Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect/click for amazing results virus


  • Please log in to reply
9 replies to this topic

#1 danthon5

danthon5

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 29 September 2012 - 01:13 PM

Hi,

I am infected with the Google redirect/click to get amazing results virus. I have Windows 7 64-bit. AVG and TDSSKiller find nothing. Can someone please help me?

Thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:49 PM

Posted 29 September 2012 - 01:16 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 danthon5

danthon5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 01 October 2012 - 10:34 AM

TDSSkiller

18:13:20.0683 6348 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:13:21.0033 6348 ============================================================
18:13:21.0033 6348 Current date / time: 2012/09/29 18:13:21.0033
18:13:21.0033 6348 SystemInfo:
18:13:21.0033 6348
18:13:21.0033 6348 OS Version: 6.1.7601 ServicePack: 1.0
18:13:21.0033 6348 Product type: Workstation
18:13:21.0033 6348 ComputerName: DAVEANTHONY
18:13:21.0033 6348 UserName: Dave Anthony
18:13:21.0033 6348 Windows directory: C:\Windows
18:13:21.0033 6348 System windows directory: C:\Windows
18:13:21.0033 6348 Running under WOW64
18:13:21.0033 6348 Processor architecture: Intel x64
18:13:21.0033 6348 Number of processors: 4
18:13:21.0033 6348 Page size: 0x1000
18:13:21.0033 6348 Boot type: Normal boot
18:13:21.0033 6348 ============================================================
18:13:21.0794 6348 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:13:21.0804 6348 ============================================================
18:13:21.0804 6348 \Device\Harddisk0\DR0:
18:13:21.0804 6348 MBR partitions:
18:13:21.0804 6348 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:13:21.0804 6348 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48B04800
18:13:21.0804 6348 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x48B68800, BlocksNum 0x1CBB800
18:13:21.0804 6348 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
18:13:21.0804 6348 ============================================================
18:13:21.0824 6348 C: <-> \Device\Harddisk0\DR0\Partition2
18:13:21.0864 6348 D: <-> \Device\Harddisk0\DR0\Partition3
18:13:21.0874 6348 F: <-> \Device\Harddisk0\DR0\Partition4
18:13:21.0884 6348 ============================================================
18:13:21.0884 6348 Initialize success
18:13:21.0884 6348 ============================================================
18:13:44.0740 7912 ============================================================
18:13:44.0740 7912 Scan started
18:13:44.0740 7912 Mode: Manual; TDLFS;
18:13:44.0740 7912 ============================================================
18:13:45.0957 7912 ================ Scan system memory ========================
18:13:45.0957 7912 System memory - ok
18:13:45.0957 7912 ================ Scan services =============================
18:13:46.0284 7912 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:13:46.0284 7912 1394ohci - ok
18:13:46.0347 7912 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
18:13:46.0347 7912 Accelerometer - ok
18:13:46.0440 7912 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:13:46.0456 7912 ACPI - ok
18:13:46.0487 7912 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:13:46.0487 7912 AcpiPmi - ok
18:13:46.0581 7912 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:13:46.0627 7912 AdobeARMservice - ok
18:13:46.0674 7912 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:13:46.0690 7912 adp94xx - ok
18:13:46.0737 7912 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:13:46.0752 7912 adpahci - ok
18:13:46.0799 7912 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:13:46.0815 7912 adpu320 - ok
18:13:46.0830 7912 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:13:46.0830 7912 AeLookupSvc - ok
18:13:46.0955 7912 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
18:13:46.0955 7912 AESTFilters - ok
18:13:47.0002 7912 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:13:47.0017 7912 AFD - ok
18:13:47.0049 7912 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:13:47.0064 7912 agp440 - ok
18:13:47.0080 7912 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:13:47.0080 7912 ALG - ok
18:13:47.0127 7912 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:13:47.0142 7912 aliide - ok
18:13:47.0142 7912 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:13:47.0142 7912 amdide - ok
18:13:47.0173 7912 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:13:47.0173 7912 AmdK8 - ok
18:13:47.0205 7912 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:13:47.0205 7912 AmdPPM - ok
18:13:47.0251 7912 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:13:47.0251 7912 amdsata - ok
18:13:47.0283 7912 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:13:47.0283 7912 amdsbs - ok
18:13:47.0314 7912 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:13:47.0314 7912 amdxata - ok
18:13:47.0361 7912 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
18:13:47.0376 7912 AMPPAL - ok
18:13:47.0392 7912 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
18:13:47.0392 7912 AMPPALP - ok
18:13:47.0548 7912 [ 576134E43169810B560F0BB6FDEE13F5 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:13:47.0579 7912 AMPPALR3 - ok
18:13:47.0626 7912 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:13:47.0641 7912 AppID - ok
18:13:47.0673 7912 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:13:47.0688 7912 AppIDSvc - ok
18:13:47.0719 7912 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:13:47.0719 7912 Appinfo - ok
18:13:47.0813 7912 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:13:47.0829 7912 Apple Mobile Device - ok
18:13:47.0907 7912 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:13:47.0907 7912 arc - ok
18:13:47.0938 7912 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:13:47.0938 7912 arcsas - ok
18:13:47.0953 7912 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:13:47.0953 7912 AsyncMac - ok
18:13:47.0969 7912 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:13:47.0969 7912 atapi - ok
18:13:48.0016 7912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:13:48.0031 7912 AudioEndpointBuilder - ok
18:13:48.0047 7912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:13:48.0063 7912 AudioSrv - ok
18:13:48.0250 7912 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
18:13:48.0390 7912 AVGIDSAgent - ok
18:13:48.0437 7912 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:13:48.0453 7912 AVGIDSDriver - ok
18:13:48.0484 7912 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
18:13:48.0484 7912 AVGIDSFilter - ok
18:13:48.0515 7912 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
18:13:48.0531 7912 AVGIDSHA - ok
18:13:48.0562 7912 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
18:13:48.0577 7912 Avgldx64 - ok
18:13:48.0609 7912 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
18:13:48.0609 7912 Avgmfx64 - ok
18:13:48.0640 7912 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
18:13:48.0640 7912 Avgrkx64 - ok
18:13:48.0687 7912 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
18:13:48.0687 7912 Avgtdia - ok
18:13:48.0733 7912 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
18:13:48.0749 7912 avgtp - ok
18:13:48.0780 7912 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
18:13:48.0780 7912 avgwd - ok
18:13:48.0827 7912 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:13:48.0827 7912 AxInstSV - ok
18:13:48.0874 7912 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:13:48.0874 7912 b06bdrv - ok
18:13:48.0905 7912 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:13:48.0921 7912 b57nd60a - ok
18:13:48.0983 7912 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:13:49.0014 7912 BCM43XX - ok
18:13:49.0045 7912 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:13:49.0045 7912 BDESVC - ok
18:13:49.0077 7912 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:13:49.0077 7912 Beep - ok
18:13:49.0139 7912 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:13:49.0155 7912 BFE - ok
18:13:49.0217 7912 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
18:13:49.0233 7912 BITS - ok
18:13:49.0264 7912 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:13:49.0264 7912 blbdrive - ok
18:13:49.0342 7912 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:13:49.0357 7912 Bonjour Service - ok
18:13:49.0420 7912 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:13:49.0420 7912 bowser - ok
18:13:49.0451 7912 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:13:49.0451 7912 BrFiltLo - ok
18:13:49.0482 7912 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:13:49.0498 7912 BrFiltUp - ok
18:13:49.0545 7912 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:13:49.0545 7912 BridgeMP - ok
18:13:49.0576 7912 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:13:49.0576 7912 Browser - ok
18:13:49.0607 7912 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:13:49.0623 7912 Brserid - ok
18:13:49.0654 7912 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:13:49.0654 7912 BrSerWdm - ok
18:13:49.0685 7912 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:13:49.0685 7912 BrUsbMdm - ok
18:13:49.0716 7912 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:13:49.0716 7912 BrUsbSer - ok
18:13:49.0732 7912 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:13:49.0747 7912 BTHMODEM - ok
18:13:49.0825 7912 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:13:49.0825 7912 bthserv - ok
18:13:49.0855 7912 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:13:49.0855 7912 BTHSSecurityMgr - ok
18:13:49.0915 7912 catchme - ok
18:13:49.0955 7912 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:13:49.0965 7912 cdfs - ok
18:13:49.0995 7912 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:13:50.0015 7912 cdrom - ok
18:13:50.0065 7912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:13:50.0065 7912 CertPropSvc - ok
18:13:50.0095 7912 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:13:50.0105 7912 circlass - ok
18:13:50.0145 7912 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:13:50.0145 7912 CLFS - ok
18:13:50.0245 7912 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
18:13:50.0255 7912 CLKMSVC10_38F51D56 - ok
18:13:50.0325 7912 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:13:50.0345 7912 clr_optimization_v2.0.50727_32 - ok
18:13:50.0395 7912 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:13:50.0405 7912 clr_optimization_v2.0.50727_64 - ok
18:13:50.0475 7912 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:13:50.0495 7912 clr_optimization_v4.0.30319_32 - ok
18:13:50.0545 7912 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:13:50.0555 7912 clr_optimization_v4.0.30319_64 - ok
18:13:50.0585 7912 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
18:13:50.0605 7912 clwvd - ok
18:13:50.0645 7912 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:13:50.0645 7912 CmBatt - ok
18:13:50.0675 7912 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:13:50.0675 7912 cmdide - ok
18:13:50.0725 7912 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:13:50.0735 7912 CNG - ok
18:13:50.0785 7912 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:13:50.0785 7912 Compbatt - ok
18:13:50.0815 7912 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:13:50.0815 7912 CompositeBus - ok
18:13:50.0825 7912 COMSysApp - ok
18:13:50.0885 7912 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:13:50.0885 7912 crcdisk - ok
18:13:50.0975 7912 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:13:51.0005 7912 CryptSvc - ok
18:13:51.0075 7912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:13:51.0085 7912 DcomLaunch - ok
18:13:51.0115 7912 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:13:51.0125 7912 defragsvc - ok
18:13:51.0145 7912 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:13:51.0145 7912 DfsC - ok
18:13:51.0195 7912 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:13:51.0205 7912 Dhcp - ok
18:13:51.0225 7912 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:13:51.0225 7912 discache - ok
18:13:51.0275 7912 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:13:51.0275 7912 Disk - ok
18:13:51.0315 7912 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:13:51.0325 7912 Dnscache - ok
18:13:51.0375 7912 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:13:51.0375 7912 dot3svc - ok
18:13:51.0395 7912 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:13:51.0395 7912 DPS - ok
18:13:51.0415 7912 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:13:51.0425 7912 drmkaud - ok
18:13:51.0455 7912 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:13:51.0475 7912 DXGKrnl - ok
18:13:51.0515 7912 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:13:51.0515 7912 EapHost - ok
18:13:51.0635 7912 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:13:51.0735 7912 ebdrv - ok
18:13:51.0775 7912 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:13:51.0785 7912 EFS - ok
18:13:51.0855 7912 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:13:51.0902 7912 ehRecvr - ok
18:13:51.0933 7912 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:13:51.0933 7912 ehSched - ok
18:13:51.0996 7912 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:13:51.0996 7912 elxstor - ok
18:13:52.0027 7912 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:13:52.0027 7912 ErrDev - ok
18:13:52.0074 7912 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:13:52.0074 7912 EventSystem - ok
18:13:52.0167 7912 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:13:52.0245 7912 EvtEng - ok
18:13:52.0308 7912 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:13:52.0308 7912 exfat - ok
18:13:52.0323 7912 ezSharedSvc - ok
18:13:52.0355 7912 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:13:52.0370 7912 fastfat - ok
18:13:52.0401 7912 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:13:52.0417 7912 Fax - ok
18:13:52.0448 7912 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:13:52.0448 7912 fdc - ok
18:13:52.0464 7912 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:13:52.0464 7912 fdPHost - ok
18:13:52.0479 7912 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:13:52.0495 7912 FDResPub - ok
18:13:52.0526 7912 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:13:52.0526 7912 FileInfo - ok
18:13:52.0542 7912 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:13:52.0542 7912 Filetrace - ok
18:13:52.0557 7912 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:13:52.0557 7912 flpydisk - ok
18:13:52.0604 7912 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:13:52.0604 7912 FltMgr - ok
18:13:52.0667 7912 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:13:52.0698 7912 FontCache - ok
18:13:52.0729 7912 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:13:52.0729 7912 FontCache3.0.0.0 - ok
18:13:52.0807 7912 [ 6AA4E6B4EA50620AB622A048394C4AA2 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
18:13:52.0823 7912 FPLService - ok
18:13:52.0838 7912 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:13:52.0854 7912 FsDepends - ok
18:13:52.0869 7912 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:13:52.0869 7912 Fs_Rec - ok
18:13:52.0916 7912 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:13:52.0932 7912 fvevol - ok
18:13:52.0963 7912 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:13:52.0963 7912 gagp30kx - ok
18:13:52.0994 7912 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:13:52.0994 7912 GEARAspiWDM - ok
18:13:53.0041 7912 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:13:53.0057 7912 gpsvc - ok
18:13:53.0103 7912 [ 8CB555D47427CF254E726598CBFB8994 ] hcw72ADFilter C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
18:13:53.0103 7912 hcw72ADFilter - ok
18:13:53.0197 7912 [ 8C33395CE856F3604DBE173DFA4A10CE ] hcw72ATV C:\Windows\system32\DRIVERS\hcw72ATV.sys
18:13:53.0213 7912 hcw72ATV - ok
18:13:53.0306 7912 [ 19BFF56B0EDC3477D71AF3B442ECB5C3 ] hcw72DTV C:\Windows\system32\DRIVERS\hcw72DTV.sys
18:13:53.0322 7912 hcw72DTV - ok
18:13:53.0337 7912 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:13:53.0353 7912 hcw85cir - ok
18:13:53.0384 7912 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:13:53.0400 7912 HdAudAddService - ok
18:13:53.0431 7912 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:13:53.0431 7912 HDAudBus - ok
18:13:53.0447 7912 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:13:53.0447 7912 HidBatt - ok
18:13:53.0462 7912 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:13:53.0478 7912 HidBth - ok
18:13:53.0493 7912 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:13:53.0493 7912 HidIr - ok
18:13:53.0525 7912 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:13:53.0525 7912 hidserv - ok
18:13:53.0571 7912 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:13:53.0571 7912 HidUsb - ok
