Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Java virus


  • Please log in to reply
11 replies to this topic

#1 pete301

pete301

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 12 October 2012 - 08:30 AM

Hey guys,

I recently had my scheduled AVira antivirus scan show me that I had a JAVA/Paladin.A virus. This has only come up within the last day or two as I have a scheduled scan every day (sometimes I skip the scan if I am using the computer when the scan starts) so I hope that it hasn't spread or anything. It states that I have 5 detections and that they are in the Java folder. I have just checked for out of date java installations and found that I had one that is a couple of months old and have now uninstalled that version. I am now about to update java.

I let AVira quarantine the virus, but I would like to purge the virus if that is possible, and make sure that my computer is clean. I am now running a MBAM scan to see if that shows anything.

Thanks in advance,
Pete

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 PM

Posted 12 October 2012 - 10:41 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 pete301

pete301
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 12 October 2012 - 02:42 PM

Hi, thanks for the swift reply :D

TDSS Killer log:

18:28:20.0747 5544 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:28:20.0887 5544 ============================================================
18:28:20.0887 5544 Current date / time: 2012/10/12 18:28:20.0887
18:28:20.0887 5544 SystemInfo:
18:28:20.0887 5544
18:28:20.0887 5544 OS Version: 6.1.7601 ServicePack: 1.0
18:28:20.0887 5544 Product type: Workstation
18:28:20.0887 5544 ComputerName: PETE-PC
18:28:20.0887 5544 UserName: Pete
18:28:20.0887 5544 Windows directory: C:\Windows
18:28:20.0887 5544 System windows directory: C:\Windows
18:28:20.0887 5544 Running under WOW64
18:28:20.0887 5544 Processor architecture: Intel x64
18:28:20.0887 5544 Number of processors: 4
18:28:20.0887 5544 Page size: 0x1000
18:28:20.0887 5544 Boot type: Normal boot
18:28:20.0887 5544 ============================================================
18:28:27.0814 5544 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:28:27.0829 5544 Drive \Device\Harddisk1\DR1 - Size: 0x2E93D2DE00 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:28:27.0845 5544 Drive \Device\Harddisk2\DR2 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:28:27.0861 5544 ============================================================
18:28:27.0861 5544 \Device\Harddisk0\DR0:
18:28:27.0861 5544 MBR partitions:
18:28:27.0861 5544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D090000
18:28:27.0861 5544 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3D090800, BlocksNum 0x3D090000
18:28:27.0861 5544 \Device\Harddisk1\DR1:
18:28:27.0861 5544 MBR partitions:
18:28:27.0861 5544 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x17499EC1
18:28:27.0861 5544 \Device\Harddisk2\DR2:
18:28:27.0861 5544 MBR partitions:
18:28:27.0861 5544 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E1EDEC
18:28:27.0876 5544 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x4E1EE6A, BlocksNum 0x4E1EDEC
18:28:27.0892 5544 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x9C3DC95, BlocksNum 0x2CA58B63
18:28:27.0892 5544 \Device\Harddisk2\DR2\Partition4: MBR, Type 0x7, StartLBA 0x36696800, BlocksNum 0x3CEE000
18:28:27.0892 5544 ============================================================
18:28:27.0985 5544 C: <-> \Device\Harddisk2\DR2\Partition1
18:28:28.0001 5544 D: <-> \Device\Harddisk2\DR2\Partition2
18:28:28.0032 5544 E: <-> \Device\Harddisk2\DR2\Partition3
18:28:28.0063 5544 F: <-> \Device\Harddisk2\DR2\Partition4
18:28:28.0095 5544 H: <-> \Device\Harddisk1\DR1\Partition1
18:28:28.0110 5544 I: <-> \Device\Harddisk0\DR0\Partition1
18:28:28.0126 5544 K: <-> \Device\Harddisk0\DR0\Partition2
18:28:28.0126 5544 ============================================================
18:28:28.0126 5544 Initialize success
18:28:28.0126 5544 ============================================================
18:28:32.0712 5284 ============================================================
18:28:32.0712 5284 Scan started
18:28:32.0712 5284 Mode: Manual;
18:28:32.0712 5284 ============================================================
18:28:40.0154 5284 ================ Scan system memory ========================
18:28:40.0154 5284 System memory - ok
18:28:40.0154 5284 ================ Scan services =============================
18:28:40.0388 5284 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE H:\Applications\Antivirus\Super Anti Spyware\SASCORE64.EXE
18:28:40.0388 5284 !SASCORE - ok
18:28:40.0668 5284 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:28:40.0684 5284 1394ohci - ok
18:28:40.0700 5284 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:28:40.0700 5284 ACPI - ok
18:28:40.0715 5284 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:28:40.0715 5284 AcpiPmi - ok
18:28:40.0809 5284 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:28:40.0809 5284 AdobeARMservice - ok
18:28:40.0871 5284 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:28:40.0871 5284 AdobeFlashPlayerUpdateSvc - ok
18:28:40.0918 5284 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:28:40.0949 5284 adp94xx - ok
18:28:40.0965 5284 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:28:40.0980 5284 adpahci - ok
18:28:40.0980 5284 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:28:40.0996 5284 adpu320 - ok
18:28:41.0012 5284 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:28:41.0012 5284 AeLookupSvc - ok
18:28:41.0043 5284 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:28:41.0058 5284 AFD - ok
18:28:41.0074 5284 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:28:41.0074 5284 agp440 - ok
18:28:41.0105 5284 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:28:41.0121 5284 ALG - ok
18:28:41.0136 5284 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:28:41.0136 5284 aliide - ok
18:28:41.0168 5284 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:28:41.0168 5284 AMD External Events Utility - ok
18:28:41.0183 5284 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:28:41.0183 5284 amdide - ok
18:28:41.0199 5284 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:28:41.0199 5284 AmdK8 - ok
18:28:41.0417 5284 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:28:41.0682 5284 amdkmdag - ok
18:28:41.0714 5284 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:28:41.0714 5284 amdkmdap - ok
18:28:41.0729 5284 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:28:41.0729 5284 AmdPPM - ok
18:28:41.0776 5284 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:28:41.0776 5284 amdsata - ok
18:28:41.0792 5284 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:28:41.0792 5284 amdsbs - ok
18:28:41.0807 5284 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:28:41.0807 5284 amdxata - ok
18:28:41.0870 5284 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService H:\Applications\Antivirus\Avira\AntiVir Desktop\sched.exe
18:28:41.0870 5284 AntiVirSchedulerService - ok
18:28:41.0885 5284 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService H:\Applications\Antivirus\Avira\AntiVir Desktop\avguard.exe
18:28:41.0885 5284 AntiVirService - ok
18:28:41.0901 5284 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:28:41.0901 5284 AppID - ok
18:28:41.0916 5284 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:28:41.0916 5284 AppIDSvc - ok
18:28:41.0932 5284 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:28:41.0948 5284 Appinfo - ok
18:28:41.0994 5284 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:28:41.0994 5284 Apple Mobile Device - ok
18:28:42.0010 5284 [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
18:28:42.0010 5284 AppleCharger - ok
18:28:42.0026 5284 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
18:28:42.0041 5284 AppleChargerSrv - ok
18:28:42.0072 5284 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:28:42.0072 5284 AppMgmt - ok
18:28:42.0119 5284 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:28:42.0119 5284 arc - ok
18:28:42.0135 5284 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:28:42.0135 5284 arcsas - ok
18:28:42.0228 5284 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:28:42.0228 5284 aspnet_state - ok
18:28:42.0244 5284 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:28:42.0244 5284 AsyncMac - ok
18:28:42.0260 5284 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:28:42.0260 5284 atapi - ok
18:28:42.0306 5284 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:28:42.0322 5284 AtiHDAudioService - ok
18:28:42.0353 5284 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:28:42.0353 5284 AudioEndpointBuilder - ok
18:28:42.0369 5284 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:28:42.0369 5284 AudioSrv - ok
18:28:42.0416 5284 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:28:42.0416 5284 avgntflt - ok
18:28:42.0462 5284 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:28:42.0462 5284 avipbb - ok
18:28:42.0478 5284 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:28:42.0478 5284 avkmgr - ok
18:28:42.0509 5284 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:28:42.0509 5284 AxInstSV - ok
18:28:42.0556 5284 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:28:42.0572 5284 b06bdrv - ok
18:28:42.0603 5284 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:28:42.0618 5284 b57nd60a - ok
18:28:42.0650 5284 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:28:42.0650 5284 BDESVC - ok
18:28:42.0665 5284 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:28:42.0665 5284 Beep - ok
18:28:42.0712 5284 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:28:42.0728 5284 BFE - ok
18:28:42.0759 5284 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:28:42.0790 5284 BITS - ok
18:28:42.0790 5284 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:28:42.0806 5284 blbdrive - ok
18:28:42.0868 5284 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:28:42.0868 5284 Bonjour Service - ok
18:28:42.0915 5284 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:28:42.0915 5284 bowser - ok
18:28:42.0946 5284 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:28:42.0946 5284 BrFiltLo - ok
18:28:42.0962 5284 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:28:42.0962 5284 BrFiltUp - ok
18:28:42.0977 5284 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:28:42.0977 5284 Browser - ok
18:28:42.0993 5284 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:28:42.0993 5284 Brserid - ok
18:28:43.0008 5284 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:28:43.0008 5284 BrSerWdm - ok
18:28:43.0008 5284 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:28:43.0008 5284 BrUsbMdm - ok
18:28:43.0024 5284 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:28:43.0024 5284 BrUsbSer - ok
18:28:43.0040 5284 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:28:43.0055 5284 BTHMODEM - ok
18:28:43.0086 5284 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:28:43.0086 5284 bthserv - ok
18:28:43.0102 5284 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:28:43.0102 5284 cdfs - ok
18:28:43.0133 5284 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:28:43.0133 5284 cdrom - ok
18:28:43.0164 5284 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:28:43.0164 5284 CertPropSvc - ok
18:28:43.0164 5284 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:28:43.0180 5284 circlass - ok
18:28:43.0196 5284 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:28:43.0211 5284 CLFS - ok
18:28:43.0258 5284 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:28:43.0258 5284 clr_optimization_v2.0.50727_32 - ok
18:28:43.0289 5284 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:28:43.0289 5284 clr_optimization_v2.0.50727_64 - ok
18:28:43.0523 5284 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:28:43.0523 5284 clr_optimization_v4.0.30319_32 - ok
18:28:43.0539 5284 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:28:43.0539 5284 clr_optimization_v4.0.30319_64 - ok
18:28:43.0570 5284 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:28:43.0570 5284 CmBatt - ok
18:28:43.0586 5284 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:28:43.0601 5284 cmdide - ok
18:28:43.0632 5284 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:28:43.0632 5284 CNG - ok
18:28:43.0648 5284 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:28:43.0648 5284 Compbatt - ok
18:28:43.0664 5284 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:28:43.0664 5284 CompositeBus - ok
18:28:43.0679 5284 COMSysApp - ok
18:28:43.0742 5284 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:28:43.0742 5284 cphs - ok
18:28:43.0773 5284 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
18:28:43.0773 5284 cpuz135 - ok
18:28:43.0788 5284 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:28:43.0788 5284 crcdisk - ok
18:28:43.0851 5284 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
18:28:43.0898 5284 Creative Audio Engine Licensing Service - ok
18:28:43.0944 5284 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:28:43.0944 5284 CryptSvc - ok
18:28:43.0976 5284 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:28:43.0991 5284 CSC - ok
18:28:44.0022 5284 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:28:44.0038 5284 CscService - ok
18:28:44.0069 5284 [ 69CDBA2B9C397E349A04FA70DD9170A2 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
18:28:44.0069 5284 CTAudSvcService - ok
18:28:44.0116 5284 [ EC4DC5382F53386002F9B74587321EAD ] dalwdmservice C:\Windows\system32\drivers\dalwdm.sys
18:28:44.0116 5284 dalwdmservice - ok
18:28:44.0147 5284 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:28:44.0163 5284 DcomLaunch - ok
18:28:44.0194 5284 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:28:44.0194 5284 defragsvc - ok
18:28:44.0241 5284 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:28:44.0241 5284 DfsC - ok
18:28:44.0272 5284 [ 18FE76610C8AB90340D3BDDB4F48BD49 ] DGUSBAP C:\Windows\system32\DRIVERS\dgmbx2.sys
18:28:44.0272 5284 DGUSBAP - ok
18:28:44.0288 5284 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:28:44.0303 5284 Dhcp - ok
18:28:44.0334 5284 [ CC3B49B032527C7E7DFDAB8946E80E9C ] DigiNet C:\Windows\system32\DRIVERS\diginet.sys
18:28:44.0334 5284 DigiNet - ok
18:28:44.0350 5284 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:28:44.0350 5284 discache - ok
18:28:44.0381 5284 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:28:44.0381 5284 Disk - ok
18:28:44.0397 5284 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:28:44.0397 5284 dmvsc - ok
18:28:44.0428 5284 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:28:44.0428 5284 Dnscache - ok
18:28:44.0459 5284 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:28:44.0475 5284 dot3svc - ok
18:28:44.0475 5284 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:28:44.0475 5284 DPS - ok
18:28:44.0506 5284 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:28:44.0506 5284 drmkaud - ok
18:28:44.0537 5284 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:28:44.0553 5284 DXGKrnl - ok
18:28:44.0584 5284 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:28:44.0584 5284 EapHost - ok
18:28:44.0646 5284 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:28:44.0724 5284 ebdrv - ok
18:28:44.0771 5284 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:28:44.0771 5284 EFS - ok
18:28:44.0818 5284 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:28:44.0849 5284 ehRecvr - ok
18:28:44.0865 5284 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:28:44.0865 5284 ehSched - ok
18:28:44.0896 5284 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:28:44.0927 5284 elxstor - ok
18:28:44.0943 5284 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:28:44.0943 5284 ErrDev - ok
18:28:44.0974 5284 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys
18:28:44.0974 5284 etdrv - ok
18:28:44.0990 5284 [ 72ECCB2F5C9CFC32A9B2A60933832501 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
18:28:44.0990 5284 EtronHub3 - ok
18:28:45.0005 5284 [ 7BB310F6FB9E1B9D21DD2CE7EB0D5464 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
18:28:45.0021 5284 EtronXHCI - ok
18:28:45.0036 5284 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:28:45.0052 5284 EventSystem - ok
18:28:45.0083 5284 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:28:45.0083 5284 exfat - ok
18:28:45.0099 5284 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:28:45.0099 5284 fastfat - ok
18:28:45.0130 5284 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:28:45.0146 5284 Fax - ok
18:28:45.0177 5284 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:28:45.0192 5284 fdc - ok
18:28:45.0192 5284 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:28:45.0192 5284 fdPHost - ok
18:28:45.0208 5284 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:28:45.0208 5284 FDResPub - ok
18:28:45.0224 5284 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:28:45.0224 5284 FileInfo - ok
18:28:45.0239 5284 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:28:45.0255 5284 Filetrace - ok
18:28:45.0255 5284 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:28:45.0255 5284 flpydisk - ok
18:28:45.0286 5284 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:28:45.0286 5284 FltMgr - ok
18:28:45.0333 5284 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:28:45.0348 5284 FontCache - ok
18:28:45.0380 5284 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:28:45.0380 5284 FontCache3.0.0.0 - ok
18:28:45.0395 5284 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:28:45.0395 5284 FsDepends - ok
18:28:45.0411 5284 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:28:45.0411 5284 Fs_Rec - ok
18:28:45.0442 5284 [ 0D015D3584704EC814A58276232F143B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
18:28:45.0458 5284 Futuremark SystemInfo Service - ok
18:28:45.0489 5284 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:28:45.0489 5284 fvevol - ok
18:28:45.0520 5284 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:28:45.0520 5284 gagp30kx - ok
18:28:45.0536 5284 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
18:28:45.0536 5284 gdrv - ok
18:28:45.0567 5284 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:28:45.0567 5284 GEARAspiWDM - ok
18:28:45.0598 5284 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:28:45.0614 5284 gpsvc - ok
18:28:45.0692 5284 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:28:45.0692 5284 gupdate - ok
18:28:45.0692 5284 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:28:45.0692 5284 gupdatem - ok
18:28:45.0738 5284 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
18:28:45.0738 5284 GVTDrv64 - ok
18:28:45.0754 5284 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:28:45.0754 5284 hcw85cir - ok
