Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random ads are playing in the background - need help!


  • Please log in to reply
9 replies to this topic

#1 jkara

jkara

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 27 September 2012 - 10:45 AM

When I start up the PC, these random audio ads start playing in the background. No windows are open and I can't see anything running in task manager. They go for a while and then stop, then repeat. Not sure if this is what is causing the audio ads, but after running virus scan and Malwarebytes, I still get notice that "Operating Memory - win32/olmark.TDL4 trojan - unable to clean. Can you help with these issues?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:11 AM

Posted 27 September 2012 - 10:48 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jkara

jkara
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 27 September 2012 - 01:15 PM

Thanks for your help. Here are the three logs:

11:56:55.0597 4116 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
11:56:55.0937 4116 ============================================================
11:56:55.0937 4116 Current date / time: 2012/09/27 11:56:55.0937
11:56:55.0937 4116 SystemInfo:
11:56:55.0937 4116
11:56:55.0937 4116 OS Version: 6.1.7601 ServicePack: 1.0
11:56:55.0937 4116 Product type: Workstation
11:56:55.0937 4116 ComputerName: JKARA-PC
11:56:55.0937 4116 UserName: jkara
11:56:55.0937 4116 Windows directory: C:\Windows
11:56:55.0937 4116 System windows directory: C:\Windows
11:56:55.0937 4116 Running under WOW64
11:56:55.0937 4116 Processor architecture: Intel x64
11:56:55.0937 4116 Number of processors: 4
11:56:55.0937 4116 Page size: 0x1000
11:56:55.0937 4116 Boot type: Normal boot
11:56:55.0937 4116 ============================================================
11:56:56.0537 4116 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:56:56.0547 4116 ============================================================
11:56:56.0547 4116 \Device\Harddisk0\DR0:
11:56:56.0547 4116 MBR partitions:
11:56:56.0547 4116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A7F000
11:56:56.0547 4116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A93000, BlocksNum 0x72C73000
11:56:56.0547 4116 ============================================================
11:56:56.0557 4116 C: <-> \Device\Harddisk0\DR0\Partition2
11:56:56.0557 4116 ============================================================
11:56:56.0557 4116 Initialize success
11:56:56.0557 4116 ============================================================
11:57:23.0557 7004 ============================================================
11:57:23.0557 7004 Scan started
11:57:23.0557 7004 Mode: Manual; TDLFS;
11:57:23.0557 7004 ============================================================
11:57:28.0928 7004 ================ Scan system memory ========================
11:57:28.0928 7004 System memory - ok
11:57:28.0928 7004 ================ Scan services =============================
11:57:29.0108 7004 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:57:29.0108 7004 1394ohci - ok
11:57:29.0118 7004 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:57:29.0128 7004 ACPI - ok
11:57:29.0128 7004 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:57:29.0138 7004 AcpiPmi - ok
11:57:29.0208 7004 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:57:29.0208 7004 AdobeARMservice - ok
11:57:29.0308 7004 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:57:29.0308 7004 AdobeFlashPlayerUpdateSvc - ok
11:57:29.0368 7004 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:57:29.0378 7004 adp94xx - ok
11:57:29.0388 7004 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:57:29.0398 7004 adpahci - ok
11:57:29.0398 7004 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:57:29.0408 7004 adpu320 - ok
11:57:29.0428 7004 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:57:29.0428 7004 AeLookupSvc - ok
11:57:29.0478 7004 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:57:29.0478 7004 AERTFilters - ok
11:57:29.0538 7004 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:57:29.0558 7004 AFD - ok
11:57:29.0568 7004 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:57:29.0568 7004 agp440 - ok
11:57:29.0578 7004 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:57:29.0588 7004 ALG - ok
11:57:29.0598 7004 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:57:29.0598 7004 aliide - ok
11:57:29.0618 7004 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:57:29.0618 7004 amdide - ok
11:57:29.0628 7004 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:57:29.0628 7004 AmdK8 - ok
11:57:29.0638 7004 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:57:29.0638 7004 AmdPPM - ok
11:57:29.0658 7004 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:57:29.0658 7004 amdsata - ok
11:57:29.0668 7004 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:57:29.0668 7004 amdsbs - ok
11:57:29.0678 7004 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:57:29.0678 7004 amdxata - ok
11:57:29.0708 7004 [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
11:57:29.0718 7004 AMPPAL - ok
11:57:29.0718 7004 [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
11:57:29.0728 7004 AMPPALP - ok
11:57:29.0758 7004 [ 83A0E7BA4AE616D3654E700D9C5FF9DB ] AMPPALR3 c:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:57:29.0778 7004 AMPPALR3 - ok
11:57:29.0788 7004 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:57:29.0788 7004 AppID - ok
11:57:29.0808 7004 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:57:29.0808 7004 AppIDSvc - ok
11:57:29.0818 7004 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:57:29.0818 7004 Appinfo - ok
11:57:29.0878 7004 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:57:29.0878 7004 Apple Mobile Device - ok
11:57:29.0888 7004 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:57:29.0888 7004 arc - ok
11:57:29.0908 7004 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:57:29.0908 7004 arcsas - ok
11:57:29.0978 7004 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:57:29.0978 7004 aspnet_state - ok
11:57:29.0988 7004 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:57:29.0988 7004 AsyncMac - ok
11:57:30.0018 7004 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:57:30.0018 7004 atapi - ok
11:57:30.0038 7004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:57:30.0048 7004 AudioEndpointBuilder - ok
11:57:30.0058 7004 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:57:30.0068 7004 AudioSrv - ok
11:57:30.0088 7004 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:57:30.0088 7004 AxInstSV - ok
11:57:30.0108 7004 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:57:30.0108 7004 b06bdrv - ok
11:57:30.0118 7004 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:57:30.0118 7004 b57nd60a - ok
11:57:30.0208 7004 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
11:57:30.0208 7004 BBSvc - ok
11:57:30.0228 7004 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
11:57:30.0228 7004 BBUpdate - ok
11:57:30.0238 7004 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:57:30.0238 7004 BDESVC - ok
11:57:30.0258 7004 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:57:30.0258 7004 Beep - ok
11:57:30.0288 7004 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:57:30.0288 7004 BFE - ok
11:57:30.0318 7004 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:57:30.0328 7004 BITS - ok
11:57:30.0338 7004 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:57:30.0338 7004 blbdrive - ok
11:57:30.0388 7004 [ 55B0C8441DE7D91A819A39D0351154A2 ] Bluetooth Device Monitor c:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:57:30.0398 7004 Bluetooth Device Monitor - ok
11:57:30.0418 7004 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] Bluetooth Media Service c:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:57:30.0428 7004 Bluetooth Media Service - ok
11:57:30.0448 7004 [ 8BF4B9956E13871A88A3810074E2E110 ] Bluetooth OBEX Service c:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:57:30.0458 7004 Bluetooth OBEX Service - ok
11:57:30.0478 7004 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:57:30.0488 7004 Bonjour Service - ok
11:57:30.0518 7004 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:57:30.0518 7004 bowser - ok
11:57:30.0528 7004 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:57:30.0528 7004 BrFiltLo - ok
11:57:30.0538 7004 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:57:30.0538 7004 BrFiltUp - ok
11:57:30.0558 7004 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:57:30.0558 7004 BridgeMP - ok
11:57:30.0588 7004 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:57:30.0588 7004 Browser - ok
11:57:30.0618 7004 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:57:30.0618 7004 Brserid - ok
11:57:30.0628 7004 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:57:30.0628 7004 BrSerWdm - ok
11:57:30.0638 7004 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:57:30.0638 7004 BrUsbMdm - ok
11:57:30.0648 7004 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:57:30.0648 7004 BrUsbSer - ok
11:57:30.0678 7004 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:57:30.0678 7004 BthEnum - ok
11:57:30.0688 7004 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:57:30.0698 7004 BTHMODEM - ok
11:57:30.0708 7004 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:57:30.0718 7004 BthPan - ok
11:57:30.0748 7004 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:57:30.0748 7004 BTHPORT - ok
11:57:30.0788 7004 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:57:30.0788 7004 bthserv - ok
11:57:30.0808 7004 [ A5B3E8B2B78C7B3DA56A0DE490E6718C ] BTHSSecurityMgr c:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:57:30.0808 7004 BTHSSecurityMgr - ok
11:57:30.0818 7004 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:57:30.0818 7004 BTHUSB - ok
11:57:30.0848 7004 [ 270FBA230E78E25726D065A924589A72 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
11:57:30.0848 7004 btmaux - ok
11:57:30.0858 7004 [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
11:57:30.0868 7004 btmhsf - ok
11:57:30.0868 7004 catchme - ok
11:57:30.0878 7004 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:57:30.0878 7004 cdfs - ok
11:57:30.0898 7004 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:57:30.0898 7004 cdrom - ok
11:57:30.0918 7004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:57:30.0918 7004 CertPropSvc - ok
11:57:30.0938 7004 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:57:30.0938 7004 circlass - ok
11:57:30.0948 7004 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:57:30.0958 7004 CLFS - ok
11:57:31.0008 7004 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:57:31.0008 7004 clr_optimization_v2.0.50727_32 - ok
11:57:31.0038 7004 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:57:31.0038 7004 clr_optimization_v2.0.50727_64 - ok
11:57:31.0068 7004 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:57:31.0068 7004 clr_optimization_v4.0.30319_32 - ok
11:57:31.0088 7004 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:57:31.0088 7004 clr_optimization_v4.0.30319_64 - ok
11:57:31.0098 7004 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:57:31.0098 7004 CmBatt - ok
11:57:31.0118 7004 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:57:31.0118 7004 cmdide - ok
11:57:31.0148 7004 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:57:31.0148 7004 CNG - ok
11:57:31.0178 7004 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:57:31.0178 7004 Compbatt - ok
11:57:31.0188 7004 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:57:31.0188 7004 CompositeBus - ok
11:57:31.0218 7004 COMSysApp - ok
11:57:31.0228 7004 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:57:31.0228 7004 crcdisk - ok
11:57:31.0268 7004 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:57:31.0268 7004 CryptSvc - ok
11:57:31.0288 7004 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
11:57:31.0288 7004 CtClsFlt - ok
11:57:31.0318 7004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:57:31.0318 7004 DcomLaunch - ok
11:57:31.0348 7004 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:57:31.0348 7004 defragsvc - ok
11:57:31.0368 7004 [ BC37CF3B9154AFA6A269CA6FB1931C0F ] Dell WMI Service C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
11:57:31.0368 7004 Dell WMI Service - ok
11:57:31.0378 7004 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:57:31.0378 7004 DfsC - ok
11:57:31.0408 7004 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:57:31.0408 7004 Dhcp - ok
11:57:31.0418 7004 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:57:31.0428 7004 discache - ok
11:57:31.0438 7004 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:57:31.0438 7004 Disk - ok
11:57:31.0468 7004 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:57:31.0468 7004 Dnscache - ok
11:57:31.0488 7004 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:57:31.0488 7004 dot3svc - ok
11:57:31.0508 7004 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:57:31.0508 7004 DPS - ok
11:57:31.0538 7004 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:57:31.0538 7004 drmkaud - ok
11:57:31.0558 7004 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:57:31.0568 7004 DXGKrnl - ok
11:57:31.0588 7004 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
11:57:31.0588 7004 eamonm - ok
11:57:31.0598 7004 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:57:31.0608 7004 EapHost - ok
11:57:31.0938 7004 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:57:32.0008 7004 ebdrv - ok
11:57:32.0028 7004 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:57:32.0028 7004 EFS - ok
11:57:32.0048 7004 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
11:57:32.0048 7004 ehdrv - ok
11:57:32.0088 7004 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:57:32.0098 7004 ehRecvr - ok
11:57:32.0108 7004 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:57:32.0118 7004 ehSched - ok
11:57:32.0198 7004 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
11:57:32.0208 7004 ekrn - ok
11:57:32.0228 7004 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:57:32.0238 7004 elxstor - ok
11:57:32.0258 7004 [ 587F0F4145A1536A6E37EFD769B7665F ] epfw C:\Windows\system32\DRIVERS\epfw.sys
11:57:32.0258 7004 epfw - ok
11:57:32.0288 7004 [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
11:57:32.0288 7004 EpfwLWF - ok
11:57:32.0308 7004 [ 34BF55D69AB74D14C7E7A17259CB7DF8 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
11:57:32.0318 7004 epfwwfp - ok
11:57:32.0318 7004 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:57:32.0328 7004 ErrDev - ok
11:57:32.0348 7004 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:57:32.0358 7004 EventSystem - ok
11:57:32.0419 7004 [ 54FC81B0162478A72A93DBBEAFB35671 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:57:32.0449 7004 EvtEng - ok
11:57:32.0459 7004 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:57:32.0459 7004 exfat - ok
11:57:32.0489 7004 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys
11:57:32.0489 7004 FACAP - ok
11:57:32.0569 7004 [ A363FF99DC160B7844A1C1E0D6CEBBE3 ] FAService C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
11:57:32.0579 7004 FAService - ok
11:57:32.0609 7004 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:57:32.0609 7004 fastfat - ok
11:57:32.0639 7004 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:57:32.0639 7004 Fax - ok
11:57:32.0649 7004 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:57:32.0659 7004 fdc - ok
11:57:32.0659 7004 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:57:32.0659 7004 fdPHost - ok
11:57:32.0669 7004 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:57:32.0669 7004 FDResPub - ok
11:57:32.0679 7004 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:57:32.0679 7004 FileInfo - ok
11:57:32.0689 7004 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:57:32.0689 7004 Filetrace - ok
11:57:32.0709 7004 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:57:32.0709 7004 flpydisk - ok
11:57:32.0729 7004 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:57:32.0739 7004 FltMgr - ok
11:57:32.0769 7004 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:57:32.0789 7004 FontCache - ok
11:57:32.0829 7004 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:57:32.0829 7004 FontCache3.0.0.0 - ok
11:57:32.0839 7004 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:57:32.0839 7004 FsDepends - ok
11:57:32.0869 7004 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:57:32.0869 7004 Fs_Rec - ok
11:57:32.0879 7004 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:57:32.0889 7004 fvevol - ok
11:57:32.0899 7004 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:57:32.0909 7004 gagp30kx - ok
11:57:32.0929 7004 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:57:32.0939 7004 GEARAspiWDM - ok
11:57:32.0949 7004 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:57:32.0959 7004 gpsvc - ok
11:57:32.0999 7004 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:57:32.0999 7004 gupdate - ok
11:57:33.0009 7004 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:57:33.0009 7004 gupdatem - ok
11:57:33.0039 7004 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:57:33.0039 7004 gusvc - ok
11:57:33.0049 7004 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:57:33.0049 7004 hcw85cir - ok
11:57:33.0079 7004 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:57:33.0089 7004 HDAudBus - ok
11:57:33.0099 7004 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:57:33.0099 7004 HidBatt - ok
11:57:33.0119 7004 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:57:33.0119 7004 HidBth - ok
11:57:33.0129 7004 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:57:33.0129 7004 HidIr - ok
11:57:33.0149 7004 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:57:33.0149 7004 hidserv - ok
11:57:33.0169 7004 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:57:33.0169 7004 HidUsb - ok