18:13:53.0587 7912 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:13:53.0603 7912 hkmsvc - ok
18:13:53.0634 7912 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:13:53.0634 7912 HomeGroupListener - ok
18:13:53.0665 7912 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:13:53.0665 7912 HomeGroupProvider - ok
18:13:53.0743 7912 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:13:53.0759 7912 HP Support Assistant Service - ok
18:13:53.0868 7912 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
18:13:53.0899 7912 HPClientSvc - ok
18:13:53.0977 7912 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
18:13:54.0008 7912 hpCMSrv - ok
18:13:54.0071 7912 [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
18:13:54.0102 7912 HPDrvMntSvc.exe - ok
18:13:54.0117 7912 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
18:13:54.0117 7912 hpdskflt - ok
18:13:54.0164 7912 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:13:54.0195 7912 hpqwmiex - ok
18:13:54.0211 7912 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:13:54.0227 7912 HpSAMD - ok
18:13:54.0273 7912 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
18:13:54.0289 7912 hpsrv - ok
18:13:54.0367 7912 [ 491CE9B6321FB74E4B37AF2C47F98434 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
18:13:54.0367 7912 HPWMISVC - ok
18:13:54.0414 7912 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:13:54.0429 7912 HTTP - ok
18:13:54.0445 7912 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:13:54.0445 7912 hwpolicy - ok
18:13:54.0492 7912 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:13:54.0492 7912 i8042prt - ok
18:13:54.0539 7912 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:13:54.0539 7912 iaStor - ok
18:13:54.0648 7912 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:13:54.0663 7912 IAStorDataMgrSvc - ok
18:13:54.0710 7912 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:13:54.0741 7912 iaStorV - ok
18:13:54.0866 7912 [ D72BF0AE484F88399E8343E821C10D6A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
18:13:55.0022 7912 IconMan_R - ok
18:13:55.0069 7912 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:13:55.0100 7912 idsvc - ok
18:13:55.0365 7912 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:13:55.0615 7912 igfx - ok
18:13:55.0646 7912 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:13:55.0646 7912 iirsp - ok
18:13:55.0709 7912 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:13:55.0724 7912 IKEEXT - ok
18:13:55.0802 7912 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:13:55.0818 7912 IntcDAud - ok
18:13:55.0849 7912 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:13:55.0849 7912 intelide - ok
18:13:55.0865 7912 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:13:55.0880 7912 intelppm - ok
18:13:55.0911 7912 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:13:55.0911 7912 IPBusEnum - ok
18:13:55.0927 7912 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:13:55.0927 7912 IpFilterDriver - ok
18:13:55.0989 7912 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:13:55.0989 7912 iphlpsvc - ok
18:13:56.0021 7912 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:13:56.0021 7912 IPMIDRV - ok
18:13:56.0067 7912 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:13:56.0067 7912 IPNAT - ok
18:13:56.0145 7912 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:13:56.0161 7912 iPod Service - ok
18:13:56.0177 7912 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:13:56.0177 7912 IRENUM - ok
18:13:56.0208 7912 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:13:56.0208 7912 isapnp - ok
18:13:56.0239 7912 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:13:56.0239 7912 iScsiPrt - ok
18:13:56.0286 7912 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:13:56.0286 7912 kbdclass - ok
18:13:56.0317 7912 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:13:56.0317 7912 kbdhid - ok
18:13:56.0348 7912 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:13:56.0348 7912 KeyIso - ok
18:13:56.0364 7912 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:13:56.0379 7912 KSecDD - ok
18:13:56.0395 7912 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:13:56.0395 7912 KSecPkg - ok
18:13:56.0442 7912 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:13:56.0442 7912 ksthunk - ok
18:13:56.0473 7912 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:13:56.0473 7912 KtmRm - ok
18:13:56.0520 7912 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:13:56.0535 7912 LanmanServer - ok
18:13:56.0567 7912 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:13:56.0567 7912 LanmanWorkstation - ok
18:13:56.0598 7912 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:13:56.0613 7912 lltdio - ok
18:13:56.0660 7912 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:13:56.0676 7912 lltdsvc - ok
18:13:56.0691 7912 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:13:56.0707 7912 lmhosts - ok
18:13:56.0769 7912 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:13:56.0785 7912 LMS - ok
18:13:56.0832 7912 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:13:56.0832 7912 LSI_FC - ok
18:13:56.0847 7912 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:13:56.0847 7912 LSI_SAS - ok
18:13:56.0863 7912 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:13:56.0879 7912 LSI_SAS2 - ok
18:13:56.0910 7912 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:13:56.0910 7912 LSI_SCSI - ok
18:13:56.0925 7912 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:13:56.0925 7912 luafv - ok
18:13:56.0972 7912 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:13:56.0972 7912 MBAMProtector - ok
18:13:57.0003 7912 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:13:57.0019 7912 MBAMService - ok
18:13:57.0050 7912 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:13:57.0050 7912 Mcx2Svc - ok
18:13:57.0081 7912 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:13:57.0081 7912 megasas - ok
18:13:57.0097 7912 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:13:57.0113 7912 MegaSR - ok
18:13:57.0128 7912 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:13:57.0128 7912 MEIx64 - ok
18:13:57.0175 7912 Microsoft SharePoint Workspace Audit Service - ok
18:13:57.0222 7912 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:13:57.0222 7912 MMCSS - ok
18:13:57.0253 7912 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:13:57.0253 7912 Modem - ok
18:13:57.0284 7912 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:13:57.0284 7912 monitor - ok
18:13:57.0300 7912 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:13:57.0300 7912 mouclass - ok
18:13:57.0347 7912 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:13:57.0347 7912 mouhid - ok
18:13:57.0378 7912 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:13:57.0378 7912 mountmgr - ok
18:13:57.0456 7912 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:13:57.0456 7912 MozillaMaintenance - ok
18:13:57.0503 7912 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:13:57.0503 7912 mpio - ok
18:13:57.0518 7912 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:13:57.0518 7912 mpsdrv - ok
18:13:57.0581 7912 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:13:57.0596 7912 MpsSvc - ok
18:13:57.0612 7912 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:13:57.0612 7912 MRxDAV - ok
18:13:57.0643 7912 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:13:57.0643 7912 mrxsmb - ok
18:13:57.0690 7912 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:13:57.0690 7912 mrxsmb10 - ok
18:13:57.0705 7912 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:13:57.0705 7912 mrxsmb20 - ok
18:13:57.0737 7912 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:13:57.0737 7912 msahci - ok
18:13:57.0768 7912 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:13:57.0768 7912 msdsm - ok
18:13:57.0799 7912 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:13:57.0815 7912 MSDTC - ok
18:13:57.0830 7912 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:13:57.0830 7912 Msfs - ok
18:13:57.0877 7912 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:13:57.0877 7912 mshidkmdf - ok
18:13:57.0924 7912 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:13:57.0924 7912 msisadrv - ok
18:13:57.0971 7912 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:13:57.0986 7912 MSiSCSI - ok
18:13:57.0986 7912 msiserver - ok
18:13:58.0017 7912 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:13:58.0033 7912 MSKSSRV - ok
18:13:58.0033 7912 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:13:58.0049 7912 MSPCLOCK - ok
18:13:58.0064 7912 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:13:58.0064 7912 MSPQM - ok
18:13:58.0080 7912 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:13:58.0095 7912 MsRPC - ok
18:13:58.0111 7912 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:13:58.0127 7912 mssmbios - ok
18:13:58.0158 7912 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:13:58.0158 7912 MSTEE - ok
18:13:58.0173 7912 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:13:58.0173 7912 MTConfig - ok
18:13:58.0173 7912 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:13:58.0173 7912 Mup - ok
18:13:58.0220 7912 [ 188A3A952E51EDEA71D5E754CD8E2E11 ] MUSTechVIDCAP C:\Windows\system32\drivers\musgostrm.sys
18:13:58.0251 7912 MUSTechVIDCAP - ok
18:13:58.0283 7912 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:13:58.0298 7912 MyWiFiDHCPDNS - ok
18:13:58.0314 7912 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:13:58.0329 7912 napagent - ok
18:13:58.0361 7912 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:13:58.0361 7912 NativeWifiP - ok
18:13:58.0423 7912 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:13:58.0439 7912 NDIS - ok
18:13:58.0454 7912 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:13:58.0454 7912 NdisCap - ok
18:13:58.0501 7912 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:13:58.0501 7912 NdisTapi - ok
18:13:58.0517 7912 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:13:58.0517 7912 Ndisuio - ok
18:13:58.0532 7912 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:13:58.0532 7912 NdisWan - ok
18:13:58.0532 7912 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:13:58.0548 7912 NDProxy - ok
18:13:58.0579 7912 Nero BackItUp Scheduler 4.0 - ok
18:13:58.0595 7912 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:13:58.0610 7912 NetBIOS - ok
18:13:58.0626 7912 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:13:58.0626 7912 NetBT - ok
18:13:58.0641 7912 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:13:58.0641 7912 Netlogon - ok
18:13:58.0673 7912 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:13:58.0673 7912 Netman - ok
18:13:58.0688 7912 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:13:58.0688 7912 netprofm - ok
18:13:58.0735 7912 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:13:58.0735 7912 NetTcpPortSharing - ok
18:13:58.0953 7912 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
18:13:59.0156 7912 NETwNs64 - ok
18:13:59.0203 7912 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:13:59.0234 7912 nfrd960 - ok
18:13:59.0265 7912 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:13:59.0281 7912 NlaSvc - ok
18:13:59.0312 7912 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:13:59.0312 7912 Npfs - ok
18:13:59.0343 7912 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:13:59.0343 7912 nsi - ok
18:13:59.0359 7912 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:13:59.0359 7912 nsiproxy - ok
18:13:59.0437 7912 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:13:59.0453 7912 Ntfs - ok
18:13:59.0484 7912 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:13:59.0484 7912 Null - ok
18:13:59.0515 7912 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
18:13:59.0531 7912 nusb3hub - ok
18:13:59.0546 7912 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:13:59.0562 7912 nusb3xhc - ok
18:13:59.0624 7912 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
18:13:59.0640 7912 NVENETFD - ok
18:13:59.0671 7912 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:13:59.0671 7912 nvraid - ok
18:13:59.0718 7912 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:13:59.0733 7912 nvstor - ok
18:13:59.0765 7912 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:13:59.0780 7912 nv_agp - ok
18:13:59.0811 7912 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:13:59.0811 7912 ohci1394 - ok
18:13:59.0858 7912 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:13:59.0889 7912 ose - ok
18:14:00.0061 7912 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:14:00.0186 7912 osppsvc - ok
18:14:00.0217 7912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:14:00.0217 7912 p2pimsvc - ok
18:14:00.0248 7912 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:14:00.0248 7912 p2psvc - ok
18:14:00.0279 7912 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:14:00.0279 7912 Parport - ok
18:14:00.0311 7912 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:14:00.0311 7912 partmgr - ok
18:14:00.0346 7912 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:14:00.0356 7912 PcaSvc - ok
18:14:00.0376 7912 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:14:00.0386 7912 pci - ok
18:14:00.0406 7912 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:14:00.0406 7912 pciide - ok
18:14:00.0426 7912 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:14:00.0426 7912 pcmcia - ok
18:14:00.0456 7912 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:14:00.0456 7912 pcw - ok
18:14:00.0486 7912 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:14:00.0496 7912 PEAUTH - ok
18:14:00.0576 7912 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:14:00.0586 7912 PerfHost - ok
18:14:00.0656 7912 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:14:00.0686 7912 pla - ok
18:14:00.0716 7912 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:14:00.0746 7912 PlugPlay - ok
18:14:00.0776 7912 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:14:00.0776 7912 PNRPAutoReg - ok
18:14:00.0796 7912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:14:00.0796 7912 PNRPsvc - ok
18:14:00.0836 7912 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:14:00.0846 7912 PolicyAgent - ok
18:14:00.0866 7912 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:14:00.0876 7912 Power - ok
18:14:00.0906 7912 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:14:00.0906 7912 PptpMiniport - ok
18:14:00.0926 7912 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:14:00.0926 7912 Processor - ok
18:14:00.0956 7912 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:14:00.0986 7912 ProfSvc - ok
18:14:01.0006 7912 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:14:01.0006 7912 ProtectedStorage - ok
18:14:01.0046 7912 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:14:01.0046 7912 Psched - ok
18:14:01.0116 7912 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:14:01.0136 7912 ql2300 - ok
18:14:01.0166 7912 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:14:01.0166 7912 ql40xx - ok
18:14:01.0196 7912 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:14:01.0206 7912 QWAVE - ok
18:14:01.0236 7912 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:14:01.0236 7912 QWAVEdrv - ok
18:14:01.0246 7912 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:14:01.0256 7912 RasAcd - ok
18:14:01.0296 7912 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:14:01.0296 7912 RasAgileVpn - ok
18:14:01.0326 7912 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:14:01.0336 7912 RasAuto - ok
18:14:01.0366 7912 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:14:01.0366 7912 Rasl2tp - ok
18:14:01.0406 7912 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:14:01.0416 7912 RasMan - ok
18:14:01.0446 7912 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:14:01.0446 7912 RasPppoe - ok
18:14:01.0476 7912 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:14:01.0476 7912 RasSstp - ok
18:14:01.0506 7912 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:14:01.0506 7912 rdbss - ok
18:14:01.0526 7912 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:14:01.0526 7912 rdpbus - ok
18:14:01.0556 7912 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:14:01.0556 7912 RDPCDD - ok
18:14:01.0596 7912 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:14:01.0596 7912 RDPENCDD - ok
18:14:01.0626 7912 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:14:01.0626 7912 RDPREFMP - ok
18:14:01.0656 7912 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:14:01.0676 7912 RDPWD - ok
18:14:01.0716 7912 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:14:01.0726 7912 rdyboost - ok
18:14:01.0806 7912 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:14:01.0826 7912 RegSrvc - ok
