Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus/ Goodle Adware


  • Please log in to reply
9 replies to this topic

#1 TheRoze

TheRoze

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 25 September 2012 - 04:20 AM

I've currently obtained what I believe is to be the google adware virus.
My google search results occasionally are redirected to sites like;
http://googleads.g.doubleclick.net/
http://7search.com/
Then to various other sites.

I've completed a full scan of my PC using Comodo Internet Security and no results have yield.
I'm in need of your assistance, many thanks in advance.

PS: Running Win7 Ultimate 64-bit and using Mozilla Firefox as my browser.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:22 PM

Posted 25 September 2012 - 06:48 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 TheRoze

TheRoze
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 25 September 2012 - 01:23 PM

TDSSKiller Log:
22:11:00.0625 21080  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
22:11:02.0614 21080  ============================================================
22:11:02.0614 21080  Current date / time: 2012/09/25 22:11:02.0614
22:11:02.0614 21080  SystemInfo:
22:11:02.0614 21080  
22:11:02.0614 21080  OS Version: 6.1.7600 ServicePack: 0.0
22:11:02.0614 21080  Product type: Workstation
22:11:02.0614 21080  ComputerName: ROZE-PC
22:11:02.0614 21080  UserName: Roze
22:11:02.0614 21080  Windows directory: C:\Windows
22:11:02.0614 21080  System windows directory: C:\Windows
22:11:02.0614 21080  Running under WOW64
22:11:02.0614 21080  Processor architecture: Intel x64
22:11:02.0614 21080  Number of processors: 8
22:11:02.0614 21080  Page size: 0x1000
22:11:02.0614 21080  Boot type: Normal boot
22:11:02.0614 21080  ============================================================
22:11:04.0159 21080  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
22:11:04.0161 21080  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
22:11:04.0165 21080  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:11:04.0165 21080  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:11:04.0579 21080  Drive \Device\Harddisk4\DR4 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:11:11.0040 21080  ============================================================
22:11:11.0040 21080  \Device\Harddisk0\DR0:
22:11:11.0040 21080  MBR partitions:
22:11:11.0040 21080  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
22:11:11.0040 21080  \Device\Harddisk1\DR1:
22:11:11.0040 21080  MBR partitions:
22:11:11.0040 21080  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:11:11.0040 21080  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
22:11:11.0040 21080  \Device\Harddisk2\DR2:
22:11:11.0040 21080  GPT partitions:
22:11:11.0041 21080  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BBFD714A-BDD0-462F-B13E-FA421E565C90}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
22:11:11.0041 21080  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {65AA14A6-2478-45E3-9D84-DD941A400507}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xE8DC8000
22:11:11.0041 21080  MBR partitions:
22:11:11.0041 21080  \Device\Harddisk3\DR3:
22:11:11.0041 21080  GPT partitions:
22:11:11.0042 21080  \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {48315DBE-ADA6-4B55-B1D2-4E9E60963B15}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
22:11:11.0042 21080  \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {299C1F3D-B0C7-4BDF-9B74-AA483CCA041B}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xE8DC8000
22:11:11.0042 21080  MBR partitions:
22:11:11.0042 21080  \Device\Harddisk4\DR4:
22:11:11.0043 21080  MBR partitions:
22:11:11.0043 21080  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA87330
22:11:11.0043 21080  ============================================================
22:11:11.0064 21080  C: <-> \Device\Harddisk1\DR1\Partition2
22:11:11.0106 21080  G: <-> \Device\Harddisk3\DR3\Partition2
22:11:11.0142 21080  H: <-> \Device\Harddisk4\DR4\Partition1
22:11:11.0624 21080  D: <-> \Device\Harddisk2\DR2\Partition2
22:11:11.0624 21080  ============================================================
22:11:11.0624 21080  Initialize success
22:11:11.0624 21080  ============================================================
22:11:21.0006 21556  ============================================================
22:11:21.0006 21556  Scan started
22:11:21.0006 21556  Mode: Manual; TDLFS; 
22:11:21.0006 21556  ============================================================
22:11:24.0673 21556  ================ Scan system memory ========================
22:11:24.0673 21556  System memory - ok
22:11:24.0673 21556  ================ Scan services =============================
22:11:24.0768 21556  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
22:11:24.0771 21556  1394ohci - ok
22:11:24.0792 21556  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
22:11:24.0795 21556  ACPI - ok
22:11:24.0814 21556  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
22:11:24.0816 21556  AcpiPmi - ok
22:11:24.0833 21556  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:11:24.0838 21556  adp94xx - ok
22:11:24.0843 21556  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:11:24.0847 21556  adpahci - ok
22:11:24.0857 21556  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:11:24.0859 21556  adpu320 - ok
22:11:24.0878 21556  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:11:24.0879 21556  AeLookupSvc - ok
22:11:24.0923 21556  [ 6EF20DDF3172E97D69F596FB90602F29 ] AFD             C:\Windows\system32\drivers\afd.sys
22:11:24.0929 21556  AFD - ok
22:11:24.0947 21556  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
22:11:24.0949 21556  agp440 - ok
22:11:24.0961 21556  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:11:24.0963 21556  ALG - ok
22:11:24.0973 21556  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
22:11:24.0975 21556  aliide - ok
22:11:25.0014 21556  [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:11:25.0016 21556  AMD External Events Utility - ok
22:11:25.0023 21556  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
22:11:25.0024 21556  amdide - ok
22:11:25.0039 21556  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:11:25.0042 21556  AmdK8 - ok
22:11:25.0201 21556  [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:11:25.0329 21556  amdkmdag - ok
22:11:25.0391 21556  [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:11:25.0395 21556  amdkmdap - ok
22:11:25.0414 21556  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:11:25.0416 21556  AmdPPM - ok
22:11:25.0427 21556  [ 7A4B413614C055935567CF88A9734D38 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
22:11:25.0429 21556  amdsata - ok
22:11:25.0456 21556  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:11:25.0476 21556  amdsbs - ok
22:11:25.0500 21556  [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
22:11:25.0502 21556  amdxata - ok
22:11:25.0523 21556  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
22:11:25.0525 21556  AppID - ok
22:11:25.0536 21556  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:11:25.0537 21556  AppIDSvc - ok
22:11:25.0547 21556  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
22:11:25.0549 21556  Appinfo - ok
22:11:25.0617 21556  [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:11:25.0618 21556  Apple Mobile Device - ok
22:11:25.0639 21556  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:11:25.0641 21556  AppMgmt - ok
22:11:25.0658 21556  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:11:25.0660 21556  arc - ok
22:11:25.0669 21556  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:11:25.0671 21556  arcsas - ok
22:11:25.0713 21556  [ FB03A917C1294D3E6D671F24722E1BA3 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
22:11:25.0718 21556  asComSvc - ok
22:11:25.0739 21556  [ A63173897EA1A73A75D0E65036DE5B15 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
22:11:25.0742 21556  asHmComSvc - ok
22:11:25.0780 21556  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
22:11:25.0782 21556  AsIO - ok
22:11:25.0836 21556  ASPI - ok
22:11:25.0858 21556  aspnet_state - ok
22:11:25.0885 21556  [ 5C31DFB196CB3A488A041881634D86D2 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
22:11:25.0888 21556  AsSysCtrlService - ok
22:11:25.0904 21556  [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
22:11:25.0927 21556  AsUpIO - ok
22:11:25.0953 21556  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:11:25.0955 21556  AsyncMac - ok
22:11:25.0968 21556  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
22:11:25.0969 21556  atapi - ok
22:11:26.0004 21556  [ AAAE03F8EDA817EC28C5445193EA8BF3 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
22:11:26.0006 21556  AthBTPort - ok
22:11:26.0024 21556  [ 4ECC791539F23982411864037D1AC8FC ] ATHDFU          C:\Windows\system32\Drivers\AthDfu.sys
22:11:26.0026 21556  ATHDFU - ok
22:11:26.0068 21556  [ C34B28D6285EAD94B3A2FABA84E90DA5 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
22:11:26.0069 21556  AtherosSvc - ok
22:11:26.0109 21556  [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:11:26.0112 21556  AtiHDAudioService - ok
22:11:26.0162 21556  [ FC0E8778C000291CAF60EB88C011E931 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
22:11:26.0187 21556  atksgt - ok
22:11:26.0226 21556  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:11:26.0232 21556  AudioEndpointBuilder - ok
22:11:26.0239 21556  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:11:26.0242 21556  AudioSrv - ok
22:11:26.0263 21556  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:11:26.0266 21556  AxInstSV - ok
22:11:26.0299 21556  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:11:26.0304 21556  b06bdrv - ok
22:11:26.0317 21556  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:11:26.0321 21556  b57nd60a - ok
22:11:26.0338 21556  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:11:26.0340 21556  BDESVC - ok
22:11:26.0352 21556  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:11:26.0353 21556  Beep - ok
22:11:26.0390 21556  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
22:11:26.0398 21556  BITS - ok
22:11:26.0408 21556  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:11:26.0410 21556  blbdrive - ok
22:11:26.0458 21556  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:11:26.0465 21556  Bonjour Service - ok
22:11:26.0491 21556  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:11:26.0493 21556  bowser - ok
22:11:26.0500 21556  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:11:26.0502 21556  BrFiltLo - ok
22:11:26.0511 21556  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:11:26.0513 21556  BrFiltUp - ok
22:11:26.0524 21556  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
22:11:26.0552 21556  BridgeMP - ok
22:11:26.0573 21556  [ 94FBC06F294D58D02361918418F996E3 ] Browser         C:\Windows\System32\browser.dll
22:11:26.0576 21556  Browser - ok
22:11:26.0653 21556  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:11:26.0656 21556  Brserid - ok
22:11:26.0667 21556  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:11:26.0668 21556  BrSerWdm - ok
22:11:26.0709 21556  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:11:26.0716 21556  BrUsbMdm - ok
22:11:26.0737 21556  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:11:26.0738 21556  BrUsbSer - ok
22:11:26.0788 21556  [ 3B1B573371B206D1D5F25E0EF5FCD6D6 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
22:11:26.0796 21556  BTATH_A2DP - ok
22:11:26.0836 21556  [ 2D0446336D9DB55A742B999EC16ADF15 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
22:11:26.0839 21556  BTATH_BUS - ok
22:11:26.0845 21556  [ 9A9694BBEB2849EAF95DFFCAE5DF02AD ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
22:11:26.0847 21556  BTATH_HCRP - ok
22:11:26.0857 21556  [ FC0A8075DDF2E9C66267AEC91E0676F9 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
22:11:26.0859 21556  BTATH_LWFLT - ok
22:11:26.0875 21556  [ 5EB4815CBDDBA4541F2380DAE6E269AB ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
22:11:26.0877 21556  BTATH_RCP - ok
22:11:26.0909 21556  [ 0ECEDE7B33CFD9A52A61220ABBD09A50 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
22:11:26.0912 21556  BtFilter - ok
22:11:26.0920 21556  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
22:11:26.0921 21556  BthEnum - ok
22:11:26.0942 21556  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:11:26.0944 21556  BTHMODEM - ok
22:11:26.0958 21556  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:11:26.0960 21556  BthPan - ok
22:11:26.0974 21556  [ A51FA9D0E85D5ADABEF72E67F386309C ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
22:11:26.0979 21556  BTHPORT - ok
22:11:27.0007 21556  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:11:27.0008 21556  bthserv - ok
22:11:27.0025 21556  [ F740B9A16B2C06700F2130E19986BF3B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
22:11:27.0028 21556  BTHUSB - ok
22:11:27.0042 21556  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:11:27.0044 21556  cdfs - ok
22:11:27.0065 21556  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:11:27.0067 21556  cdrom - ok
22:11:27.0091 21556  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:11:27.0093 21556  CertPropSvc - ok
22:11:27.0109 21556  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:11:27.0111 21556  circlass - ok
22:11:27.0134 21556  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:11:27.0139 21556  CLFS - ok
22:11:27.0157 21556  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:11:27.0159 21556  clr_optimization_v2.0.50727_32 - ok
22:11:27.0191 21556  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:11:27.0193 21556  clr_optimization_v2.0.50727_64 - ok
22:11:27.0255 21556  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:11:27.0269 21556  clr_optimization_v4.0.30319_32 - ok
22:11:27.0318 21556  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:11:27.0320 21556  clr_optimization_v4.0.30319_64 - ok
22:11:27.0333 21556  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:11:27.0335 21556  CmBatt - ok
22:11:27.0427 21556  [ CEE48CCC4D561DDB19C72F9FB55D28D5 ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
22:11:27.0471 21556  cmdAgent - ok
22:11:27.0483 21556  [ 7EAC5E62F0B93262984D450E0D497B61 ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys
22:11:27.0487 21556  cmderd - ok
22:11:27.0515 21556  [ 0599D5A458D4E0E37AB84E9D1C5C73E5 ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys
22:11:27.0523 21556  cmdGuard - ok
22:11:27.0549 21556  [ 2D3E08C7106F748F9EFF3DEC14142D3E ] cmdHlp          C:\Windows\system32\DRIVERS\cmdhlp.sys
22:11:27.0551 21556  cmdHlp - ok
22:11:27.0563 21556  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
22:11:27.0564 21556  cmdide - ok
22:11:27.0584 21556  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:11:27.0590 21556  CNG - ok
22:11:27.0601 21556  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:11:27.0602 21556  Compbatt - ok
22:11:27.0618 21556  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:11:27.0620 21556  CompositeBus - ok
22:11:27.0622 21556  COMSysApp - ok
22:11:27.0657 21556  [ 984CC82169360EA26076A77949254A1B ] CorsairCAHS1    C:\Windows\system32\drivers\CAHS164.sys
22:11:27.0683 21556  CorsairCAHS1 - ok
22:11:27.0745 21556  [ 8F5B84350BFC4FE3A65D921B4BD0E737 ] cpuz135         C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
22:11:27.0746 21556  cpuz135 - ok
22:11:27.0760 21556  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:11:27.0762 21556  crcdisk - ok
22:11:27.0777 21556  [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:11:27.0779 21556  CryptSvc - ok
22:11:27.0807 21556  [ 4A6173C2279B498CD8F57CAE504564CB ] CSC             C:\Windows\system32\drivers\csc.sys
22:11:27.0812 21556  CSC - ok
22:11:27.0839 21556  [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService      C:\Windows\System32\cscsvc.dll
22:11:27.0844 21556  CscService - ok
22:11:27.0865 21556  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:11:27.0869 21556  DcomLaunch - ok
22:11:27.0894 21556  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:11:27.0898 21556  defragsvc - ok
22:11:27.0935 21556  [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
22:11:28.0042 21556  Desura Install Service - ok
22:11:28.0065 21556  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:11:28.0067 21556  DfsC - ok
22:11:28.0076 21556  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:11:28.0079 21556  Dhcp - ok
22:11:28.0089 21556  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:11:28.0091 21556  discache - ok
22:11:28.0106 21556  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:11:28.0109 21556  Disk - ok
22:11:28.0135 21556  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:11:28.0159 21556  Dnscache - ok
22:11:28.0182 21556  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
22:11:28.0186 21556  dot3svc - ok
22:11:28.0199 21556  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
22:11:28.0201 21556  DPS - ok
22:11:28.0214 21556  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:11:28.0216 21556  drmkaud - ok
22:11:28.0266 21556  [ 44BB65B1D3827043978FC8E11CA7C0B4 ] DTSAudioService C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
22:11:28.0267 21556  DTSAudioService - ok
22:11:28.0305 21556  [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:11:28.0314 21556  DXGKrnl - ok
22:11:28.0330 21556  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:11:28.0333 21556  EapHost - ok
22:11:28.0401 21556  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:11:28.0453 21556  ebdrv - ok
22:11:28.0478 21556  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
22:11:28.0479 21556  EFS - ok
22:11:28.0531 21556  [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:11:28.0537 21556  ehRecvr - ok
22:11:28.0550 21556  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
22:11:28.0552 21556  ehSched - ok
22:11:28.0575 21556  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:11:28.0580 21556  elxstor - ok
22:11:28.0591 21556  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
22:11:28.0592 21556  ErrDev - ok
22:11:28.0625 21556  [ 932C05033053ADA2404FD836C9AB2C70 ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys
22:11:28.0627 21556  EuMusDesignVirtualAudioCableWdm - ok
22:11:28.0648 21556  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:11:28.0651 21556  EventSystem - ok
22:11:28.0666 21556  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:11:28.0669 21556  exfat - ok
22:11:28.0681 21556  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:11:28.0685 21556  fastfat - ok
22:11:28.0712 21556  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
22:11:28.0718 21556  Fax - ok
22:11:28.0732 21556  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:11:28.0733 21556  fdc - ok
22:11:28.0746 21556  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:11:28.0748 21556  fdPHost - ok
22:11:28.0755 21556  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:11:28.0757 21556  FDResPub - ok
22:11:28.0772 21556  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:11:28.0774 21556  FileInfo - ok
22:11:28.0786 21556  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:11:28.0788 21556  Filetrace - ok
22:11:28.0800 21556  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:11:28.0801 21556  flpydisk - ok
22:11:28.0813 21556  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:11:28.0816 21556  FltMgr - ok
