Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with ZAccess Virus (Zero Access?)


  • Please log in to reply
15 replies to this topic

#1 sb66

sb66

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 08 September 2012 - 01:42 PM

Hi - my wife's computer is a HP 64 bit windows 7 machine. Symtoms started with McAfee telling me there was a virus and the firewall was down. I could not restore the firewall. Also, internet searches through google (using mozilla) stopped working. McAfee didn't get rid of the virus nor did SpyBot.

I ran TDSSkiller, ASWMBR, and ESET as others were instructed to for their Zero Acess issues, however I then read to not do that or post logs until instructed. I will post those logs if you want. . .

Thanks-- Looking forward to saving my wifes computer. Thank you in advance for you help!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 08 September 2012 - 01:48 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 sb66

sb66
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 08 September 2012 - 02:00 PM

TDSSkiller

14:21:24.0646 5680 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
14:21:25.0026 5680 ============================================================
14:21:25.0026 5680 Current date / time: 2012/09/07 14:21:25.0026
14:21:25.0026 5680 SystemInfo:
14:21:25.0026 5680
14:21:25.0026 5680 OS Version: 6.1.7601 ServicePack: 1.0
14:21:25.0026 5680 Product type: Workstation
14:21:25.0026 5680 ComputerName: BLACKPEARL
14:21:25.0026 5680 UserName: Mary
14:21:25.0026 5680 Windows directory: C:\Windows
14:21:25.0026 5680 System windows directory: C:\Windows
14:21:25.0026 5680 Running under WOW64
14:21:25.0026 5680 Processor architecture: Intel x64
14:21:25.0026 5680 Number of processors: 2
14:21:25.0026 5680 Page size: 0x1000
14:21:25.0026 5680 Boot type: Normal boot
14:21:25.0026 5680 ============================================================
14:21:25.0647 5680 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:21:25.0657 5680 ============================================================
14:21:25.0657 5680 \Device\Harddisk0\DR0:
14:21:25.0657 5680 MBR partitions:
14:21:25.0657 5680 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:21:25.0657 5680 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23A58800
14:21:25.0657 5680 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23ABC800, BlocksNum 0x1971800
14:21:25.0657 5680 ============================================================
14:21:25.0677 5680 C: <-> \Device\Harddisk0\DR0\Partition2
14:21:25.0737 5680 D: <-> \Device\Harddisk0\DR0\Partition3
14:21:25.0737 5680 ============================================================
14:21:25.0737 5680 Initialize success
14:21:25.0737 5680 ============================================================
14:21:52.0841 5144 ============================================================
14:21:52.0841 5144 Scan started
14:21:52.0841 5144 Mode: Manual; TDLFS;
14:21:52.0841 5144 ============================================================
14:21:53.0168 5144 ================ Scan system memory ========================
14:21:53.0168 5144 System memory - ok
14:21:53.0168 5144 ================ Scan services =============================
14:21:53.0387 5144 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:21:53.0449 5144 1394ohci - ok
14:21:53.0480 5144 [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
14:21:53.0527 5144 Accelerometer - ok
14:21:53.0574 5144 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:21:53.0621 5144 ACPI - ok
14:21:53.0683 5144 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:21:53.0714 5144 AcpiPmi - ok
14:21:53.0839 5144 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:21:53.0855 5144 AdobeFlashPlayerUpdateSvc - ok
14:21:53.0886 5144 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:21:53.0901 5144 adp94xx - ok
14:21:53.0995 5144 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:21:53.0995 5144 adpahci - ok
14:21:54.0011 5144 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:21:54.0026 5144 adpu320 - ok
14:21:54.0042 5144 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:21:54.0057 5144 AeLookupSvc - ok
14:21:54.0151 5144 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
14:21:54.0151 5144 AESTFilters - ok
14:21:54.0198 5144 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:21:54.0245 5144 AFD - ok
14:21:54.0307 5144 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
14:21:54.0307 5144 AgereModemAudio - ok
14:21:54.0354 5144 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
14:21:54.0432 5144 AgereSoftModem - ok
14:21:54.0479 5144 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:21:54.0494 5144 agp440 - ok
14:21:54.0510 5144 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:21:54.0510 5144 ALG - ok
14:21:54.0541 5144 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:21:54.0541 5144 aliide - ok
14:21:54.0557 5144 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:21:54.0557 5144 amdide - ok
14:21:54.0588 5144 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:21:54.0588 5144 AmdK8 - ok
14:21:54.0619 5144 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:21:54.0619 5144 AmdPPM - ok
14:21:54.0650 5144 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:21:54.0650 5144 amdsata - ok
14:21:54.0666 5144 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:21:54.0681 5144 amdsbs - ok
14:21:54.0697 5144 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:21:54.0744 5144 amdxata - ok
14:21:54.0791 5144 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:21:54.0837 5144 AppID - ok
14:21:54.0853 5144 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:21:54.0853 5144 AppIDSvc - ok
14:21:54.0900 5144 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:21:54.0945 5144 Appinfo - ok
14:21:55.0035 5144 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:21:55.0035 5144 Apple Mobile Device - ok
14:21:55.0065 5144 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:21:55.0075 5144 arc - ok
14:21:55.0075 5144 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:21:55.0085 5144 arcsas - ok
14:21:55.0105 5144 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:21:55.0115 5144 AsyncMac - ok
14:21:55.0145 5144 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:21:55.0145 5144 atapi - ok
14:21:55.0295 5144 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
14:21:55.0515 5144 atikmdag - ok
14:21:55.0575 5144 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:21:55.0625 5144 AudioEndpointBuilder - ok
14:21:55.0635 5144 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:21:55.0635 5144 AudioSrv - ok
14:21:55.0675 5144 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:21:55.0705 5144 AxInstSV - ok
14:21:55.0745 5144 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:21:55.0755 5144 b06bdrv - ok
14:21:55.0795 5144 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:21:55.0805 5144 b57nd60a - ok
14:21:55.0885 5144 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:21:55.0885 5144 BBSvc - ok
14:21:55.0935 5144 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:21:55.0945 5144 BBUpdate - ok
14:21:55.0975 5144 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:21:55.0975 5144 BDESVC - ok
14:21:56.0015 5144 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:21:56.0025 5144 Beep - ok
14:21:56.0045 5144 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:21:56.0045 5144 blbdrive - ok
14:21:56.0115 5144 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:21:56.0125 5144 Bonjour Service - ok
14:21:56.0155 5144 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:21:56.0165 5144 bowser - ok
14:21:56.0215 5144 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:21:56.0225 5144 BrFiltLo - ok
14:21:56.0245 5144 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:21:56.0255 5144 BrFiltUp - ok
14:21:56.0285 5144 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
14:21:56.0325 5144 Browser - ok
14:21:56.0345 5144 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:21:56.0355 5144 Brserid - ok
14:21:56.0365 5144 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:21:56.0365 5144 BrSerWdm - ok
14:21:56.0375 5144 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:21:56.0385 5144 BrUsbMdm - ok
14:21:56.0395 5144 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:21:56.0405 5144 BrUsbSer - ok
14:21:56.0445 5144 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:21:56.0455 5144 BthEnum - ok
14:21:56.0475 5144 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:21:56.0475 5144 BTHMODEM - ok
14:21:56.0505 5144 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:21:56.0515 5144 BthPan - ok
14:21:56.0535 5144 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:21:56.0585 5144 BTHPORT - ok
14:21:56.0615 5144 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:21:56.0615 5144 bthserv - ok
14:21:56.0635 5144 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:21:56.0675 5144 BTHUSB - ok
14:21:56.0705 5144 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:21:56.0745 5144 btwaudio - ok
14:21:56.0765 5144 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
14:21:56.0805 5144 btwavdt - ok
14:21:56.0865 5144 [ 17DA11C703B8E86AC3DF8F796A118AEF ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:21:56.0875 5144 btwdins - ok
14:21:56.0885 5144 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:21:56.0925 5144 btwl2cap - ok
14:21:56.0965 5144 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:21:57.0012 5144 btwrchid - ok
14:21:57.0043 5144 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:21:57.0043 5144 cdfs - ok
14:21:57.0075 5144 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:21:57.0121 5144 cdrom - ok
14:21:57.0168 5144 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:21:57.0199 5144 CertPropSvc - ok
14:21:57.0246 5144 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
14:21:57.0293 5144 cfwids - ok
14:21:57.0324 5144 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:21:57.0324 5144 circlass - ok
14:21:57.0355 5144 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:21:57.0371 5144 CLFS - ok
14:21:57.0449 5144 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:21:57.0465 5144 clr_optimization_v2.0.50727_32 - ok
14:21:57.0496 5144 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:21:57.0496 5144 clr_optimization_v2.0.50727_64 - ok
14:21:57.0699 5144 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:21:57.0761 5144 clr_optimization_v4.0.30319_32 - ok
14:21:57.0839 5144 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:21:57.0839 5144 clr_optimization_v4.0.30319_64 - ok
14:21:57.0886 5144 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:21:57.0886 5144 CmBatt - ok
14:21:57.0917 5144 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:21:57.0917 5144 cmdide - ok
14:21:57.0979 5144 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:21:58.0011 5144 CNG - ok
14:21:58.0213 5144 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
14:21:58.0213 5144 Com4QLBEx - ok
14:21:58.0229 5144 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:21:58.0229 5144 Compbatt - ok
14:21:58.0276 5144 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:21:58.0323 5144 CompositeBus - ok
14:21:58.0338 5144 COMSysApp - ok
14:21:58.0354 5144 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:21:58.0354 5144 crcdisk - ok
14:21:58.0401 5144 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:21:58.0432 5144 CryptSvc - ok
14:21:58.0479 5144 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:21:58.0479 5144 DcomLaunch - ok
14:21:58.0510 5144 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:21:58.0525 5144 defragsvc - ok
14:21:58.0572 5144 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:21:58.0572 5144 DfsC - ok
14:21:58.0619 5144 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:21:58.0681 5144 Dhcp - ok
14:21:58.0697 5144 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:21:58.0697 5144 discache - ok
14:21:58.0728 5144 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:21:58.0728 5144 Disk - ok
14:21:58.0759 5144 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:21:58.0791 5144 Dnscache - ok
14:21:58.0822 5144 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:21:58.0869 5144 dot3svc - ok
14:21:58.0901 5144 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:21:58.0916 5144 dot4 - ok
14:21:58.0946 5144 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
14:21:58.0996 5144 Dot4Print - ok
14:21:59.0036 5144 [ 488669CD1CD3BDCFDD9A5FDA72209069 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
14:21:59.0036 5144 Dot4Scan - ok
14:21:59.0066 5144 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:21:59.0076 5144 dot4usb - ok
14:21:59.0106 5144 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:21:59.0136 5144 DPS - ok
14:21:59.0156 5144 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:21:59.0156 5144 drmkaud - ok
14:21:59.0216 5144 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:21:59.0266 5144 DXGKrnl - ok
14:21:59.0306 5144 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:21:59.0306 5144 EapHost - ok
14:21:59.0376 5144 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:21:59.0456 5144 ebdrv - ok
14:21:59.0486 5144 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:21:59.0486 5144 EFS - ok
14:21:59.0536 5144 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:21:59.0596 5144 ehRecvr - ok
14:21:59.0616 5144 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:21:59.0616 5144 ehSched - ok
14:21:59.0656 5144 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:21:59.0666 5144 elxstor - ok
14:21:59.0696 5144 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
14:21:59.0736 5144 enecir - ok
14:21:59.0826 5144 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:21:59.0836 5144 ErrDev - ok
14:21:59.0926 5144 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:21:59.0936 5144 EventSystem - ok
14:21:59.0966 5144 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:21:59.0976 5144 exfat - ok
14:22:00.0006 5144 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:22:00.0016 5144 fastfat - ok
14:22:00.0076 5144 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:22:00.0146 5144 Fax - ok
14:22:00.0336 5144 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:22:00.0336 5144 fdc - ok
14:22:00.0356 5144 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:22:00.0356 5144 fdPHost - ok
14:22:00.0366 5144 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:22:00.0366 5144 FDResPub - ok
14:22:00.0386 5144 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:22:00.0386 5144 FileInfo - ok
14:22:00.0396 5144 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:22:00.0406 5144 Filetrace - ok
14:22:00.0416 5144 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:22:00.0416 5144 flpydisk - ok
14:22:00.0456 5144 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:22:00.0496 5144 FltMgr - ok
14:22:00.0556 5144 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:22:00.0596 5144 FontCache - ok
14:22:00.0636 5144 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:22:00.0696 5144 FontCache3.0.0.0 - ok
14:22:00.0706 5144 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:22:00.0716 5144 FsDepends - ok
14:22:00.0746 5144 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:22:00.0786 5144 Fs_Rec - ok
14:22:00.0826 5144 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:22:00.0876 5144 fvevol - ok
14:22:00.0896 5144 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:22:00.0906 5144 gagp30kx - ok
14:22:00.0946 5144 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:22:00.0956 5144 GameConsoleService - ok
14:22:00.0996 5144 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:22:01.0046 5144 GEARAspiWDM - ok
14:22:01.0086 5144 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:22:01.0136 5144 gpsvc - ok
14:22:01.0236 5144 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:01.0236 5144 gupdate - ok
14:22:01.0256 5144 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:01.0256 5144 gupdatem - ok
14:22:01.0276 5144 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:22:01.0286 5144 hcw85cir - ok
14:22:01.0326 5144 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:22:01.0406 5144 HdAudAddService - ok
14:22:01.0436 5144 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:22:01.0476 5144 HDAudBus - ok
14:22:01.0496 5144 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:22:01.0506 5144 HidBatt - ok
14:22:01.0526 5144 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:22:01.0536 5144 HidBth - ok
14:22:01.0556 5144 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:22:01.0556 5144 HidIr - ok
14:22:01.0586 5144 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:22:01.0596 5144 hidserv - ok
14:22:01.0606 5144 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:22:01.0616 5144 HidUsb - ok
14:22:01.0646 5144 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:22:01.0686 5144 hkmsvc - ok
14:22:01.0716 5144 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:22:01.0766 5144 HomeGroupListener - ok
14:22:01.0806 5144 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:22:01.0846 5144 HomeGroupProvider - ok
14:22:02.0066 5144 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:22:02.0066 5144 HP Support Assistant Service - ok