18:14:01.0866 7912 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:14:01.0866 7912 RemoteAccess - ok
18:14:01.0896 7912 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:14:01.0906 7912 RemoteRegistry - ok
18:14:01.0916 7912 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:14:01.0916 7912 RpcEptMapper - ok
18:14:01.0946 7912 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:14:01.0946 7912 RpcLocator - ok
18:14:01.0986 7912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:14:01.0996 7912 RpcSs - ok
18:14:02.0026 7912 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
18:14:02.0046 7912 RSPCIESTOR - ok
18:14:02.0076 7912 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:14:02.0076 7912 rspndr - ok
18:14:02.0116 7912 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:14:02.0116 7912 RTL8167 - ok
18:14:02.0136 7912 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:14:02.0136 7912 SamSs - ok
18:14:02.0156 7912 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:14:02.0166 7912 sbp2port - ok
18:14:02.0186 7912 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:14:02.0196 7912 SCardSvr - ok
18:14:02.0216 7912 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:14:02.0216 7912 scfilter - ok
18:14:02.0246 7912 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:14:02.0266 7912 Schedule - ok
18:14:02.0296 7912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:14:02.0296 7912 SCPolicySvc - ok
18:14:02.0336 7912 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:14:02.0336 7912 sdbus - ok
18:14:02.0372 7912 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:14:02.0372 7912 SDRSVC - ok
18:14:02.0387 7912 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:14:02.0387 7912 secdrv - ok
18:14:02.0403 7912 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:14:02.0419 7912 seclogon - ok
18:14:02.0419 7912 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
18:14:02.0419 7912 SENS - ok
18:14:02.0450 7912 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:14:02.0465 7912 SensrSvc - ok
18:14:02.0497 7912 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:14:02.0497 7912 Serenum - ok
18:14:02.0512 7912 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:14:02.0512 7912 Serial - ok
18:14:02.0559 7912 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:14:02.0575 7912 sermouse - ok
18:14:02.0590 7912 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:14:02.0590 7912 SessionEnv - ok
18:14:02.0621 7912 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:14:02.0621 7912 sffdisk - ok
18:14:02.0653 7912 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:14:02.0653 7912 sffp_mmc - ok
18:14:02.0668 7912 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:14:02.0668 7912 sffp_sd - ok
18:14:02.0684 7912 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:14:02.0684 7912 sfloppy - ok
18:14:02.0731 7912 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:14:02.0746 7912 SharedAccess - ok
18:14:02.0777 7912 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:14:02.0777 7912 ShellHWDetection - ok
18:14:02.0824 7912 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:14:02.0824 7912 SiSRaid2 - ok
18:14:02.0840 7912 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:14:02.0840 7912 SiSRaid4 - ok
18:14:02.0887 7912 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:14:02.0887 7912 Smb - ok
18:14:02.0933 7912 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:14:02.0933 7912 SNMPTRAP - ok
18:14:02.0949 7912 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:14:02.0949 7912 spldr - ok
18:14:02.0996 7912 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:14:03.0011 7912 Spooler - ok
18:14:03.0105 7912 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:14:03.0199 7912 sppsvc - ok
18:14:03.0230 7912 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:14:03.0245 7912 sppuinotify - ok
18:14:03.0261 7912 sptd - ok
18:14:03.0292 7912 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:14:03.0308 7912 srv - ok
18:14:03.0323 7912 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:14:03.0339 7912 srv2 - ok
18:14:03.0379 7912 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:14:03.0389 7912 SrvHsfHDA - ok
18:14:03.0439 7912 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:14:03.0459 7912 SrvHsfV92 - ok
18:14:03.0489 7912 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:14:03.0499 7912 SrvHsfWinac - ok
18:14:03.0529 7912 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:14:03.0529 7912 srvnet - ok
18:14:03.0559 7912 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:14:03.0559 7912 SSDPSRV - ok
18:14:03.0569 7912 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:14:03.0569 7912 SstpSvc - ok
18:14:03.0639 7912 [ 20E27AA5BCC01C2149830C05FE22F675 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:14:03.0649 7912 STacSV - ok
18:14:03.0669 7912 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:14:03.0669 7912 stexstor - ok
18:14:03.0729 7912 [ BEB37CE4E7456F5EFA52D783D1E06D8C ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
18:14:03.0739 7912 STHDA - ok
18:14:03.0789 7912 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:14:03.0799 7912 stisvc - ok
18:14:03.0819 7912 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:14:03.0839 7912 swenum - ok
18:14:03.0879 7912 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:14:03.0889 7912 swprv - ok
18:14:03.0969 7912 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:14:04.0029 7912 SynTP - ok
18:14:04.0089 7912 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:14:04.0109 7912 SysMain - ok
18:14:04.0129 7912 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:14:04.0129 7912 TabletInputService - ok
18:14:04.0159 7912 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:14:04.0169 7912 TapiSrv - ok
18:14:04.0179 7912 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:14:04.0189 7912 TBS - ok
18:14:04.0249 7912 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:14:04.0269 7912 Tcpip - ok
18:14:04.0329 7912 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:14:04.0339 7912 TCPIP6 - ok
18:14:04.0359 7912 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:14:04.0359 7912 tcpipreg - ok
18:14:04.0379 7912 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:14:04.0379 7912 TDPIPE - ok
18:14:04.0409 7912 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:14:04.0419 7912 TDTCP - ok
18:14:04.0459 7912 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:14:04.0459 7912 tdx - ok
18:14:04.0489 7912 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:14:04.0489 7912 TermDD - ok
18:14:04.0539 7912 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:14:04.0549 7912 TermService - ok
18:14:04.0569 7912 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:14:04.0569 7912 Themes - ok
18:14:04.0599 7912 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:14:04.0599 7912 THREADORDER - ok
18:14:04.0629 7912 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:14:04.0639 7912 TrkWks - ok
18:14:04.0679 7912 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:14:04.0679 7912 TrustedInstaller - ok
18:14:04.0699 7912 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:14:04.0709 7912 tssecsrv - ok
18:14:04.0729 7912 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:14:04.0739 7912 TsUsbFlt - ok
18:14:04.0759 7912 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:14:04.0759 7912 TsUsbGD - ok
18:14:04.0799 7912 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:14:04.0809 7912 tunnel - ok
18:14:04.0829 7912 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:14:04.0829 7912 uagp35 - ok
18:14:04.0849 7912 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:14:04.0859 7912 udfs - ok
18:14:04.0899 7912 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:14:04.0899 7912 UI0Detect - ok
18:14:04.0929 7912 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:14:04.0929 7912 uliagpkx - ok
18:14:04.0959 7912 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:14:04.0959 7912 umbus - ok
18:14:04.0989 7912 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:14:04.0999 7912 UmPass - ok
18:14:05.0149 7912 [ A678E5DDD974903DD71F503BDCACA218 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:14:05.0179 7912 UNS - ok
18:14:05.0209 7912 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:14:05.0219 7912 upnphost - ok
18:14:05.0259 7912 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:14:05.0259 7912 USBAAPL64 - ok
18:14:05.0279 7912 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:14:05.0279 7912 usbaudio - ok
18:14:05.0309 7912 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:14:05.0309 7912 usbccgp - ok
18:14:05.0359 7912 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:14:05.0359 7912 usbcir - ok
18:14:05.0399 7912 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:14:05.0399 7912 usbehci - ok
18:14:05.0425 7912 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:14:05.0440 7912 usbhub - ok
18:14:05.0456 7912 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:14:05.0471 7912 usbohci - ok
18:14:05.0503 7912 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:14:05.0503 7912 usbprint - ok
18:14:05.0534 7912 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:14:05.0534 7912 usbscan - ok
18:14:05.0565 7912 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:14:05.0565 7912 USBSTOR - ok
18:14:05.0581 7912 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:14:05.0596 7912 usbuhci - ok
18:14:05.0627 7912 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:14:05.0643 7912 usbvideo - ok
18:14:05.0674 7912 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:14:05.0674 7912 UxSms - ok
18:14:05.0705 7912 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:14:05.0705 7912 VaultSvc - ok
18:14:05.0721 7912 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:14:05.0721 7912 vdrvroot - ok
18:14:05.0768 7912 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:14:05.0783 7912 vds - ok
18:14:05.0815 7912 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:14:05.0815 7912 vga - ok
18:14:05.0830 7912 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:14:05.0846 7912 VgaSave - ok
18:14:05.0877 7912 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:14:05.0877 7912 vhdmp - ok
18:14:05.0908 7912 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:14:05.0908 7912 viaide - ok
18:14:05.0924 7912 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:14:05.0924 7912 volmgr - ok
18:14:05.0955 7912 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:14:05.0971 7912 volmgrx - ok
18:14:06.0002 7912 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:14:06.0002 7912 volsnap - ok
18:14:06.0033 7912 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:14:06.0033 7912 vsmraid - ok
18:14:06.0111 7912 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:14:06.0142 7912 VSS - ok
18:14:06.0268 7912 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
18:14:06.0288 7912 vToolbarUpdater12.2.6 - ok
18:14:06.0308 7912 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:14:06.0318 7912 vwifibus - ok
18:14:06.0358 7912 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:14:06.0358 7912 vwififlt - ok
18:14:06.0398 7912 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:14:06.0398 7912 vwifimp - ok
18:14:06.0438 7912 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:14:06.0448 7912 W32Time - ok
18:14:06.0468 7912 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:14:06.0468 7912 WacomPen - ok
18:14:06.0518 7912 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:14:06.0518 7912 WANARP - ok
18:14:06.0538 7912 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:14:06.0538 7912 Wanarpv6 - ok
18:14:06.0618 7912 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:14:06.0678 7912 WatAdminSvc - ok
18:14:06.0738 7912 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:14:06.0768 7912 wbengine - ok
18:14:06.0788 7912 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:14:06.0788 7912 WbioSrvc - ok
18:14:06.0808 7912 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:14:06.0818 7912 wcncsvc - ok
18:14:06.0838 7912 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:14:06.0838 7912 WcsPlugInService - ok
18:14:06.0858 7912 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:14:06.0858 7912 Wd - ok
18:14:06.0898 7912 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:14:06.0908 7912 Wdf01000 - ok
18:14:06.0928 7912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:14:06.0928 7912 WdiServiceHost - ok
18:14:06.0938 7912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:14:06.0938 7912 WdiSystemHost - ok
18:14:06.0968 7912 [ 5E1640435DD54D00451156CA5340B109 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
18:14:07.0008 7912 wdkmd - ok
18:14:07.0048 7912 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:14:07.0058 7912 WebClient - ok
18:14:07.0078 7912 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:14:07.0088 7912 Wecsvc - ok
18:14:07.0098 7912 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:14:07.0108 7912 wercplsupport - ok
18:14:07.0148 7912 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:14:07.0158 7912 WerSvc - ok
18:14:07.0188 7912 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:14:07.0188 7912 WfpLwf - ok
18:14:07.0198 7912 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:14:07.0208 7912 WIMMount - ok
18:14:07.0238 7912 WinDefend - ok
18:14:07.0248 7912 WinHttpAutoProxySvc - ok
18:14:07.0328 7912 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:14:07.0338 7912 Winmgmt - ok
18:14:07.0418 7912 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:14:07.0448 7912 WinRM - ok
18:14:07.0498 7912 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
18:14:07.0508 7912 WinUsb - ok
18:14:07.0558 7912 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:14:07.0568 7912 Wlansvc - ok
18:14:07.0608 7912 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:14:07.0628 7912 wlcrasvc - ok
18:14:07.0758 7912 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:14:07.0788 7912 wlidsvc - ok
18:14:07.0828 7912 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:14:07.0828 7912 WmiAcpi - ok
18:14:07.0858 7912 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:14:07.0858 7912 wmiApSrv - ok
18:14:07.0898 7912 WMPNetworkSvc - ok
18:14:07.0918 7912 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:14:07.0918 7912 WPCSvc - ok
18:14:07.0928 7912 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:14:07.0938 7912 WPDBusEnum - ok
18:14:07.0958 7912 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:14:07.0968 7912 ws2ifsl - ok
18:14:08.0008 7912 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
18:14:08.0008 7912 wscsvc - ok
18:14:08.0018 7912 WSearch - ok
18:14:08.0118 7912 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:14:08.0148 7912 wuauserv - ok
18:14:08.0168 7912 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:14:08.0168 7912 WudfPf - ok
18:14:08.0178 7912 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:14:08.0178 7912 WUDFRd - ok
18:14:08.0203 7912 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:14:08.0203 7912 wudfsvc - ok
18:14:08.0219 7912 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:14:08.0219 7912 WwanSvc - ok
18:14:08.0266 7912 ================ Scan global ===============================
18:14:08.0297 7912 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:14:08.0328 7912 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:14:08.0359 7912 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:14:08.0391 7912 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:14:08.0422 7912 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:14:08.0422 7912 [Global] - ok
18:14:08.0422 7912 ================ Scan MBR ==================================
18:14:08.0437 7912 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:14:08.0734 7912 \Device\Harddisk0\DR0 - ok
18:14:08.0734 7912 ================ Scan VBR ==================================
18:14:08.0749 7912 [ 85AF604443F8658FC06BEE36E4B3091C ] \Device\Harddisk0\DR0\Partition1
18:14:08.0749 7912 \Device\Harddisk0\DR0\Partition1 - ok
18:14:08.0765 7912 [ 05A8EEA316E9CD35C5F63C88A2327D89 ] \Device\Harddisk0\DR0\Partition2
18:14:08.0765 7912 \Device\Harddisk0\DR0\Partition2 - ok
18:14:08.0796 7912 [ F6737DD7855219B6A3C986814D120393 ] \Device\Harddisk0\DR0\Partition3
18:14:08.0796 7912 \Device\Harddisk0\DR0\Partition3 - ok
18:14:08.0812 7912 [ CDDA1825F91C50D8E751FC3E891FA57C ] \Device\Harddisk0\DR0\Partition4
18:14:08.0812 7912 \Device\Harddisk0\DR0\Partition4 - ok
18:14:08.0812 7912 ============================================================
18:14:08.0812 7912 Scan finished
18:14:08.0812 7912 ============================================================
18:14:08.0827 3632 Detected object count: 0
18:14:08.0827 3632 Actual detected object count: 0
18:14:24.0685 6228 Deinitialize success