11:57:33.0189 7004 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:57:33.0189 7004 hkmsvc - ok
11:57:33.0209 7004 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:57:33.0209 7004 HomeGroupListener - ok
11:57:33.0229 7004 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:57:33.0239 7004 HomeGroupProvider - ok
11:57:33.0249 7004 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:57:33.0249 7004 HpSAMD - ok
11:57:33.0299 7004 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:57:33.0309 7004 HTTP - ok
11:57:33.0319 7004 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:57:33.0319 7004 hwpolicy - ok
11:57:33.0329 7004 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:57:33.0339 7004 i8042prt - ok
11:57:33.0369 7004 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:57:33.0369 7004 iaStor - ok
11:57:33.0389 7004 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:57:33.0389 7004 iaStorV - ok
11:57:33.0399 7004 [ DE9E40BAEE2E48FD1E3EB423074C014C ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:57:33.0409 7004 iBtFltCoex - ok
11:57:33.0449 7004 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:57:33.0459 7004 idsvc - ok
11:57:34.0109 7004 [ 58E04D9412F8668863A391232035CBE8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:57:34.0329 7004 igfx - ok
11:57:34.0359 7004 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:57:34.0359 7004 iirsp - ok
11:57:34.0390 7004 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:57:34.0400 7004 IKEEXT - ok
11:57:34.0420 7004 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
11:57:34.0420 7004 Impcd - ok
11:57:34.0460 7004 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:57:34.0460 7004 intaud_WaveExtensible - ok
11:57:34.0510 7004 [ 230836EEFCE6D6DE9947384FC5B3FAC0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:57:34.0550 7004 IntcAzAudAddService - ok
11:57:34.0570 7004 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:57:34.0570 7004 intelide - ok
11:57:34.0590 7004 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:57:34.0590 7004 intelppm - ok
11:57:34.0600 7004 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:57:34.0600 7004 IPBusEnum - ok
11:57:34.0620 7004 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:57:34.0620 7004 IpFilterDriver - ok
11:57:34.0640 7004 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:57:34.0640 7004 iphlpsvc - ok
11:57:34.0660 7004 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:57:34.0660 7004 IPMIDRV - ok
11:57:34.0670 7004 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:57:34.0670 7004 IPNAT - ok
11:57:34.0720 7004 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:57:34.0730 7004 iPod Service - ok
11:57:34.0740 7004 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:57:34.0740 7004 IRENUM - ok
11:57:34.0760 7004 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:57:34.0760 7004 isapnp - ok
11:57:34.0780 7004 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:57:34.0780 7004 iScsiPrt - ok
11:57:34.0800 7004 [ 8D990A44B4F2B68E2C56A3724EC3EB84 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
11:57:34.0800 7004 itecir - ok
11:57:34.0810 7004 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
11:57:34.0810 7004 iwdbus - ok
11:57:34.0830 7004 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:57:34.0840 7004 kbdclass - ok
11:57:34.0850 7004 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:57:34.0860 7004 kbdhid - ok
11:57:34.0870 7004 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:57:34.0870 7004 KeyIso - ok
11:57:34.0890 7004 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:57:34.0890 7004 KSecDD - ok
11:57:34.0900 7004 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:57:34.0900 7004 KSecPkg - ok
11:57:34.0920 7004 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:57:34.0920 7004 ksthunk - ok
11:57:34.0940 7004 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:57:34.0940 7004 KtmRm - ok
11:57:34.0970 7004 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:57:34.0980 7004 LanmanServer - ok
11:57:34.0990 7004 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:57:34.0990 7004 LanmanWorkstation - ok
11:57:35.0010 7004 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:57:35.0010 7004 lltdio - ok
11:57:35.0030 7004 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:57:35.0030 7004 lltdsvc - ok
11:57:35.0040 7004 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:57:35.0040 7004 lmhosts - ok
11:57:35.0060 7004 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:57:35.0060 7004 LMS - ok
11:57:35.0090 7004 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:57:35.0090 7004 LSI_FC - ok
11:57:35.0100 7004 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:57:35.0100 7004 LSI_SAS - ok
11:57:35.0110 7004 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:57:35.0110 7004 LSI_SAS2 - ok
11:57:35.0130 7004 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:57:35.0130 7004 LSI_SCSI - ok
11:57:35.0130 7004 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:57:35.0140 7004 luafv - ok
11:57:35.0160 7004 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:57:35.0160 7004 Mcx2Svc - ok
11:57:35.0170 7004 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:57:35.0170 7004 megasas - ok
11:57:35.0190 7004 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:57:35.0190 7004 MegaSR - ok
11:57:35.0220 7004 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:57:35.0220 7004 MEIx64 - ok
11:57:35.0230 7004 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:57:35.0230 7004 MMCSS - ok
11:57:35.0240 7004 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:57:35.0250 7004 Modem - ok
11:57:35.0250 7004 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:57:35.0260 7004 monitor - ok
11:57:35.0270 7004 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:57:35.0270 7004 mouclass - ok
11:57:35.0280 7004 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:57:35.0280 7004 mouhid - ok
11:57:35.0290 7004 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:57:35.0300 7004 mountmgr - ok
11:57:35.0310 7004 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:57:35.0310 7004 mpio - ok
11:57:35.0320 7004 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:57:35.0320 7004 mpsdrv - ok
11:57:35.0350 7004 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:57:35.0360 7004 MpsSvc - ok
11:57:35.0370 7004 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:57:35.0370 7004 MRxDAV - ok
11:57:35.0390 7004 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:57:35.0400 7004 mrxsmb - ok
11:57:35.0410 7004 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:57:35.0410 7004 mrxsmb10 - ok
11:57:35.0430 7004 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:57:35.0430 7004 mrxsmb20 - ok
11:57:35.0440 7004 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:57:35.0440 7004 msahci - ok
11:57:35.0450 7004 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:57:35.0450 7004 msdsm - ok
11:57:35.0470 7004 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:57:35.0470 7004 MSDTC - ok
11:57:35.0480 7004 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:57:35.0490 7004 Msfs - ok
11:57:35.0500 7004 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:57:35.0500 7004 mshidkmdf - ok
11:57:35.0510 7004 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:57:35.0510 7004 msisadrv - ok
11:57:35.0530 7004 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:57:35.0530 7004 MSiSCSI - ok
11:57:35.0530 7004 msiserver - ok
11:57:35.0540 7004 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:57:35.0540 7004 MSKSSRV - ok
11:57:35.0550 7004 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:57:35.0550 7004 MSPCLOCK - ok
11:57:35.0570 7004 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:57:35.0570 7004 MSPQM - ok
11:57:35.0590 7004 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:57:35.0590 7004 MsRPC - ok
11:57:35.0610 7004 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:57:35.0610 7004 mssmbios - ok
11:57:35.0620 7004 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:57:35.0620 7004 MSTEE - ok
11:57:35.0630 7004 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:57:35.0630 7004 MTConfig - ok
11:57:35.0640 7004 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:57:35.0640 7004 Mup - ok
11:57:35.0670 7004 [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:57:35.0670 7004 MyWiFiDHCPDNS - ok
11:57:35.0700 7004 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:57:35.0700 7004 napagent - ok
11:57:35.0730 7004 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:57:35.0740 7004 NativeWifiP - ok
11:57:35.0810 7004 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
11:57:35.0820 7004 NAUpdate - ok
11:57:35.0860 7004 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:57:35.0870 7004 NDIS - ok
11:57:35.0880 7004 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:57:35.0880 7004 NdisCap - ok
11:57:35.0890 7004 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:57:35.0890 7004 NdisTapi - ok
11:57:35.0900 7004 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:57:35.0900 7004 Ndisuio - ok
11:57:35.0920 7004 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:57:35.0920 7004 NdisWan - ok
11:57:35.0930 7004 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:57:35.0930 7004 NDProxy - ok
11:57:35.0940 7004 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:57:35.0940 7004 NetBIOS - ok
11:57:35.0950 7004 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:57:35.0950 7004 NetBT - ok
11:57:35.0960 7004 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:57:35.0960 7004 Netlogon - ok
11:57:35.0990 7004 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:57:35.0990 7004 Netman - ok
11:57:36.0020 7004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:57:36.0020 7004 NetMsmqActivator - ok
11:57:36.0020 7004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:57:36.0020 7004 NetPipeActivator - ok
11:57:36.0040 7004 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:57:36.0050 7004 netprofm - ok
11:57:36.0050 7004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:57:36.0050 7004 NetTcpActivator - ok
11:57:36.0060 7004 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:57:36.0060 7004 NetTcpPortSharing - ok
11:57:36.0210 7004 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
11:57:36.0330 7004 NETwNs64 - ok
11:57:36.0360 7004 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:57:36.0360 7004 nfrd960 - ok
11:57:36.0390 7004 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:57:36.0390 7004 NlaSvc - ok
11:57:36.0400 7004 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:57:36.0410 7004 Npfs - ok
11:57:36.0420 7004 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:57:36.0420 7004 nsi - ok
11:57:36.0430 7004 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:57:36.0430 7004 nsiproxy - ok
11:57:36.0480 7004 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:57:36.0500 7004 Ntfs - ok
11:57:36.0510 7004 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:57:36.0510 7004 Null - ok
11:57:36.0530 7004 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:57:36.0530 7004 nvraid - ok
11:57:36.0540 7004 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:57:36.0540 7004 nvstor - ok
11:57:36.0550 7004 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:57:36.0550 7004 nv_agp - ok
11:57:36.0630 7004 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:57:36.0640 7004 odserv - ok
11:57:36.0690 7004 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:57:36.0690 7004 ohci1394 - ok
11:57:36.0720 7004 [ FBE1D971EB64ABF4CE37B519307C94F1 ] OSDSvc C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
11:57:36.0720 7004 OSDSvc - ok
11:57:36.0740 7004 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:57:36.0740 7004 ose - ok
11:57:36.0760 7004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:57:36.0770 7004 p2pimsvc - ok
11:57:36.0780 7004 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:57:36.0790 7004 p2psvc - ok
11:57:36.0800 7004 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:57:36.0800 7004 Parport - ok
11:57:36.0830 7004 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:57:36.0830 7004 partmgr - ok
11:57:36.0840 7004 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:57:36.0850 7004 PcaSvc - ok
11:57:36.0870 7004 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:57:36.0870 7004 pci - ok
11:57:36.0880 7004 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:57:36.0880 7004 pciide - ok
11:57:36.0890 7004 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:57:36.0900 7004 pcmcia - ok
11:57:36.0910 7004 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:57:36.0910 7004 pcw - ok
11:57:36.0930 7004 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:57:36.0940 7004 PEAUTH - ok
11:57:36.0980 7004 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:57:36.0990 7004 PerfHost - ok
11:57:37.0020 7004 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:57:37.0040 7004 pla - ok
11:57:37.0080 7004 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:57:37.0080 7004 PlugPlay - ok
11:57:37.0140 7004 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
11:57:37.0140 7004 PMBDeviceInfoProvider - ok
11:57:37.0160 7004 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:57:37.0160 7004 PNRPAutoReg - ok
11:57:37.0170 7004 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:57:37.0170 7004 PNRPsvc - ok
11:57:37.0190 7004 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:57:37.0190 7004 PolicyAgent - ok
11:57:37.0210 7004 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:57:37.0220 7004 Power - ok
11:57:37.0230 7004 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:57:37.0240 7004 PptpMiniport - ok
11:57:37.0250 7004 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:57:37.0250 7004 Processor - ok
11:57:37.0270 7004 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:57:37.0270 7004 ProfSvc - ok
11:57:37.0280 7004 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:57:37.0280 7004 ProtectedStorage - ok
11:57:37.0280 7004 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:57:37.0290 7004 Psched - ok
11:57:37.0310 7004 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:57:37.0310 7004 PxHlpa64 - ok
11:57:37.0360 7004 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:57:37.0380 7004 ql2300 - ok
11:57:37.0390 7004 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:57:37.0390 7004 ql40xx - ok
11:57:37.0410 7004 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:57:37.0410 7004 QWAVE - ok
11:57:37.0430 7004 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:57:37.0430 7004 QWAVEdrv - ok
11:57:37.0440 7004 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:57:37.0440 7004 RasAcd - ok
11:57:37.0460 7004 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:57:37.0460 7004 RasAgileVpn - ok
11:57:37.0470 7004 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:57:37.0470 7004 RasAuto - ok
11:57:37.0490 7004 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:57:37.0490 7004 Rasl2tp - ok
11:57:37.0520 7004 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:57:37.0520 7004 RasMan - ok
11:57:37.0530 7004 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:57:37.0530 7004 RasPppoe - ok
11:57:37.0540 7004 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:57:37.0540 7004 RasSstp - ok
11:57:37.0560 7004 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:57:37.0560 7004 rdbss - ok
11:57:37.0570 7004 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:57:37.0570 7004 rdpbus - ok
11:57:37.0580 7004 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:57:37.0580 7004 RDPCDD - ok
11:57:37.0590 7004 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:57:37.0590 7004 RDPENCDD - ok
11:57:37.0610 7004 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:57:37.0610 7004 RDPREFMP - ok
11:57:37.0760 7004 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:57:37.0770 7004 RDPWD - ok
11:57:37.0780 7004 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:57:37.0780 7004 rdyboost - ok
11:57:37.0830 7004 [ A436F5E7D80BBDBB0826D0F176D5BEA8 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:57:37.0840 7004 RegSrvc - ok
11:57:37.0860 7004 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:57:37.0860 7004 RemoteAccess - ok
11:57:37.0880 7004 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:57:37.0880 7004 RemoteRegistry - ok
11:57:37.0890 7004 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:57:37.0890 7004 RFCOMM - ok
11:57:37.0960 7004 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:57:37.0980 7004 RoxMediaDB12OEM - ok
11:57:38.0030 7004 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
11:57:38.0030 7004 RoxWatch12 - ok
11:57:38.0050 7004 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:57:38.0050 7004 RpcEptMapper - ok
11:57:38.0060 7004 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:57:38.0060 7004 RpcLocator - ok
11:57:38.0080 7004 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:57:38.0090 7004 RpcSs - ok
11:57:38.0100 7004 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:57:38.0100 7004 rspndr - ok
11:57:38.0130 7004 [ CE0A1D8A59410E698140821E4E69DA0D ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys
11:57:38.0130 7004 RSUSBVSTOR - ok
11:57:38.0140 7004 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:57:38.0150 7004 RTL8167 - ok
11:57:38.0160 7004 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:57:38.0160 7004 SamSs - ok
11:57:38.0170 7004 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:57:38.0170 7004 sbp2port - ok
11:57:38.0190 7004 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:57:38.0190 7004 SCardSvr - ok
11:57:38.0200 7004 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:57:38.0200 7004 scfilter - ok
11:57:38.0220 7004 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:57:38.0240 7004 Schedule - ok
