 2.5.7.0)
Intel® Management Engine Components (Version: 8.0.2.1410)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)
Intel® Processor Graphics (Version: 8.15.10.2405)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
Intel® Watchdog Timer Driver (Intel® WDT)
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (64-bit) (Version: 7.0.50)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
JDiskReport 1.4.0 (Version: 1.4.0 (2012-01-20 11:38:43))
JMicron JMB36X Driver (Version: 1.17.58.2)
K-Lite Codec Pack 8.2.0 (Full) (Version: 8.2.0)
Magic Online (Version: 3.00.0000)
Magic: The Gathering — Duels of the Planeswalkers 2012
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 5.1.10516.0)
Microsoft Visual C++ Compilers 2010 Standard - enu - x64 (Version: 10.0.30319)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Performance Toolkit (Version: 4.8.0)
Microsoft Windows SDK .NET Framework Tools (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.7600.0.30514)
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Samples (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514)
Microsoft Windows SDK Intellisense and Reference Assemblies (30514) (Version: 7.1.30514)
Microsoft Windows SDK MSHelp (30514) (Version: 7.1.30514)
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514) (Version: 7.1.30514)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
Mumble 1.2.3 (Version: 1.2.3)
NeoTrace Pro 3.25
Nero 11 (Version: 11.0.11200)
Nero 11 Disc Menus Basic (Version: 11.0.11200.12.0)
Nero 11 Effects Basic (Version: 11.0.11400.14.0)
Nero 11 Image Samples (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0)
Nero 11 PiP Effects Basic (Version: 11.0.11400.14.0)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp 11 (Version: 6.0.18000.19.100)
Nero BackItUp 11 Help (CHM) (Version: 11.0.10200)
Nero Backup Drivers (Version: 1.0.11100.8.0)
Nero Burning ROM 11 (Version: 11.0.12500.24.100)
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300)
Nero ControlCenter 11 (Version: 11.0.12700.0.27)
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300)
Nero Core Components 11 (Version: 11.0.15600.1.17)
Nero CoverDesigner 11 (Version: 6.0.10800.11.100)
Nero CoverDesigner 11 Help (CHM) (Version: 11.0.10300)
Nero Express 11 (Version: 11.0.11900.24.100)
Nero Express 11 Help (CHM) (Version: 11.0.10300)
Nero Kwik Media (Version: 1.10.24000.138.100)
Nero Kwik Media Help (CHM) (Version: 11.0.10200)
Nero Recode 11 (Version: 5.0.13800.37.100)
Nero Recode 11 Help (CHM) (Version: 11.0.10300)
Nero RescueAgent 11 (Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400)
Nero SoundTrax 11 (Version: 5.0.10700.6.100)
Nero SoundTrax 11 Help (CHM) (Version: 11.0.10400)
Nero Update (Version: 11.0.11500.28.0)
Nero Video 11 (Version: 8.0.14600.27.100)
Nero Video 11 Help (CHM) (Version: 11.0.10300)
Nero WaveEditor 11 (Version: 6.0.11100.7.100)
Nero WaveEditor 11 Help (CHM) (Version: 11.0.10400)
nero.prerequisites.msi (Version: 11.0.20008)
Ninja Reflex: Steamworks Edition
NortonVRQ (Version: 5.0.8.1)
Notepad++ (Version: 5.9.8)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
OpenAL
Opera 12.01 (Version: 12.01.1532)
Osmos
Paint.NET v3.5.10 (Version: 3.60.0)
PDF Settings CS6 (Version: 11.0)
Picasa 3 (Version: 3.8)
Pidgin (Version: 2.10.1)
Project64 1.6 (Version: 1.6)
PuTTY version 0.62 (Version: 0.62)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6251)
Reaxxion
Recuva (Version: 1.42)
Safari (Version: 5.34.57.2)
Screencast-O-Matic
Seagate Dashboard (Version: 1.1.0.1421)
Skype™ 5.5 (Version: 5.5.124)
Spark 2.6.3.12555
Spotify (Version: 0.8.4.107.g4fa0003f)
Steam (Version: 1.0.0.0)
TeamViewer 7 (Version: 7.0.13989)
TeraCopy 2.27
The Elder Scrolls V: Skyrim
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
VirtualCloneDrive
VLC media player 2.0.1 (Version: 2.0.1)
VNC Free Edition 4.1.3 (Version: 4.1.3)
welcome (Version: 11.0.21500.0.4)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows SDK IntellisenseNFX (Version: 7.1.30514)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinSCP 4.3.6 (Version: 4.3.6)
Wireshark 1.6.8 (64-bit) (Version: 1.6.8)
Worms Reloaded
Yahoo! Messenger