18:28:45.0801 5284 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:28:45.0801 5284 HdAudAddService - ok
18:28:45.0816 5284 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:28:45.0816 5284 HDAudBus - ok
18:28:45.0832 5284 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:28:45.0832 5284 HidBatt - ok
18:28:45.0832 5284 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:28:45.0848 5284 HidBth - ok
18:28:45.0848 5284 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:28:45.0848 5284 HidIr - ok
18:28:45.0879 5284 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:28:45.0879 5284 hidserv - ok
18:28:45.0910 5284 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:28:45.0910 5284 HidUsb - ok
18:28:45.0926 5284 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:28:45.0926 5284 hkmsvc - ok
18:28:45.0941 5284 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:28:45.0957 5284 HomeGroupListener - ok
18:28:45.0972 5284 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:28:45.0972 5284 HomeGroupProvider - ok
18:28:45.0988 5284 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:28:45.0988 5284 HpSAMD - ok
18:28:46.0019 5284 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:28:46.0035 5284 HTTP - ok
18:28:46.0066 5284 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:28:46.0066 5284 hwpolicy - ok
18:28:46.0097 5284 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:28:46.0097 5284 i8042prt - ok
18:28:46.0128 5284 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:28:46.0144 5284 iaStorV - ok
18:28:46.0175 5284 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:28:46.0191 5284 IDriverT - ok
18:28:46.0238 5284 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:28:46.0253 5284 idsvc - ok
18:28:46.0550 5284 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:28:46.0862 5284 igfx - ok
18:28:46.0893 5284 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:28:46.0893 5284 iirsp - ok
18:28:46.0940 5284 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:28:46.0955 5284 IKEEXT - ok
18:28:46.0986 5284 [ AE95184462E0D0D4606955DCBE9F4D77 ] iLokDrvr C:\Windows\system32\DRIVERS\iLokDrvr.sys
18:28:47.0002 5284 iLokDrvr - ok
18:28:47.0080 5284 [ 392D5C87F282E8E36DF5154418A7BB20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:28:47.0189 5284 IntcAzAudAddService - ok
18:28:47.0220 5284 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:28:47.0220 5284 IntcDAud - ok
18:28:47.0236 5284 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:28:47.0236 5284 intelide - ok
18:28:47.0267 5284 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:28:47.0267 5284 intelppm - ok
18:28:47.0283 5284 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:28:47.0283 5284 IPBusEnum - ok
18:28:47.0298 5284 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:28:47.0298 5284 IpFilterDriver - ok
18:28:47.0314 5284 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:28:47.0330 5284 iphlpsvc - ok
18:28:47.0345 5284 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:28:47.0345 5284 IPMIDRV - ok
18:28:47.0361 5284 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:28:47.0361 5284 IPNAT - ok
18:28:47.0423 5284 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:28:47.0423 5284 iPod Service - ok
18:28:47.0454 5284 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:28:47.0454 5284 IRENUM - ok
18:28:47.0470 5284 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:28:47.0486 5284 isapnp - ok
18:28:47.0501 5284 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:28:47.0501 5284 iScsiPrt - ok
18:28:47.0532 5284 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:28:47.0548 5284 kbdclass - ok
18:28:47.0548 5284 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:28:47.0564 5284 kbdhid - ok
18:28:47.0579 5284 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:28:47.0579 5284 KeyIso - ok
18:28:47.0595 5284 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:28:47.0595 5284 KSecDD - ok
18:28:47.0610 5284 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:28:47.0610 5284 KSecPkg - ok
18:28:47.0626 5284 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:28:47.0626 5284 ksthunk - ok
18:28:47.0642 5284 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:28:47.0673 5284 KtmRm - ok
18:28:47.0704 5284 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:28:47.0704 5284 LanmanServer - ok
18:28:47.0735 5284 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:28:47.0735 5284 LanmanWorkstation - ok
18:28:47.0798 5284 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:28:47.0813 5284 LBTServ - ok
18:28:47.0829 5284 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:28:47.0844 5284 LHidFilt - ok
18:28:47.0860 5284 [ 20CDB07017497C94A0BAD253C4BAFCBC ] LkCitadelServer C:\Windows\SysWOW64\lkcitdl.exe
18:28:47.0891 5284 LkCitadelServer - ok
18:28:47.0907 5284 [ B07D786736E7B1719A90365911BC2D0A ] lkClassAds C:\Windows\SysWOW64\lkads.exe
18:28:47.0907 5284 lkClassAds - ok
18:28:47.0922 5284 [ AB1FAA47332EC2EE43BBFED7A6F0EA09 ] lkTimeSync C:\Windows\SysWOW64\lktsrv.exe
18:28:47.0922 5284 lkTimeSync - ok
18:28:47.0938 5284 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:28:47.0938 5284 lltdio - ok
18:28:47.0969 5284 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:28:47.0969 5284 lltdsvc - ok
18:28:47.0985 5284 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:28:47.0985 5284 lmhosts - ok
18:28:48.0016 5284 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:28:48.0016 5284 LMouFilt - ok
18:28:48.0047 5284 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:28:48.0047 5284 LSI_FC - ok
18:28:48.0078 5284 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:28:48.0078 5284 LSI_SAS - ok
18:28:48.0094 5284 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:28:48.0094 5284 LSI_SAS2 - ok
18:28:48.0110 5284 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:28:48.0110 5284 LSI_SCSI - ok
18:28:48.0125 5284 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:28:48.0125 5284 luafv - ok
18:28:48.0188 5284 [ 0633546736E7816165ADFA5009251CFA ] MacDrive8ServiceD C:\Program Files\Mediafour\MacDrive 8\MacDrive8ServiceD.exe
18:28:48.0188 5284 MacDrive8ServiceD - ok
18:28:48.0219 5284 [ AB817DDC828CE19A7114383B5F28F4CC ] MBX2DFU C:\Windows\system32\DRIVERS\dgmbx2fu.sys
18:28:48.0219 5284 MBX2DFU - ok
18:28:48.0266 5284 [ DAC8C2266BCF42E5ED41673D96F4FE4B ] MBX2MIDK C:\Windows\system32\drivers\mbx2midk.sys
18:28:48.0281 5284 MBX2MIDK - ok
18:28:48.0297 5284 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:28:48.0297 5284 Mcx2Svc - ok
18:28:48.0328 5284 [ 1F2A22E735646F72BEA9D6E454DE2F57 ] MDFSYSNT C:\Windows\system32\drivers\MDFSYSNT.sys
18:28:48.0328 5284 MDFSYSNT - ok
18:28:48.0359 5284 [ E742557A08EABCCC897D79717DB2D5FE ] MDPMGRNT C:\Windows\system32\DRIVERS\MDPMGRNT.SYS
18:28:48.0359 5284 MDPMGRNT - ok
18:28:48.0375 5284 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:28:48.0390 5284 megasas - ok
18:28:48.0390 5284 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:28:48.0406 5284 MegaSR - ok
18:28:48.0437 5284 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:28:48.0437 5284 MEIx64 - ok
18:28:48.0468 5284 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:28:48.0468 5284 MMCSS - ok
18:28:48.0484 5284 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:28:48.0484 5284 Modem - ok
18:28:48.0500 5284 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:28:48.0500 5284 monitor - ok
18:28:48.0578 5284 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:28:48.0578 5284 mouclass - ok
18:28:48.0609 5284 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:28:48.0609 5284 mouhid - ok
18:28:48.0640 5284 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:28:48.0640 5284 mountmgr - ok
18:28:48.0687 5284 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:28:48.0702 5284 MozillaMaintenance - ok
18:28:48.0702 5284 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:28:48.0718 5284 mpio - ok
18:28:48.0718 5284 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:28:48.0718 5284 mpsdrv - ok
18:28:48.0749 5284 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:28:48.0780 5284 MpsSvc - ok
18:28:48.0780 5284 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:28:48.0780 5284 MRxDAV - ok
18:28:48.0812 5284 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:28:48.0812 5284 mrxsmb - ok
18:28:48.0827 5284 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:28:48.0843 5284 mrxsmb10 - ok
18:28:48.0858 5284 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:28:48.0858 5284 mrxsmb20 - ok
18:28:48.0858 5284 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:28:48.0874 5284 msahci - ok
18:28:48.0874 5284 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:28:48.0890 5284 msdsm - ok
18:28:48.0905 5284 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:28:48.0905 5284 MSDTC - ok
18:28:48.0921 5284 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:28:48.0921 5284 Msfs - ok
18:28:48.0936 5284 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:28:48.0936 5284 mshidkmdf - ok
18:28:48.0952 5284 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:28:48.0952 5284 msisadrv - ok
18:28:48.0983 5284 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:28:48.0983 5284 MSiSCSI - ok
18:28:48.0983 5284 msiserver - ok
18:28:49.0014 5284 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:28:49.0014 5284 MSKSSRV - ok
18:28:49.0030 5284 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:28:49.0030 5284 MSPCLOCK - ok
18:28:49.0046 5284 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:28:49.0046 5284 MSPQM - ok
18:28:49.0077 5284 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:28:49.0077 5284 MsRPC - ok
18:28:49.0092 5284 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:28:49.0092 5284 mssmbios - ok
18:28:49.0170 5284 MSSQL$SQLEXPRESS - ok
18:28:49.0233 5284 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:28:49.0233 5284 MSSQLServerADHelper100 - ok
18:28:49.0248 5284 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:28:49.0248 5284 MSTEE - ok
18:28:49.0248 5284 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:28:49.0248 5284 MTConfig - ok
18:28:49.0264 5284 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:28:49.0264 5284 Mup - ok
18:28:49.0326 5284 [ A3BA8A14490FDBF106939C37A125E82C ] mxssvr H:\Applications\NI\MAX\nimxs.exe
18:28:49.0326 5284 mxssvr - ok
18:28:49.0358 5284 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:28:49.0373 5284 napagent - ok
18:28:49.0389 5284 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:28:49.0404 5284 NativeWifiP - ok
18:28:49.0436 5284 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:28:49.0467 5284 NDIS - ok
18:28:49.0482 5284 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:28:49.0482 5284 NdisCap - ok
18:28:49.0498 5284 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:28:49.0514 5284 NdisTapi - ok
18:28:49.0514 5284 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:28:49.0514 5284 Ndisuio - ok
18:28:49.0529 5284 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:28:49.0529 5284 NdisWan - ok
18:28:49.0545 5284 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:28:49.0560 5284 NDProxy - ok
18:28:49.0560 5284 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:28:49.0576 5284 NetBIOS - ok
18:28:49.0576 5284 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:28:49.0592 5284 NetBT - ok
18:28:49.0607 5284 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:28:49.0607 5284 Netlogon - ok
18:28:49.0638 5284 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:28:49.0654 5284 Netman - ok
18:28:49.0716 5284 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:49.0716 5284 NetMsmqActivator - ok
18:28:49.0732 5284 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:49.0732 5284 NetPipeActivator - ok
18:28:49.0748 5284 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:28:49.0763 5284 netprofm - ok
18:28:49.0779 5284 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:49.0779 5284 NetTcpActivator - ok
18:28:49.0779 5284 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:49.0779 5284 NetTcpPortSharing - ok
18:28:49.0794 5284 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:28:49.0794 5284 nfrd960 - ok
18:28:49.0857 5284 [ A5B4CAF41F772267DB2C16616DFAD114 ] NIApplicationWebServer H:\Applications\NI\Shared\NI WebServer\ApplicationWebServer.exe
18:28:49.0857 5284 NIApplicationWebServer - ok
18:28:49.0919 5284 [ 1C7ABB7F7D057AEDAAFEBC6A6430A4CD ] NIApplicationWebServer64 C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
18:28:49.0919 5284 NIApplicationWebServer64 - ok
18:28:49.0966 5284 [ 908B9667F2FD7453CBCF3A2A0444DCC1 ] NIDomainService H:\Applications\NI\Shared\Security\nidmsrv.exe
18:28:49.0982 5284 NIDomainService - ok
18:28:50.0075 5284 [ AA8896BCD689851665EFC02DC41181AC ] NILM License Manager H:\Applications\NI\Shared\License Manager\Bin\lmgrd.exe
18:28:50.0122 5284 NILM License Manager - ok
18:28:50.0184 5284 [ 8FED4893CB017F81CD1769448AD567E5 ] nimDNSResponder H:\Applications\NI\Shared\mDNS Responder\nimdnsResponder.exe
18:28:50.0184 5284 nimDNSResponder - ok
18:28:50.0231 5284 [ 5BDF6F2C61274D29418D9EE4BC870039 ] NINetworkDiscovery H:\Applications\NI\Shared\NI Network Discovery\niDiscSvc.exe
18:28:50.0231 5284 NINetworkDiscovery - ok
18:28:50.0262 5284 [ 5C9EBE16E32D39458458B6830D28DE3E ] niSvcLoc H:\Applications\NI\Shared\NI WebServer\SystemWebServer.exe
18:28:50.0262 5284 niSvcLoc - ok
18:28:50.0325 5284 [ 19D51EE6C8700AF603E937C1F4CF412E ] NITaggerService H:\Applications\NI\Shared\Tagger\tagsrv.exe
18:28:50.0340 5284 NITaggerService - ok
18:28:50.0356 5284 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:28:50.0356 5284 NlaSvc - ok
18:28:50.0372 5284 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:28:50.0372 5284 Npfs - ok
18:28:50.0387 5284 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:28:50.0387 5284 nsi - ok
18:28:50.0403 5284 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:28:50.0403 5284 nsiproxy - ok
18:28:50.0465 5284 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:28:50.0496 5284 Ntfs - ok
18:28:50.0512 5284 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:28:50.0512 5284 Null - ok
18:28:50.0543 5284 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:28:50.0559 5284 nvraid - ok
18:28:50.0574 5284 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:28:50.0574 5284 nvstor - ok
18:28:50.0590 5284 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:28:50.0590 5284 nv_agp - ok
18:28:50.0606 5284 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:28:50.0606 5284 ohci1394 - ok
18:28:50.0652 5284 [ EAE6208900E2986F66F68B30AEF86E4D ] OpcEnum C:\Windows\SysWOW64\OpcEnum.exe
18:28:50.0652 5284 OpcEnum - ok
18:28:50.0699 5284 [ 634347ADEBC790B8F07654A3EA8034FD ] P17 C:\Windows\system32\drivers\P17.sys
18:28:50.0746 5284 P17 - ok
18:28:50.0777 5284 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:28:50.0793 5284 p2pimsvc - ok
18:28:50.0808 5284 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:28:50.0840 5284 p2psvc - ok
18:28:50.0933 5284 [ 673E36852E2F9FA778D5D3DDCEFA591B ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
18:28:50.0980 5284 PaceLicenseDServices - ok
18:28:51.0027 5284 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:28:51.0042 5284 Parport - ok
18:28:51.0058 5284 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:28:51.0058 5284 partmgr - ok
18:28:51.0058 5284 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:28:51.0074 5284 PcaSvc - ok
18:28:51.0089 5284 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:28:51.0089 5284 pci - ok
18:28:51.0089 5284 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:28:51.0089 5284 pciide - ok
18:28:51.0120 5284 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:28:51.0120 5284 pcmcia - ok
18:28:51.0136 5284 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:28:51.0136 5284 pcw - ok
18:28:51.0167 5284 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:28:51.0183 5284 PEAUTH - ok
18:28:51.0214 5284 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:28:51.0245 5284 PeerDistSvc - ok
18:28:51.0276 5284 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:28:51.0276 5284 PerfHost - ok
18:28:51.0323 5284 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:28:51.0386 5284 pla - ok
18:28:51.0432 5284 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:28:51.0448 5284 PlugPlay - ok
18:28:51.0479 5284 PnkBstrA - ok
18:28:51.0479 5284 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:28:51.0495 5284 PNRPAutoReg - ok
18:28:51.0510 5284 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:28:51.0510 5284 PNRPsvc - ok
18:28:51.0526 5284 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:28:51.0557 5284 PolicyAgent - ok
18:28:51.0573 5284 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:28:51.0573 5284 Power - ok
18:28:51.0604 5284 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:28:51.0604 5284 PptpMiniport - ok
18:28:51.0620 5284 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:28:51.0620 5284 Processor - ok
18:28:51.0651 5284 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:28:51.0666 5284 ProfSvc - ok
18:28:51.0682 5284 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:28:51.0682 5284 ProtectedStorage - ok
18:28:51.0698 5284 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:28:51.0698 5284 Psched - ok
18:28:51.0729 5284 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
18:28:51.0729 5284 PSI - ok
18:28:51.0760 5284 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:28:51.0822 5284 ql2300 - ok
18:28:51.0838 5284 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:28:51.0854 5284 ql40xx - ok
18:28:51.0885 5284 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:28:51.0885 5284 QWAVE - ok
18:28:51.0900 5284 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:28:51.0900 5284 QWAVEdrv - ok
18:28:52.0010 5284 [ F98487B25828441B1C6488C642C2AC10 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys
18:28:52.0025 5284 RapportCerberus_43926 - ok
18:28:52.0134 5284 [ 9E0FFC5EEEA5FEC75560F394B63022BE ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
18:28:52.0134 5284 RapportEI64 - ok
18:28:52.0181 5284 [ 842041C4B15BAEE2CA37B727CE57334A ] RapportKE64 C:\Windows\system32\Drivers\RapportKE64.sys
18:28:52.0181 5284 RapportKE64 - ok
18:28:52.0228 5284 [ 65AA99CB303BA21F9ACC8C1374A14798 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
18:28:52.0259 5284 RapportMgmtService - ok
18:28:52.0275 5284 [ 14FF58FE8D19FA3AA577F1E74F1F7D55 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
18:28:52.0275 5284 RapportPG64 - ok
18:28:52.0290 5284 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:28:52.0290 5284 RasAcd - ok
18:28:52.0337 5284 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:28:52.0337 5284 RasAgileVpn - ok
18:28:52.0368 5284 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:28:52.0384 5284 RasAuto - ok