11:57:38.0260 7004 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:57:38.0260 7004 SCPolicySvc - ok
11:57:38.0270 7004 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:57:38.0270 7004 SDRSVC - ok
11:57:38.0290 7004 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:57:38.0290 7004 secdrv - ok
11:57:38.0300 7004 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:57:38.0300 7004 seclogon - ok
11:57:38.0320 7004 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:57:38.0320 7004 SENS - ok
11:57:38.0330 7004 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:57:38.0330 7004 SensrSvc - ok
11:57:38.0360 7004 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:57:38.0360 7004 Serenum - ok
11:57:38.0380 7004 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:57:38.0380 7004 Serial - ok
11:57:38.0390 7004 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:57:38.0390 7004 sermouse - ok
11:57:38.0410 7004 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:57:38.0410 7004 SessionEnv - ok
11:57:38.0420 7004 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:57:38.0420 7004 sffdisk - ok
11:57:38.0430 7004 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:57:38.0430 7004 sffp_mmc - ok
11:57:38.0430 7004 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:57:38.0440 7004 sffp_sd - ok
11:57:38.0440 7004 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:57:38.0440 7004 sfloppy - ok
11:57:38.0460 7004 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:57:38.0460 7004 SharedAccess - ok
11:57:38.0480 7004 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:57:38.0480 7004 ShellHWDetection - ok
11:57:38.0490 7004 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:57:38.0500 7004 SiSRaid2 - ok
11:57:38.0510 7004 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:57:38.0510 7004 SiSRaid4 - ok
11:57:38.0540 7004 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:57:38.0540 7004 SkypeUpdate - ok
11:57:38.0550 7004 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:57:38.0550 7004 Smb - ok
11:57:38.0570 7004 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:57:38.0570 7004 SNMPTRAP - ok
11:57:38.0590 7004 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:57:38.0590 7004 spldr - ok
11:57:38.0620 7004 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:57:38.0620 7004 Spooler - ok
11:57:38.0720 7004 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:57:38.0770 7004 sppsvc - ok
11:57:38.0780 7004 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:57:38.0790 7004 sppuinotify - ok
11:57:38.0810 7004 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:57:38.0810 7004 srv - ok
11:57:38.0830 7004 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:57:38.0830 7004 srv2 - ok
11:57:38.0850 7004 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:57:38.0850 7004 srvnet - ok
11:57:38.0860 7004 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:57:38.0860 7004 SSDPSRV - ok
11:57:38.0870 7004 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:57:38.0880 7004 SstpSvc - ok
11:57:38.0890 7004 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:57:38.0890 7004 stexstor - ok
11:57:38.0930 7004 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
11:57:38.0930 7004 StillCam - ok
11:57:38.0960 7004 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:57:38.0970 7004 stisvc - ok
11:57:39.0010 7004 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:57:39.0010 7004 stllssvr - ok
11:57:39.0020 7004 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:57:39.0020 7004 swenum - ok
11:57:39.0050 7004 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:57:39.0050 7004 swprv - ok
11:57:39.0140 7004 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:57:39.0170 7004 SysMain - ok
11:57:39.0180 7004 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:57:39.0180 7004 TabletInputService - ok
11:57:39.0190 7004 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:57:39.0200 7004 TapiSrv - ok
11:57:39.0210 7004 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:57:39.0210 7004 TBS - ok
11:57:39.0260 7004 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:57:39.0290 7004 Tcpip - ok
11:57:39.0370 7004 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:57:39.0380 7004 TCPIP6 - ok
11:57:39.0401 7004 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:57:39.0401 7004 tcpipreg - ok
11:57:39.0421 7004 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:57:39.0421 7004 TDPIPE - ok
11:57:39.0451 7004 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:57:39.0451 7004 TDTCP - ok
11:57:39.0481 7004 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:57:39.0491 7004 tdx - ok
11:57:39.0501 7004 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:57:39.0501 7004 TermDD - ok
11:57:39.0531 7004 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:57:39.0541 7004 TermService - ok
11:57:39.0551 7004 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:57:39.0551 7004 Themes - ok
11:57:39.0581 7004 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:57:39.0581 7004 THREADORDER - ok
11:57:39.0591 7004 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:57:39.0601 7004 TrkWks - ok
11:57:39.0871 7004 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:57:39.0881 7004 TrustedInstaller - ok
11:57:39.0911 7004 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:57:39.0911 7004 tssecsrv - ok
11:57:39.0931 7004 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:57:39.0941 7004 TsUsbFlt - ok
11:57:39.0941 7004 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:57:39.0941 7004 TsUsbGD - ok
11:57:39.0961 7004 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:57:39.0961 7004 tunnel - ok
11:57:39.0971 7004 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:57:39.0971 7004 uagp35 - ok
11:57:39.0981 7004 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:57:39.0991 7004 udfs - ok
11:57:40.0011 7004 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:57:40.0021 7004 UI0Detect - ok
11:57:40.0021 7004 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:57:40.0021 7004 uliagpkx - ok
11:57:40.0031 7004 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:57:40.0031 7004 umbus - ok
11:57:40.0041 7004 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:57:40.0041 7004 UmPass - ok
11:57:40.0121 7004 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:57:40.0131 7004 UNS - ok
11:57:40.0151 7004 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:57:40.0161 7004 upnphost - ok
11:57:40.0211 7004 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:57:40.0211 7004 USBAAPL64 - ok
11:57:40.0231 7004 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:57:40.0231 7004 usbccgp - ok
11:57:40.0251 7004 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:57:40.0251 7004 usbcir - ok
11:57:40.0261 7004 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:57:40.0261 7004 usbehci - ok
11:57:40.0281 7004 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:57:40.0291 7004 usbhub - ok
11:57:40.0311 7004 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:57:40.0321 7004 usbohci - ok
11:57:40.0321 7004 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:57:40.0331 7004 usbprint - ok
11:57:40.0361 7004 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:57:40.0361 7004 usbscan - ok
11:57:40.0371 7004 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:57:40.0381 7004 USBSTOR - ok
11:57:40.0391 7004 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:57:40.0391 7004 usbuhci - ok
11:57:40.0411 7004 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:57:40.0411 7004 usbvideo - ok
11:57:40.0421 7004 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:57:40.0421 7004 UxSms - ok
11:57:40.0431 7004 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:57:40.0431 7004 VaultSvc - ok
11:57:40.0451 7004 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:57:40.0451 7004 vdrvroot - ok
11:57:40.0471 7004 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:57:40.0471 7004 vds - ok
11:57:40.0491 7004 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:57:40.0491 7004 vga - ok
11:57:40.0501 7004 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:57:40.0501 7004 VgaSave - ok
11:57:40.0521 7004 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:57:40.0521 7004 vhdmp - ok
11:57:40.0541 7004 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:57:40.0541 7004 viaide - ok
11:57:40.0551 7004 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:57:40.0551 7004 volmgr - ok
11:57:40.0571 7004 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:57:40.0571 7004 volmgrx - ok
11:57:40.0581 7004 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:57:40.0581 7004 volsnap - ok
11:57:40.0611 7004 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:57:40.0621 7004 vsmraid - ok
11:57:40.0651 7004 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:57:40.0671 7004 VSS - ok
11:57:40.0681 7004 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:57:40.0691 7004 vwifibus - ok
11:57:40.0691 7004 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:57:40.0691 7004 vwififlt - ok
11:57:40.0721 7004 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:57:40.0721 7004 vwifimp - ok
11:57:40.0741 7004 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:57:40.0741 7004 W32Time - ok
11:57:40.0761 7004 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:57:40.0761 7004 WacomPen - ok
11:57:40.0781 7004 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:57:40.0781 7004 WANARP - ok
11:57:40.0781 7004 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:57:40.0781 7004 Wanarpv6 - ok
11:57:40.0821 7004 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:57:40.0851 7004 WatAdminSvc - ok
11:57:40.0891 7004 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:57:40.0911 7004 wbengine - ok
11:57:40.0931 7004 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:57:40.0931 7004 WbioSrvc - ok
11:57:40.0951 7004 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:57:40.0951 7004 wcncsvc - ok
11:57:40.0971 7004 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:57:40.0971 7004 WcsPlugInService - ok
11:57:40.0981 7004 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:57:40.0981 7004 Wd - ok
11:57:41.0001 7004 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:57:41.0001 7004 Wdf01000 - ok
11:57:41.0011 7004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:57:41.0011 7004 WdiServiceHost - ok
11:57:41.0021 7004 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:57:41.0021 7004 WdiSystemHost - ok
11:57:41.0031 7004 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:57:41.0041 7004 WebClient - ok
11:57:41.0061 7004 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:57:41.0061 7004 Wecsvc - ok
11:57:41.0071 7004 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:57:41.0081 7004 wercplsupport - ok
11:57:41.0091 7004 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:57:41.0091 7004 WerSvc - ok
11:57:41.0101 7004 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:57:41.0101 7004 WfpLwf - ok
11:57:41.0121 7004 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:57:41.0121 7004 WIMMount - ok
11:57:41.0131 7004 WinDefend - ok
11:57:41.0141 7004 WinHttpAutoProxySvc - ok
11:57:41.0181 7004 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:57:41.0181 7004 Winmgmt - ok
11:57:41.0221 7004 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:57:41.0261 7004 WinRM - ok
11:57:41.0291 7004 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:57:41.0301 7004 WinUsb - ok
11:57:41.0311 7004 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:57:41.0321 7004 Wlansvc - ok
11:57:41.0361 7004 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:57:41.0371 7004 wlcrasvc - ok
11:57:41.0461 7004 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:57:41.0491 7004 wlidsvc - ok
11:57:41.0511 7004 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:57:41.0511 7004 WmiAcpi - ok
11:57:41.0521 7004 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:57:41.0531 7004 wmiApSrv - ok
11:57:41.0541 7004 WMPNetworkSvc - ok
11:57:41.0561 7004 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:57:41.0561 7004 WPCSvc - ok
11:57:41.0571 7004 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:57:41.0581 7004 WPDBusEnum - ok
11:57:41.0591 7004 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:57:41.0591 7004 ws2ifsl - ok
11:57:41.0601 7004 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:57:41.0611 7004 wscsvc - ok
11:57:41.0741 7004 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:57:41.0741 7004 WSDPrintDevice - ok
11:57:41.0751 7004 WSearch - ok
11:57:42.0191 7004 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:57:42.0231 7004 wuauserv - ok
11:57:42.0251 7004 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:57:42.0251 7004 WudfPf - ok
11:57:42.0271 7004 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:57:42.0281 7004 WUDFRd - ok
11:57:42.0301 7004 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:57:42.0311 7004 wudfsvc - ok
11:57:42.0321 7004 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:57:42.0321 7004 WwanSvc - ok
11:57:42.0351 7004 ================ Scan global ===============================
11:57:42.0361 7004 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:57:42.0381 7004 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:57:42.0401 7004 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
11:57:42.0412 7004 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:57:42.0422 7004 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:57:42.0422 7004 [Global] - ok
11:57:42.0422 7004 ================ Scan MBR ==================================
11:57:42.0432 7004 [ E9F67288208D53EF770F82E186904857 ] \Device\Harddisk0\DR0
11:57:42.0432 7004 Suspicious mbr (Forged): \Device\Harddisk0\DR0
11:57:42.0482 7004 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
11:57:42.0482 7004 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
11:57:42.0542 7004 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:57:42.0542 7004 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:57:42.0542 7004 ================ Scan VBR ==================================
11:57:42.0552 7004 [ D0A8F6448EE693274D1F67045B9D2517 ] \Device\Harddisk0\DR0\Partition1
11:57:42.0552 7004 \Device\Harddisk0\DR0\Partition1 - ok
11:57:42.0582 7004 [ 1DD622AD9B92874D3CEBA911DBD36848 ] \Device\Harddisk0\DR0\Partition2
11:57:42.0582 7004 \Device\Harddisk0\DR0\Partition2 - ok
11:57:42.0582 7004 ============================================================
11:57:42.0592 7004 Scan finished
11:57:42.0592 7004 ============================================================
11:57:42.0602 8596 Detected object count: 2
11:57:42.0602 8596 Actual detected object count: 2
11:58:23.0370 8596 \Device\Harddisk0\DR0\# - copied to quarantine
11:58:23.0380 8596 \Device\Harddisk0\DR0 - copied to quarantine
11:58:23.0420 8596 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
11:58:23.0420 8596 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
11:58:23.0420 8596 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
11:58:23.0430 8596 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
11:58:23.0440 8596 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
11:58:23.0450 8596 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
11:58:23.0450 8596 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
11:58:23.0450 8596 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
11:58:23.0460 8596 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
11:58:23.0460 8596 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
11:58:23.0460 8596 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
11:58:23.0460 8596 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
11:58:23.0490 8596 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
11:58:23.0490 8596 \Device\Harddisk0\DR0 - ok
11:58:23.0540 8596 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
11:58:23.0540 8596 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:58:23.0540 8596 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-27 12:07:20
-----------------------------
12:07:20.069 OS Version: Windows x64 6.1.7601 Service Pack 1
12:07:20.069 Number of processors: 4 586 0x2A07
12:07:20.079 ComputerName: JKARA-PC UserName: jkara
12:07:26.401 Initialize success
12:10:08.600 AVAST engine defs: 12092700
12:11:29.864 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:11:29.864 Disk 0 Vendor: ST310005 JC49 Size: 953869MB BusType: 3
12:11:29.864 Device \Driver\iaStor -> MajorFunction fffffa8006f705c4
12:11:29.864 Disk 0 MBR read successfully
12:11:29.874 Disk 0 MBR scan
12:11:29.874 Disk 0 Windows VISTA default MBR code
12:11:29.884 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
12:11:29.894 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 13566 MB offset 81920
12:11:29.914 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 940262 MB offset 27865088
12:11:29.934 Disk 0 scanning C:\Windows\system32\drivers
12:11:46.942 Service scanning
12:12:11.395 Modules scanning
12:12:11.405 Disk 0 trace - called modules:
12:12:11.405 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8006f705c4]<<
12:12:11.616 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80065e3060]
12:12:11.616 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049f2050]
12:12:11.626 \Driver\iaStor[0xfffffa8006e1cc30] -> IRP_MJ_CREATE -> 0xfffffa8006f705c4
12:12:16.728 AVAST engine scan C:\Windows
12:12:23.349 AVAST engine scan C:\Windows\system32
12:17:07.908 AVAST engine scan C:\Windows\system32\drivers
12:17:26.845 AVAST engine scan C:\Users\jkara
12:21:20.256 AVAST engine scan C:\ProgramData
12:22:20.724 Scan finished successfully
12:49:47.116 Disk 0 MBR has been saved successfully to "C:\Users\jkara\Documents\MBR.dat"
12:49:47.116 The log file has been saved successfully to "C:\Users\jkara\Documents\aswMBR.txt"