========================= Devices: ================================

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ASUS Bluetooth
Description: ASUS Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dell USB Smartcard Keyboard
Description: Dell USB Smartcard Keyboard
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 16351.09 MB
Available physical RAM: 12851.71 MB
Total Pagefile: 33724.38 MB
Available Pagefile: 29767.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.79 MB

========================= Partitions: =====================================

2 Drive c: (SSD120) (Fixed) (Total:111.79 GB) (Free:27.01 GB) NTFS
3 Drive d: (SATA600) (Fixed) (Total:596.17 GB) (Free:205.45 GB) NTFS

========================= Users: ========================================

User accounts for \\MYPC

MYUSERNAME1 Administrator Guest
MYUSERNAME2 UpdatusUser

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

03-08-2012 18:39:03 Removed ASUS PC Diagnostics
03-08-2012 18:39:30 Removed Folding@home-gpu
03-08-2012 18:39:38 Removed Folding@home-x86
03-08-2012 18:58:41 Windows Update
07-08-2012 14:30:49 Windows Update

**** End of log ****



5.) Malicious IPs
I don't know of those companies and have no dealings with any out of country companies. I've not traded in any bitcoin or litecoin. I only mined for them for a bit. I don't notice any malware symptoms on my computer, just blocked IP notifications by mbam once in a while. The blocked incoming is understandable to me if I was port scanned and remote hosts tried to query open bitcoin and litecoin ports, however the blocked outgoing is what i'm really disturbed about.

Thank You :)

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:18 PM

Posted 11 August 2012 - 07:54 AM

Hi

There is lots of outdated software you have installed, also a defrag of your hard drives is needed.
- We'll deal with these later.

:step1:

Going over your logs I noticed that you have µTorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • P2p programs share a directory or set of directories on your computer to the world. Anyone can type in a search, and potentially download something from your computer. This makes the machine an open web server -- massively increasing the attack surface of the machine.
  • To reduce the risk of infection avoid using any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent , however that choice is up to you.

If you choose to remove these programs, you can do so via:

  • Click the "Windows Orb" button - Posted Image.
  • Click Control Panel then Programs and Features..

If you wish to keep it, please do not use it until your computer is cleaned.


:step2:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step3:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step4:

How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 PTE

PTE
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 11 August 2012 - 05:01 PM

Thank you for your reply.

1.) I understand the risks associated with P2P and µTorrent. For the most part I use it only for downloading Linux ISOs and other large files. I chose to keep it installed on my system.

2.) I ran MBAM and it did find one object (abel.exe). I have installed this application on my system and use it to audit the security of my PC and the others in my household. I did not remove that file.
Here is the log:

Malwarebytes Anti-Malware (PRO) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.11.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
MYUSERNAME1 :: MYPC [administrator]

Protection: Enabled

8/11/2012 10:04:14 AM
mbam-log-2012-08-11 (10-27-56).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 474016
Time elapsed: 12 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\Cain\Abel.exe (HackTool.Cain) -> No action taken.

(end)


3.) I scanned with ESET online scanner, however I did not have remove found threats checked as there is no option to reverse it or selectively allow the deletions.
Here is that log:


C:\Program Files (x86)\Cain\Abel.exe a variant of Win32/CainAbel.AA application
C:\Program Files (x86)\Cain\Cain.exe a variant of Win32/CainAbel application
C:\Users\MYUSERNAME1\bin\cgminer-2.4.4-win32\cgminer.exe a variant of Win32/BitCoinMiner.D application
D:\Downloads\Hirens.BootCD.14.0.zip Win32/PSWTool.KonBoot.A application
D:\Downloads\HirensBootCD-14\Hiren's.BootCD.14.0.iso Win32/PSWTool.KonBoot.A application


4.) The computer is still running fast and I don't get any redirections or any other malware symptoms that I can see...

5.) I haven't yet, but pending your response I'm planning to delete cgiminer since I can use another application for mining...

Again,
Thank You :)

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:18 PM

Posted 13 August 2012 - 04:12 PM

please see this post for more info on MBAM's IP blocking feature

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 PTE

PTE
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 14 August 2012 - 07:58 PM

thank you

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:18 PM

Posted 16 August 2012 - 04:17 PM

Hi

there is no option to reverse it

There is a way to reverse the deletions - they are quarantined in a folder, and can be retrieved from that folder using the ESET online scanner.

Since it's been a few days since SecurityCheck and Minitoolbox were run:

:step1:

Please delete Security Check on your desktop as it is outdated.

