Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG Free Keeps showing Skodna.BitCoinMiner.AD


  • Please log in to reply
18 replies to this topic

#1 LinuxPhreak

LinuxPhreak

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 06 October 2012 - 01:16 AM

I have no idea what the hell to do. I've exhausted myself on trying to fix this. I can take the computer to a repair shop but I have very important data on it. Not to mention I may have the money to pay for it to be repaired. But that money can go towards better things.

AVG 2013 Free Edition keeps popping up a Window telling me it has detected a threat. It is called Skodna.BitCoinMiner.AD and it is appearently finding the file in %APPDATA%\Local\Temp\RANDOMSTRING.tmp

I spoke to my not so tech savvy friend who told me that he heard about Combofix.exe and told me it was free. He gave me a copy I tried it out. The darn peace of malware keeps showing up.

The malware appears to be written in python, and just my guess. It must be programmed to only fire up once per session. I would say it is probably doing this by storing data in the hidden hard drive partition on Windows 7. However that seems to be ruled out since I don't have to restart my computer for the problem to keep happening. This leaves me to think that maybe my logon.exe file may have been infected. Please note that I prefer Linux and other Unix systems. Windows is not my thing. Also please note that that I'm just throwing out ideas on how this sucker operates.

It might be worth mentioning that I have done some contreversal tweaks to the system. Meaning I have patched bootscreen with custom logo, as well as a registry tweak for my login screen. I also used a Hex editor to modify the Explorer.exe file.

Any help on getting the Skodna.BitCoinMiner.AD off of my PC ASAP would be very appreciated.

Updated Info
Okay so I can do full system scan with AVG set to high priority, and have it set to be extremely strict. And it shows up with now threats. I also did a High Priority Shell scan with AVG on my Google Drive folder and no threats appeared. I then thought that the malware may have gone dormant. I figured I would reboot the PC, and use Kaspersky Rescue Disk 10. I updated the database for running the scan. I decided to use the rescue disk in thinking if Windows isn't actually on then nothing on it would be detected allowing a better scan. No threats where detected.

Update
I thought maybe my Chrome browser was infected. I fired it up to get the message again. I have not gotten a message yet. The first few things I ever really do on this computer when I start it up is fire up Thunderbird and Chrome. I will attempt to fireup chrome now

Update
I've had Thunderbird, I have been using the computer for about a half hour now. No signs of the virus yet. I'm wandering if it is still their and has been programmed to detect if user is trying to remove it. And if that is the case then it could just be laying dormant. Also maybe it communicates with servers. And maybe the servers are only on for certain hours. During those times maybe the virus doesn't work. Either way if anyone can tell me if I can be assured if it has really been removed please tell me.

Edited by LinuxPhreak, 06 October 2012 - 04:01 AM.
Moved to AII from Windows 7. ~ OB


BC AdBot (Login to Remove)

 


#2 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 06 October 2012 - 02:43 AM

I also have Google Drive client installed on this computer as well as on my Mac, iPod Touch and Android devices. I have Google Drive App for my chrome browser which is on all my machines. Including Fedora, Bennix, Ubuntu.

Not sure if AVG is detecting a non Windows file format and flipping out. But I doubt it.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:32 AM

Posted 15 October 2012 - 11:46 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 16 October 2012 - 12:15 AM

I'm going to assume I should deactivate AVG while doing this. I don't want the software to conflict with each other. Please confirm that I should deactivate AVG before I continue.

Note I haven't had any warnings from AVG since I last posted here.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:32 AM

Posted 16 October 2012 - 12:21 AM

Disable it and continue

#6 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 16 October 2012 - 12:30 AM

Scan report for TDSKiller.