aswMBR
18:13:20.0683 6348 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:13:21.0033 6348 ============================================================
18:13:21.0033 6348 Current date / time: 2012/09/29 18:13:21.0033
18:13:21.0033 6348 SystemInfo:
18:13:21.0033 6348
18:13:21.0033 6348 OS Version: 6.1.7601 ServicePack: 1.0
18:13:21.0033 6348 Product type: Workstation
18:13:21.0033 6348 ComputerName: DAVEANTHONY
18:13:21.0033 6348 UserName: Dave Anthony
18:13:21.0033 6348 Windows directory: C:\Windows
18:13:21.0033 6348 System windows directory: C:\Windows
18:13:21.0033 6348 Running under WOW64
18:13:21.0033 6348 Processor architecture: Intel x64
18:13:21.0033 6348 Number of processors: 4
18:13:21.0033 6348 Page size: 0x1000
18:13:21.0033 6348 Boot type: Normal boot
18:13:21.0033 6348 ============================================================
18:13:21.0794 6348 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:13:21.0804 6348 ============================================================
18:13:21.0804 6348 \Device\Harddisk0\DR0:
18:13:21.0804 6348 MBR partitions:
18:13:21.0804 6348 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:13:21.0804 6348 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48B04800
18:13:21.0804 6348 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x48B68800, BlocksNum 0x1CBB800
18:13:21.0804 6348 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
18:13:21.0804 6348 ============================================================
18:13:21.0824 6348 C: <-> \Device\Harddisk0\DR0\Partition2
18:13:21.0864 6348 D: <-> \Device\Harddisk0\DR0\Partition3
18:13:21.0874 6348 F: <-> \Device\Harddisk0\DR0\Partition4
18:13:21.0884 6348 ============================================================
18:13:21.0884 6348 Initialize success
18:13:21.0884 6348 ============================================================
18:13:44.0740 7912 ============================================================
18:13:44.0740 7912 Scan started
18:13:44.0740 7912 Mode: Manual; TDLFS;
18:13:44.0740 7912 ============================================================
18:13:45.0957 7912 ================ Scan system memory ========================
18:13:45.0957 7912 System memory - ok
18:13:45.0957 7912 ================ Scan services =============================
18:13:46.0284 7912 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:13:46.0284 7912 1394ohci - ok
18:13:46.0347 7912 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
18:13:46.0347 7912 Accelerometer - ok
18:13:46.0440 7912 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:13:46.0456 7912 ACPI - ok
18:13:46.0487 7912 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:13:46.0487 7912 AcpiPmi - ok
18:13:46.0581 7912 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:13:46.0627 7912 AdobeARMservice - ok
18:13:46.0674 7912 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:13:46.0690 7912 adp94xx - ok
18:13:46.0737 7912 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:13:46.0752 7912 adpahci - ok
18:13:46.0799 7912 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:13:46.0815 7912 adpu320 - ok
18:13:46.0830 7912 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:13:46.0830 7912 AeLookupSvc - ok
18:13:46.0955 7912 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
18:13:46.0955 7912 AESTFilters - ok
18:13:47.0002 7912 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:13:47.0017 7912 AFD - ok
18:13:47.0049 7912 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:13:47.0064 7912 agp440 - ok
18:13:47.0080 7912 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:13:47.0080 7912 ALG - ok
18:13:47.0127 7912 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:13:47.0142 7912 aliide - ok
18:13:47.0142 7912 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:13:47.0142 7912 amdide - ok
18:13:47.0173 7912 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:13:47.0173 7912 AmdK8 - ok
18:13:47.0205 7912 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:13:47.0205 7912 AmdPPM - ok
18:13:47.0251 7912 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:13:47.0251 7912 amdsata - ok
18:13:47.0283 7912 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:13:47.0283 7912 amdsbs - ok
18:13:47.0314 7912 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:13:47.0314 7912 amdxata - ok
18:13:47.0361 7912 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
18:13:47.0376 7912 AMPPAL - ok
18:13:47.0392 7912 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
18:13:47.0392 7912 AMPPALP - ok
18:13:47.0548 7912 [ 576134E43169810B560F0BB6FDEE13F5 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:13:47.0579 7912 AMPPALR3 - ok
18:13:47.0626 7912 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:13:47.0641 7912 AppID - ok
18:13:47.0673 7912 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:13:47.0688 7912 AppIDSvc - ok
18:13:47.0719 7912 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:13:47.0719 7912 Appinfo - ok
18:13:47.0813 7912 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:13:47.0829 7912 Apple Mobile Device - ok
18:13:47.0907 7912 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:13:47.0907 7912 arc - ok
18:13:47.0938 7912 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:13:47.0938 7912 arcsas - ok
18:13:47.0953 7912 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:13:47.0953 7912 AsyncMac - ok
18:13:47.0969 7912 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:13:47.0969 7912 atapi - ok
18:13:48.0016 7912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:13:48.0031 7912 AudioEndpointBuilder - ok
18:13:48.0047 7912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:13:48.0063 7912 AudioSrv - ok
18:13:48.0250 7912 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
18:13:48.0390 7912 AVGIDSAgent - ok
18:13:48.0437 7912 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:13:48.0453 7912 AVGIDSDriver - ok
18:13:48.0484 7912 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
18:13:48.0484 7912 AVGIDSFilter - ok
18:13:48.0515 7912 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
18:13:48.0531 7912 AVGIDSHA - ok
18:13:48.0562 7912 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
18:13:48.0577 7912 Avgldx64 - ok
18:13:48.0609 7912 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
18:13:48.0609 7912 Avgmfx64 - ok
18:13:48.0640 7912 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
18:13:48.0640 7912 Avgrkx64 - ok
18:13:48.0687 7912 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
18:13:48.0687 7912 Avgtdia - ok
18:13:48.0733 7912 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
18:13:48.0749 7912 avgtp - ok
18:13:48.0780 7912 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
18:13:48.0780 7912 avgwd - ok
18:13:48.0827 7912 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:13:48.0827 7912 AxInstSV - ok
18:13:48.0874 7912 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:13:48.0874 7912 b06bdrv - ok
18:13:48.0905 7912 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:13:48.0921 7912 b57nd60a - ok
18:13:48.0983 7912 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:13:49.0014 7912 BCM43XX - ok
18:13:49.0045 7912 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:13:49.0045 7912 BDESVC - ok
18:13:49.0077 7912 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:13:49.0077 7912 Beep - ok
18:13:49.0139 7912 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:13:49.0155 7912 BFE - ok
18:13:49.0217 7912 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
18:13:49.0233 7912 BITS - ok
18:13:49.0264 7912 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:13:49.0264 7912 blbdrive - ok
18:13:49.0342 7912 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:13:49.0357 7912 Bonjour Service - ok
18:13:49.0420 7912 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:13:49.0420 7912 bowser - ok
18:13:49.0451 7912 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:13:49.0451 7912 BrFiltLo - ok
18:13:49.0482 7912 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:13:49.0498 7912 BrFiltUp - ok
18:13:49.0545 7912 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:13:49.0545 7912 BridgeMP - ok
18:13:49.0576 7912 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:13:49.0576 7912 Browser - ok
18:13:49.0607 7912 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:13:49.0623 7912 Brserid - ok
18:13:49.0654 7912 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:13:49.0654 7912 BrSerWdm - ok
18:13:49.0685 7912 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:13:49.0685 7912 BrUsbMdm - ok
18:13:49.0716 7912 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:13:49.0716 7912 BrUsbSer - ok
18:13:49.0732 7912 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:13:49.0747 7912 BTHMODEM - ok
18:13:49.0825 7912 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:13:49.0825 7912 bthserv - ok
18:13:49.0855 7912 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:13:49.0855 7912 BTHSSecurityMgr - ok
18:13:49.0915 7912 catchme - ok
18:13:49.0955 7912 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:13:49.0965 7912 cdfs - ok
18:13:49.0995 7912 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:13:50.0015 7912 cdrom - ok
18:13:50.0065 7912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:13:50.0065 7912 CertPropSvc - ok
18:13:50.0095 7912 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:13:50.0105 7912 circlass - ok
18:13:50.0145 7912 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:13:50.0145 7912 CLFS - ok
18:13:50.0245 7912 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
18:13:50.0255 7912 CLKMSVC10_38F51D56 - ok
18:13:50.0325 7912 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:13:50.0345 7912 clr_optimization_v2.0.50727_32 - ok
18:13:50.0395 7912 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:13:50.0405 7912 clr_optimization_v2.0.50727_64 - ok
18:13:50.0475 7912 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:13:50.0495 7912 clr_optimization_v4.0.30319_32 - ok
18:13:50.0545 7912 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:13:50.0555 7912 clr_optimization_v4.0.30319_64 - ok
18:13:50.0585 7912 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
18:13:50.0605 7912 clwvd - ok
18:13:50.0645 7912 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:13:50.0645 7912 CmBatt - ok
18:13:50.0675 7912 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:13:50.0675 7912 cmdide - ok
18:13:50.0725 7912 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:13:50.0735 7912 CNG - ok
18:13:50.0785 7912 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:13:50.0785 7912 Compbatt - ok
18:13:50.0815 7912 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:13:50.0815 7912 CompositeBus - ok
18:13:50.0825 7912 COMSysApp - ok
18:13:50.0885 7912 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:13:50.0885 7912 crcdisk - ok
18:13:50.0975 7912 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:13:51.0005 7912 CryptSvc - ok
18:13:51.0075 7912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:13:51.0085 7912 DcomLaunch - ok
18:13:51.0115 7912 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:13:51.0125 7912 defragsvc - ok
18:13:51.0145 7912 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:13:51.0145 7912 DfsC - ok
18:13:51.0195 7912 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:13:51.0205 7912 Dhcp - ok
18:13:51.0225 7912 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:13:51.0225 7912 discache - ok
18:13:51.0275 7912 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:13:51.0275 7912 Disk - ok
18:13:51.0315 7912 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:13:51.0325 7912 Dnscache - ok
18:13:51.0375 7912 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:13:51.0375 7912 dot3svc - ok
18:13:51.0395 7912 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:13:51.0395 7912 DPS - ok
18:13:51.0415 7912 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:13:51.0425 7912 drmkaud - ok
18:13:51.0455 7912 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:13:51.0475 7912 DXGKrnl - ok
18:13:51.0515 7912 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:13:51.0515 7912 EapHost - ok
18:13:51.0635 7912 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:13:51.0735 7912 ebdrv - ok
18:13:51.0775 7912 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:13:51.0785 7912 EFS - ok
18:13:51.0855 7912 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:13:51.0902 7912 ehRecvr - ok
18:13:51.0933 7912 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:13:51.0933 7912 ehSched - ok
18:13:51.0996 7912 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:13:51.0996 7912 elxstor - ok
18:13:52.0027 7912 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:13:52.0027 7912 ErrDev - ok
18:13:52.0074 7912 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:13:52.0074 7912 EventSystem - ok
18:13:52.0167 7912 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:13:52.0245 7912 EvtEng - ok
18:13:52.0308 7912 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:13:52.0308 7912 exfat - ok
18:13:52.0323 7912 ezSharedSvc - ok
18:13:52.0355 7912 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:13:52.0370 7912 fastfat - ok
18:13:52.0401 7912 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:13:52.0417 7912 Fax - ok
18:13:52.0448 7912 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:13:52.0448 7912 fdc - ok
18:13:52.0464 7912 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:13:52.0464 7912 fdPHost - ok
18:13:52.0479 7912 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:13:52.0495 7912 FDResPub - ok
18:13:52.0526 7912 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:13:52.0526 7912 FileInfo - ok
18:13:52.0542 7912 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:13:52.0542 7912 Filetrace - ok
18:13:52.0557 7912 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:13:52.0557 7912 flpydisk - ok
18:13:52.0604 7912 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:13:52.0604 7912 FltMgr - ok
18:13:52.0667 7912 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:13:52.0698 7912 FontCache - ok
18:13:52.0729 7912 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:13:52.0729 7912 FontCache3.0.0.0 - ok
18:13:52.0807 7912 [ 6AA4E6B4EA50620AB622A048394C4AA2 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
18:13:52.0823 7912 FPLService - ok
18:13:52.0838 7912 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:13:52.0854 7912 FsDepends - ok
18:13:52.0869 7912 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:13:52.0869 7912 Fs_Rec - ok
18:13:52.0916 7912 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:13:52.0932 7912 fvevol - ok
18:13:52.0963 7912 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:13:52.0963 7912 gagp30kx - ok
18:13:52.0994 7912 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:13:52.0994 7912 GEARAspiWDM - ok
18:13:53.0041 7912 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:13:53.0057 7912 gpsvc - ok
18:13:53.0103 7912 [ 8CB555D47427CF254E726598CBFB8994 ] hcw72ADFilter C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
18:13:53.0103 7912 hcw72ADFilter - ok
18:13:53.0197 7912 [ 8C33395CE856F3604DBE173DFA4A10CE ] hcw72ATV C:\Windows\system32\DRIVERS\hcw72ATV.sys
18:13:53.0213 7912 hcw72ATV - ok
18:13:53.0306 7912 [ 19BFF56B0EDC3477D71AF3B442ECB5C3 ] hcw72DTV C:\Windows\system32\DRIVERS\hcw72DTV.sys
18:13:53.0322 7912 hcw72DTV - ok
18:13:53.0337 7912 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:13:53.0353 7912 hcw85cir - ok
18:13:53.0384 7912 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:13:53.0400 7912 HdAudAddService - ok
18:13:53.0431 7912 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:13:53.0431 7912 HDAudBus - ok
18:13:53.0447 7912 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:13:53.0447 7912 HidBatt - ok
18:13:53.0462 7912 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:13:53.0478 7912 HidBth - ok
18:13:53.0493 7912 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:13:53.0493 7912 HidIr - ok
18:13:53.0525 7912 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:13:53.0525 7912 hidserv - ok
18:13:53.0571 7912 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:13:53.0571 7912 HidUsb - ok
18:13:53.0587 7912 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:13:53.0603 7912 hkmsvc - ok
18:13:53.0634 7912 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:13:53.0634 7912 HomeGroupListener - ok
18:13:53.0665 7912 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:13:53.0665 7912 HomeGroupProvider - ok
18:13:53.0743 7912 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:13:53.0759 7912 HP Support Assistant Service - ok