14:22:02.0186 5144 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:22:02.0186 5144 HPDrvMntSvc.exe - ok
14:22:02.0286 5144 [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
14:22:02.0286 5144 hpdskflt - ok
14:22:02.0306 5144 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:22:02.0346 5144 HpqKbFiltr - ok
14:22:02.0456 5144 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:22:02.0456 5144 hpqwmiex - ok
14:22:02.0516 5144 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:22:02.0526 5144 HpSAMD - ok
14:22:02.0546 5144 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv C:\Windows\system32\Hpservice.exe
14:22:02.0546 5144 hpsrv - ok
14:22:02.0586 5144 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:22:02.0596 5144 HTTP - ok
14:22:02.0626 5144 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:22:02.0626 5144 hwpolicy - ok
14:22:02.0646 5144 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:22:02.0646 5144 i8042prt - ok
14:22:02.0736 5144 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:22:02.0736 5144 IAANTMON - ok
14:22:02.0786 5144 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:22:02.0786 5144 iaStor - ok
14:22:02.0806 5144 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:22:02.0866 5144 iaStorV - ok
14:22:02.0906 5144 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:22:02.0986 5144 idsvc - ok
14:22:03.0176 5144 [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:22:03.0366 5144 igfx - ok
14:22:03.0386 5144 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:22:03.0386 5144 iirsp - ok
14:22:03.0436 5144 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:22:03.0506 5144 IKEEXT - ok
14:22:03.0546 5144 [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
14:22:03.0596 5144 IntcHdmiAddService - ok
14:22:03.0616 5144 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:22:03.0616 5144 intelide - ok
14:22:03.0636 5144 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:22:03.0646 5144 intelppm - ok
14:22:03.0666 5144 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:22:03.0676 5144 IPBusEnum - ok
14:22:03.0706 5144 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:22:03.0766 5144 IpFilterDriver - ok
14:22:03.0796 5144 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:22:03.0846 5144 IPMIDRV - ok
14:22:03.0876 5144 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:22:03.0876 5144 IPNAT - ok
14:22:03.0966 5144 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:22:03.0966 5144 iPod Service - ok
14:22:03.0986 5144 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:22:03.0996 5144 IRENUM - ok
14:22:04.0026 5144 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:22:04.0036 5144 isapnp - ok
14:22:04.0066 5144 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:22:04.0126 5144 iScsiPrt - ok
14:22:04.0146 5144 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:22:04.0156 5144 kbdclass - ok
14:22:04.0186 5144 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:22:04.0236 5144 kbdhid - ok
14:22:04.0256 5144 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:22:04.0256 5144 KeyIso - ok
14:22:04.0316 5144 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:22:04.0316 5144 KSecDD - ok
14:22:04.0356 5144 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:22:04.0406 5144 KSecPkg - ok
14:22:04.0416 5144 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:22:04.0426 5144 ksthunk - ok
14:22:04.0476 5144 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:22:04.0486 5144 KtmRm - ok
14:22:04.0576 5144 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:22:04.0616 5144 LanmanServer - ok
14:22:04.0676 5144 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:22:04.0716 5144 LanmanWorkstation - ok
14:22:04.0816 5144 [ C48B0F913C944D736A455191ECD8FF45 ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
14:22:04.0816 5144 Lavasoft Ad-Aware Service - ok
14:22:04.0856 5144 [ A352CDB69AF6E18D60C0001D540D8478 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
14:22:04.0856 5144 Lbd - ok
14:22:04.0916 5144 [ C2E324014D54DAA2B5A4DE47CB696FD8 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:22:04.0916 5144 LightScribeService - ok
14:22:04.0946 5144 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:22:04.0956 5144 lltdio - ok
14:22:04.0986 5144 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:22:04.0996 5144 lltdsvc - ok
14:22:05.0036 5144 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:22:05.0036 5144 lmhosts - ok
14:22:05.0066 5144 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:22:05.0076 5144 LSI_FC - ok
14:22:05.0096 5144 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:22:05.0096 5144 LSI_SAS - ok
14:22:05.0106 5144 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:22:05.0116 5144 LSI_SAS2 - ok
14:22:05.0126 5144 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:22:05.0136 5144 LSI_SCSI - ok
14:22:05.0146 5144 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:22:05.0156 5144 luafv - ok
14:22:05.0246 5144 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:22:05.0246 5144 McMPFSvc - ok
14:22:05.0256 5144 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:22:05.0266 5144 mcmscsvc - ok
14:22:05.0276 5144 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:22:05.0276 5144 McNaiAnn - ok
14:22:05.0296 5144 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:22:05.0296 5144 McNASvc - ok
14:22:05.0366 5144 [ DD2321925274F2902929D76CE2B0EB45 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
14:22:05.0426 5144 McODS - ok
14:22:05.0426 5144 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:22:05.0436 5144 McProxy - ok
14:22:05.0516 5144 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
14:22:05.0516 5144 McShield - ok
14:22:05.0556 5144 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:22:05.0596 5144 Mcx2Svc - ok
14:22:05.0616 5144 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:22:05.0616 5144 megasas - ok
14:22:05.0626 5144 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:22:05.0636 5144 MegaSR - ok
14:22:05.0676 5144 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
14:22:05.0726 5144 mfeapfk - ok
14:22:05.0766 5144 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
14:22:05.0816 5144 mfeavfk - ok
14:22:05.0826 5144 mfeavfk01 - ok
14:22:05.0846 5144 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
14:22:05.0846 5144 mfefire - ok
14:22:05.0886 5144 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
14:22:05.0936 5144 mfefirek - ok
14:22:05.0986 5144 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
14:22:06.0006 5144 mfehidk - ok
14:22:06.0016 5144 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
14:22:06.0066 5144 mfenlfk - ok
14:22:06.0096 5144 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
14:22:06.0146 5144 mferkdet - ok
14:22:06.0176 5144 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Windows\system32\mfevtps.exe
14:22:06.0186 5144 mfevtp - ok
14:22:06.0216 5144 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
14:22:06.0266 5144 mfewfpk - ok
14:22:06.0336 5144 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:22:06.0376 5144 Microsoft Office Groove Audit Service - ok
14:22:06.0396 5144 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:22:06.0406 5144 MMCSS - ok
14:22:06.0426 5144 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:22:06.0426 5144 Modem - ok
14:22:06.0436 5144 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:22:06.0446 5144 monitor - ok
14:22:06.0466 5144 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:22:06.0476 5144 mouclass - ok
14:22:06.0526 5144 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:22:06.0536 5144 mouhid - ok
14:22:06.0576 5144 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:22:06.0576 5144 mountmgr - ok
14:22:06.0826 5144 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:22:06.0836 5144 MozillaMaintenance - ok
14:22:06.0856 5144 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:22:06.0856 5144 mpio - ok
14:22:06.0876 5144 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:22:06.0886 5144 mpsdrv - ok
14:22:06.0916 5144 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:22:06.0976 5144 MRxDAV - ok
14:22:07.0006 5144 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:22:07.0006 5144 mrxsmb - ok
14:22:07.0046 5144 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:22:07.0046 5144 mrxsmb10 - ok
14:22:07.0056 5144 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:22:07.0106 5144 mrxsmb20 - ok
14:22:07.0166 5144 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:22:07.0216 5144 msahci - ok
14:22:07.0246 5144 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:22:07.0296 5144 msdsm - ok
14:22:07.0316 5144 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:22:07.0316 5144 MSDTC - ok
14:22:07.0336 5144 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:22:07.0336 5144 Msfs - ok
14:22:07.0356 5144 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:22:07.0366 5144 mshidkmdf - ok
14:22:07.0406 5144 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:22:07.0406 5144 msisadrv - ok
14:22:07.0466 5144 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:22:07.0476 5144 MSiSCSI - ok
14:22:07.0486 5144 msiserver - ok
14:22:07.0516 5144 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:22:07.0526 5144 MSKSSRV - ok
14:22:07.0536 5144 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:22:07.0546 5144 MSPCLOCK - ok
14:22:07.0546 5144 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:22:07.0546 5144 MSPQM - ok
14:22:07.0586 5144 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:22:07.0586 5144 MsRPC - ok
14:22:07.0616 5144 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:22:07.0616 5144 mssmbios - ok
14:22:07.0626 5144 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:22:07.0636 5144 MSTEE - ok
14:22:07.0656 5144 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:22:07.0656 5144 MTConfig - ok
14:22:07.0676 5144 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:22:07.0676 5144 Mup - ok
14:22:07.0726 5144 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:22:07.0776 5144 napagent - ok
14:22:07.0816 5144 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:22:07.0826 5144 NativeWifiP - ok
14:22:07.0856 5144 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:22:07.0916 5144 NDIS - ok
14:22:07.0976 5144 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:22:07.0986 5144 NdisCap - ok
14:22:08.0016 5144 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:22:08.0016 5144 NdisTapi - ok
14:22:08.0066 5144 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:22:08.0116 5144 Ndisuio - ok
14:22:08.0146 5144 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:22:08.0196 5144 NdisWan - ok
14:22:08.0226 5144 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:22:08.0276 5144 NDProxy - ok
14:22:08.0286 5144 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:22:08.0296 5144 NetBIOS - ok
14:22:08.0336 5144 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:22:08.0396 5144 NetBT - ok
14:22:08.0406 5144 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:22:08.0406 5144 Netlogon - ok
14:22:08.0446 5144 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:22:08.0456 5144 Netman - ok
14:22:08.0476 5144 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:22:08.0476 5144 netprofm - ok
14:22:08.0506 5144 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:22:08.0506 5144 NetTcpPortSharing - ok
14:22:08.0686 5144 [ E72F4522801FFB8F0456924FB0017BFF ] NETw1v64 C:\Windows\system32\DRIVERS\NETw1v64.sys
14:22:08.0896 5144 NETw1v64 - ok
14:22:09.0076 5144 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
14:22:09.0346 5144 NETw5s64 - ok
14:22:09.0486 5144 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:22:09.0606 5144 netw5v64 - ok
14:22:09.0636 5144 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:22:09.0636 5144 nfrd960 - ok
14:22:09.0686 5144 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:22:09.0736 5144 NlaSvc - ok
14:22:09.0786 5144 [ EF7A048FE8E3F102C78C9BD7C448BB6C ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
14:22:10.0856 5144 nosGetPlusHelper - ok
14:22:10.0876 5144 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:22:10.0876 5144 Npfs - ok
14:22:10.0916 5144 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:22:10.0926 5144 nsi - ok
14:22:10.0966 5144 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:22:10.0966 5144 nsiproxy - ok
14:22:11.0036 5144 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:22:11.0076 5144 Ntfs - ok
14:22:11.0106 5144 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:22:11.0116 5144 Null - ok
14:22:11.0197 5144 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:22:11.0247 5144 nvraid - ok
14:22:11.0587 5144 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:22:11.0647 5144 nvstor - ok
14:22:11.0757 5144 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:22:11.0767 5144 nv_agp - ok
14:22:11.0917 5144 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:22:11.0987 5144 odserv - ok
14:22:12.0057 5144 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:22:12.0067 5144 ohci1394 - ok
14:22:12.0097 5144 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:22:12.0157 5144 ose - ok
14:22:12.0197 5144 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:22:12.0207 5144 p2pimsvc - ok
14:22:12.0277 5144 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:22:12.0297 5144 p2psvc - ok
14:22:12.0347 5144 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:22:12.0357 5144 Parport - ok
14:22:12.0387 5144 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:22:12.0437 5144 partmgr - ok
14:22:12.0457 5144 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:22:12.0457 5144 PcaSvc - ok
14:22:12.0487 5144 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:22:12.0547 5144 pci - ok
14:22:12.0557 5144 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:22:12.0567 5144 pciide - ok
14:22:12.0587 5144 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:22:12.0587 5144 pcmcia - ok
14:22:12.0607 5144 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:22:12.0607 5144 pcw - ok
14:22:12.0627 5144 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:22:12.0667 5144 PEAUTH - ok
14:22:12.0727 5144 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:22:12.0727 5144 PerfHost - ok
14:22:12.0797 5144 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:22:12.0897 5144 pla - ok
14:22:12.0957 5144 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:22:13.0007 5144 PlugPlay - ok
14:22:13.0017 5144 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:22:13.0027 5144 PNRPAutoReg - ok
14:22:13.0047 5144 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:22:13.0047 5144 PNRPsvc - ok
14:22:13.0067 5144 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:22:13.0117 5144 PolicyAgent - ok
14:22:13.0147 5144 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:22:13.0147 5144 Power - ok
14:22:13.0187 5144 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:22:13.0237 5144 PptpMiniport - ok
14:22:13.0257 5144 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:22:13.0267 5144 Processor - ok
14:22:13.0297 5144 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:22:13.0297 5144 ProfSvc - ok
14:22:13.0307 5144 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:22:13.0307 5144 ProtectedStorage - ok
14:22:13.0357 5144 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:22:13.0357 5144 Psched - ok
14:22:13.0407 5144 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:22:13.0447 5144 ql2300 - ok
14:22:13.0457 5144 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:22:13.0457 5144 ql40xx - ok
14:22:13.0477 5144 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:22:13.0477 5144 QWAVE - ok
14:22:13.0497 5144 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:22:13.0507 5144 QWAVEdrv - ok
14:22:13.0517 5144 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:22:13.0517 5144 RasAcd - ok
14:22:13.0577 5144 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:22:13.0577 5144 RasAgileVpn - ok
14:22:13.0647 5144 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:22:13.0657 5144 RasAuto - ok
14:22:13.0717 5144 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:22:13.0717 5144 Rasl2tp - ok
14:22:13.0817 5144 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:22:13.0877 5144 RasMan - ok
14:22:13.0907 5144 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:22:13.0907 5144 RasPppoe - ok
14:22:13.0927 5144 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:22:13.0927 5144 RasSstp - ok
14:22:13.0967 5144 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:22:13.0967 5144 rdbss - ok
14:22:14.0017 5144 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:22:14.0017 5144 rdpbus - ok
14:22:14.0037 5144 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:22:14.0037 5144 RDPCDD - ok
14:22:14.0067 5144 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:22:14.0067 5144 RDPENCDD - ok
14:22:14.0087 5144 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:22:14.0087 5144 RDPREFMP - ok
14:22:14.0117 5144 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:22:14.0167 5144 RDPWD - ok
14:22:14.0218 5144 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:22:14.0218 5144 rdyboost - ok
