Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Error 0x80070424


  • Please log in to reply
9 replies to this topic

#1 szar

szar

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:25 AM

Posted 07 October 2012 - 03:36 PM

A few days ago I got the FBI moneypak virus and literally tried everything possible to no avail in C:\windows\system32\hellomoto kept coming back. I had to do a restore from an earlier point and everything was fine even though I got a 'Build 7601 Windows is not valid' error, which is now fixed. Anyways today I got another moneypak virus attack this was the ctfmon.lnk variant which was easy enough to remove, mbam did almost everything for me.

I was trying to figure out why my system is so vulnerable and found my Windows Firewall was off when trying to turn it on I get the following:
Windows Firewall Cannot change some of your settings
Error 0x80070424



So I was trying to fix that at the following:
http://answers.microsoft.com/en-us/windows/forum/windows_7-security/error-code-0x80070424-with-windows-firewall/ec3fc3b8-69ec-4b4b-a703-4b745fe6e8ee


But before I could do that I was checking for rootkits TDSSkiller came back clean but rkill gave the following:


Rkill Log:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/07/2012 03:27:43 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$08bbdb93a1a0b43db3bdec31f45b254c\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$08bbdb93a1a0b43db3bdec31f45b254c\@ [ZA File]
* C:\$Recycle.Bin\S-1-5-18\$08bbdb93a1a0b43db3bdec31f45b254c\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$08bbdb93a1a0b43db3bdec31f45b254c\U\ [ZA Dir]

Checking Windows Service Integrity:

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* BFE [Missing Service]
* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]
* WinDefend [Missing Service]
* wscsvc [Missing Service]

* SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/07/2012 03:27:52 PM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)



TDSSKiller Log (w/ Detect TDLFS file system checked):