  • Download the latest version of Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.

:step2:


Please delete Minitoolbox on your desktop.

Then download the latest version of MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 PTE

PTE
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 18 August 2012 - 08:26 PM

Here are my current logs:


SECURITY CHECK:

Results of screen317's Security Check version 0.99.46
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java™ 6 Update 31
Java™ 7 Update 5
Java version out of Date!
Adobe Reader X (10.1.4)
Mozilla Firefox (9.0.1)
Google Chrome 21.0.1180.77
Google Chrome 21.0.1180.79
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
Windows Defender MSMpEng.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 50% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````


MiniTOOLBOX:

MiniToolBox by Farbar Version: 23-07-2012
Ran by MYUSERNAME1 (administrator) on 18-08-2012 at 18:21:44
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost


127.0.0.1 localhost

========================= IP Configuration: ================================

Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = Local Area Connection 2 (Disconnected)
Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled metric=1 nud=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MYPC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.ca.comcast.net.
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 54-04-A6-2F-50-B1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7ce6:eb1b:7950:436b%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, August 18, 2012 7:18:31 AM
Lease Expires . . . . . . . . . . : Saturday, August 25, 2012 7:18:30 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 290718886
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-B6-3E-30-54-04-A6-2F-50-B1
DNS Servers . . . . . . . . . . . : 8.8.8.8
4.2.2.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:34d1:1a1f:cd7c:3c61(Preferred)
Link-local IPv6 Address . . . . . : fe80::34d1:1a1f:cd7c:3c61%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.ca.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ca.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: google.com
Addresses: 2001:4860:4001:801::1004
74.125.224.98
74.125.224.100
74.125.224.101
74.125.224.99
74.125.224.103
74.125.224.96
74.125.224.104
74.125.224.102
74.125.224.97
74.125.224.105
74.125.224.110


Pinging google.com [74.125.224.98] with 32 bytes of data:
Reply from 74.125.224.98: bytes=32 time=18ms TTL=56
Reply from 74.125.224.98: bytes=32 time=19ms TTL=56

Ping statistics for 74.125.224.98:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 19ms, Average = 18ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=78ms TTL=48
Reply from 98.138.253.109: bytes=32 time=105ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 78ms, Maximum = 105ms, Average = 91ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
===========================================================================
Interface List
10...54 04 a6 2f 50 b1 ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 276
192.168.1.101 255.255.255.255 On-link 192.168.1.101 276
192.168.1.255 255.255.255.255 On-link 192.168.1.101 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/18/2012 06:17:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/18/2012 03:44:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/18/2012 07:18:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2012 08:37:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/16/2012 05:23:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/16/2012 04:42:03 PM) (Source: Chrome) (User: HyperKind)HyperKind
Description: Chrome has encountered a fatal error.
ver=21.0.1180.79;is_machine=0;minidump=C:\Users\4est\AppData\Local\Google\CrashReports\3bdf041d-6de2-40d1-8b0b-b0649ed563a3.dmp

Error: (08/16/2012 04:40:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2012 04:20:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2012 03:26:33 PM) (Source: cscan) (User: )
Description: [cscan][error][run] scan failed.

Error: (08/15/2012 07:59:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/18/2012 07:18:42 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/18/2012 07:18:30 AM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (08/18/2012 07:18:26 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/18/2012 07:18:25 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/17/2012 01:01:25 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 11.0 Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/16/2012 04:40:15 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/16/2012 04:40:04 PM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (08/16/2012 04:40:00 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/16/2012 04:39:58 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/16/2012 04:20:19 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842


Microsoft Office Sessions:
=========================
Error: (08/18/2012 06:17:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\4est\Downloads\esetsmartinstaller_enu.exe

Error: (08/18/2012 03:44:19 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/18/2012 07:18:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2012 08:37:50 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/16/2012 05:23:36 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/16/2012 04:42:03 PM) (Source: Chrome)(User: HyperKind)HyperKind
Description: Chrome has encountered a fatal error.
ver=21.0.1180.79;is_machine=0;minidump=C:\Users\4est\AppData\Local\Google\CrashReports\3bdf041d-6de2-40d1-8b0b-b0649ed563a3.dmp

Error: (08/16/2012 04:40:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/16/2012 04:20:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2012 03:26:33 PM) (Source: cscan)(User: )
Description: [cscan][error][run] scan failed.