ESET:

C:\TDSSKiller_Quarantine\27.09.2012_11.56.55\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.KS trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:11 AM

Posted 27 September 2012 - 01:18 PM

Run TDSSkiller once again and select DELETE

11:58:23.0540 8596 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Post the log


Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

#5 jkara

jkara
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 29 September 2012 - 03:46 PM

Ok, I'm back on this again.... Here are the latest logs:

TDSKiller
15:37:10.0498 3412 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:37:10.0810 3412 ============================================================
15:37:10.0810 3412 Current date / time: 2012/09/29 15:37:10.0810
15:37:10.0810 3412 SystemInfo:
15:37:10.0810 3412
15:37:10.0810 3412 OS Version: 6.1.7601 ServicePack: 1.0
15:37:10.0810 3412 Product type: Workstation
15:37:10.0810 3412 ComputerName: JKARA-PC
15:37:10.0810 3412 UserName: jkara
15:37:10.0810 3412 Windows directory: C:\Windows
15:37:10.0810 3412 System windows directory: C:\Windows
15:37:10.0810 3412 Running under WOW64
15:37:10.0810 3412 Processor architecture: Intel x64
15:37:10.0810 3412 Number of processors: 4
15:37:10.0810 3412 Page size: 0x1000
15:37:10.0810 3412 Boot type: Normal boot
15:37:10.0810 3412 ============================================================
15:37:11.0637 3412 BG loaded
15:37:13.0899 3412 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:37:13.0916 3412 ============================================================
15:37:13.0916 3412 \Device\Harddisk0\DR0:
15:37:13.0916 3412 MBR partitions:
15:37:13.0916 3412 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A7F000
15:37:13.0916 3412 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A93000, BlocksNum 0x72C73000
15:37:13.0916 3412 ============================================================
15:37:13.0978 3412 C: <-> \Device\Harddisk0\DR0\Partition2
15:37:13.0978 3412 ============================================================
15:37:13.0978 3412 Initialize success
15:37:13.0978 3412 ============================================================
15:37:52.0485 6140 ============================================================
15:37:52.0485 6140 Scan started
15:37:52.0485 6140 Mode: Manual; TDLFS;
15:37:52.0485 6140 ============================================================
15:37:55.0230 6140 ================ Scan system memory ========================
15:37:55.0230 6140 System memory - ok
15:37:55.0230 6140 ================ Scan services =============================
15:37:55.0527 6140 03521980 - ok
15:37:55.0589 6140 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:37:55.0636 6140 1394ohci - ok
15:37:55.0667 6140 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:37:55.0761 6140 ACPI - ok
15:37:55.0792 6140 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:37:55.0807 6140 AcpiPmi - ok
15:37:55.0932 6140 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:37:55.0932 6140 AdobeARMservice - ok
15:37:56.0526 6140 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:37:56.0542 6140 AdobeFlashPlayerUpdateSvc - ok
15:37:56.0635 6140 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:37:56.0713 6140 adp94xx - ok
15:37:56.0776 6140 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:37:56.0838 6140 adpahci - ok
15:37:56.0854 6140 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:37:56.0900 6140 adpu320 - ok
15:37:56.0963 6140 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:37:56.0963 6140 AeLookupSvc - ok
15:37:57.0072 6140 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:37:57.0072 6140 AERTFilters - ok
15:37:57.0119 6140 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:37:57.0119 6140 AFD - ok
15:37:57.0150 6140 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:37:57.0181 6140 agp440 - ok
15:37:57.0212 6140 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:37:57.0212 6140 ALG - ok
15:37:57.0228 6140 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:37:57.0244 6140 aliide - ok
15:37:57.0290 6140 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:37:57.0322 6140 amdide - ok
15:37:57.0353 6140 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:37:57.0384 6140 AmdK8 - ok
15:37:57.0400 6140 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:37:57.0415 6140 AmdPPM - ok
15:37:57.0431 6140 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:37:57.0478 6140 amdsata - ok
15:37:57.0540 6140 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:37:57.0602 6140 amdsbs - ok
15:37:57.0618 6140 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:37:57.0634 6140 amdxata - ok
15:37:57.0696 6140 [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
15:37:57.0712 6140 AMPPAL - ok
15:37:57.0712 6140 [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
15:37:57.0712 6140 AMPPALP - ok
15:37:57.0821 6140 [ 83A0E7BA4AE616D3654E700D9C5FF9DB ] AMPPALR3 c:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:37:57.0836 6140 AMPPALR3 - ok
15:37:57.0883 6140 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:37:57.0899 6140 AppID - ok
15:37:57.0914 6140 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:37:57.0914 6140 AppIDSvc - ok
15:37:57.0946 6140 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:37:57.0946 6140 Appinfo - ok
15:37:58.0055 6140 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:37:58.0055 6140 Apple Mobile Device - ok
15:37:58.0148 6140 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:37:58.0164 6140 arc - ok
15:37:58.0195 6140 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:37:58.0195 6140 arcsas - ok
15:37:58.0320 6140 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:37:58.0320 6140 aspnet_state - ok
15:37:58.0351 6140 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:37:58.0367 6140 AsyncMac - ok
15:37:58.0398 6140 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:37:58.0414 6140 atapi - ok
15:37:58.0445 6140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:37:58.0460 6140 AudioEndpointBuilder - ok
15:37:58.0460 6140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:37:58.0476 6140 AudioSrv - ok
15:37:58.0492 6140 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:37:58.0492 6140 AxInstSV - ok
15:37:58.0554 6140 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:37:58.0570 6140 b06bdrv - ok
15:37:58.0648 6140 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:37:58.0663 6140 b57nd60a - ok
15:37:59.0412 6140 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
15:37:59.0412 6140 BBSvc - ok
15:37:59.0474 6140 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
15:37:59.0490 6140 BBUpdate - ok
15:37:59.0506 6140 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:37:59.0506 6140 BDESVC - ok
15:37:59.0552 6140 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:37:59.0552 6140 Beep - ok
15:37:59.0693 6140 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:37:59.0693 6140 BFE - ok
15:37:59.0771 6140 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:37:59.0771 6140 BITS - ok
15:37:59.0833 6140 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:37:59.0849 6140 blbdrive - ok
15:37:59.0974 6140 [ 55B0C8441DE7D91A819A39D0351154A2 ] Bluetooth Device Monitor c:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
15:37:59.0974 6140 Bluetooth Device Monitor - ok
15:38:00.0067 6140 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] Bluetooth Media Service c:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
15:38:00.0083 6140 Bluetooth Media Service - ok
15:38:00.0114 6140 [ 8BF4B9956E13871A88A3810074E2E110 ] Bluetooth OBEX Service c:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
15:38:00.0114 6140 Bluetooth OBEX Service - ok
15:38:00.0145 6140 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:38:00.0145 6140 Bonjour Service - ok
15:38:00.0192 6140 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:38:00.0208 6140 bowser - ok
15:38:00.0239 6140 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:38:00.0239 6140 BrFiltLo - ok
15:38:00.0239 6140 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:38:00.0239 6140 BrFiltUp - ok
15:38:00.0301 6140 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:38:00.0317 6140 BridgeMP - ok
15:38:00.0332 6140 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:38:00.0332 6140 Browser - ok
15:38:00.0348 6140 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:38:00.0364 6140 Brserid - ok
15:38:00.0379 6140 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:38:00.0395 6140 BrSerWdm - ok
15:38:00.0395 6140 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:38:00.0410 6140 BrUsbMdm - ok
15:38:00.0410 6140 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:38:00.0410 6140 BrUsbSer - ok
15:38:00.0457 6140 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:38:00.0457 6140 BthEnum - ok
15:38:00.0473 6140 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:38:00.0488 6140 BTHMODEM - ok
15:38:00.0504 6140 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:38:00.0504 6140 BthPan - ok
15:38:00.0535 6140 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:38:00.0535 6140 BTHPORT - ok
15:38:00.0566 6140 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:38:00.0566 6140 bthserv - ok
15:38:00.0582 6140 [ A5B3E8B2B78C7B3DA56A0DE490E6718C ] BTHSSecurityMgr c:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:38:00.0582 6140 BTHSSecurityMgr - ok
15:38:00.0598 6140 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:38:00.0598 6140 BTHUSB - ok
15:38:00.0644 6140 [ 270FBA230E78E25726D065A924589A72 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
15:38:00.0660 6140 btmaux - ok
15:38:00.0676 6140 [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
15:38:00.0691 6140 btmhsf - ok
15:38:00.0707 6140 catchme - ok
15:38:00.0707 6140 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:38:00.0707 6140 cdfs - ok
15:38:00.0754 6140 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:38:00.0754 6140 cdrom - ok
15:38:00.0785 6140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:38:00.0785 6140 CertPropSvc - ok
15:38:00.0800 6140 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:38:00.0800 6140 circlass - ok
15:38:00.0816 6140 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:38:00.0816 6140 CLFS - ok
15:38:00.0878 6140 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:38:00.0894 6140 clr_optimization_v2.0.50727_32 - ok
15:38:00.0925 6140 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:38:00.0925 6140 clr_optimization_v2.0.50727_64 - ok
15:38:00.0972 6140 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:38:00.0972 6140 clr_optimization_v4.0.30319_32 - ok
15:38:00.0972 6140 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:38:00.0988 6140 clr_optimization_v4.0.30319_64 - ok
15:38:01.0003 6140 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:38:01.0003 6140 CmBatt - ok
15:38:01.0019 6140 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:38:01.0034 6140 cmdide - ok
15:38:01.0112 6140 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:38:01.0144 6140 CNG - ok
15:38:01.0159 6140 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:38:01.0159 6140 Compbatt - ok
15:38:01.0190 6140 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:38:01.0190 6140 CompositeBus - ok
15:38:01.0222 6140 COMSysApp - ok
15:38:01.0237 6140 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:38:01.0237 6140 crcdisk - ok
15:38:01.0268 6140 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:38:01.0268 6140 CryptSvc - ok
15:38:01.0284 6140 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:38:01.0315 6140 CtClsFlt - ok
15:38:01.0346 6140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:38:01.0346 6140 DcomLaunch - ok
15:38:01.0378 6140 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:38:01.0378 6140 defragsvc - ok
15:38:01.0424 6140 [ BC37CF3B9154AFA6A269CA6FB1931C0F ] Dell WMI Service C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe
15:38:01.0424 6140 Dell WMI Service - ok
15:38:01.0440 6140 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:38:01.0440 6140 DfsC - ok
15:38:01.0471 6140 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:38:01.0471 6140 Dhcp - ok
15:38:01.0487 6140 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:38:01.0487 6140 discache - ok
15:38:01.0502 6140 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:38:01.0518 6140 Disk - ok
15:38:01.0549 6140 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:38:01.0549 6140 Dnscache - ok
15:38:01.0565 6140 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:38:01.0565 6140 dot3svc - ok
15:38:01.0580 6140 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:38:01.0580 6140 DPS - ok
15:38:01.0612 6140 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:38:01.0627 6140 drmkaud - ok
15:38:01.0658 6140 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:38:01.0674 6140 DXGKrnl - ok
15:38:01.0721 6140 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
15:38:01.0736 6140 eamonm - ok
15:38:01.0768 6140 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:38:01.0768 6140 EapHost - ok
15:38:01.0814 6140 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:38:01.0877 6140 ebdrv - ok
15:38:01.0892 6140 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:38:01.0892 6140 EFS - ok
15:38:01.0924 6140 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
15:38:01.0924 6140 ehdrv - ok
15:38:02.0033 6140 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:38:02.0033 6140 ehRecvr - ok
15:38:02.0048 6140 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:38:02.0048 6140 ehSched - ok
15:38:02.0173 6140 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
15:38:02.0173 6140 ekrn - ok
15:38:02.0204 6140 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:38:02.0220 6140 elxstor - ok
15:38:02.0251 6140 [ 587F0F4145A1536A6E37EFD769B7665F ] epfw C:\Windows\system32\DRIVERS\epfw.sys
15:38:02.0251 6140 epfw - ok
15:38:02.0267 6140 [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
15:38:02.0298 6140 EpfwLWF - ok
15:38:02.0329 6140 [ 34BF55D69AB74D14C7E7A17259CB7DF8 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
15:38:02.0360 6140 epfwwfp - ok
15:38:02.0376 6140 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:38:02.0376 6140 ErrDev - ok
15:38:02.0423 6140 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:38:02.0423 6140 EventSystem - ok
15:38:02.0516 6140 [ 54FC81B0162478A72A93DBBEAFB35671 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:38:02.0516 6140 EvtEng - ok
15:38:02.0548 6140 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:38:02.0564 6140 exfat - ok
15:38:02.0595 6140 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\Windows\system32\DRIVERS\facap.sys
15:38:02.0595 6140 FACAP - ok
15:38:02.0673 6140 [ A363FF99DC160B7844A1C1E0D6CEBBE3 ] FAService C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
15:38:02.0689 6140 FAService - ok
15:38:02.0705 6140 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:38:02.0736 6140 fastfat - ok
15:38:02.0767 6140 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:38:02.0767 6140 Fax - ok
15:38:02.0783 6140 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:38:02.0814 6140 fdc - ok
15:38:02.0845 6140 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:38:02.0845 6140 fdPHost - ok
15:38:02.0845 6140 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:38:02.0845 6140 FDResPub - ok
15:38:02.0876 6140 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:38:02.0892 6140 FileInfo - ok
15:38:02.0892 6140 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:38:02.0923 6140 Filetrace - ok
15:38:02.0923 6140 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:38:02.0939 6140 flpydisk - ok
15:38:02.0954 6140 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:38:02.0970 6140 FltMgr - ok
15:38:03.0017 6140 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:38:03.0017 6140 FontCache - ok
15:38:03.0063 6140 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:38:03.0063 6140 FontCache3.0.0.0 - ok
15:38:03.0079 6140 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:38:03.0095 6140 FsDepends - ok
15:38:03.0110 6140 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:38:03.0126 6140 Fs_Rec - ok
15:38:03.0141 6140 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:38:03.0157 6140 fvevol - ok
15:38:03.0157 6140 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:38:03.0188 6140 gagp30kx - ok
15:38:03.0219 6140 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:38:03.0219 6140 GEARAspiWDM - ok
15:38:03.0251 6140 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:38:03.0251 6140 gpsvc - ok
15:38:03.0329 6140 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:38:03.0329 6140 gupdate - ok