15:31:51.0194 4660 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:31:51.0513 4660 ============================================================
15:31:51.0513 4660 Current date / time: 2012/10/07 15:31:51.0513
15:31:51.0513 4660 SystemInfo:
15:31:51.0513 4660
15:31:51.0513 4660 OS Version: 6.1.7601 ServicePack: 1.0
15:31:51.0513 4660 Product type: Workstation
15:31:51.0513 4660 ComputerName: SAGE-PC
15:31:51.0514 4660 UserName: Sage
15:31:51.0514 4660 Windows directory: C:\Windows
15:31:51.0514 4660 System windows directory: C:\Windows
15:31:51.0514 4660 Running under WOW64
15:31:51.0514 4660 Processor architecture: Intel x64
15:31:51.0514 4660 Number of processors: 2
15:31:51.0514 4660 Page size: 0x1000
15:31:51.0514 4660 Boot type: Normal boot
15:31:51.0514 4660 ============================================================
15:31:52.0758 4660 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:31:52.0769 4660 ============================================================
15:31:52.0769 4660 \Device\Harddisk0\DR0:
15:31:52.0769 4660 MBR partitions:
15:31:52.0769 4660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
15:31:52.0770 4660 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23B8C800
15:31:52.0770 4660 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23BF0800, BlocksNum 0x183D800
15:31:52.0770 4660 ============================================================
15:31:52.0782 4660 C: <-> \Device\Harddisk0\DR0\Partition2
15:31:52.0842 4660 D: <-> \Device\Harddisk0\DR0\Partition3
15:31:52.0842 4660 ============================================================
15:31:52.0843 4660 Initialize success
15:31:52.0843 4660 ============================================================
15:31:55.0085 0376 ============================================================
15:31:55.0085 0376 Scan started
15:31:55.0085 0376 Mode: Manual;
15:31:55.0085 0376 ============================================================
15:31:55.0710 0376 ================ Scan system memory ========================
15:31:55.0710 0376 System memory - ok
15:31:55.0711 0376 ================ Scan services =============================
15:31:56.0017 0376 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:31:56.0020 0376 1394ohci - ok
15:31:56.0075 0376 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:31:56.0078 0376 ACPI - ok
15:31:56.0123 0376 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:31:56.0124 0376 AcpiPmi - ok
15:31:56.0246 0376 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:31:56.0248 0376 AdobeARMservice - ok
15:31:56.0386 0376 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:31:56.0390 0376 AdobeFlashPlayerUpdateSvc - ok
15:31:56.0448 0376 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:31:56.0452 0376 adp94xx - ok
15:31:56.0469 0376 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:31:56.0472 0376 adpahci - ok
15:31:56.0481 0376 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:31:56.0483 0376 adpu320 - ok
15:31:56.0519 0376 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:31:56.0521 0376 AeLookupSvc - ok
15:31:56.0645 0376 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
15:31:56.0646 0376 AESTFilters - ok
15:31:56.0726 0376 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:31:56.0733 0376 AFD - ok
15:31:56.0795 0376 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
15:31:56.0796 0376 AgereModemAudio - ok
15:31:56.0847 0376 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
15:31:56.0860 0376 AgereSoftModem - ok
15:31:56.0897 0376 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:31:56.0898 0376 agp440 - ok
15:31:56.0933 0376 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:31:56.0935 0376 ALG - ok
15:31:56.0983 0376 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:31:56.0984 0376 aliide - ok
15:31:57.0000 0376 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:31:57.0001 0376 amdide - ok
15:31:57.0035 0376 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:31:57.0036 0376 AmdK8 - ok
15:31:57.0053 0376 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:31:57.0054 0376 AmdPPM - ok
15:31:57.0099 0376 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:31:57.0100 0376 amdsata - ok
15:31:57.0125 0376 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:31:57.0126 0376 amdsbs - ok
15:31:57.0144 0376 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:31:57.0146 0376 amdxata - ok
15:31:57.0205 0376 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:31:57.0206 0376 AppID - ok
15:31:57.0243 0376 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:31:57.0244 0376 AppIDSvc - ok
15:31:57.0285 0376 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:31:57.0286 0376 Appinfo - ok
15:31:57.0356 0376 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:31:57.0357 0376 Apple Mobile Device - ok
15:31:57.0404 0376 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:31:57.0405 0376 arc - ok
15:31:57.0412 0376 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:31:57.0413 0376 arcsas - ok
15:31:57.0445 0376 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:31:57.0446 0376 aswFsBlk - ok
15:31:57.0492 0376 [ 7B922B13ACFF9E4FBA24A6EACC417B78 ] aswFW C:\Windows\system32\drivers\aswFW.sys
15:31:57.0494 0376 aswFW - ok
15:31:57.0558 0376 [ F146F83E8F7AC22BD011D5942E4C155C ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
15:31:57.0559 0376 aswKbd - ok
15:31:57.0600 0376 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:31:57.0601 0376 aswMonFlt - ok
15:31:57.0627 0376 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
15:31:57.0628 0376 aswNdis - ok
15:31:57.0675 0376 [ 5693F48725D83510C5C2A60DB4137D85 ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
15:31:57.0677 0376 aswNdis2 - ok
15:31:57.0802 0376 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:31:57.0803 0376 aswRdr - ok
15:31:58.0035 0376 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:31:58.0046 0376 aswSnx - ok
15:31:58.0082 0376 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:31:58.0085 0376 aswSP - ok
15:31:58.0102 0376 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:31:58.0103 0376 aswTdi - ok
15:31:58.0139 0376 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:31:58.0140 0376 AsyncMac - ok
15:31:58.0184 0376 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:31:58.0185 0376 atapi - ok
15:31:58.0260 0376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:31:58.0269 0376 AudioEndpointBuilder - ok
15:31:58.0293 0376 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:31:58.0301 0376 AudioSrv - ok
15:31:58.0364 0376 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:31:58.0366 0376 avast! Antivirus - ok
15:31:58.0411 0376 [ DD4C61CB3CDBC8B0A7D2107C6944DC71 ] avast! Firewall C:\Program Files\Alwil Software\Avast5\afwServ.exe
15:31:58.0414 0376 avast! Firewall - ok
15:31:58.0494 0376 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:31:58.0497 0376 AxInstSV - ok
15:31:58.0643 0376 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:31:58.0649 0376 b06bdrv - ok
15:31:58.0701 0376 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:31:58.0703 0376 b57nd60a - ok
15:31:58.0735 0376 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:31:58.0736 0376 BDESVC - ok
15:31:58.0755 0376 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:31:58.0756 0376 Beep - ok
15:31:58.0822 0376 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:31:58.0834 0376 BITS - ok
15:31:58.0855 0376 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:31:58.0856 0376 blbdrive - ok
15:31:58.0922 0376 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:31:58.0925 0376 Bonjour Service - ok
15:31:58.0962 0376 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:31:58.0963 0376 bowser - ok
15:31:59.0001 0376 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:31:59.0002 0376 BrFiltLo - ok
15:31:59.0024 0376 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:31:59.0025 0376 BrFiltUp - ok
15:31:59.0073 0376 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:31:59.0075 0376 Browser - ok
15:31:59.0083 0376 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:31:59.0086 0376 Brserid - ok
15:31:59.0094 0376 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:31:59.0095 0376 BrSerWdm - ok
15:31:59.0105 0376 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:31:59.0107 0376 BrUsbMdm - ok
15:31:59.0116 0376 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:31:59.0117 0376 BrUsbSer - ok
15:31:59.0142 0376 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:31:59.0143 0376 BTHMODEM - ok
15:31:59.0200 0376 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:31:59.0203 0376 bthserv - ok
15:31:59.0231 0376 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:31:59.0232 0376 cdfs - ok
15:31:59.0297 0376 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:31:59.0299 0376 cdrom - ok
15:31:59.0338 0376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:31:59.0339 0376 CertPropSvc - ok
15:31:59.0355 0376 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:31:59.0356 0376 circlass - ok
15:31:59.0394 0376 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:31:59.0398 0376 CLFS - ok
15:31:59.0474 0376 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:59.0476 0376 clr_optimization_v2.0.50727_32 - ok
15:31:59.0519 0376 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:31:59.0522 0376 clr_optimization_v2.0.50727_64 - ok
15:31:59.0604 0376 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:59.0606 0376 clr_optimization_v4.0.30319_32 - ok
15:31:59.0641 0376 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:31:59.0644 0376 clr_optimization_v4.0.30319_64 - ok
15:31:59.0666 0376 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:31:59.0667 0376 CmBatt - ok
15:31:59.0698 0376 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:31:59.0699 0376 cmdide - ok
15:31:59.0754 0376 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:31:59.0760 0376 CNG - ok
15:31:59.0844 0376 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:31:59.0848 0376 Com4QLBEx - ok
15:31:59.0886 0376 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:31:59.0887 0376 Compbatt - ok
15:31:59.0929 0376 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:31:59.0930 0376 CompositeBus - ok
15:31:59.0945 0376 COMSysApp - ok
15:31:59.0966 0376 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:31:59.0968 0376 crcdisk - ok
15:32:00.0011 0376 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:32:00.0014 0376 CryptSvc - ok
15:32:00.0076 0376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:32:00.0087 0376 DcomLaunch - ok
15:32:00.0132 0376 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:32:00.0137 0376 defragsvc - ok
15:32:00.0179 0376 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:32:00.0182 0376 DfsC - ok
15:32:00.0230 0376 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:32:00.0236 0376 Dhcp - ok
15:32:00.0263 0376 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:32:00.0264 0376 discache - ok
15:32:00.0279 0376 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:32:00.0281 0376 Disk - ok
15:32:00.0304 0376 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:32:00.0308 0376 Dnscache - ok
15:32:00.0362 0376 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:32:00.0367 0376 dot3svc - ok
15:32:00.0405 0376 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:32:00.0409 0376 DPS - ok
15:32:00.0441 0376 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:32:00.0442 0376 drmkaud - ok
15:32:00.0511 0376 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:32:00.0522 0376 DXGKrnl - ok
15:32:00.0565 0376 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:32:00.0568 0376 EapHost - ok
15:32:00.0666 0376 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:32:00.0688 0376 ebdrv - ok
15:32:00.0720 0376 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:32:00.0723 0376 EFS - ok
15:32:00.0811 0376 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:32:00.0819 0376 ehRecvr - ok
15:32:00.0850 0376 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:32:00.0853 0376 ehSched - ok
15:32:00.0896 0376 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:32:00.0902 0376 elxstor - ok
15:32:00.0950 0376 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:32:00.0951 0376 ErrDev - ok
15:32:01.0000 0376 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:32:01.0004 0376 EventSystem - ok
15:32:01.0045 0376 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:32:01.0047 0376 exfat - ok
15:32:01.0071 0376 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:32:01.0073 0376 fastfat - ok
15:32:01.0134 0376 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:32:01.0140 0376 Fax - ok
15:32:01.0168 0376 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:32:01.0169 0376 fdc - ok
15:32:01.0193 0376 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:32:01.0195 0376 fdPHost - ok
15:32:01.0209 0376 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:32:01.0210 0376 FDResPub - ok
15:32:01.0226 0376 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:32:01.0227 0376 FileInfo - ok
15:32:01.0233 0376 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:32:01.0235 0376 Filetrace - ok
15:32:01.0241 0376 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:32:01.0242 0376 flpydisk - ok
15:32:01.0288 0376 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:32:01.0290 0376 FltMgr - ok
15:32:01.0344 0376 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:32:01.0358 0376 FontCache - ok
15:32:01.0438 0376 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:32:01.0439 0376 FontCache3.0.0.0 - ok
15:32:01.0465 0376 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:32:01.0466 0376 FsDepends - ok
15:32:01.0514 0376 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:32:01.0515 0376 Fs_Rec - ok
15:32:01.0564 0376 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:32:01.0566 0376 fvevol - ok
15:32:01.0580 0376 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:32:01.0581 0376 gagp30kx - ok
15:32:01.0612 0376 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:32:01.0613 0376 GEARAspiWDM - ok
15:32:01.0671 0376 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:32:01.0678 0376 gpsvc - ok
15:32:01.0755 0376 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:32:01.0757 0376 gupdate - ok
15:32:01.0821 0376 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:32:01.0823 0376 gupdatem - ok
15:32:01.0858 0376 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:32:01.0860 0376 hcw85cir - ok
15:32:01.0920 0376 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:32:01.0924 0376 HdAudAddService - ok
15:32:01.0992 0376 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:32:01.0995 0376 HDAudBus - ok
15:32:02.0018 0376 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:32:02.0019 0376 HidBatt - ok
15:32:02.0040 0376 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:32:02.0042 0376 HidBth - ok
15:32:02.0065 0376 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:32:02.0066 0376 HidIr - ok
15:32:02.0098 0376 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:32:02.0100 0376 hidserv - ok
15:32:02.0159 0376 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:32:02.0160 0376 HidUsb - ok
15:32:02.0202 0376 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:32:02.0205 0376 hkmsvc - ok
15:32:02.0241 0376 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:32:02.0245 0376 HomeGroupListener - ok
15:32:02.0287 0376 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:32:02.0293 0376 HomeGroupProvider - ok
15:32:02.0338 0376 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:32:02.0339 0376 HpqKbFiltr - ok
15:32:02.0401 0376 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:32:02.0404 0376 hpqwmiex - ok
15:32:02.0451 0376 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:32:02.0453 0376 HpSAMD - ok
15:32:02.0509 0376 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:32:02.0517 0376 HTTP - ok
15:32:02.0557 0376 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:32:02.0558 0376 hwpolicy - ok
15:32:02.0608 0376 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:32:02.0611 0376 i8042prt - ok
15:32:02.0657 0376 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:32:02.0660 0376 iaStorV - ok
15:32:02.0718 0376 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:32:02.0727 0376 idsvc - ok
15:32:03.0702 0376 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:32:03.0776 0376 igfx - ok
15:32:03.0809 0376 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:32:03.0810 0376 iirsp - ok
15:32:03.0867 0376 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:32:03.0878 0376 IKEEXT - ok
15:32:03.0936 0376 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
15:32:03.0937 0376 IntcHdmiAddService - ok
15:32:03.0953 0376 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:32:03.0954 0376 intelide - ok
15:32:03.0982 0376 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:32:03.0983 0376 intelppm - ok
15:32:04.0017 0376 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:32:04.0020 0376 IPBusEnum - ok
15:32:04.0060 0376 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:32:04.0062 0376 IpFilterDriver - ok
15:32:04.0099 0376 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:32:04.0100 0376 IPMIDRV - ok
15:32:04.0140 0376 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:32:04.0142 0376 IPNAT - ok
15:32:04.0202 0376 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:32:04.0212 0376 iPod Service - ok
15:32:04.0234 0376 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:32:04.0236 0376 IRENUM - ok
15:32:04.0277 0376 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:32:04.0278 0376 isapnp - ok
15:32:04.0324 0376 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:32:04.0328 0376 iScsiPrt - ok
15:32:04.0359 0376 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:32:04.0361 0376 kbdclass - ok
15:32:04.0406 0376 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:32:04.0408 0376 kbdhid - ok
15:32:04.0431 0376 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:32:04.0436 0376 KeyIso - ok