14:22:14.0248 5144 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:22:14.0258 5144 RemoteAccess - ok
14:22:14.0278 5144 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:22:14.0288 5144 RemoteRegistry - ok
14:22:14.0308 5144 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:22:14.0308 5144 RFCOMM - ok
14:22:14.0368 5144 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
14:22:14.0378 5144 RichVideo - ok
14:22:14.0388 5144 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:22:14.0398 5144 RpcEptMapper - ok
14:22:14.0428 5144 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:22:14.0438 5144 RpcLocator - ok
14:22:14.0478 5144 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:22:14.0478 5144 RpcSs - ok
14:22:14.0498 5144 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:22:14.0508 5144 rspndr - ok
14:22:14.0518 5144 RSUSBSTOR - ok
14:22:14.0548 5144 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:22:14.0608 5144 RTL8167 - ok
14:22:14.0608 5144 RtsUIR - ok
14:22:14.0628 5144 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:22:14.0628 5144 SamSs - ok
14:22:14.0658 5144 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:22:14.0658 5144 sbp2port - ok
14:22:14.0718 5144 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:22:14.0828 5144 SBSDWSCService - ok
14:22:14.0848 5144 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:22:14.0858 5144 SCardSvr - ok
14:22:14.0868 5144 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:22:14.0918 5144 scfilter - ok
14:22:14.0998 5144 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:22:15.0088 5144 Schedule - ok
14:22:15.0118 5144 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:22:15.0118 5144 SCPolicySvc - ok
14:22:15.0158 5144 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:22:15.0208 5144 sdbus - ok
14:22:15.0248 5144 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:22:15.0278 5144 SDRSVC - ok
14:22:15.0298 5144 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:22:15.0298 5144 secdrv - ok
14:22:15.0338 5144 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:22:15.0368 5144 seclogon - ok
14:22:15.0398 5144 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:22:15.0408 5144 SENS - ok
14:22:15.0428 5144 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:22:15.0428 5144 SensrSvc - ok
14:22:15.0448 5144 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:22:15.0448 5144 Serenum - ok
14:22:15.0468 5144 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:22:15.0468 5144 Serial - ok
14:22:15.0508 5144 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:22:15.0518 5144 sermouse - ok
14:22:15.0558 5144 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:22:15.0598 5144 SessionEnv - ok
14:22:15.0638 5144 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:22:15.0638 5144 sffdisk - ok
14:22:15.0658 5144 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:22:15.0668 5144 sffp_mmc - ok
14:22:15.0668 5144 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:22:15.0718 5144 sffp_sd - ok
14:22:15.0738 5144 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:22:15.0738 5144 sfloppy - ok
14:22:15.0788 5144 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:22:15.0838 5144 ShellHWDetection - ok
14:22:15.0908 5144 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:22:15.0908 5144 SiSRaid2 - ok
14:22:15.0928 5144 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:22:15.0938 5144 SiSRaid4 - ok
14:22:16.0018 5144 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:22:16.0018 5144 SkypeUpdate - ok
14:22:16.0058 5144 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:22:16.0068 5144 Smb - ok
14:22:16.0128 5144 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:22:16.0138 5144 SNMPTRAP - ok
14:22:16.0148 5144 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:22:16.0148 5144 spldr - ok
14:22:16.0198 5144 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
14:22:16.0198 5144 Spooler - ok
14:22:16.0318 5144 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:22:16.0348 5144 sppsvc - ok
14:22:16.0358 5144 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:22:16.0368 5144 sppuinotify - ok
14:22:16.0408 5144 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:22:16.0418 5144 srv - ok
14:22:16.0428 5144 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:22:16.0438 5144 srv2 - ok
14:22:16.0458 5144 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:22:16.0468 5144 SrvHsfHDA - ok
14:22:16.0508 5144 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:22:16.0558 5144 SrvHsfV92 - ok
14:22:16.0588 5144 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:22:16.0608 5144 SrvHsfWinac - ok
14:22:16.0628 5144 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:22:16.0628 5144 srvnet - ok
14:22:16.0648 5144 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:22:16.0658 5144 SSDPSRV - ok
14:22:16.0668 5144 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:22:16.0678 5144 SstpSvc - ok
14:22:16.0798 5144 [ 2185595C6663660FDC90F5A2A79E2155 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
14:22:16.0798 5144 STacSV - ok
14:22:16.0828 5144 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:22:16.0828 5144 stexstor - ok
14:22:16.0868 5144 [ 8D1CE4322A35F840711B87927CB57C05 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
14:22:16.0948 5144 STHDA - ok
14:22:16.0998 5144 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:22:17.0068 5144 stisvc - ok
14:22:17.0098 5144 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:22:17.0098 5144 swenum - ok
14:22:17.0128 5144 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:22:17.0138 5144 swprv - ok
14:22:17.0178 5144 [ 924D711941956F7420A4925592BE8253 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:22:17.0229 5144 SynTP - ok
14:22:17.0289 5144 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:22:17.0369 5144 SysMain - ok
14:22:17.0399 5144 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:22:17.0439 5144 TabletInputService - ok
14:22:17.0479 5144 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:22:17.0519 5144 TapiSrv - ok
14:22:17.0529 5144 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:22:17.0529 5144 TBS - ok
14:22:17.0609 5144 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:22:17.0649 5144 Tcpip - ok
14:22:17.0689 5144 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:22:17.0699 5144 TCPIP6 - ok
14:22:17.0749 5144 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:22:17.0789 5144 tcpipreg - ok
14:22:17.0819 5144 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:22:17.0819 5144 TDPIPE - ok
14:22:17.0849 5144 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:22:17.0899 5144 TDTCP - ok
14:22:17.0929 5144 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:22:17.0969 5144 tdx - ok
14:22:17.0999 5144 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:22:18.0039 5144 TermDD - ok
14:22:18.0089 5144 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:22:18.0129 5144 TermService - ok
14:22:18.0159 5144 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:22:18.0169 5144 Themes - ok
14:22:18.0239 5144 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:22:18.0249 5144 THREADORDER - ok
14:22:18.0259 5144 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:22:18.0269 5144 TrkWks - ok
14:22:18.0319 5144 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:22:18.0329 5144 TrustedInstaller - ok
14:22:18.0359 5144 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:22:18.0409 5144 tssecsrv - ok
14:22:18.0439 5144 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:22:18.0479 5144 TsUsbFlt - ok
14:22:18.0529 5144 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:22:18.0589 5144 tunnel - ok
14:22:18.0609 5144 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:22:18.0619 5144 uagp35 - ok
14:22:18.0649 5144 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:22:18.0709 5144 udfs - ok
14:22:18.0729 5144 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:22:18.0739 5144 UI0Detect - ok
14:22:18.0769 5144 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:22:18.0769 5144 uliagpkx - ok
14:22:18.0819 5144 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:22:18.0869 5144 umbus - ok
14:22:18.0879 5144 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:22:18.0889 5144 UmPass - ok
14:22:18.0909 5144 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:22:18.0909 5144 upnphost - ok
14:22:18.0969 5144 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:22:19.0019 5144 USBAAPL64 - ok
14:22:19.0039 5144 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:22:19.0079 5144 usbccgp - ok
14:22:19.0089 5144 USBCCID - ok
14:22:19.0139 5144 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:22:19.0139 5144 usbcir - ok
14:22:19.0169 5144 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:22:19.0219 5144 usbehci - ok
14:22:19.0229 5144 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:22:19.0239 5144 usbhub - ok
14:22:19.0249 5144 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:22:19.0289 5144 usbohci - ok
14:22:19.0319 5144 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:22:19.0319 5144 usbprint - ok
14:22:19.0339 5144 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:22:19.0379 5144 USBSTOR - ok
14:22:19.0409 5144 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:22:19.0409 5144 usbuhci - ok
14:22:19.0449 5144 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:22:19.0499 5144 usbvideo - ok
14:22:19.0509 5144 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:22:19.0509 5144 UxSms - ok
14:22:19.0529 5144 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:22:19.0529 5144 VaultSvc - ok
14:22:19.0539 5144 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:22:19.0549 5144 vdrvroot - ok
14:22:19.0589 5144 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:22:19.0649 5144 vds - ok
14:22:19.0669 5144 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:22:19.0669 5144 vga - ok
14:22:19.0689 5144 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:22:19.0689 5144 VgaSave - ok
14:22:19.0719 5144 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:22:19.0769 5144 vhdmp - ok
14:22:19.0779 5144 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:22:19.0789 5144 viaide - ok
14:22:19.0799 5144 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:22:19.0799 5144 volmgr - ok
14:22:19.0839 5144 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:22:19.0839 5144 volmgrx - ok
14:22:19.0859 5144 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:22:19.0859 5144 volsnap - ok
14:22:19.0889 5144 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:22:19.0899 5144 vsmraid - ok
14:22:19.0959 5144 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:22:20.0109 5144 VSS - ok
14:22:20.0119 5144 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:22:20.0119 5144 vwifibus - ok
14:22:20.0149 5144 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:22:20.0149 5144 vwififlt - ok
14:22:20.0189 5144 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:22:20.0209 5144 W32Time - ok
14:22:20.0227 5144 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:22:20.0237 5144 WacomPen - ok
14:22:20.0267 5144 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:22:20.0317 5144 WANARP - ok
14:22:20.0347 5144 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:22:20.0347 5144 Wanarpv6 - ok
14:22:20.0537 5144 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:22:20.0637 5144 WatAdminSvc - ok
14:22:20.0677 5144 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:22:20.0767 5144 wbengine - ok
14:22:20.0787 5144 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:22:20.0797 5144 WbioSrvc - ok
14:22:20.0837 5144 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:22:20.0877 5144 wcncsvc - ok
14:22:20.0887 5144 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:22:20.0897 5144 WcsPlugInService - ok
14:22:20.0917 5144 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:22:20.0917 5144 Wd - ok
14:22:20.0997 5144 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:22:21.0007 5144 Wdf01000 - ok
14:22:21.0027 5144 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:22:21.0037 5144 WdiServiceHost - ok
14:22:21.0047 5144 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:22:21.0047 5144 WdiSystemHost - ok
14:22:21.0077 5144 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:22:21.0117 5144 WebClient - ok
14:22:21.0137 5144 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:22:21.0147 5144 Wecsvc - ok
14:22:21.0167 5144 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:22:21.0167 5144 wercplsupport - ok
14:22:21.0197 5144 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:22:21.0197 5144 WerSvc - ok
14:22:21.0227 5144 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:22:21.0237 5144 WfpLwf - ok
14:22:21.0247 5144 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:22:21.0257 5144 WIMMount - ok
14:22:21.0257 5144 WinHttpAutoProxySvc - ok
14:22:21.0317 5144 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:22:21.0317 5144 Winmgmt - ok
14:22:21.0387 5144 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:22:21.0467 5144 WinRM - ok
14:22:21.0527 5144 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:22:21.0577 5144 WinUsb - ok
14:22:21.0607 5144 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:22:21.0647 5144 Wlansvc - ok
14:22:21.0677 5144 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:22:21.0687 5144 WmiAcpi - ok
14:22:21.0707 5144 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:22:21.0717 5144 wmiApSrv - ok
14:22:21.0747 5144 WMPNetworkSvc - ok
14:22:21.0757 5144 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:22:21.0767 5144 WPCSvc - ok
14:22:21.0807 5144 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:22:21.0847 5144 WPDBusEnum - ok
14:22:21.0867 5144 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:22:21.0877 5144 ws2ifsl - ok
14:22:21.0877 5144 WSearch - ok
14:22:21.0897 5144 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:22:21.0947 5144 WudfPf - ok
14:22:21.0987 5144 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:22:22.0037 5144 WUDFRd - ok
14:22:22.0077 5144 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:22:22.0117 5144 wudfsvc - ok
14:22:22.0137 5144 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:22:22.0137 5144 WwanSvc - ok
14:22:22.0177 5144 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
14:22:22.0187 5144 yukonw7 - ok
14:22:22.0207 5144 ================ Scan global ===============================
14:22:22.0227 5144 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:22:22.0268 5144 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:22:22.0318 5144 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:22:22.0338 5144 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:22:22.0378 5144 [ 014A9CB92514E27C0107614DF764BC06 ] C:\Windows\system32\services.exe
14:22:22.0388 5144 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
14:22:22.0388 5144 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
14:22:22.0388 5144 ================ Scan MBR ==================================
14:22:22.0388 5144 [ 53400DB3CA8E9E932C47F1BBCBA8FD72 ] \Device\Harddisk0\DR0
14:22:22.0688 5144 \Device\Harddisk0\DR0 - ok
14:22:22.0688 5144 ================ Scan VBR ==================================
14:22:22.0698 5144 [ 5938CF120B7C9EA82443F3CD99934219 ] \Device\Harddisk0\DR0\Partition1
14:22:22.0698 5144 \Device\Harddisk0\DR0\Partition1 - ok
14:22:22.0728 5144 [ F3F30B7C4179CE45B2EC51748304AC7D ] \Device\Harddisk0\DR0\Partition2
14:22:22.0728 5144 \Device\Harddisk0\DR0\Partition2 - ok
14:22:22.0758 5144 [ D7D14F47DB6BED9B786BC4964C9569A0 ] \Device\Harddisk0\DR0\Partition3
14:22:22.0758 5144 \Device\Harddisk0\DR0\Partition3 - ok
14:22:22.0758 5144 ============================================================
14:22:22.0758 5144 Scan finished
14:22:22.0758 5144 ============================================================
14:22:22.0778 3836 Detected object count: 1
14:22:22.0778 3836 Actual detected object count: 1
14:24:06.0936 3836 C:\Windows\system32\services.exe - copied to quarantine
14:24:18.0946 3836 C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\@ - copied to quarantine
14:24:18.0956 3836 C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\L\00000004.@ - copied to quarantine
14:24:18.0966 3836 C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\L\201d3dde - copied to quarantine
14:24:18.0976 3836 C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\U\80000064.@ - copied to quarantine
14:24:19.0317 3836 C:\Users\Mary\AppData\Local\{62c84f77-987b-450c-f5fd-00ddcaad417b}\@ - copied to quarantine
14:24:39.0661 3836 Backup copy found, using it..
14:24:50.0030 3836 C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\@ - will be deleted on reboot
14:24:50.0030 3836 C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\U\80000064.@ - will be deleted on reboot
14:24:50.0040 3836 C:\Users\Mary\AppData\Local\{62c84f77-987b-450c-f5fd-00ddcaad417b}\@ - will be deleted on reboot
14:24:50.0040 3836 C:\Windows\system32\services.exe - will be cured on reboot
14:24:50.0040 3836 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Cure
14:26:42.0873 5624 Deinitialize success

aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-07 14:30:32
-----------------------------
14:30:32.208 OS Version: Windows x64 6.1.7601 Service Pack 1
14:30:32.208 Number of processors: 2 586 0x170A
14:30:32.218 ComputerName: BLACKPEARL UserName: Mary
14:30:34.368 Initialize success
14:33:34.243 AVAST engine defs: 12090701
14:34:39.309 The log file has been saved successfully to "F:\Computer Logs\aswMBR.txt"


ESET:

Operating memory a variant of Win32/Sirefef.EZ trojan

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 08 September 2012 - 02:07 PM

Please run all the tools again and post the new logs

#5 sb66

sb66
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 10 September 2012 - 08:27 AM

TDSSkiller:

17:26:02.0882 5404 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:26:03.0262 5404 ============================================================
17:26:03.0262 5404 Current date / time: 2012/09/09 17:26:03.0262
17:26:03.0262 5404 SystemInfo:
17:26:03.0262 5404
17:26:03.0262 5404 OS Version: 6.1.7601 ServicePack: 1.0
17:26:03.0262 5404 Product type: Workstation
17:26:03.0262 5404 ComputerName: BLACKPEARL
17:26:03.0262 5404 UserName: Mary
17:26:03.0262 5404 Windows directory: C:\Windows
17:26:03.0262 5404 System windows directory: C:\Windows
17:26:03.0262 5404 Running under WOW64
17:26:03.0262 5404 Processor architecture: Intel x64
17:26:03.0262 5404 Number of processors: 2
17:26:03.0262 5404 Page size: 0x1000
17:26:03.0262 5404 Boot type: Normal boot
17:26:03.0262 5404 ============================================================
17:26:03.0622 5404 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:26:03.0632 5404 ============================================================
17:26:03.0632 5404 \Device\Harddisk0\DR0:
17:26:03.0632 5404 MBR partitions:
17:26:03.0632 5404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:26:03.0632 5404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23A58800
17:26:03.0632 5404 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23ABC800, BlocksNum 0x1971800
17:26:03.0632 5404 ============================================================
17:26:03.0642 5404 C: <-> \Device\Harddisk0\DR0\Partition2
17:26:03.0692 5404 D: <-> \Device\Harddisk0\DR0\Partition3
17:26:03.0692 5404 ============================================================
17:26:03.0692 5404 Initialize success
17:26:03.0692 5404 ============================================================
17:26:09.0568 2384 ============================================================
17:26:09.0568 2384 Scan started
17:26:09.0568 2384 Mode: Manual;
17:26:09.0568 2384 ============================================================
17:26:10.0118 2384 ================ Scan system memory ========================
17:26:10.0118 2384 System memory - ok
17:26:10.0118 2384 ================ Scan services =============================
17:26:10.0188 2384 0295931347051741mcinstcleanup - ok
17:26:10.0278 2384 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:26:10.0328 2384 1394ohci - ok
17:26:10.0378 2384 [ F146E2BA475893DD77B2370DC1211FC6 ] 59134359 C:\Windows\system32\drivers\86259955.sys
17:26:10.0478 2384 [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:26:10.0518 2384 Accelerometer - ok
17:26:10.0568 2384 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:26:10.0628 2384 ACPI - ok
17:26:10.0668 2384 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:26:10.0718 2384 AcpiPmi - ok
17:26:10.0838 2384 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:26:10.0888 2384 AdobeFlashPlayerUpdateSvc - ok
17:26:10.0938 2384 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:26:10.0948 2384 adp94xx - ok
17:26:10.0988 2384 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:26:10.0998 2384 adpahci - ok
17:26:11.0038 2384 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:26:11.0038 2384 adpu320 - ok
17:26:11.0078 2384 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:26:11.0088 2384 AeLookupSvc - ok
17:26:11.0188 2384 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
17:26:11.0188 2384 AESTFilters - ok
17:26:11.0228 2384 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:26:11.0278 2384 AFD - ok
17:26:11.0359 2384 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
17:26:11.0359 2384 AgereModemAudio - ok
17:26:11.0409 2384 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
17:26:11.0469 2384 AgereSoftModem - ok
17:26:11.0529 2384 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:26:11.0529 2384 agp440 - ok
17:26:11.0549 2384 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:26:11.0559 2384 ALG - ok
17:26:11.0579 2384 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:26:11.0579 2384 aliide - ok
17:26:11.0609 2384 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:26:11.0609 2384 amdide - ok
17:26:11.0629 2384 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:26:11.0629 2384 AmdK8 - ok
17:26:11.0669 2384 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:26:11.0669 2384 AmdPPM - ok
17:26:11.0729 2384 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:26:11.0779 2384 amdsata - ok
17:26:11.0789 2384 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:26:11.0799 2384 amdsbs - ok
17:26:11.0819 2384 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:26:11.0869 2384 amdxata - ok
17:26:11.0909 2384 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:26:11.0959 2384 AppID - ok
17:26:11.0969 2384 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:26:11.0979 2384 AppIDSvc - ok
17:26:12.0009 2384 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:26:12.0049 2384 Appinfo - ok
17:26:12.0139 2384 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:26:12.0139 2384 Apple Mobile Device - ok
17:26:12.0169 2384 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:26:12.0169 2384 arc - ok
17:26:12.0179 2384 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:26:12.0179 2384 arcsas - ok
17:26:12.0209 2384 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:26:12.0209 2384 AsyncMac - ok
17:26:12.0249 2384 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:26:12.0249 2384 atapi - ok
17:26:12.0379 2384 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
17:26:12.0499 2384 atikmdag - ok
17:26:12.0539 2384 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:26:12.0589 2384 AudioEndpointBuilder - ok
17:26:12.0599 2384 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:26:12.0649 2384 AudioSrv - ok
17:26:12.0699 2384 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:26:12.0729 2384 AxInstSV - ok
17:26:12.0769 2384 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:26:12.0779 2384 b06bdrv - ok
17:26:12.0799 2384 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:26:12.0809 2384 b57nd60a - ok
17:26:12.0899 2384 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:26:12.0899 2384 BBSvc - ok
17:26:12.0949 2384 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:26:12.0949 2384 BBUpdate - ok
17:26:12.0979 2384 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:26:12.0979 2384 BDESVC - ok
17:26:12.0999 2384 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:26:12.0999 2384 Beep - ok
17:26:13.0029 2384 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:26:13.0039 2384 blbdrive - ok
17:26:13.0099 2384 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:26:13.0099 2384 Bonjour Service - ok
17:26:13.0129 2384 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:26:13.0179 2384 bowser - ok
17:26:13.0189 2384 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:26:13.0199 2384 BrFiltLo - ok
17:26:13.0209 2384 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:26:13.0219 2384 BrFiltUp - ok
17:26:13.0249 2384 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
17:26:13.0289 2384 Browser - ok
17:26:13.0319 2384 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:26:13.0329 2384 Brserid - ok
17:26:13.0339 2384 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:26:13.0349 2384 BrSerWdm - ok
17:26:13.0359 2384 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:26:13.0369 2384 BrUsbMdm - ok
17:26:13.0379 2384 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:26:13.0379 2384 BrUsbSer - ok
17:26:13.0429 2384 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:26:13.0429 2384 BthEnum - ok
17:26:13.0459 2384 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:26:13.0459 2384 BTHMODEM - ok
17:26:13.0479 2384 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:26:13.0489 2384 BthPan - ok
17:26:13.0519 2384 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:26:13.0569 2384 BTHPORT - ok
17:26:13.0609 2384 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:26:13.0609 2384 bthserv - ok
17:26:13.0619 2384 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:26:13.0669 2384 BTHUSB - ok
17:26:13.0719 2384 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:26:13.0769 2384 btwaudio - ok
17:26:13.0799 2384 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
17:26:13.0849 2384 btwavdt - ok
17:26:13.0899 2384 [ 17DA11C703B8E86AC3DF8F796A118AEF ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:26:13.0909 2384 btwdins - ok
17:26:13.0919 2384 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
17:26:13.0969 2384 btwl2cap - ok
17:26:13.0979 2384 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:26:14.0029 2384 btwrchid - ok
17:26:14.0049 2384 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:26:14.0059 2384 cdfs - ok
17:26:14.0119 2384 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:26:14.0159 2384 cdrom - ok
17:26:14.0199 2384 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:26:14.0239 2384 CertPropSvc - ok
17:26:14.0289 2384 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\Windows\system32\drivers\cfwids.sys
17:26:14.0339 2384 cfwids - ok
17:26:14.0369 2384 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:26:14.0379 2384 circlass - ok
17:26:14.0409 2384 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:26:14.0419 2384 CLFS - ok
17:26:14.0469 2384 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:26:14.0479 2384 clr_optimization_v2.0.50727_32 - ok
17:26:14.0509 2384 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:26:14.0509 2384 clr_optimization_v2.0.50727_64 - ok
17:26:14.0579 2384 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:26:14.0629 2384 clr_optimization_v4.0.30319_32 - ok
17:26:14.0679 2384 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:26:14.0729 2384 clr_optimization_v4.0.30319_64 - ok
17:26:14.0759 2384 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:26:14.0759 2384 CmBatt - ok
17:26:14.0789 2384 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:26:14.0799 2384 cmdide - ok
17:26:14.0839 2384 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:26:14.0889 2384 CNG - ok
17:26:14.0939 2384 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
17:26:14.0949 2384 Com4QLBEx - ok
17:26:14.0969 2384 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:26:14.0969 2384 Compbatt - ok
17:26:15.0009 2384 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:26:15.0059 2384 CompositeBus - ok
17:26:15.0069 2384 COMSysApp - ok
17:26:15.0099 2384 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:26:15.0099 2384 crcdisk - ok
17:26:15.0149 2384 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:26:15.0179 2384 CryptSvc - ok
17:26:15.0229 2384 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:26:15.0239 2384 DcomLaunch - ok
17:26:15.0259 2384 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:26:15.0269 2384 defragsvc - ok
17:26:15.0319 2384 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:26:15.0319 2384 DfsC - ok
17:26:15.0360 2384 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:26:15.0390 2384 Dhcp - ok
17:26:15.0460 2384 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:26:15.0470 2384 discache - ok
17:26:15.0510 2384 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:26:15.0510 2384 Disk - ok
17:26:15.0550 2384 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:26:15.0590 2384 Dnscache - ok
17:26:15.0640 2384 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:26:15.0670 2384 dot3svc - ok
17:26:15.0720 2384 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:26:15.0730 2384 dot4 - ok
17:26:15.0770 2384 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
17:26:15.0820 2384 Dot4Print - ok
17:26:15.0830 2384 [ 488669CD1CD3BDCFDD9A5FDA72209069 ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
17:26:15.0840 2384 Dot4Scan - ok
17:26:15.0870 2384 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:26:15.0880 2384 dot4usb - ok
17:26:15.0910 2384 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:26:15.0910 2384 DPS - ok
17:26:15.0940 2384 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:26:15.0940 2384 drmkaud - ok
17:26:15.0990 2384 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:26:16.0070 2384 DXGKrnl - ok
17:26:16.0110 2384 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:26:16.0110 2384 EapHost - ok
17:26:16.0180 2384 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:26:16.0260 2384 ebdrv - ok
17:26:16.0290 2384 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:26:16.0300 2384 EFS - ok
17:26:16.0340 2384 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:26:16.0400 2384 ehRecvr - ok
17:26:16.0420 2384 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:26:16.0420 2384 ehSched - ok
17:26:16.0460 2384 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:26:16.0470 2384 elxstor - ok
17:26:16.0490 2384 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
17:26:16.0540 2384 enecir - ok
17:26:16.0560 2384 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:26:16.0570 2384 ErrDev - ok
17:26:16.0600 2384 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:26:16.0600 2384 EventSystem - ok
17:26:16.0620 2384 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:26:16.0630 2384 exfat - ok
17:26:16.0650 2384 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:26:16.0660 2384 fastfat - ok
17:26:16.0710 2384 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:26:16.0770 2384 Fax - ok
17:26:16.0780 2384 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:26:16.0790 2384 fdc - ok
17:26:16.0810 2384 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:26:16.0810 2384 fdPHost - ok
17:26:16.0820 2384 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:26:16.0830 2384 FDResPub - ok
17:26:16.0840 2384 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:26:16.0850 2384 FileInfo - ok
17:26:16.0860 2384 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:26:16.0860 2384 Filetrace - ok
17:26:16.0870 2384 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:26:16.0880 2384 flpydisk - ok
17:26:16.0920 2384 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:26:16.0960 2384 FltMgr - ok
17:26:17.0000 2384 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:26:17.0050 2384 FontCache - ok
17:26:17.0090 2384 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:26:17.0090 2384 FontCache3.0.0.0 - ok
17:26:17.0110 2384 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:26:17.0110 2384 FsDepends - ok
17:26:17.0140 2384 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:26:17.0190 2384 Fs_Rec - ok
17:26:17.0230 2384 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:26:17.0280 2384 fvevol - ok
17:26:17.0310 2384 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:26:17.0310 2384 gagp30kx - ok
17:26:17.0360 2384 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:26:17.0360 2384 GameConsoleService - ok
17:26:17.0411 2384 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:26:17.0451 2384 GEARAspiWDM - ok
17:26:17.0491 2384 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:26:17.0551 2384 gpsvc - ok
17:26:17.0621 2384 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:26:17.0621 2384 gupdate - ok
17:26:17.0651 2384 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:26:17.0651 2384 gupdatem - ok
17:26:17.0681 2384 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:26:17.0681 2384 hcw85cir - ok
17:26:17.0721 2384 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:26:17.0771 2384 HdAudAddService - ok
17:26:17.0801 2384 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:26:17.0851 2384 HDAudBus - ok
17:26:17.0861 2384 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:26:17.0871 2384 HidBatt - ok
17:26:17.0891 2384 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:26:17.0891 2384 HidBth - ok
17:26:17.0931 2384 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:26:17.0931 2384 HidIr - ok
17:26:17.0961 2384 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:26:17.0971 2384 hidserv - ok
17:26:17.0991 2384 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:26:18.0041 2384 HidUsb - ok
17:26:18.0071 2384 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:26:18.0111 2384 hkmsvc - ok
17:26:18.0151 2384 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:26:18.0191 2384 HomeGroupListener - ok
17:26:18.0221 2384 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:26:18.0261 2384 HomeGroupProvider - ok
17:26:18.0321 2384 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:26:18.0321 2384 HP Support Assistant Service - ok
17:26:18.0381 2384 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:26:18.0381 2384 HPDrvMntSvc.exe - ok
17:26:18.0411 2384 [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:26:18.0461 2384 hpdskflt - ok
17:26:18.0481 2384 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:26:18.0521 2384 HpqKbFiltr - ok
17:26:18.0591 2384 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:26:18.0601 2384 hpqwmiex - ok
17:26:18.0651 2384 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:26:18.0701 2384 HpSAMD - ok
17:26:18.0721 2384 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv C:\Windows\system32\Hpservice.exe
17:26:18.0721 2384 hpsrv - ok
17:26:18.0771 2384 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:26:18.0781 2384 HTTP - ok
17:26:18.0811 2384 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:26:18.0851 2384 hwpolicy - ok
17:26:18.0881 2384 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:26:18.0891 2384 i8042prt - ok
17:26:18.0981 2384 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:26:18.0981 2384 IAANTMON - ok
17:26:19.0041 2384 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:26:19.0101 2384 iaStor - ok
17:26:19.0121 2384 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:26:19.0171 2384 iaStorV - ok
17:26:19.0231 2384 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:26:19.0311 2384 idsvc - ok
17:26:19.0481 2384 [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:26:19.0641 2384 igfx - ok
17:26:19.0671 2384 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:26:19.0671 2384 iirsp - ok
17:26:19.0721 2384 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:26:19.0771 2384 IKEEXT - ok
17:26:19.0811 2384 [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
17:26:19.0861 2384 IntcHdmiAddService - ok
17:26:19.0881 2384 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:26:19.0881 2384 intelide - ok
17:26:19.0901 2384 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:26:19.0911 2384 intelppm - ok
17:26:19.0931 2384 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:26:19.0941 2384 IPBusEnum - ok
17:26:19.0971 2384 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:26:20.0011 2384 IpFilterDriver - ok
17:26:20.0041 2384 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:26:20.0091 2384 IPMIDRV - ok
17:26:20.0111 2384 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:26:20.0121 2384 IPNAT - ok
17:26:20.0181 2384 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:26:20.0191 2384 iPod Service - ok
17:26:20.0211 2384 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:26:20.0221 2384 IRENUM - ok
17:26:20.0251 2384 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:26:20.0261 2384 isapnp - ok
17:26:20.0291 2384 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:26:20.0351 2384 iScsiPrt - ok
17:26:20.0361 2384 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:26:20.0371 2384 kbdclass - ok
17:26:20.0401 2384 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:26:20.0461 2384 kbdhid - ok
17:26:20.0471 2384 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:26:20.0471 2384 KeyIso - ok
17:26:20.0511 2384 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:26:20.0551 2384 KSecDD - ok
17:26:20.0571 2384 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:26:20.0621 2384 KSecPkg - ok
17:26:20.0631 2384 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:26:20.0641 2384 ksthunk - ok
17:26:20.0671 2384 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:26:20.0681 2384 KtmRm - ok
17:26:20.0731 2384 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:26:20.0771 2384 LanmanServer - ok
17:26:20.0821 2384 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:26:20.0851 2384 LanmanWorkstation - ok
17:26:20.0931 2384 [ C48B0F913C944D736A455191ECD8FF45 ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
17:26:20.0941 2384 Lavasoft Ad-Aware Service - ok
17:26:20.0971 2384 [ A352CDB69AF6E18D60C0001D540D8478 ] Lbd C:\Windows\system32\DRIVERS\Lbd.sys
17:26:21.0021 2384 Lbd - ok
17:26:21.0081 2384 [ C2E324014D54DAA2B5A4DE47CB696FD8 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:26:21.0081 2384 LightScribeService - ok
17:26:21.0111 2384 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:26:21.0111 2384 lltdio - ok
17:26:21.0131 2384 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:26:21.0141 2384 lltdsvc - ok
17:26:21.0151 2384 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:26:21.0161 2384 lmhosts - ok
17:26:21.0191 2384 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:26:21.0191 2384 LSI_FC - ok
17:26:21.0221 2384 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:26:21.0221 2384 LSI_SAS - ok
17:26:21.0231 2384 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:26:21.0241 2384 LSI_SAS2 - ok
17:26:21.0251 2384 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:26:21.0261 2384 LSI_SCSI - ok
17:26:21.0271 2384 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:26:21.0281 2384 luafv - ok
17:26:21.0371 2384 [ ACB01BF1A905356AB7F978C7FE852209 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:26:21.0382 2384 McMPFSvc - ok
17:26:21.0397 2384 [ ACB01BF1A905356AB7F978C7FE852209 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:26:21.0407 2384 mcmscsvc - ok
17:26:21.0417 2384 [ ACB01BF1A905356AB7F978C7FE852209 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:26:21.0427 2384 McNaiAnn - ok
17:26:21.0437 2384 [ ACB01BF1A905356AB7F978C7FE852209 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:26:21.0437 2384 McNASvc - ok
17:26:21.0507 2384 [ DD2321925274F2902929D76CE2B0EB45 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
17:26:21.0517 2384 McODS - ok
17:26:21.0517 2384 [ ACB01BF1A905356AB7F978C7FE852209 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:26:21.0527 2384 McProxy - ok
17:26:21.0577 2384 [ E998E3B12101288D716558466CBF6AE1 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:26:21.0577 2384 McShield - ok
17:26:21.0617 2384 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:26:21.0667 2384 Mcx2Svc - ok
17:26:21.0687 2384 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:26:21.0687 2384 megasas - ok
17:26:21.0737 2384 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:26:21.0747 2384 MegaSR - ok
17:26:21.0807 2384 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
17:26:21.0847 2384 mfeapfk - ok
17:26:21.0887 2384 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
17:26:21.0947 2384 mfeavfk - ok
17:26:21.0957 2384 mfeavfk01 - ok
17:26:21.0977 2384 [ B26782C3D6045B4464017D7926877560 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:26:21.0977 2384 mfefire - ok
17:26:22.0017 2384 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
17:26:22.0077 2384 mfefirek - ok
17:26:22.0107 2384 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
17:26:22.0167 2384 mfehidk - ok
17:26:22.0187 2384 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
17:26:22.0237 2384 mfenlfk - ok
17:26:22.0247 2384 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
17:26:22.0297 2384 mferkdet - ok
17:26:22.0337 2384 [ 723A5EB6CEF7F408C3D0F15A82A6BFF8 ] mfevtp C:\Windows\system32\mfevtps.exe
17:26:22.0337 2384 mfevtp - ok
17:26:22.0367 2384 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
17:26:22.0417 2384 mfewfpk - ok
17:26:22.0487 2384 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:26:22.0487 2384 Microsoft Office Groove Audit Service - ok
17:26:22.0507 2384 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:26:22.0507 2384 MMCSS - ok
17:26:22.0527 2384 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:26:22.0537 2384 Modem - ok
17:26:22.0567 2384 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:26:22.0567 2384 monitor - ok
17:26:22.0587 2384 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:26:22.0587 2384 mouclass - ok
17:26:22.0627 2384 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:26:22.0637 2384 mouhid - ok
17:26:22.0667 2384 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:26:22.0717 2384 mountmgr - ok
17:26:22.0767 2384 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:26:22.0767 2384 MozillaMaintenance - ok
17:26:22.0787 2384 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:26:22.0837 2384 mpio - ok