18:28:52.0415 5284 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:28:52.0415 5284 Rasl2tp - ok
18:28:52.0462 5284 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:28:52.0665 5284 RasMan - ok
18:28:52.0696 5284 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:28:52.0712 5284 RasPppoe - ok
18:28:52.0743 5284 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:28:52.0758 5284 RasSstp - ok
18:28:52.0805 5284 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:28:52.0805 5284 rdbss - ok
18:28:52.0805 5284 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:28:52.0821 5284 rdpbus - ok
18:28:52.0821 5284 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:28:52.0821 5284 RDPCDD - ok
18:28:52.0868 5284 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:28:52.0883 5284 RDPDR - ok
18:28:52.0914 5284 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:28:52.0930 5284 RDPENCDD - ok
18:28:52.0946 5284 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:28:52.0946 5284 RDPREFMP - ok
18:28:52.0977 5284 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:28:52.0992 5284 RdpVideoMiniport - ok
18:28:53.0024 5284 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:28:53.0055 5284 RDPWD - ok
18:28:53.0102 5284 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:28:53.0102 5284 rdyboost - ok
18:28:53.0117 5284 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:28:53.0133 5284 RemoteAccess - ok
18:28:53.0164 5284 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:28:53.0164 5284 RemoteRegistry - ok
18:28:53.0180 5284 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:28:53.0180 5284 RpcEptMapper - ok
18:28:53.0211 5284 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:28:53.0211 5284 RpcLocator - ok
18:28:53.0258 5284 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:28:53.0258 5284 RpcSs - ok
18:28:53.0320 5284 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
18:28:53.0351 5284 RsFx0103 - ok
18:28:53.0398 5284 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:28:53.0398 5284 rspndr - ok
18:28:53.0429 5284 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:28:53.0445 5284 RTL8167 - ok
18:28:53.0460 5284 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:28:53.0476 5284 s3cap - ok
18:28:53.0492 5284 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:28:53.0492 5284 SamSs - ok
18:28:53.0538 5284 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV H:\Applications\Antivirus\Super Anti Spyware\SASDIFSV64.SYS
18:28:53.0538 5284 SASDIFSV - ok
18:28:53.0616 5284 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL H:\Applications\Antivirus\Super Anti Spyware\SASKUTIL64.SYS
18:28:53.0616 5284 SASKUTIL - ok
18:28:53.0835 5284 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:28:53.0850 5284 sbp2port - ok
18:28:53.0928 5284 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:28:53.0960 5284 SCardSvr - ok
18:28:54.0011 5284 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:28:54.0021 5284 scfilter - ok
18:28:54.0231 5284 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:28:54.0261 5284 Schedule - ok
18:28:54.0281 5284 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:28:54.0281 5284 SCPolicySvc - ok
18:28:54.0301 5284 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:28:54.0311 5284 SDRSVC - ok
18:28:54.0321 5284 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:28:54.0331 5284 secdrv - ok
18:28:54.0351 5284 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:28:54.0351 5284 seclogon - ok
18:28:54.0381 5284 Secunia PSI Agent - ok
18:28:54.0381 5284 Secunia Update Agent - ok
18:28:54.0391 5284 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:28:54.0391 5284 SENS - ok
18:28:54.0401 5284 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:28:54.0401 5284 SensrSvc - ok
18:28:54.0421 5284 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:28:54.0421 5284 Serenum - ok
18:28:54.0431 5284 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:28:54.0441 5284 Serial - ok
18:28:54.0451 5284 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:28:54.0451 5284 sermouse - ok
18:28:54.0471 5284 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:28:54.0471 5284 SessionEnv - ok
18:28:54.0481 5284 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:28:54.0481 5284 sffdisk - ok
18:28:54.0501 5284 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:28:54.0501 5284 sffp_mmc - ok
18:28:54.0511 5284 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:28:54.0511 5284 sffp_sd - ok
18:28:54.0521 5284 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:28:54.0521 5284 sfloppy - ok
18:28:54.0551 5284 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:28:54.0561 5284 SharedAccess - ok
18:28:54.0591 5284 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:28:54.0591 5284 ShellHWDetection - ok
18:28:54.0611 5284 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:28:54.0621 5284 SiSRaid2 - ok
18:28:54.0621 5284 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:28:54.0631 5284 SiSRaid4 - ok
18:28:54.0701 5284 [ 101556F6216E97F1258D87C38203695F ] Smart TimeLock C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
18:28:54.0701 5284 Smart TimeLock - ok
18:28:54.0731 5284 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:28:54.0731 5284 Smb - ok
18:28:54.0771 5284 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:28:54.0771 5284 SNMPTRAP - ok
18:28:54.0781 5284 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:28:54.0791 5284 spldr - ok
18:28:54.0831 5284 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:28:54.0831 5284 Spooler - ok
18:28:54.0901 5284 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:28:55.0016 5284 sppsvc - ok
18:28:55.0032 5284 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:28:55.0032 5284 sppuinotify - ok
18:28:55.0094 5284 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
18:28:55.0126 5284 SQLAgent$SQLEXPRESS - ok
18:28:55.0157 5284 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:28:55.0172 5284 SQLBrowser - ok
18:28:55.0219 5284 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:28:55.0219 5284 SQLWriter - ok
18:28:55.0250 5284 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:28:55.0250 5284 srv - ok
18:28:55.0282 5284 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:28:55.0282 5284 srv2 - ok
18:28:55.0297 5284 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:28:55.0297 5284 srvnet - ok
18:28:55.0328 5284 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:28:55.0344 5284 SSDPSRV - ok
18:28:55.0344 5284 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:28:55.0360 5284 SstpSvc - ok
18:28:55.0375 5284 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:28:55.0375 5284 stexstor - ok
18:28:55.0406 5284 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:28:55.0422 5284 stisvc - ok
18:28:55.0453 5284 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:28:55.0453 5284 storflt - ok
18:28:55.0469 5284 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:28:55.0469 5284 storvsc - ok
18:28:55.0484 5284 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:28:55.0484 5284 swenum - ok
18:28:55.0500 5284 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:28:55.0531 5284 swprv - ok
18:28:55.0547 5284 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
18:28:55.0547 5284 Synth3dVsc - ok
18:28:55.0594 5284 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:28:55.0609 5284 SysMain - ok
18:28:55.0625 5284 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:28:55.0640 5284 TabletInputService - ok
18:28:55.0640 5284 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:28:55.0672 5284 TapiSrv - ok
18:28:55.0687 5284 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:28:55.0687 5284 TBS - ok
18:28:55.0750 5284 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:28:55.0781 5284 Tcpip - ok
18:28:55.0843 5284 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:28:55.0859 5284 TCPIP6 - ok
18:28:55.0906 5284 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:28:55.0906 5284 tcpipreg - ok
18:28:55.0921 5284 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:28:55.0921 5284 TDPIPE - ok
18:28:55.0937 5284 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:28:55.0952 5284 TDTCP - ok
18:28:55.0968 5284 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:28:55.0968 5284 tdx - ok
18:28:55.0984 5284 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:28:55.0984 5284 TermDD - ok
18:28:56.0015 5284 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\Windows\system32\drivers\terminpt.sys
18:28:56.0015 5284 terminpt - ok
18:28:56.0046 5284 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:28:56.0062 5284 TermService - ok
18:28:56.0077 5284 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:28:56.0077 5284 Themes - ok
18:28:56.0093 5284 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:28:56.0093 5284 THREADORDER - ok
18:28:56.0140 5284 [ BA73D503348F3323BD8E995860323442 ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
18:28:56.0140 5284 Tpkd - ok
18:28:56.0155 5284 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:28:56.0155 5284 TrkWks - ok
18:28:56.0202 5284 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:28:56.0202 5284 TrustedInstaller - ok
18:28:56.0218 5284 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:28:56.0218 5284 tssecsrv - ok
18:28:56.0233 5284 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:28:56.0249 5284 TsUsbFlt - ok
18:28:56.0264 5284 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:28:56.0264 5284 TsUsbGD - ok
18:28:56.0296 5284 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
18:28:56.0296 5284 tsusbhub - ok
18:28:56.0327 5284 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:28:56.0342 5284 tunnel - ok
18:28:56.0342 5284 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:28:56.0358 5284 uagp35 - ok
18:28:56.0374 5284 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:28:56.0389 5284 udfs - ok
18:28:56.0405 5284 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:28:56.0405 5284 UI0Detect - ok
18:28:56.0420 5284 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:28:56.0420 5284 uliagpkx - ok
18:28:56.0452 5284 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:28:56.0452 5284 umbus - ok
18:28:56.0467 5284 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:28:56.0467 5284 UmPass - ok
18:28:56.0483 5284 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:28:56.0498 5284 UmRdpService - ok
18:28:56.0514 5284 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:28:56.0530 5284 upnphost - ok
18:28:56.0561 5284 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:28:56.0561 5284 usbaudio - ok
18:28:56.0576 5284 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:28:56.0576 5284 usbccgp - ok
18:28:56.0592 5284 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:28:56.0608 5284 usbcir - ok
18:28:56.0608 5284 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:28:56.0623 5284 usbehci - ok
18:28:56.0639 5284 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:28:56.0654 5284 usbhub - ok
18:28:56.0686 5284 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:28:56.0686 5284 usbohci - ok
18:28:56.0701 5284 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:28:56.0701 5284 usbprint - ok
18:28:56.0717 5284 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:28:56.0717 5284 USBSTOR - ok
18:28:56.0732 5284 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:28:56.0732 5284 usbuhci - ok
18:28:56.0764 5284 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:28:56.0764 5284 UxSms - ok
18:28:56.0764 5284 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:28:56.0764 5284 VaultSvc - ok
18:28:56.0795 5284 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:28:56.0795 5284 vdrvroot - ok
18:28:56.0810 5284 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:28:56.0842 5284 vds - ok
18:28:56.0857 5284 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:28:56.0857 5284 vga - ok
18:28:56.0873 5284 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:28:56.0873 5284 VgaSave - ok
18:28:56.0873 5284 VGPU - ok
18:28:56.0888 5284 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:28:56.0888 5284 vhdmp - ok
18:28:56.0904 5284 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:28:56.0904 5284 viaide - ok
18:28:56.0935 5284 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:28:56.0935 5284 vmbus - ok
18:28:56.0951 5284 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:28:56.0951 5284 VMBusHID - ok
18:28:56.0966 5284 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:28:56.0966 5284 volmgr - ok
18:28:56.0982 5284 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:28:56.0982 5284 volmgrx - ok
18:28:57.0013 5284 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:28:57.0013 5284 volsnap - ok
18:28:57.0029 5284 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:28:57.0044 5284 vsmraid - ok
18:28:57.0076 5284 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:28:57.0107 5284 VSS - ok
18:28:57.0122 5284 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:28:57.0122 5284 vwifibus - ok
18:28:57.0154 5284 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:28:57.0154 5284 W32Time - ok
18:28:57.0169 5284 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:28:57.0169 5284 WacomPen - ok
18:28:57.0200 5284 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:28:57.0216 5284 WANARP - ok
18:28:57.0232 5284 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:28:57.0232 5284 Wanarpv6 - ok
18:28:57.0294 5284 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:28:57.0325 5284 WatAdminSvc - ok
18:28:57.0372 5284 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:28:57.0403 5284 wbengine - ok
18:28:57.0419 5284 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:28:57.0434 5284 WbioSrvc - ok
18:28:57.0450 5284 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:28:57.0450 5284 wcncsvc - ok
18:28:57.0466 5284 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:28:57.0466 5284 WcsPlugInService - ok
18:28:57.0481 5284 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:28:57.0497 5284 Wd - ok
18:28:57.0512 5284 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:28:57.0528 5284 Wdf01000 - ok
18:28:57.0544 5284 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:28:57.0559 5284 WdiServiceHost - ok
18:28:57.0559 5284 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:28:57.0559 5284 WdiSystemHost - ok
18:28:57.0575 5284 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:28:57.0575 5284 WebClient - ok
18:28:57.0606 5284 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:28:57.0606 5284 Wecsvc - ok
18:28:57.0622 5284 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:28:57.0622 5284 wercplsupport - ok
18:28:57.0637 5284 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:28:57.0637 5284 WerSvc - ok
18:28:57.0653 5284 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:28:57.0668 5284 WfpLwf - ok
18:28:57.0668 5284 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:28:57.0668 5284 WIMMount - ok
18:28:57.0684 5284 WinDefend - ok
18:28:57.0700 5284 WinHttpAutoProxySvc - ok
18:28:57.0746 5284 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:28:57.0746 5284 Winmgmt - ok
18:28:57.0809 5284 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:28:57.0887 5284 WinRM - ok
18:28:57.0949 5284 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:28:57.0980 5284 Wlansvc - ok
18:28:57.0996 5284 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:28:57.0996 5284 WmiAcpi - ok
18:28:58.0027 5284 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:28:58.0027 5284 wmiApSrv - ok
18:28:58.0058 5284 WMPNetworkSvc - ok
18:28:58.0074 5284 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:28:58.0074 5284 WPCSvc - ok
18:28:58.0090 5284 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:28:58.0105 5284 WPDBusEnum - ok
18:28:58.0105 5284 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:28:58.0105 5284 ws2ifsl - ok
18:28:58.0121 5284 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:28:58.0121 5284 wscsvc - ok
18:28:58.0136 5284 WSearch - ok
18:28:58.0199 5284 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:28:58.0246 5284 wuauserv - ok
18:28:58.0261 5284 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:28:58.0261 5284 WudfPf - ok
18:28:58.0292 5284 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:28:58.0308 5284 WUDFRd - ok
18:28:58.0324 5284 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:28:58.0324 5284 wudfsvc - ok
18:28:58.0355 5284 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:28:58.0355 5284 WwanSvc - ok
18:28:58.0370 5284 ================ Scan global ===============================
18:28:58.0386 5284 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:28:58.0402 5284 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:28:58.0402 5284 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:28:58.0417 5284 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:28:58.0448 5284 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:28:58.0448 5284 [Global] - ok
18:28:58.0448 5284 ================ Scan MBR ==================================
18:28:58.0448 5284 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:28:58.0464 5284 \Device\Harddisk0\DR0 - ok
18:28:58.0464 5284 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:28:58.0604 5284 \Device\Harddisk1\DR1 - ok
18:28:58.0604 5284 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
18:28:58.0916 5284 \Device\Harddisk2\DR2 - ok
18:28:58.0916 5284 ================ Scan VBR ==================================
18:28:58.0916 5284 [ 280BC20E9B1DF22EEA3BCCB6794449E4 ] \Device\Harddisk0\DR0\Partition1
18:28:58.0916 5284 \Device\Harddisk0\DR0\Partition1 - ok
18:28:58.0916 5284 [ 20DEE6F94E08C19C0123BF650C0D3740 ] \Device\Harddisk0\DR0\Partition2
18:28:58.0916 5284 \Device\Harddisk0\DR0\Partition2 - ok
18:28:58.0916 5284 [ 62B0EE25362CE502E389630003E8B57C ] \Device\Harddisk1\DR1\Partition1
18:28:58.0916 5284 \Device\Harddisk1\DR1\Partition1 - ok
18:28:58.0916 5284 [ B34098CA9C7652B63E689C4196982425 ] \Device\Harddisk2\DR2\Partition1
18:28:58.0916 5284 \Device\Harddisk2\DR2\Partition1 - ok
18:28:58.0932 5284 [ 22092C8936279A7E683E9123868698D4 ] \Device\Harddisk2\DR2\Partition2
18:28:58.0932 5284 \Device\Harddisk2\DR2\Partition2 - ok
18:28:58.0948 5284 [ 81A9AC3E28A6EE7710E9C1C3086DEC02 ] \Device\Harddisk2\DR2\Partition3
18:28:58.0948 5284 \Device\Harddisk2\DR2\Partition3 - ok
18:28:58.0963 5284 [ 5EB9CB247FAF5758B75A2213ACD345E6 ] \Device\Harddisk2\DR2\Partition4
18:28:58.0963 5284 \Device\Harddisk2\DR2\Partition4 - ok
18:28:58.0963 5284 ============================================================
18:28:58.0963 5284 Scan finished
18:28:58.0963 5284 ============================================================
18:28:58.0963 4672 Detected object count: 0
18:28:58.0963 4672 Actual detected object count: 0

aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-12 18:28:52
-----------------------------
18:28:52.368 OS Version: Windows x64 6.1.7601 Service Pack 1
18:28:52.384 Number of processors: 4 586 0x2A07
18:28:52.384 ComputerName: PETE-PC UserName: Pete
18:28:53.211 Initialize success
18:30:09.288 AVAST engine defs: 12101200
18:30:44.248 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:30:44.248 Disk 0 Vendor: ST2000DM001-1CH164 CC43 Size: 1907729MB BusType: 3
18:30:44.248 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-4
18:30:44.248 Disk 1 Vendor: ST3200822A 3.01 Size: 190781MB BusType: 3
18:30:44.248 Disk 2 (boot) \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-3
18:30:44.248 Disk 2 Vendor: WDC_WD5000AAVS-00ZTB0 01.01B01 Size: 476938MB BusType: 3
18:30:44.263 Disk 2 MBR read successfully
18:30:44.263 Disk 2 MBR scan
18:30:44.279 Disk 2 Windows 7 default MBR code
18:30:44.279 Disk 2 Partition 1 80 (A) 07 HPFS/NTFS NTFS 39997 MB offset 63
18:30:44.279 Disk 2 Partition - 00 0F Extended LBA 405743 MB offset 81915435
18:30:44.310 Disk 2 Partition 2 00 07 HPFS/NTFS NTFS 31196 MB offset 912877568
18:30:44.341 Disk 2 Partition 3 00 07 HPFS/NTFS NTFS 39997 MB offset 81915498
18:30:44.357 Disk 2 Partition - 00 05 Extended 365745 MB offset 163830870
18:30:44.373 Disk 2 Partition 4 00 07 HPFS/NTFS NTFS 365745 MB offset 163830933
18:30:44.404 Disk 2 scanning C:\Windows\system32\drivers
18:30:52.235 Service scanning
18:31:13.623 Modules scanning
18:31:13.623 Disk 2 trace - called modules:
18:31:13.623 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
18:31:13.623 1 nt!IofCallDriver -> \Device\Harddisk2\DR2[0xfffffa8007ad5060]
18:31:13.638 3 CLASSPNP.SYS[fffff880018b543f] -> nt!IofCallDriver -> [0xfffffa800781f520]
18:31:13.638 5 ACPI.sys[fffff88000f857a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa8007827060]
18:31:14.340 AVAST engine scan C:\Windows
18:31:15.822 AVAST engine scan C:\Windows\system32
18:34:59.033 AVAST engine scan C:\Windows\system32\drivers
18:35:10.474 AVAST engine scan C:\Users\Pete
18:36:47.484 Disk 2 MBR has been saved successfully to "C:\Users\Pete\Desktop\MBR.dat"
18:36:47.487 The log file has been saved successfully to "C:\Users\Pete\Desktop\aswMBR.txt"