22:11:28.0844 21556  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache       C:\Windows\system32\FntCache.dll
22:11:28.0861 21556  FontCache - ok
22:11:28.0890 21556  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:11:28.0890 21556  FontCache3.0.0.0 - ok
22:11:28.0904 21556  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:11:28.0906 21556  FsDepends - ok
22:11:28.0920 21556  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:11:28.0922 21556  Fs_Rec - ok
22:11:28.0936 21556  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:11:28.0939 21556  fvevol - ok
22:11:28.0949 21556  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:11:28.0951 21556  gagp30kx - ok
22:11:28.0973 21556  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:11:28.0974 21556  GEARAspiWDM - ok
22:11:28.0991 21556  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
22:11:28.0997 21556  gpsvc - ok
22:11:29.0027 21556  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
22:11:29.0029 21556  hamachi - ok
22:11:29.0133 21556  [ 21D24138B736983F6E23823E092E9428 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
22:11:29.0185 21556  Hamachi2Svc - ok
22:11:29.0202 21556  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:11:29.0204 21556  hcw85cir - ok
22:11:29.0230 21556  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:11:29.0234 21556  HdAudAddService - ok
22:11:29.0251 21556  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:11:29.0258 21556  HDAudBus - ok
22:11:29.0271 21556  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:11:29.0274 21556  HidBatt - ok
22:11:29.0287 21556  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:11:29.0289 21556  HidBth - ok
22:11:29.0313 21556  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:11:29.0315 21556  HidIr - ok
22:11:29.0324 21556  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
22:11:29.0326 21556  hidserv - ok
22:11:29.0343 21556  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:11:29.0345 21556  HidUsb - ok
22:11:29.0413 21556  [ 0D21E751C643306D2B83C982A013B891 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
22:11:29.0481 21556  HiPatchService - ok
22:11:29.0499 21556  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:11:29.0519 21556  hkmsvc - ok
22:11:29.0560 21556  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:11:29.0563 21556  HomeGroupListener - ok
22:11:29.0585 21556  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:11:29.0588 21556  HomeGroupProvider - ok
22:11:29.0606 21556  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
22:11:29.0609 21556  HpSAMD - ok
22:11:29.0634 21556  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:11:29.0641 21556  HTTP - ok
22:11:29.0657 21556  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:11:29.0659 21556  hwpolicy - ok
22:11:29.0670 21556  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:11:29.0673 21556  i8042prt - ok
22:11:29.0707 21556  [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:11:29.0712 21556  iaStor - ok
22:11:29.0757 21556  [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:11:29.0758 21556  IAStorDataMgrSvc - ok
22:11:29.0781 21556  [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
22:11:29.0785 21556  iaStorV - ok
22:11:29.0806 21556  [ C1010ADD3DDAE1196ED21057AF7B2AAE ] ICCWDT          C:\Windows\system32\DRIVERS\ICCWDT.sys
22:11:29.0808 21556  ICCWDT - ok
22:11:29.0842 21556  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:11:29.0850 21556  idsvc - ok
22:11:29.0863 21556  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:11:29.0866 21556  iirsp - ok
22:11:29.0890 21556  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
22:11:29.0898 21556  IKEEXT - ok
22:11:29.0934 21556  [ EFFF0AFD27CC97BF0E5E0BAB78419DE7 ] inspect         C:\Windows\system32\DRIVERS\inspect.sys
22:11:29.0937 21556  inspect - ok
22:11:30.0018 21556  [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:11:30.0077 21556  IntcAzAudAddService - ok
22:11:30.0091 21556  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
22:11:30.0092 21556  intelide - ok
22:11:30.0112 21556  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:11:30.0114 21556  intelppm - ok
22:11:30.0123 21556  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:11:30.0126 21556  IPBusEnum - ok
22:11:30.0145 21556  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:11:30.0148 21556  IpFilterDriver - ok
22:11:30.0153 21556  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:11:30.0155 21556  IPMIDRV - ok
22:11:30.0163 21556  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:11:30.0167 21556  IPNAT - ok
22:11:30.0198 21556  [ 3C0D4B3E80FC4854CA325DD123CC4DED ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:11:30.0206 21556  iPod Service - ok
22:11:30.0231 21556  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:11:30.0233 21556  IRENUM - ok
22:11:30.0244 21556  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
22:11:30.0246 21556  isapnp - ok
22:11:30.0258 21556  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
22:11:30.0262 21556  iScsiPrt - ok
22:11:30.0288 21556  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:11:30.0290 21556  kbdclass - ok
22:11:30.0299 21556  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:11:30.0301 21556  kbdhid - ok
22:11:30.0334 21556  [ 55D5D5ECAD9E744E121208A749E5E534 ] KeyControl49    C:\Windows\system32\drivers\esikey49.sys
22:11:30.0336 21556  KeyControl49 - ok
22:11:30.0351 21556  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
22:11:30.0352 21556  KeyIso - ok
22:11:30.0361 21556  [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:11:30.0364 21556  KSecDD - ok
22:11:30.0385 21556  [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:11:30.0388 21556  KSecPkg - ok
22:11:30.0401 21556  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:11:30.0403 21556  ksthunk - ok
22:11:30.0432 21556  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:11:30.0437 21556  KtmRm - ok
22:11:30.0472 21556  [ 86F06574763A0E7CDCD57DD85632E44F ] LADF_BakerCOnly C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys
22:11:30.0477 21556  LADF_BakerCOnly - ok
22:11:30.0495 21556  [ 89B4981F949A14148365DE8D98A310B5 ] LADF_BakerROnly C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys
22:11:30.0499 21556  LADF_BakerROnly - ok
22:11:30.0525 21556  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\System32\srvsvc.dll
22:11:30.0529 21556  LanmanServer - ok
22:11:30.0545 21556  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:11:30.0548 21556  LanmanWorkstation - ok
22:11:30.0568 21556  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
22:11:30.0570 21556  LGBusEnum - ok
22:11:30.0593 21556  [ F705A641C18DF31B48B5DBDA94B425E4 ] LGPBTDD         C:\Windows\system32\Drivers\LGPBTDD.sys
22:11:30.0595 21556  LGPBTDD - ok
22:11:30.0617 21556  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
22:11:30.0619 21556  LGVirHid - ok
22:11:30.0646 21556  [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
22:11:30.0648 21556  lirsgt - ok
22:11:30.0675 21556  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:11:30.0677 21556  lltdio - ok
22:11:30.0693 21556  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:11:30.0697 21556  lltdsvc - ok
22:11:30.0707 21556  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:11:30.0709 21556  lmhosts - ok
22:11:30.0736 21556  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:11:30.0739 21556  LSI_FC - ok
22:11:30.0752 21556  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:11:30.0755 21556  LSI_SAS - ok
22:11:30.0763 21556  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:11:30.0765 21556  LSI_SAS2 - ok
22:11:30.0775 21556  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:11:30.0777 21556  LSI_SCSI - ok
22:11:30.0793 21556  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:11:30.0795 21556  luafv - ok
22:11:30.0819 21556  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:11:30.0822 21556  Mcx2Svc - ok
22:11:30.0845 21556  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:11:30.0847 21556  megasas - ok
22:11:30.0864 21556  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:11:30.0869 21556  MegaSR - ok
22:11:30.0905 21556  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:11:30.0907 21556  MEIx64 - ok
22:11:30.0916 21556  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:11:30.0918 21556  MMCSS - ok
22:11:30.0935 21556  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:11:30.0937 21556  Modem - ok
22:11:30.0946 21556  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:11:30.0948 21556  monitor - ok
22:11:30.0954 21556  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:11:30.0956 21556  mouclass - ok
22:11:30.0976 21556  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:11:30.0978 21556  mouhid - ok
22:11:30.0989 21556  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:11:30.0991 21556  mountmgr - ok
22:11:31.0053 21556  [ 73AF44D008FBE46BD0413C1E6A124172 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:11:31.0155 21556  MozillaMaintenance - ok
22:11:31.0195 21556  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
22:11:31.0198 21556  mpio - ok
22:11:31.0213 21556  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:11:31.0215 21556  mpsdrv - ok
22:11:31.0227 21556  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:11:31.0230 21556  MRxDAV - ok
22:11:31.0259 21556  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:11:31.0265 21556  mrxsmb - ok
22:11:31.0293 21556  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:11:31.0297 21556  mrxsmb10 - ok
22:11:31.0307 21556  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:11:31.0336 21556  mrxsmb20 - ok
22:11:31.0360 21556  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
22:11:31.0363 21556  msahci - ok
22:11:31.0376 21556  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
22:11:31.0379 21556  msdsm - ok
22:11:31.0395 21556  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:11:31.0397 21556  MSDTC - ok
22:11:31.0408 21556  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:11:31.0410 21556  Msfs - ok
22:11:31.0426 21556  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:11:31.0428 21556  mshidkmdf - ok
22:11:31.0441 21556  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
22:11:31.0443 21556  msisadrv - ok
22:11:31.0455 21556  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:11:31.0459 21556  MSiSCSI - ok
22:11:31.0461 21556  msiserver - ok
22:11:31.0477 21556  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:11:31.0479 21556  MSKSSRV - ok
22:11:31.0487 21556  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:11:31.0489 21556  MSPCLOCK - ok
22:11:31.0498 21556  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:11:31.0500 21556  MSPQM - ok
22:11:31.0516 21556  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:11:31.0521 21556  MsRPC - ok
22:11:31.0534 21556  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:11:31.0555 21556  mssmbios - ok
22:11:31.0580 21556  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:11:31.0582 21556  MSTEE - ok
22:11:31.0587 21556  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:11:31.0589 21556  MTConfig - ok
22:11:31.0597 21556  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:11:31.0599 21556  Mup - ok
22:11:31.0629 21556  [ 34D08C9C64F657D194961E96C47E9C69 ] mv91xx          C:\Windows\system32\DRIVERS\mv91xx.sys
22:11:31.0630 21556  mv91xx - ok
22:11:31.0651 21556  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
22:11:31.0656 21556  napagent - ok
22:11:31.0688 21556  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:11:31.0693 21556  NativeWifiP - ok
22:11:31.0725 21556  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:11:31.0733 21556  NDIS - ok
22:11:31.0745 21556  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:11:31.0748 21556  NdisCap - ok
22:11:31.0754 21556  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:11:31.0756 21556  NdisTapi - ok
22:11:31.0765 21556  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:11:31.0768 21556  Ndisuio - ok
22:11:31.0780 21556  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:11:31.0806 21556  NdisWan - ok
22:11:31.0831 21556  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:11:31.0834 21556  NDProxy - ok
22:11:31.0846 21556  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:11:31.0849 21556  NetBIOS - ok
22:11:31.0865 21556  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:11:31.0868 21556  NetBT - ok
22:11:31.0883 21556  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
22:11:31.0884 21556  Netlogon - ok
22:11:31.0894 21556  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:11:31.0900 21556  Netman - ok
22:11:32.0122 21556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:11:32.0190 21556  NetMsmqActivator - ok
22:11:32.0210 21556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:11:32.0211 21556  NetPipeActivator - ok
22:11:32.0271 21556  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:11:32.0296 21556  netprofm - ok
22:11:32.0299 21556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:11:32.0300 21556  NetTcpActivator - ok
22:11:32.0303 21556  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:11:32.0304 21556  NetTcpPortSharing - ok
22:11:32.0324 21556  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:11:32.0326 21556  nfrd960 - ok
22:11:32.0349 21556  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:11:32.0353 21556  NlaSvc - ok
22:11:32.0364 21556  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:11:32.0366 21556  Npfs - ok
22:11:32.0387 21556  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:11:32.0389 21556  nsi - ok
22:11:32.0400 21556  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:11:32.0401 21556  nsiproxy - ok
22:11:32.0440 21556  [ 356698A13C4630D5B31C37378D469196 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:11:32.0466 21556  Ntfs - ok
22:11:32.0479 21556  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:11:32.0481 21556  Null - ok
22:11:32.0506 21556  [ 285ACEC1B13A15BA520AAE06BACB9CFF ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
22:11:32.0533 21556  nusb3hub - ok
22:11:32.0581 21556  [ F6D625FF7B56BB6EA063F0D3A5BBC996 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:11:32.0583 21556  nusb3xhc - ok
22:11:32.0596 21556  [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
22:11:32.0598 21556  nvraid - ok
22:11:32.0639 21556  [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
22:11:32.0641 21556  nvstor - ok
22:11:32.0667 21556  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
22:11:32.0669 21556  nv_agp - ok
22:11:32.0681 21556  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
22:11:32.0683 21556  ohci1394 - ok
22:11:32.0718 21556  [ 4965B005492CBA7719E82B71E3245495 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:11:32.0720 21556  ose64 - ok
22:11:32.0837 21556  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:11:32.0873 21556  osppsvc - ok
22:11:32.0889 21556  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:11:32.0894 21556  p2pimsvc - ok
22:11:32.0912 21556  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:11:32.0917 21556  p2psvc - ok
22:11:32.0928 21556  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:11:32.0930 21556  Parport - ok
22:11:32.0948 21556  [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:11:32.0950 21556  partmgr - ok
22:11:32.0965 21556  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:11:32.0968 21556  PcaSvc - ok
22:11:32.0977 21556  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
22:11:32.0979 21556  pci - ok
22:11:32.0991 21556  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
22:11:32.0992 21556  pciide - ok
22:11:33.0012 21556  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:11:33.0038 21556  pcmcia - ok
22:11:33.0067 21556  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:11:33.0069 21556  pcw - ok
22:11:33.0095 21556  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:11:33.0102 21556  PEAUTH - ok
22:11:33.0136 21556  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:11:33.0162 21556  PeerDistSvc - ok
22:11:33.0186 21556  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:11:33.0251 21556  PerfHost - ok
22:11:33.0314 21556  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
22:11:33.0365 21556  pla - ok
22:11:33.0407 21556  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:11:33.0411 21556  PlugPlay - ok
22:11:33.0432 21556  PnkBstrA - ok
22:11:33.0448 21556  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:11:33.0470 21556  PNRPAutoReg - ok
22:11:33.0497 21556  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:11:33.0499 21556  PNRPsvc - ok
22:11:33.0529 21556  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:11:33.0535 21556  PolicyAgent - ok
22:11:33.0548 21556  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:11:33.0551 21556  Power - ok
22:11:33.0579 21556  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:11:33.0582 21556  PptpMiniport - ok
22:11:33.0597 21556  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:11:33.0599 21556  Processor - ok
22:11:33.0615 21556  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc         C:\Windows\system32\profsvc.dll
22:11:33.0618 21556  ProfSvc - ok
22:11:33.0631 21556  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
22:11:33.0632 21556  ProtectedStorage - ok
22:11:33.0647 21556  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:11:33.0649 21556  Psched - ok
22:11:33.0689 21556  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:11:33.0748 21556  ql2300 - ok
22:11:33.0773 21556  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:11:33.0776 21556  ql40xx - ok
22:11:33.0784 21556  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:11:33.0788 21556  QWAVE - ok
22:11:33.0807 21556  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:11:33.0810 21556  QWAVEdrv - ok
22:11:33.0818 21556  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:11:33.0819 21556  RasAcd - ok
22:11:33.0846 21556  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:11:33.0848 21556  RasAgileVpn - ok
22:11:33.0866 21556  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:11:33.0869 21556  RasAuto - ok
22:11:33.0884 21556  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:11:33.0887 21556  Rasl2tp - ok
22:11:33.0907 21556  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
22:11:33.0911 21556  RasMan - ok
22:11:33.0926 21556  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:11:33.0928 21556  RasPppoe - ok
22:11:33.0941 21556  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:11:33.0944 21556  RasSstp - ok
22:11:33.0958 21556  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:11:33.0961 21556  rdbss - ok
22:11:33.0977 21556  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:11:33.0980 21556  rdpbus - ok
22:11:33.0999 21556  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:11:34.0001 21556  RDPCDD - ok
22:11:34.0035 21556  [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:11:34.0038 21556  RDPDR - ok
22:11:34.0051 21556  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:11:34.0053 21556  RDPENCDD - ok
22:11:34.0060 21556  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:11:34.0062 21556  RDPREFMP - ok
22:11:34.0081 21556  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:11:34.0085 21556  RDPWD - ok
22:11:34.0101 21556  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:11:34.0103 21556  rdyboost - ok