Error: (08/15/2012 07:59:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Application Verifier (x64) (Version: 4.1.1078)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.1.0)
AutoHotkey 1.0.48.05 (Version: 1.0.48.05)
Bluetooth Win7 Suite (64) (Version: 7.2.0.65)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-J835DW (Version: 1.0.19.0)
Cain & Abel v4.9.43
CCleaner (Version: 3.20)
Cisco AnyConnect VPN Client (Version: 2.5.2001)
CloneCD
CloneDVD 4.1.0.23
CloneDVD2 (Version: 2.9.2.8)
Core Temp 1.0 RC2 (Version: 1.0)
CPUID CPU-Z 1.59
CPUID HWMonitor 1.18
CutePDF Writer 2.8
CyberLink PowerDVD 11 (Version: 11.0.2408.53)
Debugging Tools for Windows (x64) (Version: 6.12.2.633)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Disk Unlocker (Version: 2.0.8)
Dota 2
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Enterasys NAC Assessment Agent (Version: 1.5.4.0)
ESET Online Scanner v3
EVGA OC Scanner 1.8.2
EVGA Precision X 3.0.3 (Version: 3.0.3)
F.lux
Facebook Messenger 2.1.4590.0 (Version: 2.1.4590.0)
Fallout: New Vegas
Fieldrunners
FileZilla Client 3.5.3 (Version: 3.5.3)
Geosense for Windows (Version: 1.2.0.0)
Google Chrome (Version: 21.0.1180.79)
Google Drive (Version: 1.3.3209.2688)
Google Earth (Version: 6.2.2.6613)
Google Talk (remove only)
Google Talk Plugin (Version: 3.4.2.8800)
Google Update Helper (Version: 1.3.21.115)
High-Definition Video Playback (Version: 11.1.10500.2.65)
Hulu Desktop (Version: 0.9.14)
ImgBurn (Version: 2.5.7.0)
Intel® Management Engine Components (Version: 8.0.2.1410)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)
Intel® Processor Graphics (Version: 8.15.10.2405)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
Intel® Watchdog Timer Driver (Intel® WDT)
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 5 (64-bit) (Version: 7.0.50)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
JDiskReport 1.4.0 (Version: 1.4.0 (2012-01-20 11:38:43))
JMicron JMB36X Driver (Version: 1.17.58.2)
K-Lite Codec Pack 8.2.0 (Full) (Version: 8.2.0)
Magic Online (Version: 3.00.0000)
Magic: The Gathering — Duels of the Planeswalkers 2012
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 5.1.10516.0)
Microsoft Visual C++ Compilers 2010 Standard - enu - x64 (Version: 10.0.30319)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Performance Toolkit (Version: 4.8.0)
Microsoft Windows SDK .NET Framework Tools (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.7600.0.30514)
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Samples (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514)
Microsoft Windows SDK Intellisense and Reference Assemblies (30514) (Version: 7.1.30514)
Microsoft Windows SDK MSHelp (30514) (Version: 7.1.30514)
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514) (Version: 7.1.30514)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
Mumble 1.2.3 (Version: 1.2.3)
NeoTrace Pro 3.25
Nero 11 (Version: 11.0.11200)
Nero 11 Disc Menus Basic (Version: 11.0.11200.12.0)
Nero 11 Effects Basic (Version: 11.0.11400.14.0)
Nero 11 Image Samples (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0)
Nero 11 PiP Effects Basic (Version: 11.0.11400.14.0)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp 11 (Version: 6.0.18000.19.100)
Nero BackItUp 11 Help (CHM) (Version: 11.0.10200)
Nero Backup Drivers (Version: 1.0.11100.8.0)
Nero Burning ROM 11 (Version: 11.0.12500.24.100)
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300)
Nero ControlCenter 11 (Version: 11.0.12700.0.27)
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300)
Nero Core Components 11 (Version: 11.0.15600.1.17)
Nero CoverDesigner 11 (Version: 6.0.10800.11.100)
Nero CoverDesigner 11 Help (CHM) (Version: 11.0.10300)
Nero Express 11 (Version: 11.0.11900.24.100)
Nero Express 11 Help (CHM) (Version: 11.0.10300)
Nero Kwik Media (Version: 1.10.24000.138.100)
Nero Kwik Media Help (CHM) (Version: 11.0.10200)
Nero Recode 11 (Version: 5.0.13800.37.100)
Nero Recode 11 Help (CHM) (Version: 11.0.10300)
Nero RescueAgent 11 (Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400)
Nero SoundTrax 11 (Version: 5.0.10700.6.100)
Nero SoundTrax 11 Help (CHM) (Version: 11.0.10400)
Nero Update (Version: 11.0.11500.28.0)
Nero Video 11 (Version: 8.0.14600.27.100)
Nero Video 11 Help (CHM) (Version: 11.0.10300)
Nero WaveEditor 11 (Version: 6.0.11100.7.100)
Nero WaveEditor 11 Help (CHM) (Version: 11.0.10400)
nero.prerequisites.msi (Version: 11.0.20008)
Ninja Reflex: Steamworks Edition
NortonVRQ (Version: 5.0.8.1)
Notepad++ (Version: 5.9.8)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
OpenAL
Opera 12.01 (Version: 12.01.1532)
Osmos
Paint.NET v3.5.10 (Version: 3.60.0)
PDF Settings CS6 (Version: 11.0)
Picasa 3 (Version: 3.8)
Pidgin (Version: 2.10.1)
Project64 1.6 (Version: 1.6)
PuTTY version 0.62 (Version: 0.62)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6251)
Reaxxion
Recuva (Version: 1.42)
Safari (Version: 5.34.57.2)
Screencast-O-Matic
Seagate Dashboard (Version: 1.1.0.1421)
Skype™ 5.5 (Version: 5.5.124)
Spark 2.6.3.12555
Spotify (Version: 0.8.4.107.g4fa0003f)
Steam (Version: 1.0.0.0)
TeamViewer 7 (Version: 7.0.13989)
TeraCopy 2.27
The Elder Scrolls V: Skyrim
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
VirtualCloneDrive
VLC media player 2.0.1 (Version: 2.0.1)
VNC Free Edition 4.1.3 (Version: 4.1.3)
welcome (Version: 11.0.21500.0.4)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows SDK IntellisenseNFX (Version: 7.1.30514)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinSCP 4.3.6 (Version: 4.3.6)
Wireshark 1.6.8 (64-bit) (Version: 1.6.8)
Worms Reloaded
Yahoo! Messenger