15:32:04.0467 0376 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:32:04.0468 0376 KSecDD - ok
15:32:04.0488 0376 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:32:04.0490 0376 KSecPkg - ok
15:32:04.0518 0376 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:32:04.0519 0376 ksthunk - ok
15:32:04.0569 0376 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:32:04.0577 0376 KtmRm - ok
15:32:04.0632 0376 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:32:04.0644 0376 LanmanServer - ok
15:32:04.0688 0376 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:32:04.0696 0376 LanmanWorkstation - ok
15:32:04.0759 0376 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:32:04.0761 0376 LightScribeService - ok
15:32:04.0798 0376 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:32:04.0800 0376 lltdio - ok
15:32:04.0844 0376 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:32:04.0851 0376 lltdsvc - ok
15:32:04.0870 0376 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:32:04.0875 0376 lmhosts - ok
15:32:04.0909 0376 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:32:04.0911 0376 LSI_FC - ok
15:32:04.0924 0376 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:32:04.0926 0376 LSI_SAS - ok
15:32:04.0949 0376 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:32:04.0950 0376 LSI_SAS2 - ok
15:32:04.0965 0376 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:32:04.0966 0376 LSI_SCSI - ok
15:32:05.0008 0376 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:32:05.0009 0376 luafv - ok
15:32:05.0072 0376 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:32:05.0074 0376 MBAMProtector - ok
15:32:05.0141 0376 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:32:05.0148 0376 MBAMService - ok
15:32:05.0203 0376 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
15:32:05.0206 0376 mcdbus - ok
15:32:05.0274 0376 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:32:05.0279 0376 Mcx2Svc - ok
15:32:05.0311 0376 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:32:05.0313 0376 megasas - ok
15:32:05.0339 0376 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:32:05.0343 0376 MegaSR - ok
15:32:05.0373 0376 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:32:05.0379 0376 MMCSS - ok
15:32:05.0395 0376 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:32:05.0397 0376 Modem - ok
15:32:05.0424 0376 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:32:05.0425 0376 monitor - ok
15:32:05.0482 0376 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:32:05.0484 0376 mouclass - ok
15:32:05.0506 0376 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:32:05.0508 0376 mouhid - ok
15:32:05.0547 0376 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:32:05.0549 0376 mountmgr - ok
15:32:05.0590 0376 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:32:05.0593 0376 mpio - ok
15:32:05.0608 0376 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:32:05.0610 0376 mpsdrv - ok
15:32:05.0652 0376 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:32:05.0653 0376 MRxDAV - ok
15:32:05.0690 0376 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:32:05.0691 0376 mrxsmb - ok
15:32:05.0733 0376 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:32:05.0736 0376 mrxsmb10 - ok
15:32:05.0748 0376 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:32:05.0750 0376 mrxsmb20 - ok
15:32:05.0795 0376 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:32:05.0797 0376 msahci - ok
15:32:05.0811 0376 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:32:05.0813 0376 msdsm - ok
15:32:05.0831 0376 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:32:05.0837 0376 MSDTC - ok
15:32:05.0879 0376 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:32:05.0880 0376 Msfs - ok
15:32:05.0899 0376 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:32:05.0900 0376 mshidkmdf - ok
15:32:05.0930 0376 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:32:05.0931 0376 msisadrv - ok
15:32:05.0968 0376 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:32:05.0971 0376 MSiSCSI - ok
15:32:05.0977 0376 msiserver - ok
15:32:05.0999 0376 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:32:06.0000 0376 MSKSSRV - ok
15:32:06.0028 0376 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:32:06.0029 0376 MSPCLOCK - ok
15:32:06.0045 0376 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:32:06.0046 0376 MSPQM - ok
15:32:06.0101 0376 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:32:06.0106 0376 MsRPC - ok
15:32:06.0147 0376 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:32:06.0148 0376 mssmbios - ok
15:32:06.0166 0376 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:32:06.0167 0376 MSTEE - ok
15:32:06.0178 0376 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:32:06.0179 0376 MTConfig - ok
15:32:06.0199 0376 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:32:06.0200 0376 Mup - ok
15:32:06.0254 0376 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:32:06.0264 0376 napagent - ok
15:32:06.0304 0376 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:32:06.0308 0376 NativeWifiP - ok
15:32:06.0378 0376 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:32:06.0388 0376 NDIS - ok
15:32:06.0409 0376 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:32:06.0410 0376 NdisCap - ok
15:32:06.0436 0376 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:32:06.0438 0376 NdisTapi - ok
15:32:06.0491 0376 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:32:06.0492 0376 Ndisuio - ok
15:32:06.0538 0376 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:32:06.0540 0376 NdisWan - ok
15:32:06.0585 0376 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:32:06.0587 0376 NDProxy - ok
15:32:06.0621 0376 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:32:06.0623 0376 NetBIOS - ok
15:32:06.0665 0376 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:32:06.0669 0376 NetBT - ok
15:32:06.0687 0376 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:32:06.0691 0376 Netlogon - ok
15:32:06.0732 0376 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:32:06.0741 0376 Netman - ok
15:32:06.0755 0376 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:32:06.0763 0376 netprofm - ok
15:32:06.0799 0376 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:32:06.0801 0376 NetTcpPortSharing - ok
15:32:06.0989 0376 [ E72F4522801FFB8F0456924FB0017BFF ] NETw1v64 C:\Windows\system32\DRIVERS\NETw1v64.sys
15:32:07.0033 0376 NETw1v64 - ok
15:32:07.0247 0376 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
15:32:07.0294 0376 NETw5s64 - ok
15:32:07.0456 0376 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
15:32:07.0490 0376 netw5v64 - ok
15:32:07.0509 0376 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:32:07.0510 0376 nfrd960 - ok
15:32:07.0568 0376 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:32:07.0574 0376 NlaSvc - ok
15:32:07.0582 0376 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:32:07.0584 0376 Npfs - ok
15:32:07.0615 0376 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:32:07.0618 0376 nsi - ok
15:32:07.0635 0376 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:32:07.0636 0376 nsiproxy - ok
15:32:07.0717 0376 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:32:07.0734 0376 Ntfs - ok
15:32:07.0757 0376 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:32:07.0758 0376 Null - ok
15:32:07.0795 0376 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:32:07.0796 0376 nvraid - ok
15:32:07.0826 0376 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:32:07.0828 0376 nvstor - ok
15:32:07.0874 0376 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:32:07.0876 0376 nv_agp - ok
15:32:07.0922 0376 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:32:07.0924 0376 ohci1394 - ok
15:32:07.0982 0376 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:32:07.0984 0376 ose - ok
15:32:08.0386 0376 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:32:08.0416 0376 osppsvc - ok
15:32:08.0466 0376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:32:08.0472 0376 p2pimsvc - ok
15:32:08.0498 0376 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:32:08.0504 0376 p2psvc - ok
15:32:08.0538 0376 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:32:08.0539 0376 Parport - ok
15:32:08.0557 0376 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:32:08.0558 0376 partmgr - ok
15:32:08.0566 0376 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:32:08.0570 0376 PcaSvc - ok
15:32:08.0604 0376 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:32:08.0606 0376 pci - ok
15:32:08.0626 0376 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:32:08.0627 0376 pciide - ok
15:32:08.0636 0376 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:32:08.0638 0376 pcmcia - ok
15:32:08.0656 0376 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:32:08.0657 0376 pcw - ok
15:32:08.0682 0376 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:32:08.0687 0376 PEAUTH - ok
15:32:08.0760 0376 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:32:08.0764 0376 PerfHost - ok
15:32:08.0845 0376 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:32:08.0862 0376 pla - ok
15:32:08.0909 0376 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:32:08.0915 0376 PlugPlay - ok
15:32:08.0926 0376 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:32:08.0929 0376 PNRPAutoReg - ok
15:32:08.0955 0376 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:32:08.0960 0376 PNRPsvc - ok
15:32:08.0986 0376 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:32:08.0992 0376 PolicyAgent - ok
15:32:09.0019 0376 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:32:09.0024 0376 Power - ok
15:32:09.0057 0376 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:32:09.0058 0376 PptpMiniport - ok
15:32:09.0087 0376 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:32:09.0088 0376 Processor - ok
15:32:09.0127 0376 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:32:09.0132 0376 ProfSvc - ok
15:32:09.0153 0376 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:32:09.0156 0376 ProtectedStorage - ok
15:32:09.0204 0376 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:32:09.0205 0376 Psched - ok
15:32:09.0252 0376 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:32:09.0261 0376 ql2300 - ok
15:32:09.0270 0376 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:32:09.0272 0376 ql40xx - ok
15:32:09.0315 0376 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:32:09.0324 0376 QWAVE - ok
15:32:09.0339 0376 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:32:09.0341 0376 QWAVEdrv - ok
15:32:09.0357 0376 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:32:09.0359 0376 RasAcd - ok
15:32:09.0397 0376 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:32:09.0399 0376 RasAgileVpn - ok
15:32:09.0426 0376 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:32:09.0431 0376 RasAuto - ok
15:32:09.0456 0376 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:32:09.0458 0376 Rasl2tp - ok
15:32:09.0500 0376 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:32:09.0508 0376 RasMan - ok
15:32:09.0528 0376 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:32:09.0530 0376 RasPppoe - ok
15:32:09.0545 0376 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:32:09.0547 0376 RasSstp - ok
15:32:09.0567 0376 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:32:09.0571 0376 rdbss - ok
15:32:09.0587 0376 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:32:09.0588 0376 rdpbus - ok
15:32:09.0608 0376 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:32:09.0609 0376 RDPCDD - ok
15:32:09.0619 0376 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:32:09.0620 0376 RDPENCDD - ok
15:32:09.0655 0376 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:32:09.0656 0376 RDPREFMP - ok
15:32:09.0697 0376 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:32:09.0699 0376 RDPWD - ok
15:32:09.0756 0376 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:32:09.0759 0376 rdyboost - ok
15:32:09.0817 0376 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:32:09.0822 0376 RemoteAccess - ok
15:32:09.0850 0376 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:32:09.0858 0376 RemoteRegistry - ok
15:32:09.0866 0376 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:32:09.0873 0376 RpcEptMapper - ok
15:32:09.0901 0376 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:32:09.0904 0376 RpcLocator - ok
15:32:09.0953 0376 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:32:09.0964 0376 RpcSs - ok
15:32:09.0995 0376 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:32:09.0997 0376 rspndr - ok
15:32:10.0065 0376 [ A5DF2F732A6C95554E548FCB6932BD31 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:32:10.0068 0376 RSUSBSTOR - ok
15:32:10.0111 0376 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:32:10.0114 0376 RTL8167 - ok
15:32:10.0122 0376 RtsUIR - ok
15:32:10.0142 0376 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:32:10.0146 0376 SamSs - ok
15:32:10.0189 0376 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:32:10.0191 0376 sbp2port - ok
15:32:10.0222 0376 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:32:10.0228 0376 SCardSvr - ok
15:32:10.0261 0376 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:32:10.0263 0376 scfilter - ok
15:32:10.0326 0376 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:32:10.0343 0376 Schedule - ok
15:32:10.0381 0376 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:32:10.0383 0376 SCPolicySvc - ok
15:32:10.0465 0376 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:32:10.0467 0376 sdbus - ok
15:32:10.0509 0376 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:32:10.0516 0376 SDRSVC - ok
15:32:10.0542 0376 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:32:10.0543 0376 secdrv - ok
15:32:10.0583 0376 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:32:10.0589 0376 seclogon - ok
15:32:10.0614 0376 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:32:10.0621 0376 SENS - ok
15:32:10.0650 0376 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:32:10.0657 0376 SensrSvc - ok
15:32:10.0676 0376 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:32:10.0677 0376 Serenum - ok
15:32:10.0697 0376 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:32:10.0699 0376 Serial - ok
15:32:10.0717 0376 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:32:10.0718 0376 sermouse - ok
15:32:10.0770 0376 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:32:10.0774 0376 SessionEnv - ok
15:32:10.0806 0376 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:32:10.0807 0376 sffdisk - ok
15:32:10.0820 0376 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:32:10.0821 0376 sffp_mmc - ok
15:32:10.0833 0376 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:32:10.0834 0376 sffp_sd - ok
15:32:10.0850 0376 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:32:10.0851 0376 sfloppy - ok
15:32:10.0904 0376 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:32:10.0914 0376 ShellHWDetection - ok
15:32:10.0933 0376 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:32:10.0934 0376 SiSRaid2 - ok
15:32:10.0950 0376 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:32:10.0951 0376 SiSRaid4 - ok
15:32:11.0013 0376 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:32:11.0015 0376 SkypeUpdate - ok
15:32:11.0062 0376 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:32:11.0064 0376 Smb - ok
15:32:11.0097 0376 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:32:11.0101 0376 SNMPTRAP - ok
15:32:11.0119 0376 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:32:11.0120 0376 spldr - ok
15:32:11.0157 0376 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:32:11.0164 0376 Spooler - ok
15:32:11.0282 0376 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:32:11.0310 0376 sppsvc - ok
15:32:11.0326 0376 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:32:11.0330 0376 sppuinotify - ok
15:32:11.0377 0376 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:32:11.0381 0376 srv - ok
15:32:11.0405 0376 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:32:11.0409 0376 srv2 - ok
15:32:11.0455 0376 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:32:11.0458 0376 SrvHsfHDA - ok
15:32:11.0593 0376 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:32:11.0609 0376 SrvHsfV92 - ok
15:32:11.0642 0376 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:32:11.0648 0376 SrvHsfWinac - ok
15:32:11.0695 0376 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:32:11.0697 0376 srvnet - ok
15:32:11.0738 0376 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:32:11.0745 0376 SSDPSRV - ok
15:32:11.0754 0376 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:32:11.0761 0376 SstpSvc - ok
15:32:11.0902 0376 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
15:32:11.0905 0376 STacSV - ok
15:32:11.0940 0376 Steam Client Service - ok
15:32:11.0964 0376 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:32:11.0966 0376 stexstor - ok
15:32:12.0002 0376 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
15:32:12.0008 0376 STHDA - ok
15:32:12.0048 0376 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:32:12.0049 0376 StillCam - ok
15:32:12.0121 0376 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:32:12.0133 0376 stisvc - ok
15:32:12.0187 0376 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:32:12.0189 0376 swenum - ok
15:32:12.0289 0376 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:32:12.0295 0376 SwitchBoard - ok
15:32:12.0337 0376 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:32:12.0348 0376 swprv - ok
15:32:12.0418 0376 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:32:12.0423 0376 SynTP - ok
15:32:12.0511 0376 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:32:12.0529 0376 SysMain - ok
15:32:12.0568 0376 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:32:12.0573 0376 TabletInputService - ok
15:32:12.0616 0376 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:32:12.0626 0376 TapiSrv - ok
15:32:12.0651 0376 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:32:12.0656 0376 TBS - ok