There were no found threats on ESET scanner, so there wasn't a log file, or at least I couldn't find it.

Also the MBAM scan found nothing, so I think that the AVira quarantine may have got it, but I would like to make sure as you probably know more about it :D

Thanks,
Pete

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 PM

Posted 12 October 2012 - 02:50 PM

Update MBAM and run a scan,post the log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 pete301

pete301
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 12 October 2012 - 05:03 PM

MBAM log:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.12.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Pete :: PETE-PC [administrator]

12/10/2012 21:12:24
mbam-log-2012-10-12 (21-12-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 205892
Time elapsed: 2 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Pete (administrator) on 12-10-2012 at 22:01:05
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Pete-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 50-E5-49-55-8B-88
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e038:436:fc1d:c289%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.73(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 12 October 2012 10:11:58
Lease Expires . . . . . . . . . . : 13 October 2012 18:27:16
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 240182601
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-0C-14-EC-50-E5-49-55-8B-88
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.lan:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:73b8:1839:e1e:a13c:1288(Preferred)
Link-local IPv6 Address . . . . . : fe80::1839:e1e:a13c:1288%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: O2wirelessbox.lan
Address: 192.168.1.254

Name: google.com
Addresses: 2a00:1450:4009:805::1005
173.194.34.98
173.194.34.105
173.194.34.96
173.194.34.101
173.194.34.103
173.194.34.99
173.194.34.110
173.194.34.100
173.194.34.104
173.194.34.97
173.194.34.102


Pinging google.com [173.194.41.67] with 32 bytes of data:
Reply from 173.194.41.67: bytes=32 time=18ms TTL=55
Reply from 173.194.41.67: bytes=32 time=18ms TTL=55

Ping statistics for 173.194.41.67:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 18ms, Average = 18ms
Server: O2wirelessbox.lan
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=448ms TTL=47
Reply from 98.139.183.24: bytes=32 time=442ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 442ms, Maximum = 448ms, Average = 445ms
Server: O2wirelessbox.lan
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...50 e5 49 55 8b 88 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.73 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.73 276
192.168.1.73 255.255.255.255 On-link 192.168.1.73 276
192.168.1.255 255.255.255.255 On-link 192.168.1.73 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.73 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.73 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:73b8:1839:e1e:a13c:1288/128
On-link
11 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1839:e1e:a13c:1288/128
On-link
11 276 fe80::e038:436:fc1d:c289/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 H:\Applications\NI\Shared\mDNS Responder\nimdnsNSP.dll [24280] (National Instruments Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26328] (National Instruments Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/12/2012 06:31:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/12/2012 04:34:55 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (10/12/2012 04:34:54 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (10/12/2012 02:36:35 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (10/12/2012 02:36:35 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (10/12/2012 02:36:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (10/12/2012 02:36:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (10/12/2012 02:35:19 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (10/12/2012 02:35:19 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (10/12/2012 02:20:51 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.


System errors:
=============
Error: (10/12/2012 04:26:25 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (10/12/2012 03:16:17 PM) (Source: Service Control Manager) (User: )
Description: The MacDrive 8 service for Digidesign service terminated unexpectedly. It has done this 1 time(s).

Error: (10/12/2012 10:19:55 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/11/2012 02:04:03 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (10/11/2012 09:21:32 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/10/2012 11:16:19 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/10/2012 11:15:40 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (10/10/2012 11:15:40 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (10/10/2012 11:15:40 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (10/10/2012 11:15:40 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004


Microsoft Office Sessions:
=========================
Error: (10/12/2012 06:31:12 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestH:\Downloads\esetsmartinstaller_enu.exe

Error: (10/12/2012 04:34:55 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.

Error: (10/12/2012 04:34:54 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.

Error: (10/12/2012 02:36:35 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.

Error: (10/12/2012 02:36:35 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.

Error: (10/12/2012 02:36:11 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.

Error: (10/12/2012 02:36:11 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.

Error: (10/12/2012 02:35:19 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.

Error: (10/12/2012 02:35:19 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.

Error: (10/12/2012 02:20:51 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.