========================= Devices: ================================

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ASUS Bluetooth
Description: ASUS Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dell USB Smartcard Keyboard
Description: Dell USB Smartcard Keyboard
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 16351.09 MB
Available physical RAM: 13253.81 MB
Total Pagefile: 33724.38 MB
Available Pagefile: 30409.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.28 MB

========================= Partitions: =====================================

2 Drive c: (SSD120) (Fixed) (Total:111.79 GB) (Free:25.13 GB) NTFS
3 Drive d: (SATA600) (Fixed) (Total:596.17 GB) (Free:202.62 GB) NTFS

========================= Users: ========================================

User accounts for \\MYPC

MYUSERNAME1 Administrator Guest
MYUSERNAME2 UpdatusUser

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

11-08-2012 17:09:21 Windows Update
14-08-2012 00:59:16 Installed Brother Software Suite
14-08-2012 00:59:41 Device Driver Package Install: Brother Imaging devices
15-08-2012 01:10:45 Windows Update
15-08-2012 22:26:20 Windows Update

**** End of log ****


Thank You,
:)

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:18 PM

Posted 19 August 2012 - 03:59 AM

Hi

I don't see any signs of malware from the logs provided thus far.

Please do the following next:

:step1:

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.


Please follow these steps to remove older version Java components and update:

  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.

Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u6-windows-i586.exe (or jre-7u6-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


:step2:

Important Note: Your version of Firefox is out of date.

Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

Please follow these steps to update Firefox:


:step3:

Important Note: Your version of Skype is out of date.

Please follow these steps to update Skype:


:step4:

Important Note: Your version of Adobe Air is out of date.

Uninstall Adobe Air
  • Open Programs and Features or Add and Remove Programs by clicking the Start / Windows "Orb" button, clicking Control Panel, clicking Programs, and then clicking Programs and Features or Add and Remove Programs.
  • Select any program with Adobe Air in the name, and then click Uninstall.
  • Repeat step 2 until no more programs containing Adobe Air are visible.
Note: Some programs include the option to change or repair the program in addition to uninstalling it, but many simply offer the option to uninstall. To change a program, click
Change or Repair. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

Please follow these steps to Install the latest Adobe Air:
  • Go to http://get.adobe.com/air/
  • Click the Download now button, and save it to your Desktop
  • Double click the file to start the installation process


:step5:

Please rerun SecurityCheck and Minitoolbox again as per my earlier post.
Post the full contents of the logs in your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 PTE

PTE
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 20 August 2012 - 03:24 AM

I've updated java, air, skype, and firefox

Here are my most current logs:

SECURITY CHECK:

Results of screen317's Security Check version 0.99.46
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
Java 7 Update 6
Adobe Reader X (10.1.4)
Mozilla Firefox (14.0.1)
Google Chrome 21.0.1180.77
Google Chrome 21.0.1180.79
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials msseces.exe
Windows Defender MSMpEng.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 51% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````



MiniTOOLBOX:

MiniToolBox by Farbar Version: 23-07-2012
Ran by MYUSERNAME1 (administrator) on 20-08-2012 at 01:19:42
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = Local Area Connection 2 (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled metric=1 nud=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MYPC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net.