15:32:12.0751 0376 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:32:12.0766 0376 Tcpip - ok
15:32:12.0840 0376 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:32:12.0855 0376 TCPIP6 - ok
15:32:12.0895 0376 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:32:12.0896 0376 tcpipreg - ok
15:32:12.0921 0376 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:32:12.0922 0376 TDPIPE - ok
15:32:12.0950 0376 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:32:12.0951 0376 TDTCP - ok
15:32:12.0995 0376 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:32:12.0997 0376 tdx - ok
15:32:13.0033 0376 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:32:13.0036 0376 TermDD - ok
15:32:13.0098 0376 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:32:13.0111 0376 TermService - ok
15:32:13.0142 0376 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:32:13.0147 0376 Themes - ok
15:32:13.0184 0376 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:32:13.0187 0376 THREADORDER - ok
15:32:13.0203 0376 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:32:13.0207 0376 TrkWks - ok
15:32:13.0263 0376 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:32:13.0265 0376 TrustedInstaller - ok
15:32:13.0305 0376 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:32:13.0306 0376 tssecsrv - ok
15:32:13.0355 0376 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:32:13.0356 0376 TsUsbFlt - ok
15:32:13.0410 0376 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:32:13.0412 0376 tunnel - ok
15:32:13.0441 0376 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:32:13.0443 0376 uagp35 - ok
15:32:13.0487 0376 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:32:13.0490 0376 udfs - ok
15:32:13.0537 0376 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:32:13.0543 0376 UI0Detect - ok
15:32:13.0583 0376 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:32:13.0585 0376 uliagpkx - ok
15:32:13.0645 0376 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:32:13.0646 0376 umbus - ok
15:32:13.0676 0376 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:32:13.0677 0376 UmPass - ok
15:32:13.0698 0376 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:32:13.0704 0376 upnphost - ok
15:32:13.0749 0376 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:32:13.0750 0376 usbaudio - ok
15:32:13.0782 0376 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:32:13.0783 0376 usbccgp - ok
15:32:13.0796 0376 USBCCID - ok
15:32:13.0844 0376 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:32:13.0847 0376 usbcir - ok
15:32:13.0888 0376 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:32:13.0889 0376 usbehci - ok
15:32:13.0924 0376 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:32:13.0928 0376 usbhub - ok
15:32:13.0958 0376 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:32:13.0959 0376 usbohci - ok
15:32:14.0000 0376 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:32:14.0001 0376 usbprint - ok
15:32:14.0052 0376 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:32:14.0053 0376 usbscan - ok
15:32:14.0102 0376 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:32:14.0103 0376 USBSTOR - ok
15:32:14.0145 0376 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:32:14.0146 0376 usbuhci - ok
15:32:14.0204 0376 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:32:14.0207 0376 usbvideo - ok
15:32:14.0238 0376 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:32:14.0242 0376 UxSms - ok
15:32:14.0253 0376 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:32:14.0256 0376 VaultSvc - ok
15:32:14.0312 0376 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:32:14.0313 0376 vdrvroot - ok
15:32:14.0373 0376 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:32:14.0382 0376 vds - ok
15:32:14.0413 0376 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:32:14.0415 0376 vga - ok
15:32:14.0430 0376 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:32:14.0431 0376 VgaSave - ok
15:32:14.0472 0376 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:32:14.0475 0376 vhdmp - ok
15:32:14.0513 0376 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:32:14.0515 0376 viaide - ok
15:32:14.0561 0376 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:32:14.0564 0376 volmgr - ok
15:32:14.0614 0376 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:32:14.0618 0376 volmgrx - ok
15:32:14.0662 0376 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:32:14.0666 0376 volsnap - ok
15:32:14.0688 0376 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:32:14.0690 0376 vsmraid - ok
15:32:14.0768 0376 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:32:14.0790 0376 VSS - ok
15:32:14.0833 0376 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:32:14.0835 0376 vwifibus - ok
15:32:14.0861 0376 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:32:14.0863 0376 vwififlt - ok
15:32:14.0909 0376 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:32:14.0918 0376 W32Time - ok
15:32:14.0942 0376 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:32:14.0944 0376 WacomPen - ok
15:32:15.0001 0376 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:32:15.0003 0376 WANARP - ok
15:32:15.0009 0376 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:32:15.0011 0376 Wanarpv6 - ok
15:32:15.0081 0376 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:32:15.0094 0376 WatAdminSvc - ok
15:32:15.0152 0376 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:32:15.0166 0376 wbengine - ok
15:32:15.0195 0376 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:32:15.0200 0376 WbioSrvc - ok
15:32:15.0246 0376 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:32:15.0255 0376 wcncsvc - ok
15:32:15.0270 0376 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:32:15.0278 0376 WcsPlugInService - ok
15:32:15.0308 0376 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:32:15.0309 0376 Wd - ok
15:32:15.0329 0376 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:32:15.0334 0376 Wdf01000 - ok
15:32:15.0348 0376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:32:15.0353 0376 WdiServiceHost - ok
15:32:15.0357 0376 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:32:15.0362 0376 WdiSystemHost - ok
15:32:15.0413 0376 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:32:15.0422 0376 WebClient - ok
15:32:15.0441 0376 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:32:15.0447 0376 Wecsvc - ok
15:32:15.0459 0376 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:32:15.0463 0376 wercplsupport - ok
15:32:15.0477 0376 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:32:15.0481 0376 WerSvc - ok
15:32:15.0511 0376 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:32:15.0512 0376 WfpLwf - ok
15:32:15.0531 0376 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:32:15.0533 0376 WIMMount - ok
15:32:15.0540 0376 WinHttpAutoProxySvc - ok
15:32:15.0601 0376 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:32:15.0604 0376 Winmgmt - ok
15:32:15.0678 0376 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:32:15.0694 0376 WinRM - ok
15:32:15.0762 0376 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:32:15.0778 0376 Wlansvc - ok
15:32:15.0832 0376 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:32:15.0833 0376 WmiAcpi - ok
15:32:15.0873 0376 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:32:15.0875 0376 wmiApSrv - ok
15:32:15.0918 0376 WMPNetworkSvc - ok
15:32:15.0949 0376 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:32:15.0957 0376 WPCSvc - ok
15:32:15.0995 0376 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:32:16.0000 0376 WPDBusEnum - ok
15:32:16.0019 0376 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:32:16.0020 0376 ws2ifsl - ok
15:32:16.0025 0376 WSearch - ok
15:32:16.0132 0376 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:32:16.0157 0376 wuauserv - ok
15:32:16.0186 0376 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:32:16.0187 0376 WudfPf - ok
15:32:16.0248 0376 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:32:16.0251 0376 WUDFRd - ok
15:32:16.0292 0376 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:32:16.0300 0376 wudfsvc - ok
15:32:16.0335 0376 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:32:16.0343 0376 WwanSvc - ok
15:32:16.0391 0376 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:32:16.0394 0376 yukonw7 - ok
15:32:16.0409 0376 ================ Scan global ===============================
15:32:16.0434 0376 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:32:16.0472 0376 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:32:16.0485 0376 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:32:16.0536 0376 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:32:16.0568 0376 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:32:16.0577 0376 [Global] - ok
15:32:16.0578 0376 ================ Scan MBR ==================================
15:32:16.0592 0376 [ 690392D16E468AEB0555770E94852930 ] \Device\Harddisk0\DR0
15:32:16.0856 0376 \Device\Harddisk0\DR0 - ok
15:32:16.0857 0376 ================ Scan VBR ==================================
15:32:16.0862 0376 [ EA807B5C5796A761C82EE7B36C95CAC7 ] \Device\Harddisk0\DR0\Partition1
15:32:16.0867 0376 \Device\Harddisk0\DR0\Partition1 - ok
15:32:16.0885 0376 [ 24FD409AF72B31CD7CD457FF5B5C45E4 ] \Device\Harddisk0\DR0\Partition2
15:32:16.0887 0376 \Device\Harddisk0\DR0\Partition2 - ok
15:32:16.0915 0376 [ 164C9BD553D70CA6AE6576D30BDBBCE5 ] \Device\Harddisk0\DR0\Partition3
15:32:16.0917 0376 \Device\Harddisk0\DR0\Partition3 - ok
15:32:16.0918 0376 ============================================================
15:32:16.0918 0376 Scan finished
15:32:16.0918 0376 ============================================================
15:32:16.0934 4844 Detected object count: 0
15:32:16.0934 4844 Actual detected object count: 0
15:38:48.0706 4092 ============================================================
15:38:48.0706 4092 Scan started
15:38:48.0706 4092 Mode: Manual; TDLFS;
15:38:48.0706 4092 ============================================================
15:38:49.0136 4092 ================ Scan system memory ========================
15:38:49.0136 4092 System memory - ok
15:38:49.0137 4092 ================ Scan services =============================
15:38:49.0286 4092 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:38:49.0290 4092 1394ohci - ok
15:38:49.0334 4092 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:38:49.0338 4092 ACPI - ok
15:38:49.0381 4092 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:38:49.0382 4092 AcpiPmi - ok
15:38:49.0505 4092 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:38:49.0507 4092 AdobeARMservice - ok
15:38:49.0634 4092 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:38:49.0638 4092 AdobeFlashPlayerUpdateSvc - ok
15:38:49.0673 4092 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:38:49.0677 4092 adp94xx - ok
15:38:49.0688 4092 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:38:49.0691 4092 adpahci - ok
15:38:49.0701 4092 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:38:49.0703 4092 adpu320 - ok
15:38:49.0733 4092 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:38:49.0735 4092 AeLookupSvc - ok
15:38:49.0859 4092 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
15:38:49.0862 4092 AESTFilters - ok
15:38:49.0917 4092 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:38:49.0921 4092 AFD - ok
15:38:49.0976 4092 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
15:38:49.0977 4092 AgereModemAudio - ok
15:38:50.0028 4092 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
15:38:50.0040 4092 AgereSoftModem - ok
15:38:50.0077 4092 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:38:50.0079 4092 agp440 - ok
15:38:50.0114 4092 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:38:50.0116 4092 ALG - ok
15:38:50.0130 4092 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:38:50.0132 4092 aliide - ok
15:38:50.0170 4092 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:38:50.0171 4092 amdide - ok
15:38:50.0204 4092 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:38:50.0206 4092 AmdK8 - ok
15:38:50.0223 4092 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:38:50.0225 4092 AmdPPM - ok
15:38:50.0269 4092 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:38:50.0270 4092 amdsata - ok
15:38:50.0294 4092 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:38:50.0296 4092 amdsbs - ok
15:38:50.0314 4092 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:38:50.0315 4092 amdxata - ok
15:38:50.0363 4092 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:38:50.0365 4092 AppID - ok
15:38:50.0401 4092 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:38:50.0403 4092 AppIDSvc - ok
15:38:50.0444 4092 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:38:50.0446 4092 Appinfo - ok
15:38:50.0503 4092 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:38:50.0506 4092 Apple Mobile Device - ok
15:38:50.0540 4092 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:38:50.0542 4092 arc - ok
15:38:50.0551 4092 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:38:50.0553 4092 arcsas - ok
15:38:50.0581 4092 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:38:50.0582 4092 aswFsBlk - ok
15:38:50.0617 4092 [ 7B922B13ACFF9E4FBA24A6EACC417B78 ] aswFW C:\Windows\system32\drivers\aswFW.sys
15:38:50.0619 4092 aswFW - ok
15:38:50.0650 4092 [ F146F83E8F7AC22BD011D5942E4C155C ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
15:38:50.0651 4092 aswKbd - ok
15:38:50.0681 4092 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:38:50.0682 4092 aswMonFlt - ok
15:38:50.0697 4092 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
15:38:50.0698 4092 aswNdis - ok
15:38:50.0733 4092 [ 5693F48725D83510C5C2A60DB4137D85 ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
15:38:50.0735 4092 aswNdis2 - ok
15:38:50.0772 4092 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:38:50.0773 4092 aswRdr - ok
15:38:50.0813 4092 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:38:50.0820 4092 aswSnx - ok
15:38:50.0896 4092 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:38:50.0899 4092 aswSP - ok
15:38:50.0927 4092 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:38:50.0928 4092 aswTdi - ok
15:38:50.0953 4092 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:38:50.0954 4092 AsyncMac - ok
15:38:50.0998 4092 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:38:50.0999 4092 atapi - ok
15:38:51.0050 4092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:38:51.0055 4092 AudioEndpointBuilder - ok
15:38:51.0067 4092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:38:51.0071 4092 AudioSrv - ok
15:38:51.0123 4092 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:38:51.0124 4092 avast! Antivirus - ok
15:38:51.0159 4092 [ DD4C61CB3CDBC8B0A7D2107C6944DC71 ] avast! Firewall C:\Program Files\Alwil Software\Avast5\afwServ.exe
15:38:51.0161 4092 avast! Firewall - ok
15:38:51.0209 4092 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:38:51.0211 4092 AxInstSV - ok
15:38:51.0256 4092 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:38:51.0259 4092 b06bdrv - ok
15:38:51.0282 4092 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:38:51.0284 4092 b57nd60a - ok
15:38:51.0316 4092 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:38:51.0317 4092 BDESVC - ok
15:38:51.0336 4092 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:38:51.0337 4092 Beep - ok
15:38:51.0390 4092 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:38:51.0398 4092 BITS - ok
15:38:51.0413 4092 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:38:51.0414 4092 blbdrive - ok
15:38:51.0457 4092 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:38:51.0461 4092 Bonjour Service - ok
15:38:51.0497 4092 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:38:51.0499 4092 bowser - ok
15:38:51.0525 4092 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:38:51.0526 4092 BrFiltLo - ok
15:38:51.0548 4092 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:38:51.0549 4092 BrFiltUp - ok
15:38:51.0586 4092 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:38:51.0588 4092 Browser - ok
15:38:51.0596 4092 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:38:51.0599 4092 Brserid - ok
15:38:51.0607 4092 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:38:51.0608 4092 BrSerWdm - ok
15:38:51.0614 4092 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:38:51.0616 4092 BrUsbMdm - ok
15:38:51.0624 4092 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:38:51.0625 4092 BrUsbSer - ok
15:38:51.0644 4092 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:38:51.0645 4092 BTHMODEM - ok
15:38:51.0680 4092 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:38:51.0681 4092 bthserv - ok
15:38:51.0700 4092 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:38:51.0701 4092 cdfs - ok
15:38:51.0744 4092 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:38:51.0745 4092 cdrom - ok
15:38:51.0784 4092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:38:51.0786 4092 CertPropSvc - ok
15:38:51.0802 4092 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:38:51.0803 4092 circlass - ok
15:38:51.0831 4092 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:38:51.0836 4092 CLFS - ok
15:38:51.0909 4092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:38:51.0912 4092 clr_optimization_v2.0.50727_32 - ok
15:38:51.0966 4092 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:38:51.0968 4092 clr_optimization_v2.0.50727_64 - ok
15:38:52.0039 4092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:38:52.0042 4092 clr_optimization_v4.0.30319_32 - ok
15:38:52.0077 4092 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:38:52.0080 4092 clr_optimization_v4.0.30319_64 - ok
15:38:52.0101 4092 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:38:52.0102 4092 CmBatt - ok
15:38:52.0133 4092 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:38:52.0134 4092 cmdide - ok
15:38:52.0178 4092 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:38:52.0182 4092 CNG - ok