=========================== Installed Programs ============================

@BIOS (Version: 2.12)
3DMark 11 (Version: 1.0.3)
3DMark Vantage (Version: 1.1.0)
7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70727.2220)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ARIA Engine v1.1.0.6
AutoGreen B10.1021.1 (Version: 1.00.0000)
Avid Effects (Version: 10.2.0)
Avid HD Driver (x64) (Version: 10.2.0)
Avid Mbox 2 USB Drivers (x64) (Version: 9.0.2)
Avid Pro Tools (Version: 10.2.0)
Avira Free Antivirus (Version: 12.0.0.1199)
Blacklight: Retribution
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0806.1213.19931)
Catalyst Control Center Graphics Previews Common (Version: 2012.0806.1213.19931)
Catalyst Control Center InstallProxy (Version: 2012.0806.1213.19931)
Catalyst Control Center Localization All (Version: 2012.0806.1213.19931)
Cave Story+
ccc-utility64 (Version: 2012.0806.1213.19931)
CCC Help Chinese Standard (Version: 2012.0806.1212.19931)
CCC Help Chinese Traditional (Version: 2012.0806.1212.19931)
CCC Help Czech (Version: 2012.0806.1212.19931)
CCC Help Danish (Version: 2012.0806.1212.19931)
CCC Help Dutch (Version: 2012.0806.1212.19931)
CCC Help English (Version: 2012.0806.1212.19931)
CCC Help Finnish (Version: 2012.0806.1212.19931)
CCC Help French (Version: 2012.0806.1212.19931)
CCC Help German (Version: 2012.0806.1212.19931)
CCC Help Greek (Version: 2012.0806.1212.19931)
CCC Help Hungarian (Version: 2012.0806.1212.19931)
CCC Help Italian (Version: 2012.0806.1212.19931)
CCC Help Japanese (Version: 2012.0806.1212.19931)
CCC Help Korean (Version: 2012.0806.1212.19931)
CCC Help Norwegian (Version: 2012.0806.1212.19931)
CCC Help Polish (Version: 2012.0806.1212.19931)
CCC Help Portuguese (Version: 2012.0806.1212.19931)
CCC Help Russian (Version: 2012.0806.1212.19931)
CCC Help Spanish (Version: 2012.0806.1212.19931)
CCC Help Swedish (Version: 2012.0806.1212.19931)
CCC Help Thai (Version: 2012.0806.1212.19931)
CCC Help Turkish (Version: 2012.0806.1212.19931)
CPUID CPU-Z 1.60
CPUID HWMonitor 1.19
Creative Audio Control Panel (Version: 2.56)
Creative Software AutoUpdate (Version: 1.40)
Creative Sound Blaster Properties x64 Edition
Crystal Reports for Visual Studio (Version: 12.51.0.240)
Dawn of War - Dark Crusade (Version: 1.00.0000)
Digidesign HFS+ Disk Support (Version: 8.0.6.52)
Digital Combat Simulator: A-10C Warthog
Dota 2
Dotfuscator Software Services - Community Edition (Version: 5.0.2300.0)
Downloader
Dropbox (Version: 1.4.12)
Easy Tune 6 B11.0630.1 (Version: 1.00.0000)
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
Etron USB3.0 Host Controller (Version: 0.101)
EVEMon (Version: 1.7.0.3809)
Fraps
Futuremark SystemInfo (Version: 4.6.0)
Garry's Mod 13 Beta
GOM Player (Version: 2.1.40.5106)
Google Chrome (Version: 22.0.1229.94)
Google SketchUp 8 (Version: 3.0.11752)
Google Update Helper (Version: 1.3.21.123)
GPGNet (Version: 1.0.0)
Guild Wars 2
HandBrake 0.9.6 (Version: 0.9.6)
Hawken
iLok Client Helper (Version: 5.9.1)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2418)
Interlok driver setup x64 (Version: 5.9.1)
iTunes (Version: 10.6.3.25)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
libsndfile-1.0.25
License Support (Version: 1.2.0.5555)
Logitech SetPoint 6.32 (Version: 6.32.20)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
ManiaPlanet
Mass Effect (Version: 1.00)
Mass Effect™ 3 (Version: 1.03.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1447.4)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1447.4)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.30319)
Microsoft Visual Studio 2010 Professional - ENU (Version: 10.0.30319)
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31124)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
Mozilla Firefox (3.6.28) (Version: 3.6.28 (en-GB))
Mozilla Firefox 15.0.1 (x86 en-GB) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
National Instruments Software (Version: )
NI-DAQmx/LabVIEW shared documentation 1.9.5 (Version: 1.95.49152)
NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 1.9.5 (Version: 1.95.49152)
NI-Mesa (Version: 11.0.11.0)
NI-RPC 4.2.2f0 (Version: 4.22.49152)
NI-RPC 4.2.2f0 for 64 Bit Windows (Version: 4.22.49152)
NI-RPC 4.2.2f0 for Phar Lap ETS (Version: 4.22.49152)
NI Assistant Framework (Version: 7.5.126.0)
NI Assistant Framework 64-bit (Version: 7.5.127.0)
NI Assistant Framework LabVIEW 2011 Support (Version: 7.5.69.0)
NI Assistant Framework LabVIEW Code Generator 2011 (Version: 7.5.64.0)
NI Authentication 2011 SP1 (64-bit) (Version: 2.0.296.0)
NI Authentication 2011 SP1 (Version: 2.0.296.0)
NI CodeSignAPI (Version: 2.70.346)
NI Curl 1.5 (64-bit) (Version: 1.1.290.0)
NI Curl 11.5 (Version: 1.1.290.0)
NI DataSocket 4.9.1 (64-bit) (Version: 4.9.218.0)
NI DataSocket 4.9.1 (Version: 4.9.230.0)
NI Distributed System Manager 2011 SP1 (Version: 11.0.344.0)
NI DN 2.0 SP1 installer (Version: 2.11.49152)
NI Error Reporting 2011 SP1 (Version: 11.0.191.0)
NI EulaDepot (Version: 3.0.408)
NI Example Finder 11.0 (Version: 11.0.309.0)
NI GMP Windows 32-bit Installer 11.0.0 (Version: 11.0.22.0)
NI GMP Windows 64-bit Installer 11.0.0 (Version: 11.0.22.0)
NI Help Assistant (64bit) (Version: 1.0.11)
NI Help Assistant (Version: 1.0.11)
NI Instrument IO Assistant for LabVIEW 2011 32-bit (Version: 1.0.13.0)
NI LabVIEW 2009 SP1 Run-Time Engine Web Services (Version: 9.0.234.0)
NI LabVIEW 2010 Real-Time NBFifo (Version: 10.0.214.0)
NI LabVIEW 2011 Deployment Framework (Version: 11.0.64.0)
NI LabVIEW 2011 MeasAppChm File (Version: 11.0.303.0)
NI LabVIEW 2011 Real-Time Error Dialog (Version: 11.0.296.0)
NI LabVIEW 2011 Real-Time NBFifo (Version: 11.0.250.0)
NI LabVIEW 2011 Search (Version: 11.0.36.0)
NI LabVIEW 2011 SP1 (Version: 11.0.411.0)
NI LabVIEW 2011 SP1 (Version: 11.0.422.0)
NI LabVIEW 2011 SP1 (Version: 11.0.423.0)
NI LabVIEW 2011 SP1 (Version: 11.0.424.0)
NI LabVIEW 2011 SP1 (Version: 11.0.426.0)
NI LabVIEW 2011 SP1 (Version: 11.0.512.0)
NI LabVIEW 2011 SP1 Deployable License (Version: 11.0.399.0)
NI LabVIEW 2011 SP1 Help (Version: 11.0.391.0)
NI LabVIEW 2011 SP1 Help File (Version: 11.0.388.0)
NI LabVIEW 2011 SP1 License (Version: 11.0.396.0)
NI LabVIEW 2011 SP1 Manuals (Version: 11.0.390.0)
NI LabVIEW 2011 SP1 Simulation (Version: 11.0.397.0)
NI LabVIEW 2011 SP1 Web Server (Version: 11.0.375.0)
NI LabVIEW 2011 SP1 Web Services Runtime (Version: 11.0.381.0)
NI LabVIEW 2011 VIPM Helper (Version: 11.0.114.0)
NI LabVIEW Broker (64 bit) (Version: 6.8.10.0)
NI LabVIEW Broker (Version: 6.8.10.0)
NI LabVIEW C Interface (Version: 1.0.1)
NI LabVIEW Compare Utility 11.0.0 (Version: 11.0.54.0)
NI LabVIEW MAX XML (Version: 9.0.6.0)
NI LabVIEW Merge Utility 11.0.0 (Version: 11.0.359.0)
NI LabVIEW Real-Time NBFifo (Version: 9.0.319.0)
NI LabVIEW Run-Time Engine 2009 SP1 (Version: 9.0.1089.0)
NI LabVIEW Run-Time Engine 2010 SP1 (Version: 10.1.114.0)
NI LabVIEW Run-Time Engine 2011 SP1 (Version: 11.0.442.0)
NI LabVIEW Run-Time Engine Interop 2009 (Version: 9.0.160.0)
NI LabVIEW Run-Time Engine Interop 2010 (Version: 10.1.115.0)
NI LabVIEW Run-Time Engine Interop 2011 (Version: 11.0.443.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 10.0.235.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 11.0.375.0)
NI LabVIEW Web Server for Run-Time Engine (Version: 9.0.185.0)
NI LabWindows/CVI 2010 Code Generator (Version: 10.0.0360)
NI LabWindows/CVI 2010 LabVIEW DLL Builder (Version: 10.0.0360)
NI LabWindows/CVI 2010 SP1 Analysis Library (64-bit) (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Analysis Library (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit) (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Network Variable Library (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 Run-Time Engine (64-bit) (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 TDM Streaming Library (64-bit) (Version: 10.0.1434)
NI LabWindows/CVI 2010 SP1 TDM Streaming Library (Version: 10.0.1434)
NI LabWindows/CVI Run-Time Engine 2010 SP1 (Updated) (Version: 10.0.1434)
NI LabWindows/CVI Run-Time Engine 2010 SP1 (Version: 10.0.1434)
NI License Manager (Version: 3.6.85)
NI Logos 5.3.0 (Version: 5.3.223.0)
NI Logos LabVIEW 2011 SP1 Support (Version: 11.0.397.0)
NI Logos XT Support (Version: 5.3.222.0)
NI Logos64 5.3.0 (Version: 5.3.223.0)
NI Logos64 XT Support (Version: 5.3.222.0)
NI Math Kernel Libraries (64-bit) (Version: 1.0.10.0)
NI Math Kernel Libraries (64-bit) (Version: 1.0.14.0)
NI Math Kernel Libraries (64-bit) (Version: 1.0.15.0)
NI Math Kernel Libraries (Version: 1.0.10.0)
NI Math Kernel Libraries (Version: 1.0.25.0)
NI Math Kernel Libraries (Version: 1.0.28.0)
NI MAX Remote Configuration 64-bit Installer 5.1 (Version: 5.10.49152)
NI MAX Remote Configuration Installer 5.1 (Version: 5.10.49152)
NI MAX Support for 64 Bit Windows (Version: 5.10.49152)
NI MDF Support (Version: 3.0.408)
NI mDNS Responder 1.6 for Windows 64-bit (Version: 1.60.49155)
NI mDNS Responder 1.6.0 (Version: 1.60.49155)
NI Measurement & Automation Explorer 5.1.0 (Version: 5.10.49152)
NI Measurement Studio Recipe Processor (Version: 8.0.0101)
NI MetaSuite Installer (Version: 3.0.408)
NI Microsoft Silverlight Wrapper (Version: 4.0.307)
NI MXS 5.0.0 (Version: 5.00.49153)
NI MXS 5.0.0 for 64 Bit Windows (Version: 5.00.49153)
NI Network Discovery 5.1 (Version: 5.10.49152)
NI Network Discovery 5.1 for Windows 64-bit (Version: 5.10.49152)
NI NI LabVIEW 2011 SP1 Run-Time Engine Non-English Support (Version: 11.0.299.0)
NI OPC Support (Version: 11.0.294.0)
NI Portable Configuration 5.0.0 (Version: 5.00.49152)
NI Portable Configuration for 64 Bit Windows 5.0.0 (Version: 5.00.49152)
NI Registration Wizard (Version: 1.3.87.0)
NI Remote Provider for MAX 5.1.0 (Version: 5.10.49152)
NI Remote PXI Provider for MAX 5.1.0 (Version: 5.10.49152)
NI Search Shared (Version: 11.0.28.0)
NI Software Provider for MAX 5.0.0 (Version: 5.00.49152)
NI SSL LabVIEW 2011 SP1 Support (Version: 11.0.351.0)
NI SSL Support (64-bit) (Version: 11.0.75.0)
NI SSL Support (Version: 11.0.295.0)
NI System API Client for WIF 5.1.0 (Version: 5.10.25.0)
NI System API Web-Servce 32-bit 5.0.0 (Version: 5.0.310.0)
NI System API Windows 32-bit 5.1.0 (Version: 5.10.24.0)
NI System API Windows 64-bit 5.1.0 (Version: 5.10.24.0)
NI System Configuration Runtime 5.1.0 (Version: 5.10.35.0)
NI System Configuration Runtime 5.1.0 for Windows 64-bit (Version: 5.10.35.0)
NI System State Publisher (64-bit) (Version: 11.0.306.0)
NI System State Publisher (Version: 11.0.306.0)
NI System Web Server 11.5 (Version: 11.0.288.0)
NI System Web Server Base 11.5 (64-bit) (Version: 2.0.291.0)
NI System Web Server Base 11.5 (Version: 2.0.291.0)
NI TDM Excel Add-In 3.3 (Version: 3.3.35.0)
NI TDM Excel Add-In 3.3 64-bit (Version: 3.3.28.0)
NI TDMS (64-bit) (Version: 2.3.175.0)
NI TDMS (Version: 2.3.175.0)
NI Trace Engine (64-bit) (Version: 11.0.213.0)
NI Trace Engine (Version: 11.0.213.0)
NI Uninstaller (Version: 3.0.408)
NI Update Service 2.0 (Version: 2.1.30.0)
NI USI 1.9.1 (Version: 1.9.14681)
NI USI 1.9.1 64-Bit (Version: 1.9.14681)
NI Variable Engine (64-bit) (Version: 2.5.291.0)
NI Variable Engine 2.5.1 (Version: 2.5.296.0)
NI Variable Engine LabVIEW 2011 SP1 Support (Version: 11.0.397.0)
NI VC2005MSMs x64 (Version: 8.04.0)
NI VC2005MSMs x86 (Version: 8.04.0)
NI VC2008MSMs x64 (Version: 9.0.301)
NI VC2008MSMs x86 (Version: 9.0.301)
NI Web Application Server 11.5 (64-bit) (Version: 1.1.343.0)
NI Web Application Server 11.5 (Version: 2.0.286.0)
NI Web Interface Framework 11.5 (Version: 2.0.288.0)
NI Web Pipeline 2.0.1 (Version: 2.0.128.0)
NI Web Pipeline 2.0.1 64-bit support (Version: 2.0.122.0)
NI Xalan Delay Load 1.10.2 (Version: 1.10.72.0)
NI Xalan Delay Load 1.10.2 64-bit (Version: 1.10.73.0)
NI Xerces Delay Load 2.7.3 (Version: 2.7.180.0)
NI Xerces Delay Load 2.7.3 64-bit (Version: 2.7.190.0)
NVIDIA PhysX (Version: 9.11.1107)
ON_OFF Charge B11.0110.1 (Version: 1.00.0001)
OpenOffice.org 3.3 (Version: 3.3.9567)
OpenTTD 1.2.0${APPV_EXTRA} (Version: 1.2.0${APPV_EXTRA})
Origin (Version: 8.5.2.23)
Pidgin (Version: 2.10.4)
Plogue chipsounds VSTi RTAS Standalone v1.5
PunkBuster Services (Version: 0.992)
PuTTY version 0.62 (Version: 0.62)
QuickTime (Version: 7.72.80.56)
Rapport (Version: 3.5.1205.12)
Realtek Ethernet Controller Driver (Version: 7.45.516.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6387)
Recuva (Version: 1.43)
Reset NI Config 5.0.0 (Version: 5.0.146.0)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (Version: 10.1.2531.0)
Sigview v2.4.0
Smart 6 B11.0512.1 (Version: 1.00.0000)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
StarCraft II (Version: 1.5.0.22612)
Supreme Commander
Supreme Commander - Forged Alliance (Version: 1.00.0000)
Supreme Commander (Version: 1.00.0000)
Supreme Commander: Forged Alliance
Trine 2
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Visual C++ 64-bit Redistributables (Version: 1.2.0.5555)
Visual C++ Redistributables (Version: 1.2.0.5555)
Visual Studio 2010 Prerequisites - English (Version: 10.0.30319)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 2.0.3 (Version: 2.0.3)
Web Deployment Tool (Version: 1.1.0618)
WebM Media Foundation Components (Version: 1.0.0.0)
WIF Core Dependencies Windows 5.1.0 (Version: 5.10.14.0)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
WinSCP 4.3.8 (Version: 4.3.8)
World of Warplanes
Youtube Downloader HD v. 2.9.4