22:11:34.0127 21556  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:11:34.0130 21556  RemoteAccess - ok
22:11:34.0142 21556  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:11:34.0146 21556  RemoteRegistry - ok
22:11:34.0194 21556  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:11:34.0196 21556  RFCOMM - ok
22:11:34.0207 21556  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:11:34.0209 21556  RpcEptMapper - ok
22:11:34.0215 21556  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:11:34.0217 21556  RpcLocator - ok
22:11:34.0232 21556  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
22:11:34.0235 21556  RpcSs - ok
22:11:34.0254 21556  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:11:34.0257 21556  rspndr - ok
22:11:34.0309 21556  [ 2777226EE8BF50B059D7A7C90177E99C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:11:34.0314 21556  RTL8167 - ok
22:11:34.0356 21556  [ C5E1A5C17FA2CC83C2BB2167B0895100 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
22:11:34.0358 21556  rzudd - ok
22:11:34.0380 21556  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
22:11:34.0383 21556  s3cap - ok
22:11:34.0397 21556  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
22:11:34.0398 21556  SamSs - ok
22:11:34.0417 21556  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
22:11:34.0420 21556  sbp2port - ok
22:11:34.0433 21556  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:11:34.0438 21556  SCardSvr - ok
22:11:34.0474 21556  [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
22:11:34.0477 21556  SCDEmu - ok
22:11:34.0486 21556  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:11:34.0488 21556  scfilter - ok
22:11:34.0526 21556  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
22:11:34.0543 21556  Schedule - ok
22:11:34.0566 21556  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:11:34.0566 21556  SCPolicySvc - ok
22:11:34.0578 21556  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:11:34.0581 21556  SDRSVC - ok
22:11:34.0605 21556  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:11:34.0607 21556  secdrv - ok
22:11:34.0623 21556  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
22:11:34.0626 21556  seclogon - ok
22:11:34.0657 21556  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:11:34.0660 21556  SENS - ok
22:11:34.0670 21556  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:11:34.0673 21556  SensrSvc - ok
22:11:34.0709 21556  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:11:34.0712 21556  Serenum - ok
22:11:34.0722 21556  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:11:34.0725 21556  Serial - ok
22:11:34.0738 21556  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:11:34.0740 21556  sermouse - ok
22:11:34.0749 21556  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
22:11:34.0751 21556  SessionEnv - ok
22:11:34.0766 21556  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
22:11:34.0768 21556  sffdisk - ok
22:11:34.0777 21556  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:11:34.0781 21556  sffp_mmc - ok
22:11:34.0785 21556  [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
22:11:34.0787 21556  sffp_sd - ok
22:11:34.0797 21556  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:11:34.0799 21556  sfloppy - ok
22:11:34.0816 21556  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:11:34.0821 21556  ShellHWDetection - ok
22:11:34.0832 21556  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:11:34.0834 21556  SiSRaid2 - ok
22:11:34.0849 21556  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:11:34.0852 21556  SiSRaid4 - ok
22:11:34.0980 21556  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:11:35.0024 21556  Skype C2C Service - ok
22:11:35.0083 21556  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:11:35.0280 21556  SkypeUpdate - ok
22:11:35.0324 21556  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:11:35.0327 21556  Smb - ok
22:11:35.0348 21556  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:11:35.0351 21556  SNMPTRAP - ok
22:11:35.0356 21556  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:11:35.0359 21556  spldr - ok
22:11:35.0388 21556  [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler         C:\Windows\System32\spoolsv.exe
22:11:35.0393 21556  Spooler - ok
22:11:35.0449 21556  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:11:35.0502 21556  sppsvc - ok
22:11:35.0527 21556  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:11:35.0530 21556  sppuinotify - ok
22:11:35.0557 21556  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:11:35.0562 21556  srv - ok
22:11:35.0588 21556  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:11:35.0592 21556  srv2 - ok
22:11:35.0616 21556  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:11:35.0618 21556  srvnet - ok
22:11:35.0644 21556  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:11:35.0647 21556  SSDPSRV - ok
22:11:35.0651 21556  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:11:35.0653 21556  SstpSvc - ok
22:11:35.0683 21556  Steam Client Service - ok
22:11:35.0694 21556  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:11:35.0696 21556  stexstor - ok
22:11:35.0731 21556  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
22:11:35.0737 21556  stisvc - ok
22:11:35.0760 21556  [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
22:11:35.0762 21556  storflt - ok
22:11:35.0774 21556  [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
22:11:35.0777 21556  storvsc - ok
22:11:35.0793 21556  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:11:35.0795 21556  swenum - ok
22:11:35.0867 21556  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:11:35.0877 21556  SwitchBoard - ok
22:11:35.0890 21556  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:11:35.0907 21556  swprv - ok
22:11:35.0941 21556  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
22:11:35.0967 21556  SysMain - ok
22:11:35.0975 21556  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:11:35.0978 21556  TabletInputService - ok
22:11:36.0185 21556  [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
22:11:36.0319 21556  TabletServicePen - ok
22:11:36.0365 21556  [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
22:11:36.0368 21556  tap0901t - ok
22:11:36.0390 21556  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:11:36.0396 21556  TapiSrv - ok
22:11:36.0410 21556  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:11:36.0414 21556  TBS - ok
22:11:36.0447 21556  [ B9D87C7707F058AC652A398CD28DE14B ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:11:36.0472 21556  Tcpip - ok
22:11:36.0514 21556  [ B9D87C7707F058AC652A398CD28DE14B ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:11:36.0521 21556  TCPIP6 - ok
22:11:36.0554 21556  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:11:36.0557 21556  tcpipreg - ok
22:11:36.0562 21556  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:11:36.0563 21556  TDPIPE - ok
22:11:36.0570 21556  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:11:36.0572 21556  TDTCP - ok
22:11:36.0603 21556  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:11:36.0606 21556  tdx - ok
22:11:36.0678 21556  [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
22:11:36.0702 21556  TeamViewer7 - ok
22:11:36.0717 21556  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:11:36.0720 21556  TermDD - ok
22:11:36.0735 21556  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
22:11:36.0743 21556  TermService - ok
22:11:36.0759 21556  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:11:36.0763 21556  Themes - ok
22:11:36.0776 21556  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:11:36.0777 21556  THREADORDER - ok
22:11:36.0797 21556  [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
22:11:36.0802 21556  TouchServicePen - ok
22:11:36.0810 21556  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:11:36.0813 21556  TrkWks - ok
22:11:36.0855 21556  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:11:36.0858 21556  TrustedInstaller - ok
22:11:36.0873 21556  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:11:36.0893 21556  tssecsrv - ok
22:11:36.0926 21556  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:11:36.0929 21556  tunnel - ok
22:11:37.0001 21556  [ EB2252371A7A4B26B8AB2C6DF0B4EEFF ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
22:11:37.0154 21556  TunngleService - ok
22:11:37.0180 21556  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:11:37.0182 21556  uagp35 - ok
22:11:37.0204 21556  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:11:37.0209 21556  udfs - ok
22:11:37.0223 21556  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:11:37.0227 21556  UI0Detect - ok
22:11:37.0250 21556  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
22:11:37.0256 21556  uliagpkx - ok
22:11:37.0316 21556  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:11:37.0694 21556  umbus - ok
22:11:37.0766 21556  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:11:37.0814 21556  UmPass - ok
22:11:37.0934 21556  [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:11:37.0956 21556  UmRdpService - ok
22:11:37.0988 21556  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:11:37.0993 21556  upnphost - ok
22:11:38.0020 21556  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
22:11:38.0022 21556  USBAAPL64 - ok
22:11:38.0059 21556  [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:11:38.0084 21556  usbaudio - ok
22:11:38.0108 21556  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:11:38.0110 21556  usbccgp - ok
22:11:38.0127 21556  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
22:11:38.0129 21556  usbcir - ok
22:11:38.0139 21556  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:11:38.0141 21556  usbehci - ok
22:11:38.0165 21556  [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:11:38.0169 21556  usbhub - ok
22:11:38.0184 21556  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
22:11:38.0209 21556  usbohci - ok
22:11:38.0237 21556  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:11:38.0239 21556  usbprint - ok
22:11:38.0252 21556  [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:11:38.0254 21556  USBSTOR - ok
22:11:38.0268 21556  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:11:38.0270 21556  usbuhci - ok
22:11:38.0308 21556  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:11:38.0311 21556  usbvideo - ok
22:11:38.0329 21556  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:11:38.0332 21556  UxSms - ok
22:11:38.0342 21556  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
22:11:38.0343 21556  VaultSvc - ok
22:11:38.0380 21556  [ 9E607F6240EADC4C0B3570F3E5E0358C ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:11:38.0382 21556  VBoxNetAdp - ok
22:11:38.0385 21556  VBoxNetFlt - ok
22:11:38.0397 21556  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
22:11:38.0399 21556  vdrvroot - ok
22:11:38.0420 21556  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
22:11:38.0426 21556  vds - ok
22:11:38.0439 21556  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:11:38.0440 21556  vga - ok
22:11:38.0451 21556  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:11:38.0453 21556  VgaSave - ok
22:11:38.0467 21556  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
22:11:38.0470 21556  vhdmp - ok
22:11:38.0487 21556  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
22:11:38.0488 21556  viaide - ok
22:11:38.0516 21556  [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
22:11:38.0519 21556  vmbus - ok
22:11:38.0535 21556  [ AE10C35761889E65A6F7176937C5592C ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
22:11:38.0536 21556  VMBusHID - ok
22:11:38.0549 21556  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
22:11:38.0552 21556  volmgr - ok
22:11:38.0562 21556  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:11:38.0566 21556  volmgrx - ok
22:11:38.0579 21556  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
22:11:38.0583 21556  volsnap - ok
22:11:38.0600 21556  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:11:38.0602 21556  vsmraid - ok
22:11:38.0635 21556  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
22:11:38.0660 21556  VSS - ok
22:11:38.0686 21556  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:11:38.0688 21556  vwifibus - ok
22:11:38.0709 21556  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:11:38.0713 21556  W32Time - ok
22:11:38.0730 21556  [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
22:11:38.0731 21556  wacmoumonitor - ok
22:11:38.0749 21556  [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
22:11:38.0750 21556  wacommousefilter - ok
22:11:38.0762 21556  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:11:38.0764 21556  WacomPen - ok
22:11:38.0789 21556  [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
22:11:38.0790 21556  wacomvhid - ok
22:11:38.0804 21556  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:11:38.0806 21556  WANARP - ok
22:11:38.0810 21556  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:11:38.0811 21556  Wanarpv6 - ok
22:11:38.0839 21556  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
22:11:38.0863 21556  wbengine - ok
22:11:38.0885 21556  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:11:38.0888 21556  WbioSrvc - ok
22:11:38.0908 21556  [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:11:38.0913 21556  wcncsvc - ok
22:11:38.0922 21556  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:11:38.0924 21556  WcsPlugInService - ok
22:11:38.0941 21556  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:11:38.0943 21556  Wd - ok
22:11:38.0975 21556  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
22:11:38.0976 21556  WDC_SAM - ok
22:11:38.0993 21556  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:11:38.0998 21556  Wdf01000 - ok
22:11:39.0012 21556  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:11:39.0016 21556  WdiServiceHost - ok
22:11:39.0019 21556  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:11:39.0021 21556  WdiSystemHost - ok
22:11:39.0041 21556  [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient       C:\Windows\System32\webclnt.dll
22:11:39.0045 21556  WebClient - ok
22:11:39.0059 21556  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:11:39.0063 21556  Wecsvc - ok
22:11:39.0067 21556  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:11:39.0070 21556  wercplsupport - ok
22:11:39.0084 21556  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:11:39.0087 21556  WerSvc - ok
22:11:39.0103 21556  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:11:39.0104 21556  WfpLwf - ok
22:11:39.0119 21556  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:11:39.0120 21556  WIMMount - ok
22:11:39.0143 21556  WinDefend - ok
22:11:39.0150 21556  WinHttpAutoProxySvc - ok
22:11:39.0182 21556  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:11:39.0184 21556  Winmgmt - ok
22:11:39.0223 21556  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:11:39.0259 21556  WinRM - ok
22:11:39.0308 21556  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:11:39.0310 21556  WinUsb - ok
22:11:39.0331 21556  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:11:39.0339 21556  Wlansvc - ok
22:11:39.0423 21556  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:11:39.0459 21556  wlidsvc - ok
22:11:39.0471 21556  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:11:39.0473 21556  WmiAcpi - ok
22:11:39.0487 21556  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:11:39.0490 21556  wmiApSrv - ok
22:11:39.0494 21556  WMPNetworkSvc - ok
22:11:39.0516 21556  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:11:39.0518 21556  WPCSvc - ok
22:11:39.0527 21556  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:11:39.0530 21556  WPDBusEnum - ok
22:11:39.0543 21556  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:11:39.0546 21556  ws2ifsl - ok
22:11:39.0566 21556  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
22:11:39.0569 21556  wscsvc - ok
22:11:39.0572 21556  WSearch - ok
22:11:39.0633 21556  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:11:39.0677 21556  wuauserv - ok
22:11:39.0715 21556  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:11:39.0718 21556  WudfPf - ok
22:11:39.0752 21556  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:11:39.0754 21556  WUDFRd - ok
22:11:39.0776 21556  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:11:39.0779 21556  wudfsvc - ok
22:11:39.0803 21556  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:11:39.0806 21556  WwanSvc - ok
22:11:39.0838 21556  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
22:11:39.0840 21556  xusb21 - ok
22:11:39.0861 21556  ================ Scan global ===============================
22:11:39.0868 21556  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:11:39.0890 21556  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
22:11:39.0896 21556  [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
22:11:39.0909 21556  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:11:39.0921 21556  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:11:39.0924 21556  [Global] - ok
22:11:39.0925 21556  ================ Scan MBR ==================================
22:11:39.0951 21556  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:11:40.0089 21556  \Device\Harddisk0\DR0 - ok
22:11:40.0122 21556  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:11:40.0413 21556  \Device\Harddisk1\DR1 - ok
22:11:40.0415 21556  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
22:11:40.0894 21556  \Device\Harddisk2\DR2 - ok
22:11:40.0897 21556  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
22:11:41.0438 21556  \Device\Harddisk3\DR3 - ok
22:11:41.0441 21556  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk4\DR4
22:11:41.0614 21556  \Device\Harddisk4\DR4 - ok
22:11:41.0614 21556  ================ Scan VBR ==================================
22:11:41.0616 21556  [ 8248EE32FE5895A80BAB92084E75EFCF ] \Device\Harddisk0\DR0\Partition1
22:11:41.0617 21556  \Device\Harddisk0\DR0\Partition1 - ok
22:11:41.0631 21556  [ 07F944CB24083723084F8630EEFBE1F4 ] \Device\Harddisk1\DR1\Partition1
22:11:41.0632 21556  \Device\Harddisk1\DR1\Partition1 - ok
22:11:41.0643 21556  [ CFFB9E9AABEF9B2C0FD923D31E7CC1DF ] \Device\Harddisk1\DR1\Partition2
22:11:41.0644 21556  \Device\Harddisk1\DR1\Partition2 - ok
22:11:41.0646 21556  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
22:11:41.0646 21556  \Device\Harddisk2\DR2\Partition1 - ok
22:11:41.0648 21556  [ E750365AEF3A30FA4B7D0D72257986CF ] \Device\Harddisk2\DR2\Partition2
22:11:41.0650 21556  \Device\Harddisk2\DR2\Partition2 - ok
22:11:41.0651 21556  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk3\DR3\Partition1
22:11:41.0652 21556  \Device\Harddisk3\DR3\Partition1 - ok
22:11:41.0653 21556  [ E32CDD5A0D3BBBDD0E04FDFDF3BADDB1 ] \Device\Harddisk3\DR3\Partition2
22:11:41.0655 21556  \Device\Harddisk3\DR3\Partition2 - ok
22:11:41.0657 21556  [ 8996F84A7B7288F85A63F2D371A369CE ] \Device\Harddisk4\DR4\Partition1
22:11:41.0660 21556  \Device\Harddisk4\DR4\Partition1 - ok
22:11:41.0660 21556  ============================================================
22:11:41.0660 21556  Scan finished
22:11:41.0660 21556  ============================================================
22:11:41.0668 22100  Detected object count: 0
22:11:41.0668 22100  Actual detected object count: 0
22:12:40.0012 23252  Deinitialize success