15:38:52.0257 4092 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:38:52.0259 4092 Com4QLBEx - ok
15:38:52.0288 4092 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:38:52.0289 4092 Compbatt - ok
15:38:52.0331 4092 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:38:52.0332 4092 CompositeBus - ok
15:38:52.0339 4092 COMSysApp - ok
15:38:52.0357 4092 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:38:52.0359 4092 crcdisk - ok
15:38:52.0402 4092 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:38:52.0404 4092 CryptSvc - ok
15:38:52.0454 4092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:38:52.0461 4092 DcomLaunch - ok
15:38:52.0500 4092 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:38:52.0503 4092 defragsvc - ok
15:38:52.0548 4092 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:38:52.0552 4092 DfsC - ok
15:38:52.0598 4092 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:38:52.0603 4092 Dhcp - ok
15:38:52.0631 4092 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:38:52.0633 4092 discache - ok
15:38:52.0641 4092 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:38:52.0643 4092 Disk - ok
15:38:52.0672 4092 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:38:52.0675 4092 Dnscache - ok
15:38:52.0719 4092 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:38:52.0722 4092 dot3svc - ok
15:38:52.0762 4092 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:38:52.0765 4092 DPS - ok
15:38:52.0787 4092 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:38:52.0788 4092 drmkaud - ok
15:38:52.0847 4092 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:38:52.0857 4092 DXGKrnl - ok
15:38:52.0889 4092 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:38:52.0891 4092 EapHost - ok
15:38:52.0989 4092 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:38:53.0010 4092 ebdrv - ok
15:38:53.0045 4092 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:38:53.0047 4092 EFS - ok
15:38:53.0136 4092 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:38:53.0143 4092 ehRecvr - ok
15:38:53.0163 4092 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:38:53.0165 4092 ehSched - ok
15:38:53.0209 4092 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:38:53.0215 4092 elxstor - ok
15:38:53.0252 4092 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:38:53.0253 4092 ErrDev - ok
15:38:53.0290 4092 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:38:53.0294 4092 EventSystem - ok
15:38:53.0314 4092 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:38:53.0316 4092 exfat - ok
15:38:53.0339 4092 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:38:53.0341 4092 fastfat - ok
15:38:53.0392 4092 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:38:53.0398 4092 Fax - ok
15:38:53.0425 4092 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:38:53.0426 4092 fdc - ok
15:38:53.0451 4092 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:38:53.0453 4092 fdPHost - ok
15:38:53.0466 4092 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:38:53.0469 4092 FDResPub - ok
15:38:53.0484 4092 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:38:53.0485 4092 FileInfo - ok
15:38:53.0491 4092 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:38:53.0492 4092 Filetrace - ok
15:38:53.0499 4092 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:38:53.0500 4092 flpydisk - ok
15:38:53.0545 4092 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:38:53.0548 4092 FltMgr - ok
15:38:53.0601 4092 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:38:53.0615 4092 FontCache - ok
15:38:53.0684 4092 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:38:53.0686 4092 FontCache3.0.0.0 - ok
15:38:53.0711 4092 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:38:53.0713 4092 FsDepends - ok
15:38:53.0761 4092 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:38:53.0762 4092 Fs_Rec - ok
15:38:53.0811 4092 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:38:53.0814 4092 fvevol - ok
15:38:53.0838 4092 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:38:53.0840 4092 gagp30kx - ok
15:38:53.0870 4092 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:38:53.0871 4092 GEARAspiWDM - ok
15:38:53.0931 4092 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:38:53.0941 4092 gpsvc - ok
15:38:54.0001 4092 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:38:54.0002 4092 gupdate - ok
15:38:54.0008 4092 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:38:54.0010 4092 gupdatem - ok
15:38:54.0038 4092 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:38:54.0039 4092 hcw85cir - ok
15:38:54.0087 4092 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:38:54.0090 4092 HdAudAddService - ok
15:38:54.0127 4092 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:38:54.0129 4092 HDAudBus - ok
15:38:54.0142 4092 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:38:54.0144 4092 HidBatt - ok
15:38:54.0164 4092 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:38:54.0165 4092 HidBth - ok
15:38:54.0190 4092 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:38:54.0191 4092 HidIr - ok
15:38:54.0222 4092 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:38:54.0224 4092 hidserv - ok
15:38:54.0261 4092 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:38:54.0262 4092 HidUsb - ok
15:38:54.0304 4092 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:38:54.0307 4092 hkmsvc - ok
15:38:54.0343 4092 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:38:54.0347 4092 HomeGroupListener - ok
15:38:54.0389 4092 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:38:54.0394 4092 HomeGroupProvider - ok
15:38:54.0418 4092 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:38:54.0419 4092 HpqKbFiltr - ok
15:38:54.0470 4092 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:38:54.0473 4092 hpqwmiex - ok
15:38:54.0520 4092 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:38:54.0522 4092 HpSAMD - ok
15:38:54.0577 4092 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:38:54.0583 4092 HTTP - ok
15:38:54.0614 4092 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:38:54.0615 4092 hwpolicy - ok
15:38:54.0654 4092 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:38:54.0656 4092 i8042prt - ok
15:38:54.0681 4092 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:38:54.0685 4092 iaStorV - ok
15:38:54.0742 4092 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:38:54.0754 4092 idsvc - ok
15:38:55.0028 4092 [ C6238C6ABD6AC99F5D152DA4E9439A3D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:38:55.0101 4092 igfx - ok
15:38:55.0133 4092 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:38:55.0135 4092 iirsp - ok
15:38:55.0191 4092 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:38:55.0203 4092 IKEEXT - ok
15:38:55.0238 4092 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
15:38:55.0239 4092 IntcHdmiAddService - ok
15:38:55.0255 4092 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:38:55.0256 4092 intelide - ok
15:38:55.0273 4092 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:38:55.0274 4092 intelppm - ok
15:38:55.0297 4092 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:38:55.0300 4092 IPBusEnum - ok
15:38:55.0340 4092 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:38:55.0341 4092 IpFilterDriver - ok
15:38:55.0378 4092 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:38:55.0380 4092 IPMIDRV - ok
15:38:55.0397 4092 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:38:55.0398 4092 IPNAT - ok
15:38:55.0446 4092 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:38:55.0453 4092 iPod Service - ok
15:38:55.0469 4092 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:38:55.0470 4092 IRENUM - ok
15:38:55.0501 4092 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:38:55.0502 4092 isapnp - ok
15:38:55.0670 4092 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:38:55.0674 4092 iScsiPrt - ok
15:38:55.0706 4092 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:38:55.0708 4092 kbdclass - ok
15:38:55.0753 4092 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:38:55.0754 4092 kbdhid - ok
15:38:55.0767 4092 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:38:55.0770 4092 KeyIso - ok
15:38:55.0802 4092 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:38:55.0804 4092 KSecDD - ok
15:38:55.0824 4092 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:38:55.0826 4092 KSecPkg - ok
15:38:55.0853 4092 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:38:55.0854 4092 ksthunk - ok
15:38:55.0894 4092 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:38:55.0900 4092 KtmRm - ok
15:38:55.0945 4092 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:38:55.0952 4092 LanmanServer - ok
15:38:55.0991 4092 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:38:55.0997 4092 LanmanWorkstation - ok
15:38:56.0050 4092 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:38:56.0053 4092 LightScribeService - ok
15:38:56.0078 4092 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:38:56.0080 4092 lltdio - ok
15:38:56.0124 4092 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:38:56.0131 4092 lltdsvc - ok
15:38:56.0150 4092 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:38:56.0155 4092 lmhosts - ok
15:38:56.0188 4092 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:38:56.0190 4092 LSI_FC - ok
15:38:56.0204 4092 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:38:56.0205 4092 LSI_SAS - ok
15:38:56.0228 4092 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:38:56.0231 4092 LSI_SAS2 - ok
15:38:56.0244 4092 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:38:56.0246 4092 LSI_SCSI - ok
15:38:56.0265 4092 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:38:56.0267 4092 luafv - ok
15:38:56.0296 4092 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:38:56.0297 4092 MBAMProtector - ok
15:38:56.0365 4092 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:38:56.0373 4092 MBAMService - ok
15:38:56.0416 4092 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
15:38:56.0418 4092 mcdbus - ok
15:38:56.0454 4092 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:38:56.0457 4092 Mcx2Svc - ok
15:38:56.0491 4092 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:38:56.0492 4092 megasas - ok
15:38:56.0507 4092 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:38:56.0510 4092 MegaSR - ok
15:38:56.0542 4092 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:38:56.0545 4092 MMCSS - ok
15:38:56.0564 4092 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:38:56.0565 4092 Modem - ok
15:38:56.0581 4092 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:38:56.0583 4092 monitor - ok
15:38:56.0629 4092 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:38:56.0630 4092 mouclass - ok
15:38:56.0641 4092 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:38:56.0643 4092 mouhid - ok
15:38:56.0682 4092 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:38:56.0685 4092 mountmgr - ok
15:38:56.0726 4092 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:38:56.0729 4092 mpio - ok
15:38:56.0744 4092 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:38:56.0746 4092 mpsdrv - ok
15:38:56.0788 4092 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:38:56.0790 4092 MRxDAV - ok
15:38:56.0837 4092 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:38:56.0840 4092 mrxsmb - ok
15:38:56.0881 4092 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:38:56.0885 4092 mrxsmb10 - ok
15:38:56.0905 4092 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:38:56.0907 4092 mrxsmb20 - ok
15:38:56.0953 4092 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:38:56.0955 4092 msahci - ok
15:38:56.0980 4092 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:38:56.0983 4092 msdsm - ok
15:38:57.0011 4092 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:38:57.0017 4092 MSDTC - ok
15:38:57.0070 4092 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:38:57.0072 4092 Msfs - ok
15:38:57.0090 4092 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:38:57.0092 4092 mshidkmdf - ok
15:38:57.0132 4092 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:38:57.0134 4092 msisadrv - ok
15:38:57.0170 4092 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:38:57.0174 4092 MSiSCSI - ok
15:38:57.0184 4092 msiserver - ok
15:38:57.0212 4092 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:38:57.0213 4092 MSKSSRV - ok
15:38:57.0230 4092 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:38:57.0231 4092 MSPCLOCK - ok
15:38:57.0247 4092 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:38:57.0248 4092 MSPQM - ok
15:38:57.0303 4092 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:38:57.0306 4092 MsRPC - ok
15:38:57.0349 4092 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:38:57.0350 4092 mssmbios - ok
15:38:57.0379 4092 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:38:57.0380 4092 MSTEE - ok
15:38:57.0391 4092 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:38:57.0392 4092 MTConfig - ok
15:38:57.0412 4092 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:38:57.0413 4092 Mup - ok
15:38:57.0466 4092 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:38:57.0472 4092 napagent - ok
15:38:57.0494 4092 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:38:57.0497 4092 NativeWifiP - ok
15:38:57.0558 4092 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:38:57.0568 4092 NDIS - ok
15:38:57.0600 4092 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:38:57.0601 4092 NdisCap - ok
15:38:57.0616 4092 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:38:57.0617 4092 NdisTapi - ok
15:38:57.0659 4092 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:38:57.0661 4092 Ndisuio - ok
15:38:57.0707 4092 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:38:57.0710 4092 NdisWan - ok
15:38:57.0754 4092 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:38:57.0756 4092 NDProxy - ok
15:38:57.0779 4092 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:38:57.0780 4092 NetBIOS - ok
15:38:57.0823 4092 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:38:57.0826 4092 NetBT - ok
15:38:57.0844 4092 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:38:57.0849 4092 Netlogon - ok
15:38:57.0878 4092 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:38:57.0883 4092 Netman - ok
15:38:57.0896 4092 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:38:57.0902 4092 netprofm - ok
15:38:57.0935 4092 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:38:57.0936 4092 NetTcpPortSharing - ok
15:38:58.0124 4092 [ E72F4522801FFB8F0456924FB0017BFF ] NETw1v64 C:\Windows\system32\DRIVERS\NETw1v64.sys
15:38:58.0168 4092 NETw1v64 - ok
15:38:58.0369 4092 [ 39EDE676D17F37AF4573C2B33EC28ACA ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
15:38:58.0418 4092 NETw5s64 - ok
15:38:58.0693 4092 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
15:38:58.0727 4092 netw5v64 - ok
15:38:58.0745 4092 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:38:58.0747 4092 nfrd960 - ok
15:38:58.0793 4092 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:38:58.0798 4092 NlaSvc - ok
15:38:58.0804 4092 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:38:58.0805 4092 Npfs - ok
15:38:58.0829 4092 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:38:58.0832 4092 nsi - ok
15:38:58.0849 4092 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:38:58.0850 4092 nsiproxy - ok
15:38:58.0920 4092 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:38:58.0935 4092 Ntfs - ok
15:38:58.0949 4092 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:38:58.0949 4092 Null - ok
15:38:58.0988 4092 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:38:58.0990 4092 nvraid - ok
15:38:59.0029 4092 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:38:59.0031 4092 nvstor - ok
15:38:59.0077 4092 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:38:59.0078 4092 nv_agp - ok
15:38:59.0114 4092 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:38:59.0116 4092 ohci1394 - ok
15:38:59.0151 4092 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:38:59.0153 4092 ose - ok
15:38:59.0332 4092 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:38:59.0365 4092 osppsvc - ok
15:38:59.0414 4092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:38:59.0419 4092 p2pimsvc - ok
15:38:59.0457 4092 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:38:59.0463 4092 p2psvc - ok
15:38:59.0496 4092 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:38:59.0498 4092 Parport - ok
15:38:59.0516 4092 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:38:59.0518 4092 partmgr - ok
15:38:59.0526 4092 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:38:59.0530 4092 PcaSvc - ok
15:38:59.0563 4092 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:38:59.0565 4092 pci - ok
15:38:59.0585 4092 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:38:59.0586 4092 pciide - ok
15:38:59.0594 4092 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:38:59.0596 4092 pcmcia - ok
15:38:59.0614 4092 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:38:59.0615 4092 pcw - ok
15:38:59.0641 4092 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:38:59.0646 4092 PEAUTH - ok
15:38:59.0718 4092 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:38:59.0723 4092 PerfHost - ok
15:38:59.0799 4092 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:38:59.0813 4092 pla - ok
15:38:59.0845 4092 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:38:59.0851 4092 PlugPlay - ok
15:38:59.0862 4092 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:38:59.0866 4092 PNRPAutoReg - ok
15:38:59.0892 4092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:38:59.0897 4092 PNRPsvc - ok
15:38:59.0923 4092 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:38:59.0928 4092 PolicyAgent - ok
15:38:59.0956 4092 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:38:59.0961 4092 Power - ok
15:38:59.0982 4092 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:38:59.0984 4092 PptpMiniport - ok
15:39:00.0012 4092 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:39:00.0013 4092 Processor - ok