01:24:51.0963 4348  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
01:24:52.0278 4348  ============================================================
01:24:52.0278 4348  Current date / time: 2012/10/16 01:24:52.0278
01:24:52.0278 4348  SystemInfo:
01:24:52.0279 4348  
01:24:52.0279 4348  OS Version: 6.1.7601 ServicePack: 1.0
01:24:52.0279 4348  Product type: Workstation
01:24:52.0279 4348  ComputerName: USER-PC
01:24:52.0279 4348  UserName: User
01:24:52.0279 4348  Windows directory: C:\Windows
01:24:52.0279 4348  System windows directory: C:\Windows
01:24:52.0279 4348  Running under WOW64
01:24:52.0279 4348  Processor architecture: Intel x64
01:24:52.0279 4348  Number of processors: 2
01:24:52.0279 4348  Page size: 0x1000
01:24:52.0279 4348  Boot type: Normal boot
01:24:52.0279 4348  ============================================================
01:24:52.0600 4348  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:24:52.0605 4348  ============================================================
01:24:52.0605 4348  \Device\Harddisk0\DR0:
01:24:52.0605 4348  MBR partitions:
01:24:52.0605 4348  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:24:52.0605 4348  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A825000
01:24:52.0605 4348  ============================================================
01:24:52.0631 4348  C: <-> \Device\Harddisk0\DR0\Partition2
01:24:52.0631 4348  ============================================================
01:24:52.0631 4348  Initialize success
01:24:52.0631 4348  ============================================================
01:25:58.0071 0636  ============================================================
01:25:58.0071 0636  Scan started
01:25:58.0071 0636  Mode: Manual; TDLFS; 
01:25:58.0071 0636  ============================================================
01:25:58.0758 0636  ================ Scan system memory ========================
01:25:58.0759 0636  System memory - ok
01:25:58.0759 0636  ================ Scan services =============================
01:25:58.0989 0636  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
01:25:58.0994 0636  1394ohci - ok
01:25:59.0032 0636  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
01:25:59.0033 0636  Accelerometer - ok
01:25:59.0136 0636  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:25:59.0141 0636  ACPI - ok
01:25:59.0184 0636  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
01:25:59.0185 0636  AcpiPmi - ok
01:25:59.0240 0636  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
01:25:59.0249 0636  adp94xx - ok
01:25:59.0293 0636  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
01:25:59.0300 0636  adpahci - ok
01:25:59.0318 0636  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
01:25:59.0322 0636  adpu320 - ok
01:25:59.0356 0636  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
01:25:59.0357 0636  AeLookupSvc - ok
01:25:59.0401 0636  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
01:25:59.0408 0636  AFD - ok
01:25:59.0467 0636  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
01:25:59.0469 0636  agp440 - ok
01:25:59.0490 0636  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
01:25:59.0492 0636  ALG - ok
01:25:59.0517 0636  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
01:25:59.0519 0636  aliide - ok
01:25:59.0560 0636  [ D2A8D3FE8D5EA4B3A631C86E5DD838E5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
01:25:59.0563 0636  AMD External Events Utility - ok
01:25:59.0653 0636  AMD FUEL Service - ok
01:25:59.0679 0636  [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193 ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
01:25:59.0681 0636  amdhub30 - ok
01:25:59.0754 0636  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
01:25:59.0756 0636  amdide - ok
01:25:59.0777 0636  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
01:25:59.0779 0636  amdiox64 - ok
01:25:59.0801 0636  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
01:25:59.0803 0636  AmdK8 - ok
01:26:00.0025 0636  [ 90663B2830BB226B67E101A72CFF8383 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
01:26:00.0235 0636  amdkmdag - ok
01:26:00.0277 0636  [ 9503F413AF5CC1721D58CF1753483C96 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
01:26:00.0281 0636  amdkmdap - ok
01:26:00.0320 0636  [ 554FB0F28C411FB1EAFD4EA46A8CAAA4 ] amdkmpfd        C:\Windows\system32\DRIVERS\amdkmpfd.sys
01:26:00.0321 0636  amdkmpfd - ok
01:26:00.0348 0636  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
01:26:00.0349 0636  AmdPPM - ok
01:26:00.0387 0636  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
01:26:00.0389 0636  amdsata - ok
01:26:00.0420 0636  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
01:26:00.0424 0636  amdsbs - ok
01:26:00.0442 0636  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
01:26:00.0444 0636  amdxata - ok
01:26:00.0476 0636  [ 541A6C49C792ED71FB3EFF8C815CFE60 ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
01:26:00.0480 0636  amdxhc - ok
01:26:00.0496 0636  [ A1434F35B7B171CB697D74D33F7D029F ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
01:26:00.0497 0636  amd_sata - ok
01:26:00.0514 0636  [ E9B5A82FA268BB2D1B012030D5F4E096 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
01:26:00.0515 0636  amd_xata - ok
01:26:00.0614 0636  [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
01:26:00.0615 0636  AppHostSvc - ok
01:26:00.0660 0636  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
01:26:00.0662 0636  AppID - ok
01:26:00.0687 0636  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:26:00.0689 0636  AppIDSvc - ok
01:26:00.0727 0636  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
01:26:00.0728 0636  Appinfo - ok
01:26:00.0764 0636  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
01:26:00.0767 0636  AppMgmt - ok
01:26:00.0804 0636  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
01:26:00.0807 0636  arc - ok
01:26:00.0831 0636  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
01:26:00.0834 0636  arcsas - ok
01:26:00.0988 0636  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:26:00.0990 0636  aspnet_state - ok
01:26:01.0060 0636  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:26:01.0061 0636  AsyncMac - ok
01:26:01.0092 0636  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
01:26:01.0093 0636  atapi - ok
01:26:01.0205 0636  [ B4421D8CDADC441F76BA39532A3E3414 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
01:26:01.0246 0636  athr - ok
01:26:01.0291 0636  [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
01:26:01.0294 0636  AtiHDAudioService - ok
01:26:01.0375 0636  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:26:01.0383 0636  AudioEndpointBuilder - ok
01:26:01.0399 0636  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
01:26:01.0406 0636  AudioSrv - ok
01:26:01.0626 0636  [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
01:26:01.0743 0636  AVGIDSAgent - ok
01:26:01.0778 0636  [ F1A99DA71E6549D7D944596E15142866 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
01:26:01.0780 0636  AVGIDSDriver - ok
01:26:01.0831 0636  [ E6CB84918C1ABE84AAAF749D2EA4E764 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
01:26:01.0833 0636  AVGIDSHA - ok
01:26:01.0872 0636  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
01:26:01.0876 0636  Avgldx64 - ok
01:26:01.0900 0636  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
01:26:01.0904 0636  Avgloga - ok
01:26:01.0924 0636  [ EAFF19168F26FA225EB679547B718051 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
01:26:01.0927 0636  Avgmfx64 - ok
01:26:01.0986 0636  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
01:26:01.0989 0636  Avgrkx64 - ok
01:26:02.0030 0636  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
01:26:02.0034 0636  Avgtdia - ok
01:26:02.0089 0636  [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
01:26:02.0093 0636  avgwd - ok
01:26:02.0140 0636  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:26:02.0141 0636  AxInstSV - ok
01:26:02.0171 0636  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
01:26:02.0176 0636  b06bdrv - ok
01:26:02.0200 0636  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
01:26:02.0203 0636  b57nd60a - ok
01:26:02.0230 0636  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
01:26:02.0231 0636  BDESVC - ok
01:26:02.0247 0636  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:26:02.0247 0636  Beep - ok
01:26:02.0345 0636  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
01:26:02.0357 0636  BFE - ok
01:26:02.0398 0636  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
01:26:02.0410 0636  BITS - ok
01:26:02.0474 0636  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
01:26:02.0475 0636  blbdrive - ok
01:26:02.0509 0636  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:26:02.0511 0636  bowser - ok
01:26:02.0545 0636  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:26:02.0547 0636  BrFiltLo - ok
01:26:02.0554 0636  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:26:02.0556 0636  BrFiltUp - ok
01:26:02.0624 0636  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
01:26:02.0626 0636  BridgeMP - ok
01:26:02.0657 0636  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
01:26:02.0658 0636  Browser - ok
01:26:02.0689 0636  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
01:26:02.0692 0636  Brserid - ok
01:26:02.0698 0636  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:26:02.0699 0636  BrSerWdm - ok
01:26:02.0704 0636  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:26:02.0706 0636  BrUsbMdm - ok
01:26:02.0710 0636  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:26:02.0712 0636  BrUsbSer - ok
01:26:02.0717 0636  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
01:26:02.0719 0636  BTHMODEM - ok
01:26:02.0761 0636  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
01:26:02.0763 0636  bthserv - ok
01:26:02.0790 0636  catchme - ok
01:26:02.0808 0636  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:26:02.0811 0636  cdfs - ok
01:26:02.0895 0636  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
01:26:02.0899 0636  cdrom - ok
01:26:02.0929 0636  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
01:26:02.0931 0636  CertPropSvc - ok
01:26:03.0006 0636  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
01:26:03.0008 0636  circlass - ok
01:26:03.0042 0636  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
01:26:03.0047 0636  CLFS - ok
01:26:03.0131 0636  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:26:03.0133 0636  clr_optimization_v2.0.50727_32 - ok
01:26:03.0191 0636  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:26:03.0194 0636  clr_optimization_v2.0.50727_64 - ok
01:26:03.0288 0636  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:26:03.0302 0636  clr_optimization_v4.0.30319_32 - ok
01:26:03.0318 0636  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:26:03.0321 0636  clr_optimization_v4.0.30319_64 - ok
01:26:03.0405 0636  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
01:26:03.0406 0636  CmBatt - ok
01:26:03.0432 0636  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
01:26:03.0434 0636  cmdide - ok
01:26:03.0473 0636  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
01:26:03.0481 0636  CNG - ok
01:26:03.0496 0636  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
01:26:03.0498 0636  Compbatt - ok
01:26:03.0529 0636  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
01:26:03.0530 0636  CompositeBus - ok
01:26:03.0540 0636  COMSysApp - ok
01:26:03.0555 0636  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
01:26:03.0557 0636  crcdisk - ok
01:26:03.0599 0636  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:26:03.0601 0636  CryptSvc - ok
01:26:03.0645 0636  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
01:26:03.0650 0636  CSC - ok
01:26:03.0669 0636  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
01:26:03.0673 0636  CscService - ok
01:26:03.0713 0636  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:26:03.0723 0636  DcomLaunch - ok
01:26:03.0748 0636  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
01:26:03.0753 0636  defragsvc - ok
01:26:03.0820 0636  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:26:03.0822 0636  DfsC - ok
01:26:03.0855 0636  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:26:03.0860 0636  Dhcp - ok
01:26:03.0887 0636  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
01:26:03.0888 0636  discache - ok
01:26:03.0959 0636  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
01:26:03.0962 0636  Disk - ok
01:26:04.0000 0636  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:26:04.0004 0636  Dnscache - ok
01:26:04.0030 0636  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
01:26:04.0034 0636  dot3svc - ok
01:26:04.0066 0636  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
01:26:04.0069 0636  DPS - ok
01:26:04.0106 0636  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
01:26:04.0112 0636  drmkaud - ok
01:26:04.0182 0636  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
01:26:04.0195 0636  DXGKrnl - ok
01:26:04.0281 0636  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
01:26:04.0284 0636  EapHost - ok
01:26:04.0391 0636  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
01:26:04.0424 0636  ebdrv - ok
01:26:04.0450 0636  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
01:26:04.0451 0636  EFS - ok
01:26:04.0543 0636  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
01:26:04.0551 0636  ehRecvr - ok
01:26:04.0577 0636  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
01:26:04.0579 0636  ehSched - ok
01:26:04.0657 0636  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
01:26:04.0667 0636  elxstor - ok
01:26:04.0683 0636  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
01:26:04.0685 0636  ErrDev - ok
01:26:04.0717 0636  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
01:26:04.0720 0636  EventSystem - ok
01:26:04.0737 0636  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
01:26:04.0740 0636  exfat - ok
01:26:04.0759 0636  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
01:26:04.0762 0636  fastfat - ok
01:26:04.0807 0636  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
01:26:04.0815 0636  Fax - ok
01:26:04.0841 0636  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
01:26:04.0842 0636  fdc - ok
01:26:04.0883 0636  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
01:26:04.0884 0636  fdPHost - ok
01:26:04.0892 0636  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:26:04.0894 0636  FDResPub - ok
01:26:04.0911 0636  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:26:04.0912 0636  FileInfo - ok
01:26:04.0925 0636  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
01:26:04.0926 0636  Filetrace - ok
01:26:04.0976 0636  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
01:26:04.0978 0636  flpydisk - ok
01:26:05.0001 0636  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:26:05.0005 0636  FltMgr - ok
01:26:05.0049 0636  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
01:26:05.0064 0636  FontCache - ok
01:26:05.0134 0636  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:26:05.0135 0636  FontCache3.0.0.0 - ok
01:26:05.0153 0636  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
01:26:05.0154 0636  FsDepends - ok
01:26:05.0180 0636  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:26:05.0181 0636  Fs_Rec - ok
01:26:05.0243 0636  [ 895BA1CFF25E867CE5A52073E905C93B ] fussvc          C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
01:26:05.0246 0636  fussvc - ok
01:26:05.0293 0636  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:26:05.0296 0636  fvevol - ok
01:26:05.0340 0636  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
01:26:05.0342 0636  gagp30kx - ok
01:26:05.0382 0636  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
01:26:05.0393 0636  gpsvc - ok
01:26:05.0431 0636  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:26:05.0433 0636  gupdate - ok
01:26:05.0470 0636  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:26:05.0471 0636  gupdatem - ok
01:26:05.0489 0636  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:26:05.0491 0636  hcw85cir - ok
01:26:05.0538 0636  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:26:05.0543 0636  HdAudAddService - ok
01:26:05.0598 0636  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
01:26:05.0600 0636  HDAudBus - ok
01:26:05.0627 0636  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
01:26:05.0629 0636  HidBatt - ok
01:26:05.0638 0636  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
01:26:05.0641 0636  HidBth - ok
01:26:05.0654 0636  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
01:26:05.0656 0636  HidIr - ok
01:26:05.0682 0636  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
01:26:05.0683 0636  hidserv - ok
01:26:05.0741 0636  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
01:26:05.0743 0636  HidUsb - ok
01:26:05.0771 0636  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:26:05.0775 0636  hkmsvc - ok
01:26:05.0823 0636  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:26:05.0827 0636  HomeGroupListener - ok
01:26:05.0859 0636  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:26:05.0861 0636  HomeGroupProvider - ok
01:26:05.0903 0636  [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
01:26:05.0904 0636  hpdskflt - ok
01:26:05.0927 0636  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:26:05.0930 0636  HpSAMD - ok
01:26:05.0936 0636  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv           C:\Windows\system32\Hpservice.exe
01:26:05.0937 0636  hpsrv - ok
01:26:05.0990 0636  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:26:05.0995 0636  HTTP - ok
01:26:06.0011 0636  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:26:06.0011 0636  hwpolicy - ok
01:26:06.0095 0636  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
01:26:06.0098 0636  i8042prt - ok
01:26:06.0133 0636  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
01:26:06.0138 0636  iaStorV - ok
01:26:06.0185 0636  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:26:06.0199 0636  idsvc - ok
01:26:06.0232 0636  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
01:26:06.0237 0636  iirsp - ok
01:26:06.0299 0636  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
01:26:06.0317 0636  IKEEXT - ok
01:26:06.0359 0636  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
01:26:06.0360 0636  intelide - ok
01:26:06.0389 0636  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:26:06.0391 0636  intelppm - ok
01:26:06.0412 0636  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
01:26:06.0413 0636  IPBusEnum - ok
01:26:06.0443 0636  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:26:06.0444 0636  IpFilterDriver - ok
01:26:06.0519 0636  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:26:06.0527 0636  iphlpsvc - ok
01:26:06.0569 0636  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
01:26:06.0572 0636  IPMIDRV - ok
01:26:06.0581 0636  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
01:26:06.0585 0636  IPNAT - ok
01:26:06.0616 0636  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:26:06.0616 0636  IRENUM - ok
01:26:06.0634 0636  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:26:06.0635 0636  isapnp - ok
01:26:06.0678 0636  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
01:26:06.0682 0636  iScsiPrt - ok
01:26:06.0743 0636  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
01:26:06.0744 0636  kbdclass - ok
01:26:06.0775 0636  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
01:26:06.0775 0636  kbdhid - ok
01:26:06.0790 0636  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
01:26:06.0791 0636  KeyIso - ok
01:26:06.0816 0636  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:26:06.0817 0636  KSecDD - ok
01:26:06.0867 0636  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
01:26:06.0870 0636  KSecPkg - ok
01:26:06.0893 0636  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
01:26:06.0894 0636  ksthunk - ok
01:26:06.0922 0636  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
01:26:06.0928 0636  KtmRm - ok
01:26:06.0991 0636  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
01:26:06.0996 0636  LanmanServer - ok
01:26:07.0043 0636  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:26:07.0047 0636  LanmanWorkstation - ok
01:26:07.0117 0636  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:26:07.0118 0636  lltdio - ok
01:26:07.0156 0636  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
01:26:07.0163 0636  lltdsvc - ok
01:26:07.0181 0636  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
01:26:07.0184 0636  lmhosts - ok
01:26:07.0248 0636  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
01:26:07.0252 0636  LSI_FC - ok
01:26:07.0263 0636  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
01:26:07.0265 0636  LSI_SAS - ok
01:26:07.0278 0636  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:26:07.0281 0636  LSI_SAS2 - ok
01:26:07.0287 0636  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:26:07.0289 0636  LSI_SCSI - ok
01:26:07.0319 0636  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
01:26:07.0319 0636  luafv - ok
01:26:07.0343 0636  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
01:26:07.0346 0636  Mcx2Svc - ok
01:26:07.0364 0636  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
01:26:07.0365 0636  megasas - ok
01:26:07.0384 0636  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
01:26:07.0388 0636  MegaSR - ok
01:26:07.0422 0636  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
01:26:07.0423 0636  MMCSS - ok
01:26:07.0446 0636  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
01:26:07.0447 0636  Modem - ok
01:26:07.0456 0636  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
01:26:07.0457 0636  monitor - ok
01:26:07.0487 0636  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
01:26:07.0488 0636  mouclass - ok
01:26:07.0501 0636  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:26:07.0502 0636  mouhid - ok
01:26:07.0539 0636  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:26:07.0539 0636  mountmgr - ok
01:26:07.0639 0636  [ 24409A2A9F0351E208E14F609340FB25 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:26:07.0642 0636  MozillaMaintenance - ok
01:26:07.0671 0636  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
01:26:07.0675 0636  mpio - ok
01:26:07.0720 0636  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:26:07.0721 0636  mpsdrv - ok
01:26:07.0769 0636  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:26:07.0781 0636  MpsSvc - ok
01:26:07.0848 0636  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:26:07.0851 0636  MRxDAV - ok
01:26:07.0872 0636  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:26:07.0874 0636  mrxsmb - ok
01:26:07.0886 0636  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:26:07.0889 0636  mrxsmb10 - ok
01:26:07.0904 0636  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:26:07.0906 0636  mrxsmb20 - ok
01:26:07.0934 0636  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
01:26:07.0935 0636  msahci - ok
01:26:07.0991 0636  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
01:26:07.0994 0636  msdsm - ok
01:26:08.0010 0636  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
01:26:08.0015 0636  MSDTC - ok
01:26:08.0046 0636  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:26:08.0047 0636  Msfs - ok
01:26:08.0060 0636  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
01:26:08.0061 0636  mshidkmdf - ok
01:26:08.0080 0636  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:26:08.0082 0636  msisadrv - ok
01:26:08.0116 0636  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
01:26:08.0119 0636  MSiSCSI - ok
01:26:08.0124 0636  msiserver - ok
01:26:08.0156 0636  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
01:26:08.0157 0636  MSKSSRV - ok
01:26:08.0169 0636  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:26:08.0170 0636  MSPCLOCK - ok
01:26:08.0214 0636  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
01:26:08.0215 0636  MSPQM - ok
01:26:08.0248 0636  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
01:26:08.0255 0636  MsRPC - ok
01:26:08.0295 0636  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
01:26:08.0296 0636  mssmbios - ok
01:26:08.0311 0636  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
01:26:08.0312 0636  MSTEE - ok
01:26:08.0353 0636  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
01:26:08.0357 0636  MTConfig - ok
01:26:08.0394 0636  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
01:26:08.0400 0636  Mup - ok
01:26:08.0444 0636  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
01:26:08.0456 0636  napagent - ok
01:26:08.0509 0636  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
01:26:08.0511 0636  NativeWifiP - ok
01:26:08.0571 0636  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:26:08.0580 0636  NDIS - ok
01:26:08.0609 0636  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
01:26:08.0610 0636  NdisCap - ok
01:26:08.0638 0636  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:26:08.0638 0636  NdisTapi - ok