15:38:03.0329 6140 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:38:03.0329 6140 gupdatem - ok
15:38:03.0375 6140 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:38:03.0438 6140 gusvc - ok
15:38:03.0485 6140 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:38:03.0485 6140 hcw85cir - ok
15:38:03.0500 6140 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:38:03.0500 6140 HDAudBus - ok
15:38:03.0516 6140 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:38:03.0531 6140 HidBatt - ok
15:38:03.0579 6140 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:38:03.0595 6140 HidBth - ok
15:38:03.0610 6140 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:38:03.0642 6140 HidIr - ok
15:38:03.0673 6140 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:38:03.0688 6140 hidserv - ok
15:38:03.0782 6140 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:38:03.0782 6140 HidUsb - ok
15:38:03.0844 6140 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:38:03.0844 6140 hkmsvc - ok
15:38:03.0891 6140 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:38:03.0891 6140 HomeGroupListener - ok
15:38:03.0907 6140 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:38:03.0907 6140 HomeGroupProvider - ok
15:38:03.0922 6140 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:38:03.0922 6140 HpSAMD - ok
15:38:03.0938 6140 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:38:03.0954 6140 HTTP - ok
15:38:03.0954 6140 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:38:03.0969 6140 hwpolicy - ok
15:38:04.0000 6140 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:38:04.0000 6140 i8042prt - ok
15:38:04.0032 6140 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:38:04.0063 6140 iaStor - ok
15:38:04.0094 6140 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:38:04.0110 6140 iaStorV - ok
15:38:04.0125 6140 [ DE9E40BAEE2E48FD1E3EB423074C014C ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
15:38:04.0125 6140 iBtFltCoex - ok
15:38:04.0141 6140 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:38:04.0156 6140 idsvc - ok
15:38:04.0328 6140 [ 58E04D9412F8668863A391232035CBE8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:38:04.0390 6140 igfx - ok
15:38:04.0422 6140 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:38:04.0422 6140 iirsp - ok
15:38:04.0594 6140 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:38:04.0610 6140 IKEEXT - ok
15:38:04.0641 6140 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
15:38:04.0641 6140 Impcd - ok
15:38:04.0719 6140 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
15:38:04.0735 6140 intaud_WaveExtensible - ok
15:38:04.0813 6140 [ 230836EEFCE6D6DE9947384FC5B3FAC0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:38:04.0828 6140 IntcAzAudAddService - ok
15:38:04.0859 6140 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:38:04.0859 6140 intelide - ok
15:38:04.0891 6140 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:38:04.0906 6140 intelppm - ok
15:38:04.0922 6140 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:38:04.0937 6140 IPBusEnum - ok
15:38:04.0937 6140 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:38:04.0937 6140 IpFilterDriver - ok
15:38:04.0969 6140 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:38:04.0969 6140 iphlpsvc - ok
15:38:04.0984 6140 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:38:04.0984 6140 IPMIDRV - ok
15:38:05.0000 6140 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:38:05.0015 6140 IPNAT - ok
15:38:05.0093 6140 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:38:05.0109 6140 iPod Service - ok
15:38:05.0156 6140 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:38:05.0156 6140 IRENUM - ok
15:38:05.0187 6140 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:38:05.0203 6140 isapnp - ok
15:38:05.0359 6140 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:38:05.0374 6140 iScsiPrt - ok
15:38:05.0390 6140 [ 8D990A44B4F2B68E2C56A3724EC3EB84 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
15:38:05.0421 6140 itecir - ok
15:38:05.0452 6140 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
15:38:05.0452 6140 iwdbus - ok
15:38:05.0468 6140 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:38:05.0468 6140 kbdclass - ok
15:38:05.0483 6140 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:38:05.0483 6140 kbdhid - ok
15:38:05.0499 6140 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:38:05.0515 6140 KeyIso - ok
15:38:05.0530 6140 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:38:05.0546 6140 KSecDD - ok
15:38:05.0561 6140 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:38:05.0795 6140 KSecPkg - ok
15:38:05.0827 6140 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:38:05.0842 6140 ksthunk - ok
15:38:05.0873 6140 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:38:05.0873 6140 KtmRm - ok
15:38:05.0920 6140 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:38:05.0920 6140 LanmanServer - ok
15:38:05.0936 6140 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:38:05.0936 6140 LanmanWorkstation - ok
15:38:05.0951 6140 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:38:05.0983 6140 lltdio - ok
15:38:05.0998 6140 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:38:06.0014 6140 lltdsvc - ok
15:38:06.0029 6140 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:38:06.0029 6140 lmhosts - ok
15:38:06.0045 6140 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:38:06.0061 6140 LMS - ok
15:38:06.0076 6140 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:38:06.0092 6140 LSI_FC - ok
15:38:06.0107 6140 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:38:06.0123 6140 LSI_SAS - ok
15:38:06.0139 6140 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:38:06.0139 6140 LSI_SAS2 - ok
15:38:06.0154 6140 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:38:06.0170 6140 LSI_SCSI - ok
15:38:06.0185 6140 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:38:06.0201 6140 luafv - ok
15:38:06.0217 6140 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:38:06.0217 6140 Mcx2Svc - ok
15:38:06.0232 6140 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:38:06.0263 6140 megasas - ok
15:38:06.0279 6140 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:38:06.0295 6140 MegaSR - ok
15:38:06.0326 6140 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:38:06.0326 6140 MEIx64 - ok
15:38:06.0341 6140 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:38:06.0341 6140 MMCSS - ok
15:38:06.0357 6140 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:38:06.0357 6140 Modem - ok
15:38:06.0373 6140 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:38:06.0388 6140 monitor - ok
15:38:06.0404 6140 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:38:06.0404 6140 mouclass - ok
15:38:06.0419 6140 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:38:06.0419 6140 mouhid - ok
15:38:06.0435 6140 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:38:06.0435 6140 mountmgr - ok
15:38:06.0451 6140 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:38:06.0451 6140 mpio - ok
15:38:06.0482 6140 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:38:06.0497 6140 mpsdrv - ok
15:38:06.0529 6140 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:38:06.0544 6140 MpsSvc - ok
15:38:06.0544 6140 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:38:06.0544 6140 MRxDAV - ok
15:38:06.0575 6140 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:38:06.0575 6140 mrxsmb - ok
15:38:06.0591 6140 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:38:06.0607 6140 mrxsmb10 - ok
15:38:06.0622 6140 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:38:06.0638 6140 mrxsmb20 - ok
15:38:06.0653 6140 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:38:06.0653 6140 msahci - ok
15:38:06.0669 6140 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:38:06.0685 6140 msdsm - ok
15:38:06.0716 6140 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:38:06.0716 6140 MSDTC - ok
15:38:06.0731 6140 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:38:06.0731 6140 Msfs - ok
15:38:06.0731 6140 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:38:06.0747 6140 mshidkmdf - ok
15:38:06.0763 6140 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:38:06.0778 6140 msisadrv - ok
15:38:06.0794 6140 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:38:06.0809 6140 MSiSCSI - ok
15:38:06.0809 6140 msiserver - ok
15:38:06.0825 6140 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:38:06.0825 6140 MSKSSRV - ok
15:38:06.0841 6140 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:38:06.0841 6140 MSPCLOCK - ok
15:38:06.0856 6140 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:38:06.0872 6140 MSPQM - ok
15:38:06.0903 6140 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:38:06.0903 6140 MsRPC - ok
15:38:06.0919 6140 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:38:06.0919 6140 mssmbios - ok
15:38:06.0919 6140 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:38:06.0934 6140 MSTEE - ok
15:38:06.0934 6140 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:38:06.0934 6140 MTConfig - ok
15:38:06.0950 6140 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:38:06.0950 6140 Mup - ok
15:38:06.0997 6140 [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
15:38:06.0997 6140 MyWiFiDHCPDNS - ok
15:38:07.0028 6140 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:38:07.0028 6140 napagent - ok
15:38:07.0059 6140 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:38:07.0090 6140 NativeWifiP - ok
15:38:07.0184 6140 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:38:07.0184 6140 NAUpdate - ok
15:38:07.0231 6140 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:38:07.0231 6140 NDIS - ok
15:38:07.0246 6140 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:38:07.0262 6140 NdisCap - ok
15:38:07.0277 6140 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:38:07.0277 6140 NdisTapi - ok
15:38:07.0293 6140 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:38:07.0293 6140 Ndisuio - ok
15:38:07.0309 6140 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:38:07.0324 6140 NdisWan - ok
15:38:07.0340 6140 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:38:07.0355 6140 NDProxy - ok
15:38:07.0355 6140 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:38:07.0371 6140 NetBIOS - ok
15:38:07.0387 6140 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:38:07.0387 6140 NetBT - ok
15:38:07.0402 6140 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:38:07.0402 6140 Netlogon - ok
15:38:07.0433 6140 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:38:07.0433 6140 Netman - ok
15:38:07.0449 6140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:38:07.0465 6140 NetMsmqActivator - ok
15:38:07.0465 6140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:38:07.0465 6140 NetPipeActivator - ok
15:38:07.0480 6140 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:38:07.0480 6140 netprofm - ok
15:38:07.0480 6140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:38:07.0480 6140 NetTcpActivator - ok
15:38:07.0496 6140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:38:07.0496 6140 NetTcpPortSharing - ok
15:38:07.0683 6140 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
15:38:07.0730 6140 NETwNs64 - ok
15:38:07.0745 6140 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:38:07.0777 6140 nfrd960 - ok
15:38:07.0792 6140 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:38:07.0792 6140 NlaSvc - ok
15:38:07.0808 6140 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:38:07.0808 6140 Npfs - ok
15:38:07.0839 6140 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:38:07.0839 6140 nsi - ok
15:38:07.0839 6140 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:38:07.0839 6140 nsiproxy - ok
15:38:07.0886 6140 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:38:07.0917 6140 Ntfs - ok
15:38:07.0948 6140 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:38:07.0948 6140 Null - ok
15:38:07.0964 6140 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:38:07.0979 6140 nvraid - ok
15:38:07.0995 6140 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:38:08.0011 6140 nvstor - ok
15:38:08.0011 6140 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:38:08.0026 6140 nv_agp - ok
15:38:08.0089 6140 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:38:08.0089 6140 odserv - ok
15:38:08.0120 6140 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:38:08.0135 6140 ohci1394 - ok
15:38:08.0151 6140 [ FBE1D971EB64ABF4CE37B519307C94F1 ] OSDSvc C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
15:38:08.0151 6140 OSDSvc - ok
15:38:08.0198 6140 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:38:08.0213 6140 ose - ok
15:38:08.0245 6140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:38:08.0245 6140 p2pimsvc - ok
15:38:08.0260 6140 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:38:08.0260 6140 p2psvc - ok
15:38:08.0291 6140 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:38:08.0307 6140 Parport - ok
15:38:08.0338 6140 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:38:08.0354 6140 partmgr - ok
15:38:08.0369 6140 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:38:08.0385 6140 PcaSvc - ok
15:38:08.0401 6140 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:38:08.0447 6140 pci - ok
15:38:08.0479 6140 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:38:08.0494 6140 pciide - ok
15:38:08.0510 6140 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:38:08.0525 6140 pcmcia - ok
15:38:08.0525 6140 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:38:08.0541 6140 pcw - ok
15:38:08.0557 6140 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:38:08.0572 6140 PEAUTH - ok
15:38:08.0619 6140 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:38:08.0636 6140 PerfHost - ok
15:38:08.0682 6140 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:38:08.0698 6140 pla - ok
15:38:08.0745 6140 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:38:08.0745 6140 PlugPlay - ok
15:38:08.0792 6140 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:38:08.0807 6140 PMBDeviceInfoProvider - ok
15:38:08.0823 6140 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:38:08.0838 6140 PNRPAutoReg - ok
15:38:08.0854 6140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:38:08.0854 6140 PNRPsvc - ok
15:38:08.0870 6140 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:38:08.0870 6140 PolicyAgent - ok
15:38:08.0885 6140 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:38:08.0885 6140 Power - ok
15:38:08.0916 6140 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:38:08.0948 6140 PptpMiniport - ok
15:38:08.0979 6140 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:38:08.0994 6140 Processor - ok
15:38:09.0010 6140 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:38:09.0010 6140 ProfSvc - ok
15:38:09.0026 6140 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:38:09.0026 6140 ProtectedStorage - ok
15:38:09.0026 6140 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:38:09.0026 6140 Psched - ok
15:38:09.0057 6140 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:38:09.0088 6140 PxHlpa64 - ok
15:38:09.0119 6140 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:38:09.0150 6140 ql2300 - ok
15:38:09.0166 6140 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:38:09.0166 6140 ql40xx - ok
15:38:09.0182 6140 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:38:09.0197 6140 QWAVE - ok
15:38:09.0213 6140 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:38:09.0228 6140 QWAVEdrv - ok
15:38:09.0244 6140 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:38:09.0260 6140 RasAcd - ok
15:38:09.0291 6140 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:38:09.0291 6140 RasAgileVpn - ok
15:38:09.0306 6140 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:38:09.0306 6140 RasAuto - ok
15:38:09.0322 6140 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:38:09.0338 6140 Rasl2tp - ok
15:38:09.0369 6140 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:38:09.0369 6140 RasMan - ok
15:38:09.0384 6140 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:38:09.0384 6140 RasPppoe - ok
15:38:09.0400 6140 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:38:09.0400 6140 RasSstp - ok
15:38:09.0416 6140 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:38:09.0431 6140 rdbss - ok
15:38:09.0431 6140 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:38:09.0462 6140 rdpbus - ok
15:38:09.0494 6140 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:38:09.0494 6140 RDPCDD - ok
15:38:09.0509 6140 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:38:09.0509 6140 RDPENCDD - ok
15:38:09.0525 6140 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:38:09.0525 6140 RDPREFMP - ok