17:26:22.0857 2384 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:26:22.0857 2384 mpsdrv - ok
17:26:22.0897 2384 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:26:22.0947 2384 MRxDAV - ok
17:26:22.0977 2384 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:26:23.0027 2384 mrxsmb - ok
17:26:23.0067 2384 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:26:23.0067 2384 mrxsmb10 - ok
17:26:23.0087 2384 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:26:23.0137 2384 mrxsmb20 - ok
17:26:23.0167 2384 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:26:23.0217 2384 msahci - ok
17:26:23.0237 2384 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:26:23.0297 2384 msdsm - ok
17:26:23.0317 2384 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:26:23.0317 2384 MSDTC - ok
17:26:23.0347 2384 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:26:23.0347 2384 Msfs - ok
17:26:23.0357 2384 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:26:23.0357 2384 mshidkmdf - ok
17:26:23.0387 2384 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:26:23.0387 2384 msisadrv - ok
17:26:23.0417 2384 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:26:23.0427 2384 MSiSCSI - ok
17:26:23.0427 2384 msiserver - ok
17:26:23.0457 2384 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:26:23.0457 2384 MSKSSRV - ok
17:26:23.0487 2384 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:26:23.0497 2384 MSPCLOCK - ok
17:26:23.0497 2384 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:26:23.0497 2384 MSPQM - ok
17:26:23.0537 2384 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:26:23.0577 2384 MsRPC - ok
17:26:23.0597 2384 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:26:23.0597 2384 mssmbios - ok
17:26:23.0607 2384 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:26:23.0617 2384 MSTEE - ok
17:26:23.0637 2384 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:26:23.0637 2384 MTConfig - ok
17:26:23.0657 2384 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:26:23.0667 2384 Mup - ok
17:26:23.0717 2384 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:26:23.0777 2384 napagent - ok
17:26:23.0797 2384 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:26:23.0807 2384 NativeWifiP - ok
17:26:23.0847 2384 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:26:23.0977 2384 NDIS - ok
17:26:24.0037 2384 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:26:24.0057 2384 NdisCap - ok
17:26:24.0077 2384 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:26:24.0077 2384 NdisTapi - ok
17:26:24.0127 2384 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:26:24.0167 2384 Ndisuio - ok
17:26:24.0247 2384 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:26:24.0297 2384 NdisWan - ok
17:26:24.0327 2384 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:26:24.0377 2384 NDProxy - ok
17:26:24.0397 2384 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:26:24.0407 2384 NetBIOS - ok
17:26:24.0437 2384 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:26:24.0507 2384 NetBT - ok
17:26:24.0517 2384 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:26:24.0517 2384 Netlogon - ok
17:26:24.0557 2384 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:26:24.0597 2384 Netman - ok
17:26:24.0627 2384 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:26:24.0627 2384 netprofm - ok
17:26:24.0647 2384 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:26:24.0657 2384 NetTcpPortSharing - ok
17:26:24.0837 2384 [ E72F4522801FFB8F0456924FB0017BFF ] NETw1v64 C:\Windows\system32\DRIVERS\NETw1v64.sys
17:26:25.0217 2384 NETw1v64 - ok
17:26:25.0487 2384 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
17:26:25.0657 2384 NETw5s64 - ok
17:26:25.0957 2384 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
17:26:26.0127 2384 netw5v64 - ok
17:26:26.0177 2384 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:26:26.0197 2384 nfrd960 - ok
17:26:26.0237 2384 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:26:26.0277 2384 NlaSvc - ok
17:26:26.0417 2384 [ EF7A048FE8E3F102C78C9BD7C448BB6C ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
17:26:26.0417 2384 nosGetPlusHelper - ok
17:26:26.0457 2384 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:26:26.0477 2384 Npfs - ok
17:26:26.0537 2384 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:26:26.0537 2384 nsi - ok
17:26:26.0547 2384 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:26:26.0547 2384 nsiproxy - ok
17:26:26.0617 2384 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:26:26.0707 2384 Ntfs - ok
17:26:26.0727 2384 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:26:26.0727 2384 Null - ok
17:26:26.0747 2384 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:26:26.0797 2384 nvraid - ok
17:26:26.0837 2384 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:26:26.0887 2384 nvstor - ok
17:26:26.0937 2384 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:26:26.0947 2384 nv_agp - ok
17:26:27.0017 2384 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:26:27.0457 2384 odserv - ok
17:26:27.0577 2384 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:26:27.0587 2384 ohci1394 - ok
17:26:27.0667 2384 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:26:27.0977 2384 ose - ok
17:26:27.0987 2384 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:26:27.0997 2384 p2pimsvc - ok
17:26:28.0057 2384 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:26:28.0097 2384 p2psvc - ok
17:26:28.0147 2384 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:26:28.0167 2384 Parport - ok
17:26:28.0287 2384 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:26:28.0337 2384 partmgr - ok
17:26:28.0407 2384 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:26:28.0427 2384 PcaSvc - ok
17:26:28.0517 2384 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:26:28.0577 2384 pci - ok
17:26:28.0647 2384 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:26:28.0657 2384 pciide - ok
17:26:28.0707 2384 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:26:28.0757 2384 pcmcia - ok
17:26:28.0787 2384 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:26:28.0787 2384 pcw - ok
17:26:28.0817 2384 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:26:28.0837 2384 PEAUTH - ok
17:26:28.0907 2384 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:26:28.0907 2384 PerfHost - ok
17:26:29.0007 2384 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:26:29.0087 2384 pla - ok
17:26:29.0167 2384 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:26:29.0217 2384 PlugPlay - ok
17:26:29.0217 2384 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:26:29.0227 2384 PNRPAutoReg - ok
17:26:29.0247 2384 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:26:29.0257 2384 PNRPsvc - ok
17:26:29.0267 2384 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:26:29.0327 2384 PolicyAgent - ok
17:26:29.0347 2384 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:26:29.0347 2384 Power - ok
17:26:29.0387 2384 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:26:29.0437 2384 PptpMiniport - ok
17:26:29.0457 2384 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:26:29.0457 2384 Processor - ok
17:26:29.0497 2384 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:26:29.0537 2384 ProfSvc - ok
17:26:29.0547 2384 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:26:29.0547 2384 ProtectedStorage - ok
17:26:29.0587 2384 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:26:29.0637 2384 Psched - ok
17:26:29.0687 2384 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:26:29.0757 2384 ql2300 - ok
17:26:29.0777 2384 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:26:29.0777 2384 ql40xx - ok
17:26:29.0797 2384 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:26:29.0797 2384 QWAVE - ok
17:26:29.0827 2384 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:26:29.0827 2384 QWAVEdrv - ok
17:26:29.0837 2384 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:26:29.0847 2384 RasAcd - ok
17:26:29.0867 2384 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:26:29.0867 2384 RasAgileVpn - ok
17:26:29.0877 2384 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:26:29.0887 2384 RasAuto - ok
17:26:29.0927 2384 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:26:29.0967 2384 Rasl2tp - ok
17:26:30.0017 2384 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:26:30.0087 2384 RasMan - ok
17:26:30.0247 2384 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:26:30.0247 2384 RasPppoe - ok
17:26:30.0267 2384 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:26:30.0267 2384 RasSstp - ok
17:26:30.0307 2384 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:26:30.0357 2384 rdbss - ok
17:26:30.0377 2384 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:26:30.0387 2384 rdpbus - ok
17:26:30.0397 2384 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:26:30.0397 2384 RDPCDD - ok
17:26:30.0417 2384 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:26:30.0417 2384 RDPENCDD - ok
17:26:30.0427 2384 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:26:30.0437 2384 RDPREFMP - ok
17:26:30.0467 2384 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:26:30.0517 2384 RDPWD - ok
17:26:30.0547 2384 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:26:30.0597 2384 rdyboost - ok
17:26:30.0627 2384 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:26:30.0627 2384 RemoteAccess - ok
17:26:30.0647 2384 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:26:30.0647 2384 RemoteRegistry - ok
17:26:30.0667 2384 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:26:30.0677 2384 RFCOMM - ok
17:26:30.0737 2384 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:26:30.0737 2384 RichVideo - ok
17:26:30.0747 2384 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:26:30.0757 2384 RpcEptMapper - ok
17:26:30.0777 2384 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:26:30.0787 2384 RpcLocator - ok
17:26:30.0827 2384 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:26:30.0827 2384 RpcSs - ok
17:26:30.0837 2384 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:26:30.0847 2384 rspndr - ok
17:26:30.0867 2384 RSUSBSTOR - ok
17:26:30.0907 2384 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:26:30.0967 2384 RTL8167 - ok
17:26:30.0977 2384 RtsUIR - ok
17:26:30.0987 2384 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:26:30.0997 2384 SamSs - ok
17:26:31.0017 2384 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:26:31.0077 2384 sbp2port - ok
17:26:31.0137 2384 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
17:26:31.0157 2384 SBSDWSCService - ok
17:26:31.0197 2384 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:26:31.0247 2384 SCardSvr - ok
17:26:31.0267 2384 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:26:31.0327 2384 scfilter - ok
17:26:31.0377 2384 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:26:31.0397 2384 Schedule - ok
17:26:31.0437 2384 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:26:31.0477 2384 SCPolicySvc - ok
17:26:31.0507 2384 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:26:31.0567 2384 sdbus - ok
17:26:31.0597 2384 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:26:31.0647 2384 SDRSVC - ok
17:26:31.0717 2384 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:26:31.0747 2384 secdrv - ok
17:26:31.0777 2384 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:26:31.0827 2384 seclogon - ok
17:26:31.0867 2384 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:26:31.0867 2384 SENS - ok
17:26:31.0887 2384 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:26:31.0927 2384 SensrSvc - ok
17:26:31.0937 2384 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:26:31.0977 2384 Serenum - ok
17:26:31.0987 2384 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:26:32.0027 2384 Serial - ok
17:26:32.0057 2384 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:26:32.0067 2384 sermouse - ok
17:26:32.0107 2384 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:26:32.0147 2384 SessionEnv - ok
17:26:32.0187 2384 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:26:32.0187 2384 sffdisk - ok
17:26:32.0197 2384 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:26:32.0197 2384 sffp_mmc - ok
17:26:32.0207 2384 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:26:32.0257 2384 sffp_sd - ok
17:26:32.0277 2384 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:26:32.0277 2384 sfloppy - ok
17:26:32.0357 2384 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:26:32.0437 2384 ShellHWDetection - ok
17:26:32.0477 2384 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:26:32.0497 2384 SiSRaid2 - ok
17:26:32.0517 2384 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:26:32.0547 2384 SiSRaid4 - ok
17:26:32.0597 2384 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:26:32.0597 2384 SkypeUpdate - ok
17:26:32.0627 2384 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:26:32.0647 2384 Smb - ok
17:26:32.0667 2384 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:26:32.0677 2384 SNMPTRAP - ok
17:26:32.0687 2384 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:26:32.0737 2384 spldr - ok
17:26:32.0777 2384 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
17:26:32.0787 2384 Spooler - ok
17:26:32.0897 2384 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:26:33.0107 2384 sppsvc - ok
17:26:33.0117 2384 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:26:33.0127 2384 sppuinotify - ok
17:26:33.0217 2384 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:26:33.0277 2384 srv - ok
17:26:33.0317 2384 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:26:33.0377 2384 srv2 - ok
17:26:33.0397 2384 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:26:33.0407 2384 SrvHsfHDA - ok
17:26:33.0447 2384 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:26:33.0497 2384 SrvHsfV92 - ok
17:26:33.0527 2384 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:26:33.0547 2384 SrvHsfWinac - ok
17:26:33.0567 2384 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:26:33.0617 2384 srvnet - ok
17:26:33.0637 2384 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:26:33.0647 2384 SSDPSRV - ok
17:26:33.0657 2384 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:26:33.0667 2384 SstpSvc - ok
17:26:33.0777 2384 [ 2185595C6663660FDC90F5A2A79E2155 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
17:26:33.0787 2384 STacSV - ok
17:26:33.0807 2384 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:26:33.0807 2384 stexstor - ok
17:26:33.0847 2384 [ 8D1CE4322A35F840711B87927CB57C05 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:26:33.0907 2384 STHDA - ok
17:26:33.0947 2384 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:26:33.0997 2384 stisvc - ok
17:26:34.0027 2384 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:26:34.0037 2384 swenum - ok
17:26:34.0057 2384 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:26:34.0067 2384 swprv - ok
17:26:34.0107 2384 [ 924D711941956F7420A4925592BE8253 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:26:34.0157 2384 SynTP - ok
17:26:34.0217 2384 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:26:34.0287 2384 SysMain - ok
17:26:34.0317 2384 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:26:34.0357 2384 TabletInputService - ok
17:26:34.0397 2384 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:26:34.0427 2384 TapiSrv - ok
17:26:34.0447 2384 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:26:34.0457 2384 TBS - ok
17:26:34.0517 2384 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:26:34.0637 2384 Tcpip - ok
17:26:34.0677 2384 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:26:34.0727 2384 TCPIP6 - ok
17:26:35.0041 2384 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:26:35.0081 2384 tcpipreg - ok
17:26:35.0111 2384 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:26:35.0121 2384 TDPIPE - ok
17:26:35.0151 2384 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:26:35.0191 2384 TDTCP - ok
17:26:35.0221 2384 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:26:35.0271 2384 tdx - ok
17:26:35.0311 2384 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:26:35.0351 2384 TermDD - ok
17:26:35.0391 2384 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:26:35.0441 2384 TermService - ok
17:26:35.0451 2384 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:26:35.0461 2384 Themes - ok
17:26:35.0481 2384 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:26:35.0481 2384 THREADORDER - ok
17:26:35.0501 2384 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:26:35.0501 2384 TrkWks - ok
17:26:35.0561 2384 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:26:35.0611 2384 TrustedInstaller - ok
17:26:35.0641 2384 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:26:35.0691 2384 tssecsrv - ok
17:26:35.0731 2384 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:26:35.0771 2384 TsUsbFlt - ok
17:26:35.0821 2384 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:26:35.0871 2384 tunnel - ok
17:26:35.0891 2384 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:26:35.0901 2384 uagp35 - ok
17:26:35.0931 2384 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:26:35.0981 2384 udfs - ok
17:26:35.0991 2384 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:26:36.0001 2384 UI0Detect - ok
17:26:36.0021 2384 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:26:36.0021 2384 uliagpkx - ok
17:26:36.0061 2384 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:26:36.0111 2384 umbus - ok
17:26:36.0121 2384 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:26:36.0121 2384 UmPass - ok
17:26:36.0141 2384 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:26:36.0161 2384 upnphost - ok
17:26:36.0191 2384 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:26:36.0231 2384 USBAAPL64 - ok
17:26:36.0251 2384 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:26:36.0301 2384 usbccgp - ok
17:26:36.0301 2384 USBCCID - ok
17:26:36.0341 2384 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:26:36.0351 2384 usbcir - ok
17:26:36.0371 2384 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:26:36.0421 2384 usbehci - ok
17:26:36.0441 2384 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:26:36.0501 2384 usbhub - ok
17:26:36.0511 2384 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:26:36.0561 2384 usbohci - ok
17:26:36.0581 2384 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:26:36.0591 2384 usbprint - ok
17:26:36.0611 2384 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:26:36.0661 2384 USBSTOR - ok
17:26:36.0681 2384 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:26:36.0731 2384 usbuhci - ok
17:26:36.0791 2384 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:26:36.0841 2384 usbvideo - ok
17:26:36.0851 2384 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:26:36.0861 2384 UxSms - ok
17:26:36.0871 2384 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:26:36.0871 2384 VaultSvc - ok
17:26:36.0891 2384 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:26:36.0891 2384 vdrvroot - ok
17:26:36.0931 2384 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:26:37.0001 2384 vds - ok
17:26:37.0031 2384 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:26:37.0031 2384 vga - ok
17:26:37.0052 2384 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:26:37.0052 2384 VgaSave - ok
17:26:37.0092 2384 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:26:37.0142 2384 vhdmp - ok
17:26:37.0182 2384 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:26:37.0192 2384 viaide - ok
17:26:37.0202 2384 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:26:37.0252 2384 volmgr - ok
17:26:37.0282 2384 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:26:37.0342 2384 volmgrx - ok
17:26:37.0352 2384 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:26:37.0412 2384 volsnap - ok
17:26:37.0442 2384 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:26:37.0442 2384 vsmraid - ok
17:26:37.0512 2384 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:26:37.0572 2384 VSS - ok
17:26:37.0582 2384 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:26:37.0582 2384 vwifibus - ok
17:26:37.0612 2384 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:26:37.0612 2384 vwififlt - ok
17:26:37.0632 2384 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:26:37.0652 2384 W32Time - ok
17:26:37.0662 2384 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:26:37.0672 2384 WacomPen - ok
17:26:37.0702 2384 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:26:37.0752 2384 WANARP - ok
17:26:37.0822 2384 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:26:37.0872 2384 Wanarpv6 - ok
17:26:37.0932 2384 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:26:38.0032 2384 WatAdminSvc - ok
17:26:38.0092 2384 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:26:38.0192 2384 wbengine - ok
17:26:38.0212 2384 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:26:38.0222 2384 WbioSrvc - ok
17:26:38.0252 2384 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:26:38.0302 2384 wcncsvc - ok
17:26:38.0312 2384 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:26:38.0322 2384 WcsPlugInService - ok
17:26:38.0342 2384 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:26:38.0352 2384 Wd - ok
17:26:38.0382 2384 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:26:38.0412 2384 Wdf01000 - ok
17:26:38.0422 2384 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:26:38.0432 2384 WdiServiceHost - ok
17:26:38.0432 2384 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:26:38.0442 2384 WdiSystemHost - ok
17:26:38.0482 2384 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:26:38.0522 2384 WebClient - ok
17:26:38.0532 2384 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:26:38.0542 2384 Wecsvc - ok
17:26:38.0562 2384 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:26:38.0572 2384 wercplsupport - ok
17:26:38.0582 2384 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:26:38.0582 2384 WerSvc - ok
17:26:38.0602 2384 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:26:38.0602 2384 WfpLwf - ok
17:26:38.0622 2384 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:26:38.0632 2384 WIMMount - ok
17:26:38.0632 2384 WinHttpAutoProxySvc - ok
17:26:38.0682 2384 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:26:38.0692 2384 Winmgmt - ok
17:26:38.0762 2384 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:26:38.0872 2384 WinRM - ok
17:26:38.0952 2384 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:26:38.0992 2384 WinUsb - ok
17:26:39.0032 2384 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:26:39.0042 2384 Wlansvc - ok
17:26:39.0052 2384 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:26:39.0052 2384 WmiAcpi - ok
17:26:39.0082 2384 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:26:39.0092 2384 wmiApSrv - ok
17:26:39.0122 2384 WMPNetworkSvc - ok
17:26:39.0152 2384 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:26:39.0152 2384 WPCSvc - ok
17:26:39.0192 2384 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:26:39.0222 2384 WPDBusEnum - ok
17:26:39.0252 2384 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:26:39.0252 2384 ws2ifsl - ok
17:26:39.0262 2384 WSearch - ok
17:26:39.0282 2384 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:26:39.0332 2384 WudfPf - ok
17:26:39.0382 2384 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:26:39.0422 2384 WUDFRd - ok
17:26:39.0452 2384 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:26:39.0492 2384 wudfsvc - ok
17:26:39.0512 2384 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:26:39.0522 2384 WwanSvc - ok
17:26:39.0562 2384 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
17:26:39.0572 2384 yukonw7 - ok
17:26:39.0582 2384 ================ Scan global ===============================
17:26:39.0612 2384 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:26:39.0652 2384 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:26:39.0702 2384 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:26:39.0762 2384 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:26:39.0792 2384 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:26:39.0802 2384 [Global] - ok
17:26:39.0802 2384 ================ Scan MBR ==================================
17:26:39.0812 2384 [ 53400DB3CA8E9E932C47F1BBCBA8FD72 ] \Device\Harddisk0\DR0
17:26:39.0972 2384 \Device\Harddisk0\DR0 - ok
17:26:39.0972 2384 ================ Scan VBR ==================================
17:26:39.0972 2384 [ 5938CF120B7C9EA82443F3CD99934219 ] \Device\Harddisk0\DR0\Partition1
17:26:39.0982 2384 \Device\Harddisk0\DR0\Partition1 - ok
17:26:39.0992 2384 [ F3F30B7C4179CE45B2EC51748304AC7D ] \Device\Harddisk0\DR0\Partition2
17:26:39.0992 2384 \Device\Harddisk0\DR0\Partition2 - ok
17:26:40.0022 2384 [ D7D14F47DB6BED9B786BC4964C9569A0 ] \Device\Harddisk0\DR0\Partition3
17:26:40.0022 2384 \Device\Harddisk0\DR0\Partition3 - ok
17:26:40.0022 2384 ============================================================
17:26:40.0022 2384 Scan finished
17:26:40.0022 2384 ============================================================
17:26:40.0042 1244 Detected object count: 0
17:26:40.0042 1244 Actual detected object count: 0
17:27:11.0562 6076 Deinitialize success

aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-09 17:30:12
-----------------------------
17:30:12.443 OS Version: Windows x64 6.1.7601 Service Pack 1
17:30:12.443 Number of processors: 2 586 0x170A
17:30:12.443 ComputerName: BLACKPEARL UserName: Mary
17:30:15.981 Initialize success
17:33:47.763 AVAST engine defs: 12090901
17:35:18.280 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:35:18.280 Disk 0 Vendor: WDC_WD32 12.0 Size: 305245MB BusType: 3
17:35:18.290 Disk 0 MBR read successfully
17:35:18.290 Disk 0 MBR scan
17:35:18.300 Disk 0 unknown MBR code
17:35:18.330 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
17:35:18.340 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 292017 MB offset 409600
17:35:18.370 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13027 MB offset 598460416
17:35:18.400 Disk 0 scanning C:\Windows\system32\drivers
17:35:35.119 Service scanning
17:35:35.739 Service 59134359 C:\Windows\system32\drivers\86259955.sys **HIDDEN**
17:35:56.265 Modules scanning
17:35:56.265 Disk 0 trace - called modules:
17:35:56.305 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
17:35:56.305 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005826060]
17:35:56.315 3 CLASSPNP.SYS[fffff8800109843f] -> nt!IofCallDriver -> [0xfffffa8005825b10]
17:35:56.315 5 hpdskflt.sys[fffff8800220b289] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b01050]
17:35:57.741 AVAST engine scan C:\Windows
17:36:00.417 AVAST engine scan C:\Windows\system32
17:37:55.434 File: C:\Windows\system32\services.tmp **INFECTED** Win32:Patched-AKC [Trj]
17:38:44.457 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
17:38:47.217 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
17:40:32.424 AVAST engine scan C:\Windows\system32\drivers
17:41:01.955 AVAST engine scan C:\Users\Mary
17:43:14.153 Disk 0 MBR has been saved successfully to "F:\Computer Logs\MBR.dat"
17:43:14.183 The log file has been saved successfully to "F:\Computer Logs\aswMBR.txt"