18:13:53.0868 7912 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
18:13:53.0899 7912 HPClientSvc - ok
18:13:53.0977 7912 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
18:13:54.0008 7912 hpCMSrv - ok
18:13:54.0071 7912 [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
18:13:54.0102 7912 HPDrvMntSvc.exe - ok
18:13:54.0117 7912 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
18:13:54.0117 7912 hpdskflt - ok
18:13:54.0164 7912 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:13:54.0195 7912 hpqwmiex - ok
18:13:54.0211 7912 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:13:54.0227 7912 HpSAMD - ok
18:13:54.0273 7912 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
18:13:54.0289 7912 hpsrv - ok
18:13:54.0367 7912 [ 491CE9B6321FB74E4B37AF2C47F98434 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
18:13:54.0367 7912 HPWMISVC - ok
18:13:54.0414 7912 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:13:54.0429 7912 HTTP - ok
18:13:54.0445 7912 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:13:54.0445 7912 hwpolicy - ok
18:13:54.0492 7912 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:13:54.0492 7912 i8042prt - ok
18:13:54.0539 7912 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:13:54.0539 7912 iaStor - ok
18:13:54.0648 7912 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:13:54.0663 7912 IAStorDataMgrSvc - ok
18:13:54.0710 7912 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:13:54.0741 7912 iaStorV - ok
18:13:54.0866 7912 [ D72BF0AE484F88399E8343E821C10D6A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
18:13:55.0022 7912 IconMan_R - ok
18:13:55.0069 7912 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:13:55.0100 7912 idsvc - ok
18:13:55.0365 7912 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:13:55.0615 7912 igfx - ok
18:13:55.0646 7912 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:13:55.0646 7912 iirsp - ok
18:13:55.0709 7912 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:13:55.0724 7912 IKEEXT - ok
18:13:55.0802 7912 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:13:55.0818 7912 IntcDAud - ok
18:13:55.0849 7912 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:13:55.0849 7912 intelide - ok
18:13:55.0865 7912 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:13:55.0880 7912 intelppm - ok
18:13:55.0911 7912 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:13:55.0911 7912 IPBusEnum - ok
18:13:55.0927 7912 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:13:55.0927 7912 IpFilterDriver - ok
18:13:55.0989 7912 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:13:55.0989 7912 iphlpsvc - ok
18:13:56.0021 7912 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:13:56.0021 7912 IPMIDRV - ok
18:13:56.0067 7912 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:13:56.0067 7912 IPNAT - ok
18:13:56.0145 7912 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:13:56.0161 7912 iPod Service - ok
18:13:56.0177 7912 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:13:56.0177 7912 IRENUM - ok
18:13:56.0208 7912 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:13:56.0208 7912 isapnp - ok
18:13:56.0239 7912 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:13:56.0239 7912 iScsiPrt - ok
18:13:56.0286 7912 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:13:56.0286 7912 kbdclass - ok
18:13:56.0317 7912 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:13:56.0317 7912 kbdhid - ok
18:13:56.0348 7912 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:13:56.0348 7912 KeyIso - ok
18:13:56.0364 7912 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:13:56.0379 7912 KSecDD - ok
18:13:56.0395 7912 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:13:56.0395 7912 KSecPkg - ok
18:13:56.0442 7912 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:13:56.0442 7912 ksthunk - ok
18:13:56.0473 7912 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:13:56.0473 7912 KtmRm - ok
18:13:56.0520 7912 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:13:56.0535 7912 LanmanServer - ok
18:13:56.0567 7912 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:13:56.0567 7912 LanmanWorkstation - ok
18:13:56.0598 7912 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:13:56.0613 7912 lltdio - ok
18:13:56.0660 7912 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:13:56.0676 7912 lltdsvc - ok
18:13:56.0691 7912 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:13:56.0707 7912 lmhosts - ok
18:13:56.0769 7912 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:13:56.0785 7912 LMS - ok
18:13:56.0832 7912 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:13:56.0832 7912 LSI_FC - ok
18:13:56.0847 7912 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:13:56.0847 7912 LSI_SAS - ok
18:13:56.0863 7912 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:13:56.0879 7912 LSI_SAS2 - ok
18:13:56.0910 7912 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:13:56.0910 7912 LSI_SCSI - ok
18:13:56.0925 7912 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:13:56.0925 7912 luafv - ok
18:13:56.0972 7912 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:13:56.0972 7912 MBAMProtector - ok
18:13:57.0003 7912 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:13:57.0019 7912 MBAMService - ok
18:13:57.0050 7912 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:13:57.0050 7912 Mcx2Svc - ok
18:13:57.0081 7912 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:13:57.0081 7912 megasas - ok
18:13:57.0097 7912 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:13:57.0113 7912 MegaSR - ok
18:13:57.0128 7912 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:13:57.0128 7912 MEIx64 - ok
18:13:57.0175 7912 Microsoft SharePoint Workspace Audit Service - ok
18:13:57.0222 7912 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:13:57.0222 7912 MMCSS - ok
18:13:57.0253 7912 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:13:57.0253 7912 Modem - ok
18:13:57.0284 7912 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:13:57.0284 7912 monitor - ok
18:13:57.0300 7912 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:13:57.0300 7912 mouclass - ok
18:13:57.0347 7912 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:13:57.0347 7912 mouhid - ok
18:13:57.0378 7912 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:13:57.0378 7912 mountmgr - ok
18:13:57.0456 7912 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:13:57.0456 7912 MozillaMaintenance - ok
18:13:57.0503 7912 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:13:57.0503 7912 mpio - ok
18:13:57.0518 7912 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:13:57.0518 7912 mpsdrv - ok
18:13:57.0581 7912 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:13:57.0596 7912 MpsSvc - ok
18:13:57.0612 7912 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:13:57.0612 7912 MRxDAV - ok
18:13:57.0643 7912 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:13:57.0643 7912 mrxsmb - ok
18:13:57.0690 7912 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:13:57.0690 7912 mrxsmb10 - ok
18:13:57.0705 7912 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:13:57.0705 7912 mrxsmb20 - ok
18:13:57.0737 7912 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:13:57.0737 7912 msahci - ok
18:13:57.0768 7912 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:13:57.0768 7912 msdsm - ok
18:13:57.0799 7912 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:13:57.0815 7912 MSDTC - ok
18:13:57.0830 7912 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:13:57.0830 7912 Msfs - ok
18:13:57.0877 7912 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:13:57.0877 7912 mshidkmdf - ok
18:13:57.0924 7912 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:13:57.0924 7912 msisadrv - ok
18:13:57.0971 7912 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:13:57.0986 7912 MSiSCSI - ok
18:13:57.0986 7912 msiserver - ok
18:13:58.0017 7912 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:13:58.0033 7912 MSKSSRV - ok
18:13:58.0033 7912 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:13:58.0049 7912 MSPCLOCK - ok
18:13:58.0064 7912 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:13:58.0064 7912 MSPQM - ok
18:13:58.0080 7912 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:13:58.0095 7912 MsRPC - ok
18:13:58.0111 7912 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:13:58.0127 7912 mssmbios - ok
18:13:58.0158 7912 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:13:58.0158 7912 MSTEE - ok
18:13:58.0173 7912 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:13:58.0173 7912 MTConfig - ok
18:13:58.0173 7912 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:13:58.0173 7912 Mup - ok
18:13:58.0220 7912 [ 188A3A952E51EDEA71D5E754CD8E2E11 ] MUSTechVIDCAP C:\Windows\system32\drivers\musgostrm.sys
18:13:58.0251 7912 MUSTechVIDCAP - ok
18:13:58.0283 7912 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:13:58.0298 7912 MyWiFiDHCPDNS - ok
18:13:58.0314 7912 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:13:58.0329 7912 napagent - ok
18:13:58.0361 7912 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:13:58.0361 7912 NativeWifiP - ok
18:13:58.0423 7912 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:13:58.0439 7912 NDIS - ok
18:13:58.0454 7912 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:13:58.0454 7912 NdisCap - ok
18:13:58.0501 7912 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:13:58.0501 7912 NdisTapi - ok
18:13:58.0517 7912 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:13:58.0517 7912 Ndisuio - ok
18:13:58.0532 7912 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:13:58.0532 7912 NdisWan - ok
18:13:58.0532 7912 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:13:58.0548 7912 NDProxy - ok
18:13:58.0579 7912 Nero BackItUp Scheduler 4.0 - ok
18:13:58.0595 7912 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:13:58.0610 7912 NetBIOS - ok
18:13:58.0626 7912 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:13:58.0626 7912 NetBT - ok
18:13:58.0641 7912 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:13:58.0641 7912 Netlogon - ok
18:13:58.0673 7912 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:13:58.0673 7912 Netman - ok
18:13:58.0688 7912 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:13:58.0688 7912 netprofm - ok
18:13:58.0735 7912 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:13:58.0735 7912 NetTcpPortSharing - ok
18:13:58.0953 7912 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
18:13:59.0156 7912 NETwNs64 - ok
18:13:59.0203 7912 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:13:59.0234 7912 nfrd960 - ok
18:13:59.0265 7912 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:13:59.0281 7912 NlaSvc - ok
18:13:59.0312 7912 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:13:59.0312 7912 Npfs - ok
18:13:59.0343 7912 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:13:59.0343 7912 nsi - ok
18:13:59.0359 7912 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:13:59.0359 7912 nsiproxy - ok
18:13:59.0437 7912 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:13:59.0453 7912 Ntfs - ok
18:13:59.0484 7912 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:13:59.0484 7912 Null - ok
18:13:59.0515 7912 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
18:13:59.0531 7912 nusb3hub - ok
18:13:59.0546 7912 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
18:13:59.0562 7912 nusb3xhc - ok
18:13:59.0624 7912 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
18:13:59.0640 7912 NVENETFD - ok
18:13:59.0671 7912 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:13:59.0671 7912 nvraid - ok
18:13:59.0718 7912 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:13:59.0733 7912 nvstor - ok
18:13:59.0765 7912 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:13:59.0780 7912 nv_agp - ok
18:13:59.0811 7912 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:13:59.0811 7912 ohci1394 - ok
18:13:59.0858 7912 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:13:59.0889 7912 ose - ok
18:14:00.0061 7912 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:14:00.0186 7912 osppsvc - ok
18:14:00.0217 7912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:14:00.0217 7912 p2pimsvc - ok
18:14:00.0248 7912 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:14:00.0248 7912 p2psvc - ok
18:14:00.0279 7912 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:14:00.0279 7912 Parport - ok
18:14:00.0311 7912 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:14:00.0311 7912 partmgr - ok
18:14:00.0346 7912 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:14:00.0356 7912 PcaSvc - ok
18:14:00.0376 7912 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:14:00.0386 7912 pci - ok
18:14:00.0406 7912 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:14:00.0406 7912 pciide - ok
18:14:00.0426 7912 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:14:00.0426 7912 pcmcia - ok
18:14:00.0456 7912 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:14:00.0456 7912 pcw - ok
18:14:00.0486 7912 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:14:00.0496 7912 PEAUTH - ok
18:14:00.0576 7912 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:14:00.0586 7912 PerfHost - ok
18:14:00.0656 7912 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:14:00.0686 7912 pla - ok
18:14:00.0716 7912 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:14:00.0746 7912 PlugPlay - ok
18:14:00.0776 7912 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:14:00.0776 7912 PNRPAutoReg - ok
18:14:00.0796 7912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:14:00.0796 7912 PNRPsvc - ok
18:14:00.0836 7912 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:14:00.0846 7912 PolicyAgent - ok
18:14:00.0866 7912 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:14:00.0876 7912 Power - ok
18:14:00.0906 7912 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:14:00.0906 7912 PptpMiniport - ok
18:14:00.0926 7912 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:14:00.0926 7912 Processor - ok
18:14:00.0956 7912 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:14:00.0986 7912 ProfSvc - ok
18:14:01.0006 7912 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:14:01.0006 7912 ProtectedStorage - ok
18:14:01.0046 7912 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:14:01.0046 7912 Psched - ok
18:14:01.0116 7912 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:14:01.0136 7912 ql2300 - ok
18:14:01.0166 7912 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:14:01.0166 7912 ql40xx - ok
18:14:01.0196 7912 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:14:01.0206 7912 QWAVE - ok
18:14:01.0236 7912 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:14:01.0236 7912 QWAVEdrv - ok
18:14:01.0246 7912 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:14:01.0256 7912 RasAcd - ok
18:14:01.0296 7912 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:14:01.0296 7912 RasAgileVpn - ok
18:14:01.0326 7912 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:14:01.0336 7912 RasAuto - ok
18:14:01.0366 7912 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:14:01.0366 7912 Rasl2tp - ok
18:14:01.0406 7912 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:14:01.0416 7912 RasMan - ok
18:14:01.0446 7912 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:14:01.0446 7912 RasPppoe - ok
18:14:01.0476 7912 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:14:01.0476 7912 RasSstp - ok
18:14:01.0506 7912 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:14:01.0506 7912 rdbss - ok
18:14:01.0526 7912 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:14:01.0526 7912 rdpbus - ok
18:14:01.0556 7912 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:14:01.0556 7912 RDPCDD - ok
18:14:01.0596 7912 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:14:01.0596 7912 RDPENCDD - ok
18:14:01.0626 7912 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:14:01.0626 7912 RDPREFMP - ok
18:14:01.0656 7912 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:14:01.0676 7912 RDPWD - ok
18:14:01.0716 7912 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:14:01.0726 7912 rdyboost - ok
18:14:01.0806 7912 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:14:01.0826 7912 RegSrvc - ok
18:14:01.0866 7912 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:14:01.0866 7912 RemoteAccess - ok
18:14:01.0896 7912 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:14:01.0906 7912 RemoteRegistry - ok