01:26:08.0667 0636  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
01:26:08.0668 0636  Ndisuio - ok
01:26:08.0732 0636  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
01:26:08.0736 0636  NdisWan - ok
01:26:08.0765 0636  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
01:26:08.0767 0636  NDProxy - ok
01:26:08.0791 0636  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
01:26:08.0792 0636  NetBIOS - ok
01:26:08.0827 0636  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
01:26:08.0831 0636  NetBT - ok
01:26:08.0853 0636  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
01:26:08.0856 0636  Netlogon - ok
01:26:08.0905 0636  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
01:26:08.0912 0636  Netman - ok
01:26:08.0932 0636  [ E8B9164DA7701C1E595647C3A3AFA766 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:26:08.0935 0636  NetMsmqActivator - ok
01:26:08.0942 0636  [ E8B9164DA7701C1E595647C3A3AFA766 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:26:08.0946 0636  NetPipeActivator - ok
01:26:08.0979 0636  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
01:26:08.0982 0636  netprofm - ok
01:26:08.0987 0636  [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:26:08.0989 0636  NetTcpActivator - ok
01:26:08.0994 0636  [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:26:08.0996 0636  NetTcpPortSharing - ok
01:26:09.0025 0636  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
01:26:09.0026 0636  nfrd960 - ok
01:26:09.0123 0636  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:26:09.0129 0636  NlaSvc - ok
01:26:09.0137 0636  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:26:09.0139 0636  Npfs - ok
01:26:09.0160 0636  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
01:26:09.0162 0636  nsi - ok
01:26:09.0175 0636  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:26:09.0175 0636  nsiproxy - ok
01:26:09.0225 0636  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:26:09.0242 0636  Ntfs - ok
01:26:09.0262 0636  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
01:26:09.0263 0636  Null - ok
01:26:09.0299 0636  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:26:09.0302 0636  nvraid - ok
01:26:09.0320 0636  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:26:09.0323 0636  nvstor - ok
01:26:09.0351 0636  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:26:09.0353 0636  nv_agp - ok
01:26:09.0417 0636  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
01:26:09.0420 0636  ohci1394 - ok
01:26:09.0460 0636  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:26:09.0467 0636  p2pimsvc - ok
01:26:09.0486 0636  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
01:26:09.0492 0636  p2psvc - ok
01:26:09.0507 0636  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
01:26:09.0509 0636  Parport - ok
01:26:09.0530 0636  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
01:26:09.0531 0636  partmgr - ok
01:26:09.0545 0636  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:26:09.0547 0636  PcaSvc - ok
01:26:09.0566 0636  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
01:26:09.0568 0636  pci - ok
01:26:09.0590 0636  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
01:26:09.0591 0636  pciide - ok
01:26:09.0643 0636  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
01:26:09.0647 0636  pcmcia - ok
01:26:09.0666 0636  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
01:26:09.0668 0636  pcw - ok
01:26:09.0695 0636  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:26:09.0701 0636  PEAUTH - ok
01:26:09.0748 0636  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
01:26:09.0765 0636  PeerDistSvc - ok
01:26:09.0830 0636  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
01:26:09.0832 0636  PerfHost - ok
01:26:09.0893 0636  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
01:26:09.0906 0636  pla - ok
01:26:09.0959 0636  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:26:09.0963 0636  PlugPlay - ok
01:26:09.0978 0636  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
01:26:09.0979 0636  PNRPAutoReg - ok
01:26:10.0002 0636  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
01:26:10.0005 0636  PNRPsvc - ok
01:26:10.0025 0636  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
01:26:10.0031 0636  PolicyAgent - ok
01:26:10.0058 0636  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
01:26:10.0061 0636  Power - ok
01:26:10.0105 0636  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:26:10.0106 0636  PptpMiniport - ok
01:26:10.0126 0636  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
01:26:10.0127 0636  Processor - ok
01:26:10.0184 0636  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
01:26:10.0189 0636  ProfSvc - ok
01:26:10.0207 0636  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:26:10.0209 0636  ProtectedStorage - ok
01:26:10.0252 0636  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:26:10.0255 0636  Psched - ok
01:26:10.0310 0636  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
01:26:10.0335 0636  ql2300 - ok
01:26:10.0356 0636  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
01:26:10.0358 0636  ql40xx - ok
01:26:10.0413 0636  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
01:26:10.0419 0636  QWAVE - ok
01:26:10.0439 0636  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:26:10.0441 0636  QWAVEdrv - ok
01:26:10.0457 0636  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:26:10.0459 0636  RasAcd - ok
01:26:10.0519 0636  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
01:26:10.0523 0636  RasAgileVpn - ok
01:26:10.0558 0636  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
01:26:10.0568 0636  RasAuto - ok
01:26:10.0599 0636  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
01:26:10.0601 0636  Rasl2tp - ok
01:26:10.0661 0636  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
01:26:10.0664 0636  RasMan - ok
01:26:10.0695 0636  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:26:10.0696 0636  RasPppoe - ok
01:26:10.0705 0636  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
01:26:10.0706 0636  RasSstp - ok
01:26:10.0731 0636  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
01:26:10.0735 0636  rdbss - ok
01:26:10.0774 0636  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
01:26:10.0775 0636  rdpbus - ok
01:26:10.0862 0636  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:26:10.0863 0636  RDPCDD - ok
01:26:10.0907 0636  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
01:26:10.0909 0636  RDPDR - ok
01:26:10.0931 0636  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:26:10.0931 0636  RDPENCDD - ok
01:26:10.0938 0636  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:26:10.0938 0636  RDPREFMP - ok
01:26:11.0014 0636  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:26:11.0015 0636  RdpVideoMiniport - ok
01:26:11.0040 0636  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
01:26:11.0045 0636  RDPWD - ok
01:26:11.0119 0636  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:26:11.0123 0636  rdyboost - ok
01:26:11.0157 0636  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:26:11.0161 0636  RemoteAccess - ok
01:26:11.0187 0636  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:26:11.0192 0636  RemoteRegistry - ok
01:26:11.0252 0636  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:26:11.0255 0636  RpcEptMapper - ok
01:26:11.0273 0636  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
01:26:11.0276 0636  RpcLocator - ok
01:26:11.0314 0636  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
01:26:11.0323 0636  RpcSs - ok
01:26:11.0400 0636  [ 1BDF0DFB56603888E7BA07A99BFF3C97 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
01:26:11.0405 0636  RSP2STOR - ok
01:26:11.0430 0636  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:26:11.0432 0636  rspndr - ok
01:26:11.0480 0636  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
01:26:11.0490 0636  RTL8167 - ok
01:26:11.0525 0636  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
01:26:11.0527 0636  s3cap - ok
01:26:11.0549 0636  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
01:26:11.0551 0636  SamSs - ok
01:26:11.0578 0636  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:26:11.0581 0636  sbp2port - ok
01:26:11.0612 0636  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:26:11.0616 0636  SCardSvr - ok
01:26:11.0654 0636  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:26:11.0655 0636  scfilter - ok
01:26:11.0705 0636  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
01:26:11.0725 0636  Schedule - ok
01:26:11.0780 0636  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
01:26:11.0781 0636  SCPolicySvc - ok
01:26:11.0804 0636  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:26:11.0809 0636  SDRSVC - ok
01:26:11.0843 0636  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:26:11.0844 0636  secdrv - ok
01:26:11.0874 0636  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
01:26:11.0878 0636  seclogon - ok
01:26:11.0931 0636  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
01:26:11.0935 0636  SENS - ok
01:26:11.0945 0636  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:26:11.0950 0636  SensrSvc - ok
01:26:11.0971 0636  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
01:26:11.0972 0636  Serenum - ok
01:26:11.0994 0636  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
01:26:11.0996 0636  Serial - ok
01:26:12.0015 0636  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
01:26:12.0016 0636  sermouse - ok
01:26:12.0073 0636  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
01:26:12.0075 0636  SessionEnv - ok
01:26:12.0105 0636  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
01:26:12.0106 0636  sffdisk - ok
01:26:12.0151 0636  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
01:26:12.0152 0636  sffp_mmc - ok
01:26:12.0203 0636  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
01:26:12.0205 0636  sffp_sd - ok
01:26:12.0226 0636  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
01:26:12.0228 0636  sfloppy - ok
01:26:12.0266 0636  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:26:12.0272 0636  SharedAccess - ok
01:26:12.0336 0636  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:26:12.0343 0636  ShellHWDetection - ok
01:26:12.0359 0636  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:26:12.0360 0636  SiSRaid2 - ok
01:26:12.0374 0636  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
01:26:12.0376 0636  SiSRaid4 - ok
01:26:12.0404 0636  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
01:26:12.0406 0636  Smb - ok
01:26:12.0453 0636  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:26:12.0455 0636  SNMPTRAP - ok
01:26:12.0470 0636  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
01:26:12.0471 0636  spldr - ok
01:26:12.0499 0636  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
01:26:12.0505 0636  Spooler - ok
01:26:12.0629 0636  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
01:26:12.0676 0636  sppsvc - ok
01:26:12.0701 0636  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
01:26:12.0713 0636  sppuinotify - ok
01:26:12.0831 0636  [ EAD5300C93946B0250A309E2BF2BE4CF ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
01:26:12.0834 0636  SQLWriter - ok
01:26:12.0868 0636  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
01:26:12.0877 0636  srv - ok
01:26:12.0895 0636  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:26:12.0901 0636  srv2 - ok
01:26:12.0911 0636  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:26:12.0913 0636  srvnet - ok
01:26:12.0950 0636  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
01:26:12.0953 0636  SSDPSRV - ok
01:26:12.0968 0636  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
01:26:12.0970 0636  SstpSvc - ok
01:26:13.0075 0636  [ D30FE3ECF1D6D521365FAE307B500BC0 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
01:26:13.0080 0636  STacSV - ok
01:26:13.0112 0636  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
01:26:13.0114 0636  stexstor - ok
01:26:13.0148 0636  [ 6F69D75F50E8FAF1003AA6CFB18B91EC ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
01:26:13.0158 0636  STHDA - ok
01:26:13.0197 0636  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
01:26:13.0208 0636  stisvc - ok
01:26:13.0239 0636  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
01:26:13.0241 0636  storflt - ok
01:26:13.0262 0636  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
01:26:13.0263 0636  storvsc - ok
01:26:13.0280 0636  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
01:26:13.0280 0636  swenum - ok
01:26:13.0313 0636  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
01:26:13.0317 0636  swprv - ok
01:26:13.0325 0636  Synth3dVsc - ok
01:26:13.0366 0636  [ 772493A8945495F1A287BF6C4CA25B48 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
01:26:13.0371 0636  SynTP - ok
01:26:13.0432 0636  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
01:26:13.0448 0636  SysMain - ok
01:26:13.0480 0636  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:26:13.0482 0636  TabletInputService - ok
01:26:13.0500 0636  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
01:26:13.0503 0636  TapiSrv - ok
01:26:13.0522 0636  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
01:26:13.0524 0636  TBS - ok
01:26:13.0578 0636  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
01:26:13.0598 0636  Tcpip - ok
01:26:13.0634 0636  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:26:13.0645 0636  TCPIP6 - ok
01:26:13.0705 0636  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:26:13.0707 0636  tcpipreg - ok
01:26:13.0745 0636  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:26:13.0747 0636  TDPIPE - ok
01:26:13.0776 0636  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
01:26:13.0778 0636  TDTCP - ok
01:26:13.0831 0636  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
01:26:13.0834 0636  tdx - ok
01:26:13.0894 0636  [ BB676D2C7AD5E7131D12417E4691F9B9 ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
01:26:13.0898 0636  Te.Service - ok
01:26:13.0954 0636  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
01:26:13.0956 0636  TermDD - ok
01:26:14.0000 0636  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
01:26:14.0005 0636  TermService - ok
01:26:14.0035 0636  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
01:26:14.0037 0636  Themes - ok
01:26:14.0111 0636  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
01:26:14.0114 0636  THREADORDER - ok
01:26:14.0143 0636  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
01:26:14.0146 0636  TrkWks - ok
01:26:14.0188 0636  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:26:14.0190 0636  TrustedInstaller - ok
01:26:14.0217 0636  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:26:14.0219 0636  tssecsrv - ok
01:26:14.0240 0636  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:26:14.0242 0636  TsUsbFlt - ok
01:26:14.0249 0636  tsusbhub - ok
01:26:14.0282 0636  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:26:14.0284 0636  tunnel - ok
01:26:14.0339 0636  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
01:26:14.0342 0636  uagp35 - ok
01:26:14.0376 0636  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:26:14.0382 0636  udfs - ok
01:26:14.0416 0636  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
01:26:14.0419 0636  UI0Detect - ok
01:26:14.0432 0636  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:26:14.0434 0636  uliagpkx - ok
01:26:14.0469 0636  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
01:26:14.0471 0636  umbus - ok
01:26:14.0482 0636  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
01:26:14.0484 0636  UmPass - ok
01:26:14.0521 0636  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
01:26:14.0526 0636  UmRdpService - ok
01:26:14.0544 0636  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
01:26:14.0551 0636  upnphost - ok
01:26:14.0582 0636  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
01:26:14.0584 0636  usbccgp - ok
01:26:14.0618 0636  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
01:26:14.0619 0636  usbcir - ok
01:26:14.0624 0636  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
01:26:14.0626 0636  usbehci - ok
01:26:14.0645 0636  [ 33A58C5630200E17B51C8D73DD64181B ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
01:26:14.0647 0636  usbfilter - ok
01:26:14.0688 0636  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
01:26:14.0692 0636  usbhub - ok
01:26:14.0714 0636  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
01:26:14.0715 0636  usbohci - ok
01:26:14.0771 0636  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
01:26:14.0774 0636  usbprint - ok
01:26:14.0830 0636  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:26:14.0835 0636  USBSTOR - ok
01:26:14.0861 0636  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
01:26:14.0876 0636  usbuhci - ok
01:26:14.0943 0636  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
01:26:14.0947 0636  usbvideo - ok
01:26:14.0973 0636  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
01:26:14.0975 0636  UxSms - ok
01:26:14.0987 0636  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
01:26:14.0989 0636  VaultSvc - ok
01:26:15.0015 0636  [ 70BF30C45553F4A6DBB5D86053F8FBF1 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
01:26:15.0018 0636  VBoxDrv - ok
01:26:15.0073 0636  [ A4739B2242C29D23BB9CD6472320C42B ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
01:26:15.0076 0636  VBoxNetAdp - ok
01:26:15.0094 0636  [ C72D8E0AE95D025BA7ECD82919CB139F ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
01:26:15.0097 0636  VBoxNetFlt - ok
01:26:15.0146 0636  [ F5EB0B5663D56D6F68EF84DD19333F73 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
01:26:15.0151 0636  VBoxUSBMon - ok
01:26:15.0195 0636  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:26:15.0197 0636  vdrvroot - ok
01:26:15.0236 0636  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
01:26:15.0246 0636  vds - ok
01:26:15.0267 0636  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
01:26:15.0269 0636  vga - ok
01:26:15.0322 0636  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
01:26:15.0323 0636  VgaSave - ok
01:26:15.0329 0636  VGPU - ok
01:26:15.0361 0636  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
01:26:15.0365 0636  vhdmp - ok
01:26:15.0400 0636  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
01:26:15.0401 0636  viaide - ok
01:26:15.0431 0636  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
01:26:15.0434 0636  vmbus - ok
01:26:15.0457 0636  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
01:26:15.0458 0636  VMBusHID - ok
01:26:15.0505 0636  [ 21C96AA588D3993191761A08DBAABB15 ] vmm             C:\Windows\system32\Drivers\vmm.sys
01:26:15.0509 0636  vmm - ok
01:26:15.0553 0636  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:26:15.0555 0636  volmgr - ok
01:26:15.0585 0636  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
01:26:15.0588 0636  volmgrx - ok
01:26:15.0623 0636  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
01:26:15.0628 0636  volsnap - ok
01:26:15.0649 0636  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
01:26:15.0652 0636  vsmraid - ok
01:26:15.0761 0636  [ F972436B5ED08069A1E7D623B77C226A ] VSPerfDrv110    C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
01:26:15.0763 0636  VSPerfDrv110 - ok
01:26:15.0854 0636  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
01:26:15.0872 0636  VSS - ok
01:26:15.0889 0636  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
01:26:15.0890 0636  vwifibus - ok
01:26:15.0949 0636  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
01:26:15.0951 0636  vwififlt - ok
01:26:15.0989 0636  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
01:26:15.0994 0636  W32Time - ok
01:26:16.0052 0636  [ B32009DB1972E7F2C227499289C4384A ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
01:26:16.0062 0636  W3SVC - ok
01:26:16.0091 0636  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
01:26:16.0092 0636  WacomPen - ok
01:26:16.0136 0636  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:26:16.0139 0636  WANARP - ok
01:26:16.0148 0636  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:26:16.0151 0636  Wanarpv6 - ok
01:26:16.0165 0636  [ B32009DB1972E7F2C227499289C4384A ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
01:26:16.0168 0636  WAS - ok
01:26:16.0237 0636  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
01:26:16.0256 0636  WatAdminSvc - ok
01:26:16.0354 0636  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wUsergine        C:\Windows\system32\wUsergine.exe
01:26:16.0378 0636  wUsergine - ok
01:26:16.0404 0636  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:26:16.0407 0636  WbioSrvc - ok
01:26:16.0459 0636  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
01:26:16.0463 0636  wcncsvc - ok
01:26:16.0482 0636  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:26:16.0485 0636  WcsPlugInService - ok
01:26:16.0512 0636  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
01:26:16.0513 0636  Wd - ok
01:26:16.0537 0636  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:26:16.0548 0636  Wdf01000 - ok
01:26:16.0586 0636  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:26:16.0589 0636  WdiServiceHost - ok
01:26:16.0595 0636  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
01:26:16.0598 0636  WdiSystemHost - ok
01:26:16.0636 0636  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
01:26:16.0640 0636  WebClient - ok
01:26:16.0659 0636  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:26:16.0662 0636  Wecsvc - ok
01:26:16.0674 0636  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
01:26:16.0676 0636  wercplsupport - ok
01:26:16.0720 0636  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
01:26:16.0722 0636  WerSvc - ok
01:26:16.0761 0636  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:26:16.0763 0636  WfpLwf - ok
01:26:16.0778 0636  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:26:16.0780 0636  WIMMount - ok
01:26:16.0809 0636  WinDefend - ok
01:26:16.0819 0636  WinHttpAutoProxySvc - ok
01:26:16.0873 0636  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
01:26:16.0876 0636  Winmgmt - ok
01:26:16.0962 0636  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
01:26:16.0992 0636  WinRM - ok
01:26:17.0086 0636  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
01:26:17.0100 0636  Wlansvc - ok
01:26:17.0125 0636  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
01:26:17.0126 0636  WmiAcpi - ok
01:26:17.0187 0636  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:26:17.0190 0636  wmiApSrv - ok
01:26:17.0227 0636  WMPNetworkSvc - ok
01:26:17.0245 0636  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:26:17.0249 0636  WPCSvc - ok
01:26:17.0279 0636  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:26:17.0284 0636  WPDBusEnum - ok
01:26:17.0336 0636  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
01:26:17.0337 0636  ws2ifsl - ok
01:26:17.0357 0636  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
01:26:17.0362 0636  wscsvc - ok
01:26:17.0368 0636  WSearch - ok
01:26:17.0453 0636  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
01:26:17.0478 0636  wuauserv - ok
01:26:17.0494 0636  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:26:17.0495 0636  WudfPf - ok
01:26:17.0517 0636  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:26:17.0520 0636  WUDFRd - ok
01:26:17.0549 0636  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
01:26:17.0551 0636  wudfsvc - ok
01:26:17.0589 0636  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
01:26:17.0592 0636  WwanSvc - ok
01:26:17.0623 0636  ================ Scan global ===============================
01:26:17.0646 0636  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:26:17.0705 0636  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
01:26:17.0719 0636  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
01:26:17.0739 0636  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:26:17.0771 0636  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:26:17.0774 0636  [Global] - ok
01:26:17.0774 0636  ================ Scan MBR ==================================
01:26:17.0791 0636  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:26:18.0189 0636  \Device\Harddisk0\DR0 - ok
01:26:18.0190 0636  ================ Scan VBR ==================================
01:26:18.0194 0636  [ 6A7D2FA748A954DC4D3954571605F514 ] \Device\Harddisk0\DR0\Partition1
01:26:18.0197 0636  \Device\Harddisk0\DR0\Partition1 - ok
01:26:18.0228 0636  [ 6F22F1EE08BEDCB448ADC2B1DFFD9631 ] \Device\Harddisk0\DR0\Partition2
01:26:18.0230 0636  \Device\Harddisk0\DR0\Partition2 - ok
01:26:18.0231 0636  ============================================================
01:26:18.0231 0636  Scan finished
01:26:18.0231 0636  ============================================================
01:26:18.0248 0672  Detected object count: 0
01:26:18.0248 0672  Actual detected object count: 0
01:27:07.0886 5996  Deinitialize success