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.ca.comcast.net.
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 54-04-A6-2F-50-B1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7ce6:eb1b:7950:436b%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 20, 2012 1:11:51 AM
Lease Expires . . . . . . . . . . : Monday, August 27, 2012 1:11:51 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 290718886
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-B6-3E-30-54-04-A6-2F-50-B1
DNS Servers . . . . . . . . . . . : 8.8.8.8
4.2.2.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:34d1:1a1f:cd7c:3c61(Preferred)
Link-local IPv6 Address . . . . . : fe80::34d1:1a1f:cd7c:3c61%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.ca.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ca.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: google.com
Addresses: 2001:4860:4001:801::100e
74.125.224.71
74.125.224.68
74.125.224.73
74.125.224.69
74.125.224.66
74.125.224.67
74.125.224.65
74.125.224.70
74.125.224.78
74.125.224.64
74.125.224.72


Pinging google.com [74.125.224.71] with 32 bytes of data:
Reply from 74.125.224.71: bytes=32 time=17ms TTL=56
Reply from 74.125.224.71: bytes=32 time=17ms TTL=56

Ping statistics for 74.125.224.71:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 17ms, Average = 17ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=107ms TTL=48
Reply from 98.139.183.24: bytes=32 time=170ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 107ms, Maximum = 170ms, Average = 138ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms
===========================================================================
Interface List
10...54 04 a6 2f 50 b1 ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.101 276
192.168.1.101 255.255.255.255 On-link 192.168.1.101 276
192.168.1.255 255.255.255.255 On-link 192.168.1.101 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.101 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.101 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:9d38:953c:34d1:1a1f:cd7c:3c61/128
On-link
10 276 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::34d1:1a1f:cd7c:3c61/128
On-link
10 276 fe80::7ce6:eb1b:7950:436b/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/20/2012 01:11:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2012 05:35:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/19/2012 05:17:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2012 06:17:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/18/2012 03:44:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/18/2012 07:18:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2012 08:37:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/16/2012 05:23:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (08/16/2012 04:42:03 PM) (Source: Chrome) (User: HyperKind)HyperKind
Description: Chrome has encountered a fatal error.
ver=21.0.1180.79;is_machine=0;minidump=C:\Users\4est\AppData\Local\Google\CrashReports\3bdf041d-6de2-40d1-8b0b-b0649ed563a3.dmp

Error: (08/16/2012 04:40:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/20/2012 01:11:59 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/20/2012 01:11:48 AM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (08/20/2012 01:11:44 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/20/2012 01:11:42 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/19/2012 05:17:26 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (08/19/2012 05:17:15 PM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (08/19/2012 05:17:09 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/19/2012 05:17:08 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ElbyCDFL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/19/2012 00:39:31 AM) (Source: Service Control Manager) (User: )
Description: The CyberLink PowerDVD 11.0 Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/18/2012 07:18:42 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842


Microsoft Office Sessions:
=========================
Error: (08/20/2012 01:11:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2012 05:35:34 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/19/2012 05:17:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2012 06:17:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\4est\Downloads\esetsmartinstaller_enu.exe

Error: (08/18/2012 03:44:19 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/18/2012 07:18:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2012 08:37:50 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/16/2012 05:23:36 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (08/16/2012 04:42:03 PM) (Source: Chrome)(User: HyperKind)HyperKind
Description: Chrome has encountered a fatal error.
ver=21.0.1180.79;is_machine=0;minidump=C:\Users\4est\AppData\Local\Google\CrashReports\3bdf041d-6de2-40d1-8b0b-b0649ed563a3.dmp