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 8109.12 MB
Available physical RAM: 4996.07 MB
Total Pagefile: 16216.43 MB
Available Pagefile: 13178.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.72 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:39.06 GB) (Free:3.55 GB) NTFS
2 Drive d: (WinXP) (Fixed) (Total:39.06 GB) (Free:28.04 GB) NTFS
3 Drive e: (Games 1) (Fixed) (Total:357.17 GB) (Free:21.66 GB) NTFS
4 Drive f: (Linux) (Fixed) (Total:30.46 GB) (Free:29.97 GB) NTFS
5 Drive g: (Pro Tools) (CDROM) (Total:7.1 GB) (Free:0 GB) CDFS
6 Drive h: (IDE Apps) (Fixed) (Total:186.3 GB) (Free:80.21 GB) NTFS
7 Drive i: (Games 2) (Fixed) (Total:488.28 GB) (Free:487.7 GB) NTFS
8 Drive k: (Sound and Music work) (Fixed) (Total:488.28 GB) (Free:485.32 GB) NTFS

========================= Users: ========================================

User accounts for \\PETE-PC

96F31FD4A03B482D847E Administrator Guest
Pete

========================= Restore Points ==================================

12-10-2012 15:34:54 Scheduled Checkpoint

**** End of log ****

Farbar service scanner log:

Farbar Service Scanner Version: 07-10-2012
Ran by Pete (administrator) on 12-10-2012 at 22:02:18
Running from "H:\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is set to Disabled. The default start type is Auto.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-10 11:21] - [2012-06-02 06:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware cleaner log:

# AdwCleaner v2.004 - Logfile created 10/12/2012 at 22:03:40
# Updated 06/10/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Pete - PETE-PC
# Boot Mode : Normal
# Running from : H:\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Pete\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={4326EA23-38F4-49F1-A93A-1C2C82BEDDC6}&mid=f8b868d2c9fe47d0b66c81ac0fb1627b-08ab863fdfa4cafe5059d6c2f17c6e914b3be6f9&lang=en&ds=gm011&pr=sa&d=2012-07-27 13:08:09&v=12.1.0.21&sap=hp --> hxxp://www.google.com

-\\ Mozilla Firefox v3.6.28 (en-GB)

Profile name : default
File : C:\Users\Pete\AppData\Roaming\Mozilla\Firefox\Profiles\f2e2vnye.default\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

-\\ Google Chrome v22.0.1229.94

File : C:\Users\Pete\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.9] : homepage = "hxxps://isearch.avg.com/?cid={4326EA23-38F4-49F1-A93A-1C2C82BEDDC6}&mid=f8b868d2c9fe47d0b66c81ac0fb1627b-08ab863fdfa4cafe5059d6c2f17c6e914b3be6f9&lang=en&ds=gm011&pr=sa&d=2012-07-27 13:08:09&v=12.1.0.21&sap=hp",
Deleted [l.1306] : homepage = "hxxps://isearch.avg.com/?cid={4326EA23-38F4-49F1-A93A-1C2C82BEDDC6}&mid=f8b868d2c9fe47d0b66c81ac0fb1627b-08ab863fdfa4cafe5059d6c2f17c6e914b3be6f9&lang=en&ds=gm011&pr=sa&d=2012-07-27 13:08:09&v=12.1.0.21&sap=hp",

*************************

AdwCleaner[S1].txt - [2897 octets] - [12/10/2012 22:03:40]

########## EOF - C:\AdwCleaner[S1].txt - [2957 octets] ##########


Junkware Removal log:

Junkware Removal Tool (JRT) by Thisisu
Version: 1.5.1 (10.12.2012)
OS: Windows 7 Ultimate x64
Ran by Pete on 12/10/2012 at 22:53:13.98
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on 12/10/2012 at 22:59:39.32
End of Report



Thanks for the swift reply again. Is there any information that you can give me about what is going on with this virus or anything?

Pete

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 PM

Posted 12 October 2012 - 05:18 PM

Your system is clean and i dont find any traces

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 pete301

pete301
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 12 October 2012 - 05:39 PM

Farbar services log:

Farbar Service Scanner Version: 07-10-2012
Ran by Pete (administrator) on 12-10-2012 at 23:32:28
Running from "H:\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is set to Disabled. The default start type is Auto.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-10 11:21] - [2012-06-02 06:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Rkill log:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/12/2012 11:33:55 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Pete\Desktop\rkill\rkill-10-12-2012-11-33-59.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Disabled

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/

Program finished at: 10/12/2012 11:34:10 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)