ESET:

Operating memory a variant of Win32/Sirefef.EZ trojan

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 10 September 2012 - 09:02 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 sb66

sb66
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 15 September 2012 - 03:44 PM

sorry for delay in response . . . long week. Thank you again: here are the logs:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.13.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mary :: BLACKPEARL [administrator]

9/14/2012 5:09:44 PM
mbam-log-2012-09-14 (17-09-44).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 474140
Time elapsed: 2 hour(s), 38 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Mary (administrator) on 15-09-2012 at 14:13:56
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : BlackPearl
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.co.comcast.net.

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : hsd1.co.comcast.net.
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 00-1E-64-5D-D1-B2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::59f:52e7:9c13:2526%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, September 14, 2012 5:03:33 PM
Lease Expires . . . . . . . . . . : Sunday, September 16, 2012 2:10:24 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 369106532
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-25-59-E2-00-26-9E-65-F4-7F
DNS Servers . . . . . . . . . . . : 75.75.75.75
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-24-7E-F4-D6-25
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{077F9CF6-3164-4040-81B0-5892746F04D3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.co.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 2607:f8b0:400f:800::100e
74.125.225.200
74.125.225.198
74.125.225.199
74.125.225.196
74.125.225.197
74.125.225.194
74.125.225.193
74.125.225.201
74.125.225.192
74.125.225.206
74.125.225.195


Pinging google.com [74.125.225.193] with 32 bytes of data:
Reply from 74.125.225.193: bytes=32 time=15ms TTL=55
Reply from 74.125.225.193: bytes=32 time=16ms TTL=55

Ping statistics for 74.125.225.193:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 16ms, Average = 15ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=400ms TTL=47
Reply from 98.139.183.24: bytes=32 time=376ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 376ms, Maximum = 400ms, Average = 388ms
Server: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...00 1e 64 5d d1 b2 ......Intel® WiFi Link 1000 BGN
13...00 24 7e f4 d6 25 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 281
192.168.1.103 255.255.255.255 On-link 192.168.1.103 281
192.168.1.255 255.255.255.255 On-link 192.168.1.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
14 281 fe80::/64 On-link
14 281 fe80::59f:52e7:9c13:2526/128
On-link
1 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/14/2012 08:56:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: tapisrv.dll_unloaded, version: 0.0.0.0, time stamp: 0x4ce7c9d7
Exception code: 0xc0000005
Fault offset: 0x000007fefc1d87e3
Faulting process id: 0x554
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (09/14/2012 08:50:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2012 08:50:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2012 08:42:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/10/2012 11:42:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16646

Error: (09/10/2012 11:42:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16646

Error: (09/10/2012 11:42:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/09/2012 07:00:37 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (09/09/2012 05:46:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/09/2012 05:45:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/15/2012 02:10:42 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/15/2012 02:10:42 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/15/2012 02:10:37 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/15/2012 02:10:37 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/15/2012 02:10:36 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/15/2012 02:10:36 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/15/2012 02:10:32 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/15/2012 02:10:32 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/15/2012 02:10:32 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/15/2012 02:10:32 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (07/14/2011 02:11:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 665 seconds with 360 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 1.6.65)
Ad-Aware
Ad-Aware (Version: 8.1.1)
Adobe AIR (Version: 3.1.0.4880)
Adobe Download Assistant (Version: 1.0.6)
Adobe Download Manager (Version: 1.6.2.90)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Photoshop 5.5 (Version: 5.5)
Adobe Reader 9.5.1 (Version: 9.5.1)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.13.1.0)
Bing Bar (Version: 7.0.822.0)
Bonjour (Version: 3.0.0.10)
Camera Window (Version: 4.1.1)
Canon Camera Window for ZoomBrowser EX (Version: 4.1.1)
Canon PhotoRecord
Canon Utilities File Viewer Utility 1.2 (Version: 1.2.1)
Canon Utilities PhotoStitch 3.1 (Version: 3.1.9)
Canon Utilities RemoteCapture 2.7 (Version: 2.7.1)
Canon Utilities ZoomBrowser EX (Version: 04.01.00046)
CCleaner (Version: 3.16)
Choice Guard (Version: 1.2.87.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite (Version: 6.0.3101)
Driver Detective (Version: 8.0.1)
Dropbox (Version: 1.4.7)
ENE CIR Receiver Driver (Version: 2.7.4.0)
ESET Online Scanner v3
File Viewer Utility 1.2.1 (Version: 1.2.1)
Google Earth (Version: 6.1.0.5001)
Google SketchUp 8 (Version: 3.0.4811)
Google Update Helper (Version: 1.3.21.115)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Homepage Protection (Version: )
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.2.9652.3188)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Games (Version: 1.0.0.71)
HP Integrated Module with Bluetooth wireless technology (Version: 6.2.0.9602)
HP MediaSmart DVD (Version: 3.0.3123)
HP MediaSmart Internet TV (Version: 3.0.1916)
HP MediaSmart Live TV (Version: 3.0.1924)
HP MediaSmart Movie Themes (Version: 3.0.3102)
HP MediaSmart Music/Photo/Video (Version: 3.0.3123)
HP MediaSmart SlingPlayer (Version: 2.1.1.60)
HP MediaSmart SmartMenu (Version: 3.0.30.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP MediaSmart Webcam (Version: 3.0.1913)
HP Quick Launch Buttons (Version: 6.50.12.1)
HP Setup (Version: 1.2.3220.3079)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Support Assistant (Version: 6.1.12.1)
HP Update (Version: 5.001.000.014)
HP User Guides 0154 (Version: 1.01.0001)
HP Wireless Assistant (Version: 3.50.9.1)
iDailyDiary 3.81
IDT Audio (Version: 1.0.6230.0)
IKEA Home Planner (Version: 2.0.3)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1883)
Intel® Matrix Storage Manager
Internet TV for Windows Media Center (Version: 3.2.1.0)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 14 (64-bit) (Version: 6.0.140)
Java™ 6 Update 32 (Version: 6.0.320)
Junk Mail filter update (Version: 14.0.8064.206)
LabelPrint (Version: 2.5.1913)
LightScribe System Software (Version: 1.18.10.2)
LSI HDA Modem (Version: 2.1.94)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mavis Beacon Deluxe - 25th Anniv. Ed. (Version: 21.00.0000)
McAfee SecurityCenter (Version: 11.0.678)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (Version: 3.0.560.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 Trial (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 Trial (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PhotoStitch (Version: 3.1.9)
Power2Go (Version: 6.0.3101)
PowerDirector (Version: 7.0.3101)
PowerRecover (Version: 5.5.1923)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.71.80.42)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0007)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30094)
RemoteCapture 2.7.1 (Version: 2.7.1)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.115)
SlingBoxWatchYourTVAnyWhere (Version: 2.1.1.58)
SmartWebPrinting (Version: 140.0.186.000)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 14.0.0.3)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Mail (Version: 14.0.8064.0206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8064.0206)
Windows Media Center Add-in for Flash (Version: 3.1.1.0)

========================= Memory info: ===================================

Percentage of memory in use: 42%
Total physical RAM: 3999.19 MB
Available physical RAM: 2302.49 MB
Total Pagefile: 7996.57 MB
Available Pagefile: 5892.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.57 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:285.17 GB) (Free:183.81 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.72 GB) (Free:2.13 GB) NTFS
3 Drive e: (MB Deluxe 25th) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\BLACKPEARL

Administrator Guest Mary


**** End of log ****


Farbar Service Scanner Version: 06-08-2012
Ran by Mary (administrator) on 15-09-2012 at 14:18:23
Running from "C:\Users\Mary\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v2.001 - Logfile created 09/15/2012 at 14:40:21
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Mary - BLACKPEARL
# Boot Mode : Normal
# Running from : C:\Users\Mary\Downloads\adwcleaner(2).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Mary\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Mary\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://www.pandora.com/#/stations/play/182049567646850973
hxxp://www.facebook.com/home.php?
hxxp://us.mc524.mail.yahoo.com/mc/welcome?.gx=1&.tm=1265922083&.rand=3b47qvubgmo7g#_pg=showFolder&fid=Inbox&order=down&tt=6175&pSize=25&.rand=1825042632&hash=bd290b9fe9e01ff097026b54133ef83f&.jsrand=6337295
hxxp://www.crossfitverve.com/ --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Mary\AppData\Roaming\Mozilla\Firefox\Profiles\z2uy4ud6.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mary\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5669 octets] - [15/09/2012 14:40:21]