aswMBR Log:

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-25 22:12:45
-----------------------------
22:12:45.349    OS Version: Windows x64 6.1.7600 
22:12:45.349    Number of processors: 8 586 0x2A07
22:12:45.350    ComputerName: ROZE-PC  UserName: Roze
22:12:47.360    Initialize success
22:19:27.187    AVAST engine defs: 12092500
22:19:30.729    Disk 0  \Device\Harddisk0\DR0 -> \Device\Scsi\mv91xx1Port1Path0Target0Lun0
22:19:30.731    Disk 0 Vendor: ST310005 JC45 Size: 953869MB BusType: 11
22:19:30.733    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Scsi\mv91xx1Port1Path0Target1Lun0
22:19:30.734    Disk 1 Vendor: ST310005 JC4B Size: 953869MB BusType: 11
22:19:30.747    Disk 1 MBR read successfully
22:19:30.749    Disk 1 MBR scan
22:19:30.769    Disk 1 Windows 7 default MBR code
22:19:30.778    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
22:19:30.785    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS       953767 MB offset 206848
22:19:30.799    Disk 1 scanning C:\Windows\system32\drivers
22:19:50.012    Service scanning
22:20:09.286    Modules scanning
22:20:09.291    Disk 1 trace - called modules:
22:20:09.322    ntoskrnl.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll mv91xx.sys 
22:20:09.325    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800a5a0060]
22:20:09.328    3 CLASSPNP.SYS[fffff88001ca743f] -> nt!IofCallDriver -> \Device\Scsi\mv91xx1Port1Path0Target1Lun0[0xfffffa800a2cc050]
22:20:20.728    AVAST engine scan C:\Windows
22:20:26.018    Disk 1 MBR has been saved successfully to "C:\MBR.dat"
22:20:26.024    The log file has been saved successfully to "C:\aswMBR.txt"