15:39:00.0064 4092 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:39:00.0068 4092 ProfSvc - ok
15:39:00.0079 4092 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:39:00.0082 4092 ProtectedStorage - ok
15:39:00.0118 4092 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:39:00.0120 4092 Psched - ok
15:39:00.0170 4092 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:39:00.0187 4092 ql2300 - ok
15:39:00.0195 4092 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:39:00.0197 4092 ql40xx - ok
15:39:00.0228 4092 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:39:00.0233 4092 QWAVE - ok
15:39:00.0242 4092 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:39:00.0243 4092 QWAVEdrv - ok
15:39:00.0260 4092 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:39:00.0262 4092 RasAcd - ok
15:39:00.0289 4092 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:39:00.0290 4092 RasAgileVpn - ok
15:39:00.0307 4092 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:39:00.0311 4092 RasAuto - ok
15:39:00.0337 4092 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:39:00.0339 4092 Rasl2tp - ok
15:39:00.0381 4092 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:39:00.0387 4092 RasMan - ok
15:39:00.0409 4092 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:39:00.0410 4092 RasPppoe - ok
15:39:00.0426 4092 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:39:00.0428 4092 RasSstp - ok
15:39:00.0448 4092 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:39:00.0451 4092 rdbss - ok
15:39:00.0468 4092 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:39:00.0469 4092 rdpbus - ok
15:39:00.0489 4092 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:39:00.0490 4092 RDPCDD - ok
15:39:00.0501 4092 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:39:00.0502 4092 RDPENCDD - ok
15:39:00.0514 4092 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:39:00.0515 4092 RDPREFMP - ok
15:39:00.0556 4092 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:39:00.0559 4092 RDPWD - ok
15:39:00.0593 4092 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:39:00.0596 4092 rdyboost - ok
15:39:00.0632 4092 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:39:00.0637 4092 RemoteAccess - ok
15:39:00.0664 4092 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:39:00.0672 4092 RemoteRegistry - ok
15:39:00.0680 4092 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:39:00.0687 4092 RpcEptMapper - ok
15:39:00.0715 4092 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:39:00.0718 4092 RpcLocator - ok
15:39:00.0766 4092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:39:00.0773 4092 RpcSs - ok
15:39:00.0798 4092 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:39:00.0800 4092 rspndr - ok
15:39:00.0834 4092 [ A5DF2F732A6C95554E548FCB6932BD31 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:39:00.0837 4092 RSUSBSTOR - ok
15:39:00.0869 4092 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:39:00.0872 4092 RTL8167 - ok
15:39:00.0877 4092 RtsUIR - ok
15:39:00.0901 4092 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:39:00.0903 4092 SamSs - ok
15:39:00.0948 4092 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:39:00.0950 4092 sbp2port - ok
15:39:00.0981 4092 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:39:00.0988 4092 SCardSvr - ok
15:39:01.0020 4092 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:39:01.0022 4092 scfilter - ok
15:39:01.0085 4092 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:39:01.0102 4092 Schedule - ok
15:39:01.0140 4092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:39:01.0142 4092 SCPolicySvc - ok
15:39:01.0179 4092 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:39:01.0180 4092 sdbus - ok
15:39:01.0223 4092 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:39:01.0227 4092 SDRSVC - ok
15:39:01.0256 4092 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:39:01.0257 4092 secdrv - ok
15:39:01.0286 4092 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:39:01.0290 4092 seclogon - ok
15:39:01.0317 4092 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:39:01.0322 4092 SENS - ok
15:39:01.0331 4092 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:39:01.0335 4092 SensrSvc - ok
15:39:01.0357 4092 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:39:01.0358 4092 Serenum - ok
15:39:01.0378 4092 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:39:01.0380 4092 Serial - ok
15:39:01.0398 4092 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:39:01.0399 4092 sermouse - ok
15:39:01.0451 4092 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:39:01.0459 4092 SessionEnv - ok
15:39:01.0498 4092 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:39:01.0499 4092 sffdisk - ok
15:39:01.0512 4092 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:39:01.0513 4092 sffp_mmc - ok
15:39:01.0525 4092 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:39:01.0526 4092 sffp_sd - ok
15:39:01.0542 4092 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:39:01.0543 4092 sfloppy - ok
15:39:01.0584 4092 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:39:01.0590 4092 ShellHWDetection - ok
15:39:01.0603 4092 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:39:01.0605 4092 SiSRaid2 - ok
15:39:01.0619 4092 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:39:01.0621 4092 SiSRaid4 - ok
15:39:01.0672 4092 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:39:01.0675 4092 SkypeUpdate - ok
15:39:01.0699 4092 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:39:01.0701 4092 Smb - ok
15:39:01.0733 4092 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:39:01.0737 4092 SNMPTRAP - ok
15:39:01.0756 4092 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:39:01.0757 4092 spldr - ok
15:39:01.0793 4092 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:39:01.0800 4092 Spooler - ok
15:39:01.0918 4092 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:39:01.0948 4092 sppsvc - ok
15:39:01.0974 4092 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:39:01.0978 4092 sppuinotify - ok
15:39:02.0025 4092 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:39:02.0029 4092 srv - ok
15:39:02.0053 4092 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:39:02.0056 4092 srv2 - ok
15:39:02.0091 4092 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:39:02.0094 4092 SrvHsfHDA - ok
15:39:02.0137 4092 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:39:02.0147 4092 SrvHsfV92 - ok
15:39:02.0178 4092 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:39:02.0184 4092 SrvHsfWinac - ok
15:39:02.0231 4092 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:39:02.0233 4092 srvnet - ok
15:39:02.0263 4092 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:39:02.0268 4092 SSDPSRV - ok
15:39:02.0275 4092 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:39:02.0280 4092 SstpSvc - ok
15:39:02.0405 4092 [ 7595D53EE8E8B0BAA9A2DDDE867EBB0C ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
15:39:02.0409 4092 STacSV - ok
15:39:02.0421 4092 Steam Client Service - ok
15:39:02.0445 4092 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:39:02.0446 4092 stexstor - ok
15:39:02.0471 4092 [ DFFBC024DFC7BB05B2129E05CBC7A201 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
15:39:02.0476 4092 STHDA - ok
15:39:02.0518 4092 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:39:02.0519 4092 StillCam - ok
15:39:02.0568 4092 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:39:02.0581 4092 stisvc - ok
15:39:02.0624 4092 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:39:02.0625 4092 swenum - ok
15:39:02.0715 4092 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:39:02.0721 4092 SwitchBoard - ok
15:39:02.0761 4092 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:39:02.0768 4092 swprv - ok
15:39:02.0820 4092 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:39:02.0823 4092 SynTP - ok
15:39:02.0900 4092 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:39:02.0919 4092 SysMain - ok
15:39:02.0960 4092 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:39:02.0965 4092 TabletInputService - ok
15:39:03.0007 4092 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:39:03.0013 4092 TapiSrv - ok
15:39:03.0031 4092 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:39:03.0035 4092 TBS - ok
15:39:03.0121 4092 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:39:03.0136 4092 Tcpip - ok
15:39:03.0193 4092 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:39:03.0206 4092 TCPIP6 - ok
15:39:03.0253 4092 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:39:03.0254 4092 tcpipreg - ok
15:39:03.0279 4092 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:39:03.0281 4092 TDPIPE - ok
15:39:03.0309 4092 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:39:03.0310 4092 TDTCP - ok
15:39:03.0343 4092 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:39:03.0345 4092 tdx - ok
15:39:03.0381 4092 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:39:03.0382 4092 TermDD - ok
15:39:03.0435 4092 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:39:03.0448 4092 TermService - ok
15:39:03.0479 4092 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:39:03.0483 4092 Themes - ok
15:39:03.0520 4092 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:39:03.0523 4092 THREADORDER - ok
15:39:03.0539 4092 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:39:03.0544 4092 TrkWks - ok
15:39:03.0600 4092 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:39:03.0603 4092 TrustedInstaller - ok
15:39:03.0642 4092 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:39:03.0644 4092 tssecsrv - ok
15:39:03.0692 4092 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:39:03.0693 4092 TsUsbFlt - ok
15:39:03.0735 4092 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:39:03.0738 4092 tunnel - ok
15:39:03.0766 4092 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:39:03.0768 4092 uagp35 - ok
15:39:03.0812 4092 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:39:03.0815 4092 udfs - ok
15:39:03.0851 4092 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:39:03.0856 4092 UI0Detect - ok
15:39:03.0898 4092 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:39:03.0899 4092 uliagpkx - ok
15:39:03.0937 4092 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:39:03.0938 4092 umbus - ok
15:39:03.0969 4092 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:39:03.0970 4092 UmPass - ok
15:39:04.0004 4092 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:39:04.0015 4092 upnphost - ok
15:39:04.0052 4092 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:39:04.0054 4092 usbaudio - ok
15:39:04.0085 4092 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:39:04.0086 4092 usbccgp - ok
15:39:04.0093 4092 USBCCID - ok
15:39:04.0136 4092 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:39:04.0139 4092 usbcir - ok
15:39:04.0180 4092 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:39:04.0182 4092 usbehci - ok
15:39:04.0205 4092 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:39:04.0208 4092 usbhub - ok
15:39:04.0239 4092 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:39:04.0240 4092 usbohci - ok
15:39:04.0270 4092 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:39:04.0271 4092 usbprint - ok
15:39:04.0310 4092 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:39:04.0311 4092 usbscan - ok
15:39:04.0360 4092 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:39:04.0362 4092 USBSTOR - ok
15:39:04.0403 4092 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:39:04.0405 4092 usbuhci - ok
15:39:04.0451 4092 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:39:04.0453 4092 usbvideo - ok
15:39:04.0485 4092 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:39:04.0490 4092 UxSms - ok
15:39:04.0500 4092 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:39:04.0503 4092 VaultSvc - ok
15:39:04.0515 4092 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:39:04.0517 4092 vdrvroot - ok
15:39:04.0564 4092 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:39:04.0572 4092 vds - ok
15:39:04.0605 4092 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:39:04.0607 4092 vga - ok
15:39:04.0622 4092 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:39:04.0623 4092 VgaSave - ok
15:39:04.0663 4092 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:39:04.0666 4092 vhdmp - ok
15:39:04.0705 4092 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:39:04.0706 4092 viaide - ok
15:39:04.0754 4092 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:39:04.0756 4092 volmgr - ok
15:39:04.0806 4092 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:39:04.0811 4092 volmgrx - ok
15:39:04.0866 4092 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:39:04.0870 4092 volsnap - ok
15:39:04.0892 4092 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:39:04.0896 4092 vsmraid - ok
15:39:04.0971 4092 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:39:04.0995 4092 VSS - ok
15:39:05.0026 4092 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:39:05.0027 4092 vwifibus - ok
15:39:05.0041 4092 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:39:05.0043 4092 vwififlt - ok
15:39:05.0078 4092 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:39:05.0085 4092 W32Time - ok
15:39:05.0101 4092 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:39:05.0103 4092 WacomPen - ok
15:39:05.0138 4092 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:39:05.0139 4092 WANARP - ok
15:39:05.0147 4092 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:39:05.0149 4092 Wanarpv6 - ok
15:39:05.0217 4092 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:39:05.0231 4092 WatAdminSvc - ok
15:39:05.0289 4092 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:39:05.0303 4092 wbengine - ok
15:39:05.0331 4092 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:39:05.0337 4092 WbioSrvc - ok
15:39:05.0384 4092 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:39:05.0394 4092 wcncsvc - ok
15:39:05.0407 4092 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:39:05.0413 4092 WcsPlugInService - ok
15:39:05.0433 4092 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:39:05.0434 4092 Wd - ok
15:39:05.0465 4092 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:39:05.0470 4092 Wdf01000 - ok
15:39:05.0484 4092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:39:05.0489 4092 WdiServiceHost - ok
15:39:05.0569 4092 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:39:05.0577 4092 WdiSystemHost - ok
15:39:05.0729 4092 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:39:05.0738 4092 WebClient - ok
15:39:05.0834 4092 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:39:05.0843 4092 Wecsvc - ok
15:39:05.0862 4092 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:39:05.0867 4092 wercplsupport - ok
15:39:05.0880 4092 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:39:05.0885 4092 WerSvc - ok
15:39:05.0903 4092 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:39:05.0904 4092 WfpLwf - ok
15:39:05.0935 4092 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:39:05.0936 4092 WIMMount - ok
15:39:05.0943 4092 WinHttpAutoProxySvc - ok
15:39:05.0993 4092 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:39:05.0996 4092 Winmgmt - ok
15:39:06.0087 4092 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:39:06.0109 4092 WinRM - ok
15:39:06.0153 4092 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:39:06.0162 4092 Wlansvc - ok
15:39:06.0202 4092 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:39:06.0203 4092 WmiAcpi - ok
15:39:06.0243 4092 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:39:06.0245 4092 wmiApSrv - ok
15:39:06.0266 4092 WMPNetworkSvc - ok
15:39:06.0286 4092 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:39:06.0290 4092 WPCSvc - ok
15:39:06.0331 4092 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:39:06.0337 4092 WPDBusEnum - ok
15:39:06.0356 4092 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:39:06.0357 4092 ws2ifsl - ok
15:39:06.0362 4092 WSearch - ok
15:39:06.0458 4092 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:39:06.0483 4092 wuauserv - ok
15:39:06.0500 4092 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:39:06.0502 4092 WudfPf - ok
15:39:06.0551 4092 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:39:06.0553 4092 WUDFRd - ok
15:39:06.0594 4092 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:39:06.0599 4092 wudfsvc - ok
15:39:06.0637 4092 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:39:06.0646 4092 WwanSvc - ok
15:39:06.0694 4092 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:39:06.0699 4092 yukonw7 - ok
15:39:06.0709 4092 ================ Scan global ===============================
15:39:06.0736 4092 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:39:06.0774 4092 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:39:06.0785 4092 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:39:06.0816 4092 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:39:06.0847 4092 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:39:06.0853 4092 [Global] - ok
15:39:06.0853 4092 ================ Scan MBR ==================================
15:39:06.0861 4092 [ 690392D16E468AEB0555770E94852930 ] \Device\Harddisk0\DR0
15:39:07.0201 4092 \Device\Harddisk0\DR0 - ok
15:39:07.0206 4092 ================ Scan VBR ==================================
15:39:07.0212 4092 [ EA807B5C5796A761C82EE7B36C95CAC7 ] \Device\Harddisk0\DR0\Partition1
15:39:07.0214 4092 \Device\Harddisk0\DR0\Partition1 - ok
15:39:07.0243 4092 [ 24FD409AF72B31CD7CD457FF5B5C45E4 ] \Device\Harddisk0\DR0\Partition2
15:39:07.0244 4092 \Device\Harddisk0\DR0\Partition2 - ok
15:39:07.0272 4092 [ 164C9BD553D70CA6AE6576D30BDBBCE5 ] \Device\Harddisk0\DR0\Partition3
15:39:07.0274 4092 \Device\Harddisk0\DR0\Partition3 - ok
15:39:07.0274 4092 ============================================================
15:39:07.0275 4092 Scan finished
15:39:07.0275 4092 ============================================================
15:39:07.0286 1072 Detected object count: 0
15:39:07.0286 1072 Actual detected object count: 0