18:14:01.0916 7912 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:14:01.0916 7912 RpcEptMapper - ok
18:14:01.0946 7912 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:14:01.0946 7912 RpcLocator - ok
18:14:01.0986 7912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:14:01.0996 7912 RpcSs - ok
18:14:02.0026 7912 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
18:14:02.0046 7912 RSPCIESTOR - ok
18:14:02.0076 7912 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:14:02.0076 7912 rspndr - ok
18:14:02.0116 7912 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:14:02.0116 7912 RTL8167 - ok
18:14:02.0136 7912 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:14:02.0136 7912 SamSs - ok
18:14:02.0156 7912 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:14:02.0166 7912 sbp2port - ok
18:14:02.0186 7912 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:14:02.0196 7912 SCardSvr - ok
18:14:02.0216 7912 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:14:02.0216 7912 scfilter - ok
18:14:02.0246 7912 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:14:02.0266 7912 Schedule - ok
18:14:02.0296 7912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:14:02.0296 7912 SCPolicySvc - ok
18:14:02.0336 7912 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:14:02.0336 7912 sdbus - ok
18:14:02.0372 7912 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:14:02.0372 7912 SDRSVC - ok
18:14:02.0387 7912 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:14:02.0387 7912 secdrv - ok
18:14:02.0403 7912 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:14:02.0419 7912 seclogon - ok
18:14:02.0419 7912 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
18:14:02.0419 7912 SENS - ok
18:14:02.0450 7912 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:14:02.0465 7912 SensrSvc - ok
18:14:02.0497 7912 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:14:02.0497 7912 Serenum - ok
18:14:02.0512 7912 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:14:02.0512 7912 Serial - ok
18:14:02.0559 7912 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:14:02.0575 7912 sermouse - ok
18:14:02.0590 7912 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:14:02.0590 7912 SessionEnv - ok
18:14:02.0621 7912 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:14:02.0621 7912 sffdisk - ok
18:14:02.0653 7912 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:14:02.0653 7912 sffp_mmc - ok
18:14:02.0668 7912 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:14:02.0668 7912 sffp_sd - ok
18:14:02.0684 7912 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:14:02.0684 7912 sfloppy - ok
18:14:02.0731 7912 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:14:02.0746 7912 SharedAccess - ok
18:14:02.0777 7912 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:14:02.0777 7912 ShellHWDetection - ok
18:14:02.0824 7912 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:14:02.0824 7912 SiSRaid2 - ok
18:14:02.0840 7912 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:14:02.0840 7912 SiSRaid4 - ok
18:14:02.0887 7912 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:14:02.0887 7912 Smb - ok
18:14:02.0933 7912 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:14:02.0933 7912 SNMPTRAP - ok
18:14:02.0949 7912 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:14:02.0949 7912 spldr - ok
18:14:02.0996 7912 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:14:03.0011 7912 Spooler - ok
18:14:03.0105 7912 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:14:03.0199 7912 sppsvc - ok
18:14:03.0230 7912 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:14:03.0245 7912 sppuinotify - ok
18:14:03.0261 7912 sptd - ok
18:14:03.0292 7912 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:14:03.0308 7912 srv - ok
18:14:03.0323 7912 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:14:03.0339 7912 srv2 - ok
18:14:03.0379 7912 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:14:03.0389 7912 SrvHsfHDA - ok
18:14:03.0439 7912 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:14:03.0459 7912 SrvHsfV92 - ok
18:14:03.0489 7912 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:14:03.0499 7912 SrvHsfWinac - ok
18:14:03.0529 7912 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:14:03.0529 7912 srvnet - ok
18:14:03.0559 7912 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:14:03.0559 7912 SSDPSRV - ok
18:14:03.0569 7912 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:14:03.0569 7912 SstpSvc - ok
18:14:03.0639 7912 [ 20E27AA5BCC01C2149830C05FE22F675 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:14:03.0649 7912 STacSV - ok
18:14:03.0669 7912 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:14:03.0669 7912 stexstor - ok
18:14:03.0729 7912 [ BEB37CE4E7456F5EFA52D783D1E06D8C ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
18:14:03.0739 7912 STHDA - ok
18:14:03.0789 7912 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:14:03.0799 7912 stisvc - ok
18:14:03.0819 7912 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:14:03.0839 7912 swenum - ok
18:14:03.0879 7912 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:14:03.0889 7912 swprv - ok
18:14:03.0969 7912 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:14:04.0029 7912 SynTP - ok
18:14:04.0089 7912 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:14:04.0109 7912 SysMain - ok
18:14:04.0129 7912 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:14:04.0129 7912 TabletInputService - ok
18:14:04.0159 7912 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:14:04.0169 7912 TapiSrv - ok
18:14:04.0179 7912 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:14:04.0189 7912 TBS - ok
18:14:04.0249 7912 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:14:04.0269 7912 Tcpip - ok
18:14:04.0329 7912 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:14:04.0339 7912 TCPIP6 - ok
18:14:04.0359 7912 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:14:04.0359 7912 tcpipreg - ok
18:14:04.0379 7912 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:14:04.0379 7912 TDPIPE - ok
18:14:04.0409 7912 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:14:04.0419 7912 TDTCP - ok
18:14:04.0459 7912 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:14:04.0459 7912 tdx - ok
18:14:04.0489 7912 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:14:04.0489 7912 TermDD - ok
18:14:04.0539 7912 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:14:04.0549 7912 TermService - ok
18:14:04.0569 7912 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:14:04.0569 7912 Themes - ok
18:14:04.0599 7912 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:14:04.0599 7912 THREADORDER - ok
18:14:04.0629 7912 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:14:04.0639 7912 TrkWks - ok
18:14:04.0679 7912 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:14:04.0679 7912 TrustedInstaller - ok
18:14:04.0699 7912 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:14:04.0709 7912 tssecsrv - ok
18:14:04.0729 7912 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:14:04.0739 7912 TsUsbFlt - ok
18:14:04.0759 7912 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:14:04.0759 7912 TsUsbGD - ok
18:14:04.0799 7912 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:14:04.0809 7912 tunnel - ok
18:14:04.0829 7912 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:14:04.0829 7912 uagp35 - ok
18:14:04.0849 7912 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:14:04.0859 7912 udfs - ok
18:14:04.0899 7912 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:14:04.0899 7912 UI0Detect - ok
18:14:04.0929 7912 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:14:04.0929 7912 uliagpkx - ok
18:14:04.0959 7912 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:14:04.0959 7912 umbus - ok
18:14:04.0989 7912 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:14:04.0999 7912 UmPass - ok
18:14:05.0149 7912 [ A678E5DDD974903DD71F503BDCACA218 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:14:05.0179 7912 UNS - ok
18:14:05.0209 7912 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:14:05.0219 7912 upnphost - ok
18:14:05.0259 7912 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:14:05.0259 7912 USBAAPL64 - ok
18:14:05.0279 7912 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:14:05.0279 7912 usbaudio - ok
18:14:05.0309 7912 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:14:05.0309 7912 usbccgp - ok
18:14:05.0359 7912 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:14:05.0359 7912 usbcir - ok
18:14:05.0399 7912 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:14:05.0399 7912 usbehci - ok
18:14:05.0425 7912 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:14:05.0440 7912 usbhub - ok
18:14:05.0456 7912 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:14:05.0471 7912 usbohci - ok
18:14:05.0503 7912 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:14:05.0503 7912 usbprint - ok
18:14:05.0534 7912 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:14:05.0534 7912 usbscan - ok
18:14:05.0565 7912 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:14:05.0565 7912 USBSTOR - ok
18:14:05.0581 7912 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:14:05.0596 7912 usbuhci - ok
18:14:05.0627 7912 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:14:05.0643 7912 usbvideo - ok
18:14:05.0674 7912 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:14:05.0674 7912 UxSms - ok
18:14:05.0705 7912 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:14:05.0705 7912 VaultSvc - ok
18:14:05.0721 7912 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:14:05.0721 7912 vdrvroot - ok
18:14:05.0768 7912 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:14:05.0783 7912 vds - ok
18:14:05.0815 7912 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:14:05.0815 7912 vga - ok
18:14:05.0830 7912 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:14:05.0846 7912 VgaSave - ok
18:14:05.0877 7912 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:14:05.0877 7912 vhdmp - ok
18:14:05.0908 7912 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:14:05.0908 7912 viaide - ok
18:14:05.0924 7912 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:14:05.0924 7912 volmgr - ok
18:14:05.0955 7912 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:14:05.0971 7912 volmgrx - ok
18:14:06.0002 7912 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:14:06.0002 7912 volsnap - ok
18:14:06.0033 7912 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:14:06.0033 7912 vsmraid - ok
18:14:06.0111 7912 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:14:06.0142 7912 VSS - ok
18:14:06.0268 7912 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
18:14:06.0288 7912 vToolbarUpdater12.2.6 - ok
18:14:06.0308 7912 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:14:06.0318 7912 vwifibus - ok
18:14:06.0358 7912 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:14:06.0358 7912 vwififlt - ok
18:14:06.0398 7912 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:14:06.0398 7912 vwifimp - ok
18:14:06.0438 7912 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:14:06.0448 7912 W32Time - ok
18:14:06.0468 7912 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:14:06.0468 7912 WacomPen - ok
18:14:06.0518 7912 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:14:06.0518 7912 WANARP - ok
18:14:06.0538 7912 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:14:06.0538 7912 Wanarpv6 - ok
18:14:06.0618 7912 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:14:06.0678 7912 WatAdminSvc - ok
18:14:06.0738 7912 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:14:06.0768 7912 wbengine - ok
18:14:06.0788 7912 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:14:06.0788 7912 WbioSrvc - ok
18:14:06.0808 7912 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:14:06.0818 7912 wcncsvc - ok
18:14:06.0838 7912 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:14:06.0838 7912 WcsPlugInService - ok
18:14:06.0858 7912 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:14:06.0858 7912 Wd - ok
18:14:06.0898 7912 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:14:06.0908 7912 Wdf01000 - ok
18:14:06.0928 7912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:14:06.0928 7912 WdiServiceHost - ok
18:14:06.0938 7912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:14:06.0938 7912 WdiSystemHost - ok
18:14:06.0968 7912 [ 5E1640435DD54D00451156CA5340B109 ] wdkmd C:\Windows\system32\DRIVERS\WDKMD.sys
18:14:07.0008 7912 wdkmd - ok
18:14:07.0048 7912 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:14:07.0058 7912 WebClient - ok
18:14:07.0078 7912 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:14:07.0088 7912 Wecsvc - ok
18:14:07.0098 7912 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:14:07.0108 7912 wercplsupport - ok
18:14:07.0148 7912 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:14:07.0158 7912 WerSvc - ok
18:14:07.0188 7912 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:14:07.0188 7912 WfpLwf - ok
18:14:07.0198 7912 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:14:07.0208 7912 WIMMount - ok
18:14:07.0238 7912 WinDefend - ok
18:14:07.0248 7912 WinHttpAutoProxySvc - ok
18:14:07.0328 7912 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:14:07.0338 7912 Winmgmt - ok
18:14:07.0418 7912 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:14:07.0448 7912 WinRM - ok
18:14:07.0498 7912 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
18:14:07.0508 7912 WinUsb - ok
18:14:07.0558 7912 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:14:07.0568 7912 Wlansvc - ok
18:14:07.0608 7912 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:14:07.0628 7912 wlcrasvc - ok
18:14:07.0758 7912 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:14:07.0788 7912 wlidsvc - ok
18:14:07.0828 7912 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:14:07.0828 7912 WmiAcpi - ok
18:14:07.0858 7912 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:14:07.0858 7912 wmiApSrv - ok
18:14:07.0898 7912 WMPNetworkSvc - ok
18:14:07.0918 7912 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:14:07.0918 7912 WPCSvc - ok
18:14:07.0928 7912 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:14:07.0938 7912 WPDBusEnum - ok
18:14:07.0958 7912 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:14:07.0968 7912 ws2ifsl - ok
18:14:08.0008 7912 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
18:14:08.0008 7912 wscsvc - ok
18:14:08.0018 7912 WSearch - ok
18:14:08.0118 7912 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:14:08.0148 7912 wuauserv - ok
18:14:08.0168 7912 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:14:08.0168 7912 WudfPf - ok
18:14:08.0178 7912 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:14:08.0178 7912 WUDFRd - ok
18:14:08.0203 7912 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:14:08.0203 7912 wudfsvc - ok
18:14:08.0219 7912 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:14:08.0219 7912 WwanSvc - ok
18:14:08.0266 7912 ================ Scan global ===============================
18:14:08.0297 7912 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:14:08.0328 7912 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:14:08.0359 7912 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:14:08.0391 7912 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:14:08.0422 7912 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:14:08.0422 7912 [Global] - ok
18:14:08.0422 7912 ================ Scan MBR ==================================
18:14:08.0437 7912 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:14:08.0734 7912 \Device\Harddisk0\DR0 - ok
18:14:08.0734 7912 ================ Scan VBR ==================================
18:14:08.0749 7912 [ 85AF604443F8658FC06BEE36E4B3091C ] \Device\Harddisk0\DR0\Partition1
18:14:08.0749 7912 \Device\Harddisk0\DR0\Partition1 - ok
18:14:08.0765 7912 [ 05A8EEA316E9CD35C5F63C88A2327D89 ] \Device\Harddisk0\DR0\Partition2
18:14:08.0765 7912 \Device\Harddisk0\DR0\Partition2 - ok
18:14:08.0796 7912 [ F6737DD7855219B6A3C986814D120393 ] \Device\Harddisk0\DR0\Partition3
18:14:08.0796 7912 \Device\Harddisk0\DR0\Partition3 - ok
18:14:08.0812 7912 [ CDDA1825F91C50D8E751FC3E891FA57C ] \Device\Harddisk0\DR0\Partition4
18:14:08.0812 7912 \Device\Harddisk0\DR0\Partition4 - ok
18:14:08.0812 7912 ============================================================
18:14:08.0812 7912 Scan finished
18:14:08.0812 7912 ============================================================
18:14:08.0827 3632 Detected object count: 0
18:14:08.0827 3632 Actual detected object count: 0
18:14:24.0685 6228 Deinitialize success