########## EOF - C:\AdwCleaner[S1].txt - [5729 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 15 September 2012 - 03:47 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log


download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#9 sb66

sb66
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 20 September 2012 - 09:11 AM

Farbar Service Scanner Version: 19-09-2012
Ran by Mary (administrator) on 20-09-2012 at 07:48:09
Running from "C:\Users\Mary\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/20/2012 07:53:00 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Program Files\Java\jre6\bin\jusched.exe (PID: 3756) [FI]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Mary\AppData\Local\{62c84f77-987b-450c-f5fd-00ddcaad417b}\ [ZA Dir]
* C:\Users\Mary\AppData\Local\{62c84f77-987b-450c-f5fd-00ddcaad417b}\L\ [ZA Dir]
* C:\Users\Mary\AppData\Local\{62c84f77-987b-450c-f5fd-00ddcaad417b}\U\ [ZA Dir]
* C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\ [ZA Dir]
* C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\L\ [ZA Dir]
* C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\L\00000004.@ [ZA File]
* C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\L\201d3dde [ZA File]
* C:\Windows\installer\{62c84f77-987b-450c-f5fd-00ddcaad417b}\U\ [ZA Dir]
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/20/2012 07:53:22 AM
Execution time: 0 hours(s), 0 minute(s), and 21 seconds(s)


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Logitech Download Assistant" "Logitech Download Assistant" "Logitech, Inc." "c:\windows\system32\logilda.dll"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SmartMenu" "SmartMenu" "" "c:\program files\hewlett-packard\hp mediasmart\smartmenu.exe"
+ "SunJavaUpdateSched" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jusched.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "GrooveMonitor" "GrooveMonitor Utility" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\groovemonitor.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "HPCam_Menu" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "QlbCtrl.exe" "Quick Launch Buttons" " Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "UpdatePRCShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\recovery\muitransfer\muistartmenu.exe"
+ "WirelessAssistant" "HP Wireless Assistant Main Program" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp wireless assistant\hpwamain.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Adobe Gamma Loader.exe.lnk" "Adobe Gamma Loader" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\calibration\adobe gamma loader.exe"
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
"C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "AutoLaunch" "" "" "c:\program files (x86)\lavasoft\ad-aware\autolaunch.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "LavasoftShellExt" "Shell Extension" "" "c:\program files (x86)\lavasoft\ad-aware\shellext_64.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "LavasoftShellExt" "Shell Extension" "" "c:\program files (x86)\lavasoft\ad-aware\shellext_64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\mary\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\scriptsn.20120627115446.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "hpBHO Class" "Homepage Protection" "AOL Products" "c:\program files (x86)\common files\homepage protection\homepageprotection.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\common files\mcafee\systemcore\scriptsn.20120627115446.dll"
+ "Skype Browser Helper" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Skype Click to Call" "Skype Click to Call for Internet Explorer" "Skype Technologies S.A." "c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CapSchedInst" "CapSchedInst" "CL" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\capschedinst.exe"
+ "\CapSvcInst" "CapSvcInst" "CL" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\capsvcinst.exe"
+ "\CapUninst" "CapUninst" "CL" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\capuninst.exe"
+ "\CLMLSvc" "CyberLink MediaLibray Service" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe"
+ "\DVDAgent" "HP DVDSmart Resident Program" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\dvdagent.exe"
+ "\HPCeeScheduleForMary" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "File not found: C:\Program Files (x86)\Ask.com\UpdateTask.exe"
+ "\TVAgent" "HP MediaSmart TV Resident Program" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\tvagent.exe"
+ "\{30ABF9E6-BD4E-4210-8B21-57CBEB5ED401}" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\aestsr64.exe"
+ "AgereModemAudio" "LSI Soft Modem Call Progress Service" "LSI Corporation" "c:\program files\lsi softmodem\agr64svc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "Com4QLBEx" "Com for QLB application" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch buttons\com4qlbex.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files (x86)\hp games\hp game console\gameconsoleservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv" "HpService" "Hewlett-Packard" "c:\windows\system32\hpservice.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "Lavasoft Ad-Aware Service" "Ad-Aware Service" "Lavasoft" "c:\program files (x86)\lavasoft\ad-aware\aawservice.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lssrvc.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office12\grooveauditservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "nosGetPlusHelper" "getPlus® Helper" "NOS Microsystems Ltd." "c:\program files (x86)\nos\bin\getplus_helper_3004.dll"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "RichVideo" "RichVideo Module" "" "c:\program files (x86)\cyberlink\shared files\richvideo.exe"
+ "SBSDWSCService" "Spybot-S&D Security Center integration" "Safer Networking Ltd." "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\stacsv64.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "LSI Corporation" "c:\windows\system32\drivers\agrsm64.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "enecir" "ENE CIR Driver for eHome(64)" "ENE TECHNOLOGY INC." "c:\windows\system32\drivers\enecir.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpqKbFiltr" "HpqKbFiltr Keyboard Filter Driver" "Hewlett-Packard Development Company, L.P." "c:\windows\system32\drivers\hpqkbfiltr.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "Lbd" "Ad-Aware mini-filter driver" "Lavasoft AB" "c:\windows\system32\drivers\lbd.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mfenlfk" "McAfee NDIS Light Filter" "McAfee, Inc." "c:\windows\system32\drivers\mfenlfk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "NETw1v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw1v64.sys"
+ "NETw5s64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s64.sys"
+ "netw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "" "" "File not found: System32\Drivers\RtsUStor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "RtsUIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "USBCCID" "" "" "File not found: system32\DRIVERS\RtsUCcid.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "CL Dvb Subtitle Decoder" "CLDvbSub" "CyberLink_DE" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrdvbsub.ax"
+ "CL Dvb Subtitle Decoder" "CLDvbSub" "CyberLink_DE" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdvbsub.ax"
+ "CL_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrevr.dll"
+ "CL_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrevr.dll"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claud.ax"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claud.ax"
+ "CyberLink Audio Decoder (QP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\movie\claud.ax"
+ "CyberLink Audio Decoder (QP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\itv\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraudfx.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmraudfx.ax"
+ "CyberLink Audio Effect (HP)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudfx.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmraunrwrapper.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraunrwrapper.ax"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio Spectrum Analyzer (HP)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claudspa.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "CyberLink AudioCD Filter (HP)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrdemuxer.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdemuxer.ax"
+ "CyberLink Demultiplexer (HP)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\cldemuxer.ax"
+ "CyberLink Demultiplexer (MSTV)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\movie\cldemuxer.ax"
+ "CyberLink Demultiplexer (MSTV)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\itv\kernel\movie\cldemuxer.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clnavx.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\itv\kernel\movie\clnavx.ax"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clnavx.ax"
+ "CyberLink DVD Navigator (QP3)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\movie\clnavx.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "CyberLink EPG Decoder" "EPGDec" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrepgdec.ax"
+ "CyberLink EPG Decoder" "EPGDec" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrepgdec.ax"
+ "CyberLink File Map Sink" "CyberLink File Map Sink" "Cyberlink Corporation." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrfmsnk.ax"
+ "CyberLink File Map Sink" "CyberLink File Map Sink" "Cyberlink Corporation." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsnk.ax"
+ "CyberLink File Map Source" "CyberLink File Map Source" "CyberLink File Map Source" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrfmsrc.ax"
+ "CyberLink File Map Source" "CyberLink File Map Source" "CyberLink File Map Source" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrfmsrc.ax"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrline21.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrdtvcc.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clline21.ax"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clline21.ax"
+ "CyberLink Line21 Decoder Filter (QP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\movie\clline21.ax"
+ "CyberLink Line21 Decoder Filter (QP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\itv\kernel\movie\clline21.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3 Wrapper-PCM" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrmp3wrap.ax"
+ "CyberLink MP3 Wrapper-PCM" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmp3wrap.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\itv\kernel\movie\clsplter.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clsplter.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpegvanalyzer.ax"
+ "CyberLink MPEGV Analyzer" "CLMPEGAnalysis" "CyberLink" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrmpegvanalyzer.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink Pipe Switch" "CyberLink Pipe Switch" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrpipswch.ax"
+ "CyberLink Pipe Switch" "CyberLink Pipe Switch" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrpipswch.ax"
+ "CyberLink PTS Regulator" "CyberLink PTS Regulator " "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmptsreg.ax"
+ "CyberLink PTS Regulator" "CyberLink PTS Regulator " "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmptsreg.ax"
+ "CyberLink SBE Filter" "CLSBE" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbe.ax"
+ "CyberLink SBE Source Filter" "CLSBESrc" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsbesrc.ax"
+ "CyberLink SBE Source Filter" "CLSBESrc" "CyberLink" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrsbesrc.ax"
+ "Cyberlink SubTitle Importor (HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clsubtitle.ax"
+ "Cyberlink SubTitle(HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clsubtitle.ax"
+ "CyberLink Teletext Decoder Filter" "Teletext Renderer Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrttxdec.ax"
+ "CyberLink Teletext Decoder Filter" "Teletext Renderer Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrttxdec.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrauts.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrauts.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\itv\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\movie\clauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clauts.ax"
+ "CyberLink TimeStretch Filter (HP)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "Cyberlink Track Filter" "Cyberlink Track Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\webcam\yctrack.ax"
+ "Cyberlink TS Filter Filter" "TSFF" "Cyberlink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsff.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrtsinfo.ax"
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrtsinfo.ax"
+ "CyberLink Tzan Filter (HP)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\cltzan.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\movie\clvidfx.ax"
+ "CyberLink Video Effect (HP)" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clvidfx.ax"
+ "CyberLink Video Effect (HP)" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvidfx.ax"
+ "CyberLink Video Effect (QP)" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\media\itv\kernel\movie\clvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Regulator" "Video Regulator" "Cyberlink" "c:\program files (x86)\hewlett-packard\media\webcam\ycrgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\video\clvsd.ax"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvsd.ax"
+ "CyberLink Video/SP Decoder (QP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\itv\kernel\movie\clvsd.ax"
+ "CyberLink Video/SP Decoder (QP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\movie\clvsd.ax"
+ "CyberLink Volume Meter" "CLVolumeMeter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\hpvolumemeter.ax"
+ "CyberLink WebCamera NULL Render" "CLWEBCAMERARENDER" "CyberLink" "c:\program files (x86)\hewlett-packard\media\webcam\ycwebcamerarender.ax"
+ "CyberLink WMV Dumper" "CLWMVDump Dynamic Link Library" "" "c:\program files (x86)\hewlett-packard\media\webcam\ycwmvdump.ax"
+ "CyberLink WMV Dumper(HP)" "CLWMVDum Dynamic Link Library" "" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmwmvdump.ax"
+ "CyberLink XDS Codec" "CyberLink XDS Codec" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrxdscodec.ax"
+ "KsProperty Interface Null" "Null-In-Place Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrkspropertynull.ax"
+ "MSDVD Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudwizard.ax"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "PCM Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraud.ax"
+ "PCM Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraudenc.ax"
+ "PCM Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmraursmpl.ax"
+ "PCM Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrdump.ax"
+ "PCM MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgmux.ax"
+ "PCM MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrmpgvenc2.ax"
+ "PCM MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrm2splter.ax"
+ "PCM RTP Source Filter" "RTP Source Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrrtpsrc.ax"
+ "PCM SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrsshot.ax"
+ "PCM Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrvidfx.ax"
+ "PCM Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrresample.ax"
+ "PCM Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmrvsd.ax"
+ "QuickPlay Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmraudx.ax"
+ "QuickPlay Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmraudenc.ax"
+ "QuickPlay Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmraursmpl.ax"
+ "QuickPlay Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrdump.ax"
+ "QuickPlay MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrmpgmux.ax"
+ "QuickPlay MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrmpgvenc.ax"
+ "QuickPlay MPEG Video Encoder 2" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrmpgvenc2.ax"
+ "QuickPlay MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrm2splter.ax"
+ "QuickPlay SnapShotTIP Filter" "CLSShot" "CyberLink" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrsshot.ax"
+ "QuickPlay Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrvidfx.ax"
+ "QuickPlay Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmrresample.ax"
+ "ReTimeStamp Filter" "Direct Show Filter" "Empia Technology Inc." "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\retimestamp.ax"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\tv\pcmravi_audtr.ax"
+ "Time Regulator" "TimeRegulator" "cyberlink" "c:\program files (x86)\hewlett-packard\media\live tv\kernel\tv\pcmravi_audtr.ax"
+ "YC_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\webcam\ycevr.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "lsdelete" "" "" "c:\windows\system32\lsdelete.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Language Monitor4" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm4.dll"
+ "PCL hpf3lw73" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3lw73.dll"
+ "PCL hpz3llhn" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3llhn.dll"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 20 September 2012 - 09:44 AM

Run RKILL again and post the new log

Edited by narenxp, 20 September 2012 - 12:37 PM.


#11 sb66

sb66
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 20 September 2012 - 11:59 AM

RogueKiller V8.0.4 [09/19/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Mary [Admin rights]
Mode : Scan -- Date : 09/20/2012 10:58:35

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEKT-60F3T1 +++++
--- User ---
[MBR] bfcfddd162d8fca953fc1f69e02b936a
[BSP] 5bebf2323bd0975401a0f1fead3cd9c6 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 292017 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 598460416 | Size: 13027 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 20 September 2012 - 12:37 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#13 sb66

sb66
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 20 September 2012 - 01:17 PM

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/20/2012 12:16:28 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 09/20/2012 12:16:44 PM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:13 PM

Posted 20 September 2012 - 02:02 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#15 sb66

sb66
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 21 September 2012 - 10:37 AM

Thanks!! also, are there free anitvirus that are better then McAfee? thanks again




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users