15:38:09.0556 6140 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:38:09.0572 6140 RDPWD - ok
15:38:09.0618 6140 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:38:09.0696 6140 rdyboost - ok
15:38:09.0728 6140 [ A436F5E7D80BBDBB0826D0F176D5BEA8 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:38:09.0743 6140 RegSrvc - ok
15:38:09.0774 6140 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:38:09.0774 6140 RemoteAccess - ok
15:38:09.0790 6140 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:38:09.0790 6140 RemoteRegistry - ok
15:38:09.0806 6140 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:38:09.0837 6140 RFCOMM - ok
15:38:09.0899 6140 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:38:09.0930 6140 RoxMediaDB12OEM - ok
15:38:09.0962 6140 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:38:09.0977 6140 RoxWatch12 - ok
15:38:09.0993 6140 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:38:09.0993 6140 RpcEptMapper - ok
15:38:10.0008 6140 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:38:10.0008 6140 RpcLocator - ok
15:38:10.0040 6140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:38:10.0040 6140 RpcSs - ok
15:38:10.0055 6140 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:38:10.0071 6140 rspndr - ok
15:38:10.0086 6140 [ CE0A1D8A59410E698140821E4E69DA0D ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys
15:38:10.0133 6140 RSUSBVSTOR - ok
15:38:10.0164 6140 [ AFC12DFA4C7B089673AD67402CA19EDB ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:38:10.0180 6140 RTL8167 - ok
15:38:10.0196 6140 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:38:10.0196 6140 SamSs - ok
15:38:10.0196 6140 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:38:10.0211 6140 sbp2port - ok
15:38:10.0227 6140 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:38:10.0227 6140 SCardSvr - ok
15:38:10.0242 6140 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:38:10.0258 6140 scfilter - ok
15:38:10.0274 6140 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:38:10.0289 6140 Schedule - ok
15:38:10.0305 6140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:38:10.0305 6140 SCPolicySvc - ok
15:38:10.0320 6140 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:38:10.0320 6140 SDRSVC - ok
15:38:10.0336 6140 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:38:10.0336 6140 secdrv - ok
15:38:10.0352 6140 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:38:10.0352 6140 seclogon - ok
15:38:10.0367 6140 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:38:10.0367 6140 SENS - ok
15:38:10.0383 6140 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:38:10.0383 6140 SensrSvc - ok
15:38:10.0398 6140 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:38:10.0414 6140 Serenum - ok
15:38:10.0430 6140 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:38:10.0461 6140 Serial - ok
15:38:10.0508 6140 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:38:10.0523 6140 sermouse - ok
15:38:10.0554 6140 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:38:10.0554 6140 SessionEnv - ok
15:38:10.0554 6140 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:38:10.0570 6140 sffdisk - ok
15:38:10.0570 6140 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:38:10.0586 6140 sffp_mmc - ok
15:38:10.0586 6140 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:38:10.0601 6140 sffp_sd - ok
15:38:10.0648 6140 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:38:10.0648 6140 sfloppy - ok
15:38:10.0695 6140 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:38:10.0695 6140 SharedAccess - ok
15:38:10.0710 6140 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:38:10.0726 6140 ShellHWDetection - ok
15:38:10.0726 6140 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:38:10.0757 6140 SiSRaid2 - ok
15:38:10.0773 6140 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:38:10.0788 6140 SiSRaid4 - ok
15:38:10.0820 6140 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:38:10.0835 6140 SkypeUpdate - ok
15:38:10.0851 6140 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:38:10.0851 6140 Smb - ok
15:38:10.0882 6140 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:38:10.0882 6140 SNMPTRAP - ok
15:38:10.0882 6140 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:38:10.0898 6140 spldr - ok
15:38:10.0929 6140 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:38:10.0929 6140 Spooler - ok
15:38:10.0991 6140 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:38:11.0022 6140 sppsvc - ok
15:38:11.0038 6140 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:38:11.0054 6140 sppuinotify - ok
15:38:11.0069 6140 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:38:11.0085 6140 srv - ok
15:38:11.0116 6140 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:38:11.0116 6140 srv2 - ok
15:38:11.0132 6140 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:38:11.0132 6140 srvnet - ok
15:38:11.0163 6140 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:38:11.0163 6140 SSDPSRV - ok
15:38:11.0178 6140 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:38:11.0178 6140 SstpSvc - ok
15:38:11.0194 6140 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:38:11.0194 6140 stexstor - ok
15:38:11.0241 6140 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:38:11.0256 6140 StillCam - ok
15:38:11.0272 6140 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:38:11.0272 6140 stisvc - ok
15:38:11.0303 6140 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:38:11.0319 6140 stllssvr - ok
15:38:11.0319 6140 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:38:11.0334 6140 swenum - ok
15:38:11.0366 6140 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:38:11.0366 6140 swprv - ok
15:38:11.0412 6140 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:38:11.0428 6140 SysMain - ok
15:38:11.0506 6140 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:38:11.0522 6140 TabletInputService - ok
15:38:11.0537 6140 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:38:11.0537 6140 TapiSrv - ok
15:38:11.0553 6140 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:38:11.0553 6140 TBS - ok
15:38:11.0600 6140 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:38:11.0646 6140 Tcpip - ok
15:38:11.0693 6140 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:38:11.0709 6140 TCPIP6 - ok
15:38:11.0724 6140 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:38:11.0724 6140 tcpipreg - ok
15:38:11.0740 6140 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:38:11.0756 6140 TDPIPE - ok
15:38:11.0802 6140 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:38:11.0818 6140 TDTCP - ok
15:38:11.0834 6140 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:38:11.0849 6140 tdx - ok
15:38:11.0865 6140 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:38:11.0865 6140 TermDD - ok
15:38:11.0896 6140 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:38:11.0912 6140 TermService - ok
15:38:11.0912 6140 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:38:11.0912 6140 Themes - ok
15:38:11.0927 6140 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:38:11.0927 6140 THREADORDER - ok
15:38:11.0943 6140 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:38:11.0943 6140 TrkWks - ok
15:38:11.0974 6140 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:38:11.0974 6140 TrustedInstaller - ok
15:38:11.0990 6140 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:38:11.0990 6140 tssecsrv - ok
15:38:12.0005 6140 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:38:12.0036 6140 TsUsbFlt - ok
15:38:12.0036 6140 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:38:12.0036 6140 TsUsbGD - ok
15:38:12.0192 6140 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:38:12.0224 6140 tunnel - ok
15:38:12.0224 6140 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:38:12.0239 6140 uagp35 - ok
15:38:12.0255 6140 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:38:12.0255 6140 udfs - ok
15:38:12.0286 6140 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:38:12.0286 6140 UI0Detect - ok
15:38:12.0286 6140 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:38:12.0302 6140 uliagpkx - ok
15:38:12.0302 6140 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:38:12.0317 6140 umbus - ok
15:38:12.0333 6140 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:38:12.0333 6140 UmPass - ok
15:38:12.0411 6140 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:38:12.0426 6140 UNS - ok
15:38:12.0473 6140 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:38:12.0473 6140 upnphost - ok
15:38:12.0504 6140 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:38:12.0520 6140 USBAAPL64 - ok
15:38:12.0520 6140 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:38:12.0536 6140 usbccgp - ok
15:38:12.0551 6140 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:38:12.0551 6140 usbcir - ok
15:38:12.0567 6140 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:38:12.0567 6140 usbehci - ok
15:38:12.0582 6140 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:38:12.0598 6140 usbhub - ok
15:38:12.0614 6140 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:38:12.0629 6140 usbohci - ok
15:38:12.0629 6140 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:38:12.0645 6140 usbprint - ok
15:38:12.0676 6140 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:38:12.0676 6140 usbscan - ok
15:38:12.0692 6140 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:38:12.0707 6140 USBSTOR - ok
15:38:12.0723 6140 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:38:12.0738 6140 usbuhci - ok
15:38:12.0754 6140 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:38:12.0770 6140 usbvideo - ok
15:38:12.0785 6140 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:38:12.0785 6140 UxSms - ok
15:38:12.0785 6140 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:38:12.0785 6140 VaultSvc - ok
15:38:12.0801 6140 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:38:12.0816 6140 vdrvroot - ok
15:38:12.0848 6140 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:38:12.0848 6140 vds - ok
15:38:12.0863 6140 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:38:12.0863 6140 vga - ok
15:38:12.0879 6140 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:38:12.0879 6140 VgaSave - ok
15:38:12.0894 6140 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:38:12.0910 6140 vhdmp - ok
15:38:12.0926 6140 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:38:12.0926 6140 viaide - ok
15:38:12.0941 6140 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:38:12.0957 6140 volmgr - ok
15:38:13.0004 6140 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:38:13.0004 6140 volmgrx - ok
15:38:13.0019 6140 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:38:13.0050 6140 volsnap - ok
15:38:13.0066 6140 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:38:13.0082 6140 vsmraid - ok
15:38:13.0113 6140 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:38:13.0378 6140 VSS - ok
15:38:13.0409 6140 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:38:13.0409 6140 vwifibus - ok
15:38:13.0440 6140 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:38:13.0440 6140 vwififlt - ok
15:38:13.0440 6140 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:38:13.0456 6140 vwifimp - ok
15:38:13.0472 6140 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:38:13.0487 6140 W32Time - ok
15:38:13.0487 6140 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:38:13.0503 6140 WacomPen - ok
15:38:13.0518 6140 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:38:13.0518 6140 WANARP - ok
15:38:13.0534 6140 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:38:13.0534 6140 Wanarpv6 - ok
15:38:13.0581 6140 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:38:13.0612 6140 WatAdminSvc - ok
15:38:13.0674 6140 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:38:13.0706 6140 wbengine - ok
15:38:13.0721 6140 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:38:13.0721 6140 WbioSrvc - ok
15:38:13.0737 6140 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:38:13.0752 6140 wcncsvc - ok
15:38:13.0752 6140 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:38:13.0752 6140 WcsPlugInService - ok
15:38:13.0768 6140 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:38:13.0784 6140 Wd - ok
15:38:13.0799 6140 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:38:13.0830 6140 Wdf01000 - ok
15:38:13.0846 6140 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:38:13.0846 6140 WdiServiceHost - ok
15:38:13.0846 6140 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:38:13.0862 6140 WdiSystemHost - ok
15:38:13.0877 6140 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:38:13.0877 6140 WebClient - ok
15:38:13.0893 6140 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:38:13.0893 6140 Wecsvc - ok
15:38:13.0908 6140 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:38:13.0924 6140 wercplsupport - ok
15:38:13.0924 6140 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:38:13.0924 6140 WerSvc - ok
15:38:13.0940 6140 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:38:13.0940 6140 WfpLwf - ok
15:38:13.0955 6140 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:38:13.0955 6140 WIMMount - ok
15:38:13.0971 6140 WinDefend - ok
15:38:13.0986 6140 WinHttpAutoProxySvc - ok
15:38:14.0018 6140 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:38:14.0033 6140 Winmgmt - ok
15:38:14.0064 6140 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:38:14.0127 6140 WinRM - ok
15:38:14.0174 6140 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:38:14.0189 6140 WinUsb - ok
15:38:14.0205 6140 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:38:14.0220 6140 Wlansvc - ok
15:38:14.0252 6140 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:38:14.0252 6140 wlcrasvc - ok
15:38:14.0330 6140 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:38:14.0345 6140 wlidsvc - ok
15:38:14.0376 6140 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:38:14.0376 6140 WmiAcpi - ok
15:38:14.0392 6140 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:38:14.0408 6140 wmiApSrv - ok
15:38:14.0423 6140 WMPNetworkSvc - ok
15:38:14.0439 6140 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:38:14.0454 6140 WPCSvc - ok
15:38:14.0454 6140 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:38:14.0470 6140 WPDBusEnum - ok
15:38:14.0470 6140 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:38:14.0470 6140 ws2ifsl - ok
15:38:14.0486 6140 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:38:14.0486 6140 wscsvc - ok
15:38:14.0517 6140 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:38:14.0532 6140 WSDPrintDevice - ok
15:38:14.0532 6140 WSearch - ok
15:38:14.0626 6140 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:38:14.0626 6140 wuauserv - ok
15:38:14.0642 6140 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:38:14.0642 6140 WudfPf - ok
15:38:14.0673 6140 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:38:14.0673 6140 WUDFRd - ok
15:38:14.0688 6140 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:38:14.0688 6140 wudfsvc - ok
15:38:14.0704 6140 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:38:14.0704 6140 WwanSvc - ok
15:38:14.0720 6140 ================ Scan global ===============================
15:38:14.0735 6140 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:38:14.0751 6140 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:38:14.0766 6140 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:38:14.0766 6140 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:38:14.0782 6140 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:38:14.0782 6140 [Global] - ok
15:38:14.0798 6140 ================ Scan MBR ==================================
15:38:14.0798 6140 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:38:15.0032 6140 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:38:15.0032 6140 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:38:15.0032 6140 ================ Scan VBR ==================================
15:38:15.0063 6140 [ D0A8F6448EE693274D1F67045B9D2517 ] \Device\Harddisk0\DR0\Partition1
15:38:15.0063 6140 \Device\Harddisk0\DR0\Partition1 - ok
15:38:15.0078 6140 [ 1DD622AD9B92874D3CEBA911DBD36848 ] \Device\Harddisk0\DR0\Partition2
15:38:15.0078 6140 \Device\Harddisk0\DR0\Partition2 - ok
15:38:15.0078 6140 ============================================================
15:38:15.0078 6140 Scan finished
15:38:15.0078 6140 ============================================================
15:38:15.0094 6132 Detected object count: 1
15:38:15.0094 6132 Actual detected object count: 1
15:38:31.0163 6132 \Device\Harddisk0\DR0\TDLFS - deleted
15:38:31.0163 6132 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
15:39:28.0647 3836 Deinitialize success