ESET:
C:\$Recycle.Bin\S-1-5-21-1981497516-3800943867-184943515-1000\$R41OPJB.exe	Win32/Packed.VMProtect.D trojan	cleaned by deleting - quarantined
C:\$Recycle.Bin\S-1-5-21-1981497516-3800943867-184943515-1000\$R62HNAL.exe	Win32/Packed.VMProtect.D trojan	cleaned by deleting - quarantined
C:\Program Files (x86)\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\1911.dll	a variant of Win32/Packed.VMProtect.AAA trojan	cleaned by deleting - quarantined


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:22 PM

Posted 25 September 2012 - 01:30 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log

#5 TheRoze

TheRoze
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 26 September 2012 - 04:05 AM

Malware Bytes:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.25.12

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Roze :: ROZE-PC [administrator]

9/26/2012 3:45:50 AM
mbam-log-2012-09-26 (03-45-50).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 1239783
Time elapsed: 3 hour(s), 13 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 8
C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\n (Trojan.0Access) -> Delete on reboot.
C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\U\00000004.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\U\000000cb.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\U\80000000.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\U\80000032.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\U\80000064.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1981497516-3800943867-184943515-1000\$5d857c79cb5d0366be9d5d73589cc9c0\n (Trojan.0Access) -> Quarantined and deleted successfully.

(end)

Mini Toolbox
MiniToolBox by Farbar  Version: 23-07-2012
Ran by Roze (administrator) on 26-09-2012 at 15:10:50
Windows 7 Ultimate  (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ============================== 

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1                   activate.adobe.com
127.0.0.1                   practivate.adobe.com
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

========================= IP Configuration: ================================

The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Roze-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F4-6D-04-94-20-9E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::14b1:4f19:7926:b4c4%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.1.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, September 25, 2012 8:45:04 PM
   Lease Expires . . . . . . . . . . : Wednesday, September 26, 2012 3:45:03 PM
   Default Gateway . . . . . . . . . : 10.1.1.1
   DHCP Server . . . . . . . . . . . : 10.1.1.1
   DHCPv6 IAID . . . . . . . . . . . : 250899716
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-0F-26-01-F4-6D-04-94-20-9E
   DNS Servers . . . . . . . . . . . : 10.1.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B845D602-3687-48A7-A69C-8FD7051D0D33}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Pinging google.com [74.125.237.98] with 32 bytes of data:
Reply from 74.125.237.98: bytes=32 time=68ms TTL=53
Reply from 74.125.237.98: bytes=32 time=67ms TTL=53

Ping statistics for 74.125.237.98:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 67ms, Maximum = 68ms, Average = 67ms

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=527ms TTL=44
Reply from 98.139.183.24: bytes=32 time=529ms TTL=44

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 527ms, Maximum = 529ms, Average = 528ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...f4 6d 04 94 20 9e ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.1.1.1         10.1.1.2     20
         10.1.1.0    255.255.255.0         On-link          10.1.1.2    276
         10.1.1.2  255.255.255.255         On-link          10.1.1.2    276
       10.1.1.255  255.255.255.255         On-link          10.1.1.2    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.1.1.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.1.1.2    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0          5.0.0.1  Default 
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::14b1:4f19:7926:b4c4/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/26/2012 03:56:14 AM) (Source: Application Hang) (User: )
Description: The program explorer.exe version 6.1.7600.16450 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 5724

Start Time: 01cd9b5784cfc066

Termination Time: 17

Application Path: C:\Windows\explorer.exe

Report Id: 0b98549c-074b-11e2-ad46-f46d0494209e

Error: (09/25/2012 10:25:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/24/2012 03:37:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x50589428
Faulting module name: client.dll, version: 1.0.0.1, time stamp: 0x505c8c17
Exception code: 0xc0000005
Fault offset: 0x0034bb70
Faulting process id: 0x4d18
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3

Error: (09/21/2012 05:55:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: vlc.exe, version: 2.0.1.0, time stamp: 0x4f63d546
Faulting module name: vlc.exe, version: 2.0.1.0, time stamp: 0x4f63d546
Exception code: 0xc0000005
Fault offset: 0x000016d5
Faulting process id: 0x13ec
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3

Error: (09/20/2012 09:56:05 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version: 11.3.300.262, time stamp: 0x4fe20fae
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x009a390c
Faulting process id: 0x1118
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_262.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_262.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_262.exe2
Report Id: FlashPlayerPlugin_11_3_300_262.exe3

Error: (09/20/2012 08:17:27 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version: 11.3.300.262, time stamp: 0x4fe20fae
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00a3390c
Faulting process id: 0x27ac
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_262.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_262.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_262.exe2
Report Id: FlashPlayerPlugin_11_3_300_262.exe3

Error: (09/20/2012 08:14:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version: 11.3.300.262, time stamp: 0x4fe20fae
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00a3390c
Faulting process id: 0x1b78
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_262.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_262.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_262.exe2
Report Id: FlashPlayerPlugin_11_3_300_262.exe3

Error: (09/20/2012 08:14:31 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version: 11.3.300.262, time stamp: 0x4fe20fae
Faulting module name: AcGenral.DLL, version: 6.1.7600.16385, time stamp: 0x4a5bd97a
Exception code: 0xc0000005
Fault offset: 0x0008390c
Faulting process id: 0x27cc
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_262.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_262.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_262.exe2
Report Id: FlashPlayerPlugin_11_3_300_262.exe3

Error: (09/20/2012 08:14:28 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version: 11.3.300.262, time stamp: 0x4fe20fae
Faulting module name: ntdll.dll, version: 6.1.7600.16695, time stamp: 0x4cc7ab86
Exception code: 0xc0000374
Fault offset: 0x000cea27
Faulting process id: 0x1d9c
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_262.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_262.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_262.exe2
Report Id: FlashPlayerPlugin_11_3_300_262.exe3

Error: (09/20/2012 08:12:39 AM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version: 11.3.300.262, time stamp: 0x4fe20fae
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00a3390c
Faulting process id: 0x2d84
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_262.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_262.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_262.exe2
Report Id: FlashPlayerPlugin_11_3_300_262.exe3


System errors:
=============
Error: (09/26/2012 03:56:34 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891

Error: (09/26/2012 03:56:34 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891

Error: (09/26/2012 03:54:17 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147024891

Error: (09/26/2012 03:54:17 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147024891

Error: (09/25/2012 10:23:56 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (09/25/2012 10:23:56 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (09/25/2012 10:23:56 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (09/25/2012 10:23:56 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.

Error: (09/25/2012 10:23:21 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.

Error: (09/25/2012 10:23:21 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.


Microsoft Office Sessions:
=========================
Error: (09/26/2012 03:56:14 AM) (Source: Application Hang)(User: )
Description: explorer.exe6.1.7600.16450572401cd9b5784cfc06617C:\Windows\explorer.exe0b98549c-074b-11e2-ad46-f46d0494209e

Error: (09/25/2012 10:25:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Roze\Downloads\esetsmartinstaller_enu.exe

Error: (09/24/2012 03:37:47 PM) (Source: Application Error)(User: )
Description: hl2.exe0.0.0.050589428client.dll1.0.0.1505c8c17c00000050034bb704d1801cd9a2746b05295c:\program files (x86)\steam\steamapps\roze11\garry's mod beta\hl2.exec:\program files (x86)\steam\steamapps\roze11\garry's mod beta\garrysmodbeta\bin\client.dllbbcd7ade-061a-11e2-ad46-f46d0494209e

Error: (09/21/2012 05:55:43 PM) (Source: Application Error)(User: )
Description: vlc.exe2.0.1.04f63d546vlc.exe2.0.1.04f63d546c0000005000016d513ec01cd970f2ddce831C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\vlc.exe81531bfd-03d2-11e2-ad46-f46d0494209e

Error: (09/20/2012 09:56:05 AM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_3_300_262.exe11.3.300.2624fe20faeunknown0.0.0.000000000c0000005009a390c111801cd96d317449816C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exeunknown55d02433-02c6-11e2-ad46-f46d0494209e

Error: (09/20/2012 08:17:27 AM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_3_300_262.exe11.3.300.2624fe20faeunknown0.0.0.000000000c000000500a3390c27ac01cd96c54fd79579C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exeunknown8e68c6fb-02b8-11e2-ad46-f46d0494209e

Error: (09/20/2012 08:14:36 AM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_3_300_262.exe11.3.300.2624fe20faeunknown0.0.0.000000000c000000500a3390c1b7801cd96c4eb424721C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exeunknown28ff5ca8-02b8-11e2-ad46-f46d0494209e

Error: (09/20/2012 08:14:31 AM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_3_300_262.exe11.3.300.2624fe20faeAcGenral.DLL6.1.7600.163854a5bd97ac00000050008390c27cc01cd96c4e7e18348C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exeC:\Windows\AppPatch\AcGenral.DLL259d604a-02b8-11e2-ad46-f46d0494209e

Error: (09/20/2012 08:14:28 AM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_3_300_262.exe11.3.300.2624fe20faentdll.dll6.1.7600.166954cc7ab86c0000374000cea271d9c01cd96c4e5d976abC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exeC:\Windows\SysWOW64\ntdll.dll23dbfaa6-02b8-11e2-ad46-f46d0494209e

Error: (09/20/2012 08:12:39 AM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_3_300_262.exe11.3.300.2624fe20faeunknown0.0.0.000000000c000000500a3390c2d8401cd96c4a41bbc2dC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exeunknowne2e2f29a-02b7-11e2-ad46-f46d0494209e