Log for the aswMBR tool.
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-16 01:32:47
-----------------------------
01:32:47.064    OS Version: Windows x64 6.1.7601 Service Pack 1
01:32:47.064    Number of processors: 2 586 0x1001
01:32:47.067    ComputerName: User-PC  UserName: User
01:32:48.176    Initialize success
01:33:30.938    AVAST engine defs: 12101501
01:34:00.707    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066
01:34:00.712    Disk 0 Vendor: ST640LM0 2AJ1 Size: 610480MB BusType: 11
01:34:00.726    Disk 0 MBR read successfully
01:34:00.731    Disk 0 MBR scan
01:34:00.739    Disk 0 Windows 7 default MBR code
01:34:00.746    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
01:34:00.764    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       610378 MB offset 206848
01:34:00.797    Disk 0 scanning C:\Windows\system32\drivers
01:34:11.989    Service scanning
01:34:34.516    Modules scanning
01:34:34.529    Disk 0 trace - called modules:
01:34:34.547    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 
01:34:34.555    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80043b4060]
01:34:34.900    3 CLASSPNP.SYS[fffff880019a443f] -> nt!IofCallDriver -> [0xfffffa80043b3510]
01:34:34.909    5 hpdskflt.sys[fffff8800194b189] -> nt!IofCallDriver -> [0xfffffa80043317b0]
01:34:34.919    7 amd_xata.sys[fffff8800108cd00] -> nt!IofCallDriver -> \Device\00000066[0xfffffa800432e060]
01:34:35.762    AVAST engine scan C:\Windows
01:34:38.219    AVAST engine scan C:\Windows\system32
01:38:48.207    AVAST engine scan C:\Windows\system32\drivers
01:39:00.464    AVAST engine scan C:\Users\User
01:40:59.328    Disk 0 MBR has been saved successfully to "C:\Users\User\Documents\MBR.dat"
01:40:59.335    The log file has been saved successfully to "C:\Users\User\Documents\aswMBR.txt"