Autoruns log:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EvtMgr6" "Logitech SetPoint Event Manager (UNICODE)" "Logitech, Inc." "c:\program files\logitech\setpointp\setpoint.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "MacDrive 8 application for Digidesign" "MacDrive application" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\macdrived.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AMD AVT" "" "" "File not found: start"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "avgnt" "Avira System Tray Tool" "Avira Operations GmbH & Co. KG" "h:\applications\antivirus\avira\antivir desktop\avgnt.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "h:\applications\itunes\ituneshelper.exe"
+ "P17RunE" "P17Run Endpoints Dynamic Link Library" "Creative Technology Ltd." "c:\windows\syswow64\p17rune.dll"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "e:\quicktime\qttask.exe"
+ "ROC_ROC_JULY_P1" "" "" "File not found: C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "h:\applications\ati\ati.ace\core-static\clistart.exe"
+ "WinampAgent" "Winamp Agent" "Nullsoft, Inc." "h:\applications\winamp\winampa.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "RPMKickstart" "Smart Recovery Kickstart Application" "Gigabyte Technology CO., LTD." "c:\program files\gigabyte\smart6\recovery\rpmkickstart.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Secunia PSI Tray.lnk" "Secunia PSI Tray" "Secunia" "h:\applications\antivirus\psi\psi_tray.exe"
"C:\Users\Pete\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropbox.exe"
+ "OpenOffice.org 3.3.lnk" "" "" "h:\applications\openoffice\program\quickstart.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Creative Software Update" "Creative Software AutoUpdate" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\software update\autoupdate.exe"
+ "CreativeTaskScheduler" "Creative Scheduler" "Creative Technology Ltd" "c:\program files (x86)\creative\shared files\ctsched.exe"
+ "Google Update" "Google Installer" "Google Inc." "c:\users\pete\appdata\local\google\update\googleupdate.exe"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Mediafour MacDrive Context Menu" "MacDrive Shell Extensions" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\mdshell.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "h:\applications\antivirus\super anti spyware\sasctxmn64.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "h:\applications\antivirus\avira\antivir desktop\shlext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "h:\applications\7zip\7-zip\7-zip.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "Mediafour Mac file properties" "MacDrive file properties resources" "Mediafour Corporation" "c:\program files\common files\mediafour\macfprop.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "h:\applications\antivirus\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "h:\applications\antivirus\super anti spyware\sasctxmn64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "h:\applications\7zip\7-zip\7-zip.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "h:\applications\7zip\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers" "" "" ""
+ "Mediafour Mac file properties" "MacDrive file properties resources" "Mediafour Corporation" "c:\program files\common files\mediafour\macfprop.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "WinSCPCopyHook" "Drag&Drop shell extension for WinSCP (64-bit)" "Martin Prikryl" "h:\applications\winscp\dragext64.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "h:\applications\ati\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "Mediafour Mac file columns" "MacDrive file properties resources" "Mediafour Corporation" "c:\program files\common files\mediafour\macfprop.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "h:\applications\openoffice\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "h:\applications\openoffice\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "h:\applications\antivirus\malwarebytes' anti-malware\mbamext.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "h:\applications\antivirus\avira\antivir desktop\shlext64.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "MacDrive volume icons" "MDVolumeIcons.dll" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\mdvolumeicons.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\pete\appdata\roaming\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "" "" "File not found: H:\Applications\Java\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "" "" "File not found: H:\Applications\Java\bin\ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Sun Java Console" "Classic Java Plug-in 10.7.2 for Netscape and Mozilla" "Oracle Corporation" "h:\applications\java\bin\npjpi170_07.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3972751584-3884180631-3798645913-1000Core" "Google Installer" "Google Inc." "c:\users\pete\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3972751584-3884180631-3798645913-1000UA" "Google Installer" "Google Inc." "c:\users\pete\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\NIUpdateServiceCheckTask" "NI Update Service" "National Instruments" "h:\applications\ni\shared\update service\niupdateservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "!SASCORE" "SUPERAntiSpyware Core Service" "SUPERAntiSpyware.com" "h:\applications\antivirus\super anti spyware\sascore64.exe"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AntiVirSchedulerService" "Service to schedule Avira Free Antivirus jobs and updates." "Avira Operations GmbH & Co. KG" "h:\applications\antivirus\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the Avira search engine." "Avira Operations GmbH & Co. KG" "h:\applications\antivirus\avira\antivir desktop\avguard.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppleChargerSrv" "Apple mobile devices charging service" "" "c:\windows\system32\applechargersrv.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cphs" "Intel® Content Protection HECI Service - enables communication with the Content Protection FW" "Intel Corporation" "c:\windows\syswow64\intelcphecisvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MacDrive8ServiceD" "MacDrive service" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\macdrive8serviced.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSSQL$SQLEXPRESS" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\sqlservr.exe"
+ "PaceLicenseDServices" "Services for PACE Licensing Technology" "PACE Anti-Piracy, Inc." "c:\program files (x86)\common files\pace\services\licenseservices\ldsvc.exe"
+ "PnkBstrA" "PunkBuster Service Component [v1036] http://www.evenbalance.com" "" "c:\windows\syswow64\pnkbstra.exe"
+ "RapportMgmtService" "Central Rapport Management and Monitoring Service" "Trusteer Ltd." "c:\program files (x86)\trusteer\rapport\bin\rapportmgmtservice.exe"
+ "Secunia PSI Agent" "Performs routine software inspections of the system, the results of which can be seen in your Secunia PSI" "Secunia" "h:\applications\antivirus\psi\psia.exe"
+ "Secunia Update Agent" "Performs routine updates of selected software on the system, the results of which can be seen in your Secunia PSI" "Secunia" "h:\applications\antivirus\psi\sua.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "AppleCharger" "Apple mobile devices charging program" "" "c:\windows\system32\drivers\applecharger.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AtiHDAudioService" "AMD High Definition Audio Function Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\atihdw76.sys"
+ "avgntflt" "Avira mini-filter driver" "Avira GmbH" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira Security Enhancement Driver" "Avira GmbH" "c:\windows\system32\drivers\avipbb.sys"
+ "avkmgr" "Avira Manager Driver" "Avira GmbH" "c:\windows\system32\drivers\avkmgr.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "cpuz135" "CPUID Driver" "CPUID" "c:\windows\system32\drivers\cpuz135_x64.sys"
+ "dalwdmservice" "64-bit Abstraction Layer Driver" "Avid, Inc. All rights reserved." "c:\windows\system32\drivers\dalwdm.sys"
+ "DGUSBAP" "Digidesign USB Audio Driver (WDM)" "Avid Technology, Inc." "c:\windows\system32\drivers\dgmbx2.sys"
+ "DigiNet" "Digidesign Ethernet Support" "Avid, Inc. All rights reserved." "c:\windows\system32\drivers\diginet.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "etdrv" "GIGABYTE Tools" "Windows ® Server 2003 DDK provider" "c:\windows\etdrv.sys"
+ "EtronHub3" "Etron eXtensible Hub Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronhub3.sys"
+ "EtronXHCI" "Etron eXtensible Host Controller Driver." "Etron Technology Inc" "c:\windows\system32\drivers\etronxhci.sys"
+ "gdrv" "GIGABYTE Tools" "Windows ® Server 2003 DDK provider" "c:\windows\gdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "GVTDrv64" "" "" "c:\windows\gvtdrv64.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "iLokDrvr" "iLok Kernel Driver" "" "c:\windows\system32\drivers\ilokdrvr.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "LHidFilt" "Logitech HID Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lhidfilt.sys"
+ "LMouFilt" "Logitech Mouse Filter Driver." "Logitech, Inc." "c:\windows\system32\drivers\lmoufilt.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBX2DFU" "Mbox 2 Firmware Driver" "Avid Technology, Inc." "c:\windows\system32\drivers\dgmbx2fu.sys"
+ "MBX2MIDK" "64-bit Mbox 2 MIDI Driver" "Avid, Inc. All rights reserved." "c:\windows\system32\drivers\mbx2midk.sys"
+ "MDFSYSNT" "MacDrive file system driver" "Mediafour Corporation" "c:\windows\system32\drivers\mdfsysnt.sys"
+ "MDPMGRNT" "MacDrive partition driver" "Mediafour Corporation" "c:\windows\system32\drivers\mdpmgrnt.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "P17" "WDM Audio Miniport (Basic) Driver" "Creative Technology Ltd." "c:\windows\system32\drivers\p17.sys"
+ "PSI" "PSI mini-filter driver" "Secunia" "c:\windows\system32\drivers\psi_mf.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RapportCerberus_43926" "" "" "c:\programdata\trusteer\rapport\store\exts\rapportcerberus\43926\rapportcerberus64_43926.sys"
+ "RapportEI64" "RapportEI64" "Trusteer Ltd." "c:\program files (x86)\trusteer\rapport\bin\x64\rapportei64.sys"
+ "RapportKE64" "RapportKE" "Trusteer Ltd." "c:\windows\system32\drivers\rapportke64.sys"
+ "RapportPG64" "RapportPG64" "Trusteer Ltd." "c:\program files (x86)\trusteer\rapport\bin\x64\rapportpg64.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "SASDIFSV" "SASDIFSV64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "h:\applications\antivirus\super anti spyware\sasdifsv64.sys"
+ "SASKUTIL" "SASKUTIL64.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "h:\applications\antivirus\super anti spyware\saskutil64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "Tpkd" "64bit Tpkd Device Driver" "PACE Anti-Piracy, Inc." "c:\windows\system32\drivers\tpkd.sys"
+ "VGPU" "" "" "File not found: System32\drivers\rdvgkmd.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\system32\frapsv64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FPS1" "Fraps" "Beepa P/L" "c:\windows\syswow64\frapsvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files\common files\ati technologies\multimedia\atimpenc64.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AMD MJPEG Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Audio Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG File Writer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Multiplexer" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Decoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI MPEG Video Encoder" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Ticker" "" "" "h:\applications\ati\ati.ace\graphics-previews-common\ticker.ax"
+ "ATI Video Rotation Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "ATI Video Scaler Filter" "ATI MPEG Encoder" "Advanced Micro Devices Inc." "c:\program files (x86)\common files\ati technologies\multimedia\atimpenc.dll"
+ "Digiclock" "DigiDesign Reference Clock" "Avid Technology, Inc." "k:\daws\pro tools 10\digirefclock.dll"
+ "Gretech AAC Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech ASF Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech AsfEx Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech Audio Filter" "" "" "h:\gomplayer\gaf.ax"
+ "Gretech AVI Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech FLV Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech MKV Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech MP3 Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech MP4 Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech MPEG Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech MPEG Source Filter2" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech Network(AVI) Filter" "" "" "h:\gomplayer\gnf.ax"
+ "Gretech Network(FLV) Filter" "" "" "h:\gomplayer\gnf.ax"
+ "Gretech Network(GOM) Filter" "" "" "h:\gomplayer\gnf.ax"
+ "Gretech Network(MP4) Filter" "" "" "h:\gomplayer\gnf.ax"
+ "Gretech Network(OGG) Filter" "" "" "h:\gomplayer\gnf.ax"
+ "Gretech Network(SHOUTcast) Filter" "" "" "h:\gomplayer\gnf.ax"
+ "Gretech OGG Source Filter" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech OGG Source Filter2" "" "" "h:\gomplayer\gsfu.ax"
+ "Gretech Video Filter" "" "" "h:\gomplayer\gvf.ax"
+ "MMACE Deinterlace" "" "" "h:\applications\ati\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "h:\applications\ati\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "h:\applications\ati\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "SyncReader" "Digi SyncReader" "Avid Technology, Inc." "k:\daws\pro tools 10\digisyncreader.dll"
+ "WAV Dest" "" "" "c:\windows\syswow64\wavdest.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "LBTWlgn" "Logitech Bluetooth Service" "Logitech, Inc." "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "nimdnsNSP" "National Instruments Zeroconf Namespace Service Provider" "National Instruments Corporation" "h:\applications\ni\shared\mdns responder\nimdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "nimdnsNSP" "National Instruments Zeroconf Namespace Service Provider" "National Instruments Corporation" "c:\program files\national instruments\shared\mdns responder\nimdnsnsp.dll"


Should I delete the file from the quarantine folder on Avira, or will it be useless there in quarantine state.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 PM

Posted 12 October 2012 - 05:41 PM

Should I delete the file from the quarantine folder on Avira, or will it be useless there in quarantine state.


Remove it

The start type of MpsSvc service is set to Disabled. The default start type is Auto.


Did you disable windows firewall?

#9 pete301

pete301
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 12 October 2012 - 06:51 PM

The file has been deleted through Avira, and yea I have disabled the windows firewall, I was under the impression that my router had a firewall so I didn't want the trouble of windows firewall. Is it worth having windows firewall on still?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 PM

Posted 12 October 2012 - 06:53 PM

Not needed

Looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 pete301

pete301
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:04:28 AM

Posted 14 October 2012 - 01:33 PM

Thank you very much for all your help, it's greatly appreciated :D

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:28 PM

Posted 14 October 2012 - 01:38 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users