Error: (08/16/2012 04:40:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 3.3.0.3670)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Application Verifier (x64) (Version: 4.1.1078)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.1.0)
AutoHotkey 1.0.48.05 (Version: 1.0.48.05)
Bluetooth Win7 Suite (64) (Version: 7.2.0.65)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-J835DW (Version: 1.0.19.0)
Cain & Abel v4.9.43
CCleaner (Version: 3.20)
Cisco AnyConnect VPN Client (Version: 2.5.2001)
CloneCD
CloneDVD 4.1.0.23
CloneDVD2 (Version: 2.9.2.8)
Core Temp 1.0 RC2 (Version: 1.0)
CPUID CPU-Z 1.59
CPUID HWMonitor 1.18
CutePDF Writer 2.8
CyberLink PowerDVD 11 (Version: 11.0.2408.53)
Debugging Tools for Windows (x64) (Version: 6.12.2.633)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Disk Unlocker (Version: 2.0.8)
Dota 2
DVD Decrypter (Remove Only)
DVD Shrink 3.2
Enterasys NAC Assessment Agent (Version: 1.5.4.0)
ESET Online Scanner v3
EVGA OC Scanner 1.8.2
EVGA Precision X 3.0.3 (Version: 3.0.3)
F.lux
Facebook Messenger 2.1.4590.0 (Version: 2.1.4590.0)
Fallout: New Vegas
Fieldrunners
FileZilla Client 3.5.3 (Version: 3.5.3)
Geosense for Windows (Version: 1.2.0.0)
Google Chrome (Version: 21.0.1180.79)
Google Drive (Version: 1.3.3209.2688)
Google Earth (Version: 6.2.2.6613)
Google Talk (remove only)
Google Talk Plugin (Version: 3.4.2.8800)
Google Update Helper (Version: 1.3.21.115)
High-Definition Video Playback (Version: 11.1.10500.2.65)
ImgBurn (Version: 2.5.7.0)
Intel® Management Engine Components (Version: 8.0.2.1410)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0)
Intel® Processor Graphics (Version: 8.15.10.2405)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
Intel® Watchdog Timer Driver (Intel® WDT)
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 10.6.3.25)
Java 7 Update 6 (64-bit) (Version: 7.0.60)
Java 7 Update 6 (Version: 7.0.60)
Java Auto Updater (Version: 2.1.9.0)
JDiskReport 1.4.0 (Version: 1.4.0 (2012-01-20 11:38:43))
JMicron JMB36X Driver (Version: 1.17.58.2)
K-Lite Codec Pack 8.2.0 (Full) (Version: 8.2.0)
Magic Online (Version: 3.00.0000)
Magic: The Gathering — Duels of the Planeswalkers 2012
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 5.1.10516.0)
Microsoft Visual C++ Compilers 2010 Standard - enu - x64 (Version: 10.0.30319)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Performance Toolkit (Version: 4.8.0)
Microsoft Windows SDK .NET Framework Tools (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.7600.0.30514)
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Samples (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514)
Microsoft Windows SDK Intellisense and Reference Assemblies (30514) (Version: 7.1.30514)
Microsoft Windows SDK MSHelp (30514) (Version: 7.1.30514)
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514) (Version: 7.1.30514)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Mumble 1.2.3 (Version: 1.2.3)
NeoTrace Pro 3.25
Nero 11 (Version: 11.0.11200)
Nero 11 Disc Menus Basic (Version: 11.0.11200.12.0)
Nero 11 Effects Basic (Version: 11.0.11400.14.0)
Nero 11 Image Samples (Version: 11.0.11200.12.0)
Nero 11 Kwik Themes Basic (Version: 11.0.11200.12.0)
Nero 11 PiP Effects Basic (Version: 11.0.11400.14.0)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp 11 (Version: 6.0.18000.19.100)
Nero BackItUp 11 Help (CHM) (Version: 11.0.10200)
Nero Backup Drivers (Version: 1.0.11100.8.0)
Nero Burning ROM 11 (Version: 11.0.12500.24.100)
Nero Burning ROM 11 Help (CHM) (Version: 11.0.10300)
Nero ControlCenter 11 (Version: 11.0.12700.0.27)
Nero ControlCenter 11 Help (CHM) (Version: 11.0.10300)
Nero Core Components 11 (Version: 11.0.15600.1.17)
Nero CoverDesigner 11 (Version: 6.0.10800.11.100)
Nero CoverDesigner 11 Help (CHM) (Version: 11.0.10300)
Nero Express 11 (Version: 11.0.11900.24.100)
Nero Express 11 Help (CHM) (Version: 11.0.10300)
Nero Kwik Media (Version: 1.10.24000.138.100)
Nero Kwik Media Help (CHM) (Version: 11.0.10200)
Nero Recode 11 (Version: 5.0.13800.37.100)
Nero Recode 11 Help (CHM) (Version: 11.0.10300)
Nero RescueAgent 11 (Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (Version: 11.0.10400)
Nero SoundTrax 11 (Version: 5.0.10700.6.100)
Nero SoundTrax 11 Help (CHM) (Version: 11.0.10400)
Nero Update (Version: 11.0.11500.28.0)
Nero Video 11 (Version: 8.0.14600.27.100)
Nero Video 11 Help (CHM) (Version: 11.0.10300)
Nero WaveEditor 11 (Version: 6.0.11100.7.100)
Nero WaveEditor 11 Help (CHM) (Version: 11.0.10400)
nero.prerequisites.msi (Version: 11.0.20008)
Ninja Reflex: Steamworks Edition
Notepad++ (Version: 5.9.8)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
OpenAL
Opera 12.01 (Version: 12.01.1532)
Osmos
Paint.NET v3.5.10 (Version: 3.60.0)
PDF Settings CS6 (Version: 11.0)
Picasa 3 (Version: 3.8)
Pidgin (Version: 2.10.1)
Project64 1.6 (Version: 1.6)
PuTTY version 0.62 (Version: 0.62)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6251)
Reaxxion
Recuva (Version: 1.42)
Safari (Version: 5.34.57.2)
Screencast-O-Matic
Seagate Dashboard (Version: 1.1.0.1421)
Skype™ 5.10 (Version: 5.10.116)
Spark 2.6.3.12555
Spotify (Version: 0.8.4.107.g4fa0003f)
Steam (Version: 1.0.0.0)
TeamViewer 7 (Version: 7.0.13989)
TeraCopy 2.27
The Elder Scrolls V: Skyrim
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598289) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
VirtualCloneDrive
VLC media player 2.0.1 (Version: 2.0.1)
VNC Free Edition 4.1.3 (Version: 4.1.3)
welcome (Version: 11.0.21500.0.4)
Winamp (Version: 5.623 )
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows SDK IntellisenseNFX (Version: 7.1.30514)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinSCP 4.3.6 (Version: 4.3.6)
Wireshark 1.6.8 (64-bit) (Version: 1.6.8)
Worms Reloaded
Yahoo! Messenger