I'm at 99% with ESET and found 2 adware files. I will post the logs when the scan is finished.

ESET report
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll	a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll	a variant of Win32/Adware.Yontoo.B application

Edited by LinuxPhreak, 16 October 2012 - 03:10 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:32 AM

Posted 21 October 2012 - 10:04 AM

Do not EDIT your posts.Add a new reply when you post the logs

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#8 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 21 October 2012 - 04:55 PM

Malwarebites Log

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.21.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
User :: User-PC [administrator]

Protection: Enabled

10/21/2012 4:34:52 PM
mbam-log-2012-10-21 (16-34-52).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 590058
Time elapsed: 1 hour(s), 17 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#9 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 21 October 2012 - 05:00 PM

Mini Toolbox Results

MiniToolBox by Farbar  Version: 23-07-2012
Ran by User (administrator) on 21-10-2012 at 17:58:16
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : User-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hvc.rr.com

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : hvc.rr.com
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 74-E5-43-44-A6-E0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d425:9045:24f6:1e61%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, October 21, 2012 4:26:22 PM
   Lease Expires . . . . . . . . . . : Monday, October 22, 2012 4:26:22 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 326427971
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-EA-A8-20-A0-B3-CC-76-35-1F
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : A0-B3-CC-76-35-1F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VirtualBox Host-Only Network:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Physical Address. . . . . . . . . : 08-00-27-00-3C-0A
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1852:50fb:debf:d5a7%16(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 453509159
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-EA-A8-20-A0-B3-CC-76-35-1F
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hvc.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hvc.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{09DEB2F1-7FA1-4F86-B20F-D736CDE2AF3F}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D01FCF3A-D65C-42B7-B22C-F1EA35AB0E57}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4004:801::1007
	  74.125.228.2
	  74.125.228.3
	  74.125.228.4
	  74.125.228.5
	  74.125.228.6
	  74.125.228.7
	  74.125.228.8
	  74.125.228.9
	  74.125.228.14
	  74.125.228.0
	  74.125.228.1


Pinging google.com [74.125.228.5] with 32 bytes of data:
Reply from 74.125.228.5: bytes=32 time=27ms TTL=53
Reply from 74.125.228.5: bytes=32 time=28ms TTL=53

Ping statistics for 74.125.228.5:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 28ms, Average = 27ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  72.30.38.140
	  98.138.253.109
	  98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=82ms TTL=49
Reply from 98.138.253.109: bytes=32 time=175ms TTL=47

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 82ms, Maximum = 175ms, Average = 128ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    bleepingcomputer.com
Address:  208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...74 e5 43 44 a6 e0 ......Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
 10...a0 b3 cc 76 35 1f ......Realtek PCIe FE Family Controller
 16...08 00 27 00 3c 0a ......VirtualBox Host-Only Ethernet Adapter
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.104     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.104    281
    192.168.1.104  255.255.255.255         On-link     192.168.1.104    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.104    281
     192.168.56.0    255.255.255.0         On-link      192.168.56.1    276
     192.168.56.1  255.255.255.255         On-link      192.168.56.1    276
   192.168.56.255  255.255.255.255         On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0         On-link     192.168.1.104    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.56.1    276
  255.255.255.255  255.255.255.255         On-link     192.168.1.104    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 16    276 fe80::/64                On-link
 12    281 fe80::/64                On-link
 16    276 fe80::1852:50fb:debf:d5a7/128
                                    On-link
 12    281 fe80::d425:9045:24f6:1e61/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    276 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/18/2012 03:57:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/18/2012 03:56:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 02:07:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 02:07:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 02:07:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 02:06:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 01:45:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/16/2012 01:45:22 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/15/2012 02:09:50 PM) (Source: Application Hang) (User: )
Description: The program thunderbird.exe version 16.0.1.4666 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 924

Start Time: 01cdaaf7fc9a93a9

Termination Time: 19

Application Path: C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

Report Id: 7e1920c4-16f3-11e2-8edd-bf9c49e08173

Error: (10/06/2012 05:09:19 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {61ab7acc-ec1e-4505-9333-e80d25c7e36b}