Malwarebytes

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.29.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jkara :: JKARA-PC [administrator]

9/29/2012 3:41:02 PM
mbam-log-2012-09-29 (15-41-02).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 408715
Time elapsed: 31 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCR\Interface\{77777777-7777-7777-7777-770077227758} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

mini toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by jkara (administrator) on 29-09-2012 at 16:24:48
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Intel® Centrino® Advanced-N 6230 = Wireless Network Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : jkara-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 88-53-2E-6F-7C-4C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 88-53-2E-6F-7C-4C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 88-53-2E-6F-7C-4F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6230
Physical Address. . . . . . . . . : 88-53-2E-6F-7C-4B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-21-70-64-54-F7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::85c:2653:7f77:f61a%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.12(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, September 29, 2012 4:16:19 PM
Lease Expires . . . . . . . . . . : Sunday, September 30, 2012 4:16:19 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234889584
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-5E-20-82-00-21-70-64-54-F7
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{4A31E5D3-06AB-457F-8208-9D35BA041CF5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{30F5BB8F-C645-4880-9AFF-1EF02C0A90DF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{16C36DA8-237E-46B9-A705-AFB5C9D09934}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F473AC84-399C-4022-A6EB-A9B2849ED343}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{DC411268-3064-4694-838D-7D5C7EA3A8BE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:24:297d:e7c1:ce4c(Preferred)
Link-local IPv6 Address . . . . . : fe80::24:297d:e7c1:ce4c%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:802::1001
74.125.226.232
74.125.226.238
74.125.226.233
74.125.226.228
74.125.226.225
74.125.226.224
74.125.226.227
74.125.226.231
74.125.226.230
74.125.226.229
74.125.226.226


Pinging google.com [74.125.226.206] with 32 bytes of data:
Reply from 74.125.226.206: bytes=32 time=17ms TTL=54
Reply from 74.125.226.206: bytes=32 time=16ms TTL=54

Ping statistics for 74.125.226.206:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 17ms, Average = 16ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=106ms TTL=50
Reply from 72.30.38.140: bytes=32 time=637ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 106ms, Maximum = 637ms, Average = 371ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...88 53 2e 6f 7c 4c ......Microsoft Virtual WiFi Miniport Adapter #2
15...88 53 2e 6f 7c 4c ......Microsoft Virtual WiFi Miniport Adapter
14...88 53 2e 6f 7c 4f ......Bluetooth Device (Personal Area Network)
12...88 53 2e 6f 7c 4b ......Intel® Centrino® Advanced-N 6230
11...00 21 70 64 54 f7 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.12 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.12 276
192.168.1.12 255.255.255.255 On-link 192.168.1.12 276
192.168.1.255 255.255.255.255 On-link 192.168.1.12 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.12 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.12 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:4137:9e76:24:297d:e7c1:ce4c/128
On-link
11 276 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::24:297d:e7c1:ce4c/128
On-link
11 276 fe80::85c:2653:7f77:f61a/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/29/2012 04:16:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2012 03:13:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2012 02:40:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2012 02:36:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2012 01:58:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/29/2012 03:05:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 72187747

Error: (09/29/2012 03:05:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 72187747

Error: (09/29/2012 03:05:52 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/29/2012 03:05:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 72172162

Error: (09/29/2012 03:05:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 72172162


System errors:
=============
Error: (09/29/2012 04:17:28 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/29/2012 03:14:08 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/29/2012 02:41:43 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/29/2012 02:37:04 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/29/2012 02:27:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2676562).

Error: (09/29/2012 02:27:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715).

Error: (09/29/2012 02:27:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2679255).

Error: (09/29/2012 01:58:42 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/29/2012 01:34:59 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (09/29/2012 01:34:29 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.1.391.0)
Bing Maps 3D (Version: 4.0.903.16005)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blio (Version: 2.3.7140)
Bonjour (Version: 3.0.0.10)
CIR Registry (Version: 1.00.0000)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink YouPaint (Version: 1.2.2124)
D3DX10 (Version: 15.4.2368.0902)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell KM632 Wireless Keyboard Caps Lock Indicator (Version: 2.1.9.0401)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Product Registration (Version: 1.1.3)
Dell Stage (Version: 1.5.201.0)
Dell Touch Software Suite Games (Version: 1.5.133.0)
Dell VideoStage (Version: 1.2.0.1712)
Dell Webcam Central (Version: 2.00.44)
DELLOSD (Version: 1.0.0.10)
DirectX 9 Runtime (Version: 1.00.0000)
ESET Online Scanner v3
ESET Smart Security (Version: 5.2.9.1)
Face Recognition (Version: 3.1.70.1)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.123)
High-Definition Video Playback (Version: 7.3.10000.0.0)
HP Photo Creations (Version: 1.0.0.5192)
HP Photosmart 5510 series Basic Device Software (Version: 25.0.621.0)
HP Photosmart 5510 series Help (Version: 140.0.2.2)
HP Photosmart 5510 series Product Improvement Study (Version: 25.0.621.0)
HP Update (Version: 5.003.000.004)
Intel PROSet Wireless
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2401)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (Version: 1.1.0.0157)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.1.0.0537)
Intel® PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel® WiDi (Version: 2.1.39.0)
Intel® Wireless Display
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (64-bit) (Version: 6.0.270)
Java™ 6 Update 27 (Version: 6.0.270)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (Version: 1.0.40517.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nero 10 Movie ThemePack Basic (Version: 10.2.10200.0.0)
Nero Control Center 10 (Version: 10.6.12500.0.5)
Nero ControlCenter 10 Help (CHM) (Version: 10.2.10800)
Nero Core Components 10 (Version: 2.0.20000.9.12)
Nero Update (Version: 11.0.11500.28.0)
ooVoo (Version: 3.0.7031)
PhotoShowExpress (Version: 2.0.063)
PlayReady PC Runtime x86 (Version: 1.3.0)
PMB (Version: 5.5.02.12220)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6382)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Sony Image Data Suite (Version: 3.2.00.19080)
StickyNotes (Version: 1.5.135.0)
SyncUP (Version: 1.10.11100.8.106)
SyncUP (Version: 10.2.15400)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 4001.09 MB
Available physical RAM: 2272.61 MB
Total Pagefile: 8000.37 MB
Available Pagefile: 5833.71 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.54 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:865.43 GB) NTFS
2 Drive d: (HP PS5510) (CDROM) (Total:0.24 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\JKARA-PC

Administrator Avery Guest
jkara Rhys

========================= Restore Points ==================================

13-09-2012 17:07:30 Windows Update
13-09-2012 17:55:38 Windows Update
27-09-2012 13:58:26 Windows Update
27-09-2012 18:24:37 Windows Update
28-09-2012 07:00:25 Windows Update
29-09-2012 07:00:22 Windows Update
29-09-2012 18:26:56 Windows Update

**** End of log ****


FSS

Farbar Service Scanner Version: 19-09-2012
Ran by jkara (administrator) on 29-09-2012 at 16:27:18
Running from "C:\Users\jkara\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner

# AdwCleaner v2.003 - Logfile created 09/29/2012 at 16:28:43
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : jkara - JKARA-PC
# Boot Mode : Normal
# Running from : C:\Users\jkara\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\jkara\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0
Folder Deleted : C:\Users\jkara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\I Want This
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\jkara\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2030 octets] - [29/09/2012 16:28:43]

########## EOF - C:\AdwCleaner[S1].txt - [2090 octets] ##########


junkware removal tool

Junkware Removal Tool (JRT) by Thisisu
Version: 1.1.5 (09.28.2012)
OS: Windows 7 Home Premium x64
Ran by jkara on Sat 09/29/2012 at 16:38:31.48
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Registry Values: 0 Detections



*** Registry Keys:

ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
ERROR: Access is denied.