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.2)
Adobe AIR (Version: 2.7.1.19610)
Adobe Community Help (Version: 3.4.980)
Adobe Creative Suite 5 Master Collection (Version: 5.0)
Adobe Dreamweaver CS5.5 (Version: 11.5)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Flash Professional CS5.5 (Version: 11.5)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
AI Suite II (Version: 1.01.14)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70727.2220)
ANNO 1404 - Venice (Version: 2.0.5008.0)
Anno 1404 (Version: 1.00.0000)
ANNO 1404 (Version: 1.02.0000)
ANNO 2070 (Version: 1.0.0.0)
Anomaly Warzone Earth (Version: 1)
APB Reloaded
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
Arcanum Ultima (Version: 1.00.0000)
ARMA 2
ARMA 2: Operation Arrowhead
Baldur's Gate
Bamboo (Version: 5.2.5-5)
Bastion (Version: 1.0.2)
Battlefield 3™ (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 1.110.0)
BattlEye for OA Uninstall
BIT.TRIP RUNNER
Blender (Version: 2.60-release)
Bluetooth Win7 Suite (64) (Version: 7.2.0.40)
Bonjour (Version: 3.0.0.10)
Borderlands
Build Your Own Net Dream (remove only)
Caesar IV (Version: 1.1)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0806.1213.19931)
Catalyst Control Center Graphics Previews Common (Version: 2012.0806.1213.19931)
Catalyst Control Center InstallProxy (Version: 2012.0806.1213.19931)
Catalyst Control Center Localization All (Version: 2012.0806.1213.19931)
Cave Story+
ccc-utility64 (Version: 2012.0806.1213.19931)
CCC Help Chinese Standard (Version: 2012.0806.1212.19931)
CCC Help Chinese Traditional (Version: 2012.0806.1212.19931)
CCC Help Czech (Version: 2012.0806.1212.19931)
CCC Help Danish (Version: 2012.0806.1212.19931)
CCC Help Dutch (Version: 2012.0806.1212.19931)
CCC Help English (Version: 2012.0806.1212.19931)
CCC Help Finnish (Version: 2012.0806.1212.19931)
CCC Help French (Version: 2012.0806.1212.19931)
CCC Help German (Version: 2012.0806.1212.19931)
CCC Help Greek (Version: 2012.0806.1212.19931)
CCC Help Hungarian (Version: 2012.0806.1212.19931)
CCC Help Italian (Version: 2012.0806.1212.19931)
CCC Help Japanese (Version: 2012.0806.1212.19931)
CCC Help Korean (Version: 2012.0806.1212.19931)
CCC Help Norwegian (Version: 2012.0806.1212.19931)
CCC Help Polish (Version: 2012.0806.1212.19931)
CCC Help Portuguese (Version: 2012.0806.1212.19931)
CCC Help Russian (Version: 2012.0806.1212.19931)
CCC Help Spanish (Version: 2012.0806.1212.19931)
CCC Help Swedish (Version: 2012.0806.1212.19931)
CCC Help Thai (Version: 2012.0806.1212.19931)
CCC Help Turkish (Version: 2012.0806.1212.19931)
CCleaner (Version: 3.22)
Character Builder (Version: 1.10.0000)
Cogs
COMODO Internet Security (Version: 5.10.31649.2253)
Counter-Strike: Source
CraftBukkit
CSS FULL DZ [Oct 15 2007] v18.1 (Version: v18.1)
Cyberduck 4.2.1 (9350) (Version: 4.2.1 (9350))
DAoC Portal (Version: 2.1.0)
Dark Age of Camelot (Version: )
Desura (Version: 100.53)
Desura: Omegalodon (Version: Full)
Dropbox (Version: 1.4.12)
Dungeon Defenders
Dungeon Defenders Development Kit
Dungeons of Dredmor
ESET Online Scanner v3
ESI - KeyControl49 Driver
ESN Sonar (Version: 0.70.0)
ESN Sonar (Version: 0.70.4)
Evil Genius
Farming Simulator 2011 (Version: 1.0)
FileZilla Client 3.5.3 (Version: 3.5.3)
Fraps (remove only)
From Dust (Version: 1.0.0)
Frozen Synapse
FTL: Faster Than Light
GameRanger
GamersFirst LIVE!
GameSpy Arcade
Garry's Mod
Garry's Mod 13 Beta
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
GraphicsGale version 1.93.12
Gratuitous Space Battles
Half-Life 2
Half-Life 2: Lost Coast
Hammerfight
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
Hitman: Blood Money
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Rapid Storage Technology (Version: 10.5.0.1026)
Intel® Watchdog Timer Driver (Intel® WDT)
iTunes (Version: 10.5.0.142)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (Version: 2.1.6.0)
Java SE Development Kit 7 Update 4 (64-bit) (Version: 1.7.0.40)
Java SE Development Kit 7 Update 7 (64-bit) (Version: 1.7.0.70)
Java(TM) 6 Update 29 (Version: 6.0.290)
Java(TM) 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (64-bit) (Version: 2.1.0)
JavaFX 2.1.0 (Version: 2.1.0)
JavaFX 2.1.0 SDK (64-bit) (Version: 2.1.0)
jGRASP (Version: 1.8.8_15)
Just Cause 2
Kingdoms of Amalur Reckoning
Livestream Procaster (Version: 20.2.69)
Logitech G930 (Version: 1.0.364)
LogMeIn Hamachi (Version: 2.1.0.210)
Magicka
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MapleStory
marvell 91xx driver (Version: 1.0.0.1045)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access 2010 (Version: 14.0.4763.1000)
Microsoft Excel 2010 (Version: 14.0.4763.1000)
Microsoft Games for Windows - LIVE (Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Office Access 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Word 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Word 2010 (Version: 14.0.4763.1000)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
mIRC (Version: 7.19)
Mozilla Firefox 16.0 (x86 en-US) (Version: 16.0)
Mozilla Maintenance Service (Version: 16.0)
MSXML4 Parser (Version: 1.0.0)
MTA:SA v1.1.1 (Version: v1.1.1)
MTA:SA v1.3 (Version: v1.3)
Mumble 1.2.3 (Version: 1.2.3)
MySQL Connector/ODBC 3.51 (Version: 3.51.12)
Nexon Game Manager
NightSky
Notepad++ (Version: 5.9.3)
NVIDIA PhysX (Version: 9.10.0129)
OpenAL
OpenTTD 1.2.2 (Version: 1.2.2)
Origin (Version: 8.4.1.210)
Pando Media Booster (Version: 2.6.0.8)
PC Wizard 2012.2.0
PDF Settings CS5 (Version: 10.0)
Portal
PowerISO (Version: 4.7)
Pro Motion 6.5
PunkBuster Services (Version: 0.993)
Razer Synapse 2.0 (Version: 1.4.13)
Realtek Ethernet Controller Driver (Version: 7.31.1025.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6449)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0)
Rise of Nations (Version: 1.0)
Rockstar Games Social Club (Version: 1.0.0.0)
Saints Row The Third
SCHTHACK PSOBB Compatibility Database
screenSHU - the fastest screen capture ever.
Shank
Sins of a Solar Empire Rebellion (c) Stardock version 1 (Version: 1)
Six Updater (Version: 2.09.7004)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
StarCraft II (Version: 1.0.0.15405)
Steam (Version: 1.0.0.0)
STORM (Version: 1.3.0.0)
Super Meat Boy Editor
Synthesia (remove only)
Team Fortress 2
TeamSpeak 3 Client
TeamViewer 7 (Version: 7.0.12979)
Terraria
The Battle for Middle-earth (tm) II
The Godfather™ II (Version: 1.0.764.0)
The Lord of the Rings Online™ v03.07.00.8037 (Version: 03.07.00.8037)
The Settlers 7 - Paths to a Kingdom (Version: 1.02.1221)
The Settlers II - 10th Anniversary
The Ship
The Sims™ 3 (Version: 1.33.2)
The Sims™ 3 Ambitions (Version: 4.0.87)
The Sims™ 3 Fast Lane Stuff (Version: 5.0.44)
The Sims™ 3 Generations (Version: 8.0.152)
The Sims™ 3 High-End Loft Stuff (Version: 3.0.38)
The Sims™ 3 Late Night (Version: 6.0.81)
The Sims™ 3 Master Suite Stuff (Version: 11.0.84)
The Sims™ 3 Outdoor Living Stuff (Version: 7.0.55)
The Sims™ 3 Pets (Version: 10.0.96)
The Sims™ 3 Showtime (Version: 12.0.273)
The Sims™ 3 Town Life Stuff (Version: 9.0.73)
The Sims™ 3 World Adventures (Version: 2.0.86)
TightVNC 2.0.4 (Version: 2.0.4)
Titan Quest (Version: 1.00.0000)
Titan Quest Immortal Throne (Version: 1.00.0000)
To the Moon (Version: 1.0)
Tom Clancy's Rainbow Six Vegas 2 (Version: 1.00)
TortoiseSVN 1.7.7.22907 (64 bit) (Version: 1.7.22907)
Tribes Ascend (Version: 1.0.961.0)
Tunngle beta
Ubisoft Game Launcher (Version: 1.0.0.0)
Underlord 1.5
Unity Web Player (Version: )
Uplink (remove only)
Virtual Audio Cable 4.10
VLC media player 2.0.1 (Version: 2.0.1)
WebTablet FB Plugin (Version: 2.0.0.1)
WebTablet IE Plugin (Version: 1.1.0.12)
WebTablet Netscape Plugin (Version: 1.1.0.10)
WiFi Engine (Version: 1.05)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR archiver
WinSCP 4.3.5 (Version: 4.3.5)
WinX DVD Ripper Platinum 6.0.2
WorldPainter 0.6.7 (Version: 0.6.7)

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 8168.77 MB
Available physical RAM: 3465.2 MB
Total Pagefile: 16335.69 MB
Available Pagefile: 11766.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.41 MB

========================= Partitions: =====================================

1 Drive c: (Crobat) (Fixed) (Total:931.41 GB) (Free:329.21 GB) NTFS
2 Drive d: (Espeon) (Fixed) (Total:1862.89 GB) (Free:915.74 GB) NTFS
5 Drive g: (Gyarados) (Fixed) (Total:1862.89 GB) (Free:1083.42 GB) NTFS
6 Drive h: (Houndoom) (Fixed) (Total:1397.26 GB) (Free:293.9 GB) NTFS

========================= Users: ========================================

User accounts for \\ROZE-PC

Administrator            ASPNET                   Guest                    
Roze                     

========================= Restore Points ==================================

Could not list Restore Points.

**** End of log ****

FSS
Farbar Service Scanner Version: 19-09-2012
Ran by Roze (administrator) on 26-09-2012 at 15:12:16
Running from "C:\Users\Roze\Downloads"
Windows 7 Ultimate  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of bfe. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of bfe. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2011-09-24 16:46] - [2011-06-21 14:27] - 1896832 ____A (Microsoft Corporation) B9D87C7707F058AC652A398CD28DE14B

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 08:09] - [2009-07-14 09:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 07:36] - [2009-07-14 09:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware Cleaner
# AdwCleaner v2.003 - Logfile created 09/26/2012 at 15:13:33
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Ultimate  (64 bits)
# User : Roze - ROZE-PC
# Boot Mode : Normal
# Running from : C:\Users\Roze\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Users\Roze\AppData\Local\APN

***** [Registry] *****

Key Deleted : HKLM\Software\Freeze.com

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v16.0 (en-US)

Profile name : default 
File : C:\Users\Roze\AppData\Roaming\Mozilla\Firefox\Profiles\p0s9zlup.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1178 octets] - [26/09/2012 15:13:33]

########## EOF - C:\AdwCleaner[S1].txt - [1238 octets] ##########

JRT
Junkware Removal Tool (JRT) by Thisisu 
Version: 1.0.8 (09.25.2012) 
OS: Windows 7 Ultimate x64 
Ran by Roze on Wed 09/26/2012 at 17:01:22.91 
Blog: http://thisisudax.blogspot.com 
************************************************************** 
 
 
 
 
*** Registry Values: 0 Detections 
 
 
 
*** Registry Keys: 
 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a} 
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a} 
 
 
 
*** Files: 0 Detections 
 
 
 
*** Folders: 0 Detections 
 
 
 


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:22 PM

Posted 26 September 2012 - 06:46 AM

Run malwarebytes again and post the new log

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 TheRoze

TheRoze
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 26 September 2012 - 07:01 PM

Malware Bytes:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.25.12

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Roze :: ROZE-PC [administrator]

9/26/2012 8:59:51 PM
mbam-log-2012-09-26 (20-59-51).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 1238986
Time elapsed: 2 hour(s), 53 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Service Repair:
Log Opened: 2012-09-27 @ 07:51:43
07:51:43 - -----------------
07:51:43 - | Begin Logging |
07:51:43 - -----------------
07:51:43 - Fix started on a WIN_7 X64 computer
07:51:43 - Prep in progress.  Please Wait.
07:51:46 - Prep complete
07:51:46 - Repairing Services Now.  Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
07:51:52 - Services Repair Complete.
07:51:59 - Reboot Skipped

FSS:
Farbar Service Scanner Version: 19-09-2012
Ran by Roze (administrator) on 27-09-2012 at 07:52:18
Running from "C:\Users\Roze\Downloads"
Microsoft Windows 7 Ultimate   (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2011-09-24 16:46] - [2011-06-21 14:27] - 1896832 ____A (Microsoft Corporation) B9D87C7707F058AC652A398CD28DE14B

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 08:09] - [2009-07-14 09:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 07:36] - [2009-07-14 09:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

RKILL:
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/27/2012 07:53:41 AM in x64 mode.
Windows Version: Windows 7 Ultimate 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

  * HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

 * ALERT: ZEROACCESS rootkit symptoms found!

     * HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
     * C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\@ [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\L\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\L\00000004.@ [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\L\201d3dde [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$5d857c79cb5d0366be9d5d73589cc9c0\U\ [ZA Dir]
     * C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
     * C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity: 

 *  (BFE) is not Running.
   Startup Type set to: 

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found: 

  127.0.0.1                   activate.adobe.com
  127.0.0.1                   practivate.adobe.com
  127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
  127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
  127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
  127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
  127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
  127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

Program finished at: 09/27/2012 07:54:14 AM
Execution time: 0 hours(s), 0 minute(s), and 33 seconds(s)

AutoRuns:
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "COMODO Internet Security"	"COMODO Internet Security"	"COMODO"	"c:\program files\comodo\comodo internet security\cfp.exe"
+ "RtHDVBg_DTS"	"HD Audio Background Process"	"Realtek Semiconductor"	"c:\program files\realtek\audio\hda\ravbg64.exe"
+ "RTHDVCPL"	"Realtek HD Audio Manager"	"Realtek Semiconductor"	"c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "AMD AVT"	""	""	"File not found: start"
+ "ASUS ShellProcess Execute"	"Helper AP for Windows ShellExec for NT"	"ASUSTeK Computer Inc."	"c:\program files (x86)\asus\ai suite ii\asus mobilink\simulator\asshellprocess.exe"
+ "IAStorIcon"	"IAStorIcon"	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe"
+ "Logitech G930"	"Logitech(c) G930 Headset"	"Logitech(c)"	"c:\program files (x86)\logitech\g930\g930.exe"
+ "NUSB3MON"	"USB 3.0 Monitor"	"Renesas Electronics Corporation"	"c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "PWRISOVM.EXE"	"PowerISO Virtual Drive Manager"	"PowerISO Computing, Inc."	"c:\program files (x86)\poweriso\pwrisovm.exe"
+ "Razer Synapse"	"Razer Synapse"	"Razer USA Ltd"	"c:\program files (x86)\razer\synapse\rzsynapse.exe"
+ "StartCCC"	"Catalyst® Control Center Launcher"	"Advanced Micro Devices, Inc."	"c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
"C:\Users\Roze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "Dropbox.lnk"	"Dropbox"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "uTorrent"	"µTorrent"	"BitTorrent, Inc."	"c:\program files (x86)\utorrent\utorrent.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"	""	""	""
+ "text/xml"	"Microsoft Office XML MIME Filter"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"	""	""	""
+ "ms-help"	"Microsoft® Help Data Services Module"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\help\hxds.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"	""	""	""
+ "Groove GFS Stub Execution Hook"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "Adobe.Acrobat.ContextMenu"	"Adobe Acrobat Context Menu"	"Adobe Systems Inc."	"c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "Atheros"	"Bluetooth Application Extension"	"Atheros Commnucations"	"c:\program files (x86)\bluetooth suite\btvappext.dll"
+ "Comodo Antivirus"	"COMODO Internet Security"	"COMODO"	"c:\program files\comodo\comodo internet security\cavshell.dll"
+ "Notepad++64"	"ShellHandler for Notepad++ (64 bit)"	""	"c:\program files (x86)\notepad++\nppshell_04.dll"
+ "PowerISO"	"PowerISOShell DLL"	"PowerISO Computing, Inc."	"c:\program files (x86)\poweriso\pwrisosh.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files (x86)\7-zip\7-zip.dll"
+ "Adobe.Acrobat.ContextMenu"	"Adobe Acrobat Context Menu"	"Adobe Systems Inc."	"c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers"	""	""	""
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\PropertySheetHandlers"	""	""	""
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"	""	""	""
+ "FTShellContext"	"ShellContextExt Module"	"Atheros Commnucations"	"c:\program files (x86)\bluetooth suite\shellcontextext.dll"
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"	""	""	""
+ "XXX Groove GFS Context Menu Handler XXX"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "PowerISO"	"PowerISOShell DLL"	"PowerISO Computing, Inc."	"c:\program files (x86)\poweriso\pwrisosh.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files (x86)\7-zip\7-zip.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files (x86)\7-zip\7-zip.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers"	""	""	""
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\PropertySheetHandlers"	""	""	""
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"	""	""	""
+ "Ath_CopyHook"	"AthCopyHook Dynamic Link Library"	"Atheros Commnucations"	"c:\program files (x86)\bluetooth suite\athcopyhook.dll"
+ "FileZilla3CopyHook"	"fzshellext Dynamic Link Library"	""	"c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
+ "WinSCPCopyHook"	"Drag&Drop shell extension for WinSCP (64-bit)"	"Martin Prikryl"	"c:\program files (x86)\winscp\dragext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers"	""	""	""
+ "FileZilla3CopyHook"	"fzshellext Dynamic Link Library"	""	"c:\program files (x86)\filezilla ftp client\fzshellext.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "ACE"	"AMD Desktop Control Panel"	"Advanced Micro Devices, Inc."	"c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files\windows sidebar\sbdrop.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"	""	""	""
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"	""	""	""
+ "PDF Shell Extension"	"PDF Shell Extension"	"Adobe Systems, Inc."	"c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "Adobe.Acrobat.ContextMenu"	"Adobe Acrobat Context Menu"	"Adobe Systems Inc."	"c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "Comodo Antivirus"	"COMODO Internet Security"	"COMODO"	"c:\program files\comodo\comodo internet security\cavshell.dll"
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "PowerISO"	"PowerISOShell DLL"	"PowerISO Computing, Inc."	"c:\program files (x86)\poweriso\pwrisosh.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "Adobe.Acrobat.ContextMenu"	"Adobe Acrobat Context Menu"	"Adobe Systems Inc."	"c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
+ "XXX Groove GFS Context Menu Handler XXX"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub.dll"
+ "WinRAR"	""	""	"c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers"	""	""	""
+ "TortoiseSVN"	"TortoiseSVN shell extension client"	"http://tortoisesvn.net"	"c:\program files\tortoisesvn\bin\tortoisestub32.dll"
+ "WinRAR32"	""	""	"c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "1TortoiseNormal"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "2TortoiseModified"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "3TortoiseConflict"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "4TortoiseLocked"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "5TortoiseReadOnly"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "6TortoiseDeleted"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "7TortoiseAdded"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "8TortoiseIgnored"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "9TortoiseUnversioned"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "DropboxExt1"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "1TortoiseNormal"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files (x86)\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "2TortoiseModified"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files (x86)\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "3TortoiseConflict"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files (x86)\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "4TortoiseLocked"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files (x86)\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "5TortoiseReadOnly"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files (x86)\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "6TortoiseDeleted"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files (x86)\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "7TortoiseAdded"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files (x86)\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "8TortoiseIgnored"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files (x86)\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "9TortoiseUnversioned"	"TortoiseSVN overlay handler shim"	"http://tortoisesvn.net"	"c:\program files (x86)\common files\tortoiseoverlays\tortoiseoverlays.dll"
+ "DropboxExt1"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt4"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\roze\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler"	"Microsoft Office Document Cache Handler"	"Microsoft Corporation"	"c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper"	"Microsoft® Windows Live ID Login Helper"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Adobe PDF Conversion Toolbar Helper"	"Adobe PDF Toolbar for Internet Explorer"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper"	"Adobe PDF Helper for Internet Explorer"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CIESpeechBHO Class"	"Bluetooth IE PlugIn"	"Atheros Commnucations"	"c:\program files (x86)\bluetooth suite\ieplugin.dll"
+ "Groove GFS Browser Helper"	"Microsoft SharePoint Workspace Extensions"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Office Document Cache Handler"	"Microsoft Office Document Cache Handler"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "SmartSelect Class"	"Adobe PDF Toolbar for Internet Explorer"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Windows Live ID Sign-in Helper"	"Microsoft® Windows Live ID Login Helper"	"Microsoft Corporation"	"c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"	""	""	""
+ "Adobe PDF"	"Adobe PDF Toolbar for Internet Explorer"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "OneNote Lin&ked Notes"	"Microsoft OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote"	"Microsoft OneNote Internet Explorer Add-in"	"Microsoft Corporation"	"c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send by Bluetooth to"	"Bluetooth IE PlugIn"	"Atheros Commnucations"	"c:\program files (x86)\bluetooth suite\ieplugin.dll"
"Task Scheduler"	""	""	""
+ "\AdobeAAMUpdater-1.0-Roze-PC-Roze"	"Adobe Updater Startup Utility"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\ASUS\ASUS AI Suite II Execute"	"ASUS Routine Controller"	"ASUSTeK Computer Inc."	"c:\program files (x86)\asus\ai suite ii\asroutinecontroller.exe"
+ "\ASUS\ASUS DigiVRM Help"	"Digi+VRM Help"	"ASUSTeK Computer Inc."	"c:\program files (x86)\asus\ai suite ii\digi+ vrm\vrmhelp.exe"
+ "\ASUS\ASUS Mobilink Execute"	"ASUS Mobilink"	"ASUSTeK Computer Inc."	"c:\program files (x86)\asus\ai suite ii\asus mobilink\asus mobilink.exe"
+ "\CCleanerSkipUAC"	"CCleaner"	"Piriform Ltd"	"c:\program files\ccleaner\ccleaner.exe"
+ "\KMS"	""	""	"c:\windows\setup\office.bat"
+ "\Microsoft\Windows Defender\MP Scheduled Scan"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"	""	""	"c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\TabletPC\InputPersonalization"	""	""	"File not found: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"	"Windows Media Player Network Sharing Service Configuration Application"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnscfg.exe"
+ "\{0EC7E48D-1F0D-4013-9B5A-4BAC032E6600}"	""	""	"File not found: D:\steambackup.exe"
+ "\{1BD2CBC8-F925-466D-BB30-84656EE3A487}"	""	""	"File not found: C:\Users\Roze\Desktop\keygen.exe"
+ "\{26786D50-55C7-49B3-92F4-2ECB2E36EBD3}"	""	""	"File not found: C:\Users\Roze\Desktop\Tythus\Zero-K.exe"
+ "\{2BDE0B9F-A6D9-4974-A111-8AC8F8D473C4}"	""	""	"File not found: C:\Users\Roze\Desktop\keygen.exe"
+ "\{35B20CED-4757-4D45-9E1C-C48A9ADA457E}"	""	""	"File not found: C:\Users\Roze\Desktop\keygen.exe"
+ "\{3615FAAB-C7EA-4353-8C24-F6D390AC43AD}"	""	""	"File not found: C:\Users\Roze\Desktop\Tythus\Zero-K.exe"
+ "\{469ABB33-C356-48B5-970C-23D11A66E10B}"	""	""	"File not found: C:\Users\Roze\Desktop\Tythus\Zero-K.exe"
+ "\{630717F6-8089-482F-8107-AFCF4DC39738}"	""	""	"c:\program files (x86)\saints row 2\sr2_pc.exe"
+ "\{63FD26E4-4359-40AD-9BF9-601A416A39BA}"	""	""	"File not found: D:\steambackup.exe"
+ "\{6B7E1747-2B5A-419A-B37A-A18C74E84499}"	""	""	"File not found: C:\Users\Roze\Desktop\keygen.exe"
+ "\{95625546-EFB0-43AC-ACD4-CDCD9BCFF9B5}"	"Skype "	"Skype Technologies S.A."	"c:\program files (x86)\skype\phone\skype.exe"
+ "\{A37E4572-654B-4310-9689-2EF5FDEF853C}"	""	""	"File not found: D:\steambackup.exe"
+ "\{CB2EDA1B-D677-41FE-97CB-8EDD37F2C98B}"	""	""	"File not found: C:\Users\Roze\Desktop\keygen.exe"
+ "\{DA167317-33F1-4D8B-BCA7-38DAC828D5B6}"	""	""	"File not found: C:\Users\Roze\Desktop\Tythus\Zero-K.exe"
+ "\{F3A5676B-3FF8-4269-9352-9F15288A33E5}"	""	""	"File not found: C:\Users\Roze\Desktop\Tythus\Zero-K.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "AMD External Events Utility"	"AMD External Events Service Module"	"AMD"	"c:\windows\system32\atiesrxx.exe"
+ "Apple Mobile Device"	"Provides the interface to Apple mobile devices."	"Apple Inc."	"c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "asComSvc"	""	""	"c:\program files (x86)\asus\axsp\1.00.13\atkexcomsvc.exe"
+ "asHmComSvc"	""	""	"c:\program files (x86)\asus\aahm\1.00.13\aahmsvc.exe"
+ "aspnet_state"	"Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start."	""	"File not found: C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
+ "AsSysCtrlService"	""	""	"c:\program files (x86)\asus\assysctrlservice\1.00.11\assysctrlservice.exe"
+ "AtherosSvc"	"Atheros BT Stack Service Agent"	"Atheros Commnucations"	"c:\program files (x86)\bluetooth suite\adminservice.exe"