System errors:
=============
Error: (10/21/2012 04:26:31 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (10/21/2012 04:26:23 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error: 
%%126

Error: (10/21/2012 04:26:22 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (10/21/2012 04:29:08 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (10/20/2012 08:23:11 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (10/20/2012 08:23:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error: 
%%126

Error: (10/20/2012 08:23:04 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (10/20/2012 03:42:22 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (10/20/2012 01:59:30 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (10/20/2012 01:59:26 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error: 
%%126


Microsoft Office Sessions:
=========================
Error: (10/18/2012 03:57:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\User\downloads\esetsmartinstaller_enu.exe

Error: (10/18/2012 03:56:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\User\downloads\esetsmartinstaller_enu.exe

Error: (10/16/2012 02:07:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (10/16/2012 02:07:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (10/16/2012 02:07:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (10/16/2012 02:06:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (10/16/2012 01:45:51 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (10/16/2012 01:45:22 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (10/15/2012 02:09:50 PM) (Source: Application Hang)(User: )
Description: thunderbird.exe16.0.1.466692401cdaaf7fc9a93a919C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe7e1920c4-16f3-11e2-8edd-bf9c49e08173

Error: (10/06/2012 05:09:19 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {61ab7acc-ec1e-4505-9333-e80d25c7e36b}


=========================== Installed Programs ============================

 Tools for .Net 3.5 (Version: 3.11.50727)
µTorrent (Version: 3.2.0)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Akamai NetSession Interface
Amaya (Version: 11.4.4)
AMD Accelerated Video Transcoding (Version: 2.00.0000)
AMD APP SDK Runtime (Version: 10.0.873.1)
AMD Catalyst Install Manager (Version: 3.0.864.0)
AMD Fuel (Version: 2012.0210.16.136)
AMD Steady Video Plug-In  (Version: 2.03.0000)
AMD VISION Engine Control Center (Version: 2012.0210.16.136)
AVG 2013 (Version: 13.0.2614)
AVG 2013 (Version: 13.0.2741)
AVG 2013 (Version: 2013.0.2741)
Blend for Visual Studio 2012 (Version: 5.0.30709.0)
Blend for Visual Studio 2012 ENU resources (Version: 5.0.30709.0)
CamStudio Lossless Codec
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0210.16.136)
Catalyst Control Center InstallProxy (Version: 2012.0210.16.136)
Catalyst Control Center Localization All (Version: 2012.0210.16.136)
ccc-utility64 (Version: 2012.0210.16.136)
CCC Help Chinese Standard (Version: 2012.0210.0015.136)
CCC Help Chinese Traditional (Version: 2012.0210.0015.136)
CCC Help Czech (Version: 2012.0210.0015.136)
CCC Help Danish (Version: 2012.0210.0015.136)
CCC Help Dutch (Version: 2012.0210.0015.136)
CCC Help English (Version: 2012.0210.0015.136)
CCC Help Finnish (Version: 2012.0210.0015.136)
CCC Help French (Version: 2012.0210.0015.136)
CCC Help German (Version: 2012.0210.0015.136)
CCC Help Greek (Version: 2012.0210.0015.136)
CCC Help Hungarian (Version: 2012.0210.0015.136)
CCC Help Italian (Version: 2012.0210.0015.136)
CCC Help Japanese (Version: 2012.0210.0015.136)
CCC Help Korean (Version: 2012.0210.0015.136)
CCC Help Norwegian (Version: 2012.0210.0015.136)
CCC Help Polish (Version: 2012.0210.0015.136)
CCC Help Portuguese (Version: 2012.0210.0015.136)
CCC Help Russian (Version: 2012.0210.0015.136)
CCC Help Spanish (Version: 2012.0210.0015.136)
CCC Help Swedish (Version: 2012.0210.0015.136)
CCC Help Thai (Version: 2012.0210.0015.136)
CCC Help Turkish (Version: 2012.0210.0015.136)
Dotfuscator and Analytics Community Edition (Version: 5.5.4521.29298)
Entity Framework Designer for Visual Studio 2012 - enu (Version: 11.1.20702.00)
GnuWin32: Wget-1.11.4-1 (Version: 1.11.4-1)
Google Chrome (Version: 22.0.1229.94)
Google Drive (Version: 1.5.3449.3345)
Google Talk Plugin (Version: 3.9.1.9832)
Google Update Helper (Version: 1.3.21.123)
Greenshot
HP Power Manager (Version: 1.4.8)
IDT Audio (Version: 1.0.6381.0)
IIS 8.0 Express (Version: 8.0.1557)
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
InfraRecorder 0.53 (x64 edition) (Version: 0.53.00.00)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Java SE Development Kit 7 Update 7 (64-bit) (Version: 1.7.0.70)
LocalESPC (Version: 8.59.25584)
LocalESPCui for en-us (Version: 8.59.25584)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (Version: 4.5.50709)
Microsoft .NET Framework 4.5 SDK (Version: 4.5.50709)
Microsoft Advertising SDK for Windows Phone - ENU (Version: 5.2.819.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (Version: 3.0.30710.0)
Microsoft ASP.NET MVC 3 (Version: 3.0.20105.0)
Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools (Version: 4.0.20710.0)
Microsoft ASP.NET MVC 4 Runtime (Version: 4.0.20710.0)
Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (Version: 1.0.20710.0)
Microsoft ASP.NET Web Pages (Version: 1.0.20105.0)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools (Version: 2.0.20710.0)
Microsoft ASP.NET Web Pages 2 Runtime (Version: 2.0.20710.0)
Microsoft Expression Blend 3 SDK (Version: 1.0.1343.0)
Microsoft Expression Blend 4 (Version: 4.0.30816.0)
Microsoft Expression Blend 4 Add-in for Adobe FXG Import (Version: 1.0.20817.0)
Microsoft Expression Blend SDK for .NET 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Silverlight 4 (Version: 2.0.20525.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Help Viewer 2.0 (Version: 2.0.50727)
Microsoft LightSwitch for Visual Studio 2012 Core (Version: 11.0.50727)
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (Version: 11.0.50727)
Microsoft NuGet - Visual Studio 2012 (Version: 2.0.30625.9003)
Microsoft Portable Library Multi-Targeting Pack (Version: 11.0.50709.17929)
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (Version: 11.0.50709.17929)
Microsoft Report Viewer Add-On for Visual Studio 2012 (Version: 11.1.2802.16)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.60310.0)
Microsoft Silverlight 5 SDK (Version: 5.0.61118.0)
Microsoft SQL Server 2012 Command Line Utilities  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Data-Tier App Framework  (Version: 11.0.2316.0)
Microsoft SQL Server 2012 Express LocalDB  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Management Objects  (x64) (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Native Client  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 T-SQL Language Service  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (Version: 11.0.2100.60)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (Version: 11.0.2100.60)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (Version: 4.0.8876.1)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (Version: 11.1.20627.00)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (Version: 11.1.20627.00)
Microsoft SQL Server System CLR Types (Version: 10.50.1600.1)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1600.1)
Microsoft System CLR Types for SQL Server 2012 (Version: 11.0.2100.60)
Microsoft System CLR Types for SQL Server 2012 (x64) (Version: 11.0.2100.60)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers - ENU Resources (Version: 11.0.50727)
Microsoft Visual C++ 2012 Compilers (Version: 11.0.50727)
Microsoft Visual C++ 2012 Core Libraries (Version: 11.0.50727)
Microsoft Visual C++ 2012 Extended Libraries (Version: 11.0.50727)
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - ENU (Version: 10.1.40219)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31125)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31130)
Microsoft Visual Studio 2012 Devenv (Version: 11.0.50727)
Microsoft Visual Studio 2012 Devenv Resources (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Core x86 (Version: 11.0.50727)
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727)
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727)
Microsoft Visual Studio 2012 Preparation (Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools (Version: 11.0.50727)
Microsoft Visual Studio 2012 SharePoint Developer Tools ENU Language Pack (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (Version: 11.0.50727)
Microsoft Visual Studio 2012 Shell (Minimum) Resources (Version: 11.0.50727)
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (Version: 4.0.8876.1)
Microsoft Visual Studio Premium 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Premium 2012 (Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Professional 2012 (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (Version: 11.0.50727)
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 - ENU (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 (Version: 11.0.50727.1)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (Version: 11.0.50727)
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (Version: 11.0.50727)
Microsoft Web Deploy 3.0 (Version: 3.1236.1631)
Microsoft Web Deploy dbSqlPackage Provider - enu (Version: 10.3.20225.0)
Microsoft Web Developer Tools - Visual Studio 2012 (Version: 1.0.30710.0)
Microsoft Web Platform Installer 4.0 (Version: 4.0.1622)
Microsoft XNA Framework Redistributable 4.0 Refresh (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 Refresh (ARP entry) (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 Refresh (Redists) (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 Refresh (Shared Components) (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 Refresh (Version: 4.0.30901.0)
Microsoft XNA Game Studio 4.0 Refresh (Visual Studio) (Version: 4.0.30901.0)
Microsoft XNA Game Studio Platform Tools (Version: 1.4.0.0)
Mozilla Maintenance Service (Version: 16.0.1)
Mozilla Thunderbird 16.0.1 (x86 en-US) (Version: 16.0.1)
Music Manager
Notepad++ (Version: 6.1.8)
Nullsoft Install System (Version: 2.46)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
OpenSSL 1.0.1c Light (32-bit)
Opera Mobile Emulator
Oracle VM VirtualBox 4.2.0 (Version: 4.2.0)
PreEmptive Analytics Visual Studio Components (Version: 1.0.2180.1)
Prerequisites for SSDT  (Version: 11.0.2100.60)
Realtek Ethernet Controller Driver (Version: 7.48.823.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.29004)
Resource Hacker Version 3.6.0
Speak Up version 2.0 (Version: 2.0)
Synaptics Pointing Device Driver (Version: 15.3.27.1)
Update for  (KB2504637) (Version: 1)
uTorrentControl_v2 Toolbar (Version: 6.9.0.16)
Visual BCD (Version: 0.9.3.1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727)
Visual Studio 2012 Prerequisites (Version: 11.0.50727)
Visual Studio Extensions for Windows Library for JavaScript (Version: 1.0.8514.0)
VLC media player 2.0.3 (Version: 2.0.3)
WCF Data Services 5.0 (for OData v3) Primary Components (Version: 5.0.50628.0)
WCF Data Services SDK for Windows Phone (Version: 4.7.6.0)
WCF Data Services Tools for Microsoft Visual Studio 2012 (Version: 5.0.50710.0)
WCF RIA Services V1.0 SP2 (Version: 4.1.61829.0)
Windows App Certification Kit Native Components (Version: 8.59.25584)
Windows App Certification Kit x64 (Version: 8.59.25584)
Windows Phone Emulator x64 - ENU (Version: 10.0.40219)
Windows Phone SDK 7.1 - ENU (Version: 10.1.40219)
Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - ENU (Version: 10.0.40219)
Windows Phone SDK 7.1 Assemblies (Version: 10.0.40219)
Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0 (Version: 4.0.30901.0)
Windows Runtime Intellisense Content - en-us (Version: 8.59.25584)
Windows Software Development Kit (Version: 8.59.25584)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit DirectX x86 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.59.25584)
WinFF 1.4.2
WinHTTrack Website Copier 3.46-1 (x64) (Version: 3.46.1)
WPF Toolkit February 2010 (Version 3.5.50211.1) (Version: 3.5.50211.1)
Yawcam 0.3.8