ESET Online Scanner
C:\Users\Dave Anthony\AppData\Local\Google\Chrome\User Data\Default\Default\aadbgddcdidggfgcgbdgdegddededidd\background.html Win32/BHO.OEI trojan
C:\Users\Dave Anthony\AppData\Local\Google\Chrome\User Data\Default\Default\aadbgddcdidggfgcgbdgdegddededidd\ContentScript.js Win32/BHO.OEI trojan
C:\Users\Dave Anthony\AppData\Local\{95F83994-F56D-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan


I had ESET remove these 3 threats, but the redirecting still continues when I Google search with Mozilla Firefox (my default browser).

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:49 PM

Posted 01 October 2012 - 10:36 AM

Please run ESET scan again and make sure it comes out clean

I still need the ASWMBR log.You have posted TDSSkiller log twice

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it . For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 danthon5

danthon5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 01 October 2012 - 12:11 PM

Whoops, sorry about posting the TDSSkiller twice. I ran the ESET scan again and it came out clean.

aswMBR
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-29 19:49:04
-----------------------------
19:49:04.065 OS Version: Windows x64 6.1.7601 Service Pack 1
19:49:04.065 Number of processors: 4 586 0x2A07
19:49:04.080 ComputerName: DAVEANTHONY UserName:
19:49:05.469 Initialize success
19:49:14.720 AVAST engine defs: 12092901
19:49:25.608 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:49:25.608 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 3
19:49:25.640 Disk 0 MBR read successfully
19:49:25.640 Disk 0 MBR scan
19:49:25.671 Disk 0 Windows 7 default MBR code
19:49:25.686 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
19:49:25.686 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 595465 MB offset 409600
19:49:25.718 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14711 MB offset 1219921920
19:49:25.733 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 1250050048
19:49:25.796 Disk 0 scanning C:\Windows\system32\drivers
19:49:35.265 Service scanning
19:50:01.957 Modules scanning
19:50:01.957 Disk 0 trace - called modules:
19:50:01.972 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
19:50:01.988 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005013060]
19:50:01.988 3 CLASSPNP.SYS[fffff88001c5243f] -> nt!IofCallDriver -> [0xfffffa8004e94b10]
19:50:01.988 5 hpdskflt.sys[fffff880019f2189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004d7e050]
19:50:05.014 AVAST engine scan C:\Windows
19:50:08.041 AVAST engine scan C:\Windows\system32
19:52:51.498 AVAST engine scan C:\Windows\system32\drivers
19:53:19.422 AVAST engine scan C:\Users\Dave Anthony
20:03:00.101 AVAST engine scan C:\ProgramData
20:04:19.006 Scan finished successfully
20:08:49.043 Disk 0 MBR has been saved successfully to "C:\Users\Dave Anthony\Desktop\MBR.dat"
20:08:49.058 The log file has been saved successfully to "C:\Users\Dave Anthony\Desktop\aswMBR.txt"


Malwarebytes
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.01.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dave Anthony :: DAVEANTHONY [administrator]

10/1/2012 11:51:04 AM
mbam-log-2012-10-01 (11-51-04).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 348940
Time elapsed: 57 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


mini toolbox
MiniToolBox by Farbar Version: 23-07-2012
Ran by Dave Anthony (administrator) on 01-10-2012 at 11:53:56
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DaveAnthony
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 8C-A9-82-AF-AE-89
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 8C-A9-82-AF-AE-89
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 8C-A9-82-AF-AE-88
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d83a:3a58:1cc7:2f8%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, October 01, 2012 11:48:24 AM
Lease Expires . . . . . . . . . . : Tuesday, October 02, 2012 11:48:24 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 327985538
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-C0-99-11-10-1F-74-0F-42-8B
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : btoa06.dellswdlb.com
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 10-1F-74-0F-42-8B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E763178A-0D6B-4469-9B94-D22A22FC56FB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3111485C-225D-4D42-A3CD-16B10CE4F565}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1c4f:24ba:3f57:fefa(Preferred)
Link-local IPv6 Address . . . . . : fe80::1c4f:24ba:3f57:fefa%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: myrouter.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:802::1009
74.125.226.230
74.125.226.225
74.125.226.227
74.125.226.226
74.125.226.229
74.125.226.231
74.125.226.232
74.125.226.233
74.125.226.228
74.125.226.224
74.125.226.238


Pinging google.com [173.194.43.8] with 32 bytes of data:
Reply from 173.194.43.8: bytes=32 time=16ms TTL=55
Reply from 173.194.43.8: bytes=32 time=15ms TTL=55

Ping statistics for 173.194.43.8:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 16ms, Average = 15ms
Server: myrouter.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=136ms TTL=53
Reply from 98.138.253.109: bytes=32 time=148ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 136ms, Maximum = 148ms, Average = 142ms
Server: myrouter.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...8c a9 82 af ae 89 ......Microsoft Virtual WiFi Miniport Adapter #2
14...8c a9 82 af ae 89 ......Microsoft Virtual WiFi Miniport Adapter
13...8c a9 82 af ae 88 ......Intel® WiFi Link 1000 BGN
11...10 1f 74 0f 42 8b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.5 281
192.168.1.5 255.255.255.255 On-link 192.168.1.5 281
192.168.1.255 255.255.255.255 On-link 192.168.1.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:9d38:6ab8:1c4f:24ba:3f57:fefa/128
On-link
13 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::1c4f:24ba:3f57:fefa/128
On-link
13 281 fe80::d83a:3a58:1cc7:2f8/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/01/2012 11:48:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2012 11:17:01 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/01/2012 11:17:00 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/01/2012 09:20:02 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7130

Error: (10/01/2012 09:20:02 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7130

Error: (10/01/2012 09:20:02 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/01/2012 09:20:01 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6085

Error: (10/01/2012 09:20:01 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6085

Error: (10/01/2012 09:20:01 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/01/2012 09:20:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5086


System errors:
=============
Error: (10/01/2012 11:48:20 AM) (Source: Service Control Manager) (User: )
Description: The Nero BackItUp Scheduler 4.0 service failed to start due to the following error:
%%2

Error: (10/01/2012 06:36:10 AM) (Source: Service Control Manager) (User: )
Description: The Nero BackItUp Scheduler 4.0 service failed to start due to the following error:
%%2

Error: (09/30/2012 09:30:12 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{509DECAB-DB2C-410B-8D40-CAE690BBBB32}.
The backup browser is stopping.

Error: (09/30/2012 09:27:44 PM) (Source: Service Control Manager) (User: )
Description: The Nero BackItUp Scheduler 4.0 service failed to start due to the following error:
%%2

Error: (09/30/2012 09:21:39 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{509DECAB-DB2C-410B-8D40-CAE690BBBB32}.
The backup browser is stopping.

Error: (09/30/2012 06:27:11 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{509DECAB-DB2C-410B-8D40-CAE690BBBB32}.
The backup browser is stopping.

Error: (09/29/2012 08:25:34 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{509DECAB-DB2C-410B-8D40-CAE690BBBB32}.
The backup browser is stopping.

Error: (09/29/2012 08:10:02 PM) (Source: Service Control Manager) (User: )
Description: The Nero BackItUp Scheduler 4.0 service failed to start due to the following error:
%%2

Error: (09/29/2012 08:08:37 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (09/29/2012 08:08:37 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}


Microsoft Office Sessions:
=========================
Error: (10/01/2012 11:48:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/01/2012 11:17:01 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dave Anthony\Desktop\esetsmartinstaller_enu.exe

Error: (10/01/2012 11:17:00 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dave Anthony\Desktop\esetsmartinstaller_enu.exe

Error: (10/01/2012 09:20:02 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7130

Error: (10/01/2012 09:20:02 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7130

Error: (10/01/2012 09:20:02 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/01/2012 09:20:01 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6085

Error: (10/01/2012 09:20:01 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6085

Error: (10/01/2012 09:20:01 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/01/2012 09:20:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5086


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
AuthenTec TrueAPI (Version: 1.3.0.144)
AVG 2012 (Version: 12.0.2221)
AVG 2012 (Version: 12.0.2441)
AVG 2012 (Version: 2012.0.2221)
BitTorrent (Version: 7.7.0)
Bonjour (Version: 3.0.0.10)
Celtx (2.9.1) (Version: 2.9.1 (en-US))
CyberLink PowerDVD (Version: 10.0.3.3222)
CyberLink YouCam (Version: 3.5.1.4305)
D3DX10 (Version: 15.4.2368.0902)
Debut Video Capture Software
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Decrypter (Remove Only)
DVD Shrink 3.2
EA SPORTS Game Face Browser Plugin 1.5.3.0 (Version: 1.5.3.0)
Energy Star Digital Logo (Version: 1.0.1)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Evernote v. 4.2.2 (Version: 4.2.2.3979)
Express Zip File Compression Software
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.1.9.1)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Connection Manager (Version: 4.0.45.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP On Screen Display (Version: 1.3.5)
HP Power Manager (Version: 1.4.4)
HP Quick Launch (Version: 2.5.2)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13231.3673)
HP SimplePass 2011 (Version: 5.3.0.273)
HP Software Framework (Version: 4.1.13.1)
HP Support Assistant (Version: 6.1.12.1)
IDT Audio (Version: 1.0.6345.0)
ImgBurn (Version: 2.5.6.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2291)
Intel® PROSet/Wireless WiFi Software (Version: 14.2.0000)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.30.0)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.6.1.7)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
mkv2vob (Version: 2.4.9)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
neroxml (Version: 1.0.0)
Netflix in Windows Media Center (Version: 3.3.101.0)
office Convert Pdf to Jpg Jpeg Tiff Free 6.4
PlayReady PC Runtime x86 (Version: 1.3.0)
Prism Video File Converter
QuickTime (Version: 7.72.80.56)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
Recovery Manager (Version: 2.0.0)
Redist (Version: 3.00.0000)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.19.0)
Synaptics TouchPad Driver (Version: 15.3.11.0)
Ulead Straight-to-Disc SDK (Version: 2.2)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Validity WBF DDK (Version: 4.3.205.0)
Verizon Media Manager (Version: 9.5.67)
VideoPad Video Editor
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 4043.86 MB
Available physical RAM: 2236.32 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 6108.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.75 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:581.51 GB) (Free:534.62 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.37 GB) (Free:1.6 GB) NTFS
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

========================= Users: ========================================

User accounts for \\DAVEANTHONY

Administrator Dave Anthony Guest

========================= Restore Points ==================================


**** End of log ****


Farbar service scanner
Farbar Service Scanner Version: 19-09-2012
Ran by Dave Anthony (administrator) on 01-10-2012 at 11:56:11
Running from "C:\Users\Dave Anthony\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


adware cleaner
# AdwCleaner v2.003 - Logfile created 10/01/2012 at 12:49:45
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Dave Anthony - DAVEANTHONY
# Boot Mode : Normal
# Running from : C:\Users\Dave Anthony\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Dave Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\4qfm9gqh.default\prefs.js

Deleted : user_pref("extensions.enabledAddons", "DivXWebPlayer@divx.com:2.0.2.039,{972ce4c6-7e08-4474-a285-320[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Dave Anthony\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6742 octets] - [18/09/2012 17:54:33]
AdwCleaner[S1].txt - [7118 octets] - [18/09/2012 17:55:02]
AdwCleaner[R2].txt - [1197 octets] - [01/10/2012 11:59:06]
AdwCleaner[R3].txt - [1257 octets] - [01/10/2012 11:59:28]
AdwCleaner[S3].txt - [1289 octets] - [01/10/2012 12:49:45]