Strange thing is C:\$Recycle.Bin\S-1-5-18\ has not been modified since 09/5/2012.

I am currently running Avast (paid version) for my firewall.


Any help would be greatly appreciated.

Edit: Moved topic from Windows 7 to the more appropriate forum, at the recommendation of staff. ~ Animal

Edited by Animal, 07 October 2012 - 03:59 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:25 AM

Posted 07 October 2012 - 03:43 PM

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

#3 szar

szar
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:25 AM

Posted 08 October 2012 - 06:20 AM

Thank you very much for your help. It looks like most of the things that ESET found were false positives but there are definitely some bad injections in here.


aswMBR Logs:



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-07 15:45:32
-----------------------------
15:45:32.638 OS Version: Windows x64 6.1.7601 Service Pack 1
15:45:32.639 Number of processors: 2 586 0x170A
15:45:32.640 ComputerName: SAGE-PC UserName: Sage
15:45:34.357 Initialize success
15:45:37.189 AVAST engine defs: 12100701
15:46:56.380 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:46:56.386 Disk 0 Vendor: WDC_WD3200BEVT-00A0RT0 01.01A01 Size: 305245MB BusType: 11
15:46:56.399 Disk 0 MBR read successfully
15:46:56.404 Disk 0 MBR scan
15:46:56.410 Disk 0 unknown MBR code
15:46:56.421 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
15:46:56.433 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 292633 MB offset 409600
15:46:56.463 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12411 MB offset 599721984
15:46:56.499 Disk 0 scanning C:\Windows\system32\drivers
15:47:10.660 Service scanning
15:47:45.583 Modules scanning
15:47:45.598 Disk 0 trace - called modules:
15:47:45.616 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:47:45.957 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c82060]
15:47:45.967 3 CLASSPNP.SYS[fffff8800109243f] -> nt!IofCallDriver -> [0xfffffa80047bf3f0]
15:47:45.977 5 ACPI.sys[fffff88000f4e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004828060]
15:47:47.324 AVAST engine scan C:\Windows
15:47:49.409 AVAST engine scan C:\Windows\system32
15:50:21.829 AVAST engine scan C:\Windows\system32\drivers
15:50:34.288 AVAST engine scan C:\Users\Sage
15:52:06.235 Disk 0 MBR has been saved successfully to "C:\Users\Sage\Desktop\MBR.dat"
15:52:06.249 The log file has been saved successfully to "C:\Users\Sage\Desktop\aswMBR.txt"
15:52:17.629 File: C:\Users\Sage\AppData\Local\Microsoft\Windows\2275\sqlncli.exe **INFECTED** Win32:Trojan-gen
16:01:32.540 AVAST engine scan C:\ProgramData
16:04:33.423 Scan finished successfully
19:49:56.781 Disk 0 MBR has been saved successfully to "C:\Users\Sage\Desktop\MBR.dat"
19:49:56.793 The log file has been saved successfully to "C:\Users\Sage\Desktop\aswMBR.txt"
19:50:43.802 Disk 0 MBR has been saved successfully to "C:\Users\Sage\Desktop\MBR.dat"
19:50:43.816 The log file has been saved successfully to "C:\Users\Sage\Desktop\aswMBR.txt"


MBAM log:


Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.07.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Sage :: SAGE-PC [administrator]

Protection: Disabled

10/7/2012 4:12:20 PM
mbam-log-2012-10-07 (16-12-20).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 475690
Time elapsed: 2 hour(s), 24 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




ESET:


C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9I7650QI\Titanic_widesrceen.exe multiple threats cleaned by deleting - quarantined
C:\Users\Sage\AppData\Local\Microsoft\Windows\2275\sqlncli.exe Win32/TrojanDownloader.Retacino.A trojan cleaned by deleting - quarantined
C:\Users\Sage\AppData\Roaming\Article Marketing Robot\results\joey@mixedmartialartssupply.com-3-10068.html HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Sage\AppData\Roaming\Article Marketing Robot\results\joey@mixedmartialartssupply.com-3-2055.html HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Sage\AppData\Roaming\Article Marketing Robot\results\joey@mixedmartialartssupply.com-3-3785.html HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Sage\AppData\Roaming\Article Marketing Robot\results\joey@mixedmartialartssupply.com-3-4745.html HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Sage\AppData\Roaming\Article Marketing Robot\results\joey@mixedmartialartssupply.com-3-7361.html HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Sage\AppData\Roaming\Article Marketing Robot\results\joey@mixedmartialartssupply.com-7399.html HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Sage\AppData\Roaming\Article Marketing Robot\results\joey@mixedmartialartssupply.com-8746.html HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Users\Sage\Desktop\Biz\Scripts\FlexSqueeze\flexsqueeze140.zip PHP/Obfuscated.D application deleted - quarantined
C:\Users\Sage\Downloads\Apps&Plugins\WordpressThemes\flexibility3.zip PHP/Obfuscated.D application deleted - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:25 AM

Posted 08 October 2012 - 07:38 AM

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 szar

szar
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:25 AM

Posted 08 October 2012 - 09:08 AM

Thank you again for you incredibly fast replies, here are the logs:


Minitoolbox Log:


MiniToolBox by Farbar Version: 23-07-2012
Ran by Sage (administrator) on 08-10-2012 at 08:28:17
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 177.54.31.2:3128

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)
Intel® WiFi Link 1000 BGN = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Sage-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mh.org

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 00-1E-64-2A-F4-A0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : mh.org
Description . . . . . . . . . . . : Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-9E-43-EC-A7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::410a:680:b709:7346%10(Preferred)
IPv4 Address. . . . . . . . . . . : 10.31.75.143(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, October 08, 2012 8:25:58 AM
Lease Expires . . . . . . . . . . : Tuesday, October 16, 2012 8:25:58 AM
Default Gateway . . . . . . . . . : 10.31.75.1
DHCP Server . . . . . . . . . . . : 10.9.81.10
DHCPv6 IAID . . . . . . . . . . . : 234890910
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-9A-E1-B4-00-26-9E-43-EC-A7
DNS Servers . . . . . . . . . . . : 10.9.203.166
10.54.3.34
10.9.203.176
Primary WINS Server . . . . . . . : 10.9.64.52
Secondary WINS Server . . . . . . : 10.54.3.36
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.tx.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3DC90021-B8C9-42BC-B7FB-B45A8BA8812E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: mhdc01.mh.org
Address: 10.9.203.166

Name: google.com
Addresses: 2607:f8b0:4009:801::1006
74.125.225.67
74.125.225.68
74.125.225.72
74.125.225.78
74.125.225.71
74.125.225.69
74.125.225.70
74.125.225.65
74.125.225.73
74.125.225.64
74.125.225.66


Pinging google.com [74.125.225.68] with 32 bytes of data:
Reply from 74.125.225.68: bytes=32 time=38ms TTL=47
Reply from 74.125.225.68: bytes=32 time=37ms TTL=47

Ping statistics for 74.125.225.68:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 38ms, Average = 37ms
Server: mhdc01.mh.org
Address: 10.9.203.166

Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=76ms TTL=48
Reply from 98.138.253.109: bytes=32 time=52ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 52ms, Maximum = 76ms, Average = 64ms
Server: mhdc01.mh.org
Address: 10.9.203.166

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 1e 64 2a f4 a0 ......Intel® WiFi Link 1000 BGN
10...00 26 9e 43 ec a7 ......Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.31.75.1 10.31.75.143 20
10.31.75.0 255.255.255.0 On-link 10.31.75.143 276
10.31.75.143 255.255.255.255 On-link 10.31.75.143 276
10.31.75.255 255.255.255.255 On-link 10.31.75.143 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.31.75.143 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.31.75.143 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::410a:680:b709:7346/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/08/2012 06:15:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/07/2012 10:16:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/07/2012 06:50:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21170

Error: (10/07/2012 06:50:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21170

Error: (10/07/2012 06:50:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/07/2012 06:50:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20140

Error: (10/07/2012 06:50:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20140

Error: (10/07/2012 06:50:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/07/2012 06:50:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19142

Error: (10/07/2012 06:50:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19142


System errors:
=============
Error: (10/07/2012 08:08:55 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/07/2012 08:08:55 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/07/2012 07:47:43 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/07/2012 07:47:43 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/07/2012 01:53:22 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/07/2012 01:53:22 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/07/2012 01:51:06 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/07/2012 01:51:06 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/07/2012 01:51:05 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (10/07/2012 01:51:05 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (10/08/2012 06:15:27 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Sage\Downloads\esetsmartinstaller_enu.exe

Error: (10/07/2012 10:16:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/07/2012 06:50:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21170

Error: (10/07/2012 06:50:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21170

Error: (10/07/2012 06:50:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/07/2012 06:50:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20140

Error: (10/07/2012 06:50:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20140

Error: (10/07/2012 06:50:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/07/2012 06:50:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19142

Error: (10/07/2012 06:50:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19142


=========================== Installed Programs ============================

µTorrent (Version: 2.2.0)
Ace Explorer (remove only)
Acute Email IDs Production Engine 9.3 (premium edition)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.4)
Adobe AIR (Version: 3.4.0.2540)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Web Premium (Version: 5.5)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe SVG Viewer 3.0 (Version: 3.0)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
AIM 7
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Article Marketing Robot (Version: 1.1.072)
AutoHotkey 1.0.48.05 (Version: 1.0.48.05)
avast! Internet Security (Version: 7.0.1466.0)
Bonjour (Version: 3.0.0.10)
Bullzip PDF Printer 7.2.0.1304 (Version: 7.2.0.1304)
Camtasia Studio 7 (Version: 7.0.0)
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP620 series MP Drivers
CCleaner (Version: 3.21)
Choice Guard (Version: 1.2.87.0)
Cisco Connect (Version: 1.4.11160.2)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Copernic Agent Basic
CyberLink DVD Suite (Version: 6.0.3101)
CyberLink YouCam (Version: 2.0.3115)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
digiXMAS Submitter 3.7.3
Download Updater (AOL LLC)
ESET Online Scanner v3
FileZilla Client 3.5.1 (Version: 3.5.1)
FLV Player (Version: 2.0.25)
Freecorder (Version: 4.1)
Google Chrome (Version: 22.0.1229.79)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
GoToMeeting 5.2.0.952 (Version: 5.2.0.952)
GPL Ghostscript Lite 8.70
GSiteCrawler (Version: v1.23)
HP DVD Play 3.7 (Version: 3.7.0.6623)
HP Quick Launch Buttons (Version: 6.50.4.1)
HP Smart Web Printing (Version: 131.1.35898)
HP Update (Version: 5.001.000.014)
HP User Guides 0148 (Version: 1.01.0005)
HP Wireless Assistant (Version: 3.50.9.1)
IDT Audio (Version: 1.0.6225.0)
InstantArticleWizard
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
JDownloader (Version: 0.89)
Jing (Version: 2.6.12032.1)
LightScribe System Software (Version: 1.18.6.1)
LSI HDA Modem (Version: 2.1.94)
Magical Jelly Bean KeyFinder (Version: 2.0.9.5)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Market Samurai (Version: 0.92.17)
Micro Niche Finder 5.0 (Version: 5.7.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee Reveal (Version: 7.0.40.10061)
Notepad++ (Version: 5.8.5)
Opera 11.51 (Version: 11.51.1087)
OptiTools
PDF Settings CS5 (Version: 10.0)
PowerRecover (Version: 5.5.1923)
Proxy Goblin (Version: 1.9.5)
QLBCASL (Version: 6.40.17.2)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0007)
Realtek USB 2.0 Card Reader (Version: 6.1.7100.30094)
Robin Good's RSSTop55 Plug-in for RSS Submit v1.5
RSS Submit RSS Submit SEO Expansion Pack v1.2
RSS Submit v3.14
S3 Ripper 1.3
Safari (Version: 5.34.57.2)
SEO Link Robot Pro 2.1.3.0 (Version: 2.1.3.0)
SEO Link Robot Pro 2.2.3.0 (Version: 2.2.3.0)
SEO PowerSuite
Sid Meier's Civilization V
Skype™ 5.10 (Version: 5.10.116)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
TheBestSpinner3
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8064.0206)
Windows Live Essentials (Version: 14.0.8064.206)
Windows Live Messenger (Version: 14.0.8064.0206)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
Xenu's Link Sleuth (Version: 1.3.8)

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 3998.93 MB
Available physical RAM: 1652.13 MB
Total Pagefile: 7996.04 MB
Available Pagefile: 5396.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.35 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:285.77 GB) (Free:154.05 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.12 GB) (Free:2.02 GB) NTFS

========================= Users: ========================================

User accounts for \\SAGE-PC

Administrator Guest Sage

========================= Restore Points ==================================

25-09-2012 20:27:14 Windows Update
30-09-2012 12:11:34 Windows Update
01-10-2012 03:44:12 Windows Backup
04-10-2012 17:18:43 Removed Market Samurai
04-10-2012 17:52:23 aftervirus
08-10-2012 00:48:36 Windows Backup

**** End of log ****




Farbar Service Scanner Log:


Farbar Service Scanner Version: 07-10-2012
Ran by Sage (administrator) on 08-10-2012 at 08:30:20
Running from "C:\Users\Sage\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Adware Cleaner Log:

# AdwCleaner v2.004 - Logfile created 10/08/2012 at 08:39:13
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Sage - SAGE-PC
# Boot Mode : Normal
# Running from : C:\Users\Sage\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v11.0 (en-US)

Profile name : default
File : C:\Users\Sage\AppData\Roaming\Mozilla\Firefox\Profiles\ktv737cu.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v22.0.1229.79

File : C:\Users\Sage\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.51.1087.0

File : C:\Users\Sage\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [947 octets] - [08/10/2012 08:39:13]

########## EOF - C:\AdwCleaner[S2].txt - [1006 octets] ##########




Junkware Removal Tool Log:


Junkware Removal Tool (JRT) by Thisisu
Version: 1.3.2 (10.08.2012)
OS: Windows 7 Home Premium x64
Ran by Sage on Mon 10/08/2012 at 9:02:41.06
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders:

Successfully deleted: [FOLDER] "C:\Program Files (x86)\freecorder"
Successfully deleted: [FOLDER] "C:\Windows\freecorder"



*** FireFox detected and repaired

Successfully deleted: [EXTENSION VALUE] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\smartwebprinting@hp.com
Successfully deleted: [PROFILE XML] bing-zugo.xml


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Mon 10/08/2012 at 9:03:16.55
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:25 AM

Posted 08 October 2012 - 09:12 AM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

Edited by narenxp, 08 October 2012 - 10:29 AM.