========================= Memory info: ===================================

Percentage of memory in use: 61%
Total physical RAM: 3561.37 MB
Available physical RAM: 1368.39 MB
Total Pagefile: 7120.93 MB
Available Pagefile: 4819.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.48 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:596.07 GB) (Free:526.44 GB) NTFS

========================= Users: ========================================

User accounts for \\User-PC

Administrator            User                      Guest                    

========================= Restore Points ==================================

08-10-2012 21:19:16 Scheduled Checkpoint
10-10-2012 20:34:00 Windows Update

**** End of log ****



#10 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 21 October 2012 - 05:03 PM

Farbar Service Scanner Report

Farbar Service Scanner Version: 19-10-2012
Ran by User (administrator) on 21-10-2012 at 18:01:24
Running from "C:\Users\User\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


#11 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 21 October 2012 - 05:13 PM

Adware Cleaner Logs

# AdwCleaner v2.005 - Logfile created 10/21/2012 at 18:04:30
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : User - User-PC
# Boot Mode : Normal
# Running from : C:\Users\User\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\Users\User\AppData\Local\Conduit
Folder Deleted : C:\Users\User\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\User\AppData\LocalLow\uTorrentControl_v2

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21E0197F-0213-47F5-86DC-4DD9421E42A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF18ED31-9358-4276-973A-887D91E18713}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v22.0.1229.94

File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3862 octets] - [21/10/2012 18:04:30]

########## EOF - C:\AdwCleaner[S1].txt - [3922 octets] ##########



#12 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 21 October 2012 - 05:27 PM

Junkware Removal Tool Log

Junkware Removal Tool (JRT) by Thisisu 
Version: 1.9.0 (10.21.2012) 
OS: Windows 7 Ultimate x64 
Ran by User on Sun 10/21/2012 at 18:14:57.65 
Blog: http://thisisudax.blogspot.com 
************************************************************** 
 
 
 
 
*** Services: 0 Detections 
 
 
 
*** Registry Values: 0 Detections 
 
 
 
*** Registry Keys: 
 
Successfully deleted: [KEY] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1} 
 
 
 
*** Files: 0 Detections 
 
 
 
*** Folders: 0 Detections 
 
 
 
*** Event Viewer Logs - Cleared 
 
 
 
 
 
************************************************************** 
Scan was completed on Sun 10/21/2012 at 18:26:17.23 
End of Report 




#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:32 AM

Posted 21 October 2012 - 05:44 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Any current issues?

#14 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 22 October 2012 - 04:38 PM

RKill Log

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/22/2012 05:33:29 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Possibly Patched Files.

 * C:\Windows\Explorer.EXE

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity: 

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic

 * WinDefend => %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures: 

 * C:\Windows\explorer.exe [NoSig]
 +-> C:\Windows\SysWOW64\explorer.exe : 2,616,320 : 02/25/2011 00:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe : 2,872,320 : 11/20/2010 00:24 AM : ac4c51eb24aa95b77f705ab159189e24 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe : 2,871,808 : 02/25/2011 00:19 AM : 332feab1435662fc6c672e25beb37be3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe : 2,871,808 : 02/26/2011 00:14 AM : 3b69712041f3d63605529bd66dc00c48 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe : 2,616,320 : 11/20/2010 00:17 AM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe : 2,616,320 : 02/25/2011 00:30 AM : 8b88ebbb05a0e56b7dcc708498c02b3e [Pos Repl]
 +-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe : 2,616,320 : 02/26/2011 00:19 AM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]

Checking HOSTS File: 

 * HOSTS file entries found: 

  127.0.0.1       localhost

Program finished at: 10/22/2012 05:36:35 PM
Execution time: 0 hours(s), 3 minute(s), and 6 seconds(s)



#15 LinuxPhreak

LinuxPhreak
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 22 October 2012 - 04:45 PM

Autoruns Log from text file.