########## EOF - C:\AdwCleaner[S3].txt - [1349 octets] ##########


Junkware removal tool
Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.0 (10.01.2012)
OS: Windows 7 Home Premium x64
Ran by Dave Anthony on Mon 10/01/2012 at 12:17:47.78
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired

Trojan:Win32/Tracur.AV Detected!
Successfully deleted: yijkfeewvi@yijkfeewvi.org.xpi


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Mon 10/01/2012 at 12:18:04.31
End of Report



I don't want to speak too soon, but it looks like all of this has done the trick. I just did about 10 searches and haven't been re-directed yet.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:49 PM

Posted 01 October 2012 - 09:37 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 danthon5

danthon5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 02 October 2012 - 09:34 PM

Rkill
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/02/2012 10:17:57 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 2368) [SFI]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/02/2012 10:18:20 PM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)


Autoruns
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelPAN" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgtray.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "FlashPlayerUpdate" "Adobe® Flash® Player Installer/Uninstaller 11.3 r300" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashutil32_11_3_300_262_plugin.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "linkscanner" "Safe Search pluggable protocol" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgppa.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "ExpressZip" "" "" "c:\program files (x86)\nch software\expresszip\ezcm64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgsea.dll"
+ "ExpressZip" "" "" "c:\program files (x86)\nch software\expresszip\ezcm64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgse.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssiea.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "TrueSuite Website Log On" "Website Log On" "HP" "c:\program files (x86)\hp simplepass 2011\x64\iebho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgssie.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "TrueSuite Website Log On" "" "" "File not found: C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "AVG Do Not Track" "TODO: <File description>" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgdtiea.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4" "" "" "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\HPCeeScheduleForDave Anthony" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\MirageAgent" "YouCam Mirage" "CyberLink" "c:\program files (x86)\cyberlink\youcam\ycmmirage.exe"
+ "\NCH Software\expresszipShakeIcon" "Express Zip File Compression Software" "NCH Software" "c:\program files (x86)\nch software\expresszip\expresszip.exe"
+ "\{2D0B7FF3-DB7E-43B9-9C9F-FBBA7557DFFB}" "" "" "File not found: C:\Program Files (x86)\ADSTech DVD Xpress DX2\CapWiz.exe"
+ "\{60AC29B8-1582-4E81-B8F1-4D5A75744DF1}" "" "" "File not found: C:\Program Files (x86)\ADSTech DVD Xpress DX2\CapWiz.exe"
+ "\{B21E2150-6761-4567-A2B1-399C9E65F960}" "" "" "File not found: C:\Program Files (x86)\ADSTech DVD Xpress DX2\CapWiz.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\idt\wdm\aestsr64.exe"
+ "AMPPALR3" "Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter" "Intel Corporation" "c:\program files\intel\bluetoothhs\bthsamppalservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "BTHSSecurityMgr" "Manages the 802.1x security between two Bluetooth® High Speed connections." "Intel® Corporation" "c:\program files\intel\bluetoothhs\bthssecuritymgr.exe"
+ "CLKMSVC10_38F51D56" "CyberLink KM Service" "CyberLink" "c:\program files (x86)\cyberlink\powerdvd10\navfilter\kmsvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "ezSharedSvc" "Provides licensing, security and parental control services for EasyBits applications. If this service is stopped or disabled, these applications will not function properly." "EasyBits Software AS" "c:\windows\syswow64\ezsharedsvchost.exe"
+ "FPLService" "Provides convenient and secure fingerprint authentication and identity management." "HP" "c:\program files (x86)\hp simplepass 2011\truesuiteservice.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPClientSvc" "HP Client Services" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "hpCMSrv" "HP Connection Manager Service" "Hewlett-Packard Development Company L.P." "c:\program files (x86)\hewlett-packard\hp connection manager\hpcmsrv.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "HP Software Framework WMI Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv" "HpService" "Hewlett-Packard Company" "c:\windows\system32\hpservice.exe"
+ "HPWMISVC" "HP Quick Launch WMI Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpwmisvc.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IconMan_R" "Realtek Card Reader Icon Tool." "Realsil Microelectronics Inc." "c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "Nero BackItUp Scheduler 4.0" "Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "" "File not found: C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\program files\idt\wdm\stacsv64.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "vToolbarUpdater12.2.6" "ToolbarU Application" "" "c:\program files (x86)\common files\avg secure search\vtoolbarupdater\12.2.6\toolbarupdater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AMPPAL" "Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "AMPPALP" "Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\amppal.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AVGIDSDriver" "AVG Technologies IDS Application Activity Monitor Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSFilter" "AVG Technologies IDS Application Activity Monitor Filter Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsfiltera.sys"
+ "AVGIDSHA" "AVG Technologies IDS Application Activity Monitor Helper Driver" "AVG Technologies CZ, s.r.o. " "c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64" "AVG AVI Loader Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgldx64.sys"
+ "Avgmfx64" "AVG Resident Shield Minifilter Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64" "AVG Anti-Rootkit Driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia" "AVG Network connection watcher" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgtdia.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx64.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "clwvd" "CyberLink WebCam Virtual Driver" "CyberLink Corporation" "c:\windows\system32\drivers\clwvd.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw72ADFilter" "WinTV HVR-950 USB Audio Filter Service" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw72adfilter.sys"
+ "hcw72ATV" "WinTV HVR-950 AVStream Driver" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw72atv.sys"
+ "hcw72DTV" "WinTV HVR-950 BDA Driver" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw72dtv.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "MUSTechVIDCAP" "Micronas Technologies GO7007SB AVCapture Driver." "Micronas Technologies" "c:\windows\system32\drivers\musgostrm.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x64.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "wdkmd" "Intel Wireless Display Solution" "Intel Corporation" "c:\windows\system32\drivers\wdkmd.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "32KHz to 16KHz Audio Decimator" "QCP DirectShow Filters" "Qualcomm, Inc." "c:\program files (x86)\verizon\verizon media manager\3ivx\zqcp.ax"
+ "3ivx AAC Audio Encoder" "3ivx 6.0.0 DirectShow Audio Encoder" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsaudioencoder.ax"
+ "3ivx AC3 Audio Encoder" "3ivx 6.0.0 DirectShow Audio Encoder" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsaudioencoder.ax"
+ "3ivx ADTS Parser" "3ivx 6.0.0 DirectShow ADTS Parser" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsadtsparser.ax"
+ "3ivx Audio Decoder" "3ivx 6.0.0 DirectShow Audio Decoder" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsaudiodecoder.ax"
+ "3ivx Decoder Filter" "3ivx 6.0.0 DirectShow Video Decoder" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsvideodecoder.ax"
+ "3ivx Media Muxer" "3ivx 6.0.0 DirectShow Media Muxer" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsmediamux.ax"
+ "3ivx Media Splitter" "3ivx 6.0.0 DirectShow Media Splitter" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsmediasplitter.ax"
+ "3ivx MPEG-2 Video Encoder" "3ivx 6.0.0 DirectShow MPEG-2 Video Encoder" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsmpeg2videoencoder.ax"
+ "3ivx MPEG-4 Video Encoder" "3ivx 6.0.0 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsvideoencoder.ax"
+ "3ivx Soda Audio Sink" "3ivx 6.0.0 DirectShow Soda Audio Sink" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdssodaaudiosink.ax"
+ "3ivx Soda Audio Source2" "3ivx 6.0.0 DirectShow Soda Audio Source2" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdssodaaudiosource2.ax"
+ "3ivx Soda Generic Sink" "3ivx 6.0.0 DirectShow Soda Generic Sink" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdssodagenericsink.ax"
+ "3ivx Soda Generic Source" "3ivx 6.0.0 GeneircSource" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsgenericsource.ax"
+ "3ivx Soda Video Sink2" "3ivx 6.0.0 DirectShow Soda Video Sink2" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdssodavideosink2.ax"
+ "3ivx Soda Video Source2" "3ivx 6.0.0 DirectShow Soda Video Source2" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdssodavideosource2.ax"
+ "3ivxStreamMuxer" "3ivx 6.0.0 DirectShow Stream Muxer" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsstreammuxer.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder (PDVD10)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PDVD10)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudfx.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD10)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\claudiocd.ax"
+ "CyberLink AVCHD Navigator" "CLBDROMNav" "cyberlink" "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clavchdnav.ax"
+ "Cyberlink Demuxer 2.0" "CLDemuxer2" "Cyberlink" "c:\program files (x86)\cyberlink\powerdvd10\navfilter\cldemuxer2.ax"
+ "CyberLink Digest Filter (PDVD10)" "DigestFilter Dynamic Link Library" "" "c:\program files (x86)\cyberlink\powerdvd10\digestfilter.dll"
+ "CyberLink DVD Navigator (PDVD10)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clnavx.ax"
+ "CyberLink FLV Splitter(PDVD10)" "CyberLink FLV Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clflvsplitter.ax"
+ "CyberLink HAM Decoder" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink HD/BD Mixer (PDVD10)" "CLHBMixer" " " "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clhbmixer.ax"
+ "CyberLink Line21 Decoder (PDVD10)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clline21.ax"
+ "CyberLink Matroska Splitter(PDVD10)" "CyberLink Matroska Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clmkvsplter.ax"
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clsplter.ax"
+ "CyberLink MPEG-4 Splitter (PDVD10)" "CyberLink MPEG-4 Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clm4splt.ax"
+ "CyberLink RealAudio Decoder(PDVD10)" "CyberLink RealMedia Audio Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clrmaud.ax"
+ "CyberLink RealMedia Splitter(PDVD10)" "CyberLink RealMedia Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\navfilter\clrmsplitter.ax"
+ "CyberLink RealVideo Decoder(PDVD10)" "CyberLink RealMedia Video Decoder" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clrmvd.ax"
+ "Cyberlink SubTitle Importor (PDVD10)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "Cyberlink SubTitle Importor 2.0 (PDVD10)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD10)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PDVD10)" "CyberLink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\cltzan.ax"
+ "CyberLink Video Decoder (PDVD10)" "CyberLink 264 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clcvd.ax"
+ "CyberLink Video/SP Decoder (PDVD10)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\powerdvd10\videofilter\clvsd.ax"
+ "DivX Video Encoder (3ivx)" "3ivx 6.0.0 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsvideoencoder.ax"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Dump" "WavDump Dynamic Link Library" "" "c:\program files (x86)\verizon\verizon media manager\release\wavbuffer.ax"
+ "DVD Audio Decoder" "Audio Decoder" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulac32.ax"
+ "Intel® Media SDK AAC Encoder" "Intel® Media SDK AAC Encoder" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_aac_enc_ds.dll"
+ "Intel® Media SDK MPEG-2 Muxer" "Intel® Media SDK MPEG-2 Muxer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\imc_mp2_mux_ds.dll"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel® Network Filter" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\intelnet.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MainConcept MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mcmpeg2mux.ax"
+ "MainConcept Network Renderer" "Network Renderer" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_net_renderer_ds.ax"
+ "MP3 Dest" "Mp3Dest Dynamic Link Library" "" "c:\program files (x86)\verizon\verizon media manager\release\mp3dest.ax"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PCM Time Stretching Filter" "QCP DirectShow Filters" "Qualcomm, Inc." "c:\program files (x86)\verizon\verizon media manager\3ivx\zqcp.ax"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "QCP Codec Filter" "QCP DirectShow Filters" "Qualcomm, Inc." "c:\program files (x86)\verizon\verizon media manager\3ivx\zqcp.ax"
+ "QCP File Generator" "QCP DirectShow Filters" "Qualcomm, Inc." "c:\program files (x86)\verizon\verizon media manager\3ivx\zqcp.ax"
+ "QCP File Parser" "QCP DirectShow Filters" "Qualcomm, Inc." "c:\program files (x86)\verizon\verizon media manager\3ivx\zqcp.ax"
+ "QCP Mixer Filter" "QCP DirectShow Filters" "Qualcomm, Inc." "c:\program files (x86)\verizon\verizon media manager\3ivx\zqcp.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Samsung Video Encoder (3ivx)" "3ivx 6.0.0 Video for Windows Codec" "3ivx Technologies Pty. Ltd." "c:\program files (x86)\verizon\verizon media manager\3ivx\3ivxdsvideoencoder.ax"
+ "Ulead AC3 Audio Encoder" "DirectShow AC3 Audio Encoder" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uleaac3.ax"
+ "ULead File Source (Async.)" "Ulead Async Filter" "Ulead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulasync.ax"
+ "Ulead MPEG Audio Decoder" "MPEG Video and Audio Decoder" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\uldsmpeg.ax"
+ "Ulead MPEG Muxer" "MPEG Muxer" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulmxmpeg.ax"
+ "Ulead MPEG Video Decoder" "MPEG Video and Audio Decoder" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\uldsmpeg.ax"
+ "WAV Dest" "WavDest Dynamic Link Library" "" "c:\program files (x86)\verizon\verizon media manager\release\wavdest.ax"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "{E6F55EFE-D283-4264-B12D-561DA9935685}" "WavParse Dynamic Link Library" "" "c:\program files (x86)\verizon\verizon media manager\release\wavparser.ax"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart" "AVG Resident Shield Service" "AVG Technologies CZ, s.r.o." "c:\program files (x86)\avg\avg2012\avgrsa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BJ Fax Language Monitor1" "Canon Inkjet Fax Driver" "CANON INC." "c:\windows\system32\cnhf1lm.dll"
+ "BJ Language Monitor4" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm4.dll"
+ "PCL hpz3lw71" "LanguageMonitor" "Hewlett-Packard Corporation" "c:\windows\system32\hpz3lw71.dll"



Thanks again for your help.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:49 PM

Posted 02 October 2012 - 09:40 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#9 danthon5

danthon5
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:49 PM

Posted 02 October 2012 - 10:13 PM

Done...thanks so much!!!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:49 PM

Posted 02 October 2012 - 10:39 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users