#7 szar

szar
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:25 AM

Posted 08 October 2012 - 10:28 AM

Well done!!! It looks like that did it unless you would like me to do anything else. Also I didn't need to configure anything extra the Error 0x80070424 is gone and the Windows Firewall is currently running well.


FSS Log:


Farbar Service Scanner Version: 07-10-2012
Ran by Sage (administrator) on 08-10-2012 at 10:11:53
Running from "C:\Users\Sage\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Rkill Log:


Farbar Service Scanner Version: 07-10-2012
Ran by Sage (administrator) on 08-10-2012 at 10:11:53
Running from "C:\Users\Sage\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



AutoRuns Log:


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 8.0" "AcroTray" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrotray.exe"
+ "Adobe Acrobat Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrobat_sl.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AdobeCS5.5ServiceManager" "Adobe CS5.5 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\alwil software\avast5\avastui.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Malwarebytes' Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "LightScribe Control Panel" "" "Hewlett-Packard Company" "c:\program files (x86)\common files\lightscribe\lsrunonce.exe"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\sage\appdata\local\google\update\googleupdate.exe"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashsha64.dll"
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files (x86)\magiciso\misosh64.dll"
+ "Notepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files (x86)\notepad++\nppshell_04.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashsha64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files (x86)\magiciso\misosh64.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext_64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "FileZilla3CopyHook" "fzshellext Dynamic Link Library" "" "c:\program files (x86)\filezilla ftp client\fzshellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashsha64.dll"
+ "MagicISO" "MagicISO Shell Extension Module" "MagicISO, Inc." "c:\program files (x86)\magiciso\misosh64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashshell.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\alwil software\avast5\ashsha64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\alwil software\avast5\aswwebrepie64.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\alwil software\avast5\aswwebrepie.dll"
+ "ContributeBHO Class" "Contribute IE Plugin" "Adobe Systems, Inc." "c:\program files (x86)\adobe\adobe contribute cs5.1\plugins\ieplugin\contributeieplugin.dll"
+ "HP Print Enhancer" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\alwil software\avast5\aswwebrepie64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\alwil software\avast5\aswwebrepie.dll"
+ "Contribute Toolbar" "Contribute IE Plugin" "Adobe Systems, Inc." "c:\program files (x86)\adobe\adobe contribute cs5.1\plugins\ieplugin\contributeieplugin.dll"
+ "Copernic Agent" "Copernic Agent Extensions" "Copernic Technologies Inc." "c:\program files (x86)\copernic agent\copernicagentext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Copernic Agent" "Copernic Agent" "Copernic Technologies Inc." "c:\program files (x86)\copernic agent\copernicagent.exe"
+ "Launch Copernic Agent" "Copernic Agent" "Copernic Technologies Inc." "c:\program files (x86)\copernic agent\copernicagent.exe"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll"
"Task Scheduler" "" "" ""
+ "\AdobeAAMUpdater-1.0-Sage-PC-Sage" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3063276315-288325674-2759748799-1001Core" "Google Installer" "Google Inc." "c:\users\sage\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3063276315-288325674-2759748799-1001UA" "Google Installer" "Google Inc." "c:\users\sage\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\RecoveryCDWin7" "" "" "File not found: C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AESTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\aestsr64.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\alwil software\avast5\avastsvc.exe"
+ "avast! Firewall" "Implements main functionality for avast! Firewall" "AVAST Software" "c:\program files\alwil software\avast5\afwserv.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "SwitchBoard" "Adobe SwitchBoard" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "AgereSoftModem" "SoftModem Device Driver" "LSI Corporation" "c:\windows\system32\drivers\agrsm64.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswFW" "avast! TDI Firewall driver" "AVAST Software" "c:\windows\system32\drivers\aswfw.sys"
+ "aswKbd" "avast! keyboard filter driver (aswKbd)" "AVAST Software" "c:\windows\system32\drivers\aswkbd.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "aswNdis" "avast! Filtering NDIS driver" "ALWIL Software" "c:\windows\system32\drivers\aswndis.sys"
+ "aswNdis2" "avast! Firewall Core Firewall Service" "AVAST Software" "c:\windows\system32\drivers\aswndis2.sys"
+ "aswRdr" "avast! WFP Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr2.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpqKbFiltr" "HpqKbFiltr Keyboard Filter Driver" "Hewlett-Packard Development Company, L.P." "c:\windows\system32\drivers\hpqkbfiltr.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mcdbus" "MagicISO SCSI Host Controller" "MagicISO, Inc." "c:\windows\system32\drivers\mcdbus.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "NETw1v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw1v64.sys"
+ "NETw5s64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s64.sys"
+ "netw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSUSBSTOR" "Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtsustor.sys"
+ "RTL8167" "Realtek 8101E/8168/8169 NDIS 6.20 64-bit Driver " "Realtek Corporation " "c:\windows\system32\drivers\rt64win7.sys"
+ "RtsUIR" "" "" "File not found: system32\DRIVERS\Rts516xIR.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "USBCCID" "" "" "File not found: system32\DRIVERS\RtsUCcid.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "iZotope Consumer Restoration" "iZotope Consumer Restoration" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_consumerrestoration.dll"
+ "iZotope Vocal Enhancement" "iZotope Vocal Enhancement" "iZotope, Inc." "c:\program files (x86)\common files\techsmith shared\izotope\izotope_vocalenhancement.dll"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith\camtasia studio 7\lame_dshow.ax"
+ "MainConcept (Muvee) MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveemp4demux.ax"
+ "MainConcept (Muvee) MP4 Multiplexer" "MPEG-4 Multiplexer Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveemp4mux.ax"
+ "MainConcept (Muvee) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveempgdmx.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "QP LPCM Decoder 64 Bit" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\cllpcmaud64.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "CyberLink Audio Decoder (QP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\claud.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\claudiocd.ax"
+ "CyberLink DVD Navigator (QP3)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter (QP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clline21.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\yctlmsplter.ax"
+ "Cyberlink Track Filter" "Cyberlink Track Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\yctrack.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\hp\quickplay\kernel\movie\clvidfx.ax"
+ "CyberLink Video Regulator" "Video Regulator" "Cyberlink" "c:\program files (x86)\cyberlink\youcam\ycrgl.ax"
+ "CyberLink Video/SP Decoder (QP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\clvsd.ax"
+ "CyberLink WebCamera NULL Render" "CLWEBCAMERARENDER" "CyberLink" "c:\program files (x86)\cyberlink\youcam\ycwebcamerarender.ax"
+ "CyberLink WMV Dumper" "CLWMVDump Dynamic Link Library" "" "c:\program files (x86)\cyberlink\youcam\ycwmvdump.ax"
+ "LAME Audio Encoder" "LAME Audio Encoder" "" "c:\program files (x86)\techsmith\camtasia studio 7\lame_dshow.ax"
+ "MainConcept (Muvee Consumer) AVC/H.264 Video Decoder" "AVC/H.264 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveestdavcvd.ax"
+ "MainConcept (Muvee) AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveedaac.ax"
+ "MainConcept (Muvee) MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveemp4demux.ax"
+ "MainConcept (Muvee) MP4 Multiplexer" "MPEG-4 Multiplexer Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveemp4mux.ax"
+ "MainConcept (Muvee) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveempgdmx.ax"
+ "MainConcept (Muvee) MPEG Multiplexer" "MPEG Multiplexer" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveemuxmpeg.ax"
+ "MainConcept (Muvee) MPEG Multiplexer-Plus" "MPEG Multiplexer-Plus DS Filter" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveempeg2mux.ax"
+ "MainConcept (Muvee) MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveem2vd.ax"
+ "MainConcept (Muvee) Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muveempgdmx.ax"
+ "MainConcept (Muvee2) Layer II Audio Decoder" "Layer II Audio Decoder" "MainConcept GmbH" "c:\program files (x86)\common files\muvee technologies\mainconcept3(muvee)\muvee2l2ad.ax"
+ "MainConcept MPEG Audio Encoder" "MPEG Audio Encoder" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\071203\mvburnerdll\mceampeg.ax"
+ "MainConcept MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\071203\mvburnerdll\mcesmpeg.ax"
+ "MainConcept MPEG Multiplexer" "MPEG Multiplexer" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\071203\mvburnerdll\mcmuxmpeg.ax"
+ "MainConcept MPEG Splitter" "Mpeg I/II Splitter" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\071203\mvburnerdll\mcspmpeg.ax"
+ "MainConcept MPEG Video Encoder" "MPEG Video Encoder" "MainConcept AG" "c:\program files (x86)\common files\muvee technologies\071203\mvburnerdll\mcevmpeg.ax"
+ "MediaWriter Filter" "MediaWriter Filter" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\mediawriter.ax"
+ "MES Audio Source" "MESAudio Dynamic Link Library" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\mesaudiosource.ax"
+ "MES Video Source" "MESVideo Dynamic Link Library" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\mesvideosource.ax"
+ "muvee Audio Scope" "Audio Scope Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\mvaudioscope.ax"
+ "muvee Deinterlace Filter" "mvDeInte Dynamic Link Library" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\mvdeinterlace.ax"
+ "muvee FileDump Filter" "muvee FileDump Filter" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\mvfiledump.ax"
+ "muvee Music Analyser" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\mvmanalyse.ax"
+ "muvee Source Filter" "muveeSource Module" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\muveesource.ax"
+ "muvee Video Analyser" "Video Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\mvvanalyse.ax"
+ "muvee WAV Encoder" "muvee WAV Encoder Filter for muvee Reveal" "muvee Technologies Pte Ltd" "c:\program files (x86)\common files\muvee technologies\071203\mvwavencoder.ax"
+ "QuickPlay Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\claudwizard.ax"
+ "QuickPlay Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files (x86)\hp\quickplay\kernel\movie\cldemuxer.ax"
+ "QuickTime Encoder" "" "" "c:\program files (x86)\common files\muvee technologies\071203\quicktimesink.ax"
+ "QuickTime Source Filter" "QuickTim Dynamic Link Library" "" "c:\program files (x86)\common files\muvee technologies\071203\quicktimesource.dll"
+ "TechSmith Camera Adjust" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith File Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Floating Point Wave Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Flv Key Frame Setter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Force Color32A" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 24" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 32" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 555" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 565" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ForceColor 8" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Frame Rate Tuner" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Frame Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Image Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Overlay" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Perf Skip Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith PushVMR Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "Techsmith Quicktime MOV Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Simple PIP" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith SimplePushBitmap Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Sound Effects Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Splitter Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "Techsmith Structured Storage Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith SWF Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Time Adjust" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Title Source" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Wave Buffer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith Wave Dest" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith WMFSDK Writer" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "TechSmith ZoomPIP Filter" "Camtasia Studio DirectShow Filters" "TechSmith Corporation" "c:\program files (x86)\techsmith\camtasia studio 7\camtasiafilters.dll"
+ "YC_EVRWindow" "CLEvr" "CyberLink Corp." "c:\program files (x86)\cyberlink\youcam\ycevr.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
+ "Bullzip PDF Print Monitor" "Bullzip PDF Writer" "Bullzip" "c:\windows\system32\bzpdf.dll"
+ "Canon BJ Language Monitor MP620 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm9d.dll"
+ "Canon BJNP Port" "Canon IJ Network 64bit comm Module" "CANON INC." "c:\windows\system32\cnmn6ppm.dll"
"C:\Users\Sage\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "All CPU Meter" "The All Cpu Meter will show you all core cpu usage(24 Core, 16 Core, 12 Core, 8 Core, 6 Core, 4 Core, 3 Core, 2 Core, 1 Core),Temperatures and RAM usage. It also displayes all core usage history." "AddGadget.com" "C:\Users\Sage\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\Gadget.xml"







Also I hate to bother you further but I just wanted to get your advice:

1. I have Mbam pro and Avast pro is this good enough?
2. Also would there be any issues running Avast Firewall and Windows Firewall concurrently? (I don't mind a small hit to performance.)


Anyways again, thank you very much.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:25 AM

Posted 08 October 2012 - 10:32 AM

RKILL log?

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here



1. I have Mbam pro and Avast pro is this good enough?


Yes

2. Also would there be any issues running Avast Firewall and Windows Firewall concurrently? (I don't mind a small hit to performance.)


You should not run both the firewalls together.Disable windows firewall.You dont need it when avast firewall is active.

#9 szar

szar
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:25 AM

Posted 08 October 2012 - 10:42 AM

Very good to know I will disable the Windows Firewall now. Thank you so much. If you would like me to do anything else please let me know.


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/08/2012 10:12:46 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 10/08/2012 10:13:03 AM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:25 AM

Posted 08 October 2012 - 10:43 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users