+ "cmdAgent"	"COMODO Internet Security Helper Service"	"COMODO"	"c:\program files\comodo\comodo internet security\cmdagent.exe"
+ "Desura Install Service"	"Desura"	"Desura Pty Ltd"	"c:\program files (x86)\common files\desura\desura_service.exe"
+ "DTSAudioService"	"DTS Audio Service"	"DTS"	"c:\program files\realtek\audio\hda\dtsaudioservice64.exe"
+ "IAStorDataMgrSvc"	"Provides storage event notification and manages communication between the storage driver and user space applications."	"Intel Corporation"	"c:\program files (x86)\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe"
+ "MBAMScheduler"	"Malwarebytes Anti-Malware scheduler"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"	"Malwarebytes Anti-Malware service"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance"	"The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."	"Mozilla Foundation"	"c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose64"	"Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc"	"Office Software Protection Platform Service (unlocalized description)"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "PnkBstrA"	"PunkBuster Service Component [v1036] http://www.evenbalance.com"	""	"c:\windows\syswow64\pnkbstra.exe"
+ "Skype C2C Service"	"Skype Click to Call Update Service"	"Skype Technologies S.A."	"c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate"	"Enables the detection, download and installation of updates for Skype."	"Skype Technologies"	"c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service"	"Steam Client Service monitors and updates Steam content"	"Valve Corporation"	"c:\program files (x86)\common files\steam\steamservice.exe"
+ "SwitchBoard"	"SwitchBoard Server (32 bit)"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "TabletServicePen"	"Tablet Service for consumer driver"	"Wacom Technology, Corp."	"c:\program files\tablet\pen\pen_tablet.exe"
+ "TeamViewer7"	"TeamViewer Remote Software"	"TeamViewer GmbH"	"c:\program files (x86)\teamviewer\version7\teamviewer_service.exe"
+ "TouchServicePen"	"Touch Service"	"Wacom Technology, Corp."	"c:\program files\tablet\pen\pen_touchservice.exe"
+ "WinDefend"	"Protection against spyware and potentially unwanted software"	"Microsoft Corporation"	"c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"	"Enables Windows Live ID authentication."	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"	"Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "adp94xx"	"Adaptec Windows SAS/SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"	"Adaptec Windows SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"	"Adaptec StorPort Ultra320 SCSI Driver (X64)"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpu320.sys"
+ "aliide"	"ALi mini IDE Driver"	"Acer Laboratories Inc."	"c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag"	"ATI Radeon Kernel Mode Driver"	"Advanced Micro Devices, Inc."	"c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap"	"AMD multi-vendor Miniport Driver"	"Advanced Micro Devices, Inc."	"c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata"	"AHCI 1.2 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"	"AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"	"AMD Technologies Inc."	"c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"	"Storage Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdxata.sys"
+ "arc"	"Adaptec RAID Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arc.sys"
+ "arcsas"	"Adaptec SAS RAID WS03 Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arcsas.sys"
+ "AsIO"	""	""	"c:\windows\syswow64\drivers\asio.sys"
+ "ASPI"	""	""	"File not found: C:\Windows\System32\DRIVERS\ASPI32.sys"
+ "AsUpIO"	""	""	"c:\windows\syswow64\drivers\asupio.sys"
+ "AthBTPort"	"Atheros FILTER driver"	"Atheros"	"c:\windows\system32\drivers\btath_flt.sys"
+ "ATHDFU"	"BulkUsb Driver"	"Windows (R) Win 7 DDK provider"	"c:\windows\system32\drivers\athdfu.sys"
+ "AtiHDAudioService"	"AMD High Definition Audio Function Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\atihdw76.sys"
+ "atksgt"	""	""	"c:\windows\system32\drivers\atksgt.sys"
+ "b06bdrv"	"Broadcom NetXtreme II GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"	"Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."	"Broadcom Corporation"	"c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"	"Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"	"Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"	"Brotehr Serial I/F Driver (WDM)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"	"Brother Serial driver (WDM version)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"	"Brother USB MDM Driver "	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"	"Brother USB Serial Driver"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbser.sys"
+ "BTATH_A2DP"	"Atheros A2DP driver"	"Atheros"	"c:\windows\system32\drivers\btath_a2dp.sys"
+ "BTATH_BUS"	"Atheros BUS driver"	"Atheros"	"c:\windows\system32\drivers\btath_bus.sys"
+ "BTATH_HCRP"	"Atheros HCRP driver"	"Atheros"	"c:\windows\system32\drivers\btath_hcrp.sys"
+ "BTATH_LWFLT"	"Atheros FILTER driver"	"Atheros"	"c:\windows\system32\drivers\btath_lwflt.sys"
+ "BTATH_RCP"	"Atheros AVRCP driver"	"Atheros"	"c:\windows\system32\drivers\btath_rcp.sys"
+ "BtFilter"	"BtFilter Driver"	"Atheros"	"c:\windows\system32\drivers\btfilter.sys"
+ "cmderd"	"COMODO Internet Security Eradication Driver"	"COMODO"	"c:\windows\system32\drivers\cmderd.sys"
+ "cmdGuard"	"COMODO Internet Security Sandbox Driver"	"COMODO"	"c:\windows\system32\drivers\cmdguard.sys"
+ "cmdHlp"	"COMODO Internet Security Helper Driver"	"COMODO"	"c:\windows\system32\drivers\cmdhlp.sys"
+ "cmdide"	"CMD PCI IDE Bus Driver"	"CMD Technology, Inc."	"c:\windows\system32\drivers\cmdide.sys"
+ "CorsairCAHS1"	"C-Media Audio WDM Driver"	"C-Media Electronics Inc"	"c:\windows\system32\drivers\cahs164.sys"
+ "cpuz135"	"CPUID Driver"	"CPUID"	"c:\program files (x86)\cpuid\pc wizard 2012\pcwiz_x64.sys"
+ "ebdrv"	"Broadcom NetXtreme II 10 GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\evbda.sys"
+ "elxstor"	"Storport Miniport Driver for LightPulse HBAs"	"Emulex"	"c:\windows\system32\drivers\elxstor.sys"
+ "EuMusDesignVirtualAudioCableWdm"	"Kernel-mode WDM driver"	"Eugene V. Muzychenko"	"c:\windows\system32\drivers\vrtaucbl.sys"
+ "GEARAspiWDM"	"CD DVD Filter"	"GEAR Software Inc."	"c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hamachi"	"Hamachi Virtual Network Interface Driver"	"LogMeIn, Inc."	"c:\windows\system32\drivers\hamachi.sys"
+ "hcw85cir"	"Hauppauge WinTV 885 Consumer IR Driver for eHome"	"Hauppauge Computer Works, Inc."	"c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"	"Smart Array SAS/SATA Controller Media Driver"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor"	"Intel Rapid Storage Technology driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"	"Intel Matrix Storage Manager driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastorv.sys"
+ "ICCWDT"	"Intel(R) Watchdog Timer Driver (Intel(R) WDT)"	"Intel Corporation"	"c:\windows\system32\drivers\iccwdt.sys"
+ "iirsp"	"Intel/ICP Raid Storport Driver"	"Intel Corp./ICP vortex GmbH"	"c:\windows\system32\drivers\iirsp.sys"
+ "inspect"	"COMODO Internet Security Firewall Driver"	"COMODO"	"c:\windows\system32\drivers\inspect.sys"
+ "IntcAzAudAddService"	"Realtek(r) High Definition Audio Function Driver"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtkvhd64.sys"
+ "KeyControl49"	"MIDI Driver by ESI"	"ESI"	"c:\windows\system32\drivers\esikey49.sys"
+ "LADF_BakerCOnly"	"BakerC Filter Driver"	"Logitech"	"c:\windows\system32\drivers\ladfbakercamd64.sys"
+ "LADF_BakerROnly"	"DPL2/EQ Filter Driver"	"Logitech"	"c:\windows\system32\drivers\ladfbakerramd64.sys"
+ "LGBusEnum"	"Logitech WingMan Virtual Bus Enumerator Driver"	"Logitech Inc."	"c:\windows\system32\drivers\lgbusenum.sys"
+ "LGPBTDD"	"LGPBTDD Driver"	"Logitech Inc."	"c:\windows\system32\drivers\lgpbtdd.sys"
+ "LGVirHid"	"Logitech GamePanel Virtual Hid Device Driver"	"Logitech Inc."	"c:\windows\system32\drivers\lgvirhid.sys"
+ "lirsgt"	""	""	"c:\windows\system32\drivers\lirsgt.sys"
+ "LSI_FC"	"LSI Fusion-MPT FC Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"	"LSI Fusion-MPT SAS Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"	"LSI SAS Gen2 Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"	"LSI Fusion-MPT SCSI Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\windows\system32\drivers\mbam.sys"
+ "megasas"	"MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"	"LSI Corporation"	"c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"	"LSI MegaRAID Software RAID Driver"	"LSI Corporation, Inc."	"c:\windows\system32\drivers\megasr.sys"
+ "MEIx64"	"Intel(R) Management Engine Interface"	"Intel Corporation"	"c:\windows\system32\drivers\hecix64.sys"
+ "mv91xx"	"Marvell magni Windows Driver"	"Marvell Semiconductor, Inc."	"c:\windows\system32\drivers\mv91xx.sys"
+ "nfrd960"	"IBM ServeRAID Controller Driver"	"IBM Corporation"	"c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub"	"USB 3.0 Hub Driver"	"Renesas Electronics Corporation"	"c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc"	"USB 3.0 Host Controller Driver"	"Renesas Electronics Corporation"	"c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid"	"NVIDIA® nForce(TM) RAID Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"	"NVIDIA® nForce(TM) Sata Performance Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"	"QLogic Fibre Channel Stor Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"	"QLogic iSCSI Storport Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167"	"Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "	"Realtek                                            "	"c:\windows\system32\drivers\rt64win7.sys"
+ "rzudd"	"Razer Rzudd Engine"	"Razer USA Ltd"	"c:\windows\system32\drivers\rzudd.sys"
+ "SCDEmu"	"PowerISO Virtual Drive"	"PowerISO Computing, Inc."	"c:\windows\system32\drivers\scdemu.sys"
+ "secdrv"	"Macrovision SECURITY Driver"	"Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."	"c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"	"SiS RAID Stor Miniport Driver"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"	"SiS AHCI Stor-Miniport Driver"	"Silicon Integrated Systems"	"c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"	"Promise  SuperTrak EX Series Driver for Windows "	"Promise Technology"	"c:\windows\system32\drivers\stexstor.sys"
+ "tap0901t"	"TAP-Win32 Virtual Network Driver"	"Tunngle.net"	"c:\windows\system32\drivers\tap0901t.sys"
+ "USBAAPL64"	"Apple Mobile Device USB Driver"	"Apple, Inc."	"c:\windows\system32\drivers\usbaapl64.sys"
+ "VBoxNetAdp"	"VirtualBox Host-Only Network Adapter Driver"	"Oracle Corporation"	"c:\windows\system32\drivers\vboxnetadp.sys"
+ "VBoxNetFlt"	""	""	"File not found: system32\DRIVERS\VBoxNetFlt.sys"
+ "viaide"	"VIA Generic PCI IDE Bus Driver"	"VIA Technologies, Inc."	"c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"	"VIA RAID DRIVER FOR AMD-X86-64"	"VIA Technologies Inc.,Ltd"	"c:\windows\system32\drivers\vsmraid.sys"
+ "wacmoumonitor"	"Wacom HID Mouse Monitor Filter Driver"	"Wacom Technology"	"c:\windows\system32\drivers\wacmoumonitor.sys"
+ "wacommousefilter"	"Wacom Mouse Filter Driver"	"Wacom Technology"	"c:\windows\system32\drivers\wacommousefilter.sys"
+ "wacomvhid"	"Virtual Hid Device"	"Wacom Technology"	"c:\windows\system32\drivers\wacomvhid.sys"
+ "WDC_SAM"	"Manages WD external storage products."	"Western Digital Technologies"	"c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codeca.acm"
+ "VIDC.FPS1"	"Fraps"	"Beepa P/L"	"c:\windows\system32\frapsv64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"	"Cinepak® Codec"	"Radius Inc."	"c:\windows\syswow64\iccvid.dll"
+ "VIDC.FPS1"	"Fraps"	"Beepa P/L"	"c:\windows\syswow64\frapsvid.dll"
+ "vidc.VP60"	"VP6 VIDEO FOR WINDOWS CODEC "	"On2.com"	"c:\windows\syswow64\vp6vfw.dll"
+ "vidc.VP61"	"VP6 VIDEO FOR WINDOWS CODEC "	"On2.com"	"c:\windows\syswow64\vp6vfw.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "AMD MJPEG Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "AMD MJPEG Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "DivX for Blizzard Decoder Filter"	"DivX (TM) Decoder Filter"	"DivXNetworks, Inc."	"\\roze-pc\warcraft iii\blizzard.ax"
+ "MMACE Deinterlace"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"	""	""	""
+ " C:\Windows\system32\guard64.dll"	"COMODO Internet Security"	"COMODO"	"c:\windows\system32\guard64.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"	""	""	""
+ "C:\Windows\SysWOW64\guard32.dll"	"COMODO Internet Security"	"COMODO"	"c:\windows\syswow64\guard32.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"	""	""	""
+ "WLIDCredentialProvider"	"Microsoft® Windows Live ID Credential Provider"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"	""	""	""
+ "mdnsNSP"	"Bonjour Namespace Provider"	"Apple Inc."	"c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corporation"	"c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corporation"	"c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"	""	""	""
+ "mdnsNSP"	"Bonjour Namespace Provider"	"Apple Inc."	"c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"	""	""	""
+ "Adobe PDF Port Monitor"	"Adobe PDF Port  Monitor DLL"	"Adobe Systems Inc"	"c:\windows\system32\adobepdf.dll"


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:22 PM

Posted 26 September 2012 - 07:05 PM

Download

Rogue killer

right click on it and select run as administrator

Now,click on SCAN After scan finishes click on DELETE

Log is not required

Now run RKILL given in previous instructions and post the new log

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Run Farbar service scanner again and post the new log

#9 TheRoze

TheRoze
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:22 AM

Posted 26 September 2012 - 07:16 PM

I'm unable to run RogueKiller due to it claiming I don't have appropriate permission to run as Administrator. If I don't run it as Admin the file deletes itself.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:22 PM

Posted 26 September 2012 - 07:25 PM

Run it from safemode




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users