========================= Devices: ================================

Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ASUS Bluetooth
Description: ASUS Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dell USB Smartcard Keyboard
Description: Dell USB Smartcard Keyboard
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 18%
Total physical RAM: 16351.09 MB
Available physical RAM: 13270.34 MB
Total Pagefile: 33724.38 MB
Available Pagefile: 30350.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3955.78 MB

========================= Partitions: =====================================

2 Drive c: (SSD120) (Fixed) (Total:111.79 GB) (Free:26.37 GB) NTFS
3 Drive d: (SATA600) (Fixed) (Total:596.17 GB) (Free:202.62 GB) NTFS

========================= Users: ========================================

User accounts for \\MYPC

MYUSERNAME1 Administrator Guest
MYUSERNAME2 UpdatusUser

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

15-08-2012 01:10:45 Windows Update
15-08-2012 22:26:20 Windows Update
19-08-2012 15:29:22 Windows Update
20-08-2012 07:48:14 Removed JavaFX 2.1.1
20-08-2012 07:48:25 Removed Java™ 7 Update 5 (64-bit)
20-08-2012 07:48:42 Removed Java™ 7 Update 5
20-08-2012 07:49:16 Removed Java™ 6 Update 31 (64-bit)
20-08-2012 07:49:37 Removed Java™ 6 Update 31
20-08-2012 07:54:28 Installed Skype™ 5.10
20-08-2012 08:13:08 Installed Java 7 Update 6 (64-bit)
20-08-2012 08:15:13 Installed Java 7 Update 6

**** End of log ****

Thanx again :)

#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:18 PM

Posted 21 August 2012 - 08:09 AM

Other than the blocked IP's, are there any other problems the computer has?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 PTE

PTE
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 21 August 2012 - 10:05 AM

I don't notice any issue other than the strange 0x0 process attached to csrss.exe in Process Explorer...

#14 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:18 PM

Posted 21 August 2012 - 02:43 PM

I don't notice any issue other than the strange 0x0 process attached to csrss.exe in Process Explorer...


  • Please take a screenshot of the problem (How to take a screenshot)
  • Save it as a picture file (eg .jpg / .gif) to your desktop using e.g. Paint.
  • Upload the file saved on your desktop to a site like Mediafire
  • Please post the link to the file in your next reply.

Note:
The reasons I ask you to upload the file to a site like Mediafire, instead of posting the picture on BC instead:

1) It would take up a significant portion of your storage allowance.
2) If the picture is subsequently deleted from BC storage, then it would not show in this post anymore.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#15 PTE

PTE
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:18 PM

Posted 21 August 2012 - 06:44 PM

Here is the screenshot of the 0x0 process found attached to csrss.exe when viewed in PE.

http://www.mediafire.com/conv/9af971b7abd0079915d21d75e3120afb6bbaddaf929282740e1d049adbe822386g.jpg

Thanx,
:)

Edited by PTE, 21 August 2012 - 08:27 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users