Failed to delete: [KEY-LOCKED!] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}



*** Files: 0 Detections



*** Folders: 0 Detections



Removed the following from [PREFS.JS] :



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sat 09/29/2012 at 16:38:42.36
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:11 AM

Posted 29 September 2012 - 03:53 PM

Please run malwarebytes scan once again and post the log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 jkara

jkara
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 29 September 2012 - 05:55 PM

More logs:

Malwarebytes:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.29.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jkara :: JKARA-PC [administrator]

9/29/2012 6:08:30 PM
mbam-log-2012-09-29 (18-08-30).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 409438
Time elapsed: 31 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

RKill

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/29/2012 06:42:59 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 09/29/2012 06:43:12 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)

Autoruns

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "BTMTrayAgent" "Bluetooth Shell Extension" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\btmshell.dll"
+ "DellStage" "Dell Stage" "" "c:\program files (x86)\dell stage\dell stage\stage_primary.exe"
+ "egui" "ESET GUI" "ESET" "c:\program files\eset\eset smart security\egui.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelPAN" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AccuWeatherWidget" "AccuWeather.com desktop weather widget" "" "c:\program files (x86)\dell stage\dell stage\accuweather\accuweather.exe"
+ "Chicony_OSD" "" "" "c:\program files (x86)\dell\dell km632 wireless keyboard caps lock indicator\launchosdsrv.exe"
+ "Dell Registration" "System Registration" "Dell, Inc." "c:\program files (x86)\system registration\prodreg.exe"
+ "DELLOSD" "" "" "c:\program files (x86)\dell\dellosd\fastuserswitching.exe"
+ "FATrayAlert" "FATrayMon" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\fatraymon.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "StickyNotesWidget" "Fingertapps StickyNotes startup widgets" "" "c:\program files (x86)\dell touch software suite\stickynotes\notes_startup_widgets.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HP Photosmart 5510 series (NET)" "ScanToPCActivationApp" "Hewlett-Packard Co." "c:\program files\hp\hp photosmart 5510 series\bin\scantopcactivationapp.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "BTMSentToExt" "Bluetooth Shell Extension" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\btmshell.dll"
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\shellext.dll"
+ "Roxio Burn" "TODO: <File description>" "TODO: <Company name>" "c:\program files\roxio\roxio burn\rb_contextmenu64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\x86\shellext.dll"
+ "Roxio Burn" "TODO: <File description>" "TODO: <Company name>" "c:\program files (x86)\roxio\oem\roxio burn\rb_contextmenu.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\shellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "ESET Smart Security - Context Menu Shell Extension" "Shell Extension" "ESET" "c:\program files\eset\eset smart security\x86\shellext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Face recognition web login for FastAccess" "Face recognition web login for FastAccess" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\x64\faiesso.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Face recognition web login for FastAccess" "Face recognition web login for FastAccess" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\faiesso.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-3794476985-1957940466-3425792990-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\jkara\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-3794476985-1957940466-3425792990-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\jkara\appdata\local\facebook\update\facebookupdate.exe"
+ "\HP Photo Creations Messager" "" "" "c:\programdata\hp photo creations\messagecheck.exe"
+ "\HPCustParticipation HP Photosmart 5510 series" "HP Customer Participation." "Hewlett-Packard Co." "c:\program files\hp\hp photosmart 5510 series\bin\hpcustpartic.exe"
+ "\JavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\TabletPC\InputPersonalization" "" "" "File not found: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "AMPPALR3" "Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter" "Intel Corporation" "c:\program files\intel\bluetoothhs\bthsamppalservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\7.1.391.0\seaport.exe"
+ "Bluetooth Device Monitor" "A process to monitor Bluetooth radio state and configure Bluetooth remote folders." "Intel Corporation" "c:\program files (x86)\intel\bluetooth\devmonsrv.exe"
+ "Bluetooth Media Service" "Provides Bluetooth Media Profiles support" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\mediasrv.exe"
+ "Bluetooth OBEX Service" "Provides Bluetooth File Transfer Protocol support." "Intel Corporation" "c:\program files (x86)\intel\bluetooth\obexsrv.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BTHSSecurityMgr" "Manages the 802.1x security between two Bluetooth® High Speed connections." "Intel® Corporation" "c:\program files\intel\bluetoothhs\bthssecuritymgr.exe"
+ "Dell WMI Service" "" "" "c:\program files (x86)\dell\dellosd\dellosdservice.exe"
+ "ekrn" "ESET Service" "ESET" "c:\program files\eset\eset smart security\x86\ekrn.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "FAService" "FAService" "Sensible Vision " "c:\program files (x86)\sensible vision\fast access\faservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "NAUpdate" "Provides access to Nero application updates and manages Nero applications." "Nero AG" "c:\program files (x86)\nero\update\nasvc.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "OSDSvc" "OSD Service Application" "Chicony" "c:\program files (x86)\dell\dell km632 wireless keyboard caps lock indicator\osdsrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "PMBDeviceInfoProvider" "Enables PMB to communicate with the device." "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbdeviceinfoprovider.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "RoxMediaDB12OEM" "Roxio RoxMediaDB12OEM Service" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxmediadb12oem.exe"
+ "RoxWatch12" "RoxWatch12 Module" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\sharedcom\roxwatch12oem.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "03521980" "" "" "File not found: C:\Windows\System32\Drivers\03521980.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AMPPAL" "Intel® Centrino® Bluetooth 3.0 + High Speed Virtual Adapter" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "AMPPALP" "Intel® Centrino® Bluetooth 3.0 + High Speed Protocol" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "btmaux" "Bluetooth Auxiliary Driver" "Intel Corporation" "c:\windows\system32\drivers\btmaux.sys"
+ "btmhsf" "Bluetooth HighSpeed Filter Driver" "Intel Corporation" "c:\windows\system32\drivers\btmhsf.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CtClsFlt" "Video Class Upper Filter Driver (64-bit)" "Creative Technology Ltd." "c:\windows\system32\drivers\ctclsflt.sys"
+ "eamonm" "Eset file on-access scanner" "ESET" "c:\windows\system32\drivers\eamonm.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "ehdrv" "Eset Helper driver" "ESET" "c:\windows\system32\drivers\ehdrv.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "epfw" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfw.sys"
+ "EpfwLWF" "Epfw NDIS LightWeight Filter" "ESET" "c:\windows\system32\drivers\epfwlwf.sys"
+ "epfwwfp" "EPFW Filter Driver" "ESET" "c:\windows\system32\drivers\epfwwfp.sys"
+ "FACAP" "faCap WebCam Capture" "Sensible Vision " "c:\windows\system32\drivers\facap.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iBtFltCoex" "Intel® Centrino® Wireless (Bluetooth Adapter) Driver" "Intel Corporation" "c:\windows\system32\drivers\ibtfltcoex.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys"
+ "intaud_WaveExtensible" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\intelaud.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "itecir" "ITE Consumer IR Driver for eHome" "ITE Tech. Inc. " "c:\windows\system32\drivers\itecir.sys"
+ "iwdbus" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\iwdbus.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBVSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsuvstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "VDP Renderer" "VDP Filter" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\vdpsnka.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Creative Correct TimeStamp Filter" "Creative Correct TimeStamp Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctfrfix.ax"
+ "Creative H264 No Quality Control Filter" "Creative No Quality Control Filter" "Creative Technology Ltd." "c:\program files (x86)\dell webcam\dell webcam central\cth264noqc.ax"
+ "Creative MJPEG Decoder 2" "Decoder" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\ctmjpgdec2.ax"
+ "Creative Video Processing Filter" "Creative Video Processing Filter" "Creative Technology Ltd." "c:\program files (x86)\creative\shared files\vidprocu.ax"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Half Size to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmwriter.ax"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mediaanalyser.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "PSI Parser" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "QIC1802 Demux" "QIC1802 Demux" "Quanta Computer Inc." "c:\program files (x86)\dell webcam\dell webcam central\qicdemux.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Anaglyph to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Audio Source 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Roxio Audio Source Filter" "Roxio Audio Source Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiosource.ax"
+ "Roxio Audio Stream Reader Filter" "Roxio Audio Stream Reader Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamreader.ax"
+ "Roxio Audio Stream Writer Filter" "Roxio Audio Stream Writer Filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsaudiostreamwriter.ax"
+ "ROXIO Audio VCFChunker 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Audio VCFLooper 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioConvert 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO AudioGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO BDAV Smart Render 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ColorSpace Converter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CPU Regulator" "CPURegulator.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\cpuregulator.ax"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "roxio DCFilters Audio Sync Filter 2 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Dragons Lair 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVD Muxer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Reader 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters DVDStream Splitter 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Mpeg I/II Decoder 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters MPEG Transcoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Smart Resizer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "roxio DCFilters Subpicture Mixer 10" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\dllshared\dcfilters12oem.dll"
+ "ROXIO Deinterlace 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DV Scene Detector Tee 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Combiner 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Field Splitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio File Writer Wrapper" "Roxio File Writer Wrapper" "Sonic" "c:\program files (x86)\roxio\oem\videocore 12\roxfilewriterwrapper.ax"
+ "ROXIO Image/Colour Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ListImage Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\lvmasync.ax"
+ "Roxio Mp3 Encoder (SC)" "Roxio Audio Codec DLL" "Sonic Solutions" "c:\program files (x86)\roxio\oem\audiocodec\rxdsmp3encoder.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Pin Tee" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\plasmacgfilter.ax"
+ "ROXIO QT Source" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO QuickGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mgirawwriter.dll"
+ "Roxio RealD to Stereo" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO SceneRecorder 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mginullip.ax"
+ "Roxio StereoSource Cropper" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO ThumbnailGrabber 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAlphaSplitter 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFAudioMixer 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFHDVSceneDetect 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFLatency 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFpeakmeter 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO VCFStationLogo 1.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFVideoCutList 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VCFWaveform 1.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "ROXIO Video Effect 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Integrate" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video Resampler 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio Video Rotater," "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO Video VCFLooper 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "ROXIO VideoCombine 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "Roxio Audio Filters" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxaudio.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\mvwcdsutil.dll"
+ "Sonic Audio Resampler" "Audio Resampler Direct Show Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_trans_audio_samplerate_ds.ax"
+ "Sonic Cinemaster® Audio Decoder 4.3 (No Dolby)" "SonicHDAudio" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemasteraudiond.dll"
+ "Sonic Cinemaster® VideoDecoder 4.3 (EMC12)" "CinemasterVideo" "Sonic Solutions" "c:\program files (x86)\roxio\oem\common\cinemastervideo.dll"
+ "Sonic HD Demuxer" "Sonic HD Demuxer" "" "c:\program files (x86)\roxio\oem\common\sonichddemuxer.dll"
+ "Sonic MPEG Multiplexer" "MPEG Multiplexer-Plus DS Filter" "Sonic Solutions Inc." "c:\program files (x86)\roxio\oem\audiocodec\filters\c12oem_mux_mp2_ds.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc." "c:\program files (x86)\common files\sonic shared\sonicmc02\c12oem_dec_mp2v_ds.ax"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files (x86)\common files\roxio shared\oem\12.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCG Video Mixer 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VCGImageSource" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "VDP Renderer" "VDP Filter" "Intel Corporation" "c:\program files (x86)\intel\bluetooth\vdpsnk.dll"
+ "VMR9 Wrapper 3.0" "VideoCompositing Module" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\videocompositing.ax"
+ "Vorbis Decode Filter" "ogg DShow filters" "" "c:\program files (x86)\common files\roxio shared\ogg_flac codecs\dsfvorbisdecoder.dll"
+ "VW Input Selector" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Input Selector 2" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "VW Video Transition" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files (x86)\roxio\oem\videocore 12\roxvideo.ax"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WD Secure Source Filter" "Intel® WiDi Secure Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsecuresourcefilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "FACredProv" "FACredProv Application" "Sensible Vision " "c:\windows\system32\facredprov.dll"
+ "FACredProv2" "FACredProv2 Application" "Sensible Vision " "c:\windows\system32\facredprov2.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "FACredProvFilter" "FACredProv Application" "Sensible Vision " "c:\windows\system32\facredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP a111 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinkstsa111lm.dll"
+ "HP Discovery Port Monitor (HP Photosmart 5510 series)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopma111.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "FAPassSync" "FAPassSync" "Sensible Vision " "c:\windows\system32\fapasssync.dll"

Thanks!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:11 AM

Posted 29 September 2012 - 06:19 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

Edited by narenxp, 29 September 2012 - 06:19 PM.


#9 jkara

jkara
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 29 September 2012 - 07:35 PM

Thank you so much.......I don't hear the voices anymore.......and my PC is so clean! It's a miracle!! Thanks again :-))

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:11 AM

Posted 29 September 2012 - 08:34 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users