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "SynTPEnh"	"Synaptics TouchPad Enhancements"	"Synaptics Incorporated"	"c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp"	"IDT PC Audio"	"IDT, Inc."	"c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "AVG_UI"	"AVG User Interface"	"AVG Technologies CZ, s.r.o."	"c:\program files (x86)\avg\avg2013\avgui.exe"
+ "StartCCC"	"Catalyst® Control Center Launcher"	"Advanced Micro Devices, Inc."	"c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched"	"Java(TM) Update Scheduler"	"Sun Microsystems, Inc."	"c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Akamai NetSession Interface"	"Akamai NetSession Client"	"Akamai Technologies, Inc."	"c:\users\User\appdata\local\akamai\netsession_win.exe"
+ "GoogleChromeAutoLaunch_8B4B86C2A5661DC92D9A84E265233F91"	"Google Chrome"	"Google Inc."	"c:\users\User\appdata\local\google\chrome\application\chrome.exe"
+ "GoogleDriveSync"	"Google Drive"	"Google"	"c:\program files (x86)\google\drive\googledrivesync.exe"
+ "Greenshot"	"Greenshot"	""	"c:\program files (x86)\greenshot\greenshot.exe"
+ "Sidebar"	"Windows Desktop Gadgets"	"Microsoft Corporation"	"c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"	""	""	""
+ "video/mp4"	"MIME Video Detector for IE"	"Advanced Micro Devices"	"c:\program files\amd\steadyvideo\videomimefilter.dll"
+ "video/x-flv"	"MIME Video Detector for IE"	"Advanced Micro Devices"	"c:\program files\amd\steadyvideo\videomimefilter.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files\7-zip\7-zip.dll"
+ "ANotepad++64"	"ShellHandler for Notepad++ (64 bit)"	""	"c:\users\User\google drive\windownloads\notepad++\nppshell_05.dll"
+ "AVG Shell Extension"	"AVG Shell Extension"	"AVG Technologies CZ, s.r.o."	"c:\program files (x86)\avg\avg2013\avgsea.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "AVG Shell Extension"	"AVG Shell Extension"	"AVG Technologies CZ, s.r.o."	"c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"	""	""	""
+ "7-Zip"	"7-Zip Shell Extension"	"Igor Pavlov"	"c:\program files\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"	""	""	""
+ "FileZilla3CopyHook"	"fzshellext Dynamic Link Library"	""	"c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers"	""	""	""
+ "FileZilla3CopyHook"	"fzshellext Dynamic Link Library"	""	"c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "ACE"	"AMD Desktop Control Panel"	"Advanced Micro Devices, Inc."	"c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Sidebar droptarget"	"Microsoft Corporation"	"c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKCU\Software\Classes\Folder\Shellex\ColumnHandlers"	""	""	""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"	""	""	"File not found: C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "AVG Shell Extension"	"AVG Shell Extension"	"AVG Technologies CZ, s.r.o."	"c:\program files (x86)\avg\avg2013\avgsea.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "AVG Shell Extension"	"AVG Shell Extension"	"AVG Technologies CZ, s.r.o."	"c:\program files (x86)\avg\avg2013\avgse.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "GDriveBlacklistedOverlay"	"Google Drive shell extension"	"Google"	"c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSharedOverlay"	"Google Drive shell extension"	"Google"	"c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncedOverlay"	"Google Drive shell extension"	"Google"	"c:\program files (x86)\google\drive\googledrivesync64.dll"
+ "GDriveSyncingOverlay"	"Google Drive shell extension"	"Google"	"c:\program files (x86)\google\drive\googledrivesync64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files\java\jre7\bin\ssv.dll"
+ "SteadyVideoBHO Class"	"This plugin allows the user to turn AMD SteadyVideo on or off when video is detected on the web."	"Advanced Micro Devices"	"c:\program files\amd\steadyvideo\steadyvideo.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java(tm) Plug-In SSV Helper"	"Java(TM) Platform SE binary"	"Oracle Corporation"	"c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Microsoft Web Test Recorder 10.0 Helper"	"Microsoft Web Test Recorder Helper"	"Microsoft Corporation"	"c:\program files (x86)\microsoft visual studio 11.0\common7\ide\privateassemblies\microsoft.visualstudio.qualitytools.recorderbarbho100.dll"
+ "SteadyVideoBHO Class"	"This plugin allows the user to turn AMD SteadyVideo on or off when video is detected on the web."	"Advanced Micro Devices"	"c:\program files (x86)\amd\steadyvideo\steadyvideo.dll"
"Task Scheduler"	""	""	""
+ "\GoogleUpdateTaskUserS-1-5-21-3869242731-1377074940-3691916382-1000Core"	"Google Installer"	"Google Inc."	"c:\users\User\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3869242731-1377074940-3691916382-1000UA"	"Google Installer"	"Google Inc."	"c:\users\User\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"	""	""	"c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"	"Windows Media Player Network Sharing Service Configuration Application"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnscfg.exe"
+ "\SidebarExecute"	"Windows Desktop Gadgets"	"Microsoft Corporation"	"c:\program files\windows sidebar\sidebar.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "AMD External Events Utility"	"AMD External Events Service Module"	"AMD"	"c:\windows\system32\atiesrxx.exe"
+ "AMD FUEL Service"	"Provides FUEL Functionality"	"Advanced Micro Devices, Inc."	"c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe"
+ "AVGIDSAgent"	"Provides Identity Protection Against Cyber Crime."	"AVG Technologies CZ, s.r.o."	"c:\program files (x86)\avg\avg2013\avgidsagent.exe"
+ "avgwd"	"AVG Watchdog Service"	"AVG Technologies CZ, s.r.o."	"c:\program files (x86)\avg\avg2013\avgwdsvc.exe"
+ "fussvc"	"Fast User Switching Utility Service"	"Microsoft Corporation"	"c:\program files (x86)\windows kits\8.0\app certification kit\fussvc.exe"
+ "gupdate"	"Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."	"Google Inc."	"c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem"	"Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."	"Google Inc."	"c:\program files (x86)\google\update\googleupdate.exe"
+ "hpsrv"	"HpService"	"Hewlett-Packard Company"	"c:\windows\system32\hpservice.exe"
+ "MozillaMaintenance"	""	"Mozilla Foundation"	"c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "SQLWriter"	"Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure."	"Microsoft Corporation"	"c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "STacSV"	"Manages audio jack configurations."	"IDT, Inc."	"c:\program files\idt\wdm\stacsv64.exe"
+ "Te.Service"	"Wex.Services [v2.9.3k]"	"Microsoft Corporation"	"c:\program files (x86)\windows kits\8.0\testing\runtimes\taef\wex.services.exe"
+ "WinDefend"	"Protection against spyware and potentially unwanted software"	""	"File not found: C:\Program Files (x86)\Windows Defender\mpsvc.dll"
+ "WMPNetworkSvc"	"Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "Accelerometer"	"HP Accelerometer"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx"	"Adaptec Windows SAS/SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"	"Adaptec Windows SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"	"Adaptec StorPort Ultra320 SCSI Driver (X64)"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpu320.sys"
+ "aliide"	"ALi mini IDE Driver"	"Acer Laboratories Inc."	"c:\windows\system32\drivers\aliide.sys"
+ "amd_sata"	"AHCI 1.2 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amd_sata.sys"
+ "amd_xata"	"Stor Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amd_xata.sys"
+ "amdhub30"	"AMD USB 3.0 Hub Driver"	"Advanced Micro Devices, INC."	"c:\windows\system32\drivers\amdhub30.sys"
+ "amdiox64"	"AMD IO Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdiox64.sys"
+ "amdkmdag"	"ATI Radeon Kernel Mode Driver"	"Advanced Micro Devices, Inc."	"c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap"	"AMD multi-vendor Miniport Driver"	"Advanced Micro Devices, Inc."	"c:\windows\system32\drivers\atikmpag.sys"
+ "amdkmpfd"	"AMD PCI Root Bus Lower Filter"	"Advanced Micro Devices, Inc."	"c:\windows\system32\drivers\amdkmpfd.sys"
+ "amdsata"	"AHCI 1.2 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"	"AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"	"AMD Technologies Inc."	"c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"	"Storage Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdxata.sys"
+ "amdxhc"	"AMD USB 3.0 Host Controller Driver"	"Advanced Micro Devices, INC."	"c:\windows\system32\drivers\amdxhc.sys"
+ "arc"	"Adaptec RAID Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arc.sys"
+ "arcsas"	"Adaptec SAS RAID WS03 Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arcsas.sys"
+ "athr"	"Qualcomm Atheros Extensible Wireless LAN device driver"	"Qualcomm Atheros Communications, Inc."	"c:\windows\system32\drivers\athrx.sys"
+ "AtiHDAudioService"	"AMD High Definition Audio Function Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\atihdw76.sys"
+ "AVGIDSDriver"	"AVG Technologies IDS Application Activity Monitor Driver"	"AVG Technologies CZ, s.r.o. "	"c:\windows\system32\drivers\avgidsdrivera.sys"
+ "AVGIDSHA"	"AVG Technologies IDS Application Activity Monitor Helper Driver"	"AVG Technologies CZ, s.r.o. "	"c:\windows\system32\drivers\avgidsha.sys"
+ "Avgldx64"	"AVG AVI Loader Driver"	"AVG Technologies CZ, s.r.o."	"c:\windows\system32\drivers\avgldx64.sys"
+ "Avgloga"	"AVG Logging Driver"	"AVG Technologies CZ, s.r.o."	"c:\windows\system32\drivers\avgloga.sys"
+ "Avgmfx64"	"AVG Resident Shield Minifilter Driver"	"AVG Technologies CZ, s.r.o."	"c:\windows\system32\drivers\avgmfx64.sys"
+ "Avgrkx64"	"AVG Anti-Rootkit Driver"	"AVG Technologies CZ, s.r.o."	"c:\windows\system32\drivers\avgrkx64.sys"
+ "Avgtdia"	"AVG Network connection watcher"	"AVG Technologies CZ, s.r.o."	"c:\windows\system32\drivers\avgtdia.sys"
+ "b06bdrv"	"Broadcom NetXtreme II GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"	"Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."	"Broadcom Corporation"	"c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"	"Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"	"Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"	"Brotehr Serial I/F Driver (WDM)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"	"Brother Serial driver (WDM version)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"	"Brother USB MDM Driver "	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"	"Brother USB Serial Driver"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbser.sys"
+ "catchme"	""	""	"File not found: C:\ComboFix\catchme.sys"
+ "cmdide"	"CMD PCI IDE Bus Driver"	"CMD Technology, Inc."	"c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"	"Broadcom NetXtreme II 10 GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\evbda.sys"
+ "elxstor"	"Storport Miniport Driver for LightPulse HBAs"	"Emulex"	"c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir"	"Hauppauge WinTV 885 Consumer IR Driver for eHome"	"Hauppauge Computer Works, Inc."	"c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt"	"HP Disk Filter - SATA/RAID"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpdskflt.sys"
+ "HpSAMD"	"Smart Array SAS/SATA Controller Media Driver"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV"	"Intel Matrix Storage Manager driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"	"Intel/ICP Raid Storport Driver"	"Intel Corp./ICP vortex GmbH"	"c:\windows\system32\drivers\iirsp.sys"
+ "LSI_FC"	"LSI Fusion-MPT FC Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"	"LSI Fusion-MPT SAS Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"	"LSI SAS Gen2 Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"	"LSI Fusion-MPT SCSI Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas"	"MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"	"LSI Corporation"	"c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"	"LSI MegaRAID Software RAID Driver"	"LSI Corporation, Inc."	"c:\windows\system32\drivers\megasr.sys"
+ "nfrd960"	"IBM ServeRAID Controller Driver"	"IBM Corporation"	"c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid"	"NVIDIA® nForce(TM) RAID Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"	"NVIDIA® nForce(TM) Sata Performance Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"	"QLogic Fibre Channel Stor Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"	"QLogic iSCSI Storport Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql40xx.sys"
+ "RSP2STOR"	"Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtsp2stor.sys"
+ "RTL8167"	"Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "	"Realtek                                            "	"c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv"	"Macrovision SECURITY Driver"	"Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."	"c:\windows\system32\drivers\secdrv.sys"
+ "Serial"	"Brotehr Serial I/F Driver (WDM)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2"	"SiS RAID Stor Miniport Driver"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"	"SiS AHCI Stor-Miniport Driver"	"Silicon Integrated Systems"	"c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor"	"Promise  SuperTrak EX Series Driver for Windows "	"Promise Technology"	"c:\windows\system32\drivers\stexstor.sys"
+ "STHDA"	"IDT PC Audio"	"IDT, Inc."	"c:\windows\system32\drivers\stwrt64.sys"
+ "Synth3dVsc"	""	""	"File not found: System32\drivers\synth3dvsc.sys"
+ "SynTP"	"Synaptics Touchpad Driver"	"Synaptics Incorporated"	"c:\windows\system32\drivers\syntp.sys"
+ "tsusbhub"	"@%SystemRoot%\system32\drivers\tsusbhub.sys,-2"	""	"File not found: system32\drivers\tsusbhub.sys"
+ "usbfilter"	"AMD USB Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\usbfilter.sys"
+ "VBoxDrv"	"VirtualBox Support Driver"	"Oracle Corporation"	"c:\windows\system32\drivers\vboxdrv.sys"
+ "VBoxNetAdp"	"VirtualBox Host-Only Network Adapter Driver"	"Oracle Corporation"	"c:\windows\system32\drivers\vboxnetadp.sys"
+ "VBoxNetFlt"	"VirtualBox Bridged Networking Driver"	"Oracle Corporation"	"c:\windows\system32\drivers\vboxnetflt.sys"
+ "VBoxUSBMon"	"VirtualBox USB Monitor Driver"	"Oracle Corporation"	"c:\windows\system32\drivers\vboxusbmon.sys"
+ "VGPU"	""	""	"File not found: System32\drivers\rdvgkmd.sys"
+ "viaide"	"VIA Generic PCI IDE Bus Driver"	"VIA Technologies, Inc."	"c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"	"VIA RAID DRIVER FOR AMD-X86-64"	"VIA Technologies Inc.,Ltd"	"c:\windows\system32\drivers\vsmraid.sys"
+ "VSPerfDrv110"	"VSPerf Profiling Control Driver"	"Microsoft Corporation"	"c:\program files (x86)\microsoft visual studio 11.0\team tools\performance tools\x64\vsperfdrv110.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codeca.acm"
+ "VIDC.CSCD"	"CamStudio Lossless Video Codec"	"CamStudio Group"	"c:\windows\system32\camcodec.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"	"Cinepak® Codec"	"Radius Inc."	"c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "AMD MJPEG Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "AMD MJPEG Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter"	"ATI MPEG Encoder"	"Advanced Micro Devices Inc."	"c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "MMACE Deinterlace"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu"	""	""	"c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance"	""	""	""
+ "Photoshop Codec"	"PSDCodec"	"Microsoft Corporation"	"c:\program files (x86)\microsoft visual studio 11.0\blend\imaging\psdcodec.dll"
+ "Photoshop Codec"	"PSDCodec"	"Microsoft Corporation"	"c:\program files (x86)\microsoft expression\common\imaging\4.0.360.0\psdcodec.dll"
"C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"	""	""	""
+ "AVG"	"AVG"	"AVG Technologies"	"C:\Program Files\Windows Sidebar\Shared Gadgets\AVG.Gadget\\Gadget.xml"
+ "Google Search"	"Quick Google Search Gadget"	""	"C:\Users\User\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GoogleSearch.gadget\Gadget.xml"


No I don't having any problems that I notice by general computer use. But that isn't saying much. Their may be problem that occurs when I start program that I have yet to start.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users